/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1999-2005 The OpenLDAP Foundation.
+ * Copyright 1999-2006 The OpenLDAP Foundation.
* Portions Copyright 1999-2003 Howard Chu.
* Portions Copyright 2000-2003 Pierangelo Masarati.
* All rights reserved.
if ( strncmp( ptr, bv_true.bv_val, bv_true.bv_len ) == 0 ) {
oldbv = &bv_true;
- if ( li->li_flags & LDAP_BACK_F_SUPPORT_T_F ) {
+ if ( LDAP_BACK_T_F( li ) ) {
newbv = &bv_t;
} else {
} else if ( strncmp( ptr, bv_false.bv_val, bv_false.bv_len ) == 0 )
{
oldbv = &bv_false;
- if ( li->li_flags & LDAP_BACK_F_SUPPORT_T_F ) {
+ if ( LDAP_BACK_T_F( li ) ) {
newbv = &bv_f;
} else {
Operation *op,
SlapReply *rs )
{
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
+
ldapconn_t *lc;
struct timeval tv;
time_t stoptime = (time_t)-1;
int i;
char **attrs = NULL;
int freetext = 0;
- int do_retry = 1;
+ int do_retry = 1, dont_retry = 0;
LDAPControl **ctrls = NULL;
/* FIXME: shouldn't this be null? */
const char *save_matched = rs->sr_matched;
}
ctrls = op->o_ctrls;
- rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
+ rc = ldap_back_proxy_authz_ctrl( &lc->lc_bound_ndn,
+ li->li_version, &li->li_idassert, op, rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
goto finish;
}
/* deal with <draft-zeilenga-ldap-t-f> filters */
filter = op->ors_filterstr;
retry:
- rs->sr_err = ldap_search_ext( lc->lc_ld, op->o_req_ndn.bv_val,
+ rs->sr_err = ldap_search_ext( lc->lc_ld, op->o_req_dn.bv_val,
op->ors_scope, filter.bv_val,
attrs, op->ors_attrsonly, ctrls, NULL,
tv.tv_sec ? &tv : NULL,
goto retry;
}
}
+
if ( lc == NULL ) {
/* reset by ldap_back_retry ... */
rs->sr_err = slap_map_api2result( rs );
} else {
rc = ldap_back_op_result( lc, op, rs, msgid, 0, LDAP_BACK_DONTSEND );
- ldap_back_freeconn( op, lc, 0 );
- lc = NULL;
}
goto finish;
* but this is necessary for version matching, and for ACL processing.
*/
- for ( rc = 0; rc != -1; rc = ldap_result( lc->lc_ld, msgid, 0, &tv, &res ) )
+ for ( rc = 0; rc != -1; rc = ldap_result( lc->lc_ld, msgid, LDAP_MSG_ONE, &tv, &res ) )
{
/* check for abandon */
if ( op->o_abandon ) {
if ( rc > 0 ) {
ldap_msgfree( res );
}
- ldap_abandon_ext( lc->lc_ld, msgid, NULL, NULL );
+ (void)ldap_back_cancel( lc, op, rs, msgid, LDAP_BACK_DONTSEND );
rc = SLAPD_ABANDON;
goto finish;
}
if ( op->ors_tlimit != SLAP_NO_LIMIT
&& slap_get_time() > stoptime )
{
- ldap_abandon_ext( lc->lc_ld, msgid, NULL, NULL );
+ (void)ldap_back_cancel( lc, op, rs, msgid, LDAP_BACK_DONTSEND );
rc = rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
goto finish;
}
+ continue;
+
+ } else {
+ /* don't retry any more */
+ dont_retry = 1;
+ }
+
- } else if ( rc == LDAP_RES_SEARCH_ENTRY ) {
+ if ( rc == LDAP_RES_SEARCH_ENTRY ) {
Entry ent = { 0 };
struct berval bdn = BER_BVNULL;
- int abort = 0;
do_retry = 0;
rs->sr_attrs = op->ors_attrs;
rs->sr_operational_attrs = NULL;
rs->sr_flags = 0;
- abort = send_search_entry( op, rs );
+ rs->sr_err = LDAP_SUCCESS;
+ rc = rs->sr_err = send_search_entry( op, rs );
if ( !BER_BVISNULL( &ent.e_name ) ) {
assert( ent.e_name.bv_val != bdn.bv_val );
- free( ent.e_name.bv_val );
+ op->o_tmpfree( ent.e_name.bv_val, op->o_tmpmemctx );
BER_BVZERO( &ent.e_name );
}
if ( !BER_BVISNULL( &ent.e_nname ) ) {
- free( ent.e_nname.bv_val );
+ op->o_tmpfree( ent.e_nname.bv_val, op->o_tmpmemctx );
BER_BVZERO( &ent.e_nname );
}
entry_clean( &ent );
}
ldap_msgfree( res );
- if ( abort ) {
- if ( abort == SLAPD_SEND_SIZELIMIT ) {
- rc = rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
+ if ( rc != LDAP_SUCCESS ) {
+ if ( rc == LDAP_UNAVAILABLE ) {
+ rc = rs->sr_err = LDAP_OTHER;
+ } else {
+ (void)ldap_back_cancel( lc, op, rs, msgid, LDAP_BACK_DONTSEND );
}
- ldap_abandon_ext( lc->lc_ld, msgid, NULL, NULL );
goto finish;
}
/* NO OP */ ;
/* FIXME: there MUST be at least one */
- rs->sr_ref = ch_malloc( ( cnt + 1 ) * sizeof( struct berval ) );
+ rs->sr_ref = op->o_tmpalloc( ( cnt + 1 ) * sizeof( struct berval ),
+ op->o_tmpmemctx );
for ( cnt = 0; references[ cnt ]; cnt++ ) {
ber_str2bv( references[ cnt ], 0, 0, &rs->sr_ref[ cnt ] );
/* cleanup */
if ( references ) {
ber_memvfree( (void **)references );
- ch_free( rs->sr_ref );
+ op->o_tmpfree( rs->sr_ref, op->o_tmpmemctx );
rs->sr_ref = NULL;
}
}
} else {
- char **references = NULL;
+ char **references = NULL, *err = NULL;
rc = ldap_parse_result( lc->lc_ld, res, &rs->sr_err,
- &match.bv_val, (char **)&rs->sr_text,
+ &match.bv_val, &err,
&references, &rs->sr_ctrls, 1 );
- freetext = 1;
if ( rc != LDAP_SUCCESS ) {
rs->sr_err = rc;
}
rs->sr_err = slap_map_api2result( rs );
+ if ( err ) {
+ rs->sr_text = err;
+ freetext = 1;
+ }
if ( references && references[ 0 ] && references[ 0 ][ 0 ] ) {
int cnt;
for ( cnt = 0; references[ cnt ]; cnt++ )
/* NO OP */ ;
- rs->sr_ref = ch_malloc( ( cnt + 1 ) * sizeof( struct berval ) );
+ rs->sr_ref = op->o_tmpalloc( ( cnt + 1 ) * sizeof( struct berval ),
+ op->o_tmpmemctx );
for ( cnt = 0; references[ cnt ]; cnt++ ) {
/* duplicating ...*/
}
if ( match.bv_val != NULL ) {
-#ifndef LDAP_NULL_IS_NULL
- if ( match.bv_val[ 0 ] == '\0' ) {
- LDAP_FREE( match.bv_val );
- BER_BVZERO( &match );
- } else
-#endif /* LDAP_NULL_IS_NULL */
- {
- match.bv_len = strlen( match.bv_val );
- }
+ match.bv_len = strlen( match.bv_val );
}
-#ifndef LDAP_NULL_IS_NULL
- if ( rs->sr_text != NULL && rs->sr_text[ 0 ] == '\0' ) {
- LDAP_FREE( (char *)rs->sr_text );
- rs->sr_text = NULL;
- }
-#endif /* LDAP_NULL_IS_NULL */
/* cleanup */
if ( references ) {
}
}
- if ( rc == -1 ) {
+ if ( rc == -1 && dont_retry == 0 ) {
if ( do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_DONTSEND ) ) {
goto retry;
}
}
}
finish:;
- if ( rc != SLAPD_ABANDON ) {
+ if ( LDAP_BACK_QUARANTINE( li ) ) {
+ ldap_back_quarantine( op, rs );
+ }
+
+#if 0
+ /* let send_ldap_result play cleanup handlers (ITS#4645) */
+ if ( rc != SLAPD_ABANDON )
+#endif
+ {
send_ldap_result( op, rs );
}
}
if ( rs->sr_ref ) {
- ber_bvarray_free( rs->sr_ref );
+ ber_bvarray_free_x( rs->sr_ref, op->o_tmpmemctx );
rs->sr_ref = NULL;
}
ObjectClass *oc,
AttributeDescription *at,
int rw,
- Entry **ent
-)
+ Entry **ent )
{
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
+
ldapconn_t *lc;
int rc = 1,
do_not_cache;
struct berval bdn;
LDAPMessage *result = NULL,
*e = NULL;
- char *gattr[3];
+ char *attr[3], **attrp = NULL;
char *filter = NULL;
SlapReply rs;
int do_retry = 1;
LDAPControl **ctrls = NULL;
+ *ent = NULL;
+
/* Tell getconn this is a privileged op */
do_not_cache = op->o_do_not_cache;
op->o_do_not_cache = 1;
op->o_do_not_cache = do_not_cache;
if ( at ) {
+ attrp = attr;
if ( oc && at != slap_schema.si_ad_objectClass ) {
- gattr[0] = slap_schema.si_ad_objectClass->ad_cname.bv_val;
- gattr[1] = at->ad_cname.bv_val;
- gattr[2] = NULL;
+ attr[0] = slap_schema.si_ad_objectClass->ad_cname.bv_val;
+ attr[1] = at->ad_cname.bv_val;
+ attr[2] = NULL;
} else {
- gattr[0] = at->ad_cname.bv_val;
- gattr[1] = NULL;
+ attr[0] = at->ad_cname.bv_val;
+ attr[1] = NULL;
}
}
}
ctrls = op->o_ctrls;
- rc = ldap_back_proxy_authz_ctrl( lc, op, &rs, &ctrls );
+ rc = ldap_back_proxy_authz_ctrl( &lc->lc_bound_ndn,
+ li->li_version, &li->li_idassert, op, &rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
goto cleanup;
}
retry:
rc = ldap_search_ext_s( lc->lc_ld, ndn->bv_val, LDAP_SCOPE_BASE, filter,
- at ? gattr : NULL, 0, ctrls, NULL,
- LDAP_NO_LIMIT, LDAP_NO_LIMIT, &result );
+ attrp, 0, ctrls, NULL,
+ NULL, LDAP_NO_LIMIT, &result );
if ( rc != LDAP_SUCCESS ) {
if ( rc == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
e = ldap_first_entry( lc->lc_ld, result );
if ( e == NULL ) {
+ /* the entry exists, but it doesn't match the filter? */
goto cleanup;
}
*ent = ch_calloc( 1, sizeof( Entry ) );
+ if ( *ent == NULL ) {
+ rc = LDAP_NO_MEMORY;
+ goto cleanup;
+ }
rc = ldap_build_entry( op, e, *ent, &bdn );