2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2006 The OpenLDAP Foundation.
5 * Portions Copyright 2001-2003 Pierangelo Masarati.
6 * Portions Copyright 1999-2003 Howard Chu.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by the Howard Chu for inclusion
19 * in OpenLDAP Software and subsequently enhanced by Pierangelo
27 #include <ac/string.h>
28 #include <ac/socket.h>
31 #include "../back-ldap/back-ldap.h"
32 #include "back-meta.h"
35 meta_back_compare( Operation *op, SlapReply *rs )
37 metainfo_t *mi = ( metainfo_t * )op->o_bd->be_private;
38 metaconn_t *mc = NULL;
41 struct berval mmatch = BER_BVNULL;
52 SlapReply *candidates = meta_back_candidates_get( op );
54 mc = meta_back_getconn( op, rs, NULL, LDAP_BACK_SENDERR );
55 if ( !mc || !meta_back_dobind( op, rs, mc, LDAP_BACK_SENDERR ) ) {
59 msgid = ch_calloc( sizeof( int ), mi->mi_ntargets );
60 if ( msgid == NULL ) {
61 send_ldap_error( op, rs, LDAP_OTHER, NULL );
67 * start an asynchronous compare for each candidate target
73 for ( i = 0; i < mi->mi_ntargets; i++ ) {
74 struct berval mdn = BER_BVNULL;
75 struct berval mapped_attr = op->orc_ava->aa_desc->ad_cname;
76 struct berval mapped_value = op->orc_ava->aa_value;
77 metatarget_t *mt = mi->mi_targets[ i ];
78 LDAPControl **ctrls = NULL;
80 if ( ! META_IS_CANDIDATE( &candidates[ i ] ) ) {
86 * Rewrite the compare dn, if needed
90 switch ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
91 case LDAP_UNWILLING_TO_PERFORM:
100 * if attr is objectClass, try to remap the value
102 if ( op->orc_ava->aa_desc == slap_schema.si_ad_objectClass ) {
103 ldap_back_map( &mt->mt_rwmap.rwm_oc,
104 &op->orc_ava->aa_value,
105 &mapped_value, BACKLDAP_MAP );
107 if ( BER_BVISNULL( &mapped_value ) || mapped_value.bv_val[0] == '\0' ) {
111 * else try to remap the attribute
114 ldap_back_map( &mt->mt_rwmap.rwm_at,
115 &op->orc_ava->aa_desc->ad_cname,
116 &mapped_attr, BACKLDAP_MAP );
117 if ( BER_BVISNULL( &mapped_attr ) || mapped_attr.bv_val[0] == '\0' ) {
121 if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName )
123 dc.ctx = "compareAttrDN";
125 switch ( ldap_back_dn_massage( &dc, &op->orc_ava->aa_value, &mapped_value ) )
127 case LDAP_UNWILLING_TO_PERFORM:
138 if ( ldap_back_proxy_authz_ctrl( &mc->mc_conns[ i ].msc_bound_ndn,
139 mt->mt_version, &mt->mt_idassert, op, rs, &ctrls ) != LDAP_SUCCESS )
145 * the compare op is spawned across the targets and the first
146 * that returns determines the result; a constraint on unicity
147 * of the result ought to be enforced
149 rc = ldap_compare_ext( mc->mc_conns[ i ].msc_ld, mdn.bv_val,
150 mapped_attr.bv_val, &mapped_value,
151 ctrls, NULL, &msgid[ i ] );
153 (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
155 if ( mdn.bv_val != op->o_req_dn.bv_val ) {
160 if ( mapped_attr.bv_val != op->orc_ava->aa_desc->ad_cname.bv_val ) {
161 free( mapped_attr.bv_val );
162 BER_BVZERO( &mapped_attr );
165 if ( mapped_value.bv_val != op->orc_ava->aa_value.bv_val ) {
166 free( mapped_value.bv_val );
167 BER_BVZERO( &mapped_value );
170 if ( rc != LDAP_SUCCESS ) {
171 /* FIXME: what should we do with the error? */
181 for ( rc = 0, count = 0; ncandidates > 0; ) {
184 * FIXME: should we check for abandon?
186 for ( i = 0; i < mi->mi_ntargets; i++ ) {
187 metasingleconn_t *msc = &mc->mc_conns[ i ];
189 LDAPMessage *res = NULL;
192 LDAP_BACK_TV_SET( &tv );
194 if ( msgid[ i ] == -1 ) {
198 lrc = ldap_result( msc->msc_ld, msgid[ i ],
199 LDAP_MSG_ALL, &tv, &res );
203 assert( res == NULL );
207 /* we do not retry in this case;
208 * only for unique operations... */
209 ldap_get_option( msc->msc_ld,
210 LDAP_OPT_ERROR_NUMBER, &rs->sr_err );
211 rres = slap_map_api2result( rs );
217 /* only touch when activity actually took place... */
218 /* NOTE: no mutex because there's only a loose requirement
219 * to bump it up... */
220 if ( mi->mi_idle_timeout != 0 && msc->msc_time < op->o_time ) {
221 msc->msc_time = op->o_time;
226 if ( lrc == LDAP_RES_COMPARE ) {
233 /* FIXME: matched? referrals? response controls? */
234 rc = ldap_parse_result( msc->msc_ld, res,
236 NULL, NULL, NULL, NULL, 1 );
237 if ( rc != LDAP_SUCCESS ) {
243 switch ( rs->sr_err ) {
244 case LDAP_COMPARE_TRUE:
245 case LDAP_COMPARE_FALSE:
248 * true or false, got it;
249 * sending to cache ...
251 if ( mi->mi_cache.ttl != META_DNCACHE_DISABLED ) {
252 ( void )meta_dncache_update_entry( &mi->mi_cache, &op->o_req_ndn, i );
260 rres = slap_map_api2result( rs );
265 ldap_get_option( msc->msc_ld,
266 LDAP_OPT_ERROR_STRING, &err );
268 if ( match != NULL ) {
271 ldap_get_option( msc->msc_ld,
272 LDAP_OPT_MATCHED_DN, &match );
294 * Rewrite the matched portion of the search base, if required
296 * FIXME: only the last one gets caught!
299 if ( match != NULL ) {
305 * the result of the compare is assigned to the res code
306 * that will be returned
311 * At least one compare failed with matched portion,
312 * and none was successful
314 } else if ( match != NULL && match[ 0 ] != '\0' ) {
315 struct berval matched, pmatched;
317 ber_str2bv( match, 0, 0, &matched );
319 dc.ctx = "matchedDN";
320 ldap_back_dn_massage( &dc, &matched, &mmatch );
321 if ( dnPretty( NULL, &mmatch, &pmatched, NULL ) == LDAP_SUCCESS ) {
322 if ( mmatch.bv_val != match ) {
323 free( mmatch.bv_val );
329 if ( rres != LDAP_SUCCESS ) {
332 rs->sr_matched = mmatch.bv_val;
333 send_ldap_result( op, rs );
334 rs->sr_matched = NULL;
336 if ( match != NULL ) {
337 if ( mmatch.bv_val != match ) {
338 free( mmatch.bv_val );
348 meta_back_release_conn( op, mc );