1 /* search.c - search operation */
4 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
17 static int base_candidate(
21 static int search_candidates(
22 Operation *stackop, /* op with the current threadctx/slab cache */
23 Operation *sop, /* search op */
29 static void send_pagerequest_response(
35 /* Dereference aliases for a single alias entry. Return the final
36 * dereferenced entry on success, NULL on any failure.
38 static Entry * deref_base (
48 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
53 rs->sr_err = LDAP_ALIAS_DEREF_PROBLEM;
54 rs->sr_text = "maximum deref depth exceeded";
56 while (BDB_IDL_N(tmp) < op->o_bd->be_max_deref_depth) {
58 /* Remember the last entry we looked at, so we can
63 /* If this is part of a subtree or onelevel search,
64 * have we seen this ID before? If so, quit.
66 if ( visited && bdb_idl_insert( visited, e->e_id ) ) {
71 /* If we've seen this ID during this deref iteration,
74 if ( bdb_idl_insert( tmp, e->e_id ) ) {
75 rs->sr_err = LDAP_ALIAS_PROBLEM;
76 rs->sr_text = "circular alias";
81 /* If there was a problem getting the aliasedObjectName,
82 * get_alias_dn will have set the error status.
84 if ( get_alias_dn(e, &ndn, &rs->sr_err, &rs->sr_text) ) {
89 rs->sr_err = bdb_dn2entry( op, NULL, &ndn, &ei,
92 if ( ei ) e = ei->bei_e;
96 rs->sr_err = LDAP_ALIAS_PROBLEM;
97 rs->sr_text = "aliasedObject not found";
101 /* Free the previous entry, continue to work with the
102 * one we just retrieved.
104 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache,
108 /* We found a regular entry. Return this to the caller. The
109 * entry is still locked for Read.
111 if (!is_entry_alias(e)) {
112 rs->sr_err = LDAP_SUCCESS;
120 /* Look for and dereference all aliases within the search scope. Adds
121 * the dereferenced entries to the "ids" list. Requires "stack" to be
122 * able to hold 8 levels of DB_SIZE IDLs. Of course we're hardcoded to
123 * require a minimum of 8 UM_SIZE IDLs so this is never a problem.
125 static int search_aliases(
135 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
136 ID *aliases, *curscop, *subscop, *visited, *newsubs, *oldsubs, *tmp;
137 ID cursora, ida, cursoro, ido, *subscop2;
140 struct berval bv_alias = { sizeof("alias")-1, "alias" };
141 AttributeAssertion aa_alias;
143 DB_LOCK locka, lockr;
146 aliases = stack; /* IDL of all aliases in the database */
147 curscop = aliases + BDB_IDL_DB_SIZE; /* Aliases in the current scope */
148 subscop = curscop + BDB_IDL_DB_SIZE; /* The current scope */
149 visited = subscop + BDB_IDL_DB_SIZE; /* IDs we've seen in this search */
150 newsubs = visited + BDB_IDL_DB_SIZE; /* New subtrees we've added */
151 oldsubs = newsubs + BDB_IDL_DB_SIZE; /* Subtrees added previously */
152 tmp = oldsubs + BDB_IDL_DB_SIZE; /* Scratch space for deref_base() */
154 /* A copy of subscop, because subscop gets clobbered by
155 * the bdb_idl_union/intersection routines
157 subscop2 = tmp + BDB_IDL_DB_SIZE;
159 af.f_choice = LDAP_FILTER_EQUALITY;
160 af.f_ava = &aa_alias;
161 af.f_av_desc = slap_schema.si_ad_objectClass;
162 af.f_av_value = bv_alias;
165 /* Find all aliases in database */
166 BDB_IDL_ZERO( aliases );
167 rs->sr_err = bdb_filter_candidates( op, &af, aliases,
169 if (rs->sr_err != LDAP_SUCCESS) {
173 oldsubs[1] = e->e_id;
176 BDB_IDL_ZERO( visited );
177 BDB_IDL_ZERO( newsubs );
180 ido = bdb_idl_first( oldsubs, &cursoro );
183 /* Set curscop to only the aliases in the current scope. Start with
184 * all the aliases, obtain the IDL for the current scope, and then
185 * get the intersection of these two IDLs. Add the current scope
186 * to the cumulative list of candidates.
188 BDB_IDL_CPY( curscop, aliases );
189 rs->sr_err = bdb_dn2idl( op, e, subscop,
190 subscop2+BDB_IDL_DB_SIZE );
194 bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache, e, &locka);
196 BDB_IDL_CPY(subscop2, subscop);
197 rs->sr_err = bdb_idl_intersection(curscop, subscop);
198 bdb_idl_union( ids, subscop2 );
200 /* Dereference all of the aliases in the current scope. */
202 for (ida = bdb_idl_first(curscop, &cursora); ida != NOID;
203 ida = bdb_idl_next(curscop, &cursora))
206 rs->sr_err = bdb_cache_find_id(op, NULL,
207 ida, &ei, 0, locker, &lockr );
208 if (rs->sr_err != LDAP_SUCCESS) {
213 /* This should only happen if the curscop IDL has maxed out and
214 * turned into a range that spans IDs indiscriminately
216 if (!is_entry_alias(a)) {
217 bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache,
222 /* Actually dereference the alias */
224 a = deref_base( op, rs, a, &matched, locker, &lockr,
227 /* If the target was not already in our current candidates,
228 * make note of it in the newsubs list. Also
229 * set it in the scopes list so that bdb_search
232 if (bdb_idl_insert(ids, a->e_id) == 0) {
233 bdb_idl_insert(newsubs, a->e_id);
234 bdb_idl_insert(scopes, a->e_id);
236 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache,
239 } else if (matched) {
240 /* Alias could not be dereferenced, or it deref'd to
241 * an ID we've already seen. Ignore it.
243 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache,
248 /* If this is a OneLevel search, we're done; oldsubs only had one
249 * ID in it. For a Subtree search, oldsubs may be a list of scope IDs.
251 if (op->ors_scope != LDAP_SCOPE_SUBTREE) break;
253 ido = bdb_idl_next( oldsubs, &cursoro );
255 /* If we're done processing the old scopes, did we add any new
256 * scopes in this iteration? If so, go back and do those now.
259 if (BDB_IDL_IS_ZERO(newsubs)) break;
260 BDB_IDL_CPY(oldsubs, newsubs);
261 BDB_IDL_ZERO(newsubs);
263 ido = bdb_idl_first( oldsubs, &cursoro );
266 /* Find the entry corresponding to the next scope. If it can't
267 * be found, ignore it and move on. This should never happen;
268 * we should never see the ID of an entry that doesn't exist.
269 * Set the name so that the scope's IDL can be retrieved.
272 rs->sr_err = bdb_cache_find_id(op, NULL, ido, &ei,
274 if (rs->sr_err != LDAP_SUCCESS) goto nextido;
281 int is_sync_protocol( Operation *op )
283 #if !defined(LDAP_SYNC)
288 if ( op->o_sync_mode & SLAP_SYNC_REFRESH_AND_PERSIST )
294 #if defined(LDAP_SYNC)
295 #define IS_BDB_REPLACE(type) (( type == LDAP_PSEARCH_BY_DELETE ) || \
296 ( type == LDAP_PSEARCH_BY_SCOPEOUT ))
297 #define IS_PSEARCH (op != sop)
300 bdb_abandon( Operation *op, SlapReply *rs )
303 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
305 LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
306 if ( ps_list->o_connid == op->o_connid ) {
307 if ( ps_list->o_msgid == op->oq_abandon.rs_msgid ) {
308 ps_list->o_abandon = 1;
309 LDAP_LIST_REMOVE( ps_list, o_ps_link );
310 slap_op_free ( ps_list );
315 return LDAP_UNAVAILABLE;
319 bdb_cancel( Operation *op, SlapReply *rs )
322 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
324 LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
325 if ( ps_list->o_connid == op->o_connid ) {
326 if ( ps_list->o_msgid == op->oq_cancel.rs_msgid ) {
327 ps_list->o_cancel = SLAP_CANCEL_DONE;
328 LDAP_LIST_REMOVE( ps_list, o_ps_link );
331 bdb_build_sync_done_ctrl( conn, ps_list, ps_list->ctrls,
332 1, &latest_entrycsn_bv );
333 send_ldap_result( conn, ps_list, LDAP_CANCELLED,
334 NULL, NULL, NULL, ps_list->ctrls, ps_list->nentries);
336 rs->sr_err = LDAP_CANCELLED;
337 send_ldap_result( ps_list, rs );
339 if ( ps_list->o_tmpmemctx ) {
340 sl_mem_destroy( NULL, ps_list->o_tmpmemctx );
343 slap_op_free ( ps_list );
348 return LDAP_UNAVAILABLE;
351 int bdb_search( Operation *op, SlapReply *rs )
353 return bdb_do_search( op, rs, op, NULL, 0 );
356 /* For persistent searches, op is the currently executing operation,
357 * sop is the persistent search. For regular searches, sop = op.
360 bdb_do_search( Operation *op, SlapReply *rs, Operation *sop,
361 Entry *ps_e, int ps_type )
365 int bdb_search( Operation *op, SlapReply *rs )
368 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
371 ID candidates[BDB_IDL_UM_SIZE];
372 ID scopes[BDB_IDL_DB_SIZE];
373 Entry *e = NULL, base;
374 Entry *matched = NULL;
376 struct berval realbase = { 0, NULL };
380 AttributeName *attrs;
383 Filter cookief, csnfnot, csnfeq, csnfand, csnfge;
384 AttributeAssertion aa_ge, aa_eq;
387 struct berval entrycsn_bv = { 0, NULL };
389 struct berval latest_entrycsn_bv = { 0, NULL };
390 LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS];
392 AttributeName uuid_attr[2];
394 int entry_sync_state = -1;
395 AttributeName null_attr;
397 struct slap_limits_set *limit = NULL;
400 u_int32_t locker = 0;
404 LDAP_LOG( OPERATION, ENTRY, "bdb_back_search\n", 0, 0, 0 );
406 Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n",
409 attrs = sop->oq_search.rs_attrs;
412 /* psearch needs to be registered before refresh begins */
413 /* psearch and refresh transmission is serialized in send_ldap_ber() */
414 if ( !IS_PSEARCH && sop->o_sync_mode & SLAP_SYNC_PERSIST ) {
415 sop->o_ps_protocol = LDAP_SYNC;
416 LDAP_LIST_INSERT_HEAD( &bdb->bi_psearch_list, sop, o_ps_link );
418 null_attr.an_desc = NULL;
419 null_attr.an_oc = NULL;
420 null_attr.an_name.bv_len = 0;
421 null_attr.an_name.bv_val = NULL;
423 for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ ) {
424 ctrls[num_ctrls] = NULL;
428 if ( IS_PSEARCH && IS_BDB_REPLACE(ps_type)) {
429 if (sop->o_ps_protocol == LDAP_SYNC ) {
431 attrs[0].an_desc = NULL;
432 attrs[0].an_oc = NULL;
433 attrs[0].an_name.bv_len = 0;
434 attrs[0].an_name.bv_val = NULL;
443 manageDSAit = get_manageDSAit( sop );
445 /* Sync control overrides manageDSAit */
448 if ( !IS_PSEARCH && sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
449 if ( manageDSAit == SLAP_NO_CONTROL )
450 manageDSAit = SLAP_CRITICAL_CONTROL;
454 if ( manageDSAit == SLAP_NO_CONTROL )
455 manageDSAit = SLAP_CRITICAL_CONTROL;
458 rs->sr_err = LOCK_ID (bdb->bi_dbenv, &locker );
464 send_ldap_error( sop, rs, LDAP_OTHER, "internal error" );
468 if ( sop->o_req_ndn.bv_len == 0 ) {
469 /* DIT root special case */
470 e = (Entry *) &slap_entry_root;
474 /* get entry with reader lock */
475 rs->sr_err = bdb_dn2entry( op, NULL, &sop->o_req_ndn, &ei,
481 matched = ei->bei_e; break;
483 e = ei->bei_e; break;
485 send_ldap_error( sop, rs, LDAP_BUSY, "ldap server busy" );
486 LOCK_ID_FREE (bdb->bi_dbenv, locker );
488 case DB_LOCK_DEADLOCK:
489 case DB_LOCK_NOTGRANTED:
492 send_ldap_error( sop, rs, LDAP_OTHER, "internal error" );
493 LOCK_ID_FREE (bdb->bi_dbenv, locker );
497 if ( e && (op->ors_deref & LDAP_DEREF_FINDING) && is_entry_alias(e) ) {
498 BDB_IDL_ZERO(candidates);
499 e = deref_base( op, rs, e, &matched, locker, &lock,
504 struct berval matched_dn = { 0, NULL };
506 if ( matched != NULL ) {
508 ber_dupbv( &matched_dn, &matched->e_name );
510 erefs = is_entry_referral( matched )
511 ? get_entry_referrals( op, matched )
514 bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache,
519 rs->sr_ref = referral_rewrite( erefs, &matched_dn,
520 &sop->o_req_dn, sop->oq_search.rs_scope );
521 ber_bvarray_free( erefs );
525 rs->sr_ref = referral_rewrite( default_referral,
526 NULL, &sop->o_req_dn, sop->oq_search.rs_scope );
529 rs->sr_err=LDAP_REFERRAL;
530 rs->sr_matched = matched_dn.bv_val;
531 send_ldap_result( sop, rs );
533 LOCK_ID_FREE (bdb->bi_dbenv, locker );
535 ber_bvarray_free( rs->sr_ref );
538 if ( matched_dn.bv_val ) {
539 ber_memfree( matched_dn.bv_val );
540 rs->sr_matched = NULL;
545 if (!manageDSAit && e != &slap_entry_root && is_entry_referral( e ) ) {
546 /* entry is a referral, don't allow add */
547 struct berval matched_dn;
550 ber_dupbv( &matched_dn, &e->e_name );
551 erefs = get_entry_referrals( op, e );
553 bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
557 rs->sr_ref = referral_rewrite( erefs, &matched_dn,
558 &sop->o_req_dn, sop->oq_search.rs_scope );
559 ber_bvarray_free( erefs );
563 LDAP_LOG ( OPERATION, RESULTS,
564 "bdb_search: entry is referral\n", 0, 0, 0 );
566 Debug( LDAP_DEBUG_TRACE, "bdb_search: entry is referral\n",
570 if (!rs->sr_ref) rs->sr_text = "bad_referral object";
571 rs->sr_err = LDAP_REFERRAL;
572 rs->sr_matched = matched_dn.bv_val;
573 send_ldap_result( sop, rs );
575 LOCK_ID_FREE (bdb->bi_dbenv, locker );
576 ber_bvarray_free( rs->sr_ref );
578 ber_memfree( matched_dn.bv_val );
579 rs->sr_matched = NULL;
583 if ( get_assert( op ) &&
584 ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
586 rs->sr_err = LDAP_ASSERTION_FAILED;
587 send_ldap_result( sop, rs );
591 /* if not root, get appropriate limits */
592 if ( be_isroot( op->o_bd, &sop->o_ndn ) ) {
595 ( void ) get_limits( op->o_bd, &sop->o_ndn, &limit );
598 /* The time/size limits come first because they require very little
599 * effort, so there's no chance the candidates are selected and then
600 * the request is not honored only because of time/size constraints */
602 /* if no time limit requested, use soft limit (unless root!) */
604 if ( sop->oq_search.rs_tlimit == 0 ) {
605 sop->oq_search.rs_tlimit = -1; /* allow root to set no limit */
608 if ( sop->oq_search.rs_slimit == 0 ) {
609 sop->oq_search.rs_slimit = -1;
613 /* if no limit is required, use soft limit */
614 if ( sop->oq_search.rs_tlimit <= 0 ) {
615 sop->oq_search.rs_tlimit = limit->lms_t_soft;
617 /* if requested limit higher than hard limit, abort */
618 } else if ( sop->oq_search.rs_tlimit > limit->lms_t_hard ) {
619 /* no hard limit means use soft instead */
620 if ( limit->lms_t_hard == 0
621 && limit->lms_t_soft > -1
622 && sop->oq_search.rs_tlimit > limit->lms_t_soft ) {
623 sop->oq_search.rs_tlimit = limit->lms_t_soft;
625 /* positive hard limit means abort */
626 } else if ( limit->lms_t_hard > 0 ) {
627 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
628 send_ldap_result( sop, rs );
633 /* negative hard limit means no limit */
636 /* if no limit is required, use soft limit */
637 if ( sop->oq_search.rs_slimit <= 0 ) {
638 if ( get_pagedresults(sop) && limit->lms_s_pr != 0 ) {
639 sop->oq_search.rs_slimit = limit->lms_s_pr;
641 sop->oq_search.rs_slimit = limit->lms_s_soft;
644 /* if requested limit higher than hard limit, abort */
645 } else if ( sop->oq_search.rs_slimit > limit->lms_s_hard ) {
646 /* no hard limit means use soft instead */
647 if ( limit->lms_s_hard == 0
648 && limit->lms_s_soft > -1
649 && sop->oq_search.rs_slimit > limit->lms_s_soft ) {
650 sop->oq_search.rs_slimit = limit->lms_s_soft;
652 /* positive hard limit means abort */
653 } else if ( limit->lms_s_hard > 0 ) {
654 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
655 send_ldap_result( sop, rs );
660 /* negative hard limit means no limit */
664 /* compute it anyway; root does not use it */
665 stoptime = op->o_time + sop->oq_search.rs_tlimit;
667 /* need normalized dn below */
668 ber_dupbv( &realbase, &e->e_nname );
670 /* Copy info to base, must free entry before accessing the database
671 * in search_candidates, to avoid deadlocks.
673 base.e_private = e->e_private;
674 base.e_nname = realbase;
677 if ( e != &slap_entry_root ) {
678 bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, e, &lock);
682 /* select candidates */
683 if ( sop->oq_search.rs_scope == LDAP_SCOPE_BASE ) {
684 rs->sr_err = base_candidate( op->o_bd, &base, candidates );
687 BDB_IDL_ZERO( candidates );
688 BDB_IDL_ZERO( scopes );
689 rs->sr_err = search_candidates( op, sop, rs, &base, locker, candidates, scopes );
692 /* start cursor at beginning of candidates.
697 if ( !BDB_IDL_IS_RANGE( candidates ) ) {
698 cursor = bdb_idl_search( candidates, ps_e->e_id );
699 if ( candidates[cursor] != ps_e->e_id ) {
700 rs->sr_err = LDAP_SUCCESS;
704 if ( ps_e->e_id < BDB_IDL_RANGE_FIRST(candidates)
705 || ps_e->e_id > BDB_IDL_RANGE_LAST(candidates)){
706 rs->sr_err = LDAP_SUCCESS;
711 candidates[1] = ps_e->e_id;
715 if ( candidates[0] == 0 ) {
717 LDAP_LOG ( OPERATION, RESULTS,
718 "bdb_search: no candidates\n", 0, 0, 0 );
720 Debug( LDAP_DEBUG_TRACE, "bdb_search: no candidates\n",
724 rs->sr_err = LDAP_SUCCESS;
725 send_ldap_result( sop, rs );
730 /* if not root and candidates exceed to-be-checked entries, abort */
731 if ( !isroot && limit->lms_s_unchecked != -1 ) {
732 if ( BDB_IDL_N(candidates) > (unsigned) limit->lms_s_unchecked ) {
733 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
734 send_ldap_result( sop, rs );
740 if ( isroot || !limit->lms_s_pr_hide ) {
741 tentries = BDB_IDL_N(candidates);
744 #ifdef LDAP_CONTROL_PAGEDRESULTS
745 if ( get_pagedresults(sop) ) {
746 if ( sop->o_pagedresults_state.ps_cookie == 0 ) {
749 if ( sop->o_pagedresults_size == 0 ) {
750 rs->sr_err = LDAP_SUCCESS;
751 rs->sr_text = "search abandoned by pagedResult size=0";
752 send_ldap_result( sop, rs );
755 for ( id = bdb_idl_first( candidates, &cursor );
756 id != NOID && id <= (ID)( sop->o_pagedresults_state.ps_cookie );
757 id = bdb_idl_next( candidates, &cursor ) );
759 if ( cursor == NOID ) {
761 LDAP_LOG ( OPERATION, RESULTS,
762 "bdb_search: no paged results candidates\n",
765 Debug( LDAP_DEBUG_TRACE,
766 "bdb_search: no paged results candidates\n",
769 send_pagerequest_response( sop, rs, lastid, 0 );
779 if ( (sop->o_sync_mode & SLAP_SYNC_REFRESH) ||
780 ( IS_PSEARCH && sop->o_ps_protocol == LDAP_SYNC ))
782 cookief.f_choice = LDAP_FILTER_AND;
783 cookief.f_and = &csnfnot;
784 cookief.f_next = NULL;
786 csnfnot.f_choice = LDAP_FILTER_NOT;
787 csnfnot.f_not = &csnfeq;
788 csnfnot.f_next = &csnfand;
790 csnfeq.f_choice = LDAP_FILTER_EQUALITY;
791 csnfeq.f_ava = &aa_eq;
792 csnfeq.f_av_desc = slap_schema.si_ad_entryCSN;
793 csnfeq.f_av_value = sop->o_sync_state;
795 csnfand.f_choice = LDAP_FILTER_AND;
796 csnfand.f_and = &csnfge;
797 csnfand.f_next = NULL;
799 csnfge.f_choice = LDAP_FILTER_GE;
800 csnfge.f_ava = &aa_ge;
801 csnfge.f_av_desc = slap_schema.si_ad_entryCSN;
802 csnfge.f_av_value = sop->o_sync_state;
803 csnfge.f_next = sop->oq_search.rs_filter;
807 for ( id = bdb_idl_first( candidates, &cursor );
809 id = bdb_idl_next( candidates, &cursor ) )
814 /* check for abandon */
815 if ( sop->o_abandon ) {
820 #ifdef LDAP_EXOP_X_CANCEL
821 if ( sop->o_cancel ) {
822 assert( sop->o_cancel == SLAP_CANCEL_REQ );
823 rs->sr_err = LDAP_CANCELLED;
824 send_ldap_result( sop, rs );
825 sop->o_cancel = SLAP_CANCEL_ACK;
831 /* check time limit */
832 if ( sop->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
833 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
834 rs->sr_ref = rs->sr_v2ref;
835 send_ldap_result( sop, rs );
844 /* get the entry with reader lock */
846 rs->sr_err = bdb_cache_find_id( op, NULL,
847 id, &ei, 0, locker, &lock );
849 if (rs->sr_err == LDAP_BUSY) {
850 rs->sr_text = "ldap server busy";
851 send_ldap_result( sop, rs );
854 } else if ( rs->sr_err == DB_LOCK_DEADLOCK
855 || rs->sr_err == DB_LOCK_NOTGRANTED )
860 if ( ei && rs->sr_err == 0 ) {
867 if( !BDB_IDL_IS_RANGE(candidates) ) {
868 /* only complain for non-range IDLs */
870 LDAP_LOG ( OPERATION, RESULTS,
871 "bdb_search: candidate %ld not found\n",
874 Debug( LDAP_DEBUG_TRACE,
875 "bdb_search: candidate %ld not found\n",
889 #ifdef BDB_SUBENTRIES
890 if ( !is_sync_protocol( sop ) ) {
891 if ( is_entry_subentry( e ) ) {
892 if( sop->oq_search.rs_scope != LDAP_SCOPE_BASE ) {
893 if(!get_subentries_visibility( sop )) {
894 /* only subentries are visible */
898 } else if ( get_subentries( sop ) &&
899 !get_subentries_visibility( sop ))
901 /* only subentries are visible */
905 } else if ( get_subentries_visibility( sop )) {
906 /* only subentries are visible */
912 /* Does this candidate actually satisfy the search scope?
914 * Note that we don't lock access to the bei_parent pointer.
915 * Since only leaf nodes can be deleted, the parent of any
916 * node will always be a valid node. Also since we have
917 * a Read lock on the data, it cannot be renamed out of the
918 * scope while we are looking at it, and unless we're using
919 * BDB_HIER, its parents cannot be moved either.
921 switch( sop->ors_scope ) {
922 case LDAP_SCOPE_BASE:
923 /* This is always true, yes? */
924 if ( id == base.e_id )
927 case LDAP_SCOPE_ONELEVEL:
928 if ( ei->bei_parent->bei_id == base.e_id )
931 case LDAP_SCOPE_SUBTREE:
933 for ( tmp = BEI(e); tmp->bei_parent;
934 tmp = tmp->bei_parent ) {
935 if ( tmp->bei_id == base.e_id ) {
944 /* aliases were already dereferenced in candidate list */
945 if ( sop->ors_deref & LDAP_DEREF_SEARCHING ) {
946 /* but if the search base is an alias, and we didn't
947 * deref it when finding, return it.
949 if ( is_entry_alias(e) &&
950 ((sop->ors_deref & LDAP_DEREF_FINDING)
951 || !bvmatch(&e->e_nname, &op->o_req_ndn)))
956 /* scopes is only non-empty for onelevel or subtree */
957 if ( !scopeok && BDB_IDL_N(scopes) ) {
959 if ( sop->ors_scope == LDAP_SCOPE_ONELEVEL ) {
960 x = bdb_idl_search( scopes,
962 if ( scopes[x] == e->e_id )
965 /* subtree, walk up the tree */
966 EntryInfo *tmp = BEI(e);
967 for (;tmp->bei_parent;
968 tmp=tmp->bei_parent) {
970 scopes, tmp->bei_id );
971 if ( scopes[x] == tmp->bei_id ) {
981 /* Not in scope, ignore it */
984 LDAP_LOG ( OPERATION, RESULTS,
985 "bdb_search: %ld scope not okay\n",
988 Debug( LDAP_DEBUG_TRACE,
989 "bdb_search: %ld scope not okay\n",
996 * if it's a referral, add it to the list of referrals. only do
997 * this for non-base searches, and don't check the filter
998 * explicitly here since it's only a candidate anyway.
1000 if ( !manageDSAit && sop->oq_search.rs_scope != LDAP_SCOPE_BASE
1001 && is_entry_referral( e ) )
1003 BerVarray erefs = get_entry_referrals( sop, e );
1004 rs->sr_ref = referral_rewrite( erefs,
1006 sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE
1007 ? LDAP_SCOPE_SUBTREE
1008 : LDAP_SCOPE_BASE );
1010 send_search_reference( sop, rs );
1012 ber_bvarray_free( rs->sr_ref );
1013 ber_bvarray_free( erefs );
1019 #ifdef LDAP_SYNCREPL
1020 if ( !manageDSAit && is_entry_glue( e ) )
1026 /* if it matches the filter and scope, send it */
1029 if (ps_type != LDAP_PSEARCH_BY_SCOPEOUT) {
1030 rs->sr_err = test_filter( sop, rs->sr_entry, &cookief );
1032 rs->sr_err = LDAP_COMPARE_TRUE;
1035 if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
1036 rc_sync = test_filter( sop, rs->sr_entry, &cookief );
1037 rs->sr_err = test_filter( sop,
1038 rs->sr_entry, sop->oq_search.rs_filter );
1039 if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
1040 if ( rc_sync == LDAP_COMPARE_TRUE ) {
1041 entry_sync_state = LDAP_SYNC_ADD;
1043 entry_sync_state = LDAP_SYNC_PRESENT;
1049 rs->sr_err = test_filter( sop,
1050 rs->sr_entry, sop->oq_search.rs_filter );
1056 if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
1057 /* check size limit */
1058 if ( --sop->oq_search.rs_slimit == -1 ) {
1062 bdb_cache_return_entry_r( bdb->bi_dbenv,
1063 &bdb->bi_cache, e, &lock );
1065 rs->sr_entry = NULL;
1066 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1067 rs->sr_ref = rs->sr_v2ref;
1068 send_ldap_result( sop, rs );
1072 #ifdef LDAP_CONTROL_PAGEDRESULTS
1073 if ( get_pagedresults(sop) ) {
1074 if ( rs->sr_nentries >= sop->o_pagedresults_size ) {
1075 send_pagerequest_response( sop, rs,
1087 #if 0 /* noop is masked SLAP_CTRL_UPDATE */
1094 int premodify_found = 0;
1095 int entry_sync_state;
1097 if ( ps_type == LDAP_PSEARCH_BY_ADD ||
1098 ps_type == LDAP_PSEARCH_BY_DELETE ||
1099 ps_type == LDAP_PSEARCH_BY_MODIFY ||
1100 ps_type == LDAP_PSEARCH_BY_SCOPEOUT )
1102 if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) {
1103 struct psid_entry* psid_e;
1104 LDAP_LIST_FOREACH( psid_e,
1105 &op->o_pm_list, ps_link)
1107 if( psid_e->ps_op == sop ) {
1108 premodify_found = 1;
1109 LDAP_LIST_REMOVE(psid_e, ps_link);
1113 if (psid_e != NULL) free (psid_e);
1115 if ( ps_type == LDAP_PSEARCH_BY_ADD ) {
1116 entry_sync_state = LDAP_SYNC_ADD;
1117 } else if ( ps_type == LDAP_PSEARCH_BY_DELETE ) {
1118 entry_sync_state = LDAP_SYNC_DELETE;
1119 } else if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) {
1120 if ( premodify_found ) {
1121 entry_sync_state = LDAP_SYNC_MODIFY;
1123 entry_sync_state = LDAP_SYNC_ADD;
1125 } else if ( ps_type == LDAP_PSEARCH_BY_SCOPEOUT )
1126 entry_sync_state = LDAP_SYNC_DELETE;
1131 if ( sop->o_ps_protocol == LDAP_SYNC ) {
1132 rs->sr_err = bdb_build_sync_state_ctrl( sop,
1133 rs, e, entry_sync_state, ctrls,
1134 num_ctrls++, 1, &latest_entrycsn_bv );
1135 if ( rs->sr_err != LDAP_SUCCESS ) goto done;
1136 rs->sr_attrs = attrs;
1137 rs->sr_ctrls = ctrls;
1138 result = send_search_entry( sop, rs );
1139 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1140 ch_free( ctrls[--num_ctrls] );
1141 ctrls[num_ctrls] = NULL;
1142 rs->sr_ctrls = NULL;
1149 } else if ( ps_type == LDAP_PSEARCH_BY_PREMODIFY ) {
1150 struct psid_entry* psid_e;
1151 psid_e = (struct psid_entry *) calloc (1,
1152 sizeof(struct psid_entry));
1153 psid_e->ps_op = sop;
1154 LDAP_LIST_INSERT_HEAD( &op->o_pm_list,
1158 printf("Error !\n");
1161 if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
1162 rs->sr_err = bdb_build_sync_state_ctrl( sop,
1163 rs, e, entry_sync_state, ctrls,
1164 num_ctrls++, 0, &latest_entrycsn_bv );
1165 if ( rs->sr_err != LDAP_SUCCESS ) goto done;
1167 rs->sr_ctrls = ctrls;
1168 if ( rc_sync == LDAP_COMPARE_TRUE ) { /* ADD */
1169 rs->sr_attrs = sop->oq_search.rs_attrs;
1170 } else { /* PRESENT */
1171 rs->sr_attrs = &null_attr;
1173 result = send_search_entry( sop, rs );
1174 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1175 ch_free( ctrls[--num_ctrls] );
1176 ctrls[num_ctrls] = NULL;
1177 rs->sr_ctrls = NULL;
1181 rs->sr_attrs = sop->oq_search.rs_attrs;
1182 rs->sr_ctrls = NULL;
1183 result = send_search_entry( sop, rs );
1188 case 0: /* entry sent ok */
1190 case 1: /* entry not sent */
1192 case -1: /* connection closed */
1194 bdb_cache_return_entry_r(bdb->bi_dbenv,
1195 &bdb->bi_cache, e, &lock);
1197 rs->sr_entry = NULL;
1198 rs->sr_err = LDAP_OTHER;
1204 LDAP_LOG ( OPERATION, RESULTS,
1205 "bdb_search: %ld does not match filter\n", (long) id, 0, 0);
1207 Debug( LDAP_DEBUG_TRACE,
1208 "bdb_search: %ld does not match filter\n",
1215 /* free reader lock */
1217 bdb_cache_return_entry_r( bdb->bi_dbenv,
1218 &bdb->bi_cache, e , &lock);
1221 rs->sr_entry = NULL;
1224 ldap_pvt_thread_yield();
1229 if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
1230 if ( sop->o_sync_mode & SLAP_SYNC_PERSIST ) {
1231 /* refreshAndPersist mode */
1232 rs->sr_err = LDAP_SUCCESS;
1233 rs->sr_rspoid = LDAP_SYNC_INFO;
1234 rs->sr_ctrls = NULL;
1235 bdb_send_ldap_intermediate( sop, rs,
1236 LDAP_SYNC_REFRESH_DONE, &latest_entrycsn_bv );
1238 /* refreshOnly mode */
1239 bdb_build_sync_done_ctrl( sop, rs, ctrls,
1240 num_ctrls++, 1, &latest_entrycsn_bv );
1241 rs->sr_ctrls = ctrls;
1242 rs->sr_ref = rs->sr_v2ref;
1243 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
1244 send_ldap_result( sop, rs );
1245 if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) {
1246 ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
1248 ch_free( ctrls[--num_ctrls] );
1249 ctrls[num_ctrls] = NULL;
1252 ch_free( latest_entrycsn_bv.bv_val );
1253 latest_entrycsn_bv.bv_val = NULL;
1257 rs->sr_ctrls = NULL;
1258 rs->sr_ref = rs->sr_v2ref;
1259 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
1260 send_ldap_result( sop, rs );
1264 rs->sr_err = LDAP_SUCCESS;
1267 if( !IS_PSEARCH && e != NULL ) {
1268 /* free reader lock */
1269 bdb_cache_return_entry_r ( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
1272 LOCK_ID_FREE (bdb->bi_dbenv, locker );
1274 if( rs->sr_v2ref ) {
1275 ber_bvarray_free( rs->sr_v2ref );
1276 rs->sr_v2ref = NULL;
1278 if( realbase.bv_val ) ch_free( realbase.bv_val );
1284 static int base_candidate(
1290 LDAP_LOG ( OPERATION, ENTRY,
1291 "base_candidate: base: \"%s\" (0x%08lx)\n",
1292 e->e_nname.bv_val, (long) e->e_id, 0);
1294 Debug(LDAP_DEBUG_ARGS, "base_candidates: base: \"%s\" (0x%08lx)\n",
1295 e->e_nname.bv_val, (long) e->e_id, 0);
1303 /* Look for "objectClass Present" in this filter.
1304 * Also count depth of filter tree while we're at it.
1306 static int oc_filter(
1314 if( cur > *max ) *max = cur;
1316 switch(f->f_choice) {
1317 case LDAP_FILTER_PRESENT:
1318 if (f->f_desc == slap_schema.si_ad_objectClass) {
1323 case LDAP_FILTER_AND:
1324 case LDAP_FILTER_OR:
1326 for (f=f->f_and; f; f=f->f_next) {
1327 (void) oc_filter(f, cur, max);
1337 static void search_stack_free( void *key, void *data )
1339 ber_memfree_x(data, NULL);
1342 static void *search_stack(
1346 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
1349 if ( op->o_threadctx ) {
1350 ldap_pvt_thread_pool_getkey( op->o_threadctx, search_stack,
1353 ret = bdb->bi_search_stack;
1357 ret = ch_malloc( bdb->bi_search_stack_depth * BDB_IDL_UM_SIZE
1359 if ( op->o_threadctx ) {
1360 ldap_pvt_thread_pool_setkey( op->o_threadctx, search_stack,
1361 ret, search_stack_free );
1363 bdb->bi_search_stack = ret;
1369 static int search_candidates(
1378 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
1380 Filter f, rf, xf, nf;
1382 AttributeAssertion aa_ref;
1383 #ifdef BDB_SUBENTRIES
1385 AttributeAssertion aa_subentry;
1389 * This routine takes as input a filter (user-filter)
1390 * and rewrites it as follows:
1391 * (&(scope=DN)[(objectClass=subentry)]
1392 * (|[(objectClass=referral)(objectClass=alias)](user-filter))
1396 LDAP_LOG ( OPERATION, ENTRY,
1397 "search_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
1398 e->e_nname.bv_val, (long) e->e_id, op->oq_search.rs_scope);
1400 Debug(LDAP_DEBUG_TRACE,
1401 "search_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
1402 e->e_nname.bv_val, (long) e->e_id, op->oq_search.rs_scope );
1405 xf.f_or = op->oq_search.rs_filter;
1406 xf.f_choice = LDAP_FILTER_OR;
1409 /* If the user's filter uses objectClass=*,
1410 * these clauses are redundant.
1412 if (!oc_filter(op->oq_search.rs_filter, 1, &depth)
1413 && !get_subentries_visibility(op)
1414 && !is_sync_protocol(op) )
1416 if( !get_manageDSAit(op) && !get_domainScope(op) ) {
1417 /* match referral objects */
1418 struct berval bv_ref = { sizeof("referral")-1, "referral" };
1419 rf.f_choice = LDAP_FILTER_EQUALITY;
1421 rf.f_av_desc = slap_schema.si_ad_objectClass;
1422 rf.f_av_value = bv_ref;
1423 rf.f_next = xf.f_or;
1430 f.f_choice = LDAP_FILTER_AND;
1432 /* Dummy; we compute scope separately now */
1433 nf.f_choice = SLAPD_FILTER_COMPUTED;
1434 nf.f_result = LDAP_SUCCESS;
1435 nf.f_next = xf.f_or == op->oq_search.rs_filter
1436 ? op->oq_search.rs_filter : &xf ;
1437 /* Filter depth increased again, adding dummy clause */
1440 #ifdef BDB_SUBENTRIES
1441 if( get_subentries_visibility( op ) ) {
1442 struct berval bv_subentry = { sizeof("SUBENTRY")-1, "SUBENTRY" };
1443 sf.f_choice = LDAP_FILTER_EQUALITY;
1444 sf.f_ava = &aa_subentry;
1445 sf.f_av_desc = slap_schema.si_ad_objectClass;
1446 sf.f_av_value = bv_subentry;
1447 sf.f_next = nf.f_next;
1452 /* Allocate IDL stack, plus 1 more for former tmp */
1453 if ( depth+1 > bdb->bi_search_stack_depth ) {
1454 stack = ch_malloc( (depth + 1) * BDB_IDL_UM_SIZE * sizeof( ID ) );
1456 stack = search_stack( stackop );
1459 if( op->ors_deref & LDAP_DEREF_SEARCHING ) {
1460 rc = search_aliases( op, rs, e, locker, ids, scopes, stack );
1462 rc = bdb_dn2idl( op, e, ids, stack );
1465 if ( rc == LDAP_SUCCESS ) {
1466 rc = bdb_filter_candidates( op, &f, ids,
1467 stack, stack+BDB_IDL_UM_SIZE );
1470 if ( depth+1 > bdb->bi_search_stack_depth ) {
1476 LDAP_LOG ( OPERATION, DETAIL1,
1477 "bdb_search_candidates: failed (rc=%d)\n", rc, 0, 0 );
1479 Debug(LDAP_DEBUG_TRACE,
1480 "bdb_search_candidates: failed (rc=%d)\n",
1486 LDAP_LOG ( OPERATION, DETAIL1,
1487 "bdb_search_candidates: id=%ld first=%ld last=%ld\n",
1488 (long) ids[0], (long) BDB_IDL_FIRST(ids),
1489 (long) BDB_IDL_LAST(ids));
1491 Debug(LDAP_DEBUG_TRACE,
1492 "bdb_search_candidates: id=%ld first=%ld last=%ld\n",
1494 (long) BDB_IDL_FIRST(ids),
1495 (long) BDB_IDL_LAST(ids) );
1502 #ifdef LDAP_CONTROL_PAGEDRESULTS
1504 send_pagerequest_response(
1510 LDAPControl ctrl, *ctrls[2];
1511 char berbuf[LBER_ELEMENT_SIZEOF];
1512 BerElement *ber = (BerElement *)berbuf;
1513 struct berval cookie = { 0, NULL };
1514 PagedResultsCookie respcookie;
1517 LDAP_LOG ( OPERATION, ENTRY,
1518 "send_pagerequest_response: lastid: (0x%08lx) "
1519 "nentries: (0x%081x)\n",
1520 lastid, rs->sr_nentries, NULL );
1522 Debug(LDAP_DEBUG_ARGS, "send_pagerequest_response: lastid: (0x%08lx) "
1523 "nentries: (0x%081x)\n", lastid, rs->sr_nentries, NULL );
1526 ctrl.ldctl_value.bv_val = NULL;
1530 ber_init2( ber, NULL, LBER_USE_DER );
1532 respcookie = ( PagedResultsCookie )lastid;
1533 op->o_conn->c_pagedresults_state.ps_cookie = respcookie;
1534 cookie.bv_len = sizeof( respcookie );
1535 cookie.bv_val = (char *)&respcookie;
1538 * FIXME: we should consider sending an estimate of the entries
1539 * left, after appropriate security check is done
1541 ber_printf( ber, "{iO}", tentries, &cookie );
1543 if ( ber_flatten2( ber, &ctrls[0]->ldctl_value, 0 ) == -1 ) {
1547 ctrls[0]->ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
1548 ctrls[0]->ldctl_iscritical = 0;
1550 rs->sr_ctrls = ctrls;
1551 rs->sr_err = LDAP_SUCCESS;
1552 send_ldap_result( op, rs );
1555 (void) ber_free_buf( ber );
1561 bdb_build_sync_state_ctrl(
1565 int entry_sync_state,
1566 LDAPControl **ctrls,
1569 struct berval *latest_entrycsn_bv )
1574 const char *text = NULL;
1576 char berbuf[LBER_ELEMENT_SIZEOF];
1577 BerElement *ber = (BerElement *)berbuf;
1579 struct berval entryuuid_bv = { 0, NULL };
1580 struct berval entrycsn_bv = { 0, NULL };
1582 ber_init2( ber, 0, LBER_USE_DER );
1584 ctrls[num_ctrls] = ch_malloc ( sizeof ( LDAPControl ) );
1586 for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
1587 AttributeDescription *desc = a->a_desc;
1588 if ( desc == slap_schema.si_ad_entryCSN ) {
1589 ber_dupbv( &entrycsn_bv, &a->a_vals[0] );
1590 if ( latest_entrycsn_bv->bv_val == NULL ) {
1591 ber_dupbv( latest_entrycsn_bv, &entrycsn_bv );
1593 res = value_match( &ret, desc,
1594 desc->ad_type->sat_ordering, 0,
1595 &entrycsn_bv, latest_entrycsn_bv, &text );
1596 if ( res != LDAP_SUCCESS ) {
1599 LDAP_LOG ( OPERATION, RESULTS,
1600 "bdb_search: value_match failed\n",
1603 Debug( LDAP_DEBUG_TRACE,
1604 "bdb_search: value_match failed\n",
1609 ch_free( latest_entrycsn_bv->bv_val );
1610 latest_entrycsn_bv->bv_val = NULL;
1611 ber_dupbv( latest_entrycsn_bv, &entrycsn_bv );
1614 } else if ( desc == slap_schema.si_ad_entryUUID ) {
1615 ber_dupbv( &entryuuid_bv, &a->a_vals[0] );
1619 if ( send_cookie ) {
1620 ber_printf( ber, "{eOON}",
1621 entry_sync_state, &entryuuid_bv, &entrycsn_bv );
1623 ber_printf( ber, "{eON}",
1624 entry_sync_state, &entryuuid_bv );
1627 ch_free( entrycsn_bv.bv_val );
1628 entrycsn_bv.bv_val = NULL;
1629 ch_free( entryuuid_bv.bv_val );
1630 entryuuid_bv.bv_val = NULL;
1632 ctrls[num_ctrls]->ldctl_oid = LDAP_CONTROL_SYNC_STATE;
1633 ctrls[num_ctrls]->ldctl_iscritical = op->o_sync;
1634 ret = ber_flatten2( ber, &ctrls[num_ctrls]->ldctl_value, 1 );
1636 ber_free_buf( ber );
1640 LDAP_LOG ( OPERATION, RESULTS,
1641 "bdb_build_sync_ctrl: ber_flatten2 failed\n",
1644 Debug( LDAP_DEBUG_TRACE,
1645 "bdb_build_sync_ctrl: ber_flatten2 failed\n",
1648 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
1652 return LDAP_SUCCESS;
1656 bdb_build_sync_done_ctrl(
1659 LDAPControl **ctrls,
1662 struct berval *latest_entrycsn_bv )
1665 char berbuf[LBER_ELEMENT_SIZEOF];
1666 BerElement *ber = (BerElement *)berbuf;
1668 ber_init2( ber, NULL, LBER_USE_DER );
1670 ctrls[num_ctrls] = ch_malloc ( sizeof ( LDAPControl ) );
1672 if ( send_cookie ) {
1673 ber_printf( ber, "{ON}", latest_entrycsn_bv );
1675 ber_printf( ber, "{N}" );
1678 ctrls[num_ctrls]->ldctl_oid = LDAP_CONTROL_SYNC_DONE;
1679 ctrls[num_ctrls]->ldctl_iscritical = op->o_sync;
1680 ret = ber_flatten2( ber, &ctrls[num_ctrls]->ldctl_value, 1 );
1682 ber_free_buf( ber );
1686 LDAP_LOG ( OPERATION, RESULTS,
1687 "bdb_build_sync_done_ctrl: ber_flatten2 failed\n",
1690 Debug( LDAP_DEBUG_TRACE,
1691 "bdb_build_sync_done_ctrl: ber_flatten2 failed\n",
1694 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
1698 return LDAP_SUCCESS;
1702 bdb_send_ldap_intermediate(
1706 struct berval *cookie )
1708 char berbuf[LBER_ELEMENT_SIZEOF];
1709 BerElement *ber = (BerElement *)berbuf;
1710 struct berval rspdata;
1714 ber_init2( ber, NULL, LBER_USE_DER );
1716 if ( cookie == NULL ) {
1717 ber_printf( ber, "{eN}", state );
1719 ber_printf( ber, "{eON}", state, cookie );
1722 ret = ber_flatten2( ber, &rspdata, 0 );
1726 LDAP_LOG ( OPERATION, RESULTS,
1727 "bdb_send_ldap_intermediate: ber_flatten2 failed\n",
1730 Debug( LDAP_DEBUG_TRACE,
1731 "bdb_send_ldap_intermediate: ber_flatten2 failed\n",
1734 send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
1738 rs->sr_rspdata = &rspdata;
1739 send_ldap_intermediate( op, rs );
1740 rs->sr_rspdata = NULL;
1741 ber_free_buf( ber );
1743 return LDAP_SUCCESS;