X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Frequest.c;h=d174308191c5416df3ff65a15d0faab9d6d6d342;hb=5941625eb79d899b49f012add4bc29da9f9e648f;hp=12d807416d21ae25178bc1aeb7f96c24607273ca;hpb=b66567f1f8d0a0bba3dfef7612b15514e43d34c7;p=openldap diff --git a/libraries/libldap/request.c b/libraries/libldap/request.c index 12d807416d..d174308191 100644 --- a/libraries/libldap/request.c +++ b/libraries/libldap/request.c @@ -6,7 +6,24 @@ /* Portions * Copyright (c) 1995 Regents of the University of Michigan. * All rights reserved. + */ +/*--- + * This notice applies to changes, created by or for Novell, Inc., + * to preexisting works for which notices appear elsewhere in this file. + * + * Copyright (C) 1999, 2000 Novell, Inc. All Rights Reserved. * + * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES. + * USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO VERSION + * 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS AVAILABLE AT + * HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE" IN THE + * TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION OF THIS + * WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP PUBLIC + * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE + * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY. + *--- + * Modification to OpenLDAP source by Novell, Inc. + * April 2000 sfs Added code to chase V3 referrals * request.c - sending of ldap requests; handling of referrals */ @@ -28,15 +45,13 @@ static LDAPConn *find_connection LDAP_P(( LDAP *ld, LDAPURLDesc *srv, int any )); static void use_connection LDAP_P(( LDAP *ld, LDAPConn *lc )); -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS -static LDAPURLDesc *dn2servers LDAP_P(( LDAP *ld, const char *dn )); -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ static BerElement *re_encode_request LDAP_P(( LDAP *ld, BerElement *origber, ber_int_t msgid, - char **dnp )); + char **dnp, + int *type)); BerElement * @@ -46,10 +61,6 @@ ldap_alloc_ber_with_options( LDAP *ld ) if (( ber = ber_alloc_t( ld->ld_lberoptions )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; -#ifdef STR_TRANSLATION - } else { - ldap_set_ber_options( ld, ber ); -#endif /* STR_TRANSLATION */ } return( ber ); @@ -60,13 +71,6 @@ void ldap_set_ber_options( LDAP *ld, BerElement *ber ) { ber->ber_options = ld->ld_lberoptions; -#ifdef STR_TRANSLATION - if (( ld->ld_lberoptions & LBER_TRANSLATE_STRINGS ) != 0 ) { - ber_set_string_translators( ber, - ld->ld_lber_encode_translate_proc, - ld->ld_lber_decode_translate_proc ); - } -#endif /* STR_TRANSLATION */ } @@ -82,7 +86,7 @@ ldap_send_initial_request( Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 ); - if ( ! ber_pvt_sb_in_use(&ld->ld_sb ) ) { + if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, NULL ) == -1 ) { /* not connected yet */ int rc = ldap_open_defconn( ld ); @@ -96,33 +100,6 @@ ldap_send_initial_request( ( ld->ld_host == NULL ) ? "(null)" : ld->ld_host, 0, 0 ); } -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS - if ( LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_DNS ) - && ldap_is_dns_dn( dn ) ) - { - if (( servers = dn2servers( ld, dn )) == NULL ) { - ber_free( ber, 1 ); - return( -1 ); - } - -#ifdef LDAP_DEBUG - if ( ldap_debug & LDAP_DEBUG_TRACE ) { - LDAPURLDesc *srv; - - for ( srv = servers; - srv != NULL; - srv = srv->lud_next ) - { - fprintf( stderr, - "LDAP server %s: dn %s, port %d\n", - srv->lud_host, ( srv->lud_dn == NULL ) ? - "(default)" : srv->lud_dn, - srv->lud_port ); - } - } -#endif /* LDAP_DEBUG */ - } else -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ { /* * use of DNS is turned off or this is an X.500 DN... @@ -132,7 +109,7 @@ ldap_send_initial_request( } rc = ldap_send_server_request( ld, ber, ld->ld_msgid, NULL, - servers, NULL, 0 ); + servers, NULL, NULL ); if (servers) ldap_free_urllist(servers); return(rc); @@ -148,7 +125,7 @@ ldap_send_server_request( LDAPRequest *parentreq, LDAPURLDesc *srvlist, LDAPConn *lc, - int bind ) + LDAPreqinfo *bind ) { LDAPRequest *lr; int incparent; @@ -164,7 +141,7 @@ ldap_send_server_request( } else { if (( lc = find_connection( ld, srvlist, 1 )) == NULL ) { - if ( bind && (parentreq != NULL) ) { + if ( (bind != NULL) && (parentreq != NULL) ) { /* Remember the bind in the parent */ incparent = 1; ++parentreq->lr_outrefcnt; @@ -255,12 +232,13 @@ ldap_send_server_request( LDAPConn * ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb, - int connect, int bind ) + int connect, LDAPreqinfo *bind ) { LDAPConn *lc; LDAPURLDesc *srv; - Sockbuf *sb; + Sockbuf *sb = NULL; + Debug( LDAP_DEBUG_TRACE, "ldap_new_connection\n", 0, 0, 0 ); /* * make a new LDAP server connection * XXX open connection synchronously for now @@ -274,13 +252,11 @@ ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb, return( NULL ); } - lc->lconn_sb = ( use_ldsb ) ? &ld->ld_sb : sb; + lc->lconn_sb = ( use_ldsb ) ? ld->ld_sb : sb; if ( connect ) { for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) { - if ( open_ldap_connection( ld, lc->lconn_sb, - srv, &lc->lconn_krbinstance, 0 ) != -1 ) - { + if ( ldap_int_open_connection( ld, lc, srv, 0 ) != -1 ) { break; } } @@ -305,50 +281,58 @@ ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb, * XXX for now, we always do a synchronous bind. This will have * to change in the long run... */ - if ( bind ) { - int err, freepasswd, authmethod; - char *binddn, *passwd; + if ( bind != NULL) { + int err = 0; LDAPConn *savedefconn; - freepasswd = err = 0; - - if ( ld->ld_rebindproc == 0 ) { - binddn = passwd = ""; - authmethod = LDAP_AUTH_SIMPLE; - } else { - if (( err = (*ld->ld_rebindproc)( ld, &binddn, &passwd, - &authmethod, 0 )) == LDAP_SUCCESS ) { - freepasswd = 1; + /* Set flag to prevent additional referrals from being processed on this + * connection until the bind has completed + */ + lc->lconn_rebind_inprogress = 1; + /* V3 rebind function */ + if ( ld->ld_rebindproc != NULL) { + LDAPURLDesc *srvfunc; + if( ( srvfunc = ldap_url_dup( srvlist)) == NULL) { + ld->ld_errno = LDAP_NO_MEMORY; + err = -1; } else { - ld->ld_errno = err; + savedefconn = ld->ld_defconn; + ++lc->lconn_refcnt; /* avoid premature free */ + ld->ld_defconn = lc; + + Debug( LDAP_DEBUG_TRACE, "Call application rebindproc\n", 0, 0, 0); + err = (*ld->ld_rebindproc)( ld, bind->ri_url, bind->ri_request, bind->ri_msgid); + + ld->ld_defconn = savedefconn; + --lc->lconn_refcnt; + + if( err != 0) { err = -1; + ldap_free_connection( ld, lc, 1, 0 ); + lc = NULL; } + ldap_free_urldesc( srvfunc); } - - - if ( err == 0 ) { + } else { savedefconn = ld->ld_defconn; - ld->ld_defconn = lc; ++lc->lconn_refcnt; /* avoid premature free */ + ld->ld_defconn = lc; - if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != - LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, "anonymous rebind via ldap_bind_s\n", 0, 0, 0); + if ( ldap_bind_s( ld, "", "", LDAP_AUTH_SIMPLE ) != LDAP_SUCCESS ) { err = -1; } - --lc->lconn_refcnt; ld->ld_defconn = savedefconn; - } - - if ( freepasswd ) { - (*ld->ld_rebindproc)( ld, &binddn, &passwd, - &authmethod, 1 ); - } + --lc->lconn_refcnt; if ( err != 0 ) { ldap_free_connection( ld, lc, 1, 0 ); lc = NULL; } } + if( lc != NULL) + lc->lconn_rebind_inprogress = 0; + } return( lc ); } @@ -367,10 +351,11 @@ find_connection( LDAP *ld, LDAPURLDesc *srv, int any ) for ( lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next ) { for ( ls = srv; ls != NULL; ls = ls->lud_next ) { if ( lc->lconn_server->lud_host != NULL && - ls->lud_host != NULL && strcasecmp( - ls->lud_host, lc->lconn_server->lud_host ) == 0 + *lc->lconn_server->lud_host != '\0' && + ls->lud_host != NULL && *ls->lud_host != '\0' && + strcasecmp( ls->lud_host, lc->lconn_server->lud_host ) == 0 && ls->lud_port == lc->lconn_server->lud_port ) { - return( lc ); + return lc; } if ( !any ) { break; @@ -378,7 +363,7 @@ find_connection( LDAP *ld, LDAPURLDesc *srv, int any ) } } - return( NULL ); + return NULL; } @@ -406,14 +391,12 @@ ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind ) } } - /* force closure */ - ldap_close_connection( lc->lconn_sb ); - ber_pvt_sb_destroy( lc->lconn_sb ); - if( lc->lconn_ber != NULL ) { ber_free( lc->lconn_ber, 1 ); } + ldap_int_sasl_close( ld, lc ); + prevlc = NULL; for ( tmplc = ld->ld_conns; tmplc != NULL; tmplc = tmplc->lconn_next ) { @@ -428,12 +411,21 @@ ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind ) prevlc = tmplc; } ldap_free_urllist( lc->lconn_server ); +#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND if ( lc->lconn_krbinstance != NULL ) { LDAP_FREE( lc->lconn_krbinstance ); } - if ( lc->lconn_sb != &ld->ld_sb ) { +#endif + if ( lc->lconn_sb != ld->ld_sb ) { ber_sockbuf_free( lc->lconn_sb ); } + if( lc->lconn_rebind_queue != NULL) { + int i; + for( i = 0; lc->lconn_rebind_queue[i] != NULL; i++) { + LDAP_VFREE(lc->lconn_rebind_queue[i]); + } + LDAP_FREE( lc->lconn_rebind_queue); + } LDAP_FREE( lc ); Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: actually freed\n", 0, 0, 0 ); @@ -459,14 +451,30 @@ ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all ) ( lc->lconn_server->lud_host == NULL ) ? "(null)" : lc->lconn_server->lud_host, lc->lconn_server->lud_port, ( lc->lconn_sb == - &ld->ld_sb ) ? " (default)" : "" ); + ld->ld_sb ) ? " (default)" : "" ); } fprintf( stderr, " refcnt: %d status: %s\n", lc->lconn_refcnt, ( lc->lconn_status == LDAP_CONNST_NEEDSOCKET ) ? "NeedSocket" : ( lc->lconn_status == LDAP_CONNST_CONNECTING ) ? "Connecting" : "Connected" ); - fprintf( stderr, " last used: %s\n", + fprintf( stderr, " last used: %s", ldap_pvt_ctime( &lc->lconn_lastused, timebuf )); + if( lc->lconn_rebind_inprogress ) { + fprintf( stderr, " rebind in progress\n"); + if( lc->lconn_rebind_queue != NULL) { + int i = 0; + for( ;lc->lconn_rebind_queue[i] != NULL; i++) { + int j = 0; + for( ;lc->lconn_rebind_queue[i][j] != 0; j++) { + fprintf( stderr, " queue %d entry %d - %s\n", + i, j, lc->lconn_rebind_queue[i][j]); + } + } + } else { + fprintf( stderr, " queue is empty\n"); + } + } + fprintf(stderr, "\n"); if ( !all ) { break; } @@ -486,11 +494,12 @@ ldap_dump_requests_and_responses( LDAP *ld ) } for ( ; lr != NULL; lr = lr->lr_next ) { fprintf( stderr, " * msgid %d, origid %d, status %s\n", - lr->lr_msgid, lr->lr_origid, ( lr->lr_status == - LDAP_REQST_INPROGRESS ) ? "InProgress" : + lr->lr_msgid, lr->lr_origid, + ( lr->lr_status == LDAP_REQST_INPROGRESS ) ? "InProgress" : ( lr->lr_status == LDAP_REQST_CHASINGREFS ) ? "ChasingRefs" : ( lr->lr_status == LDAP_REQST_NOTCONNECTED ) ? "NotConnected" : - "Writing" ); + ( lr->lr_status == LDAP_REQST_WRITING) ? "Writing" : + ( lr->lr_status == LDAP_REQST_COMPLETED ? "Request Completed" : "Invalid Status")); fprintf( stderr, " outstanding referrals %d, parent count %d\n", lr->lr_outrefcnt, lr->lr_parentcnt ); } @@ -559,6 +568,215 @@ ldap_free_request( LDAP *ld, LDAPRequest *lr ) LDAP_FREE( lr ); } +/* + * Chase v3 referrals + * + * Parameters: + * (IN) ld = LDAP connection handle + * (IN) lr = LDAP Request structure + * (IN) refs = array of pointers to referral strings that we will chase + * The array will be free'd by this function when no longer needed + * (IN) sref != 0 if following search reference + * (OUT) errstrp = Place to return a string of referrals which could not be followed + * (OUT) hadrefp = 1 if sucessfully followed referral + * + * Return value - number of referrals followed + */ +int +ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char **errstrp, int *hadrefp ) +{ + char *unfollowed; + int unfollowedcnt = 0; + LDAPRequest *origreq; + LDAPURLDesc *srv = NULL; + BerElement *ber; + char **refarray = NULL; + LDAPConn *lc; + int rc, count, i, j; + LDAPreqinfo rinfo; + + ld->ld_errno = LDAP_SUCCESS; /* optimistic */ + *hadrefp = 0; + + Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals\n", 0, 0, 0 ); + + unfollowed = NULL; + rc = count = 0; + + /* If no referrals in array, return */ + if ( (refs == NULL) || ( (refs)[0] == NULL) ) { + rc = 0; + goto done; + } + + /* Check for hop limit exceeded */ + if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) { + Debug( LDAP_DEBUG_ANY, + "more than %d referral hops (dropping)\n", ld->ld_refhoplimit, 0, 0 ); + ld->ld_errno = LDAP_REFERRAL_LIMIT_EXCEEDED; + rc = -1; + goto done; + } + + /* find original request */ + for ( origreq = lr; origreq->lr_parent != NULL; origreq = origreq->lr_parent ) { + ; + } + + refarray = refs; + refs = NULL; + /* parse out & follow referrals */ + for( i=0; refarray[i] != NULL; i++) { + /* Parse the referral URL */ + if (( rc = ldap_url_parse( refarray[i], &srv)) != LDAP_SUCCESS) { + ld->ld_errno = rc; + rc = -1; + goto done; + } + + if( srv->lud_crit_exts ) { + /* we do not support any extensions */ + ld->ld_errno = LDAP_NOT_SUPPORTED; + rc = -1; + goto done; + } + + /* treat ldap://hostpart and ldap://hostpart/ the same */ + if ( srv->lud_dn && srv->lud_dn[0] == '\0' ) { + LDAP_FREE( srv->lud_dn ); + srv->lud_dn = NULL; + } + + /* check connection for re-bind in progress */ + if (( lc = find_connection( ld, srv, 1 )) != NULL ) { + if( lc->lconn_rebind_inprogress) { + /* We are already chasing a referral or search reference and a + * bind on that connection is in progress. We must queue + * referrals on that connection, so we don't get a request + * going out before the bind operation completes. This happens + * if two search references come in one behind the other + * for the same server with different contexts. + */ + Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals: queue referral \"%s\"\n", + refarray[i], 0, 0); + if( lc->lconn_rebind_queue == NULL ) { + /* Create a referral list */ + if( (lc->lconn_rebind_queue = (char ***)LDAP_MALLOC( sizeof(void *) * 2)) == NULL) { + ld->ld_errno = LDAP_NO_MEMORY; + rc = -1; + goto done; + } + lc->lconn_rebind_queue[0] = refarray; + lc->lconn_rebind_queue[1] = NULL; + refarray = NULL; + } else { + /* Count how many referral arrays we already have */ + for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) { + ; + } + /* Add the new referral to the list */ + if( (lc->lconn_rebind_queue = (char ***)LDAP_REALLOC( + lc->lconn_rebind_queue, sizeof(void *) * (j + 2))) == NULL) { + ld->ld_errno = LDAP_NO_MEMORY; + rc = -1; + goto done; + } + lc->lconn_rebind_queue[j] = refarray; + lc->lconn_rebind_queue[j+1] = NULL; + refarray = NULL; + } + /* We have queued the referral/reference, now just return */ + rc = 0; + *hadrefp = 1; + count = 1; /* Pretend we already followed referral */ + goto done; + } + } + /* Re-encode the request with the new starting point of the search. + * Note: In the future we also need to replace the filter if one + * was provided with the search reference + */ + + /* For references we don't want old dn if new dn empty */ + if ( sref && srv->lud_dn == NULL ) + srv->lud_dn = LDAP_STRDUP( "" ); + + if (( ber = re_encode_request( ld, origreq->lr_ber, + ++ld->ld_msgid, &srv->lud_dn, &rinfo.ri_request )) == NULL ) { + ld->ld_errno = LDAP_ENCODING_ERROR; + rc = -1; + goto done; + } + + Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referral: msgid %d, url \"%s\"\n", + lr->lr_msgid, refarray[i], 0); + + /* Send the new request to the server - may require a bind */ + rinfo.ri_msgid = origreq->lr_origid; + rinfo.ri_url = refarray[i]; + if ( (rc = ldap_send_server_request( ld, ber, ld->ld_msgid, + origreq, srv, NULL, &rinfo )) < 0 ) { + /* Failure, try next referral in the list */ + Debug( LDAP_DEBUG_ANY, "Unable to chase referral \"%s\" (%s)\n", + refarray[i], ldap_err2string( ld->ld_errno ), 0); + unfollowedcnt += ldap_append_referral( ld, &unfollowed, refarray[i]); + ldap_free_urllist(srv); + srv = NULL; + } else { + /* Success, no need to try this referral list further */ + rc = 0; + ++count; + *hadrefp = 1; + + /* check if there is a queue of referrals that came in during bind */ + if( lc == NULL) { + if (( lc = find_connection( ld, srv, 1 )) == NULL ) { + ld->ld_errno = LDAP_OPERATIONS_ERROR; + rc = -1; + goto done; + } + } + + if( lc->lconn_rebind_queue != NULL) { + /* Release resources of previous list */ + LDAP_VFREE(refarray); + refarray = NULL; + ldap_free_urllist(srv); + srv = NULL; + + /* Pull entries off end of queue so list always null terminated */ + for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) { + ; + } + refarray = lc->lconn_rebind_queue[j-1]; + lc->lconn_rebind_queue[j-1] = NULL; + /* we pulled off last entry from queue, free queue */ + if ( j == 1 ) { + LDAP_FREE( lc->lconn_rebind_queue); + lc->lconn_rebind_queue = NULL; + } + /* restart the loop the with new referral list */ + i = -1; + continue; + } + break; /* referral followed, break out of for loop */ + } + } /* end for loop */ +done: + LDAP_VFREE(refarray); + ldap_free_urllist(srv); + LDAP_FREE( *errstrp ); + + if( rc == 0) { + *errstrp = NULL; + LDAP_FREE( unfollowed ); + return count; + } else { + ld->ld_errno = LDAP_REFERRAL; + *errstrp = unfollowed; + return rc; + } +} /* * XXX merging of errors in this routine needs to be improved @@ -567,13 +785,11 @@ int ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) { int rc, count, len, newdn; -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS - int ldapref; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ char *p, *ports, *ref, *tmpref, *refdn, *unfollowed; LDAPRequest *origreq; LDAPURLDesc *srv; BerElement *ber; + LDAPreqinfo rinfo; Debug( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n", 0, 0, 0 ); @@ -586,8 +802,7 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) len = strlen( *errstrp ); for ( p = *errstrp; len >= LDAP_REF_STR_LEN; ++p, --len ) { - if (( *p == 'R' || *p == 'r' ) && strncasecmp( p, - LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) { + if ( strncasecmp( p, LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) { *p = '\0'; p += LDAP_REF_STR_LEN; break; @@ -617,9 +832,6 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) /* parse out & follow referrals */ for ( ref = p; rc == 0 && ref != NULL; ref = p ) { -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS - ldapref = 0; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ if (( p = strchr( ref, '\n' )) != NULL ) { *p++ = '\0'; @@ -627,29 +839,26 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) p = NULL; } + /* copy the complete referral for rebind process */ + rinfo.ri_url = LDAP_STRDUP( ref ); + ldap_pvt_hex_unescape( ref ); len = strlen( ref ); + /* FIXME: we should use the URL Parser */ + if ( len > LDAP_LDAP_REF_STR_LEN && strncasecmp( ref, LDAP_LDAP_REF_STR, LDAP_LDAP_REF_STR_LEN ) == 0 ) { Debug( LDAP_DEBUG_TRACE, "chasing LDAP referral: <%s>\n", ref, 0, 0 ); -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS - ldapref = 1; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ tmpref = ref + LDAP_LDAP_REF_STR_LEN; -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS - } else if ( len > LDAP_DX_REF_STR_LEN && strncasecmp( ref, - LDAP_DX_REF_STR, LDAP_DX_REF_STR_LEN ) == 0 ) { - Debug( LDAP_DEBUG_TRACE, - "chasing DX referral: <%s>\n", ref, 0, 0 ); - tmpref = ref + LDAP_DX_REF_STR_LEN; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ } else { Debug( LDAP_DEBUG_TRACE, "ignoring unknown referral <%s>\n", ref, 0, 0 ); rc = ldap_append_referral( ld, &unfollowed, ref ); *hadrefp = 1; + LDAP_FREE( rinfo.ri_url ); + rinfo.ri_url = NULL; continue; } @@ -658,20 +867,16 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) if (( refdn = strchr( tmpref, '/' )) != NULL ) { *refdn++ = '\0'; newdn = refdn[0] != '?' && refdn[0] != '\0'; - if( !newdn ) refdn = NULL; } else { newdn = 0; } if (( ber = re_encode_request( ld, origreq->lr_ber, - ++ld->ld_msgid, &refdn )) == NULL ) { + ++ld->ld_msgid, &refdn, &rinfo.ri_request )) == NULL ) { return( -1 ); } -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS - if ( ldapref ) { -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ if (( srv = (LDAPURLDesc *)LDAP_CALLOC( 1, sizeof( LDAPURLDesc ))) == NULL ) { ber_free( ber, 1 ); @@ -679,6 +884,13 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) return( -1 ); } + if (( srv->lud_scheme = LDAP_STRDUP("ldap")) == NULL ) { + LDAP_FREE( (char *)srv ); + ber_free( ber, 1 ); + ld->ld_errno = LDAP_NO_MEMORY; + return( -1 ); + } + if (( srv->lud_host = LDAP_STRDUP( tmpref )) == NULL ) { LDAP_FREE( (char *)srv ); ber_free( ber, 1 ); @@ -690,16 +902,12 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) *ports++ = '\0'; srv->lud_port = atoi( ports ); } else { - srv->lud_port = ldap_int_global_options.ldo_defport; + srv->lud_port = (LDAP_INT_GLOBAL_OPT())->ldo_defport; } -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS - } else { - srv = dn2servers( ld, tmpref ); - } -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */ + rinfo.ri_msgid = origreq->lr_origid; if ( srv != NULL && ldap_send_server_request( ld, ber, ld->ld_msgid, - lr, srv, NULL, 1 ) >= 0 ) { + lr, srv, NULL, &rinfo ) >= 0 ) { ++count; } else { Debug( LDAP_DEBUG_ANY, @@ -707,6 +915,7 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ) ldap_err2string( ld->ld_errno ), 0, 0 ); rc = ldap_append_referral( ld, &unfollowed, ref ); } + LDAP_FREE( rinfo.ri_url); if (srv != NULL) ldap_free_urllist(srv); @@ -756,11 +965,11 @@ ldap_append_referral( LDAP *ld, char **referralsp, char *s ) static BerElement * -re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp ) +re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp, int *type ) { -/* - * XXX this routine knows way too much about how the lber library works! - */ + /* + * XXX this routine knows way too much about how the lber library works! + */ ber_int_t along; ber_tag_t tag; ber_int_t ver; @@ -787,6 +996,7 @@ re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp ) return( NULL ); } + assert( tag != 0); if ( tag == LDAP_REQ_BIND ) { /* bind requests have a version number before the DN & other stuff */ rc = ber_scanf( &tmpber, "{ia" /*}*/, &ver, &orig_dn ); @@ -817,7 +1027,7 @@ re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp ) if ( tag == LDAP_REQ_BIND ) { rc = ber_printf( ber, "{it{is" /*}}*/, msgid, tag, ver, *dnp ); } else if ( tag == LDAP_REQ_DELETE ) { - rc = ber_printf( ber, "{its}", msgid, tag, *dnp ); + rc = ber_printf( ber, "{itsN}", msgid, tag, *dnp ); } else { rc = ber_printf( ber, "{it{s" /*}}*/, msgid, tag, *dnp ); } @@ -831,7 +1041,7 @@ re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp ) if ( tag != LDAP_REQ_DELETE && ( ber_write(ber, tmpber.ber_ptr, ( tmpber.ber_end - tmpber.ber_ptr ), 0) != ( tmpber.ber_end - tmpber.ber_ptr ) || - ber_printf( ber, /*{{*/ "}}" ) == -1 ) ) + ber_printf( ber, /*{{*/ "N}N}" ) == -1 ) ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); @@ -846,6 +1056,7 @@ re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp ) } #endif /* LDAP_DEBUG */ + *type = tag; /* return request type */ return( ber ); } @@ -853,9 +1064,12 @@ re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp ) LDAPRequest * ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid ) { - LDAPRequest *lr; + LDAPRequest *lr; for ( lr = ld->ld_requests; lr != NULL; lr = lr->lr_next ) { + if( lr->lr_status == LDAP_REQST_COMPLETED ) { + continue; /* Skip completed requests */ + } if ( msgid == lr->lr_msgid ) { break; } @@ -865,47 +1079,3 @@ ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid ) } -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS -static LDAPURLDesc * -dn2servers( LDAP *ld, const char *dn ) /* dn can also be a domain.... */ -{ - char *p, *host, *server_dn, **dxs; - const char *domain; - int i, port; - LDAPURLDesc *srvlist, *prevsrv, *srv; - - if (( domain = strrchr( dn, '@' )) != NULL ) { - ++domain; - } else { - domain = dn; - } - - if (( dxs = ldap_getdxbyname( domain )) == NULL ) { - ld->ld_errno = LDAP_NO_MEMORY; - return( NULL ); - } - - srvlist = NULL; - for ( i = 0; dxs[ i ] != NULL; ++i ) { - if (ldap_url_parselist(&srv, dxs[i]) == LDAP_SUCCESS - || ldap_url_parsehosts(&srv, dxs[i]) == LDAP_SUCCESS) - { - /* add to end of list of servers */ - if ( srvlist == NULL ) { - srvlist = srv; - } else { - prevsrv->lud_next = srv; - } - prevsrv = srv; - } - } - - ldap_value_free( dxs ); - - if ( srvlist == NULL ) { - ld->ld_errno = LDAP_SERVER_DOWN; - } - - return( srvlist ); -} -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */