2 * Copyright (c) 1998 Will Ballantyne, ITSD, Government of BC
5 * Redistribution and use in source and binary forms are permitted
6 * provided that this notice is preserved and that due credit is given
7 * to ITSD, Government of BC. The name of ITSD
8 * may not be used to endorse or promote products derived from this
9 * software without specific prior written permission. This software
10 * is provided ``as is'' without express or implied warranty.
16 #include "back-ldbm.h"
18 extern Attribute *attr_find();
21 * given an alias object, dereference it to its end point.
23 Entry *derefAlias ( Backend *be,
29 struct ldbminfo *li = (struct ldbminfo *) be->be_private;
35 Debug( LDAP_DEBUG_TRACE,
36 "<= checking for alias for dn %s\n", e->e_dn, 0, 0 );
39 * try to deref fully, up to a maximum depth. If the max depth exceeded
43 ( ( a = attr_find( e->e_attrs, "aliasedobjectname" ) ) != NULL) &&
44 ( depth < be->be_maxDerefDepth );
48 * make sure there is a defined aliasedobjectname.
49 * can only have one value so just use first value (0) in the attr list.
51 if (a->a_vals[0] && a->a_vals[0]->bv_val) {
54 Debug( LDAP_DEBUG_TRACE, "<= %s is an alias for %s\n",
55 e->e_dn, a->a_vals[0]->bv_val, 0 );
56 newDN = strdup (a->a_vals[0]->bv_val);
57 oldDN = strdup (e->e_dn);
59 /* free reader lock */
60 cache_return_entry_r( &li->li_cache, e );
64 * ok, so what happens if there is an alias in the DN of a dereferenced
67 if ( (id = dn2id( be, newDN )) == NOID ||
68 (e = id2entry_r( be, id )) == NULL ) {
70 /* could not deref return error */
71 Debug( LDAP_DEBUG_TRACE,
72 "<= %s is a dangling alias to %s\n",
74 send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, "",
82 * there was an aliasedobjectname defined but no data.
83 * this can't happen, right?
85 Debug( LDAP_DEBUG_TRACE,
86 "<= %s has no data in aliasedobjectname attribute\n",
88 send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, "",
89 "Alias missing aliasedobjectname" );
94 * warn if we pulled out due to exceeding the maximum deref depth
96 if ( depth >= be->be_maxDerefDepth ) {
97 Debug( LDAP_DEBUG_TRACE,
98 "<= %s exceeded maximum deref depth %d\n",
99 e->e_dn, be->be_maxDerefDepth, 0 );
100 send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, "",
101 "Maximum alias dereference depth exceeded" );
108 * given a DN fully deref it and return the real DN or original DN if it fails
110 char *derefDN ( Backend *be,
116 struct ldbminfo *li = (struct ldbminfo *) be->be_private;
123 Debug( LDAP_DEBUG_TRACE,
124 "<= dereferencing dn %s\n",
127 newDN = strdup ( dn );
129 /* while we don't have a matched dn, deref the DN */
131 ( (e = dn2entry_r( be, newDN, &matched )) == NULL) &&
132 (depth < be->be_maxDerefDepth);
139 /* free reader lock */
140 cache_return_entry_r( &li->li_cache, e );
145 * make sure there actually is an entry for the matched part
147 if ( (e = dn2entry_r( be, matched, &submatch )) != NULL) {
148 char *remainder; /* part before the aliased part */
150 int rlen = strlen(newDN) - strlen(matched);
152 Debug( LDAP_DEBUG_TRACE,
156 remainder = ch_malloc (rlen + 1);
157 strncpy ( remainder, newDN, rlen );
158 remainder[rlen] = '\0';
160 Debug( LDAP_DEBUG_TRACE,
164 if ((newE = derefAlias (be, conn, op, e)) == NULL) {
167 break; /* no associated entry, dont deref */
171 Debug( LDAP_DEBUG_TRACE,
172 "<= l&g we have %s vs %s \n",
173 matched, newE->e_dn, 0 );
175 if (!strcasecmp (matched, newE->e_dn)) {
176 /* newDN same as old so not an alias, no need to go further */
183 * we have dereferenced the aliased part so put
184 * the new dn together
189 newDN = ch_malloc (strlen(e->e_dn) + rlen + 1);
190 strcpy (newDN, remainder);
191 strcat (newDN, e->e_dn);
192 Debug( LDAP_DEBUG_TRACE, "<= expanded to %s\n", newDN, 0, 0 );
196 break; /* there was no entry for the matched part */
200 break; /* there was no matched part */
204 /* free reader lock */
205 cache_return_entry_r( &li->li_cache, e );
211 /* free reader lock */
212 cache_return_entry_r( &li->li_cache, e );
217 * the final part of the DN might be an alias
218 * so try to dereference it.
221 if ( (e = dn2entry_r( be, newDN, &matched )) != NULL) {
222 if ((e = derefAlias (be, conn, op, e)) != NULL) {
224 newDN = strdup (e->e_dn);
229 * warn if we exceeded the max depth as the resulting DN may not be dereferenced
231 if (depth >= be->be_maxDerefDepth) {
232 Debug( LDAP_DEBUG_TRACE,
233 "<= max deref depth exceeded in derefDN for %s, result %s\n",
235 send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, "",
236 "Maximum alias dereference depth exceeded for base" );
239 Debug( LDAP_DEBUG_TRACE, "<= returning deref DN of %s\n", newDN, 0, 0 );