X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Ferror.c;h=61ae88f4b6797db61a6d1d82c7aa78ceee796777;hb=599a61016423e4ea98363a827e3d1bdd8e88600e;hp=04d9f255a7c9a523462acc30154db603cf639a20;hpb=80cf83ace8f0728398ba5b660ee005ef267c3096;p=openldap

diff --git a/libraries/libldap/error.c b/libraries/libldap/error.c
index 04d9f255a7..61ae88f4b6 100644
--- a/libraries/libldap/error.c
+++ b/libraries/libldap/error.c
@@ -1,7 +1,14 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
 #include "portable.h"
 
 #include <stdio.h>
-#include <stdlib.h>
+
+#include <ac/stdlib.h>
 
 #include <ac/socket.h>
 #include <ac/string.h>
@@ -14,28 +21,38 @@ struct ldaperror {
 	char	*e_reason;
 };
 
-static struct ldaperror ldap_errlist[] = {
+static const struct ldaperror ldap_errlist[] = {
 	{LDAP_SUCCESS, 					"Success" },
 	{LDAP_OPERATIONS_ERROR, 		"Operations error" },
 	{LDAP_PROTOCOL_ERROR, 			"Protocol error" },
-	{LDAP_TIMELIMIT_EXCEEDED,		"Timelimit exceeded" },
-	{LDAP_SIZELIMIT_EXCEEDED, 		"Sizelimit exceeded" },
+	{LDAP_TIMELIMIT_EXCEEDED,		"Time limit exceeded" },
+	{LDAP_SIZELIMIT_EXCEEDED, 		"Size limit exceeded" },
 	{LDAP_COMPARE_FALSE, 			"Compare false" },
 	{LDAP_COMPARE_TRUE, 			"Compare true" },
-	{LDAP_STRONG_AUTH_NOT_SUPPORTED, "Strong authentication not supported" },
+	{LDAP_STRONG_AUTH_NOT_SUPPORTED, "Authentication method not supported" },
 	{LDAP_STRONG_AUTH_REQUIRED, 	"Strong authentication required" },
 	{LDAP_PARTIAL_RESULTS, 			"Partial results and referral received" },
+
+	{LDAP_REFERRAL,					"Referral"},
+	{LDAP_ADMINLIMIT_EXCEEDED,		"Administrative limit exceeded"},
+	{LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
+									"Criticial extension is unavailable"},
+	{LDAP_CONFIDENTIALITY_REQUIRED,	"Confidentiality required"},
+	{LDAP_SASL_BIND_IN_PROGRESS,	"SASL bind in progress"},
+
 	{LDAP_NO_SUCH_ATTRIBUTE, 		"No such attribute" },
 	{LDAP_UNDEFINED_TYPE, 			"Undefined attribute type" },
 	{LDAP_INAPPROPRIATE_MATCHING, 	"Inappropriate matching" },
 	{LDAP_CONSTRAINT_VIOLATION, 	"Constraint violation" },
 	{LDAP_TYPE_OR_VALUE_EXISTS, 	"Type or value exists" },
 	{LDAP_INVALID_SYNTAX, 			"Invalid syntax" },
+
 	{LDAP_NO_SUCH_OBJECT, 			"No such object" },
 	{LDAP_ALIAS_PROBLEM, 			"Alias problem" },
 	{LDAP_INVALID_DN_SYNTAX,		"Invalid DN syntax" },
-	{LDAP_IS_LEAF, 					"Object is a leaf" },
+	{LDAP_IS_LEAF, 					"Entry is a leaf" },
 	{LDAP_ALIAS_DEREF_PROBLEM,	 	"Alias dereferencing problem" },
+
 	{LDAP_INAPPROPRIATE_AUTH, 		"Inappropriate authentication" },
 	{LDAP_INVALID_CREDENTIALS, 		"Invalid credentials" },
 	{LDAP_INSUFFICIENT_ACCESS, 		"Insufficient access" },
@@ -43,6 +60,7 @@ static struct ldaperror ldap_errlist[] = {
 	{LDAP_UNAVAILABLE, 				"DSA is unavailable" },
 	{LDAP_UNWILLING_TO_PERFORM, 	"DSA is unwilling to perform" },
 	{LDAP_LOOP_DETECT, 				"Loop detected" },
+
 	{LDAP_NAMING_VIOLATION, 		"Naming violation" },
 	{LDAP_OBJECT_CLASS_VIOLATION, 	"Object class violation" },
 	{LDAP_NOT_ALLOWED_ON_NONLEAF, 	"Operation not allowed on nonleaf" },
@@ -50,7 +68,11 @@ static struct ldaperror ldap_errlist[] = {
 	{LDAP_ALREADY_EXISTS, 			"Already exists" },
 	{LDAP_NO_OBJECT_CLASS_MODS, 	"Cannot modify object class" },
 	{LDAP_RESULTS_TOO_LARGE,		"Results too large" },
+	{LDAP_AFFECTS_MULTIPLE_DSAS,	"Operation affects multiple DSAs" },
+
 	{LDAP_OTHER, 					"Unknown error" },
+
+	/* API ResultCodes */
 	{LDAP_SERVER_DOWN,				"Can't contact LDAP server" },
 	{LDAP_LOCAL_ERROR,				"Local error" },
 	{LDAP_ENCODING_ERROR,			"Encoding error" },
@@ -61,117 +83,278 @@ static struct ldaperror ldap_errlist[] = {
 	{LDAP_USER_CANCELLED,			"User cancelled operation" },
 	{LDAP_PARAM_ERROR,				"Bad parameter to an ldap routine" },
 	{LDAP_NO_MEMORY,				"Out of memory" },
-	{-1, 0 }
+
+	{LDAP_CONNECT_ERROR,			"Connect error" },
+	{LDAP_NOT_SUPPORTED,			"Not Supported" },
+	{LDAP_CONTROL_NOT_FOUND,		"Control not found" },
+	{LDAP_NO_RESULTS_RETURNED,		"No results returned" },
+	{LDAP_MORE_RESULTS_TO_RETURN,	"More results to return" },
+	{LDAP_CLIENT_LOOP,				"Client Loop" },
+	{LDAP_REFERRAL_LIMIT_EXCEEDED,	"Referral Limit Exceeded" },
+
+	{-1, NULL }
 };
 
-char *
-ldap_err2string( int err )
+static const struct ldaperror *
+ldap_int_error( int err )
 {
 	int	i;
 
-	Debug( LDAP_DEBUG_TRACE, "ldap_err2string\n", 0, 0, 0 );
-
 	for ( i = 0; ldap_errlist[i].e_code != -1; i++ ) {
 		if ( err == ldap_errlist[i].e_code )
-			return( ldap_errlist[i].e_reason );
+			return &ldap_errlist[i];
 	}
 
-	return( "Unknown error" );
+	return NULL;
 }
 
-#ifdef LDAP_LIBUI
-void
-ldap_perror( LDAP *ld, char *s )
+char *
+ldap_err2string( int err )
 {
-	int	i;
+	const struct ldaperror *e;
+	
+	Debug( LDAP_DEBUG_TRACE, "ldap_err2string\n", 0, 0, 0 );
 
+	e = ldap_int_error( err );
+
+	return ( e != NULL ) ? e->e_reason : "Unknown error";
+}
+
+/* deprecated */
+void
+ldap_perror( LDAP *ld, LDAP_CONST char *str )
+{
+	const char *s;
+	const struct ldaperror *e;
 	Debug( LDAP_DEBUG_TRACE, "ldap_perror\n", 0, 0, 0 );
 
+	assert( ld != NULL );
+	assert( LDAP_VALID( ld ) );
+	assert( str );
+
+	s = ( str != NULL ) ? str : "ldap_perror";
+
 	if ( ld == NULL ) {
 		perror( s );
 		return;
 	}
 
-	for ( i = 0; ldap_errlist[i].e_code != -1; i++ ) {
-		if ( ld->ld_errno == ldap_errlist[i].e_code ) {
-			fprintf( stderr, "%s: %s\n", s,
-			    ldap_errlist[i].e_reason );
-			if ( ld->ld_matched != NULL && *ld->ld_matched != '\0' )
-				fprintf( stderr, "%s: matched: %s\n", s,
-				    ld->ld_matched );
-			if ( ld->ld_error != NULL && *ld->ld_error != '\0' )
-				fprintf( stderr, "%s: additional info: %s\n",
-				    s, ld->ld_error );
-			fflush( stderr );
-			return;
-		}
+	e = ldap_int_error( ld->ld_errno );
+
+	if ( e != NULL ) {
+		fprintf( stderr, "%s: %s\n",
+			s, e->e_reason );
+	} else {
+		fprintf( stderr, "%s: unknown LDAP error number %d\n",
+			s, ld->ld_errno );
+	}
+
+	if ( ld->ld_matched != NULL && ld->ld_matched[0] != '\0' ) {
+		fprintf( stderr, "\tmatched DN: \"%s\"\n",
+			ld->ld_matched );
+	}
+
+	if ( ld->ld_error != NULL && ld->ld_error[0] != '\0' ) {
+		fprintf( stderr, "\tadditional info: %s\n",
+		    ld->ld_error );
 	}
 
-	fprintf( stderr, "%s: Not an LDAP errno %d\n", s, ld->ld_errno );
 	fflush( stderr );
 }
 
-#else
-
-void
-ldap_perror( LDAP *ld, char *s )
+/* deprecated */
+int
+ldap_result2error( LDAP *ld, LDAPMessage *r, int freeit )
 {
-}
+	int rc, err;
 
-#endif /* !LDAP_LIBUI */
+	rc = ldap_parse_result( ld, r, &err,
+		NULL, NULL, NULL, NULL, freeit );
 
+	return err != LDAP_SUCCESS ? err : rc;
+}
 
+/*
+ * Parse LDAPResult Messages:
+ *
+ *   LDAPResult ::= SEQUENCE {
+ *     resultCode      ENUMERATED,
+ *     matchedDN       LDAPDN,
+ *     errorMessage    LDAPString,
+ *     referral        [3] Referral OPTIONAL }
+ *
+ * including Bind results:
+ *
+ *   BindResponse ::= [APPLICATION 1] SEQUENCE {
+ *     COMPONENTS OF LDAPResult,
+ *     serverSaslCreds  [7] OCTET STRING OPTIONAL }
+ * 
+ * and ExtendedOp results:
+ *
+ *   ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
+ *     COMPONENTS OF LDAPResult,
+ *     responseName     [10] LDAPOID OPTIONAL,
+ *     response         [11] OCTET STRING OPTIONAL }
+ *
+ */
 int
-ldap_result2error( LDAP *ld, LDAPMessage *r, int freeit )
+ldap_parse_result(
+	LDAP			*ld,
+	LDAPMessage		*r,
+	int				*errcodep,
+	char			**matcheddnp,
+	char			**errmsgp,
+	char			***referralsp,
+	LDAPControl		***serverctrls,
+	int				freeit )
 {
 	LDAPMessage	*lm;
-	BerElement	ber;
-	long		along;
-	int		rc;
+	ber_int_t errcode = LDAP_SUCCESS;
+
+	ber_tag_t tag;
+	BerElement	*ber;
+
+	Debug( LDAP_DEBUG_TRACE, "ldap_parse_result\n", 0, 0, 0 );
 
-	Debug( LDAP_DEBUG_TRACE, "ldap_result2error\n", 0, 0, 0 );
+	assert( ld != NULL );
+	assert( LDAP_VALID( ld ) );
+	assert( r != NULL );
 
-	if ( r == NULLMSG )
-		return( LDAP_PARAM_ERROR );
+	if ( ld == NULL || r == NULL ) {
+		return LDAP_PARAM_ERROR;
+	}
+
+	if(errcodep != NULL) *errcodep = LDAP_SUCCESS;
+	if(matcheddnp != NULL) *matcheddnp = NULL;
+	if(errmsgp != NULL) *errmsgp = NULL;
+	if(referralsp != NULL) *referralsp = NULL;
+	if(serverctrls != NULL) *serverctrls = NULL;
+
+	/* Find the next result... */
+	for ( lm = r; lm != NULL; lm = lm->lm_chain ) {
+		/* skip over entries and references */
+		if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY &&
+			lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE &&
+			lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL )
+		{
+			break;
+		}
+	}
 
-	for ( lm = r; lm->lm_chain != NULL; lm = lm->lm_chain )
-		;	/* NULL */
+	if( lm == NULL ) {
+		ld->ld_errno = LDAP_NO_RESULTS_RETURNED;
+		return ld->ld_errno;
+	}
 
 	if ( ld->ld_error ) {
-		free( ld->ld_error );
+		LDAP_FREE( ld->ld_error );
 		ld->ld_error = NULL;
 	}
 	if ( ld->ld_matched ) {
-		free( ld->ld_matched );
+		LDAP_FREE( ld->ld_matched );
 		ld->ld_matched = NULL;
 	}
 
-	ber = *(lm->lm_ber);
-	if ( ld->ld_version == LDAP_VERSION2 ) {
-		rc = ber_scanf( &ber, "{iaa}", &along, &ld->ld_matched,
-		    &ld->ld_error );
+	/* parse results */
+
+	ber = ber_dup( lm->lm_ber );
+
+	if ( ld->ld_version < LDAP_VERSION2 ) {
+		tag = ber_scanf( ber, "{ia}",
+			&ld->ld_errno, &ld->ld_error );
 	} else {
-		rc = ber_scanf( &ber, "{ia}", &along, &ld->ld_error );
+		ber_len_t len;
+		tag = ber_scanf( ber, "{iaa" /*}*/,
+			&ld->ld_errno, &ld->ld_matched, &ld->ld_error );
+
+		if( tag != LBER_ERROR ) {
+			/* peek for referrals */
+			if( ber_peek_tag(ber, &len) == LDAP_TAG_REFERRAL ) {
+				if( referralsp != NULL ) {
+					tag = ber_scanf( ber, "v", referralsp );
+
+				} else {
+					/* no place to put them so skip 'em */
+					tag = ber_scanf( ber, "x" );
+				}
+			}
+		}
+
+		/* need to clean out misc items */
+		if( tag != LBER_ERROR ) {
+			if( lm->lm_msgtype == LDAP_RES_BIND ) {
+				/* look for sasl result creditials */
+				if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SASL_RES_CREDS ) {
+					/* skip 'em */
+					tag = ber_scanf( ber, "x" );
+				}
+
+			} else if( lm->lm_msgtype == LDAP_RES_EXTENDED ) {
+				/* look for exop result oid or value */
+				if ( ber_peek_tag( ber, &len ) == LDAP_TAG_EXOP_RES_OID ) {
+					/* skip 'em */
+					tag = ber_scanf( ber, "x" );
+				}
+
+				if ( tag != LBER_ERROR &&
+					ber_peek_tag( ber, &len ) == LDAP_TAG_EXOP_RES_VALUE )
+				{
+					/* skip 'em */
+					tag = ber_scanf( ber, "x" );
+				}
+			}
+		}
+
+		if( tag != LBER_ERROR ) {
+			int rc = ldap_int_get_controls( ber, serverctrls );
+
+			if( rc != LDAP_SUCCESS ) {
+				tag = LBER_ERROR;
+			}
+		}
+
+		if( tag != LBER_ERROR ) {
+			tag = ber_scanf( ber, /*{*/"}" );
+		}
 	}
-	if ( rc == LBER_ERROR ) {
-		ld->ld_errno = LDAP_DECODING_ERROR;
-	} else {
-		ld->ld_errno = (int) along;
+
+	if ( tag == LBER_ERROR ) {
+		ld->ld_errno = errcode = LDAP_DECODING_ERROR;
 	}
 
-	if ( freeit )
-		ldap_msgfree( r );
+	if( ber != NULL ) {
+		ber_free( ber, 0 );
+	}
 
-	return( ld->ld_errno );
-}
+	/* return */
+	if( errcodep != NULL ) {
+		*errcodep = ld->ld_errno;
+	}
+	if ( errcode == LDAP_SUCCESS ) {
+		if( matcheddnp != NULL ) {
+			*matcheddnp = LDAP_STRDUP( ld->ld_matched );
+		}
+		if( errmsgp != NULL ) {
+			*errmsgp = LDAP_STRDUP( ld->ld_error );
+		}
 
+		/* Find the next result... */
+		for ( lm = lm->lm_chain; lm != NULL; lm = lm->lm_chain ) {
+			/* skip over entries and references */
+			if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY &&
+				lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE &&
+				lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL )
+			{
+				/* more results to return */
+				errcode = LDAP_MORE_RESULTS_TO_RETURN;
+				break;
+			}
+		}
+	}
 
-int 
-ldap_get_lderrno(LDAP *ld, char **matched, char **msg)
-{
-        if ( matched )
-                *matched = ld->ld_matched;
-        if ( msg )
-                *msg = NULL;
-        return( ld->ld_errno );
+	if ( freeit ) {
+		ldap_msgfree( r );
+	}
+
+	return( errcode );
 }