#define get_continuationBehavior(op) ((op)->o_chaining & SLAP_CH_CONTINUATION_MASK)
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+#define LDAP_CH_NONE ((void *)(0))
+#define LDAP_CH_RES ((void *)(1))
+#define LDAP_CH_ERR ((void *)(2))
+
static int sc_chainingBehavior;
static BackendInfo *lback;
{
assert( op->o_tag == LDAP_REQ_SEARCH );
+ /* if in error, don't proceed any further */
+ if ( op->o_callback->sc_private == LDAP_CH_ERR ) {
+ return 0;
+ }
+
if ( rs->sr_type == REP_SEARCH ) {
Attribute **ap = &rs->sr_entry->e_attrs;
return SLAP_CB_CONTINUE;
+ } else if ( rs->sr_type == REP_SEARCHREF ) {
+ /* if we get it here, it means the library was unable
+ * to chase the referral... */
+
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
+ if ( get_chaining( op ) > SLAP_CONTROL_IGNORED ) {
+ switch ( get_continuationBehavior( op ) ) {
+ case SLAP_CH_RESOLVE_CHAINING_REQUIRED:
+ op->o_callback->sc_private = LDAP_CH_ERR;
+ return -1;
+
+ default:
+ break;
+ }
+ }
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ return SLAP_CB_CONTINUE;
+
} else if ( rs->sr_type == REP_RESULT ) {
/* back-ldap tried to send result */
- op->o_callback->sc_private = (void *)(1);
+ op->o_callback->sc_private = LDAP_CH_RES;
}
return 0;
static int
ldap_chain_cb_response( Operation *op, SlapReply *rs )
{
+ /* if in error, don't proceed any further */
+ if ( op->o_callback->sc_private == LDAP_CH_ERR ) {
+ return 0;
+ }
+
if ( rs->sr_type == REP_RESULT ) {
- op->o_callback->sc_private = (void *)(1);
+ op->o_callback->sc_private = LDAP_CH_RES;
} else if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_SEARCH )
{
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldapinfo li, *lip = (struct ldapinfo *)on->on_bi.bi_private;
- int rc;
+
+ /* NOTE: returned if ref is empty... */
+ int rc = LDAP_OTHER;
if ( lip->url != NULL ) {
op->o_bd->be_private = on->on_bi.bi_private;
char textbuf[ SLAP_TEXT_BUFLEN ];
size_t textlen = sizeof( textbuf );
+#if 0
+ /* FIXME: op->o_bd is still set to the BackendDB
+ * structure of the database that tried to handle
+ * the operation and actually returned a referral
+ * ... */
+ assert( SLAP_DBFLAGS( op->o_bd ) & SLAP_DBFLAG_GLOBAL_OVERLAY );
+#endif
+
/* global overlay: create entry */
/* NOTE: this is a hack to use the chain overlay
* as global. I expect to be able to remove this
if ( rc == LDAP_SUCCESS && rs->sr_err == LDAP_SUCCESS ) {
break;
}
+
+ rc = rs->sr_err;
}
op->o_req_dn = odn;
}
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
- if ( rc != LDAP_SUCCESS ) {
+ if ( rc != LDAP_SUCCESS || sc2.sc_private == LDAP_CH_ERR ) {
+ if ( rs->sr_err == LDAP_CANNOT_CHAIN ) {
+ goto cannot_chain;
+ }
+
switch ( ( get_chainingBehavior( op ) & chain_mask ) >> chain_shift ) {
case LDAP_CHAINING_REQUIRED:
+cannot_chain:;
op->o_callback = NULL;
send_ldap_error( op, rs, LDAP_CANNOT_CHAIN, "operation cannot be completed without chaining" );
break;
}
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
- if ( sc2.sc_private == NULL ) {
+ if ( sc2.sc_private == LDAP_CH_NONE ) {
op->o_callback = NULL;
rc = rs->sr_err = slap_map_api2result( rs );
send_ldap_result( op, rs );
int rc;
be->be_private = on->on_bi.bi_private;
- if ( strncasecmp( argv[ 0 ], "chain-", sizeof( "chain-" ) - 1 ) == 0 ) {
+ if ( strncasecmp( argv[ 0 ], "chain-", STRLENOF( "chain-" ) ) == 0 ) {
argv0 = argv[ 0 ];
- argv[ 0 ] = &argv[ 0 ][ sizeof( "chain-" ) - 1 ];
+ argv[ 0 ] = &argv[ 0 ][ STRLENOF( "chain-" ) ];
}
rc = lback->bi_db_config( be, fname, lineno, argc, argv );
if ( argv0 ) {
return rc;
}
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
+static int
+ldap_chain_db_open(
+ BackendDB *be
+)
+{
+ return overlay_register_control( be, LDAP_CONTROL_X_CHAINING_BEHAVIOR );
+}
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+
static int
ldap_chain_db_destroy(
BackendDB *be
return rc;
}
+static int
+ldap_chain_connection_destroy(
+ BackendDB *be,
+ Connection *conn
+)
+{
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ void *private = be->be_private;
+ int rc;
+
+ be->be_private = on->on_bi.bi_private;
+ rc = lback->bi_connection_destroy( be, conn );
+ on->on_bi.bi_private = be->be_private;
+ be->be_private = private;
+ return rc;
+}
+
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
static int
ldap_chain_parse_ctrl(
int rc;
rc = register_supported_control( LDAP_CONTROL_X_CHAINING_BEHAVIOR,
- SLAP_CTRL_ACCESS, NULL,
+ /* SLAP_CTRL_GLOBAL| */ SLAP_CTRL_ACCESS|SLAP_CTRL_HIDE, NULL,
ldap_chain_parse_ctrl, &sc_chainingBehavior );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "Failed to register chaining behavior control: %d\n", rc );
ldapchain.on_bi.bi_type = "chain";
ldapchain.on_bi.bi_db_init = ldap_chain_db_init;
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
+ ldapchain.on_bi.bi_db_open = ldap_chain_db_open;
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
ldapchain.on_bi.bi_db_config = ldap_chain_db_config;
ldapchain.on_bi.bi_db_destroy = ldap_chain_db_destroy;
-
+
/* ... otherwise the underlying backend's function would be called,
* likely passing an invalid entry; on the contrary, the requested
* operational attributes should have been returned while chasing
* the referrals. This all in all is a bit messy, because part
- * of the operational attributes are generated by they backend;
+ * of the operational attributes are generated by the backend;
* part by the frontend; back-ldap should receive all the available
- * ones from the remote server, but then, on it own, it strips those
+ * ones from the remote server, but then, on its own, it strips those
* it assumes will be (re)generated by the frontend (e.g.
* subschemaSubentry.) */
ldapchain.on_bi.bi_operational = ldap_chain_operational;
+ ldapchain.on_bi.bi_connection_destroy = ldap_chain_connection_destroy;
+
ldapchain.on_response = ldap_chain_response;
return overlay_register( &ldapchain );