X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fback-ldbm%2Fsearch.c;h=e2e5b113c9bbf82dc9031ab4de6ed2164026e5a3;hb=b0b3eff457f0e431c4fd094d3d9cfeb6383df91d;hp=5def38a2b33b3f0c5f4e432ab5ee70d1f3f4a159;hpb=3277a27b1019073130dd7c4f0f6c0369c247e9d6;p=openldap
diff --git a/servers/slapd/back-ldbm/search.c b/servers/slapd/back-ldbm/search.c
index 5def38a2b3..e2e5b113c9 100644
--- a/servers/slapd/back-ldbm/search.c
+++ b/servers/slapd/back-ldbm/search.c
@@ -1,4 +1,18 @@
/* search.c - ldbm backend search function */
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2003 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
+ */
#include "portable.h"
@@ -11,283 +25,508 @@
#include "back-ldbm.h"
#include "proto-back-ldbm.h"
-static ID_BLOCK *base_candidates(Backend *be, Connection *conn, Operation *op, char *base, Filter *filter, char **attrs, int attrsonly, char **matched, int *err);
-static ID_BLOCK *onelevel_candidates(Backend *be, Connection *conn, Operation *op, char *base, Filter *filter, char **attrs, int attrsonly, char **matched, int *err);
-static ID_BLOCK *subtree_candidates(Backend *be, Connection *conn, Operation *op, char *base, Filter *filter, char **attrs, int attrsonly, char **matched, Entry *e, int *err, int lookupbase);
+static ID_BLOCK *base_candidate(
+ Backend *be, Entry *e );
-#define GRABSIZE BUFSIZ
+static ID_BLOCK *search_candidates(
+ Operation *op, Entry *e, Filter *filter,
+ int scope, int deref, int manageDSAit );
-#define MAKE_SPACE( n ) { \
- if ( rcur + n > rbuf + rmaxsize ) { \
- int offset = rcur - rbuf; \
- rbuf = ch_realloc( rbuf, rmaxsize + GRABSIZE ); \
- rmaxsize += GRABSIZE; \
- rcur = rbuf + offset; \
- } \
-}
int
ldbm_back_search(
- Backend *be,
- Connection *conn,
Operation *op,
- char *base,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- char *filterstr,
- char **attrs,
- int attrsonly
-)
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- int err;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
+ int rc, err;
+ const char *text = NULL;
time_t stoptime;
ID_BLOCK *candidates;
- ID id;
+ ID id, cursor;
Entry *e;
- Attribute *ref;
- char *matched = NULL;
- int rmaxsize, nrefs;
- char *rbuf, *rcur;
- int nentries = 0;
- char *realBase;
-
- Debug(LDAP_DEBUG_ARGS, "=> ldbm_back_search\n", 0, 0, 0);
+ Entry *matched = NULL;
+ struct berval realbase = { 0, NULL };
+ int manageDSAit = get_manageDSAit( op );
+ int cscope = LDAP_SCOPE_DEFAULT;
+
+ struct slap_limits_set *limit = NULL;
+ int isroot = 0;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_search: enter\n", 0, 0, 0 );
+#else
+ Debug(LDAP_DEBUG_TRACE, "=> ldbm_back_search\n", 0, 0, 0);
+#endif
+
+ /* grab giant lock for reading */
+ ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock);
+
+ if ( op->o_req_ndn.bv_len == 0 ) {
+ /* DIT root special case */
+ e = (Entry *) &slap_entry_root;
+
+ /* need normalized dn below */
+ ber_dupbv( &realbase, &e->e_nname );
+
+ candidates = search_candidates( op, e, op->oq_search.rs_filter,
+ op->oq_search.rs_scope, op->oq_search.rs_deref,
+ manageDSAit || get_domainScope(op) );
+
+ goto searchit;
+
+ } else if ( op->oq_search.rs_deref & LDAP_DEREF_FINDING ) {
+ /* deref dn and get entry with reader lock */
+ e = deref_dn_r( op->o_bd, &op->o_req_ndn, &rs->sr_err, &matched, &rs->sr_text );
+
+ if( rs->sr_err == LDAP_NO_SUCH_OBJECT ) rs->sr_err = LDAP_REFERRAL;
- if ( tlimit == 0 && be_isroot( be, op->o_ndn ) ) {
- tlimit = -1; /* allow root to set no limit */
} else {
- tlimit = (tlimit > be->be_timelimit || tlimit < 1) ?
- be->be_timelimit : tlimit;
- stoptime = op->o_time + tlimit;
+ /* get entry with reader lock */
+ e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched );
+ rs->sr_err = e != NULL ? LDAP_SUCCESS : LDAP_REFERRAL;
+ rs->sr_text = NULL;
}
- if ( slimit == 0 && be_isroot( be, op->o_ndn ) ) {
- slimit = -1; /* allow root to set no limit */
- } else {
- slimit = (slimit > be->be_sizelimit || slimit < 1) ?
- be->be_sizelimit : slimit;
+
+ if ( e == NULL ) {
+ struct berval matched_dn = { 0, NULL };
+
+ if ( matched != NULL ) {
+ BerVarray erefs;
+ ber_dupbv( &matched_dn, &matched->e_name );
+
+ erefs = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
+ : NULL;
+
+ cache_return_entry_r( &li->li_cache, matched );
+
+ if( erefs ) {
+ rs->sr_ref = referral_rewrite( erefs, &matched_dn,
+ &op->o_req_dn, op->oq_search.rs_scope );
+
+ ber_bvarray_free( erefs );
+ }
+
+ } else {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, op->oq_search.rs_scope );
+ }
+
+ ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
+
+ rs->sr_matched = matched_dn.bv_val;
+ send_ldap_result( op, rs );
+
+ ber_bvarray_free( rs->sr_ref );
+ ber_memfree( matched_dn.bv_val );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
+ return LDAP_REFERRAL;
}
- /*
- * check and apply aliasing where the dereferencing applies to
- * the subordinates of the base
- */
-
- switch ( deref ) {
- case LDAP_DEREF_FINDING:
- case LDAP_DEREF_ALWAYS:
- realBase = derefDN ( be, conn, op, base );
- break;
- default:
- realBase = ch_strdup(base);
+ if (!manageDSAit && is_entry_referral( e ) ) {
+ /* entry is a referral, don't allow add */
+ struct berval matched_dn;
+ BerVarray erefs;
+
+ ber_dupbv( &matched_dn, &e->e_name );
+ erefs = get_entry_referrals( op, e );
+ rs->sr_ref = NULL;
+
+ cache_return_entry_r( &li->li_cache, e );
+ ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
+
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_search: entry (%s) is a referral.\n",
+ e->e_dn, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "ldbm_search: entry is referral\n",
+ 0, 0, 0 );
+#endif
+
+ if( erefs ) {
+ rs->sr_ref = referral_rewrite( erefs, &matched_dn,
+ &op->o_req_dn, op->oq_search.rs_scope );
+
+ ber_bvarray_free( erefs );
+ }
+
+ rs->sr_matched = matched_dn.bv_val;
+ if( rs->sr_ref ) {
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+ ber_bvarray_free( rs->sr_ref );
+
+ } else {
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "bad referral object" );
+ }
+
+ ber_memfree( matched_dn.bv_val );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
+ return LDAP_OTHER;
}
- (void) dn_normalize_case( realBase );
+ if ( is_entry_alias( e ) ) {
+ /* don't deref */
+ op->oq_search.rs_deref = LDAP_DEREF_NEVER;
+ }
- Debug( LDAP_DEBUG_TRACE, "using base \"%s\"\n",
- realBase, 0, 0 );
+ if ( op->oq_search.rs_scope == LDAP_SCOPE_BASE ) {
+ cscope = LDAP_SCOPE_BASE;
+ candidates = base_candidate( op->o_bd, e );
- switch ( scope ) {
- case LDAP_SCOPE_BASE:
- candidates = base_candidates( be, conn, op, realBase, filter,
- attrs, attrsonly, &matched, &err );
- break;
+ } else {
+ cscope = ( op->oq_search.rs_scope != LDAP_SCOPE_SUBTREE )
+ ? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE;
+ candidates = search_candidates( op, e, op->oq_search.rs_filter,
+ op->oq_search.rs_scope, op->oq_search.rs_deref, manageDSAit );
+ }
- case LDAP_SCOPE_ONELEVEL:
- candidates = onelevel_candidates( be, conn, op, realBase, filter,
- attrs, attrsonly, &matched, &err );
- break;
+ /* need normalized dn below */
+ ber_dupbv( &realbase, &e->e_nname );
+
+ cache_return_entry_r( &li->li_cache, e );
- case LDAP_SCOPE_SUBTREE:
- candidates = subtree_candidates( be, conn, op, realBase, filter,
- attrs, attrsonly, &matched, NULL, &err, 1 );
- break;
+searchit:
+ if ( candidates == NULL ) {
+ /* no candidates */
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_search: no candidates\n" , 0, 0, 0);
+#else
+ Debug( LDAP_DEBUG_TRACE, "ldbm_search: no candidates\n",
+ 0, 0, 0 );
+#endif
+
+ rs->sr_err = LDAP_SUCCESS;
+ send_ldap_result( op, rs );
+
+ rc = LDAP_SUCCESS;
+ goto done;
+ }
+
+ /* if not root, get appropriate limits */
+ if ( be_isroot( op->o_bd, &op->o_ndn ) )
+ {
+ /*
+ * FIXME: I'd consider this dangerous if someone
+ * uses isroot for anything but handling limits
+ */
+ isroot = 1;
+ } else {
+ ( void ) get_limits( op->o_bd, &op->o_ndn, &limit );
+ }
- default:
- send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR, "",
- "Bad scope" );
- if( realBase != NULL) {
- free( realBase );
+ /* if candidates exceed to-be-checked entries, abort */
+ if ( !isroot && limit->lms_s_unchecked != -1 ) {
+ if ( ID_BLOCK_NIDS( candidates ) > (unsigned) limit->lms_s_unchecked ) {
+ send_ldap_error( op, rs, LDAP_ADMINLIMIT_EXCEEDED,
+ NULL );
+ rc = LDAP_SUCCESS;
+ goto done;
}
- return( -1 );
}
+
+ /* if root an no specific limit is required, allow unlimited search */
+ if ( isroot ) {
+ if ( op->oq_search.rs_tlimit == 0 ) {
+ op->oq_search.rs_tlimit = -1;
+ }
- /* null candidates means we could not find the base object */
- if ( candidates == NULL ) {
- send_ldap_result( conn, op, err, matched, "" );
- if ( matched != NULL ) {
- free( matched );
+ if ( op->oq_search.rs_slimit == 0 ) {
+ op->oq_search.rs_slimit = -1;
}
- if( realBase != NULL) {
- free( realBase );
+
+ } else {
+ /* if no limit is required, use soft limit */
+ if ( op->oq_search.rs_tlimit <= 0 ) {
+ op->oq_search.rs_tlimit = limit->lms_t_soft;
+
+ /* if requested limit higher than hard limit, abort */
+ } else if ( op->oq_search.rs_tlimit > limit->lms_t_hard ) {
+ /* no hard limit means use soft instead */
+ if ( limit->lms_t_hard == 0
+ && limit->lms_t_soft > -1
+ && op->oq_search.rs_tlimit > limit->lms_t_soft ) {
+ op->oq_search.rs_tlimit = limit->lms_t_soft;
+
+ /* positive hard limit means abort */
+ } else if ( limit->lms_t_hard > 0 ) {
+ send_ldap_error( op, rs,
+ LDAP_ADMINLIMIT_EXCEEDED,
+ NULL );
+ rc = LDAP_SUCCESS;
+ goto done;
+ }
+
+ /* negative hard limit means no limit */
}
- return( -1 );
- }
- if ( matched != NULL ) {
- free( matched );
+ /* if no limit is required, use soft limit */
+ if ( op->oq_search.rs_slimit <= 0 ) {
+ op->oq_search.rs_slimit = limit->lms_s_soft;
+
+ /* if requested limit higher than hard limit, abort */
+ } else if ( op->oq_search.rs_slimit > limit->lms_s_hard ) {
+ /* no hard limit means use soft instead */
+ if ( limit->lms_s_hard == 0
+ && limit->lms_s_soft > -1
+ && op->oq_search.rs_slimit > limit->lms_s_soft ) {
+ op->oq_search.rs_slimit = limit->lms_s_soft;
+
+ /* positive hard limit means abort */
+ } else if ( limit->lms_s_hard > 0 ) {
+ send_ldap_error( op, rs,
+ LDAP_ADMINLIMIT_EXCEEDED,
+ NULL );
+ rc = LDAP_SUCCESS;
+ goto done;
+ }
+
+ /* negative hard limit means no limit */
+ }
}
- rmaxsize = 0;
- nrefs = 0;
- rbuf = rcur = NULL;
- MAKE_SPACE( sizeof("Referral:") + 1 );
- strcpy( rbuf, "Referral:" );
- rcur = strchr( rbuf, '\0' );
- for ( id = idl_firstid( candidates ); id != NOID;
- id = idl_nextid( candidates, id ) ) {
+ /* compute it anyway; root does not use it */
+ stoptime = op->o_time + op->oq_search.rs_tlimit;
+ rs->sr_attrs = op->oq_search.rs_attrs;
+
+ for ( id = idl_firstid( candidates, &cursor ); id != NOID;
+ id = idl_nextid( candidates, &cursor ) )
+ {
+ int scopeok = 0;
+ int result = 0;
+
/* check for abandon */
- ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
if ( op->o_abandon ) {
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- idl_free( candidates );
- free( rbuf );
- if( realBase != NULL) {
- free( realBase );
- }
- return( 0 );
+ rc = LDAP_SUCCESS;
+ goto done;
}
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
/* check time limit */
- ldap_pvt_thread_mutex_lock( ¤ttime_mutex );
- time( ¤ttime );
- if ( tlimit != -1 && currenttime > stoptime ) {
- ldap_pvt_thread_mutex_unlock( ¤ttime_mutex );
- send_ldap_search_result( conn, op,
- LDAP_TIMELIMIT_EXCEEDED, NULL, nrefs > 0 ? rbuf :
- NULL, nentries );
- idl_free( candidates );
- free( rbuf );
- if( realBase != NULL) {
- free( realBase );
- }
- return( 0 );
+ if ( op->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
+ rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
+ send_ldap_result( op, rs );
+ rc = LDAP_SUCCESS;
+ goto done;
}
- ldap_pvt_thread_mutex_unlock( ¤ttime_mutex );
/* get the entry with reader lock */
- if ( (e = id2entry_r( be, id )) == NULL ) {
- Debug( LDAP_DEBUG_ARGS, "candidate %ld not found\n",
- id, 0, 0 );
- continue;
+ e = id2entry_r( op->o_bd, id );
+
+ if ( e == NULL ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_search: candidate %ld not found.\n", id, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "ldbm_search: candidate %ld not found\n",
+ id, 0, 0 );
+#endif
+
+ goto loop_continue;
+ }
+
+ rs->sr_entry = e;
+
+#ifdef LDBM_SUBENTRIES
+ if ( is_entry_subentry( e ) ) {
+ if( op->oq_search.rs_scope != LDAP_SCOPE_BASE ) {
+ if(!get_subentries_visibility( op )) {
+ /* only subentries are visible */
+ goto loop_continue;
+ }
+ } else if ( get_subentries( op ) &&
+ !get_subentries_visibility( op ))
+ {
+ /* only subentries are visible */
+ goto loop_continue;
+ }
+ } else if ( get_subentries_visibility( op )) {
+ /* only subentries are visible */
+ goto loop_continue;
+ }
+#endif
+
+ if ( op->oq_search.rs_deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) {
+ Entry *matched;
+ int err;
+ const char *text;
+
+ e = deref_entry_r( op->o_bd, e, &err, &matched, &text );
+
+ if( e == NULL ) {
+ e = matched;
+ goto loop_continue;
+ }
+
+ if( e->e_id == id ) {
+ /* circular loop */
+ goto loop_continue;
+ }
+
+ /* need to skip alias which deref into scope */
+ if( op->oq_search.rs_scope & LDAP_SCOPE_ONELEVEL ) {
+ struct berval pdn;
+ dnParent( &e->e_nname, &pdn );
+ if ( ber_bvcmp( &pdn, &realbase ) ) {
+ goto loop_continue;
+ }
+
+ } else if ( dnIsSuffix( &e->e_nname, &realbase ) ) {
+ /* alias is within scope */
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL1,
+ "ldbm_search: alias \"%s\" in subtree\n", e->e_dn, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "ldbm_search: alias \"%s\" in subtree\n",
+ e->e_dn, 0, 0 );
+#endif
+
+ goto loop_continue;
+ }
+
+ rs->sr_entry = e;
+
+ scopeok = 1;
}
/*
* if it's a referral, add it to the list of referrals. only do
- * this for subtree searches, and don't check the filter explicitly
- * here since it's only a candidate anyway.
+ * this for non-base searches, and don't check the filter
+ * explicitly here since it's only a candidate anyway.
*/
- if ( scope == LDAP_SCOPE_SUBTREE &&
- e->e_ndn != NULL &&
- strncmp( e->e_ndn, "REF=", 4 ) == 0 &&
- (ref = attr_find( e->e_attrs, "ref" )) != NULL )
+ if ( !manageDSAit && op->oq_search.rs_scope != LDAP_SCOPE_BASE &&
+ is_entry_referral( e ) )
{
- int i;
+ struct berval dn;
+
+ /* check scope */
+ if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+ if ( !be_issuffix( op->o_bd, &e->e_nname ) ) {
+ dnParent( &e->e_nname, &dn );
+ scopeok = dn_match( &dn, &realbase );
+ } else {
+ scopeok = (realbase.bv_len == 0);
+ }
+
+ } else if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) {
+ scopeok = dnIsSuffix( &e->e_nname, &realbase );
- if ( ref->a_vals == NULL ) {
- Debug( LDAP_DEBUG_ANY, "null ref in (%s)\n",
- e->e_dn, 0, 0 );
} else {
- for ( i = 0; ref->a_vals[i] != NULL; i++ ) {
- /* referral + newline + null */
- MAKE_SPACE( ref->a_vals[i]->bv_len + 2 );
- *rcur++ = '\n';
- strncpy( rcur, ref->a_vals[i]->bv_val,
- ref->a_vals[i]->bv_len );
- rcur = rcur + ref->a_vals[i]->bv_len;
- *rcur = '\0';
- nrefs++;
- }
+ scopeok = 1;
}
- /* otherwise it's an entry - see if it matches the filter */
- } else {
- /* if it matches the filter and scope, send it */
- if ( test_filter( be, conn, op, e, filter ) == 0 ) {
- int scopeok;
- char *dn;
+ if( scopeok ) {
+ BerVarray erefs = get_entry_referrals( op, e );
+ rs->sr_ref = referral_rewrite( erefs,
+ &e->e_name, NULL,
+ op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE
+ ? LDAP_SCOPE_SUBTREE
+ : LDAP_SCOPE_BASE );
+
+ send_search_reference( op, rs );
+
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+
+ } else {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL2,
+ "ldbm_search: candidate referral %ld scope not okay\n",
+ id, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "ldbm_search: candidate referral %ld scope not okay\n",
+ id, 0, 0 );
+#endif
+ }
+
+ goto loop_continue;
+ }
+
+ if ( !manageDSAit && is_entry_glue( e )) {
+ goto loop_continue;
+ }
+
+ /* if it matches the filter and scope, send it */
+ result = test_filter( op, e, op->oq_search.rs_filter );
+
+ if ( result == LDAP_COMPARE_TRUE ) {
+ struct berval dn;
+
+ /* check scope */
+ if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+ if ( !be_issuffix( op->o_bd, &e->e_nname ) ) {
+ dnParent( &e->e_nname, &dn );
+ scopeok = dn_match( &dn, &realbase );
+ } else {
+ scopeok = (realbase.bv_len == 0);
+ }
- /* check scope */
+ } else if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) {
+ scopeok = dnIsSuffix( &e->e_nname, &realbase );
+
+ } else {
scopeok = 1;
- if ( scope == LDAP_SCOPE_ONELEVEL ) {
- if ( (dn = dn_parent( be, e->e_dn )) != NULL ) {
- (void) dn_normalize_case( dn );
- scopeok = (dn == realBase)
- ? 1
- : (strcmp( dn, realBase ) ? 0 : 1 );
- free( dn );
- } else {
- scopeok = (realBase == NULL || *realBase == '\0');
- }
- } else if ( scope == LDAP_SCOPE_SUBTREE ) {
- dn = ch_strdup( e->e_ndn );
- scopeok = dn_issuffix( dn, realBase );
- free( dn );
+ }
+
+ if ( scopeok ) {
+ /* check size limit */
+ if ( --op->oq_search.rs_slimit == -1 ) {
+ cache_return_entry_r( &li->li_cache, e );
+ rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
+ send_ldap_result( op, rs );
+ rc = LDAP_SUCCESS;
+ goto done;
}
- if ( scopeok ) {
- /* check size limit */
- if ( --slimit == -1 ) {
- cache_return_entry_r( &li->li_cache, e );
- send_ldap_search_result( conn, op,
- LDAP_SIZELIMIT_EXCEEDED, NULL,
- nrefs > 0 ? rbuf : NULL, nentries );
- idl_free( candidates );
- free( rbuf );
-
- if( realBase != NULL) {
- free( realBase );
- }
- return( 0 );
- }
+ if (e) {
+
+ result = send_search_entry( op, rs );
- /*
- * check and apply aliasing where the dereferencing applies to
- * the subordinates of the base
- */
- switch ( deref ) {
- case LDAP_DEREF_SEARCHING:
- case LDAP_DEREF_ALWAYS:
- {
- Entry *newe = derefAlias_r( be, conn, op, e );
- if ( newe == NULL ) { /* problem with the alias */
- cache_return_entry_r( &li->li_cache, e );
- e = NULL;
- }
- else if ( newe != e ) { /* reassign e */
- cache_return_entry_r( &li->li_cache, e );
- e = newe;
- }
- }
+ switch (result) {
+ case 0: /* entry sent ok */
break;
- }
- if (e) {
- switch ( send_search_entry( be, conn, op, e,
- attrs, attrsonly ) ) {
- case 0: /* entry sent ok */
- nentries++;
- break;
- case 1: /* entry not sent */
- break;
- case -1: /* connection closed */
- cache_return_entry_r( &li->li_cache, e );
- idl_free( candidates );
- free( rbuf );
-
- if( realBase != NULL) {
- free( realBase );
- }
- return( 0 );
- }
+ case 1: /* entry not sent */
+ break;
+ case -1: /* connection closed */
+ cache_return_entry_r( &li->li_cache, e );
+ rc = LDAP_SUCCESS;
+ goto done;
}
}
+ } else {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL2,
+ "ldbm_search: candidate entry %ld scope not okay\n",
+ id, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "ldbm_search: candidate entry %ld scope not okay\n",
+ id, 0, 0 );
+#endif
}
+
+ } else {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL2,
+ "ldbm_search: candidate entry %ld does not match filter\n",
+ id, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "ldbm_search: candidate entry %ld does not match filter\n",
+ id, 0, 0 );
+#endif
}
+loop_continue:
if( e != NULL ) {
/* free reader lock */
cache_return_entry_r( &li->li_cache, e );
@@ -295,210 +534,122 @@ ldbm_back_search(
ldap_pvt_thread_yield();
}
- idl_free( candidates );
- if ( nrefs > 0 ) {
- send_ldap_search_result( conn, op, LDAP_PARTIAL_RESULTS, NULL,
- rbuf, nentries );
- } else {
- send_ldap_search_result( conn, op, LDAP_SUCCESS, NULL, NULL,
- nentries );
- }
- free( rbuf );
- if( realBase != NULL) {
- free( realBase );
- }
+ rs->sr_err = rs->sr_v2ref ? LDAP_REFERRAL : LDAP_SUCCESS;
+ rs->sr_ref = rs->sr_v2ref;
+ send_ldap_result( op, rs );
+
+ rc = LDAP_SUCCESS;
+
+done:
+ ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
- return( 0 );
+ if( candidates != NULL )
+ idl_free( candidates );
+
+ if( rs->sr_v2ref ) ber_bvarray_free( rs->sr_v2ref );
+ if( realbase.bv_val ) free( realbase.bv_val );
+
+ return rc;
}
static ID_BLOCK *
-base_candidates(
+base_candidate(
Backend *be,
- Connection *conn,
- Operation *op,
- char *base,
- Filter *filter,
- char **attrs,
- int attrsonly,
- char **matched,
- int *err
-)
+ Entry *e )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
ID_BLOCK *idl;
- Entry *e;
- Debug(LDAP_DEBUG_TRACE, "base_candidates: base: \"%s\"\n", base, 0, 0);
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ENTRY, "base_candidate: base (%s)\n", e->e_dn, 0, 0 );
+#else
+ Debug(LDAP_DEBUG_TRACE, "base_candidates: base: \"%s\"\n",
+ e->e_dn, 0, 0);
+#endif
- *err = LDAP_SUCCESS;
-
- /* get entry with reader lock */
- if ( (e = dn2entry_r( be, base, matched )) == NULL ) {
- *err = LDAP_NO_SUCH_OBJECT;
- return( NULL );
- }
-
- /* check for deleted */
idl = idl_alloc( 1 );
idl_insert( &idl, e->e_id, 1 );
-
- /* free reader lock */
- cache_return_entry_r( &li->li_cache, e );
-
return( idl );
}
static ID_BLOCK *
-onelevel_candidates(
- Backend *be,
- Connection *conn,
+search_candidates(
Operation *op,
- char *base,
+ Entry *e,
Filter *filter,
- char **attrs,
- int attrsonly,
- char **matched,
- int *err
-)
+ int scope,
+ int deref,
+ int manageDSAit )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- Entry *e = NULL;
- Filter *f;
- char buf[20];
ID_BLOCK *candidates;
-
- Debug(LDAP_DEBUG_TRACE, "onelevel_candidates: base: \"%s\"\n", base, 0, 0);
-
- *err = LDAP_SUCCESS;
-
- /* get the base object with reader lock */
- if ( base != NULL && *base != '\0' &&
- (e = dn2entry_r( be, base, matched )) == NULL )
- {
- *err = LDAP_NO_SUCH_OBJECT;
- return( NULL );
+ Filter f, fand, rf, af, xf;
+ AttributeAssertion aa_ref, aa_alias;
+ struct berval bv_ref = { sizeof("referral")-1, "referral" };
+ struct berval bv_alias = { sizeof("alias")-1, "alias" };
+#ifdef LDBM_SUBENTRIES
+ Filter sf;
+ AttributeAssertion aa_subentry;
+#endif
+
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL1,
+ "search_candidates: base (%s) scope %d deref %d\n",
+ e->e_ndn, scope, deref );
+#else
+ Debug(LDAP_DEBUG_TRACE,
+ "search_candidates: base=\"%s\" s=%d d=%d\n",
+ e->e_ndn, scope, deref );
+#endif
+
+
+ xf.f_or = filter;
+ xf.f_choice = LDAP_FILTER_OR;
+ xf.f_next = NULL;
+
+ if( !manageDSAit ) {
+ /* match referrals */
+ rf.f_choice = LDAP_FILTER_EQUALITY;
+ rf.f_ava = &aa_ref;
+ rf.f_av_desc = slap_schema.si_ad_objectClass;
+ rf.f_av_value = bv_ref;
+ rf.f_next = xf.f_or;
+ xf.f_or = &rf;
}
- /*
- * modify the filter to be something like this:
- *
- * parent=baseobject & originalfilter
- */
-
- f = (Filter *) ch_malloc( sizeof(Filter) );
- f->f_next = NULL;
- f->f_choice = LDAP_FILTER_AND;
- f->f_and = (Filter *) ch_malloc( sizeof(Filter) );
- f->f_and->f_choice = LDAP_FILTER_EQUALITY;
- f->f_and->f_ava.ava_type = ch_strdup( "id2children" );
- sprintf( buf, "%ld", e != NULL ? e->e_id : 0 );
- f->f_and->f_ava.ava_value.bv_val = ch_strdup( buf );
- f->f_and->f_ava.ava_value.bv_len = strlen( buf );
- f->f_and->f_next = filter;
-
- /* from here, it's just like subtree_candidates */
- candidates = subtree_candidates( be, conn, op, base, f, attrs,
- attrsonly, matched, e, err, 0 );
-
- /* free up just the filter stuff we allocated above */
- f->f_and->f_next = NULL;
- filter_free( f );
-
- /* free entry and reader lock */
- if( e != NULL ) {
- cache_return_entry_r( &li->li_cache, e );
+ if( deref & LDAP_DEREF_SEARCHING ) {
+ /* match aliases */
+ af.f_choice = LDAP_FILTER_EQUALITY;
+ af.f_ava = &aa_alias;
+ af.f_av_desc = slap_schema.si_ad_objectClass;
+ af.f_av_value = bv_alias;
+ af.f_next = xf.f_or;
+ xf.f_or = ⁡
}
- return( candidates );
-}
-
-static ID_BLOCK *
-subtree_candidates(
- Backend *be,
- Connection *conn,
- Operation *op,
- char *base,
- Filter *filter,
- char **attrs,
- int attrsonly,
- char **matched,
- Entry *e,
- int *err,
- int lookupbase
-)
-{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- Filter *f, **filterarg_ptr;
- ID_BLOCK *candidates;
-
- Debug(LDAP_DEBUG_TRACE, "subtree_candidates: base: \"%s\" %s\n",
- base ? base : "NULL", lookupbase ? "lookupbase" : "", 0);
-
- /*
- * get the base object - unless we already have it (from one-level).
- * also, unless this is a one-level search or a subtree search
- * starting at the very top of our subtree, we need to modify the
- * filter to be something like this:
- *
- * dn=*baseobjectdn & (originalfilter | ref=*)
- *
- * the "objectclass=referral" part is used to select referrals to return
- */
-
- *err = LDAP_SUCCESS;
- f = NULL;
- if ( lookupbase ) {
- e = NULL;
-
- if ( base != NULL && *base != '\0' &&
- (e = dn2entry_r( be, base, matched )) == NULL )
- {
- *err = LDAP_NO_SUCH_OBJECT;
- return( NULL );
- }
- if (e) {
- cache_return_entry_r( &li->li_cache, e );
- }
-
- f = (Filter *) ch_malloc( sizeof(Filter) );
- f->f_next = NULL;
- f->f_choice = LDAP_FILTER_OR;
- f->f_or = (Filter *) ch_malloc( sizeof(Filter) );
- f->f_or->f_choice = LDAP_FILTER_EQUALITY;
- f->f_or->f_avtype = ch_strdup( "objectclass" );
- /* Patch to use normalized uppercase */
- f->f_or->f_avvalue.bv_val = ch_strdup( "REFERRAL" );
- f->f_or->f_avvalue.bv_len = strlen( "REFERRAL" );
- filterarg_ptr = &f->f_or->f_next;
- *filterarg_ptr = filter;
- filter = f;
-
- if ( ! be_issuffix( be, base ) ) {
- f = (Filter *) ch_malloc( sizeof(Filter) );
- f->f_next = NULL;
- f->f_choice = LDAP_FILTER_AND;
- f->f_and = (Filter *) ch_malloc( sizeof(Filter) );
- f->f_and->f_choice = LDAP_FILTER_SUBSTRINGS;
- f->f_and->f_sub_type = ch_strdup( "dn" );
- f->f_and->f_sub_initial = NULL;
- f->f_and->f_sub_any = NULL;
- f->f_and->f_sub_final = ch_strdup( base );
- value_normalize( f->f_and->f_sub_final, SYNTAX_CIS );
- f->f_and->f_next = filter;
- filter = f;
- }
+ f.f_next = NULL;
+ f.f_choice = LDAP_FILTER_AND;
+ f.f_and = &fand;
+ fand.f_choice = scope == LDAP_SCOPE_SUBTREE
+ ? SLAPD_FILTER_DN_SUBTREE
+ : SLAPD_FILTER_DN_ONE;
+ fand.f_dn = &e->e_nname;
+ fand.f_next = xf.f_or == filter ? filter : &xf ;
+
+#ifdef LDBM_SUBENTRIES
+ if ( get_subentries_visibility( op )) {
+ struct berval bv_subentry = { sizeof("SUBENTRY")-1, "SUBENTRY" };
+ sf.f_choice = LDAP_FILTER_EQUALITY;
+ sf.f_ava = &aa_subentry;
+ sf.f_av_desc = slap_schema.si_ad_objectClass;
+ sf.f_av_value = bv_subentry;
+ sf.f_next = fand.f_next;
+ fand.f_next = &sf;
}
+#endif
- candidates = filter_candidates( be, filter );
-
- /* free up just the parts we allocated above */
- if ( f != NULL ) {
- *filterarg_ptr = NULL;
- filter_free( f );
- }
+ candidates = filter_candidates( op, &f );
return( candidates );
}