1 /* result.c - routines to send ldap results, errors, and referrals */
10 #include <ac/string.h>
12 #include <ac/unistd.h> /* get close() */
16 /* we need LBER internals */
17 #include "../../libraries/liblber/lber-int.h"
36 assert( !LDAP_API_ERROR( err ) );
38 if ( err == LDAP_PARTIAL_RESULTS && (text == NULL || *text == '\0') )
39 err = LDAP_NO_SUCH_OBJECT;
42 msgid = 0; /* unsolicited */
43 if ( op->o_protocol > LDAP_VERSION3 ) {
44 tag = LDAP_RES_EXTENDED;
47 #define LDAP_UNSOLICITED_ERROR(e) \
48 ( (e) == LDAP_PROTOCOL_ERROR \
49 || (e) == LDAP_STRONG_AUTH_REQUIRED \
50 || (e) == LDAP_UNAVAILABLE )
52 assert( LDAP_UNSOLICITED_ERROR( err ) );
57 switch ( op->o_tag ) {
58 case LDAP_REQ_ABANDON:
63 assert( LDAP_UNSOLICITED_ERROR( err ) );
67 tag = LDAP_RES_SEARCH_RESULT;
71 tag = LDAP_RES_DELETE;
81 ber = ber_alloc_t( LBER_USE_DER );
84 Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 );
88 #ifdef LDAP_CONNECTIONLESS
90 rc = ber_printf( ber, "{is{t{ess}}}", msgid, "", tag,
91 err, matched ? matched : "", text ? text : "" );
94 if( tag == LDAP_RES_EXTENDED ) {
95 rc = ber_printf( ber, "{it{esss}}",
98 LDAP_NOTICE_DISCONNECT );
101 rc = ber_printf( ber, "{it{ess}}",
103 matched ? matched : "", text ? text : "" );
107 Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
111 /* write only one pdu at a time - wait til it's our turn */
112 ldap_pvt_thread_mutex_lock( &conn->c_write_mutex );
114 /* lock the connection */
115 ldap_pvt_thread_mutex_lock( &conn->c_mutex );
118 bytes = ber_pvt_ber_bytes( ber );
123 if ( connection_state_closing( conn ) ) {
124 ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
125 ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
129 if ( ber_flush( conn->c_sb, ber, 1 ) == 0 ) {
136 * we got an error. if it's ewouldblock, we need to
137 * wait on the socket being writable. otherwise, figure
138 * it's a hard error and return.
141 Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno %d msg (%s)\n",
142 err, err > -1 && err < sys_nerr ? sys_errlist[err]
145 if ( err != EWOULDBLOCK && err != EAGAIN ) {
146 connection_closing( conn );
148 ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
149 ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
153 /* wait for socket to be write-ready */
154 conn->c_writewaiter = 1;
155 slapd_set_write( ber_pvt_sb_get_desc( conn->c_sb ), 1 );
157 ldap_pvt_thread_cond_wait( &conn->c_write_cv, &conn->c_mutex );
158 conn->c_writewaiter = 0;
161 ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
162 ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
164 ldap_pvt_thread_mutex_lock( &num_sent_mutex );
165 num_bytes_sent += bytes;
166 ldap_pvt_thread_mutex_unlock( &num_sent_mutex );
168 Statslog( LDAP_DEBUG_STATS,
169 "conn=%ld op=%ld RESULT err=%ld tag=%lu nentries=%d\n",
170 (long) conn->c_connid, (long) op->o_opid,
171 (long) err, (long) tag, nentries );
185 assert( !LDAP_API_ERROR( err ) );
187 Debug( LDAP_DEBUG_TRACE, "send_ldap_result %d:%s:%s\n",
188 err, matched ? matched : "", text ? text : "" );
190 #ifdef LDAP_CONNECTIONLESS
192 ber_pvt_sb_udp_set_dst( &conn->c_sb, &op->o_clientaddr );
193 Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n",
194 inet_ntoa(((struct sockaddr_in *)
195 &op->o_clientaddr)->sin_addr ),
196 ((struct sockaddr_in *) &op->o_clientaddr)->sin_port,
200 send_ldap_result2( conn, op, 0, err, matched, text, 0 );
204 send_ldap_disconnect(
211 assert( !LDAP_API_ERROR( err ) );
213 Debug( LDAP_DEBUG_TRACE,
214 "send_ldap_disconnect %d:%s\n",
215 err, text ? text : "", NULL );
217 #ifdef LDAP_CONNECTIONLESS
219 ber_pvt_sb_udp_set_dst( &conn->c_sb, &op->o_clientaddr );
220 Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n",
221 inet_ntoa(((struct sockaddr_in *)
222 &op->o_clientaddr)->sin_addr ),
223 ((struct sockaddr_in *) &op->o_clientaddr)->sin_port,
227 send_ldap_result2( conn, op, 0, err, NULL, text, 0 );
231 send_ldap_search_result(
240 Debug( LDAP_DEBUG_TRACE, "send_ldap_search_result %d:%s:%s\n",
241 err, matched ? matched : "", text ? text : "" );
243 send_ldap_result2( conn, op, 0, err, matched, text, nentries );
263 Debug( LDAP_DEBUG_TRACE, "=> send_search_entry (%s)\n", e->e_dn, 0, 0 );
265 #if defined( SLAPD_SCHEMA_DN )
267 /* this could be backend specific */
269 val.bv_val = SLAPD_SCHEMA_DN;
270 val.bv_len = strlen( val.bv_val );
271 attr_merge( e, "subschemaSubentry", vals );
272 ldap_memfree( val.bv_val );
276 if ( ! access_allowed( be, conn, op, e,
277 "entry", NULL, ACL_READ ) )
279 Debug( LDAP_DEBUG_ACL, "acl: access to entry not allowed\n",
286 ber = ber_alloc_t( LBER_USE_DER );
289 Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 );
290 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
295 rc = ber_printf( ber, "{it{s{", op->o_msgid,
296 LDAP_RES_SEARCH_ENTRY, e->e_dn );
299 Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
301 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
306 for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
307 regmatch_t matches[MAXREMATCHES];
309 if ( attrs == NULL ) {
310 /* all addrs request, skip operational attributes */
311 if( !opattrs && oc_check_operational_attr( a->a_type )) {
316 /* specific addrs requested */
317 if ( !charray_inlist( attrs, a->a_type )
318 && !charray_inlist( attrs, LDAP_ALL_USER_ATTRIBUTES ) )
324 acl = acl_get_applicable( be, op, e, a->a_type,
325 MAXREMATCHES, matches );
327 if ( ! acl_access_allowed( acl, be, conn, e,
328 NULL, op, ACL_READ, edn, matches ) )
333 if (( rc = ber_printf( ber, "{s[" /*]}*/ , a->a_type )) == -1 ) {
334 Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
336 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
337 NULL, "ber_printf type" );
342 for ( i = 0; a->a_vals[i] != NULL; i++ ) {
343 if ( a->a_syntax & SYNTAX_DN &&
344 ! acl_access_allowed( acl, be, conn, e, a->a_vals[i], op,
345 ACL_READ, edn, matches) )
350 if (( rc = ber_printf( ber, "O", a->a_vals[i] )) == -1 ) {
351 Debug( LDAP_DEBUG_ANY,
352 "ber_printf failed\n", 0, 0, 0 );
354 send_ldap_result( conn, op,
355 LDAP_OPERATIONS_ERROR, NULL,
356 "ber_printf value" );
362 if (( rc = ber_printf( ber, /*{[*/ "]}" )) == -1 ) {
363 Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
365 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
366 NULL, "ber_printf type end" );
371 rc = ber_printf( ber, /*{{{*/ "}}}" );
374 Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
376 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
377 "ber_printf entry end" );
381 bytes = ber_pvt_ber_bytes( ber );
383 /* write only one pdu at a time - wait til it's our turn */
384 ldap_pvt_thread_mutex_lock( &conn->c_write_mutex );
386 /* lock the connection */
387 ldap_pvt_thread_mutex_lock( &conn->c_mutex );
393 if ( connection_state_closing( conn ) ) {
394 ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
395 ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
399 if ( ber_flush( conn->c_sb, ber, 1 ) == 0 ) {
406 * we got an error. if it's ewouldblock, we need to
407 * wait on the socket being writable. otherwise, figure
408 * it's a hard error and return.
411 Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno %d msg (%s)\n",
412 err, err > -1 && err < sys_nerr ? sys_errlist[err]
415 if ( err != EWOULDBLOCK && err != EAGAIN ) {
416 connection_closing( conn );
418 ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
419 ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
423 /* wait for socket to be write-ready */
424 conn->c_writewaiter = 1;
425 slapd_set_write( ber_pvt_sb_get_desc( conn->c_sb ), 1 );
427 ldap_pvt_thread_cond_wait( &conn->c_write_cv, &conn->c_mutex );
428 conn->c_writewaiter = 0;
431 ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
432 ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
434 ldap_pvt_thread_mutex_lock( &num_sent_mutex );
435 num_bytes_sent += bytes;
437 ldap_pvt_thread_mutex_unlock( &num_sent_mutex );
439 Statslog( LDAP_DEBUG_STATS2, "conn=%ld op=%ld ENTRY dn=\"%s\"\n",
440 (long) conn->c_connid, (long) op->o_opid, e->e_dn, 0, 0 );
442 Debug( LDAP_DEBUG_TRACE, "<= send_search_entry\n", 0, 0, 0 );
461 *code = LDAP_SUCCESS;
465 if ( strncasecmp( s, "RESULT", 6 ) != 0 ) {
466 Debug( LDAP_DEBUG_ANY, "str2result (%s) expecting \"RESULT\"\n",
473 while ( (s = strchr( s, '\n' )) != NULL ) {
478 if ( (c = strchr( s, ':' )) != NULL ) {
482 if ( strncasecmp( s, "code", 4 ) == 0 ) {
486 } else if ( strncasecmp( s, "matched", 7 ) == 0 ) {
490 } else if ( strncasecmp( s, "info", 4 ) == 0 ) {
495 Debug( LDAP_DEBUG_ANY, "str2result (%s) unknown\n",
projects / openldap / blob