+ if (tlimit != -1)
+ ldap_set_option( lc->ld, LDAP_OPT_TIMELIMIT, (void *)&tlimit);
+ if (slimit != -1)
+ ldap_set_option( lc->ld, LDAP_OPT_SIZELIMIT, (void *)&slimit);
+
+ /*
+ * Rewrite the search base, if required
+ */
+#ifdef ENABLE_REWRITE
+ switch ( rewrite_session( li->rwinfo, "searchBase",
+ base->bv_val, conn, &mbase.bv_val ) ) {
+ case REWRITE_REGEXEC_OK:
+ if ( mbase.bv_val == NULL ) {
+ mbase = *base;
+ }
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDAP, DETAIL1,
+ "[rw] searchBase: \"%s\" -> \"%s\"\n",
+ base->bv_val, mbase.bv_val, 0 );
+#else /* !NEW_LOGGING */
+ Debug( LDAP_DEBUG_ARGS, "rw> searchBase: \"%s\" -> \"%s\"\n%s",
+ base->bv_val, mbase.bv_val, "" );
+#endif /* !NEW_LOGGING */
+ break;
+
+ case REWRITE_REGEXEC_UNWILLING:
+ send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
+ NULL, "Operation not allowed", NULL, NULL );
+ rc = -1;
+ goto finish;
+
+ case REWRITE_REGEXEC_ERR:
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "Rewrite error", NULL, NULL );
+ rc = -1;
+ goto finish;
+ }
+
+ /*
+ * Rewrite the search filter, if required
+ */
+ switch ( rewrite_session( li->rwinfo, "searchFilter",
+ filterstr->bv_val, conn, &mfilter.bv_val ) ) {
+ case REWRITE_REGEXEC_OK:
+ if ( mfilter.bv_val == NULL || mfilter.bv_val[0] == '\0') {
+ if ( mfilter.bv_val != NULL ) {
+ free( mfilter.bv_val );
+ }
+ mfilter = *filterstr;
+ } else {
+ mfilter.bv_len = strlen( mfilter.bv_val );
+ }
+
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDAP, DETAIL1,
+ "[rw] searchFilter: \"%s\" -> \"%s\"\n",
+ filterstr->bv_val, mfilter.bv_val, 0 );
+#else /* !NEW_LOGGING */
+ Debug( LDAP_DEBUG_ARGS,
+ "rw> searchFilter: \"%s\" -> \"%s\"\n%s",
+ filterstr->bv_val, mfilter.bv_val, "" );
+#endif /* !NEW_LOGGING */
+ break;
+
+ case REWRITE_REGEXEC_UNWILLING:
+ send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
+ NULL, "Operation not allowed", NULL, NULL );
+ rc = -1;
+ goto finish;
+
+ case REWRITE_REGEXEC_ERR:
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "Rewrite error", NULL, NULL );
+ rc = -1;
+ goto finish;