2 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 * Copyright (c) 1990 Regents of the University of Michigan.
18 #include <ac/socket.h>
19 #include <ac/string.h>
24 static char *find_right_paren LDAP_P(( char *s ));
25 static char *put_complex_filter LDAP_P(( BerElement *ber, char *str,
26 unsigned long tag, int not ));
27 static int put_filter LDAP_P(( BerElement *ber, char *str ));
28 static int put_simple_filter LDAP_P(( BerElement *ber, char *str ));
29 static int put_substring_filter LDAP_P(( BerElement *ber, char *type, char *str ));
30 static int put_filter_list LDAP_P(( BerElement *ber, char *str ));
33 * ldap_search_ext - initiate an ldap search operation.
38 * base DN of the base object
39 * scope the search scope - one of LDAP_SCOPE_BASE,
40 * LDAP_SCOPE_ONELEVEL, LDAP_SCOPE_SUBTREE
41 * filter a string containing the search filter
42 * (e.g., "(|(cn=bob)(sn=bob))")
43 * attrs list of attribute types to return for matches
44 * attrsonly 1 => attributes only 0 => attributes and values
47 * char *attrs[] = { "mail", "title", 0 };
48 * ldap_search_ext( ld, "c=us@o=UM", LDAP_SCOPE_SUBTREE, "cn~=bob",
49 * attrs, attrsonly, sctrls, ctrls, timeout, sizelimit,
55 LDAP_CONST char *base,
57 LDAP_CONST char *filter,
62 struct timeval *timeout,
69 Debug( LDAP_DEBUG_TRACE, "ldap_search_ext\n", 0, 0, 0 );
72 * if timeout is provided, use only tv_sec as timelimit.
73 * otherwise, use default.
75 timelimit = (timeout != NULL)
76 ? timelimit = timeout->tv_sec
79 ber = ldap_build_search_req( ld, base, scope, filter, attrs,
80 attrsonly, sctrls, cctrls, timelimit, sizelimit );
82 if ( ber == NULLBER ) {
87 if ( ld->ld_cache != NULL ) {
88 if ( ldap_check_cache( ld, LDAP_REQ_SEARCH, ber ) == 0 ) {
90 ld->ld_errno = LDAP_SUCCESS;
91 *msgidp = ld->ld_msgid;
94 ldap_add_request_to_cache( ld, LDAP_REQ_SEARCH, ber );
96 #endif /* LDAP_NOCACHE */
98 /* send the message */
99 *msgidp = ldap_send_initial_request( ld, LDAP_REQ_SEARCH, base, ber );
110 LDAP_CONST char *base,
112 LDAP_CONST char *filter,
115 LDAPControl **sctrls,
116 LDAPControl **cctrls,
117 struct timeval *timeout,
124 rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
125 sctrls, cctrls, timeout, sizelimit, &msgid );
127 if ( rc != LDAP_SUCCESS ) {
131 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 )
132 return( ld->ld_errno );
134 return( ldap_result2error( ld, *res, 0 ) );
138 * ldap_search - initiate an ldap search operation.
143 * base DN of the base object
144 * scope the search scope - one of LDAP_SCOPE_BASE,
145 * LDAP_SCOPE_ONELEVEL, LDAP_SCOPE_SUBTREE
146 * filter a string containing the search filter
147 * (e.g., "(|(cn=bob)(sn=bob))")
148 * attrs list of attribute types to return for matches
149 * attrsonly 1 => attributes only 0 => attributes and values
152 * char *attrs[] = { "mail", "title", 0 };
153 * msgid = ldap_search( ld, "c=us@o=UM", LDAP_SCOPE_SUBTREE, "cn~=bob",
154 * attrs, attrsonly );
158 LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter,
159 char **attrs, int attrsonly )
163 Debug( LDAP_DEBUG_TRACE, "ldap_search\n", 0, 0, 0 );
165 ber = ldap_build_search_req( ld, base, scope, filter, attrs,
166 attrsonly, NULL, NULL, -1, -1 );
168 if ( ber == NULLBER ) {
173 if ( ld->ld_cache != NULL ) {
174 if ( ldap_check_cache( ld, LDAP_REQ_SEARCH, ber ) == 0 ) {
176 ld->ld_errno = LDAP_SUCCESS;
177 return( ld->ld_msgid );
179 ldap_add_request_to_cache( ld, LDAP_REQ_SEARCH, ber );
181 #endif /* LDAP_NOCACHE */
183 /* send the message */
184 return ( ldap_send_initial_request( ld, LDAP_REQ_SEARCH, base, ber ));
189 ldap_build_search_req(
191 LDAP_CONST char *base_in,
193 LDAP_CONST char *filter_in,
196 LDAPControl **sctrls,
197 LDAPControl **cctrls,
207 * Create the search request. It looks like this:
208 * SearchRequest := [APPLICATION 3] SEQUENCE {
209 * baseObject DistinguishedName,
215 * derefAliases ENUMERATED {
216 * neverDerefaliases (0),
217 * derefInSearching (1),
218 * derefFindingBaseObj (2),
219 * alwaysDerefAliases (3)
221 * sizelimit INTEGER (0 .. 65535),
222 * timelimit INTEGER (0 .. 65535),
225 * attributes SEQUENCE OF AttributeType
227 * wrapped in an ldap message.
230 /* create a message to send */
231 if ( (ber = ldap_alloc_ber_with_options( ld )) == NULLBER ) {
235 if ( base_in == NULL ) {
236 /* no base provided, use session default base */
237 base = ld->ld_options.ldo_defbase;
239 base = (char *) base_in;
242 if ( base == NULL ) {
243 /* no session default base, use top */
247 #ifdef LDAP_CONNECTIONLESS
248 if ( ld->ld_cldapnaddr > 0 ) {
249 err = ber_printf( ber, "{ist{seeiib", ++ld->ld_msgid,
250 ld->ld_cldapdn, LDAP_REQ_SEARCH, base, scope, ld->ld_deref,
251 (sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
252 (timelimit < 0) ? ld->ld_timelimit : timelimit,
255 #endif /* LDAP_CONNECTIONLESS */
256 err = ber_printf( ber, "{it{seeiib", ++ld->ld_msgid,
257 LDAP_REQ_SEARCH, base, scope, ld->ld_deref,
258 (sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
259 (timelimit < 0) ? ld->ld_timelimit : timelimit,
261 #ifdef LDAP_CONNECTIONLESS
263 #endif /* LDAP_CONNECTIONLESS */
266 ld->ld_errno = LDAP_ENCODING_ERROR;
271 filter = LDAP_STRDUP( filter_in );
272 err = put_filter( ber, filter );
276 ld->ld_errno = LDAP_FILTER_ERROR;
281 if ( ber_printf( ber, "{v}}", attrs ) == -1 ) {
282 ld->ld_errno = LDAP_ENCODING_ERROR;
287 /* Put Server Controls */
288 if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
293 if ( ber_printf( ber, "}", attrs ) == -1 ) {
294 ld->ld_errno = LDAP_ENCODING_ERROR;
303 find_right_paren( char *s )
309 while ( *s && balance ) {
313 else if ( *s == ')' )
316 if ( *s == '\\' && ! escape )
324 return( *s ? s : NULL );
328 put_complex_filter( BerElement *ber, char *str, unsigned long tag, int not )
333 * We have (x(filter)...) with str sitting on
334 * the x. We have to find the paren matching
335 * the one before the x and put the intervening
336 * filters by calling put_filter_list().
339 /* put explicit tag */
340 if ( ber_printf( ber, "t{", tag ) == -1 )
344 if ( !not && ber_printf( ber, "{" ) == -1 )
349 if ( (next = find_right_paren( str )) == NULL )
353 if ( put_filter_list( ber, str ) == -1 )
357 /* flush explicit tagged thang */
358 if ( ber_printf( ber, "}" ) == -1 )
362 if ( !not && ber_printf( ber, "}" ) == -1 )
370 put_filter( BerElement *ber, char *str )
372 char *next, *tmp, *s, *d;
373 int parens, balance, escape, gotescape;
376 * A Filter looks like this:
377 * Filter ::= CHOICE {
378 * and [0] SET OF Filter,
379 * or [1] SET OF Filter,
381 * equalityMatch [3] AttributeValueAssertion,
382 * substrings [4] SubstringFilter,
383 * greaterOrEqual [5] AttributeValueAssertion,
384 * lessOrEqual [6] AttributeValueAssertion,
385 * present [7] AttributeType,,
386 * approxMatch [8] AttributeValueAssertion
389 * SubstringFilter ::= SEQUENCE {
390 * type AttributeType,
391 * SEQUENCE OF CHOICE {
392 * initial [0] IA5String,
394 * final [2] IA5String
397 * Note: tags in a choice are always explicit
400 Debug( LDAP_DEBUG_TRACE, "put_filter \"%s\"\n", str, 0, 0 );
402 gotescape = parens = 0;
410 Debug( LDAP_DEBUG_TRACE, "put_filter: AND\n",
413 if ( (str = put_complex_filter( ber, str,
414 LDAP_FILTER_AND, 0 )) == NULL )
421 Debug( LDAP_DEBUG_TRACE, "put_filter: OR\n",
424 if ( (str = put_complex_filter( ber, str,
425 LDAP_FILTER_OR, 0 )) == NULL )
432 Debug( LDAP_DEBUG_TRACE, "put_filter: NOT\n",
435 if ( (str = put_complex_filter( ber, str,
436 LDAP_FILTER_NOT, 1 )) == NULL )
443 Debug( LDAP_DEBUG_TRACE, "put_filter: simple\n",
449 while ( *next && balance ) {
453 else if ( *next == ')' )
456 if ( *next == '\\' && ! escape )
457 gotescape = escape = 1;
467 tmp = LDAP_STRDUP( str );
470 for ( s = d = tmp; *s; s++ ) {
471 if ( *s != '\\' || escape ) {
480 if ( put_simple_filter( ber, tmp ) == -1 ) {
493 Debug( LDAP_DEBUG_TRACE, "put_filter: end\n", 0, 0,
495 if ( ber_printf( ber, "]" ) == -1 )
505 default: /* assume it's a simple type=value filter */
506 Debug( LDAP_DEBUG_TRACE, "put_filter: default\n", 0, 0,
508 next = strchr( str, '\0' );
509 tmp = LDAP_STRDUP( str );
510 if ( strchr( tmp, '\\' ) != NULL ) {
512 for ( s = d = tmp; *s; s++ ) {
513 if ( *s != '\\' || escape ) {
522 if ( put_simple_filter( ber, tmp ) == -1 ) {
532 return( parens ? -1 : 0 );
536 * Put a list of filters like this "(filter1)(filter2)..."
540 put_filter_list( BerElement *ber, char *str )
545 Debug( LDAP_DEBUG_TRACE, "put_filter_list \"%s\"\n", str, 0, 0 );
548 while ( *str && isspace( (unsigned char) *str ) )
553 if ( (next = find_right_paren( str + 1 )) == NULL )
557 /* now we have "(filter)" with str pointing to it */
559 if ( put_filter( ber, str ) == -1 )
570 put_simple_filter( BerElement *ber, char *str )
573 char *value, savechar;
577 Debug( LDAP_DEBUG_TRACE, "put_simple_filter \"%s\"\n", str, 0, 0 );
579 if ( (s = strchr( str, '=' )) == NULL )
587 ftype = LDAP_FILTER_LE;
591 ftype = LDAP_FILTER_GE;
595 ftype = LDAP_FILTER_APPROX;
599 if ( strchr( value, '*' ) == NULL ) {
600 ftype = LDAP_FILTER_EQUALITY;
601 } else if ( strcmp( value, "*" ) == 0 ) {
602 ftype = LDAP_FILTER_PRESENT;
604 rc = put_substring_filter( ber, str, value );
611 if ( ftype == LDAP_FILTER_PRESENT ) {
612 rc = ber_printf( ber, "ts", ftype, str );
614 rc = ber_printf( ber, "t{ss}", ftype, str, value );
619 return( rc == -1 ? rc : 0 );
623 put_substring_filter( BerElement *ber, char *type, char *val )
625 char *nextstar, gotstar = 0;
628 Debug( LDAP_DEBUG_TRACE, "put_substring_filter \"%s=%s\"\n", type,
631 if ( ber_printf( ber, "t{s{", LDAP_FILTER_SUBSTRINGS, type ) == -1 )
634 while ( val != NULL ) {
635 if ( (nextstar = strchr( val, '*' )) != NULL )
638 if ( gotstar == 0 ) {
639 ftype = LDAP_SUBSTRING_INITIAL;
640 } else if ( nextstar == NULL ) {
641 ftype = LDAP_SUBSTRING_FINAL;
643 ftype = LDAP_SUBSTRING_ANY;
645 if ( *val != '\0' ) {
646 if ( ber_printf( ber, "ts", ftype, val ) == -1 )
651 if ( nextstar != NULL )
656 if ( ber_printf( ber, "}}" ) == -1 )
664 LDAP *ld, LDAP_CONST char *base, int scope,
665 LDAP_CONST char *filter, char **attrs,
666 int attrsonly, struct timeval *timeout, LDAPMessage **res )
670 if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly ))
672 return( ld->ld_errno );
674 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 )
675 return( ld->ld_errno );
677 if ( ld->ld_errno == LDAP_TIMEOUT ) {
678 (void) ldap_abandon( ld, msgid );
679 ld->ld_errno = LDAP_TIMEOUT;
680 return( ld->ld_errno );
683 return( ldap_result2error( ld, *res, 0 ) );
689 LDAP_CONST char *base,
691 LDAP_CONST char *filter,
698 if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly ))
700 return( ld->ld_errno );
702 if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, res ) == -1 )
703 return( ld->ld_errno );
705 return( ldap_result2error( ld, *res, 0 ) );