/* search.c - monitor backend search function */
-/*
- * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 2001-2011 The OpenLDAP Foundation.
+ * Portions Copyright 2001-2003 Pierangelo Masarati.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
*/
-/*
- * Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
- *
- * This work has beed deveolped for the OpenLDAP Foundation
- * in the hope that it may be useful to the Open Source community,
- * but WITHOUT ANY WARRANTY.
- *
- * Permission is granted to anyone to use this software for any purpose
- * on any computer system, and to alter it and redistribute it, subject
- * to the following restrictions:
- *
- * 1. The author and SysNet s.n.c. are not responsible for the consequences
- * of use of this software, no matter how awful, even if they arise from
- * flaws in it.
- *
- * 2. The origin of this software must not be misrepresented, either by
- * explicit claim or by omission. Since few users ever read sources,
- * credits should appear in the documentation.
- *
- * 3. Altered versions must be plainly marked as such, and must not be
- * misrepresented as being the original software. Since few users
- * ever read sources, credits should appear in the documentation.
- * SysNet s.n.c. cannot be responsible for the consequences of the
- * alterations.
- *
- * 4. This notice may not be removed or altered.
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by Pierangelo Masarati for inclusion
+ * in OpenLDAP Software.
*/
#include "portable.h"
static int
monitor_send_children(
- Backend *be,
- Connection *conn,
- Operation *op,
- Filter *filter,
- AttributeName *attrs,
- int attrsonly,
+ Operation *op,
+ SlapReply *rs,
Entry *e_parent,
- int sub,
- int *nentriesp
-)
+ int sub )
{
- struct monitorinfo *mi = (struct monitorinfo *) be->be_private;
- Entry *e, *e_tmp, *e_ch;
- struct monitorentrypriv *mp;
- int nentries;
- int rc;
-
- mp = ( struct monitorentrypriv * )e_parent->e_private;
- e = mp->mp_children;
+ monitor_info_t *mi = ( monitor_info_t * )op->o_bd->be_private;
+ Entry *e,
+ *e_tmp,
+ *e_ch = NULL,
+ *e_nonvolatile = NULL;
+ monitor_entry_t *mp;
+ int rc,
+ nonvolatile = 0;
+
+ mp = ( monitor_entry_t * )e_parent->e_private;
+ e_nonvolatile = e = mp->mp_children;
- e_ch = NULL;
if ( MONITOR_HAS_VOLATILE_CH( mp ) ) {
- monitor_entry_create( mi, NULL, e_parent, &e_ch );
+ monitor_entry_create( op, rs, NULL, e_parent, &e_ch );
}
monitor_cache_release( mi, e_parent );
if ( e_ch == NULL ) {
/* no persistent entries? return */
if ( e == NULL ) {
- return( 0 );
+ return LDAP_SUCCESS;
}
-
+
/* volatile entries */
} else {
/* if no persistent, return only volatile */
if ( e == NULL ) {
e = e_ch;
- monitor_cache_lock( e_ch );
/* else append persistent to volatile */
} else {
e_tmp = e_ch;
do {
- mp = ( struct monitorentrypriv * )e_tmp->e_private;
+ mp = ( monitor_entry_t * )e_tmp->e_private;
e_tmp = mp->mp_next;
if ( e_tmp == NULL ) {
}
/* return entries */
- for ( nentries = *nentriesp; e != NULL; ) {
- mp = ( struct monitorentrypriv * )e->e_private;
+ for ( monitor_cache_lock( e ); e != NULL; ) {
+ monitor_entry_update( op, rs, e );
+
+ if ( e == e_nonvolatile )
+ nonvolatile = 1;
- monitor_entry_update( mi, e );
-
- rc = test_filter( be, conn, op, e, filter );
+ mp = ( monitor_entry_t * )e->e_private;
+ e_tmp = mp->mp_next;
+
+ if ( op->o_abandon ) {
+ monitor_cache_release( mi, e );
+ rc = SLAPD_ABANDON;
+ goto freeout;
+ }
+
+ rc = test_filter( op, e, op->oq_search.rs_filter );
if ( rc == LDAP_COMPARE_TRUE ) {
- send_search_entry( be, conn, op, e,
- attrs, attrsonly, NULL );
- nentries++;
+ rs->sr_entry = e;
+ rs->sr_flags = 0;
+ rc = send_search_entry( op, rs );
+ rs->sr_entry = NULL;
+ if ( rc ) {
+ monitor_cache_release( mi, e );
+ goto freeout;
+ }
}
- if ( ( mp->mp_children || MONITOR_HAS_VOLATILE_CH( mp ) )
- && sub ) {
- rc = monitor_send_children( be, conn, op, filter,
- attrs, attrsonly,
- e, sub, &nentries );
+ if ( sub ) {
+ rc = monitor_send_children( op, rs, e, sub );
if ( rc ) {
+freeout:
+ /* FIXME: may leak generated children */
+ if ( nonvolatile == 0 ) {
+ for ( ; e_tmp != NULL; ) {
+ mp = ( monitor_entry_t * )e_tmp->e_private;
+ e = e_tmp;
+ e_tmp = mp->mp_next;
+ monitor_cache_lock( mi, e );
+ monitor_cache_release( mi, e );
+
+ if ( e_tmp == e_nonvolatile ) {
+ break;
+ }
+ }
+ }
+
return( rc );
}
}
- e_tmp = mp->mp_next;
if ( e_tmp != NULL ) {
monitor_cache_lock( e_tmp );
}
- monitor_cache_release( mi, e );
+
+ if ( !sub ) {
+ /* otherwise the recursive call already released */
+ monitor_cache_release( mi, e );
+ }
+
e = e_tmp;
}
- return( 0 );
+ return LDAP_SUCCESS;
}
int
-monitor_back_search(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly
-)
+monitor_back_search( Operation *op, SlapReply *rs )
{
- struct monitorinfo *mi = (struct monitorinfo *) be->be_private;
- int rc;
- Entry *e, *matched = NULL;
- int nentries = 0;
+ monitor_info_t *mi = ( monitor_info_t * )op->o_bd->be_private;
+ int rc = LDAP_SUCCESS;
+ Entry *e = NULL, *matched = NULL;
+ slap_mask_t mask;
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_MON, ENTRY,
- "monitor_back_search: enter\n", 0, 0, 0 );
-#else
- Debug(LDAP_DEBUG_TRACE, "=> monitor_back_search\n%s%s%s", "", "", "");
-#endif
+ Debug( LDAP_DEBUG_TRACE, "=> monitor_back_search\n", 0, 0, 0 );
/* get entry with reader lock */
- monitor_cache_dn2entry( mi, nbase, &e, &matched );
+ monitor_cache_dn2entry( op, rs, &op->o_req_ndn, &e, &matched );
if ( e == NULL ) {
- send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT,
- matched ? matched->e_dn : NULL,
- NULL, NULL, NULL );
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ if ( matched ) {
+ if ( !access_allowed_mask( op, matched,
+ slap_schema.si_ad_entry,
+ NULL, ACL_DISCLOSE, NULL, NULL ) )
+ {
+ /* do nothing */ ;
+ } else {
+ rs->sr_matched = matched->e_dn;
+ }
+ }
+
+ send_ldap_result( op, rs );
if ( matched ) {
monitor_cache_release( mi, matched );
+ rs->sr_matched = NULL;
+ }
+
+ return rs->sr_err;
+ }
+
+ /* NOTE: __NEW__ "search" access is required
+ * on searchBase object */
+ if ( !access_allowed_mask( op, e, slap_schema.si_ad_entry,
+ NULL, ACL_SEARCH, NULL, &mask ) )
+ {
+ monitor_cache_release( mi, e );
+
+ if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ } else {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
}
- return( 0 );
+ send_ldap_result( op, rs );
+
+ return rs->sr_err;
}
- nentries = 0;
- switch ( scope ) {
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ switch ( op->oq_search.rs_scope ) {
case LDAP_SCOPE_BASE:
- monitor_entry_update( mi, e );
- rc = test_filter( be, conn, op, e, filter );
- if ( rc == LDAP_COMPARE_TRUE ) {
- send_search_entry( be, conn, op, e, attrs,
- attrsonly, NULL );
- nentries = 1;
+ monitor_entry_update( op, rs, e );
+ rc = test_filter( op, e, op->oq_search.rs_filter );
+ if ( rc == LDAP_COMPARE_TRUE ) {
+ rs->sr_entry = e;
+ rs->sr_flags = 0;
+ send_search_entry( op, rs );
+ rs->sr_entry = NULL;
}
+ rc = LDAP_SUCCESS;
monitor_cache_release( mi, e );
break;
case LDAP_SCOPE_ONELEVEL:
- rc = monitor_send_children( be, conn, op, filter,
- attrs, attrsonly,
- e, 0, &nentries );
- if ( rc ) {
- // error
- }
-
+ case LDAP_SCOPE_SUBORDINATE:
+ rc = monitor_send_children( op, rs, e,
+ op->oq_search.rs_scope == LDAP_SCOPE_SUBORDINATE );
break;
case LDAP_SCOPE_SUBTREE:
- monitor_entry_update( mi, e );
- rc = test_filter( be, conn, op, e, filter );
+ monitor_entry_update( op, rs, e );
+ rc = test_filter( op, e, op->oq_search.rs_filter );
if ( rc == LDAP_COMPARE_TRUE ) {
- send_search_entry( be, conn, op, e, attrs,
- attrsonly, NULL );
- nentries++;
- }
-
- rc = monitor_send_children( be, conn, op, filter,
- attrs, attrsonly,
- e, 1, &nentries );
- if ( rc ) {
- // error
+ rs->sr_entry = e;
+ rs->sr_flags = 0;
+ send_search_entry( op, rs );
+ rs->sr_entry = NULL;
}
+ rc = monitor_send_children( op, rs, e, 1 );
break;
+
+ default:
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ monitor_cache_release( mi, e );
}
-
- send_search_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL, nentries );
- return( 0 );
+ rs->sr_attrs = NULL;
+ rs->sr_err = rc;
+ if ( rs->sr_err != SLAPD_ABANDON ) {
+ send_ldap_result( op, rs );
+ }
+
+ return rs->sr_err;
}
+
projects / openldap / blobdiff