X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fsearch.c;h=720992c58b2e14f3792ffae16b837475651bdb78;hb=7c41666c5e92beb301c10b9a71f45834255dcc21;hp=196e82c30489839e62843849f9c801443c5130d0;hpb=743c402265e56c084d7fa4517e1257bc3457daeb;p=openldap diff --git a/servers/slapd/search.c b/servers/slapd/search.c index 196e82c304..720992c58b 100644 --- a/servers/slapd/search.c +++ b/servers/slapd/search.c @@ -1,6 +1,6 @@ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ /* Portions @@ -16,6 +16,7 @@ */ #include "portable.h" +#include "slapi_common.h" #include @@ -23,14 +24,26 @@ #include #include "ldap_pvt.h" +#include "lutil.h" #include "slap.h" +#include "slapi.h" + +#ifdef LDAP_SLAPI +static char **anlist2charray( AttributeName *an ); +static Slapi_PBlock *initSearchPlugin( Backend *be, Connection *conn, Operation *op, + struct berval *base, int scope, int deref, int sizelimit, int timelimit, + Filter *filter, struct berval *fstr, char **attrs, + int attrsonly, int managedsait ); +static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb ); +static int doSearchRewriteFNs( Backend *be, Slapi_PBlock *pb, Filter **filter, struct berval *fstr ); +static int doPostSearchPluginFNs( Backend *be, Slapi_PBlock *pb ); +#endif /* LDAPI_SLAPI */ int do_search( Connection *conn, /* where to send results */ Operation *op /* info about the op to which we're responding */ ) { - int i; ber_int_t scope, deref, attrsonly; ber_int_t sizelimit, timelimit; struct berval base = { 0, NULL }; @@ -38,15 +51,19 @@ do_search( struct berval nbase = { 0, NULL }; struct berval fstr = { 0, NULL }; Filter *filter = NULL; - AttributeName an, *al = NULL, *alast, *anew; + AttributeName *an = NULL; + ber_len_t siz, off, i; Backend *be; int rc; const char *text; int manageDSAit; +#ifdef LDAP_SLAPI + Slapi_PBlock *pb = NULL; + char **attrs = NULL; +#endif #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY, - "do_search: conn %d\n", conn->c_connid )); + LDAP_LOG( OPERATION, ENTRY, "do_search: conn %d\n", conn->c_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_search\n", 0, 0, 0 ); #endif @@ -76,7 +93,7 @@ do_search( */ /* baseObject, scope, derefAliases, sizelimit, timelimit, attrsOnly */ - if ( ber_scanf( op->o_ber, "{oiiiib" /*}*/, + if ( ber_scanf( op->o_ber, "{miiiib" /*}*/, &base, &scope, &deref, &sizelimit, &timelimit, &attrsonly ) == LBER_ERROR ) { @@ -112,9 +129,9 @@ do_search( rc = dnPrettyNormal( NULL, &base, &pbase, &nbase ); if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + LDAP_LOG( OPERATION, ERR, "do_search: conn %d invalid dn (%s)\n", - conn->c_connid, base.bv_val )); + conn->c_connid, base.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_search: invalid dn (%s)\n", base.bv_val, 0, 0 ); @@ -125,116 +142,128 @@ do_search( } #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, - "do_search \"%s\" %d %d %d %d %d\n", base.bv_val, scope, - deref, sizelimit, timelimit, attrsonly )); + LDAP_LOG( OPERATION, ARGS, "SRCH \"%s\" %d %d", + base.bv_val, scope, deref ); + LDAP_LOG( OPERATION, ARGS, " %d %d %d\n", + sizelimit, timelimit, attrsonly); #else - Debug( LDAP_DEBUG_ARGS, "SRCH \"%s\" %d %d", base.bv_val, scope, deref ); - Debug( LDAP_DEBUG_ARGS, " %d %d %d\n", sizelimit, timelimit, - attrsonly); + Debug( LDAP_DEBUG_ARGS, "SRCH \"%s\" %d %d", + base.bv_val, scope, deref ); + Debug( LDAP_DEBUG_ARGS, " %d %d %d\n", + sizelimit, timelimit, attrsonly); #endif /* filter - returns a "normalized" version */ - rc = get_filter( conn, op->o_ber, &filter, &fstr, &text ); + rc = get_filter( conn, op->o_ber, &filter, &text ); if( rc != LDAP_SUCCESS ) { if( rc == SLAPD_DISCONNECT ) { send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, text ); } else { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( conn, op, rc, + NULL, text, NULL, NULL ); } goto return_results; } + filter2bv( filter, &fstr ); #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, - "do_search: conn %d filter: %s\n", conn->c_connid, fstr.bv_val )); + LDAP_LOG( OPERATION, ARGS, + "do_search: conn %d filter: %s\n", + conn->c_connid, fstr.bv_len ? fstr.bv_val : "empty", 0 ); #else - Debug( LDAP_DEBUG_ARGS, " filter: %s\n", fstr.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_ARGS, " filter: %s\n", + fstr.bv_len ? fstr.bv_val : "empty", 0, 0 ); #endif - /* attributes */ - if ( ber_scanf( op->o_ber, "{" /*}*/ ) == LBER_ERROR ) { + siz = sizeof(AttributeName); + off = 0; + if ( ber_scanf( op->o_ber, "{M}}", &an, &siz, off ) == LBER_ERROR ) { send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, "decoding attrs error" ); rc = SLAPD_DISCONNECT; goto return_results; } - while ( ber_scanf( op->o_ber, "o", &an.an_name ) != LBER_ERROR) { - anew = ch_malloc(sizeof(AttributeName)); - anew->an_next = NULL; - anew->an_name = an.an_name; - anew->an_desc = NULL; - slap_bv2ad( &anew->an_name, &anew->an_desc, &text ); - if (!al) { - al = anew; - } else { - alast->an_next = anew; - } - alast = anew; - } - if ( ber_scanf( op->o_ber, /*{{*/ "}}" ) == LBER_ERROR ) { - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding attrs error" ); - rc = SLAPD_DISCONNECT; - goto return_results; + for ( i=0; ic_connid, rc )); + conn->c_connid, rc, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_search: get_ctrls failed\n", 0, 0, 0 ); #endif goto return_results; - } - - rc = LDAP_SUCCESS; + } #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, - "do_search: conn %d attrs:", conn->c_connid )); + LDAP_LOG( OPERATION, ARGS, + "do_search: conn %d attrs:", conn->c_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ARGS, " attrs:", 0, 0, 0 ); #endif - - if ( al != NULL ) { - for ( anew = al; anew; anew=anew->an_next ) { + if ( siz != 0 ) { + for ( i = 0; ian_name.bv_val )); + LDAP_LOG( OPERATION, ARGS, + "do_search: %s", an[i].an_name.bv_val, 0, 0 ); #else - Debug( LDAP_DEBUG_ARGS, " %s", anew->an_name.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_ARGS, " %s", an[i].an_name.bv_val, 0, 0 ); #endif - } } #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, "\n" )); + LDAP_LOG( OPERATION, ARGS, "\n" , 0, 0, 0 ); #else Debug( LDAP_DEBUG_ARGS, "\n", 0, 0, 0 ); #endif - Statslog( LDAP_DEBUG_STATS, - "conn=%ld op=%d SRCH base=\"%s\" scope=%d filter=\"%s\"\n", - op->o_connid, op->o_opid, pbase.bv_val, scope, fstr.bv_val ); + if ( StatslogTest( LDAP_DEBUG_STATS ) ) { + char abuf[BUFSIZ/2], *ptr = abuf; + int len = 0; + + Statslog( LDAP_DEBUG_STATS, + "conn=%lu op=%lu SRCH base=\"%s\" scope=%d filter=\"%s\"\n", + op->o_connid, op->o_opid, pbase.bv_val, scope, fstr.bv_val ); + + for ( i = 0; i sizeof(abuf)) { + Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu SRCH attr=%s\n", + op->o_connid, op->o_opid, abuf, 0, 0 ); + len = 0; + ptr = abuf; + } + if (len) { + *ptr++ = ' '; + len++; + } + ptr = lutil_strcopy(ptr, an[i].an_name.bv_val); + len += an[i].an_name.bv_len; + } + if (len) { + Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu SRCH attr=%s\n", + op->o_connid, op->o_opid, abuf, 0, 0 ); + } + } manageDSAit = get_manageDSAit( op ); if ( scope == LDAP_SCOPE_BASE ) { Entry *entry = NULL; - if ( strcasecmp( nbase.bv_val, LDAP_ROOT_DSE ) == 0 ) { + if ( nbase.bv_len == 0 ) { #ifdef LDAP_CONNECTIONLESS - /* Ignore LDAPv2 CLDAP DSE queries */ - if (op->o_protocol==LDAP_VERSION2 && conn->c_is_udp) { + /* Ignore LDAPv2 CLDAP Root DSE queries */ + if (op->o_protocol == LDAP_VERSION2 && conn->c_is_udp) { goto return_results; } #endif @@ -246,11 +275,21 @@ do_search( goto return_results; } +#ifdef LDAP_SLAPI + attrs = anlist2charray( an ); + pb = initSearchPlugin( NULL, conn, op, &nbase, scope, + deref, sizelimit, timelimit, filter, &fstr, + attrs, attrsonly, manageDSAit ); + rc = doPreSearchPluginFNs( NULL, pb ); + if ( rc == LDAP_SUCCESS ) { + doSearchRewriteFNs( NULL, pb, &filter, &fstr ); +#endif /* LDAP_SLAPI */ rc = root_dse_info( conn, &entry, &text ); - } +#ifdef LDAP_SLAPI + } +#endif /* LDAP_SLAPI */ -#if defined( SLAPD_SCHEMA_DN ) - else if ( strcasecmp( nbase.bv_val, SLAPD_SCHEMA_DN ) == 0 ) { + } else if ( bvmatch( &nbase, &global_schemandn ) ) { /* check restrictions */ rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; if( rc != LDAP_SUCCESS ) { @@ -259,13 +298,27 @@ do_search( goto return_results; } +#ifdef LDAP_SLAPI + attrs = anlist2charray( an ); + pb = initSearchPlugin( NULL, conn, op, &nbase, scope, + deref, sizelimit, timelimit, filter, &fstr, + attrs, attrsonly, manageDSAit ); + rc = doPreSearchPluginFNs( NULL, pb ); + if ( rc == LDAP_SUCCESS ) { + doSearchRewriteFNs( NULL, pb, &filter, &fstr ); +#endif /* LDAP_SLAPI */ rc = schema_info( &entry, &text ); +#ifdef LDAP_SLAPI + } +#endif /* LDAP_SLAPI */ } -#endif if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); +#ifdef LDAP_SLAPI + doPostSearchPluginFNs( NULL, pb ); +#endif /* LDAP_SLAPI */ goto return_results; } else if ( entry != NULL ) { @@ -274,13 +327,15 @@ do_search( if( rc == LDAP_COMPARE_TRUE ) { send_search_entry( NULL, conn, op, - entry, al, attrsonly, NULL ); + entry, an, attrsonly, NULL ); } entry_free( entry ); send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL, NULL, NULL ); - +#ifdef LDAP_SLAPI + doPostSearchPluginFNs( NULL, pb ); +#endif /* LDAP_SLAPI */ goto return_results; } } @@ -299,13 +354,13 @@ do_search( * if we don't hold it. */ if ( (be = select_backend( &nbase, manageDSAit, 1 )) == NULL ) { - struct berval **ref = referral_rewrite( default_referral, + BerVarray ref = referral_rewrite( default_referral, NULL, &pbase, scope ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : default_referral, NULL ); - ber_bvecfree( ref ); + ber_bvarray_free( ref ); goto return_results; } @@ -326,28 +381,174 @@ do_search( /* deref the base if needed */ suffix_alias( be, &nbase ); +#ifdef LDAP_SLAPI + attrs = anlist2charray( an ); + pb = initSearchPlugin( be, conn, op, &pbase, + scope, deref, sizelimit, + timelimit, filter, &fstr, attrs, attrsonly, + manageDSAit ); + rc = doPreSearchPluginFNs( be, pb ); + if ( rc != LDAP_SUCCESS ) { + goto return_results; + } + + doSearchRewriteFNs( be, pb, &filter, &fstr ); +#endif /* LDAP_SLAPI */ + /* actually do the search and send the result(s) */ if ( be->be_search ) { (*be->be_search)( be, conn, op, &pbase, &nbase, scope, deref, sizelimit, - timelimit, filter, fstr.bv_val, al, attrsonly ); + timelimit, filter, &fstr, an, attrsonly ); } else { send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", NULL, NULL ); + NULL, "operation not supported within namingContext", + NULL, NULL ); } +#ifdef LDAP_SLAPI + doPostSearchPluginFNs( be, pb ); +#endif /* LDAP_SLAPI */ + return_results:; - free( base.bv_val ); - if( pbase.bv_val != NULL) free( pbase.bv_val ); - if( nbase.bv_val != NULL) free( nbase.bv_val ); - - if( fstr.bv_val != NULL) free( fstr.bv_val ); - if( filter != NULL) filter_free( filter ); - for (; al; al=anew ) { - anew = al->an_next; - free(al->an_name.bv_val); - free(al); +#ifdef LDAP_CLIENT_UPDATE + if ( !( op->o_clientupdate_type & SLAP_LCUP_PERSIST ) ) +#endif /* LDAP_CLIENT_UPDATE */ + { + if( pbase.bv_val != NULL) free( pbase.bv_val ); + if( nbase.bv_val != NULL) free( nbase.bv_val ); + + if( fstr.bv_val != NULL) free( fstr.bv_val ); + if( filter != NULL) filter_free( filter ); + if( an != NULL ) free( an ); +#ifdef LDAP_SLAPI + if( attrs != NULL) ch_free( attrs ); +#endif /* LDAP_SLAPI */ + } + + return rc; +} + +#ifdef LDAP_SLAPI + +static char **anlist2charray( AttributeName *an ) +{ + char **attrs; + int i; + + if ( an != NULL ) { + for ( i = 0; an[i].an_name.bv_val != NULL; i++ ) + ; + attrs = (char **)ch_malloc( (i + 1) * sizeof(char *) ); + for ( i = 0; an[i].an_name.bv_val != NULL; i++ ) { + attrs[i] = an[i].an_name.bv_val; + } + attrs[i] = NULL; + } else { + attrs = NULL; + } + + return attrs; +} + +static Slapi_PBlock *initSearchPlugin( Backend *be, Connection *conn, Operation *op, + struct berval *base, int scope, int deref, int sizelimit, + int timelimit, Filter *filter, struct berval *fstr, + char **attrs, int attrsonly, int managedsait ) +{ + Slapi_PBlock *pb; + + pb = op->o_pb; + + slapi_x_backend_set_pb( pb, be ); + slapi_x_connection_set_pb( pb, conn ); + slapi_x_operation_set_pb( pb, op ); + slapi_pblock_set( pb, SLAPI_SEARCH_TARGET, (void *)base->bv_val ); + slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, (void *)scope ); + slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, (void *)deref ); + slapi_pblock_set( pb, SLAPI_SEARCH_SIZELIMIT, (void *)sizelimit ); + slapi_pblock_set( pb, SLAPI_SEARCH_TIMELIMIT, (void *)timelimit ); + slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, (void *)filter ); + slapi_pblock_set( pb, SLAPI_SEARCH_STRFILTER, (void *)fstr->bv_val ); + slapi_pblock_set( pb, SLAPI_SEARCH_ATTRS, (void *)attrs ); + slapi_pblock_set( pb, SLAPI_SEARCH_ATTRSONLY, (void *)attrsonly ); + slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)managedsait ); + + return pb; +} + +static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb ) +{ + int rc; + + rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_SEARCH_FN, pb ); + if ( rc != 0 ) { + /* + * A preoperation plugin failure will abort the + * entire operation. + */ +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, "doPreSearchPluginFNs: search preoperation plugin " + "returned %d\n", rc, 0, 0 ); +#else + Debug(LDAP_DEBUG_TRACE, "doPreSearchPluginFNs: search preoperation plugin " + "returned %d.\n", rc, 0, 0); +#endif + if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0) + rc = LDAP_OTHER; + } else { + rc = LDAP_SUCCESS; } return rc; } + +static int doSearchRewriteFNs( Backend *be, Slapi_PBlock *pb, Filter **filter, struct berval *fstr ) +{ + if ( doPluginFNs( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb ) == 0 ) { + /* + * The plugin can set the SLAPI_SEARCH_FILTER. + * SLAPI_SEARCH_STRFILER is not normative. + */ + slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, (void *)filter); + ch_free( fstr->bv_val ); + filter2bv( *filter, fstr ); +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ARGS, + "doSearchRewriteFNs: after compute_rewrite_search filter: %s\n", + fstr->bv_len ? fstr->bv_val : "empty", 0, 0 ); +#else + Debug( LDAP_DEBUG_ARGS, " after compute_rewrite_search filter: %s\n", + fstr->bv_len ? fstr->bv_val : "empty", 0, 0 ); +#endif + } + + return LDAP_SUCCESS; +} + +static int doPostSearchPluginFNs( Backend *be, Slapi_PBlock *pb ) +{ + if ( doPluginFNs( be, SLAPI_PLUGIN_POST_SEARCH_FN, pb ) != 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, "doPostSearchPluginFNs: search postoperation plugins " + "failed\n", 0, 0, 0 ); +#else + Debug(LDAP_DEBUG_TRACE, "doPostSearchPluginFNs: search postoperation plugins " + "failed.\n", 0, 0, 0); +#endif + } + + return LDAP_SUCCESS; +} + +void dummy(void) +{ + /* + * XXX slapi_search_internal() was no getting pulled + * in; all manner of linker flags failed to link it. + * FIXME + */ + slapi_search_internal( NULL, 0, NULL, NULL, NULL, 0 ); +} +#endif /* LDAP_SLAPI */ +