}
}
- bsi->bsi_abandon = 0;
bsi->bsi_id_list = NULL;
bsi->bsi_id_listtail = &bsi->bsi_id_list;
bsi->bsi_n_candidates = 0;
if ( BACKSQL_IS_GET_ID( flags ) ) {
int matched = BACKSQL_IS_MATCHED( flags );
int getentry = BACKSQL_IS_GET_ENTRY( flags );
+ int gotit = 0;
assert( op->o_bd->be_private );
rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
matched, 1 );
-
+
+ /* the entry is collected either if requested for by getentry
+ * or if get noSuchObject and requested to climb the tree,
+ * so that a matchedDN or a referral can be returned */
if ( ( rc == LDAP_NO_SUCH_OBJECT && matched ) || getentry ) {
if ( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) ) {
assert( bsi->bsi_e != NULL );
-
+
+ if ( dn_match( nbase, &bsi->bsi_base_id.eid_ndn ) )
+ {
+ gotit = 1;
+ }
+
/*
* let's see if it is a referral and, in case, get it
*/
backsql_attrlist_add( bsi, slap_schema.si_ad_ref );
rc = backsql_id2entry( bsi, &bsi->bsi_base_id );
- if ( rc == LDAP_SUCCESS && is_entry_referral( bsi->bsi_e ) )
- {
- BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
- if ( erefs ) {
- rc = rs->sr_err = LDAP_REFERRAL;
- rs->sr_ref = referral_rewrite( erefs,
- &bsi->bsi_e->e_nname,
- &op->o_req_dn,
- scope );
- ber_bvarray_free( erefs );
+ if ( rc == LDAP_SUCCESS ) {
+ if ( is_entry_referral( bsi->bsi_e ) )
+ {
+ BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
+ if ( erefs ) {
+ rc = rs->sr_err = LDAP_REFERRAL;
+ rs->sr_ref = referral_rewrite( erefs,
+ &bsi->bsi_e->e_nname,
+ &op->o_req_dn,
+ scope );
+ ber_bvarray_free( erefs );
+
+ } else {
+ rc = rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "bad referral object";
+ }
- } else {
- rc = rs->sr_err = LDAP_OTHER;
- rs->sr_text = "bad referral object";
+ } else if ( !gotit ) {
+ rc = rs->sr_err = LDAP_NO_SUCH_OBJECT;
}
-
- } else {
- rc = rs->sr_err = getentry ?
- LDAP_SUCCESS : LDAP_NO_SUCH_OBJECT;
}
} else {
backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
backsql_strfcat( &bsi->bsi_flt_where, "lbl",
- (ber_len_t)STRLENOF( "2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
- "2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
+ (ber_len_t)STRLENOF( "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */ ),
+ "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */,
&bsi->bsi_oc->bom_oc->soc_cname,
- (ber_len_t)STRLENOF( /* (' */ "')" ),
- /* (' */ "')" );
+ (ber_len_t)STRLENOF( /* ((' */ "'))" ),
+ /* ((' */ "'))" );
bsi->bsi_status = LDAP_SUCCESS;
rc = 1;
goto done;
&bsi->bsi_oc->bom_oc->soc_cname,
'\'' );
}
-#ifdef BACKSQL_ALIASING_QUOTE
- backsql_strfcat( &bsi->bsi_sel, "lclcl",
- (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
- " " BACKSQL_ALIASING,
- BACKSQL_ALIASING_QUOTE,
- (ber_len_t)STRLENOF( "objectClass" ),
- "objectClass",
- BACKSQL_ALIASING_QUOTE,
- (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
- ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
-#else /* ! BACKSQL_ALIASING_QUOTE */
backsql_strfcat( &bsi->bsi_sel, "l",
- (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
- " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
-#endif /* ! BACKSQL_ALIASING_QUOTE */
+ (ber_len_t)STRLENOF( " " BACKSQL_ALIASING
+ BACKSQL_ALIASING_QUOTE "objectClass" BACKSQL_ALIASING_QUOTE
+ ",ldap_entries.dn " BACKSQL_ALIASING BACKSQL_ALIASING_QUOTE "dn" BACKSQL_ALIASING_QUOTE ),
+ " " BACKSQL_ALIASING
+ BACKSQL_ALIASING_QUOTE "objectClass" BACKSQL_ALIASING_QUOTE
+ ",ldap_entries.dn " BACKSQL_ALIASING BACKSQL_ALIASING_QUOTE "dn" BACKSQL_ALIASING_QUOTE );
backsql_strfcat( &bsi->bsi_from, "lb",
(ber_len_t)STRLENOF( " FROM ldap_entries," ),
Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
BACKSQL_OC_NAME( oc ), 0, 0 );
+ /* check for abandon */
+ if ( op->o_abandon ) {
+ bsi->bsi_status = SLAPD_ABANDON;
+ return BACKSQL_AVL_STOP;
+ }
+
if ( bsi->bsi_n_candidates == -1 ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
"unchecked limit has been overcome\n", 0, 0, 0 );
int sres;
Entry user_entry = { 0 },
base_entry = { 0 };
- int manageDSAit;
+ int manageDSAit = get_manageDSAit( op );
time_t stoptime = 0;
- backsql_srch_info bsi;
+ backsql_srch_info bsi = { 0 };
backsql_entryID *eid = NULL;
- struct berval nbase = BER_BVNULL,
- realndn = BER_BVNULL;
-
- manageDSAit = get_manageDSAit( op );
+ struct berval nbase = BER_BVNULL;
Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
"base=\"%s\", filter=\"%s\", scope=%d,",
/* compute it anyway; root does not use it */
stoptime = op->o_time + op->ors_tlimit;
- realndn = op->o_req_ndn;
- if ( backsql_api_dn2odbc( op, rs, &realndn ) ) {
- Debug( LDAP_DEBUG_TRACE, " backsql_search(\"%s\"): "
- "backsql_api_dn2odbc(\"%s\") failed\n",
- op->o_req_ndn.bv_val, realndn.bv_val, 0 );
- rs->sr_err = LDAP_OTHER;
- rs->sr_text = "SQL-backend error";
- send_ldap_result( op, rs );
- goto done;
- }
-
/* init search */
bsi.bsi_e = &base_entry;
- rs->sr_err = backsql_init_search( &bsi, &realndn,
+ rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
op->ors_scope,
op->ors_slimit, op->ors_tlimit,
stoptime, op->ors_filter,
dbh, op, rs, op->ors_attrs,
( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
- if ( rs->sr_err != LDAP_SUCCESS ) {
+ switch ( rs->sr_err ) {
+ case LDAP_SUCCESS:
+ break;
+
+ case LDAP_REFERRAL:
+ if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
+ dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
+ {
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_text = NULL;
+ rs->sr_matched = NULL;
+ if ( rs->sr_ref ) {
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ }
+ break;
+ }
+ /* fall thru */
+
+ default:
#ifdef SLAP_ACL_HONOR_DISCLOSE
if ( !BER_BVISNULL( &base_entry.e_nname )
&& ! access_allowed( op, &base_entry,
rs->sr_err = LDAP_NO_SUCH_OBJECT;
if ( rs->sr_ref ) {
ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
}
rs->sr_matched = NULL;
rs->sr_text = NULL;
}
#endif /* SLAP_ACL_HONOR_DISCLOSE */
+
send_ldap_result( op, rs );
goto done;
#ifdef SLAP_ACL_HONOR_DISCLOSE
/* NOTE: __NEW__ "search" access is required
* on searchBase object */
- else {
+ {
slap_mask_t mask;
-
- /* FIXME: need the whole entry (ITS#3480) */
+
+ if ( get_assert( op ) &&
+ ( test_filter( op, &base_entry, get_assertion( op ) )
+ != LDAP_COMPARE_TRUE ) )
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+
+ }
if ( ! access_allowed_mask( op, &base_entry,
slap_schema.si_ad_entry,
NULL, ACL_SEARCH, NULL, &mask ) )
{
+ if ( rs->sr_err == LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ }
+ }
+
+ if ( rs->sr_err != LDAP_SUCCESS ) {
if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
rs->sr_err = LDAP_NO_SUCH_OBJECT;
rs->sr_text = NULL;
-
- } else {
- rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
}
send_ldap_result( op, rs );
goto done;
*/
avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
&bsi, BACKSQL_AVL_STOP, AVL_INORDER );
+
+ /* check for abandon */
+ if ( op->o_abandon ) {
+ rs->sr_err = SLAPD_ABANDON;
+ goto send_results;
+ }
}
if ( op->ors_limit != NULL /* isroot == FALSE */
/* check for abandon */
if ( op->o_abandon ) {
- break;
+ rs->sr_err = SLAPD_ABANDON;
+ goto send_results;
}
/* check time limit */
rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
rs->sr_ctrls = NULL;
rs->sr_ref = rs->sr_v2ref;
- rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
- : LDAP_REFERRAL;
- send_ldap_result( op, rs );
- goto end_of_search;
+ goto send_results;
}
#ifdef BACKSQL_ARBITRARY_KEY
&& rs->sr_nentries >= op->ors_slimit )
{
rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- goto end_of_search;
+ goto send_results;
}
}
end_of_search:;
- entry_clean( &base_entry );
-
- /* in case we got here accidentally */
- entry_clean( &user_entry );
-
if ( rs->sr_nentries > 0 ) {
rs->sr_ref = rs->sr_v2ref;
rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
} else {
rs->sr_err = bsi.bsi_status;
}
- send_ldap_result( op, rs );
+
+send_results:;
+ if ( rs->sr_err != SLAPD_ABANDON ) {
+ send_ldap_result( op, rs );
+ }
+
+ entry_clean( &base_entry );
+
+ /* in case we got here accidentally */
+ entry_clean( &user_entry );
if ( rs->sr_v2ref ) {
ber_bvarray_free( rs->sr_v2ref );
#endif /* BACKSQL_SYNCPROV */
done:;
- if ( !BER_BVISNULL( &realndn ) && realndn.bv_val != op->o_req_ndn.bv_val ) {
- ch_free( realndn.bv_val );
- }
-
(void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
if ( bsi.bsi_attrs != NULL ) {
}
Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
- return 0;
+
+ return rs->sr_err;
}
/* return LDAP_SUCCESS IFF we can retrieve the specified entry.
int rw,
Entry **ent )
{
- backsql_srch_info bsi;
+ backsql_srch_info bsi = { 0 };
SQLHDBC dbh = SQL_NULL_HDBC;
int rc;
SlapReply rs = { 0 };
dbh, op, &rs, at ? anlist : NULL,
BACKSQL_ISF_GET_ENTRY );
- (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+ if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
+ (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+ }
if ( rc == LDAP_SUCCESS ) {