/* result.c - routines to send ldap results, errors, and referrals */
/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
#include "portable.h"
#include "slap.h"
-/* we need LBER internals */
-#include "../../libraries/liblber/lber-int.h"
-
static char *v2ref( struct berval **ref, const char *text )
{
size_t len = 0, i = 0;
struct berval **refs;
unsigned i, j;
- attr = attr_find( e->e_attrs, "ref" );
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *ad_ref = slap_schema.si_ad_ref;
+#else
+ static const char *ad_ref = "ref";
+#endif
+
+ attr = attr_find( e->e_attrs, ad_ref );
if( attr == NULL ) return NULL;
if( i < 1 ) return NULL;
- refs = ch_malloc( i + 1 );
+ refs = ch_malloc( (i + 1) * sizeof(struct berval *));
for( i=0, j=0; attr->a_vals[i] != NULL; i++ ) {
unsigned k;
/* write the pdu */
while( 1 ) {
int err;
+ ber_socket_t sd;
if ( connection_state_closing( conn ) ) {
ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
*/
Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno=%d reason=\"%s\"\n",
- err, STRERROR(err), 0 );
+ err, sock_errstr(err), 0 );
if ( err != EWOULDBLOCK && err != EAGAIN ) {
connection_closing( conn );
/* wait for socket to be write-ready */
conn->c_writewaiter = 1;
- slapd_set_write( ber_pvt_sb_get_desc( conn->c_sb ), 1 );
+ ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_GET_FD, &sd );
+ slapd_set_write( sd, 1 );
ldap_pvt_thread_cond_wait( &conn->c_write_cv, &conn->c_mutex );
conn->c_writewaiter = 0;
Debug( LDAP_DEBUG_TRACE, "send_ldap_response: msgid=%ld tag=%ld err=%ld\n",
(long) msgid, (long) tag, (long) err );
+ if( ref ) {
+ Debug( LDAP_DEBUG_ARGS, "send_ldap_response: ref=%s\n",
+ ref[0] && ref[0]->bv_val ? ref[0]->bv_val : "NULL",
+ NULL, NULL );
+ }
if ( ber == NULL ) {
Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 );
matched == NULL ? "" : matched,
text == NULL ? "" : text );
- if( rc != -1 && ref != NULL ) {
- rc = ber_printf( ber, "{V}", ref );
+ if( rc != -1 ) {
+ if ( ref != NULL ) {
+ assert( err == LDAP_REFERRAL );
+ rc = ber_printf( ber, "t{V}",
+ LDAP_TAG_REFERRAL, ref );
+ } else {
+ assert( err != LDAP_REFERRAL );
+ }
}
if( rc != -1 && sasldata != NULL ) {
#ifdef LDAP_CONNECTIONLESS
if ( op->o_cldap ) {
- ber_pvt_sb_udp_set_dst( conn->c_sb, &op->o_clientaddr );
+ ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_UDP_SET_DST,
+ (void *)&op->o_clientaddr );
Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n",
inet_ntoa(((struct sockaddr_in *)
&op->o_clientaddr)->sin_addr ),
(long) op->o_connid, (long) op->o_opid, op->o_protocol );
Debug( LDAP_DEBUG_ARGS, "send_ldap_result: %d:%s:%s\n",
err, matched ? matched : "", text ? text : "" );
+ if( ref ) {
+ Debug( LDAP_DEBUG_ARGS, "send_ldap_result: referral: %s\n",
+ ref[0] && ref[0]->bv_val ? ref[0]->bv_val : "NULL",
+ NULL, NULL );
+ }
assert( err != LDAP_PARTIAL_RESULTS );
#ifdef LDAP_CONNECTIONLESS
if ( op->o_cldap ) {
- ber_pvt_sb_udp_set_dst( conn->c_sb, &op->o_clientaddr );
+ ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_UDP_SET_DST,
+ (void *)&op->o_clientaddr );
Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n",
inet_ntoa(((struct sockaddr_in *)
&op->o_clientaddr)->sin_addr ),
ber_int_t err,
const char *matched,
const char *text,
+ struct berval **ref,
LDAPControl **ctrls,
struct berval *cred
)
#ifdef LDAP_CONNECTIONLESS
if ( op->o_cldap ) {
- ber_pvt_sb_udp_set_dst( conn->c_sb, &op->o_clientaddr );
+ ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_UDP_SET_DST,
+ (void *)&op->o_clientaddr );
Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n",
inet_ntoa(((struct sockaddr_in *)
&op->o_clientaddr)->sin_addr ),
#endif
send_ldap_response( conn, op, tag, msgid,
- err, matched, text, NULL,
+ err, matched, text, ref,
NULL, NULL, cred, ctrls );
}
ber_int_t err,
const char *matched,
const char *text,
- char *rspoid,
+ struct berval **refs,
+ const char *rspoid,
struct berval *rspdata,
LDAPControl **ctrls
)
#ifdef LDAP_CONNECTIONLESS
if ( op->o_cldap ) {
- ber_pvt_sb_udp_set_dst( conn->c_sb, &op->o_clientaddr );
+ ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_UDP_SET_DST,
+ (void *)&op->o_clientaddr );
Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n",
inet_ntoa(((struct sockaddr_in *)
&op->o_clientaddr)->sin_addr ),
#endif
send_ldap_response( conn, op, tag, msgid,
- err, matched, text, NULL,
+ err, matched, text, refs,
rspoid, rspdata, NULL, ctrls );
}
#ifdef LDAP_CONNECTIONLESS
if ( op->o_cldap ) {
- ber_pvt_sb_udp_set_dst( conn->c_sb, &op->o_clientaddr );
+ ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_UDP_SET_DST,
+ (void *)&op->o_clientaddr );
Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n",
inet_ntoa(((struct sockaddr_in *)
&op->o_clientaddr)->sin_addr ),
)
{
BerElement *ber;
- Attribute *a;
+ Attribute *a, *aa;
int i, rc=-1, bytes;
char *edn;
int userattrs;
int opattrs;
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *ad_entry = slap_schema.si_ad_entry;
+#else
+ static const char *ad_entry = "entry";
+#endif
+
Debug( LDAP_DEBUG_TRACE, "=> send_search_entry: \"%s\"\n", e->e_dn, 0, 0 );
if ( ! access_allowed( be, conn, op, e,
- "entry", NULL, ACL_READ ) )
+ ad_entry, NULL, ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL, "acl: access to entry not allowed\n",
0, 0, 0 );
if ( ber == NULL ) {
Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "allocating BER error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "BER allocation error", NULL, NULL );
goto error_return;
}
- rc = ber_printf( ber, "{it{s{", op->o_msgid,
+ rc = ber_printf( ber, "{it{s{" /*}}}*/, op->o_msgid,
LDAP_RES_SEARCH_ENTRY, e->e_dn );
if ( rc == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding dn error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding DN error", NULL, NULL );
goto error_return;
}
: charray_inlist( attrs, LDAP_ALL_OPERATIONAL_ATTRIBUTES );
for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *desc = a->a_desc;
+ char *type = desc->ad_cname->bv_val;
+#else
+ char *desc = a->a_type;
+ char *type = a->a_type;
+#endif
+
if ( attrs == NULL ) {
/* all addrs request, skip operational attributes */
- if( !opattrs && oc_check_operational_attr( a->a_type ) ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if( is_at_operational( desc->ad_type ) )
+#else
+ if( oc_check_op_attr( desc ) )
+#endif
+ {
continue;
}
} else {
/* specific addrs requested */
- if ( oc_check_operational_attr( a->a_type ) ) {
- if( !opattrs && !charray_inlist( attrs, a->a_type ) )
- {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if ( is_at_operational( desc->ad_type ) )
+#else
+ if ( oc_check_op_attr( desc ) )
+#endif
+ {
+ if( !opattrs && !ad_inlist( desc, attrs ) ) {
continue;
}
} else {
- if (!userattrs && !charray_inlist( attrs, a->a_type ) )
- {
+ if (!userattrs && !ad_inlist( desc, attrs ) ) {
continue;
}
}
}
- if ( ! access_allowed( be, conn, op, e,
- a->a_type, NULL, ACL_READ ) )
- {
+ if ( ! access_allowed( be, conn, op, e, desc, NULL, ACL_READ ) ) {
Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s not allowed\n",
- a->a_type, 0, 0 );
+ desc, 0, 0 );
continue;
}
- if (( rc = ber_printf( ber, "{s[" /*]}*/ , a->a_type )) == -1 ) {
+ if (( rc = ber_printf( ber, "{s[" /*]}*/ , type )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding type error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding description error", NULL, NULL );
goto error_return;
}
if ( ! attrsonly ) {
for ( i = 0; a->a_vals[i] != NULL; i++ ) {
if ( ! access_allowed( be, conn, op, e,
- a->a_type, a->a_vals[i], ACL_READ ) )
+ desc, a->a_vals[i], ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"acl: access to attribute %s, value %d not allowed\n",
- a->a_type, i, 0 );
+ desc, i, 0 );
continue;
}
Debug( LDAP_DEBUG_ANY,
"ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding value error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding values error", NULL, NULL );
goto error_return;
}
}
if (( rc = ber_printf( ber, /*{[*/ "]}" )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode end error", NULL, NULL );
goto error_return;
}
}
-#ifdef SLAPD_SCHEMA_DN
/* eventually will loop through generated operational attributes */
/* only have subschemaSubentry implemented */
- a = backend_subschemasubentry( be );
+ aa = backend_operational( be, e );
- do {
+ for (a = aa ; a == NULL; a = a->a_next ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *desc = a->a_desc;
+#else
+ char *desc = a->a_type;
+#endif
+
if ( attrs == NULL ) {
/* all addrs request, skip operational attributes */
- if( !opattrs && oc_check_operational_attr( a->a_type ) ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if( is_at_operational( desc->ad_type ) )
+#else
+ if( oc_check_op_attr( desc ) )
+#endif
+ {
continue;
}
} else {
/* specific addrs requested */
- if ( oc_check_operational_attr( a->a_type ) ) {
- if( !opattrs && !charray_inlist( attrs, a->a_type ) )
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if( is_at_operational( desc->ad_type ) )
+#else
+ if( oc_check_op_attr( desc ) )
+#endif
+ {
+ if( !opattrs && !ad_inlist( desc, attrs ) )
{
continue;
}
} else {
- if (!userattrs && !charray_inlist( attrs, a->a_type ) )
+ if (!userattrs && !ad_inlist( desc, attrs ) )
{
continue;
}
}
}
- if ( ! access_allowed( be, conn, op, e,
- a->a_type, NULL, ACL_READ ) )
- {
+ if ( ! access_allowed( be, conn, op, e, desc, NULL, ACL_READ ) ) {
Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s not allowed\n",
- a->a_type, 0, 0 );
+ desc, 0, 0 );
continue;
}
- if (( rc = ber_printf( ber, "{s[" /*]}*/ , a->a_type )) == -1 ) {
+ if (( rc = ber_printf( ber, "{s[" /*]}*/ , desc )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding type error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding description error", NULL, NULL );
goto error_return;
}
if ( ! attrsonly ) {
for ( i = 0; a->a_vals[i] != NULL; i++ ) {
if ( ! access_allowed( be, conn, op, e,
- a->a_type, a->a_vals[i], ACL_READ ) )
+ desc, a->a_vals[i], ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"acl: access to attribute %s, value %d not allowed\n",
- a->a_type, i, 0 );
+ desc, i, 0 );
continue;
}
Debug( LDAP_DEBUG_ANY,
"ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding value error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding values error", NULL, NULL );
goto error_return;
}
}
if (( rc = ber_printf( ber, /*{[*/ "]}" )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode end error", NULL, NULL );
goto error_return;
}
- } while (0);
-#endif
+ }
+
+ attrs_free( aa );
rc = ber_printf( ber, /*{{{*/ "}}}" );
if ( rc == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode entry end error", NULL, NULL );
return( 1 );
}
int rc;
int bytes;
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *ad_ref = slap_schema.si_ad_ref;
+ AttributeDescription *ad_entry = slap_schema.si_ad_entry;
+#else
+ static const char *ad_ref = "ref";
+ static const char *ad_entry = "entry";
+#endif
+
Debug( LDAP_DEBUG_TRACE, "=> send_search_reference (%s)\n", e->e_dn, 0, 0 );
if ( ! access_allowed( be, conn, op, e,
- "entry", NULL, ACL_READ ) )
+ ad_entry, NULL, ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"send_search_reference: access to entry not allowed\n",
}
if ( ! access_allowed( be, conn, op, e,
- "ref", NULL, ACL_READ ) )
+ ad_ref, NULL, ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"send_search_reference: access to reference not allowed\n",
if ( ber == NULL ) {
Debug( LDAP_DEBUG_ANY,
"send_search_reference: ber_alloc failed\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "alloc BER error", NULL, NULL );
return -1;
}
Debug( LDAP_DEBUG_ANY,
"send_search_reference: ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encode dn error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encode DN error", NULL, NULL );
return -1;
}