X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fback-passwd%2Fsearch.c;h=6a4258ab2c1e8eaabd4d50a110e53e06393e5a02;hb=c8c34cdd43d3603f3b64a56841b4425379c98f45;hp=a6f2c9e49b28d8d857e190cd6a6fe8124f500ace;hpb=9355dca9af07fafc2337bad521ebcf49d6b647c4;p=openldap

diff --git a/servers/slapd/back-passwd/search.c b/servers/slapd/back-passwd/search.c
index a6f2c9e49b..6a4258ab2c 100644
--- a/servers/slapd/back-passwd/search.c
+++ b/servers/slapd/back-passwd/search.c
@@ -1,5 +1,36 @@
 /* search.c - /etc/passwd backend search function */
 /* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2011 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* Portions Copyright (c) 1995 Regents of the University of Michigan.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that this notice is preserved and that due credit is given
+ * to the University of Michigan at Ann Arbor. The name of the University
+ * may not be used to endorse or promote products derived from this
+ * software without specific prior written permission. This software
+ * is provided ``as is'' without express or implied warranty.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was originally developed by the University of Michigan
+ * (as part of U-MICH LDAP).  Additional significant contributors
+ * include:
+ *     Hallvard B. Furuseth
+ *     Howard Chu
+ *     Kurt D. Zeilenga
+ */
 
 #include "portable.h"
 
@@ -14,14 +45,13 @@
 
 #include "slap.h"
 #include "back-passwd.h"
-#include <ldap_pvt.h>
 
 static void pw_start( Backend *be );
 
-static Entry *pw2entry(
-	Backend *be,
-	struct passwd *pw,
-	const char **text);
+static int pw2entry(
+	Backend		*be,
+	struct passwd	*pw,
+	Entry		*ep );
 
 int
 passwd_back_search(
@@ -29,59 +59,51 @@ passwd_back_search(
     SlapReply	*rs )
 {
 	struct passwd	*pw;
-	Entry		*e;
-	char		*s;
-	time_t		stoptime;
+	time_t		stoptime = (time_t)-1;
 
-	LDAPRDN *rdn = NULL;
-	struct berval parent = { 0, NULL };
+	LDAPRDN rdn = NULL;
+	struct berval parent = BER_BVNULL;
 
 	AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass;
 
-	op->oq_search.rs_tlimit = (op->oq_search.rs_tlimit > op->o_bd->be_timelimit || op->oq_search.rs_tlimit < 1) ? op->o_bd->be_timelimit
-	    : op->oq_search.rs_tlimit;
-	stoptime = op->o_time + op->oq_search.rs_tlimit;
-	op->oq_search.rs_slimit = (op->oq_search.rs_slimit > op->o_bd->be_sizelimit || op->oq_search.rs_slimit < 1) ? op->o_bd->be_sizelimit
-	    : op->oq_search.rs_slimit;
+	if ( op->ors_tlimit != SLAP_NO_LIMIT ) {
+		stoptime = op->o_time + op->ors_tlimit;
+	}
 
 	/* Handle a query for the base of this backend */
 	if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
-		struct berval	vals[2];
-
-		vals[1].bv_val = NULL;
+		struct berval	val;
 
 		rs->sr_matched = op->o_req_dn.bv_val;
 
-		if( op->oq_search.rs_scope != LDAP_SCOPE_ONELEVEL ) {
-			AttributeDescription *desc = NULL;
+		if( op->ors_scope != LDAP_SCOPE_ONELEVEL ) {
+			AttributeDescription	*desc = NULL;
+			char			*next;
+			Entry			e = { 0 };
 
 			/* Create an entry corresponding to the base DN */
-			e = (Entry *) ch_calloc(1, sizeof(Entry));
-			e->e_name.bv_val = ch_strdup( op->o_req_dn.bv_val );
-			e->e_name.bv_len = op->o_req_dn.bv_len;
-			e->e_nname.bv_val =  ch_strdup( op->o_req_ndn.bv_val );
-			e->e_nname.bv_len = op->o_req_ndn.bv_len;
-			e->e_attrs = NULL;
-			e->e_private = NULL;
+			e.e_name.bv_val = ch_strdup( op->o_req_dn.bv_val );
+			e.e_name.bv_len = op->o_req_dn.bv_len;
+			e.e_nname.bv_val =  ch_strdup( op->o_req_ndn.bv_val );
+			e.e_nname.bv_len = op->o_req_ndn.bv_len;
 
 			/* Use the first attribute of the DN
 		 	* as an attribute within the entry itself.
 		 	*/
-			if( ldap_bv2rdn( &op->o_req_dn, &rdn, (char **)&rs->sr_text, 
+			if( ldap_bv2rdn( &op->o_req_dn, &rdn, &next, 
 				LDAP_DN_FORMAT_LDAP ) )
 			{
 				rs->sr_err = LDAP_INVALID_DN_SYNTAX;
 				goto done;
 			}
 
-			if( slap_bv2ad( &rdn[0][0]->la_attr, &desc, &rs->sr_text )) {
+			if( slap_bv2ad( &rdn[0]->la_attr, &desc, &rs->sr_text )) {
 				rs->sr_err = LDAP_NO_SUCH_OBJECT;
 				ldap_rdnfree(rdn);
 				goto done;
 			}
 
-			vals[0] = rdn[0][0]->la_value;
-			attr_mergeit( e, desc, vals );
+			attr_merge_normalize_one( &e, desc, &rdn[0]->la_value, NULL );
 
 			ldap_rdnfree(rdn);
 			rdn = NULL;
@@ -93,66 +115,81 @@ passwd_back_search(
 			 *
 			 * should be a configuratable item
 			 */
-			vals[0].bv_val = "organizationalUnit";
-			vals[0].bv_len = sizeof("organizationalUnit")-1;
-			attr_mergeit( e, ad_objectClass, vals );
+			BER_BVSTR( &val, "organizationalUnit" );
+			attr_merge_one( &e, ad_objectClass, &val, NULL );
 	
-			if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) {
-				rs->sr_entry = e;
-				rs->sr_attrs = op->oq_search.rs_attrs;
+			if ( test_filter( op, &e, op->ors_filter ) == LDAP_COMPARE_TRUE ) {
+				rs->sr_entry = &e;
+				rs->sr_attrs = op->ors_attrs;
+				rs->sr_flags = REP_ENTRY_MODIFIABLE;
 				send_search_entry( op, rs );
+				rs->sr_flags = 0;
+				rs->sr_attrs = NULL;
 			}
+
+			entry_clean( &e );
 		}
 
-		if ( op->oq_search.rs_scope != LDAP_SCOPE_BASE ) {
+		if ( op->ors_scope != LDAP_SCOPE_BASE ) {
 			/* check all our "children" */
 
 			ldap_pvt_thread_mutex_lock( &passwd_mutex );
 			pw_start( op->o_bd );
 			for ( pw = getpwent(); pw != NULL; pw = getpwent() ) {
+				Entry		e = { 0 };
+
 				/* check for abandon */
 				if ( op->o_abandon ) {
 					endpwent();
 					ldap_pvt_thread_mutex_unlock( &passwd_mutex );
-					return( -1 );
+					return( SLAPD_ABANDON );
 				}
 
 				/* check time limit */
-				if ( slap_get_time() > stoptime ) {
+				if ( op->ors_tlimit != SLAP_NO_LIMIT
+						&& slap_get_time() > stoptime )
+				{
 					send_ldap_error( op, rs, LDAP_TIMELIMIT_EXCEEDED, NULL );
 					endpwent();
 					ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 					return( 0 );
 				}
 
-				if ( !(e = pw2entry( op->o_bd, pw, &rs->sr_text )) ) {
+				if ( pw2entry( op->o_bd, pw, &e ) ) {
 					rs->sr_err = LDAP_OTHER;
 					endpwent();
 					ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 					goto done;
 				}
 
-				if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) {
+				if ( test_filter( op, &e, op->ors_filter ) == LDAP_COMPARE_TRUE ) {
 					/* check size limit */
-					if ( --op->oq_search.rs_slimit == -1 ) {
+					if ( --op->ors_slimit == -1 ) {
 						send_ldap_error( op, rs, LDAP_SIZELIMIT_EXCEEDED, NULL );
 						endpwent();
 						ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 						return( 0 );
 					}
 
-					rs->sr_entry = e;
-					rs->sr_attrs = op->oq_search.rs_attrs;
+					rs->sr_entry = &e;
+					rs->sr_attrs = op->ors_attrs;
+					rs->sr_flags = REP_ENTRY_MODIFIABLE;
 					send_search_entry( op, rs );
+					rs->sr_flags = 0;
+					rs->sr_entry = NULL;
 				}
 
-				entry_free( e );
+				entry_clean( &e );
 			}
 			endpwent();
 			ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 		}
 
 	} else {
+		char	*next;
+		Entry	e = { 0 };
+		int	rc;
+
 		if (! be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
 			dnParent( &op->o_req_ndn, &parent );
 		}
@@ -172,11 +209,11 @@ passwd_back_search(
 			goto done;
 		}
 
-		if( op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+		if( op->ors_scope == LDAP_SCOPE_ONELEVEL ) {
 			goto done;
 		}
 
-		if ( ldap_bv2rdn( &op->o_req_dn, &rdn, (char **)&rs->sr_text,
+		if ( ldap_bv2rdn( &op->o_req_dn, &rdn, &next,
 			LDAP_DN_FORMAT_LDAP ))
 		{ 
 			rs->sr_err = LDAP_OTHER;
@@ -185,27 +222,32 @@ passwd_back_search(
 
 		ldap_pvt_thread_mutex_lock( &passwd_mutex );
 		pw_start( op->o_bd );
-		if ( (pw = getpwnam( rdn[0][0]->la_value.bv_val )) == NULL ) {
+		pw = getpwnam( rdn[0]->la_value.bv_val );
+		if ( pw == NULL ) {
 			rs->sr_matched = parent.bv_val;
 			rs->sr_err = LDAP_NO_SUCH_OBJECT;
 			ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 			goto done;
 		}
 
-		e = pw2entry( op->o_bd, pw, &rs->sr_text );
+		rc = pw2entry( op->o_bd, pw, &e );
 		ldap_pvt_thread_mutex_unlock( &passwd_mutex );
-		if ( !e ) {
+		if ( rc ) {
 			rs->sr_err = LDAP_OTHER;
 			goto done;
 		}
 
-		if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) {
-			rs->sr_entry = e;
-			rs->sr_attrs = op->oq_search.rs_attrs;
+		if ( test_filter( op, &e, op->ors_filter ) == LDAP_COMPARE_TRUE ) {
+			rs->sr_entry = &e;
+			rs->sr_attrs = op->ors_attrs;
+			rs->sr_flags = REP_ENTRY_MODIFIABLE;
 			send_search_entry( op, rs );
+			rs->sr_flags = 0;
+			rs->sr_entry = NULL;
+			rs->sr_attrs = NULL;
 		}
 
-		entry_free( e );
+		entry_clean( &e );
 	}
 
 done:
@@ -231,30 +273,14 @@ pw_start(
 #endif /* HAVE_SETPWFILE */
 }
 
-static Entry *
-pw2entry( Backend *be, struct passwd *pw, const char **text )
+static int
+pw2entry( Backend *be, struct passwd *pw, Entry *e )
 {
-	size_t pwlen;
-	Entry		*e;
-	struct berval	vals[2];
+	size_t		pwlen;
+	struct berval	val;
 	struct berval	bv;
 
-	int rc;
-
-	AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass;
-	AttributeDescription *ad_cn = NULL;
-	AttributeDescription *ad_sn = NULL;
-	AttributeDescription *ad_uid = NULL;
-	AttributeDescription *ad_description = NULL;
-
-	rc = slap_str2ad( "cn", &ad_cn, text );
-	if(rc != LDAP_SUCCESS) return NULL;
-	rc = slap_str2ad( "sn", &ad_sn, text );
-	if(rc != LDAP_SUCCESS) return NULL;
-	rc = slap_str2ad( "uid", &ad_uid, text );
-	if(rc != LDAP_SUCCESS) return NULL;
-	rc = slap_str2ad( "description", &ad_description, text );
-	if(rc != LDAP_SUCCESS) return NULL;
+	int		rc;
 
 	/*
 	 * from pw we get pw_name and make it cn
@@ -262,47 +288,38 @@ pw2entry( Backend *be, struct passwd *pw, const char **text )
 	 */
 
 	pwlen = strlen( pw->pw_name );
-	vals[0].bv_len = (sizeof("uid=,")-1) + ( pwlen + be->be_suffix[0].bv_len );
-	vals[0].bv_val = ch_malloc( vals[0].bv_len + 1 );
+	val.bv_len = STRLENOF("uid=,") + ( pwlen + be->be_suffix[0].bv_len );
+	val.bv_val = ch_malloc( val.bv_len + 1 );
 
 	/* rdn attribute type should be a configuratable item */
-	sprintf( vals[0].bv_val, "uid=%s,%s",
+	sprintf( val.bv_val, "uid=%s,%s",
 		pw->pw_name, be->be_suffix[0].bv_val );
 
-	rc = dnNormalize2( NULL, vals, &bv );
+	rc = dnNormalize( 0, NULL, NULL, &val, &bv, NULL );
 	if( rc != LDAP_SUCCESS ) {
-		free( vals[0].bv_val );
-		return NULL;
+		free( val.bv_val );
+		return( -1 );
 	}
 
-	e = (Entry *) ch_calloc( 1, sizeof(Entry) );
-	e->e_name = vals[0];
+	e->e_name = val;
 	e->e_nname = bv;
 
 	e->e_attrs = NULL;
 
-	vals[1].bv_val = NULL;
-
 	/* objectclasses should be configurable items */
-	vals[0].bv_val = "top";
-	vals[0].bv_len = sizeof("top")-1;
-	attr_mergeit( e, ad_objectClass, vals );
+	BER_BVSTR( &val, "person" );
+	attr_merge_one( e, slap_schema.si_ad_objectClass, &val, NULL );
 
-	vals[0].bv_val = "person";
-	vals[0].bv_len = sizeof("person")-1;
-	attr_mergeit( e, ad_objectClass, vals );
+	BER_BVSTR( &val, "uidObject" );
+	attr_merge_one( e, slap_schema.si_ad_objectClass, &val, NULL );
 
-	vals[0].bv_val = "uidObject";
-	vals[0].bv_len = sizeof("uidObject")-1;
-	attr_mergeit( e, ad_objectClass, vals );
+	val.bv_val = pw->pw_name;
+	val.bv_len = pwlen;
+	attr_merge_normalize_one( e, slap_schema.si_ad_uid, &val, NULL );	/* required by uidObject */
+	attr_merge_normalize_one( e, slap_schema.si_ad_cn, &val, NULL );	/* required by person */
+	attr_merge_normalize_one( e, ad_sn, &val, NULL );	/* required by person */
 
-	vals[0].bv_val = pw->pw_name;
-	vals[0].bv_len = pwlen;
-	attr_mergeit( e, ad_uid, vals );	/* required by uidObject */
-	attr_mergeit( e, ad_cn, vals );	/* required by person */
-	attr_mergeit( e, ad_sn, vals );	/* required by person */
-
-#ifdef HAVE_PW_GECOS
+#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
 	/*
 	 * if gecos is present, add it as a cn. first process it
 	 * according to standard BSD usage. If the processed cn has
@@ -311,40 +328,38 @@ pw2entry( Backend *be, struct passwd *pw, const char **text )
 	if (pw->pw_gecos[0]) {
 		char *s;
 
-		vals[0].bv_val = pw->pw_gecos;
-		vals[0].bv_len = strlen(vals[0].bv_val);
-		attr_mergeit(e, ad_description, vals);
+		ber_str2bv( pw->pw_gecos, 0, 0, &val );
+		attr_merge_normalize_one( e, ad_desc, &val, NULL );
 
-		s = strchr(vals[0].bv_val, ',');
-		if (s) *s = '\0';
+		s = ber_bvchr( &val, ',' );
+		if ( s ) *s = '\0';
 
-		s = strchr(vals[0].bv_val, '&');
-		if (s) {
+		s = ber_bvchr( &val, '&' );
+		if ( s ) {
 			char buf[1024];
 
-			if( vals[0].bv_len + pwlen < sizeof(buf) ) {
-				int i = s - vals[0].bv_val;
-				strncpy(buf, vals[0].bv_val, i);
-				s = buf+i;
-				strcpy(s, pw->pw_name);
+			if( val.bv_len + pwlen < sizeof(buf) ) {
+				int i = s - val.bv_val;
+				strncpy( buf, val.bv_val, i );
+				s = buf + i;
+				strcpy( s, pw->pw_name );
 				*s = TOUPPER((unsigned char)*s);
-				strcat(s, vals[0].bv_val+i+1);
-				vals[0].bv_val = buf;
+				strcat( s, val.bv_val + i + 1 );
+				val.bv_val = buf;
 			}
 		}
-		vals[0].bv_len = strlen(vals[0].bv_val);
+		val.bv_len = strlen( val.bv_val );
 
-		if ( vals[0].bv_len && strcasecmp( vals[0].bv_val, pw->pw_name )) {
-			attr_mergeit( e, ad_cn, vals );
+		if ( val.bv_len && strcasecmp( val.bv_val, pw->pw_name ) ) {
+			attr_merge_normalize_one( e, slap_schema.si_ad_cn, &val, NULL );
 		}
 
-		if ( (s=strrchr(vals[0].bv_val, ' '))) {
-			vals[0].bv_val = s + 1;
-			vals[0].bv_len = strlen(vals[0].bv_val);
-			attr_mergeit(e, ad_sn, vals);
+		if ( ( s = strrchr(val.bv_val, ' ' ) ) ) {
+			ber_str2bv( s + 1, 0, 0, &val );
+			attr_merge_normalize_one( e, ad_sn, &val, NULL );
 		}
 	}
-#endif
+#endif /* HAVE_STRUCT_PASSWD_PW_GECOS */
 
-	return( e );
+	return( 0 );
 }