1 /* search.c - search operation */
4 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
17 static int base_candidate(
21 static int search_candidates(
22 Operation *stackop, /* op with the current threadctx/slab cache */
23 Operation *sop, /* search op */
29 static void send_pagerequest_response(
35 /* Dereference aliases for a single alias entry. Return the final
36 * dereferenced entry on success, NULL on any failure.
38 static Entry * deref_base (
48 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
53 rs->sr_err = LDAP_ALIAS_DEREF_PROBLEM;
54 rs->sr_text = "maximum deref depth exceeded";
56 while (BDB_IDL_N(tmp) < op->o_bd->be_max_deref_depth) {
58 /* Remember the last entry we looked at, so we can
63 /* If this is part of a subtree or onelevel search,
64 * have we seen this ID before? If so, quit.
66 if ( visited && bdb_idl_insert( visited, e->e_id ) ) {
71 /* If we've seen this ID during this deref iteration,
74 if ( bdb_idl_insert( tmp, e->e_id ) ) {
75 rs->sr_err = LDAP_ALIAS_PROBLEM;
76 rs->sr_text = "circular alias";
81 /* If there was a problem getting the aliasedObjectName,
82 * get_alias_dn will have set the error status.
84 if ( get_alias_dn(e, &ndn, &rs->sr_err, &rs->sr_text) ) {
89 rs->sr_err = bdb_dn2entry( op, NULL, &ndn, &ei,
92 if ( ei ) e = ei->bei_e;
96 rs->sr_err = LDAP_ALIAS_PROBLEM;
97 rs->sr_text = "aliasedObject not found";
101 /* Free the previous entry, continue to work with the
102 * one we just retrieved.
104 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache,
108 /* We found a regular entry. Return this to the caller. The
109 * entry is still locked for Read.
111 if (!is_entry_alias(e)) {
112 rs->sr_err = LDAP_SUCCESS;
120 /* Look for and dereference all aliases within the search scope. Adds
121 * the dereferenced entries to the "ids" list. Requires "stack" to be
122 * able to hold 8 levels of DB_SIZE IDLs. Of course we're hardcoded to
123 * require a minimum of 8 UM_SIZE IDLs so this is never a problem.
125 static int search_aliases(
135 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
136 ID *aliases, *curscop, *subscop, *visited, *newsubs, *oldsubs, *tmp;
137 ID cursora, ida, cursoro, ido, *subscop2;
140 struct berval bv_alias = { sizeof("alias")-1, "alias" };
141 AttributeAssertion aa_alias;
143 DB_LOCK locka, lockr;
146 aliases = stack; /* IDL of all aliases in the database */
147 curscop = aliases + BDB_IDL_DB_SIZE; /* Aliases in the current scope */
148 subscop = curscop + BDB_IDL_DB_SIZE; /* The current scope */
149 visited = subscop + BDB_IDL_DB_SIZE; /* IDs we've seen in this search */
150 newsubs = visited + BDB_IDL_DB_SIZE; /* New subtrees we've added */
151 oldsubs = newsubs + BDB_IDL_DB_SIZE; /* Subtrees added previously */
152 tmp = oldsubs + BDB_IDL_DB_SIZE; /* Scratch space for deref_base() */
154 /* A copy of subscop, because subscop gets clobbered by
155 * the bdb_idl_union/intersection routines
157 subscop2 = tmp + BDB_IDL_DB_SIZE;
159 af.f_choice = LDAP_FILTER_EQUALITY;
160 af.f_ava = &aa_alias;
161 af.f_av_desc = slap_schema.si_ad_objectClass;
162 af.f_av_value = bv_alias;
165 /* Find all aliases in database */
166 BDB_IDL_ZERO( aliases );
167 rs->sr_err = bdb_filter_candidates( op, &af, aliases,
169 if (rs->sr_err != LDAP_SUCCESS) {
173 oldsubs[1] = e->e_id;
176 BDB_IDL_ZERO( visited );
177 BDB_IDL_ZERO( newsubs );
180 ido = bdb_idl_first( oldsubs, &cursoro );
183 /* Set curscop to only the aliases in the current scope. Start with
184 * all the aliases, obtain the IDL for the current scope, and then
185 * get the intersection of these two IDLs. Add the current scope
186 * to the cumulative list of candidates.
188 BDB_IDL_CPY( curscop, aliases );
189 rs->sr_err = bdb_dn2idl( op, e, subscop,
190 subscop2+BDB_IDL_DB_SIZE );
194 bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache, e, &locka);
196 BDB_IDL_CPY(subscop2, subscop);
197 rs->sr_err = bdb_idl_intersection(curscop, subscop);
198 bdb_idl_union( ids, subscop2 );
200 /* Dereference all of the aliases in the current scope. */
202 for (ida = bdb_idl_first(curscop, &cursora); ida != NOID;
203 ida = bdb_idl_next(curscop, &cursora))
206 rs->sr_err = bdb_cache_find_id(op, NULL,
207 ida, &ei, 0, locker, &lockr );
208 if (rs->sr_err != LDAP_SUCCESS) {
213 /* This should only happen if the curscop IDL has maxed out and
214 * turned into a range that spans IDs indiscriminately
216 if (!is_entry_alias(a)) {
217 bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache,
222 /* Actually dereference the alias */
224 a = deref_base( op, rs, a, &matched, locker, &lockr,
227 /* If the target was not already in our current candidates,
228 * make note of it in the newsubs list. Also
229 * set it in the scopes list so that bdb_search
232 if (bdb_idl_insert(ids, a->e_id) == 0) {
233 bdb_idl_insert(newsubs, a->e_id);
234 bdb_idl_insert(scopes, a->e_id);
236 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache,
239 } else if (matched) {
240 /* Alias could not be dereferenced, or it deref'd to
241 * an ID we've already seen. Ignore it.
243 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache,
248 /* If this is a OneLevel search, we're done; oldsubs only had one
249 * ID in it. For a Subtree search, oldsubs may be a list of scope IDs.
251 if (op->ors_scope != LDAP_SCOPE_SUBTREE) break;
253 ido = bdb_idl_next( oldsubs, &cursoro );
255 /* If we're done processing the old scopes, did we add any new
256 * scopes in this iteration? If so, go back and do those now.
259 if (BDB_IDL_IS_ZERO(newsubs)) break;
260 BDB_IDL_CPY(oldsubs, newsubs);
261 BDB_IDL_ZERO(newsubs);
263 ido = bdb_idl_first( oldsubs, &cursoro );
266 /* Find the entry corresponding to the next scope. If it can't
267 * be found, ignore it and move on. This should never happen;
268 * we should never see the ID of an entry that doesn't exist.
269 * Set the name so that the scope's IDL can be retrieved.
272 rs->sr_err = bdb_cache_find_id(op, NULL, ido, &ei,
274 if (rs->sr_err != LDAP_SUCCESS) goto nextido;
281 int is_sync_protocol( Operation *op )
283 #if !defined(LDAP_CLIENT_UPDATE) && !defined(LDAP_SYNC)
287 #ifdef LDAP_CLIENT_UPDATE
288 if ( op->o_clientupdate_type & SLAP_LCUP_SYNC_AND_PERSIST )
292 if ( op->o_sync_mode & SLAP_SYNC_REFRESH_AND_PERSIST )
298 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
299 #define IS_BDB_REPLACE(type) (( type == LDAP_PSEARCH_BY_DELETE ) || \
300 ( type == LDAP_PSEARCH_BY_SCOPEOUT ))
301 #define IS_PSEARCH (op != sop)
304 bdb_abandon( Operation *op, SlapReply *rs )
307 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
309 LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
310 if ( ps_list->o_connid == op->o_connid ) {
311 if ( ps_list->o_msgid == op->oq_abandon.rs_msgid ) {
312 ps_list->o_abandon = 1;
313 LDAP_LIST_REMOVE( ps_list, o_ps_link );
314 slap_op_free ( ps_list );
319 return LDAP_UNAVAILABLE;
323 bdb_cancel( Operation *op, SlapReply *rs )
326 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
328 LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
329 if ( ps_list->o_connid == op->o_connid ) {
330 if ( ps_list->o_msgid == op->oq_cancel.rs_msgid ) {
331 ps_list->o_cancel = SLAP_CANCEL_DONE;
332 LDAP_LIST_REMOVE( ps_list, o_ps_link );
335 bdb_build_sync_done_ctrl( conn, ps_list, ps_list->ctrls,
336 1, &latest_entrycsn_bv );
337 send_ldap_result( conn, ps_list, LDAP_CANCELLED,
338 NULL, NULL, NULL, ps_list->ctrls, ps_list->nentries);
340 rs->sr_err = LDAP_CANCELLED;
341 send_ldap_result( ps_list, rs );
343 if ( ps_list->o_tmpmemctx ) {
344 sl_mem_destroy( NULL, ps_list->o_tmpmemctx );
347 slap_op_free ( ps_list );
352 return LDAP_UNAVAILABLE;
355 int bdb_search( Operation *op, SlapReply *rs )
357 return bdb_do_search( op, rs, op, NULL, 0 );
360 /* For persistent searches, op is the currently executing operation,
361 * sop is the persistent search. For regular searches, sop = op.
364 bdb_do_search( Operation *op, SlapReply *rs, Operation *sop,
365 Entry *ps_e, int ps_type )
369 int bdb_search( Operation *op, SlapReply *rs )
372 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
375 ID candidates[BDB_IDL_UM_SIZE];
376 ID scopes[BDB_IDL_DB_SIZE];
377 Entry *e = NULL, base;
378 Entry *matched = NULL;
380 struct berval realbase = { 0, NULL };
384 AttributeName *attrs;
386 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
387 Filter cookief, csnfnot, csnfeq, csnfand, csnfge;
388 AttributeAssertion aa_ge, aa_eq;
391 struct berval entrycsn_bv = { 0, NULL };
393 struct berval latest_entrycsn_bv = { 0, NULL };
394 LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS];
396 AttributeName uuid_attr[2];
399 int entry_sync_state = -1;
400 AttributeName null_attr;
403 struct slap_limits_set *limit = NULL;
406 u_int32_t locker = 0;
410 LDAP_LOG( OPERATION, ENTRY, "bdb_back_search\n", 0, 0, 0 );
412 Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n",
415 attrs = sop->oq_search.rs_attrs;
417 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
418 #ifdef LDAP_CLIENT_UPDATE
419 if ( !IS_PSEARCH && sop->o_clientupdate_type & SLAP_LCUP_PERSIST ) {
420 sop->o_ps_protocol = LDAP_CLIENT_UPDATE;
421 LDAP_LIST_INSERT_HEAD( &bdb->bi_psearch_list, sop, o_ps_link );
426 /* psearch needs to be registered before refresh begins */
427 /* psearch and refresh transmission is serialized in send_ldap_ber() */
428 if ( !IS_PSEARCH && sop->o_sync_mode & SLAP_SYNC_PERSIST ) {
429 sop->o_ps_protocol = LDAP_SYNC;
430 LDAP_LIST_INSERT_HEAD( &bdb->bi_psearch_list, sop, o_ps_link );
432 null_attr.an_desc = NULL;
433 null_attr.an_oc = NULL;
434 null_attr.an_name.bv_len = 0;
435 null_attr.an_name.bv_val = NULL;
438 for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ ) {
439 ctrls[num_ctrls] = NULL;
443 if ( IS_PSEARCH && IS_BDB_REPLACE(ps_type)) {
444 #ifdef LDAP_CLIENT_UPDATE
445 if ( sop->o_ps_protocol == LDAP_CLIENT_UPDATE ) {
447 attrs[0].an_desc = slap_schema.si_ad_entryUUID;
448 attrs[0].an_oc = NULL;
449 attrs[0].an_name = attrs[0].an_desc->ad_cname;
450 attrs[1].an_desc = NULL;
451 attrs[1].an_oc = NULL;
452 attrs[1].an_name.bv_len = 0;
453 attrs[1].an_name.bv_val = NULL;
457 if (sop->o_ps_protocol == LDAP_SYNC ) {
459 attrs[0].an_desc = NULL;
460 attrs[0].an_oc = NULL;
461 attrs[0].an_name.bv_len = 0;
462 attrs[0].an_name.bv_val = NULL;
472 manageDSAit = get_manageDSAit( sop );
474 /* Sync / LCUP controls override manageDSAit */
476 #ifdef LDAP_CLIENT_UPDATE
477 if ( !IS_PSEARCH && sop->o_clientupdate_type & SLAP_LCUP_SYNC ) {
478 if ( manageDSAit == SLAP_NO_CONTROL )
479 manageDSAit = SLAP_CRITICAL_CONTROL;
483 if ( !IS_PSEARCH && sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
484 if ( manageDSAit == SLAP_NO_CONTROL )
485 manageDSAit = SLAP_CRITICAL_CONTROL;
489 if ( manageDSAit == SLAP_NO_CONTROL )
490 manageDSAit = SLAP_CRITICAL_CONTROL;
493 rs->sr_err = LOCK_ID (bdb->bi_dbenv, &locker );
499 send_ldap_error( sop, rs, LDAP_OTHER, "internal error" );
503 if ( sop->o_req_ndn.bv_len == 0 ) {
504 /* DIT root special case */
505 e = (Entry *) &slap_entry_root;
509 /* get entry with reader lock */
510 rs->sr_err = bdb_dn2entry( op, NULL, &sop->o_req_ndn, &ei,
516 matched = ei->bei_e; break;
518 e = ei->bei_e; break;
520 send_ldap_error( sop, rs, LDAP_BUSY, "ldap server busy" );
521 LOCK_ID_FREE (bdb->bi_dbenv, locker );
523 case DB_LOCK_DEADLOCK:
524 case DB_LOCK_NOTGRANTED:
527 send_ldap_error( sop, rs, LDAP_OTHER, "internal error" );
528 LOCK_ID_FREE (bdb->bi_dbenv, locker );
532 if ( e && (op->ors_deref & LDAP_DEREF_FINDING) && is_entry_alias(e) ) {
533 BDB_IDL_ZERO(candidates);
534 e = deref_base( op, rs, e, &matched, locker, &lock,
539 struct berval matched_dn = { 0, NULL };
541 if ( matched != NULL ) {
543 ber_dupbv( &matched_dn, &matched->e_name );
545 erefs = is_entry_referral( matched )
546 ? get_entry_referrals( op, matched )
549 bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache,
554 rs->sr_ref = referral_rewrite( erefs, &matched_dn,
555 &sop->o_req_dn, sop->oq_search.rs_scope );
556 ber_bvarray_free( erefs );
560 rs->sr_ref = referral_rewrite( default_referral,
561 NULL, &sop->o_req_dn, sop->oq_search.rs_scope );
564 rs->sr_err=LDAP_REFERRAL;
565 rs->sr_matched = matched_dn.bv_val;
566 send_ldap_result( sop, rs );
568 LOCK_ID_FREE (bdb->bi_dbenv, locker );
570 ber_bvarray_free( rs->sr_ref );
573 if ( matched_dn.bv_val ) {
574 ber_memfree( matched_dn.bv_val );
575 rs->sr_matched = NULL;
580 if (!manageDSAit && e != &slap_entry_root && is_entry_referral( e ) ) {
581 /* entry is a referral, don't allow add */
582 struct berval matched_dn;
585 ber_dupbv( &matched_dn, &e->e_name );
586 erefs = get_entry_referrals( op, e );
588 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
592 rs->sr_ref = referral_rewrite( erefs, &matched_dn,
593 &sop->o_req_dn, sop->oq_search.rs_scope );
594 ber_bvarray_free( erefs );
598 LDAP_LOG ( OPERATION, RESULTS,
599 "bdb_search: entry is referral\n", 0, 0, 0 );
601 Debug( LDAP_DEBUG_TRACE, "bdb_search: entry is referral\n",
605 if (!rs->sr_ref) rs->sr_text = "bad_referral object";
606 rs->sr_err = LDAP_REFERRAL;
607 rs->sr_matched = matched_dn.bv_val;
608 send_ldap_result( sop, rs );
610 LOCK_ID_FREE (bdb->bi_dbenv, locker );
611 ber_bvarray_free( rs->sr_ref );
613 ber_memfree( matched_dn.bv_val );
614 rs->sr_matched = NULL;
618 if ( get_assert( op ) &&
619 ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
621 rs->sr_err = LDAP_ASSERTION_FAILED;
622 send_ldap_result( sop, rs );
626 /* if not root, get appropriate limits */
627 if ( be_isroot( op->o_bd, &sop->o_ndn ) ) {
630 ( void ) get_limits( op->o_bd, &sop->o_ndn, &limit );
633 /* The time/size limits come first because they require very little
634 * effort, so there's no chance the candidates are selected and then
635 * the request is not honored only because of time/size constraints */
637 /* if no time limit requested, use soft limit (unless root!) */
639 if ( sop->oq_search.rs_tlimit == 0 ) {
640 sop->oq_search.rs_tlimit = -1; /* allow root to set no limit */
643 if ( sop->oq_search.rs_slimit == 0 ) {
644 sop->oq_search.rs_slimit = -1;
648 /* if no limit is required, use soft limit */
649 if ( sop->oq_search.rs_tlimit <= 0 ) {
650 sop->oq_search.rs_tlimit = limit->lms_t_soft;
652 /* if requested limit higher than hard limit, abort */
653 } else if ( sop->oq_search.rs_tlimit > limit->lms_t_hard ) {
654 /* no hard limit means use soft instead */
655 if ( limit->lms_t_hard == 0
656 && limit->lms_t_soft > -1
657 && sop->oq_search.rs_tlimit > limit->lms_t_soft ) {
658 sop->oq_search.rs_tlimit = limit->lms_t_soft;
660 /* positive hard limit means abort */
661 } else if ( limit->lms_t_hard > 0 ) {
662 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
663 send_ldap_result( sop, rs );
668 /* negative hard limit means no limit */
671 /* if no limit is required, use soft limit */
672 if ( sop->oq_search.rs_slimit <= 0 ) {
673 if ( get_pagedresults(sop) && limit->lms_s_pr != 0 ) {
674 sop->oq_search.rs_slimit = limit->lms_s_pr;
676 sop->oq_search.rs_slimit = limit->lms_s_soft;
679 /* if requested limit higher than hard limit, abort */
680 } else if ( sop->oq_search.rs_slimit > limit->lms_s_hard ) {
681 /* no hard limit means use soft instead */
682 if ( limit->lms_s_hard == 0
683 && limit->lms_s_soft > -1
684 && sop->oq_search.rs_slimit > limit->lms_s_soft ) {
685 sop->oq_search.rs_slimit = limit->lms_s_soft;
687 /* positive hard limit means abort */
688 } else if ( limit->lms_s_hard > 0 ) {
689 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
690 send_ldap_result( sop, rs );
695 /* negative hard limit means no limit */
699 /* compute it anyway; root does not use it */
700 stoptime = op->o_time + sop->oq_search.rs_tlimit;
702 /* need normalized dn below */
703 ber_dupbv( &realbase, &e->e_nname );
705 /* Copy info to base, must free entry before accessing the database
706 * in search_candidates, to avoid deadlocks.
708 base.e_private = e->e_private;
709 base.e_nname = realbase;
712 if ( e != &slap_entry_root ) {
713 bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, e, &lock);
717 /* select candidates */
718 if ( sop->oq_search.rs_scope == LDAP_SCOPE_BASE ) {
719 rs->sr_err = base_candidate( op->o_bd, &base, candidates );
722 BDB_IDL_ZERO( candidates );
723 BDB_IDL_ZERO( scopes );
724 rs->sr_err = search_candidates( op, sop, rs, &base, locker, candidates, scopes );
727 /* start cursor at beginning of candidates.
730 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
732 if ( !BDB_IDL_IS_RANGE( candidates ) ) {
733 cursor = bdb_idl_search( candidates, ps_e->e_id );
734 if ( candidates[cursor] != ps_e->e_id ) {
735 rs->sr_err = LDAP_SUCCESS;
739 if ( ps_e->e_id < BDB_IDL_RANGE_FIRST(candidates)
740 || ps_e->e_id > BDB_IDL_RANGE_LAST(candidates)){
741 rs->sr_err = LDAP_SUCCESS;
746 candidates[1] = ps_e->e_id;
750 if ( candidates[0] == 0 ) {
752 LDAP_LOG ( OPERATION, RESULTS,
753 "bdb_search: no candidates\n", 0, 0, 0 );
755 Debug( LDAP_DEBUG_TRACE, "bdb_search: no candidates\n",
759 rs->sr_err = LDAP_SUCCESS;
760 send_ldap_result( sop, rs );
765 /* if not root and candidates exceed to-be-checked entries, abort */
766 if ( !isroot && limit->lms_s_unchecked != -1 ) {
767 if ( BDB_IDL_N(candidates) > (unsigned) limit->lms_s_unchecked ) {
768 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
769 send_ldap_result( sop, rs );
775 if ( isroot || !limit->lms_s_pr_hide ) {
776 tentries = BDB_IDL_N(candidates);
779 #ifdef LDAP_CONTROL_PAGEDRESULTS
780 if ( get_pagedresults(sop) ) {
781 if ( sop->o_pagedresults_state.ps_cookie == 0 ) {
784 if ( sop->o_pagedresults_size == 0 ) {
785 rs->sr_err = LDAP_SUCCESS;
786 rs->sr_text = "search abandoned by pagedResult size=0";
787 send_ldap_result( sop, rs );
790 for ( id = bdb_idl_first( candidates, &cursor );
791 id != NOID && id <= (ID)( sop->o_pagedresults_state.ps_cookie );
792 id = bdb_idl_next( candidates, &cursor ) );
794 if ( cursor == NOID ) {
796 LDAP_LOG ( OPERATION, RESULTS,
797 "bdb_search: no paged results candidates\n",
800 Debug( LDAP_DEBUG_TRACE,
801 "bdb_search: no paged results candidates\n",
804 send_pagerequest_response( sop, rs, lastid, 0 );
813 #ifdef LDAP_CLIENT_UPDATE
814 if ( (sop->o_clientupdate_type & SLAP_LCUP_SYNC) ||
815 (IS_PSEARCH && sop->o_ps_protocol == LDAP_CLIENT_UPDATE ))
817 cookief.f_choice = LDAP_FILTER_AND;
818 cookief.f_and = &csnfnot;
819 cookief.f_next = NULL;
821 csnfnot.f_choice = LDAP_FILTER_NOT;
822 csnfnot.f_not = &csnfeq;
823 csnfnot.f_next = &csnfand;
825 csnfeq.f_choice = LDAP_FILTER_EQUALITY;
826 csnfeq.f_ava = &aa_eq;
827 csnfeq.f_av_desc = slap_schema.si_ad_entryCSN;
828 csnfeq.f_av_value = sop->o_clientupdate_state;
830 csnfand.f_choice = LDAP_FILTER_AND;
831 csnfand.f_and = &csnfge;
832 csnfand.f_next = NULL;
834 csnfge.f_choice = LDAP_FILTER_GE;
835 csnfge.f_ava = &aa_ge;
836 csnfge.f_av_desc = slap_schema.si_ad_entryCSN;
837 csnfge.f_av_value = sop->o_clientupdate_state;
838 csnfge.f_next = sop->oq_search.rs_filter;
841 #if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC)
845 if ( (sop->o_sync_mode & SLAP_SYNC_REFRESH) ||
846 ( IS_PSEARCH && sop->o_ps_protocol == LDAP_SYNC ))
848 cookief.f_choice = LDAP_FILTER_AND;
849 cookief.f_and = &csnfnot;
850 cookief.f_next = NULL;
852 csnfnot.f_choice = LDAP_FILTER_NOT;
853 csnfnot.f_not = &csnfeq;
854 csnfnot.f_next = &csnfand;
856 csnfeq.f_choice = LDAP_FILTER_EQUALITY;
857 csnfeq.f_ava = &aa_eq;
858 csnfeq.f_av_desc = slap_schema.si_ad_entryCSN;
859 csnfeq.f_av_value = sop->o_sync_state;
861 csnfand.f_choice = LDAP_FILTER_AND;
862 csnfand.f_and = &csnfge;
863 csnfand.f_next = NULL;
865 csnfge.f_choice = LDAP_FILTER_GE;
866 csnfge.f_ava = &aa_ge;
867 csnfge.f_av_desc = slap_schema.si_ad_entryCSN;
868 csnfge.f_av_value = sop->o_sync_state;
869 csnfge.f_next = sop->oq_search.rs_filter;
873 for ( id = bdb_idl_first( candidates, &cursor );
875 id = bdb_idl_next( candidates, &cursor ) )
880 /* check for abandon */
881 if ( sop->o_abandon ) {
886 #ifdef LDAP_EXOP_X_CANCEL
887 if ( sop->o_cancel ) {
888 assert( sop->o_cancel == SLAP_CANCEL_REQ );
889 rs->sr_err = LDAP_CANCELLED;
890 send_ldap_result( sop, rs );
891 sop->o_cancel = SLAP_CANCEL_ACK;
897 /* check time limit */
898 if ( sop->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
899 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
900 rs->sr_ref = rs->sr_v2ref;
901 send_ldap_result( sop, rs );
906 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
910 /* get the entry with reader lock */
912 rs->sr_err = bdb_cache_find_id( op, NULL,
913 id, &ei, 0, locker, &lock );
915 if (rs->sr_err == LDAP_BUSY) {
916 rs->sr_text = "ldap server busy";
917 send_ldap_result( sop, rs );
920 } else if ( rs->sr_err == DB_LOCK_DEADLOCK
921 || rs->sr_err == DB_LOCK_NOTGRANTED )
926 if ( ei && rs->sr_err == 0 ) {
933 if( !BDB_IDL_IS_RANGE(candidates) ) {
934 /* only complain for non-range IDLs */
936 LDAP_LOG ( OPERATION, RESULTS,
937 "bdb_search: candidate %ld not found\n",
940 Debug( LDAP_DEBUG_TRACE,
941 "bdb_search: candidate %ld not found\n",
948 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
955 #ifdef BDB_SUBENTRIES
956 if ( !is_sync_protocol( sop ) ) {
957 if ( is_entry_subentry( e ) ) {
958 if( sop->oq_search.rs_scope != LDAP_SCOPE_BASE ) {
959 if(!get_subentries_visibility( sop )) {
960 /* only subentries are visible */
964 } else if ( get_subentries( sop ) &&
965 !get_subentries_visibility( sop ))
967 /* only subentries are visible */
971 } else if ( get_subentries_visibility( sop )) {
972 /* only subentries are visible */
978 /* Does this candidate actually satisfy the search scope?
980 * Note that we don't lock access to the bei_parent pointer.
981 * Since only leaf nodes can be deleted, the parent of any
982 * node will always be a valid node. Also since we have
983 * a Read lock on the data, it cannot be renamed out of the
984 * scope while we are looking at it, and unless we're using
985 * BDB_HIER, its parents cannot be moved either.
987 switch( sop->ors_scope ) {
988 case LDAP_SCOPE_BASE:
989 /* This is always true, yes? */
990 if ( id == base.e_id )
993 case LDAP_SCOPE_ONELEVEL:
994 if ( ei->bei_parent->bei_id == base.e_id )
997 case LDAP_SCOPE_SUBTREE:
999 for ( tmp = BEI(e); tmp->bei_parent;
1000 tmp = tmp->bei_parent ) {
1001 if ( tmp->bei_id == base.e_id ) {
1010 /* aliases were already dereferenced in candidate list */
1011 if ( sop->ors_deref & LDAP_DEREF_SEARCHING ) {
1012 /* but if the search base is an alias, and we didn't
1013 * deref it when finding, return it.
1015 if ( is_entry_alias(e) &&
1016 ((sop->ors_deref & LDAP_DEREF_FINDING)
1017 || !bvmatch(&e->e_nname, &op->o_req_ndn)))
1022 /* scopes is only non-empty for onelevel or subtree */
1023 if ( !scopeok && BDB_IDL_N(scopes) ) {
1025 if ( sop->ors_scope == LDAP_SCOPE_ONELEVEL ) {
1026 x = bdb_idl_search( scopes,
1028 if ( scopes[x] == e->e_id )
1031 /* subtree, walk up the tree */
1032 EntryInfo *tmp = BEI(e);
1033 for (;tmp->bei_parent;
1034 tmp=tmp->bei_parent) {
1036 scopes, tmp->bei_id );
1037 if ( scopes[x] == tmp->bei_id ) {
1047 /* Not in scope, ignore it */
1050 LDAP_LOG ( OPERATION, RESULTS,
1051 "bdb_search: %ld scope not okay\n",
1054 Debug( LDAP_DEBUG_TRACE,
1055 "bdb_search: %ld scope not okay\n",
1062 * if it's a referral, add it to the list of referrals. only do
1063 * this for non-base searches, and don't check the filter
1064 * explicitly here since it's only a candidate anyway.
1066 if ( !manageDSAit && sop->oq_search.rs_scope != LDAP_SCOPE_BASE
1067 && is_entry_referral( e ) )
1069 BerVarray erefs = get_entry_referrals( sop, e );
1070 rs->sr_ref = referral_rewrite( erefs,
1072 sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE
1073 ? LDAP_SCOPE_SUBTREE
1074 : LDAP_SCOPE_BASE );
1076 send_search_reference( sop, rs );
1078 ber_bvarray_free( rs->sr_ref );
1079 ber_bvarray_free( erefs );
1085 #ifdef LDAP_SYNCREPL
1086 if ( !manageDSAit && is_entry_glue( e ) )
1092 /* if it matches the filter and scope, send it */
1093 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
1095 if (ps_type != LDAP_PSEARCH_BY_SCOPEOUT) {
1096 rs->sr_err = test_filter( sop, rs->sr_entry, &cookief );
1098 rs->sr_err = LDAP_COMPARE_TRUE;
1101 #ifdef LDAP_CLIENT_UPDATE
1102 if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) {
1103 rs->sr_err = test_filter( sop, rs->sr_entry, &cookief );
1107 if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
1108 rc_sync = test_filter( sop, rs->sr_entry, &cookief );
1109 rs->sr_err = test_filter( sop,
1110 rs->sr_entry, sop->oq_search.rs_filter );
1111 if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
1112 if ( rc_sync == LDAP_COMPARE_TRUE ) {
1113 entry_sync_state = LDAP_SYNC_ADD;
1115 entry_sync_state = LDAP_SYNC_PRESENT;
1122 rs->sr_err = test_filter( sop,
1123 rs->sr_entry, sop->oq_search.rs_filter );
1125 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
1129 if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
1130 /* check size limit */
1131 if ( --sop->oq_search.rs_slimit == -1 ) {
1132 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
1135 bdb_cache_return_entry_r( bdb->bi_dbenv,
1136 &bdb->bi_cache, e, &lock );
1138 rs->sr_entry = NULL;
1139 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1140 rs->sr_ref = rs->sr_v2ref;
1141 send_ldap_result( sop, rs );
1145 #ifdef LDAP_CONTROL_PAGEDRESULTS
1146 if ( get_pagedresults(sop) ) {
1147 if ( rs->sr_nentries >= sop->o_pagedresults_size ) {
1148 send_pagerequest_response( sop, rs,
1160 #if 0 /* noop is masked SLAP_CTRL_UPDATE */
1165 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
1168 int premodify_found = 0;
1169 int entry_sync_state;
1172 if ( ps_type == LDAP_PSEARCH_BY_ADD ||
1173 ps_type == LDAP_PSEARCH_BY_DELETE ||
1174 ps_type == LDAP_PSEARCH_BY_MODIFY ||
1175 ps_type == LDAP_PSEARCH_BY_SCOPEOUT )
1177 if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) {
1178 struct psid_entry* psid_e;
1179 LDAP_LIST_FOREACH( psid_e,
1180 &op->o_pm_list, ps_link)
1182 if( psid_e->ps_op == sop ) {
1184 premodify_found = 1;
1186 LDAP_LIST_REMOVE(psid_e, ps_link);
1190 if (psid_e != NULL) free (psid_e);
1193 if ( ps_type == LDAP_PSEARCH_BY_ADD ) {
1194 entry_sync_state = LDAP_SYNC_ADD;
1195 } else if ( ps_type == LDAP_PSEARCH_BY_DELETE ) {
1196 entry_sync_state = LDAP_SYNC_DELETE;
1197 } else if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) {
1198 if ( premodify_found ) {
1199 entry_sync_state = LDAP_SYNC_MODIFY;
1201 entry_sync_state = LDAP_SYNC_ADD;
1203 } else if ( ps_type == LDAP_PSEARCH_BY_SCOPEOUT )
1204 entry_sync_state = LDAP_SYNC_DELETE;
1211 #ifdef LDAP_CLIENT_UPDATE
1212 if ( sop->o_ps_protocol == LDAP_CLIENT_UPDATE ) {
1213 int entry_count = ++sop->o_ps_entries;
1214 if ( IS_BDB_REPLACE(ps_type) ) {
1215 rs->sr_err = bdb_build_lcup_update_ctrl( sop,
1216 rs, e, entry_count, ctrls,
1217 num_ctrls++, &latest_entrycsn_bv,
1218 SLAP_LCUP_ENTRY_DELETED_TRUE );
1220 rs->sr_err = bdb_build_lcup_update_ctrl( sop,
1221 rs, e, entry_count, ctrls,
1222 num_ctrls++, &latest_entrycsn_bv,
1223 SLAP_LCUP_ENTRY_DELETED_FALSE );
1225 if ( rs->sr_err != LDAP_SUCCESS ) goto done;
1226 rs->sr_attrs = attrs;
1227 rs->sr_ctrls = ctrls;
1228 result = send_search_entry( sop, rs );
1229 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1230 ch_free( ctrls[--num_ctrls] );
1231 ctrls[num_ctrls] = NULL;
1232 rs->sr_ctrls = NULL;
1236 if ( sop->o_ps_protocol == LDAP_SYNC ) {
1237 rs->sr_err = bdb_build_sync_state_ctrl( sop,
1238 rs, e, entry_sync_state, ctrls,
1239 num_ctrls++, 1, &latest_entrycsn_bv );
1240 if ( rs->sr_err != LDAP_SUCCESS ) goto done;
1241 rs->sr_attrs = attrs;
1242 rs->sr_ctrls = ctrls;
1243 result = send_search_entry( sop, rs );
1244 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1245 ch_free( ctrls[--num_ctrls] );
1246 ctrls[num_ctrls] = NULL;
1247 rs->sr_ctrls = NULL;
1255 } else if ( ps_type == LDAP_PSEARCH_BY_PREMODIFY ) {
1256 struct psid_entry* psid_e;
1257 psid_e = (struct psid_entry *) calloc (1,
1258 sizeof(struct psid_entry));
1259 psid_e->ps_op = sop;
1260 LDAP_LIST_INSERT_HEAD( &op->o_pm_list,
1264 printf("Error !\n");
1267 #ifdef LDAP_CLIENT_UPDATE
1268 if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) {
1269 rs->sr_err = bdb_build_lcup_update_ctrl( sop,
1270 rs, e, ++entry_count, ctrls,
1271 num_ctrls++, &latest_entrycsn_bv,
1272 SLAP_LCUP_ENTRY_DELETED_FALSE );
1273 if ( rs->sr_err != LDAP_SUCCESS ) goto done;
1274 rs->sr_ctrls = ctrls;
1275 rs->sr_attrs = sop->oq_search.rs_attrs;
1276 result = send_search_entry( sop, rs );
1277 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1278 ch_free( ctrls[--num_ctrls] );
1279 ctrls[num_ctrls] = NULL;
1280 rs->sr_ctrls = NULL;
1284 if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
1285 rs->sr_err = bdb_build_sync_state_ctrl( sop,
1286 rs, e, entry_sync_state, ctrls,
1287 num_ctrls++, 0, &latest_entrycsn_bv );
1288 if ( rs->sr_err != LDAP_SUCCESS ) goto done;
1290 rs->sr_ctrls = ctrls;
1291 if ( rc_sync == LDAP_COMPARE_TRUE ) { /* ADD */
1292 rs->sr_attrs = sop->oq_search.rs_attrs;
1293 } else { /* PRESENT */
1294 rs->sr_attrs = &null_attr;
1296 result = send_search_entry( sop, rs );
1297 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1298 ch_free( ctrls[--num_ctrls] );
1299 ctrls[num_ctrls] = NULL;
1300 rs->sr_ctrls = NULL;
1305 rs->sr_attrs = sop->oq_search.rs_attrs;
1306 rs->sr_ctrls = NULL;
1307 result = send_search_entry( sop, rs );
1312 case 0: /* entry sent ok */
1314 case 1: /* entry not sent */
1316 case -1: /* connection closed */
1318 bdb_cache_return_entry_r(bdb->bi_dbenv,
1319 &bdb->bi_cache, e, &lock);
1321 rs->sr_entry = NULL;
1322 rs->sr_err = LDAP_OTHER;
1328 LDAP_LOG ( OPERATION, RESULTS,
1329 "bdb_search: %ld does not match filter\n", (long) id, 0, 0);
1331 Debug( LDAP_DEBUG_TRACE,
1332 "bdb_search: %ld does not match filter\n",
1339 /* free reader lock */
1341 bdb_cache_return_entry_r( bdb->bi_dbenv,
1342 &bdb->bi_cache, e , &lock);
1345 rs->sr_entry = NULL;
1348 ldap_pvt_thread_yield();
1352 #ifdef LDAP_CLIENT_UPDATE
1353 if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) {
1354 bdb_build_lcup_done_ctrl( sop, rs, ctrls,
1355 num_ctrls++, &latest_entrycsn_bv );
1357 rs->sr_ctrls = ctrls;
1358 rs->sr_ref = rs->sr_v2ref;
1359 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
1360 send_ldap_result( sop, rs );
1362 ch_free( latest_entrycsn_bv.bv_val );
1363 latest_entrycsn_bv.bv_val = NULL;
1365 if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) {
1366 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1368 ch_free( ctrls[--num_ctrls] );
1369 ctrls[num_ctrls] = NULL;
1373 if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
1374 if ( sop->o_sync_mode & SLAP_SYNC_PERSIST ) {
1375 /* refreshAndPersist mode */
1376 rs->sr_err = LDAP_SUCCESS;
1377 rs->sr_rspoid = LDAP_SYNC_INFO;
1378 rs->sr_ctrls = NULL;
1379 bdb_send_ldap_intermediate( sop, rs,
1380 LDAP_SYNC_REFRESH_DONE, &latest_entrycsn_bv );
1382 /* refreshOnly mode */
1383 bdb_build_sync_done_ctrl( sop, rs, ctrls,
1384 num_ctrls++, 1, &latest_entrycsn_bv );
1385 rs->sr_ctrls = ctrls;
1386 rs->sr_ref = rs->sr_v2ref;
1387 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
1388 send_ldap_result( sop, rs );
1389 if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) {
1390 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1392 ch_free( ctrls[--num_ctrls] );
1393 ctrls[num_ctrls] = NULL;
1396 ch_free( latest_entrycsn_bv.bv_val );
1397 latest_entrycsn_bv.bv_val = NULL;
1401 rs->sr_ctrls = NULL;
1402 rs->sr_ref = rs->sr_v2ref;
1403 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
1404 send_ldap_result( sop, rs );
1408 rs->sr_err = LDAP_SUCCESS;
1411 if( !IS_PSEARCH && e != NULL ) {
1412 /* free reader lock */
1413 bdb_cache_return_entry_r ( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
1416 LOCK_ID_FREE (bdb->bi_dbenv, locker );
1418 if( rs->sr_v2ref ) {
1419 ber_bvarray_free( rs->sr_v2ref );
1420 rs->sr_v2ref = NULL;
1422 if( realbase.bv_val ) ch_free( realbase.bv_val );
1428 static int base_candidate(
1434 LDAP_LOG ( OPERATION, ENTRY,
1435 "base_candidate: base: \"%s\" (0x%08lx)\n",
1436 e->e_nname.bv_val, (long) e->e_id, 0);
1438 Debug(LDAP_DEBUG_ARGS, "base_candidates: base: \"%s\" (0x%08lx)\n",
1439 e->e_nname.bv_val, (long) e->e_id, 0);
1447 /* Look for "objectClass Present" in this filter.
1448 * Also count depth of filter tree while we're at it.
1450 static int oc_filter(
1458 if( cur > *max ) *max = cur;
1460 switch(f->f_choice) {
1461 case LDAP_FILTER_PRESENT:
1462 if (f->f_desc == slap_schema.si_ad_objectClass) {
1467 case LDAP_FILTER_AND:
1468 case LDAP_FILTER_OR:
1470 for (f=f->f_and; f; f=f->f_next) {
1471 (void) oc_filter(f, cur, max);
1481 static void search_stack_free( void *key, void *data )
1483 ber_memfree_x(data, NULL);
1486 static void *search_stack(
1490 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
1493 if ( op->o_threadctx ) {
1494 ldap_pvt_thread_pool_getkey( op->o_threadctx, search_stack,
1497 ret = bdb->bi_search_stack;
1501 ret = ch_malloc( bdb->bi_search_stack_depth * BDB_IDL_UM_SIZE
1503 if ( op->o_threadctx ) {
1504 ldap_pvt_thread_pool_setkey( op->o_threadctx, search_stack,
1505 ret, search_stack_free );
1507 bdb->bi_search_stack = ret;
1513 static int search_candidates(
1522 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
1524 Filter f, rf, xf, nf;
1526 AttributeAssertion aa_ref;
1527 #ifdef BDB_SUBENTRIES
1529 AttributeAssertion aa_subentry;
1533 * This routine takes as input a filter (user-filter)
1534 * and rewrites it as follows:
1535 * (&(scope=DN)[(objectClass=subentry)]
1536 * (|[(objectClass=referral)(objectClass=alias)](user-filter))
1540 LDAP_LOG ( OPERATION, ENTRY,
1541 "search_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
1542 e->e_nname.bv_val, (long) e->e_id, op->oq_search.rs_scope);
1544 Debug(LDAP_DEBUG_TRACE,
1545 "search_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
1546 e->e_nname.bv_val, (long) e->e_id, op->oq_search.rs_scope );
1549 xf.f_or = op->oq_search.rs_filter;
1550 xf.f_choice = LDAP_FILTER_OR;
1553 /* If the user's filter uses objectClass=*,
1554 * these clauses are redundant.
1556 if (!oc_filter(op->oq_search.rs_filter, 1, &depth)
1557 && !get_subentries_visibility(op)
1558 && !is_sync_protocol(op) )
1560 if( !get_manageDSAit(op) && !get_domainScope(op) ) {
1561 /* match referral objects */
1562 struct berval bv_ref = { sizeof("referral")-1, "referral" };
1563 rf.f_choice = LDAP_FILTER_EQUALITY;
1565 rf.f_av_desc = slap_schema.si_ad_objectClass;
1566 rf.f_av_value = bv_ref;
1567 rf.f_next = xf.f_or;
1574 f.f_choice = LDAP_FILTER_AND;
1576 /* Dummy; we compute scope separately now */
1577 nf.f_choice = SLAPD_FILTER_COMPUTED;
1578 nf.f_result = LDAP_SUCCESS;
1579 nf.f_next = xf.f_or == op->oq_search.rs_filter
1580 ? op->oq_search.rs_filter : &xf ;
1581 /* Filter depth increased again, adding dummy clause */
1584 #ifdef BDB_SUBENTRIES
1585 if( get_subentries_visibility( op ) ) {
1586 struct berval bv_subentry = { sizeof("SUBENTRY")-1, "SUBENTRY" };
1587 sf.f_choice = LDAP_FILTER_EQUALITY;
1588 sf.f_ava = &aa_subentry;
1589 sf.f_av_desc = slap_schema.si_ad_objectClass;
1590 sf.f_av_value = bv_subentry;
1591 sf.f_next = nf.f_next;
1596 /* Allocate IDL stack, plus 1 more for former tmp */
1597 if ( depth+1 > bdb->bi_search_stack_depth ) {
1598 stack = ch_malloc( (depth + 1) * BDB_IDL_UM_SIZE * sizeof( ID ) );
1600 stack = search_stack( stackop );
1603 if( op->ors_deref & LDAP_DEREF_SEARCHING ) {
1604 rc = search_aliases( op, rs, e, locker, ids, scopes, stack );
1606 rc = bdb_dn2idl( op, e, ids, stack );
1609 if ( rc == LDAP_SUCCESS ) {
1610 rc = bdb_filter_candidates( op, &f, ids,
1611 stack, stack+BDB_IDL_UM_SIZE );
1614 if ( depth+1 > bdb->bi_search_stack_depth ) {
1620 LDAP_LOG ( OPERATION, DETAIL1,
1621 "bdb_search_candidates: failed (rc=%d)\n", rc, 0, 0 );
1623 Debug(LDAP_DEBUG_TRACE,
1624 "bdb_search_candidates: failed (rc=%d)\n",
1630 LDAP_LOG ( OPERATION, DETAIL1,
1631 "bdb_search_candidates: id=%ld first=%ld last=%ld\n",
1632 (long) ids[0], (long) BDB_IDL_FIRST(ids),
1633 (long) BDB_IDL_LAST(ids));
1635 Debug(LDAP_DEBUG_TRACE,
1636 "bdb_search_candidates: id=%ld first=%ld last=%ld\n",
1638 (long) BDB_IDL_FIRST(ids),
1639 (long) BDB_IDL_LAST(ids) );
1646 #ifdef LDAP_CONTROL_PAGEDRESULTS
1648 send_pagerequest_response(
1654 LDAPControl ctrl, *ctrls[2];
1655 char berbuf[LBER_ELEMENT_SIZEOF];
1656 BerElement *ber = (BerElement *)berbuf;
1657 struct berval cookie = { 0, NULL };
1658 PagedResultsCookie respcookie;
1661 LDAP_LOG ( OPERATION, ENTRY,
1662 "send_pagerequest_response: lastid: (0x%08lx) "
1663 "nentries: (0x%081x)\n",
1664 lastid, rs->sr_nentries, NULL );
1666 Debug(LDAP_DEBUG_ARGS, "send_pagerequest_response: lastid: (0x%08lx) "
1667 "nentries: (0x%081x)\n", lastid, rs->sr_nentries, NULL );
1670 ctrl.ldctl_value.bv_val = NULL;
1674 ber_init2( ber, NULL, LBER_USE_DER );
1676 respcookie = ( PagedResultsCookie )lastid;
1677 op->o_conn->c_pagedresults_state.ps_cookie = respcookie;
1678 cookie.bv_len = sizeof( respcookie );
1679 cookie.bv_val = (char *)&respcookie;
1682 * FIXME: we should consider sending an estimate of the entries
1683 * left, after appropriate security check is done
1685 ber_printf( ber, "{iO}", tentries, &cookie );
1687 if ( ber_flatten2( ber, &ctrls[0]->ldctl_value, 0 ) == -1 ) {
1691 ctrls[0]->ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
1692 ctrls[0]->ldctl_iscritical = 0;
1694 rs->sr_ctrls = ctrls;
1695 rs->sr_err = LDAP_SUCCESS;
1696 send_ldap_result( op, rs );
1699 (void) ber_free_buf( ber );
1703 #ifdef LDAP_CLIENT_UPDATE
1705 bdb_build_lcup_update_ctrl(
1710 LDAPControl **ctrls,
1712 struct berval *latest_entrycsn_bv,
1718 const char *text = NULL;
1720 char berbuf[LBER_ELEMENT_SIZEOF];
1721 BerElement *ber = (BerElement *)berbuf;
1723 struct berval entrycsn_bv = { 0, NULL };
1725 ber_init2( ber, 0, LBER_USE_DER );
1727 ctrls[num_ctrls] = ch_malloc ( sizeof ( LDAPControl ) );
1729 for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
1730 AttributeDescription *desc = a->a_desc;
1731 if ( desc == slap_schema.si_ad_entryCSN ) {
1732 ber_dupbv( &entrycsn_bv, &a->a_vals[0] );
1733 if ( latest_entrycsn_bv->bv_val == NULL ) {
1734 ber_dupbv( latest_entrycsn_bv, &entrycsn_bv );
1736 res = value_match( &ret, desc,
1737 desc->ad_type->sat_ordering, 0,
1738 &entrycsn_bv, latest_entrycsn_bv, &text );
1739 if ( res != LDAP_SUCCESS ) {
1742 LDAP_LOG ( OPERATION, RESULTS,
1743 "bdb_search: value_match failed\n",
1746 Debug( LDAP_DEBUG_TRACE,
1747 "bdb_search: value_match failed\n",
1753 ch_free( latest_entrycsn_bv->bv_val );
1754 latest_entrycsn_bv->bv_val = NULL;
1755 ber_dupbv( latest_entrycsn_bv, &entrycsn_bv );
1761 if ( entry_count % op->o_clientupdate_interval == 0 ) {
1764 SLAP_LCUP_STATE_UPDATE_FALSE,
1766 LDAP_CUP_COOKIE_OID, &entrycsn_bv );
1767 } else { /* Do not send cookie */
1770 SLAP_LCUP_STATE_UPDATE_FALSE,
1774 ch_free( entrycsn_bv.bv_val );
1775 entrycsn_bv.bv_val = NULL;
1777 ctrls[num_ctrls]->ldctl_oid = LDAP_CONTROL_ENTRY_UPDATE;
1778 ctrls[num_ctrls]->ldctl_iscritical = op->o_clientupdate;
1779 ret = ber_flatten2( ber, &ctrls[num_ctrls]->ldctl_value, 1 );
1781 ber_free_buf( ber );
1785 LDAP_LOG ( OPERATION, RESULTS,
1786 "bdb_build_lcup_ctrl: ber_flatten2 failed\n",
1789 Debug( LDAP_DEBUG_TRACE,
1790 "bdb_build_lcup_ctrl: ber_flatten2 failed\n",
1793 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
1797 return LDAP_SUCCESS;
1801 bdb_build_lcup_done_ctrl(
1804 LDAPControl **ctrls,
1806 struct berval *latest_entrycsn_bv )
1809 char berbuf[LBER_ELEMENT_SIZEOF];
1810 BerElement *ber = (BerElement *)berbuf;
1812 ber_init2( ber, NULL, LBER_USE_DER );
1814 ctrls[num_ctrls] = ch_malloc ( sizeof ( LDAPControl ) );
1816 ber_printf( ber, "{sON}", LDAP_CUP_COOKIE_OID, latest_entrycsn_bv );
1818 ctrls[num_ctrls]->ldctl_oid = LDAP_CONTROL_CLIENT_UPDATE_DONE;
1819 ctrls[num_ctrls]->ldctl_iscritical = op->o_clientupdate;
1820 ret = ber_flatten2( ber, &ctrls[num_ctrls]->ldctl_value, 1 );
1822 ber_free_buf( ber );
1826 LDAP_LOG ( OPERATION, RESULTS,
1827 "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n", 0, 0, 0 );
1829 Debug( LDAP_DEBUG_TRACE,
1830 "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
1833 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
1837 return LDAP_SUCCESS;
1843 bdb_build_sync_state_ctrl(
1847 int entry_sync_state,
1848 LDAPControl **ctrls,
1851 struct berval *latest_entrycsn_bv )
1856 const char *text = NULL;
1858 char berbuf[LBER_ELEMENT_SIZEOF];
1859 BerElement *ber = (BerElement *)berbuf;
1861 struct berval entryuuid_bv = { 0, NULL };
1862 struct berval entrycsn_bv = { 0, NULL };
1864 ber_init2( ber, 0, LBER_USE_DER );
1866 ctrls[num_ctrls] = ch_malloc ( sizeof ( LDAPControl ) );
1868 for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
1869 AttributeDescription *desc = a->a_desc;
1870 if ( desc == slap_schema.si_ad_entryCSN ) {
1871 ber_dupbv( &entrycsn_bv, &a->a_vals[0] );
1872 if ( latest_entrycsn_bv->bv_val == NULL ) {
1873 ber_dupbv( latest_entrycsn_bv, &entrycsn_bv );
1875 res = value_match( &ret, desc,
1876 desc->ad_type->sat_ordering, 0,
1877 &entrycsn_bv, latest_entrycsn_bv, &text );
1878 if ( res != LDAP_SUCCESS ) {
1881 LDAP_LOG ( OPERATION, RESULTS,
1882 "bdb_search: value_match failed\n",
1885 Debug( LDAP_DEBUG_TRACE,
1886 "bdb_search: value_match failed\n",
1891 ch_free( latest_entrycsn_bv->bv_val );
1892 latest_entrycsn_bv->bv_val = NULL;
1893 ber_dupbv( latest_entrycsn_bv, &entrycsn_bv );
1896 } else if ( desc == slap_schema.si_ad_entryUUID ) {
1897 ber_dupbv( &entryuuid_bv, &a->a_vals[0] );
1901 if ( send_cookie ) {
1902 ber_printf( ber, "{eOON}",
1903 entry_sync_state, &entryuuid_bv, &entrycsn_bv );
1905 ber_printf( ber, "{eON}",
1906 entry_sync_state, &entryuuid_bv );
1909 ch_free( entrycsn_bv.bv_val );
1910 entrycsn_bv.bv_val = NULL;
1911 ch_free( entryuuid_bv.bv_val );
1912 entryuuid_bv.bv_val = NULL;
1914 ctrls[num_ctrls]->ldctl_oid = LDAP_CONTROL_SYNC_STATE;
1915 ctrls[num_ctrls]->ldctl_iscritical = op->o_sync;
1916 ret = ber_flatten2( ber, &ctrls[num_ctrls]->ldctl_value, 1 );
1918 ber_free_buf( ber );
1922 LDAP_LOG ( OPERATION, RESULTS,
1923 "bdb_build_sync_ctrl: ber_flatten2 failed\n",
1926 Debug( LDAP_DEBUG_TRACE,
1927 "bdb_build_sync_ctrl: ber_flatten2 failed\n",
1930 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
1934 return LDAP_SUCCESS;
1938 bdb_build_sync_done_ctrl(
1941 LDAPControl **ctrls,
1944 struct berval *latest_entrycsn_bv )
1947 char berbuf[LBER_ELEMENT_SIZEOF];
1948 BerElement *ber = (BerElement *)berbuf;
1950 ber_init2( ber, NULL, LBER_USE_DER );
1952 ctrls[num_ctrls] = ch_malloc ( sizeof ( LDAPControl ) );
1954 if ( send_cookie ) {
1955 ber_printf( ber, "{ON}", latest_entrycsn_bv );
1957 ber_printf( ber, "{N}" );
1960 ctrls[num_ctrls]->ldctl_oid = LDAP_CONTROL_SYNC_DONE;
1961 ctrls[num_ctrls]->ldctl_iscritical = op->o_sync;
1962 ret = ber_flatten2( ber, &ctrls[num_ctrls]->ldctl_value, 1 );
1964 ber_free_buf( ber );
1968 LDAP_LOG ( OPERATION, RESULTS,
1969 "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
1972 Debug( LDAP_DEBUG_TRACE,
1973 "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
1976 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
1980 return LDAP_SUCCESS;
1984 bdb_send_ldap_intermediate(
1988 struct berval *cookie )
1990 char berbuf[LBER_ELEMENT_SIZEOF];
1991 BerElement *ber = (BerElement *)berbuf;
1992 struct berval rspdata;
1996 ber_init2( ber, NULL, LBER_USE_DER );
1998 if ( cookie == NULL ) {
1999 ber_printf( ber, "{eN}", state );
2001 ber_printf( ber, "{eON}", state, cookie );
2004 ret = ber_flatten2( ber, &rspdata, 0 );
2008 LDAP_LOG ( OPERATION, RESULTS,
2009 "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
2012 Debug( LDAP_DEBUG_TRACE,
2013 "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
2016 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
2020 rs->sr_rspdata = &rspdata;
2021 send_ldap_intermediate( op, rs );
2022 rs->sr_rspdata = NULL;
2023 ber_free_buf( ber );
2025 return LDAP_SUCCESS;