/* result.c - routines to send ldap results, errors, and referrals */
/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
#include "portable.h"
v2 = ch_realloc( v2, len + ref[i]->bv_len + 1 );
v2[len-1] = '\n';
memcpy(&v2[len], ref[i]->bv_val, ref[i]->bv_len );
- len += ref[i]->bv_len + 1;
+ len += ref[i]->bv_len;
+ if (ref[i]->bv_val[ref[i]->bv_len-1] != '/')
+ ++len;
}
v2[len-1] = '\0';
struct berval **refs;
unsigned i, j;
- attr = attr_find( e->e_attrs, "ref" );
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *ad_ref = slap_schema.si_ad_ref;
+#else
+ static const char *ad_ref = "ref";
+#endif
+
+ attr = attr_find( e->e_attrs, ad_ref );
if( attr == NULL ) return NULL;
if( i < 1 ) return NULL;
- refs = ch_malloc( i + 1 );
+ refs = ch_malloc( (i + 1) * sizeof(struct berval *));
for( i=0, j=0; attr->a_vals[i] != NULL; i++ ) {
unsigned k;
*/
Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno=%d reason=\"%s\"\n",
- err, STRERROR(err), 0 );
+ err, sock_errstr(err), 0 );
if ( err != EWOULDBLOCK && err != EAGAIN ) {
connection_closing( conn );
const char *text,
struct berval **ref,
const char *resoid,
- struct berval *data,
+ struct berval *resdata,
+ struct berval *sasldata,
LDAPControl **ctrls
)
{
Debug( LDAP_DEBUG_TRACE, "send_ldap_response: msgid=%ld tag=%ld err=%ld\n",
(long) msgid, (long) tag, (long) err );
+ if( ref ) {
+ Debug( LDAP_DEBUG_ARGS, "send_ldap_response: ref=%s\n",
+ ref[0] && ref[0]->bv_val ? ref[0]->bv_val : "NULL",
+ NULL, NULL );
+ }
if ( ber == NULL ) {
Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 );
matched == NULL ? "" : matched,
text == NULL ? "" : text );
- if( rc != -1 && ref != NULL ) {
- rc = ber_printf( ber, "{V}", ref );
+ if( rc != -1 ) {
+ if ( ref != NULL ) {
+ assert( err == LDAP_REFERRAL );
+ rc = ber_printf( ber, "t{V}",
+ LDAP_TAG_REFERRAL, ref );
+ } else {
+ assert( err != LDAP_REFERRAL );
+ }
+ }
+
+ if( rc != -1 && sasldata != NULL ) {
+ rc = ber_printf( ber, "tO",
+ LDAP_TAG_SASL_RES_CREDS, sasldata );
}
if( rc != -1 && resoid != NULL ) {
- rc = ber_printf( ber, "s", resoid );
+ rc = ber_printf( ber, "ts",
+ LDAP_TAG_EXOP_RES_OID, resoid );
}
- if( rc != -1 && data != NULL ) {
- rc = ber_printf( ber, "O", data );
+ if( rc != -1 && resdata != NULL ) {
+ rc = ber_printf( ber, "tO",
+ LDAP_TAG_EXOP_RES_VALUE, resdata );
}
if( rc != -1 ) {
0 );
}
#endif
+
send_ldap_response( conn, op, tag, msgid,
err, NULL, text, NULL,
- reqoid, NULL, NULL );
+ reqoid, NULL, NULL, NULL );
Statslog( LDAP_DEBUG_STATS,
"conn=%ld op=%ld DISCONNECT err=%ld tag=%lu text=%s\n",
(long) op->o_connid, (long) op->o_opid, op->o_protocol );
Debug( LDAP_DEBUG_ARGS, "send_ldap_result: %d:%s:%s\n",
err, matched ? matched : "", text ? text : "" );
+ if( ref ) {
+ Debug( LDAP_DEBUG_ARGS, "send_ldap_result: referral: %s\n",
+ ref[0] && ref[0]->bv_val ? ref[0]->bv_val : "NULL",
+ NULL, NULL );
+ }
assert( err != LDAP_PARTIAL_RESULTS );
send_ldap_response( conn, op, tag, msgid,
err, matched, text, ref,
- NULL, NULL, ctrls );
+ NULL, NULL, NULL, ctrls );
Statslog( LDAP_DEBUG_STATS,
"conn=%ld op=%ld RESULT tag=%lu err=%ld text=%s\n",
ber_int_t err,
const char *matched,
const char *text,
+ struct berval **ref,
+ LDAPControl **ctrls,
struct berval *cred
)
{
#endif
send_ldap_response( conn, op, tag, msgid,
- err, matched, text, NULL,
- NULL, cred, NULL );
+ err, matched, text, ref,
+ NULL, NULL, cred, ctrls );
}
void
ber_int_t err,
const char *matched,
const char *text,
- char *rspoid,
- struct berval *rspdata
+ struct berval **refs,
+ const char *rspoid,
+ struct berval *rspdata,
+ LDAPControl **ctrls
)
{
ber_tag_t tag;
ber_int_t msgid;
Debug( LDAP_DEBUG_TRACE,
- "send_ldap_extended %ld:%s\n",
- (long) err, rspoid ? rspoid : "", NULL );
+ "send_ldap_extended %ld:%s (%ld)\n",
+ (long) err,
+ rspoid ? rspoid : "",
+ rspdata != NULL ? (long) rspdata->bv_len : (long) 0 );
tag = req2res( op->o_tag );
msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0;
0 );
}
#endif
+
send_ldap_response( conn, op, tag, msgid,
- err, matched, text, NULL,
- rspoid, rspdata, NULL );
+ err, matched, text, refs,
+ rspoid, rspdata, NULL, ctrls );
}
send_ldap_response( conn, op, tag, msgid,
err, matched, text, refs,
- NULL, NULL, ctrls );
+ NULL, NULL, NULL, ctrls );
Statslog( LDAP_DEBUG_STATS,
"conn=%ld op=%ld SEARCH RESULT tag=%lu err=%ld text=%s\n",
)
{
BerElement *ber;
- Attribute *a;
+ Attribute *a, *aa;
int i, rc=-1, bytes;
char *edn;
int userattrs;
int opattrs;
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *ad_entry = slap_schema.si_ad_entry;
+#else
+ static const char *ad_entry = "entry";
+#endif
+
Debug( LDAP_DEBUG_TRACE, "=> send_search_entry: \"%s\"\n", e->e_dn, 0, 0 );
if ( ! access_allowed( be, conn, op, e,
- "entry", NULL, ACL_READ ) )
+ ad_entry, NULL, ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL, "acl: access to entry not allowed\n",
0, 0, 0 );
if ( ber == NULL ) {
Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "allocating BER error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "BER allocation error", NULL, NULL );
goto error_return;
}
- rc = ber_printf( ber, "{it{s{", op->o_msgid,
+ rc = ber_printf( ber, "{it{s{" /*}}}*/, op->o_msgid,
LDAP_RES_SEARCH_ENTRY, e->e_dn );
if ( rc == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding dn error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding DN error", NULL, NULL );
goto error_return;
}
: charray_inlist( attrs, LDAP_ALL_OPERATIONAL_ATTRIBUTES );
for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *desc = a->a_desc;
+ char *type = desc->ad_cname->bv_val;
+#else
+ char *desc = a->a_type;
+ char *type = a->a_type;
+#endif
+
if ( attrs == NULL ) {
/* all addrs request, skip operational attributes */
- if( !opattrs && oc_check_operational_attr( a->a_type ) ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if( is_at_operational( desc->ad_type ) )
+#else
+ if( oc_check_op_attr( desc ) )
+#endif
+ {
continue;
}
} else {
/* specific addrs requested */
- if ( oc_check_operational_attr( a->a_type ) ) {
- if( !opattrs && !charray_inlist( attrs, a->a_type ) )
- {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if ( is_at_operational( desc->ad_type ) )
+#else
+ if ( oc_check_op_attr( desc ) )
+#endif
+ {
+ if( !opattrs && !ad_inlist( desc, attrs ) ) {
continue;
}
} else {
- if (!userattrs && !charray_inlist( attrs, a->a_type ) )
- {
+ if (!userattrs && !ad_inlist( desc, attrs ) ) {
continue;
}
}
}
- if ( ! access_allowed( be, conn, op, e,
- a->a_type, NULL, ACL_READ ) )
- {
+ if ( ! access_allowed( be, conn, op, e, desc, NULL, ACL_READ ) ) {
Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s not allowed\n",
- a->a_type, 0, 0 );
+ desc, 0, 0 );
continue;
}
- if (( rc = ber_printf( ber, "{s[" /*]}*/ , a->a_type )) == -1 ) {
+ if (( rc = ber_printf( ber, "{s[" /*]}*/ , type )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding type error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding description error", NULL, NULL );
goto error_return;
}
if ( ! attrsonly ) {
for ( i = 0; a->a_vals[i] != NULL; i++ ) {
if ( ! access_allowed( be, conn, op, e,
- a->a_type, a->a_vals[i], ACL_READ ) )
+ desc, a->a_vals[i], ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"acl: access to attribute %s, value %d not allowed\n",
- a->a_type, i, 0 );
+ desc, i, 0 );
continue;
}
Debug( LDAP_DEBUG_ANY,
"ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding value error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding values error", NULL, NULL );
goto error_return;
}
}
if (( rc = ber_printf( ber, /*{[*/ "]}" )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode end error", NULL, NULL );
goto error_return;
}
}
-#ifdef SLAPD_SCHEMA_DN
/* eventually will loop through generated operational attributes */
/* only have subschemaSubentry implemented */
- a = backend_subschemasubentry( be );
+ aa = backend_operational( be, e );
- do {
+ for (a = aa ; a == NULL; a = a->a_next ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *desc = a->a_desc;
+#else
+ char *desc = a->a_type;
+#endif
+
if ( attrs == NULL ) {
/* all addrs request, skip operational attributes */
- if( !opattrs && oc_check_operational_attr( a->a_type ) ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if( is_at_operational( desc->ad_type ) )
+#else
+ if( oc_check_op_attr( desc ) )
+#endif
+ {
continue;
}
} else {
/* specific addrs requested */
- if ( oc_check_operational_attr( a->a_type ) ) {
- if( !opattrs && !charray_inlist( attrs, a->a_type ) )
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ if( is_at_operational( desc->ad_type ) )
+#else
+ if( oc_check_op_attr( desc ) )
+#endif
+ {
+ if( !opattrs && !ad_inlist( desc, attrs ) )
{
continue;
}
} else {
- if (!userattrs && !charray_inlist( attrs, a->a_type ) )
+ if (!userattrs && !ad_inlist( desc, attrs ) )
{
continue;
}
}
}
- if ( ! access_allowed( be, conn, op, e,
- a->a_type, NULL, ACL_READ ) )
- {
+ if ( ! access_allowed( be, conn, op, e, desc, NULL, ACL_READ ) ) {
Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s not allowed\n",
- a->a_type, 0, 0 );
+ desc, 0, 0 );
continue;
}
- if (( rc = ber_printf( ber, "{s[" /*]}*/ , a->a_type )) == -1 ) {
+ if (( rc = ber_printf( ber, "{s[" /*]}*/ , desc )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding type error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding description error", NULL, NULL );
goto error_return;
}
if ( ! attrsonly ) {
for ( i = 0; a->a_vals[i] != NULL; i++ ) {
if ( ! access_allowed( be, conn, op, e,
- a->a_type, a->a_vals[i], ACL_READ ) )
+ desc, a->a_vals[i], ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"acl: access to attribute %s, value %d not allowed\n",
- a->a_type, i, 0 );
+ desc, i, 0 );
continue;
}
Debug( LDAP_DEBUG_ANY,
"ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encoding value error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encoding values error", NULL, NULL );
goto error_return;
}
}
if (( rc = ber_printf( ber, /*{[*/ "]}" )) == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode end error", NULL, NULL );
goto error_return;
}
- } while (0);
-#endif
+ }
+
+ attrs_free( aa );
rc = ber_printf( ber, /*{{{*/ "}}}" );
if ( rc == -1 ) {
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode entry end error", NULL, NULL );
return( 1 );
}
int rc;
int bytes;
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ AttributeDescription *ad_ref = slap_schema.si_ad_ref;
+ AttributeDescription *ad_entry = slap_schema.si_ad_entry;
+#else
+ static const char *ad_ref = "ref";
+ static const char *ad_entry = "entry";
+#endif
+
Debug( LDAP_DEBUG_TRACE, "=> send_search_reference (%s)\n", e->e_dn, 0, 0 );
if ( ! access_allowed( be, conn, op, e,
- "entry", NULL, ACL_READ ) )
+ ad_entry, NULL, ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"send_search_reference: access to entry not allowed\n",
}
if ( ! access_allowed( be, conn, op, e,
- "ref", NULL, ACL_READ ) )
+ ad_ref, NULL, ACL_READ ) )
{
Debug( LDAP_DEBUG_ACL,
"send_search_reference: access to reference not allowed\n",
if( op->o_protocol < LDAP_VERSION3 ) {
/* save the references for the result */
- if( *refs == NULL ) {
+ if( *refs != NULL ) {
value_add( v2refs, refs );
}
return 0;
if ( ber == NULL ) {
Debug( LDAP_DEBUG_ANY,
"send_search_reference: ber_alloc failed\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+ send_ldap_result( conn, op, LDAP_OTHER,
NULL, "alloc BER error", NULL, NULL );
return -1;
}
Debug( LDAP_DEBUG_ANY,
"send_search_reference: ber_printf failed\n", 0, 0, 0 );
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, "encode dn error", NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "encode DN error", NULL, NULL );
return -1;
}
projects / openldap / blobdiff