2 * Copyright 1999 The OpenLDAP Foundation.
5 * Redistribution and use in source and binary forms are permitted only
6 * as authorized by the OpenLDAP Public License. A copy of this
7 * license is available at http://www.OpenLDAP.org/license.html or
8 * in file LICENSE in the top-level directory of the distribution.
13 #include <ac/socket.h>
17 #include "../../libraries/liblber/lber-int.h"
19 char *supportedControls[] = {
32 BerElement *ber = op->o_ber;
33 LDAPControl ***ctrls = &op->o_ctrls;
34 int rc = LDAP_SUCCESS;
37 len = ber_pvt_ber_remaining(ber);
45 if(( tag = ber_peek_tag( ber, &len )) != LDAP_TAG_CONTROLS ) {
46 if( tag == LBER_ERROR ) {
48 errmsg = "unexpected data in PDU";
54 if( op->o_protocol < LDAP_VERSION3 ) {
56 errmsg = "controls require LDAPv3";
60 /* set through each element */
62 *ctrls = ch_malloc( 1 * sizeof(LDAPControl *) );
65 if( *ctrls == NULL ) {
74 for( tag = ber_first_element( ber, &len, &opaque );
76 tag = ber_next_element( ber, &len, opaque ) )
81 tctrl = ch_calloc( 1, sizeof(LDAPControl) );
83 /* allocate pointer space for current controls (nctrls)
84 * + this control + extra NULL
86 tctrls = (tctrl == NULL) ? NULL :
87 ch_realloc(*ctrls, (nctrls+2) * sizeof(LDAPControl *));
90 if( tctrls == NULL ) {
91 /* one of the above allocation failed */
97 ldap_controls_free(*ctrls);
101 errmsg = "no memory";
107 tctrls[nctrls++] = tctrl;
108 tctrls[nctrls] = NULL;
110 tag = ber_scanf( ber, "{a" /*}*/, &tctrl->ldctl_oid );
112 if( tag != LBER_ERROR ) {
113 tag = ber_peek_tag( ber, &len );
116 if( tag == LBER_BOOLEAN ) {
118 tag = ber_scanf( ber, "b", &crit );
119 tctrl->ldctl_iscritical = crit ? (char) 0 : (char) ~0;
122 if( tag != LBER_ERROR ) {
123 tag = ber_peek_tag( ber, &len );
126 if( tag == LBER_OCTETSTRING ) {
127 tag = ber_scanf( ber, "o", &tctrl->ldctl_value );
130 tctrl->ldctl_value.bv_val = NULL;
133 if( tag == LBER_ERROR ) {
135 ldap_controls_free( tctrls );
137 errmsg = "decoding controls error";
141 if( tctrl->ldctl_iscritical &&
142 !charray_inlist( supportedControls, tctrl->ldctl_oid ) )
144 rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
145 errmsg = "critical extension is unavailable ";
153 if( sendres && rc != LDAP_SUCCESS ) {
155 send_ldap_disconnect( conn, op, rc, errmsg );
157 send_ldap_result( conn, op, rc, NULL, errmsg );