X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fresult.c;h=ccc1de308336c816201a3ada61da4c65b11bc830;hb=925714ceeff035c596ad3d3c899ff631986c6757;hp=a710e1910f98812e128d928e40764821b69da1a9;hpb=7e6ad5100c2702b1d56a285bdfb341ddf38c0d76;p=openldap diff --git a/servers/slapd/result.c b/servers/slapd/result.c index a710e1910f..ccc1de3083 100644 --- a/servers/slapd/result.c +++ b/servers/slapd/result.c @@ -1,178 +1,648 @@ /* result.c - routines to send ldap results, errors, and referrals */ +/* $OpenLDAP$ */ +/* + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ #include "portable.h" #include -#include -#include #include +#include #include +#include #include -#include /* get close() */ +#include #include "slap.h" - -static void -send_ldap_result2( - Connection *conn, - Operation *op, - int err, - char *matched, - char *text, - int nentries -) +static char *v2ref( BerVarray ref, const char *text ) { - BerElement *ber; - int rc, sd; - unsigned long tag, bytes; + size_t len = 0, i = 0; + char *v2; - if ( err == LDAP_PARTIAL_RESULTS && (text == NULL || *text == '\0') ) - err = LDAP_NO_SUCH_OBJECT; + if(ref == NULL) { + if (text) { + return ch_strdup(text); + } else { + return NULL; + } + } + + if ( text != NULL ) { + len = strlen( text ); + if (text[len-1] != '\n') { + i = 1; + } + } - Debug( LDAP_DEBUG_TRACE, "send_ldap_result %d:%s:%s\n", err, matched ? - matched : "", text ? text : "" ); + v2 = ch_malloc( len+i+sizeof("Referral:") ); + if( text != NULL ) { + strcpy(v2, text); + if( i ) { + v2[len++] = '\n'; + } + } + strcpy( v2+len, "Referral:" ); + len += sizeof("Referral:"); + + for( i=0; ref[i].bv_val != NULL; i++ ) { + v2 = ch_realloc( v2, len + ref[i].bv_len + 1 ); + v2[len-1] = '\n'; + AC_MEMCPY(&v2[len], ref[i].bv_val, ref[i].bv_len ); + len += ref[i].bv_len; + if (ref[i].bv_val[ref[i].bv_len-1] != '/') { + ++len; + } + } - switch ( op->o_tag ) { - case LBER_DEFAULT: - tag = LBER_SEQUENCE; - break; + v2[len-1] = '\0'; + return v2; +} - case LDAP_REQ_SEARCH: - tag = LDAP_RES_SEARCH_RESULT; +static ber_tag_t req2res( ber_tag_t tag ) +{ + switch( tag ) { + case LDAP_REQ_ADD: + case LDAP_REQ_BIND: + case LDAP_REQ_COMPARE: + case LDAP_REQ_EXTENDED: + case LDAP_REQ_MODIFY: + case LDAP_REQ_MODRDN: + tag++; break; case LDAP_REQ_DELETE: tag = LDAP_RES_DELETE; break; - default: - tag = op->o_tag + 1; + case LDAP_REQ_ABANDON: + case LDAP_REQ_UNBIND: + tag = LBER_SEQUENCE; + break; + + case LDAP_REQ_SEARCH: + tag = LDAP_RES_SEARCH_RESULT; break; + + default: + tag = LBER_SEQUENCE; } -#ifdef LDAP_COMPAT30 - if ( (ber = ber_alloc_t( conn->c_version == 30 ? 0 : LBER_USE_DER )) - == NULLBER ) { + return tag; +} + +static long send_ldap_ber( + Connection *conn, + BerElement *ber ) +{ + ber_len_t bytes; + + ber_get_option( ber, LBER_OPT_BER_BYTES_TO_WRITE, &bytes ); + + /* write only one pdu at a time - wait til it's our turn */ + ldap_pvt_thread_mutex_lock( &conn->c_write_mutex ); + + /* lock the connection */ + ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + + /* write the pdu */ + while( 1 ) { + int err; + ber_socket_t sd; + + if ( connection_state_closing( conn ) ) { + ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex ); + + return 0; + } + + if ( ber_flush( conn->c_sb, ber, 0 ) == 0 ) { + break; + } + + err = errno; + + /* + * we got an error. if it's ewouldblock, we need to + * wait on the socket being writable. otherwise, figure + * it's a hard error and return. + */ + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_ldap_ber: conn %lu ber_flush failed err=%d (%s)\n", + conn ? conn->c_connid : 0, err, sock_errstr(err) ); #else - if ( (ber = der_alloc()) == NULLBER ) { + Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno=%d reason=\"%s\"\n", + err, sock_errstr(err), 0 ); #endif - Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 ); + + if ( err != EWOULDBLOCK && err != EAGAIN ) { + connection_closing( conn ); + + ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex ); + + return( -1 ); + } + + /* wait for socket to be write-ready */ + conn->c_writewaiter = 1; + ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_GET_FD, &sd ); + slapd_set_write( sd, 1 ); + + ldap_pvt_thread_cond_wait( &conn->c_write_cv, &conn->c_mutex ); + conn->c_writewaiter = 0; + } + + ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex ); + + return bytes; +} + +static int +send_ldap_controls( BerElement *ber, LDAPControl **c ) +{ + int rc; + if( c == NULL ) return 0; + + rc = ber_printf( ber, "t{"/*}*/, LDAP_TAG_CONTROLS ); + if( rc == -1 ) return rc; + + for( ; *c != NULL; c++) { + rc = ber_printf( ber, "{s" /*}*/, (*c)->ldctl_oid ); + + if( (*c)->ldctl_iscritical ) { + rc = ber_printf( ber, "b", + (ber_int_t) (*c)->ldctl_iscritical ) ; + if( rc == -1 ) return rc; + } + + if( (*c)->ldctl_value.bv_val != NULL ) { + rc = ber_printf( ber, "O", &((*c)->ldctl_value)); + if( rc == -1 ) return rc; + } + + rc = ber_printf( ber, /*{*/"N}" ); + if( rc == -1 ) return rc; + } + + rc = ber_printf( ber, /*{*/"N}" ); + + return rc; +} + +static void +send_ldap_response( + Connection *conn, + Operation *op, + ber_tag_t tag, + ber_int_t msgid, + ber_int_t err, + const char *matched, + const char *text, + BerVarray ref, + const char *resoid, + struct berval *resdata, + struct berval *sasldata, + LDAPControl **ctrls +) +{ + char berbuf[256]; + BerElement *ber = (BerElement *)berbuf; + int rc; + long bytes; + + if (op->o_callback && op->o_callback->sc_response) { + op->o_callback->sc_response( conn, op, tag, msgid, err, matched, + text, ref, resoid, resdata, sasldata, ctrls ); return; } + + assert( ctrls == NULL ); /* ctrls not implemented */ + + ber_init_w_nullc( ber, LBER_USE_DER ); + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_ldap_response: msgid=%d tag=%lu err=%d\n", + msgid, tag, err ); +#else + Debug( LDAP_DEBUG_TRACE, + "send_ldap_response: msgid=%d tag=%lu err=%d\n", + msgid, tag, err ); +#endif + + if( ref ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ARGS, + "send_ldap_response: conn %lu ref=\"%s\"\n", + conn ? conn->c_connid : 0, + ref[0].bv_val ? ref[0].bv_val : "NULL" , 0 ); +#else + Debug( LDAP_DEBUG_ARGS, "send_ldap_response: ref=\"%s\"\n", + ref[0].bv_val ? ref[0].bv_val : "NULL", + NULL, NULL ); +#endif + } #ifdef LDAP_CONNECTIONLESS - if ( op->o_cldap ) { - rc = ber_printf( ber, "{is{t{ess}}}", op->o_msgid, "", tag, - err, matched ? matched : "", text ? text : "" ); - } else + if (conn->c_is_udp) { + rc = ber_write(ber, (char *)&op->o_peeraddr, sizeof(struct sockaddr), 0); + if (rc != sizeof(struct sockaddr)) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_ldap_response: conn %lu ber_write failed\n", + conn ? conn->c_connid : 0 , 0, 0); +#else + Debug( LDAP_DEBUG_ANY, "ber_write failed\n", 0, 0, 0 ); #endif -#ifdef LDAP_COMPAT30 - if ( conn->c_version == 30 ) { - rc = ber_printf( ber, "{it{{ess}}}", op->o_msgid, tag, err, - matched ? matched : "", text ? text : "" ); + ber_free_buf( ber ); + return; + } + } + if (conn->c_is_udp && op->o_protocol == LDAP_VERSION2) { + rc = ber_printf( ber, "{is{t{ess" /*"}}}"*/, + msgid, "", tag, err, + matched == NULL ? "" : matched, + text == NULL ? "" : text ); } else #endif - rc = ber_printf( ber, "{it{ess}}", op->o_msgid, tag, err, - matched ? matched : "", text ? text : "" ); + { + rc = ber_printf( ber, "{it{ess" /*"}}"*/, + msgid, tag, err, + matched == NULL ? "" : matched, + text == NULL ? "" : text ); + } + + if( rc != -1 ) { + if ( ref != NULL ) { + assert( err == LDAP_REFERRAL ); + rc = ber_printf( ber, "t{W}", + LDAP_TAG_REFERRAL, ref ); + } else { + assert( err != LDAP_REFERRAL ); + } + } + + if( rc != -1 && sasldata != NULL ) { + rc = ber_printf( ber, "tO", + LDAP_TAG_SASL_RES_CREDS, sasldata ); + } + + if( rc != -1 && resoid != NULL ) { + rc = ber_printf( ber, "ts", + LDAP_TAG_EXOP_RES_OID, resoid ); + } + + if( rc != -1 && resdata != NULL ) { + rc = ber_printf( ber, "tO", + LDAP_TAG_EXOP_RES_VALUE, resdata ); + } + + if( rc != -1 ) { + rc = ber_printf( ber, /*"{"*/ "N}" ); + } + + if( rc != -1 && ctrls != NULL ) { + rc = send_ldap_controls( ber, ctrls ); + } + + if( rc != -1 ) { + rc = ber_printf( ber, /*"{"*/ "N}" ); + } + +#ifdef LDAP_CONNECTIONLESS + if( conn->c_is_udp && op->o_protocol == LDAP_VERSION2 && rc != -1 ) { + rc = ber_printf( ber, /*"{"*/ "N}" ); + } +#endif if ( rc == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_ldap_response: conn %lu ber_printf failed\n", + conn ? conn->c_connid : 0, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); +#endif + + ber_free_buf( ber ); return; } - /* write only one pdu at a time - wait til it's our turn */ - pthread_mutex_lock( &conn->c_pdumutex ); + /* send BER */ + bytes = send_ldap_ber( conn, ber ); + ber_free_buf( ber ); - /* write the pdu */ - bytes = ber->ber_ptr - ber->ber_buf; - pthread_mutex_lock( &new_conn_mutex ); - while ( conn->c_connid == op->o_connid && ber_flush( &conn->c_sb, ber, - 1 ) != 0 ) { - pthread_mutex_unlock( &new_conn_mutex ); - /* - * we got an error. if it's ewouldblock, we need to - * wait on the socket being writable. otherwise, figure - * it's a hard error and return. - */ + if ( bytes < 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_ldap_response: conn %lu ber write failed\n", + conn ? conn->c_connid : 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "send_ldap_response: ber write failed\n", + 0, 0, 0 ); +#endif - Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno %d msg (%s)\n", - errno, errno > -1 && errno < sys_nerr ? sys_errlist[errno] - : "unknown", 0 ); + return; + } - if ( errno != EWOULDBLOCK && errno != EAGAIN ) { - close_connection( conn, op->o_connid, op->o_opid ); + ldap_pvt_thread_mutex_lock( &num_sent_mutex ); + num_bytes_sent += bytes; + num_pdu_sent++; + ldap_pvt_thread_mutex_unlock( &num_sent_mutex ); + return; +} - pthread_mutex_unlock( &conn->c_pdumutex ); - return; - } - /* wait for socket to be write-ready */ - pthread_mutex_lock( &active_threads_mutex ); - active_threads--; - conn->c_writewaiter = 1; +void +send_ldap_disconnect( + Connection *conn, + Operation *op, + ber_int_t err, + const char *text +) +{ + ber_tag_t tag; + ber_int_t msgid; + char *reqoid; + +#define LDAP_UNSOLICITED_ERROR(e) \ + ( (e) == LDAP_PROTOCOL_ERROR \ + || (e) == LDAP_STRONG_AUTH_REQUIRED \ + || (e) == LDAP_UNAVAILABLE ) + + assert( LDAP_UNSOLICITED_ERROR( err ) ); + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_ldap_disconnect: conn %lu %d:%s\n", + conn ? conn->c_connid : 0, err, text ? text : "" ); +#else + Debug( LDAP_DEBUG_TRACE, + "send_ldap_disconnect %d:%s\n", + err, text ? text : "", NULL ); +#endif -#ifdef HAVE_LINUX_THREADS - pthread_kill( listener_tid, SIGSTKFLT ); -#else /* !linux */ - pthread_kill( listener_tid, SIGUSR1 ); -#endif /* !linux */ - pthread_cond_wait( &conn->c_wcv, &active_threads_mutex ); - pthread_mutex_unlock( &active_threads_mutex ); + if ( op->o_protocol < LDAP_VERSION3 ) { + reqoid = NULL; + tag = req2res( op->o_tag ); + msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; - pthread_yield(); - pthread_mutex_lock( &new_conn_mutex ); + } else { + reqoid = LDAP_NOTICE_DISCONNECT; + tag = LDAP_RES_EXTENDED; + msgid = 0; } - pthread_mutex_unlock( &new_conn_mutex ); - pthread_mutex_unlock( &conn->c_pdumutex ); - pthread_mutex_lock( &num_sent_mutex ); - num_bytes_sent += bytes; - pthread_mutex_unlock( &num_sent_mutex ); + send_ldap_response( conn, op, tag, msgid, + err, NULL, text, NULL, + reqoid, NULL, NULL, NULL ); Statslog( LDAP_DEBUG_STATS, - "conn=%d op=%d RESULT err=%d tag=%d nentries=%d\n", conn->c_connid, - op->o_opid, err, tag, nentries ); - - return; + "conn=%lu op=%lu DISCONNECT tag=%lu err=%d text=%s\n", + op->o_connid, op->o_opid, tag, err, text ? text : "" ); } void send_ldap_result( Connection *conn, Operation *op, - int err, - char *matched, - char *text + ber_int_t err, + const char *matched, + const char *text, + BerVarray ref, + LDAPControl **ctrls ) { -#ifdef LDAP_CONNECTIONLESS - if ( op->o_cldap ) { - SAFEMEMCPY( (char *)conn->c_sb.sb_useaddr, &op->o_clientaddr, - sizeof( struct sockaddr )); - Debug( LDAP_DEBUG_TRACE, "UDP response to %s port %d\n", - inet_ntoa(((struct sockaddr_in *) - conn->c_sb.sb_useaddr)->sin_addr ), - ((struct sockaddr_in *) conn->c_sb.sb_useaddr)->sin_port, - 0 ); + ber_tag_t tag; + ber_int_t msgid; + char *tmp = NULL; + + assert( !LDAP_API_ERROR( err ) ); + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_ldap_result : conn %lu op=%lu p=%d\n", + op->o_connid, op->o_opid, op->o_protocol ); +#else + Debug( LDAP_DEBUG_TRACE, + "send_ldap_result: conn=%lu op=%lu p=%d\n", + op->o_connid, op->o_opid, op->o_protocol ); +#endif + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ARGS, + "send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n", + err, matched ? matched : "", text ? text : "" ); +#else + Debug( LDAP_DEBUG_ARGS, + "send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n", + err, matched ? matched : "", text ? text : "" ); +#endif + + + if( ref ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ARGS, + "send_ldap_result: referral=\"%s\"\n", + ref[0].bv_val ? ref[0].bv_val : "NULL", 0, 0 ); +#else + Debug( LDAP_DEBUG_ARGS, + "send_ldap_result: referral=\"%s\"\n", + ref[0].bv_val ? ref[0].bv_val : "NULL", + NULL, NULL ); +#endif } + + assert( err != LDAP_PARTIAL_RESULTS ); + + if ( err == LDAP_REFERRAL ) { + if( ref == NULL ) { + err = LDAP_NO_SUCH_OBJECT; + } else if ( op->o_protocol < LDAP_VERSION3 ) { + err = LDAP_PARTIAL_RESULTS; + } + } + + if ( op->o_protocol < LDAP_VERSION3 ) { + tmp = v2ref( ref, text ); + text = tmp; + ref = NULL; + } + + tag = req2res( op->o_tag ); + msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; + + send_ldap_response( conn, op, tag, msgid, + err, matched, text, ref, + NULL, NULL, NULL, ctrls ); + + Statslog( LDAP_DEBUG_STATS, + "conn=%lu op=%lu RESULT tag=%lu err=%d text=%s\n", + op->o_connid, op->o_opid, tag, err, text ? text : "" ); + + if( tmp != NULL ) { + ch_free(tmp); + } +} + +void +send_ldap_sasl( + Connection *conn, + Operation *op, + ber_int_t err, + const char *matched, + const char *text, + BerVarray ref, + LDAPControl **ctrls, + struct berval *cred +) +{ + ber_tag_t tag; + ber_int_t msgid; + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_ldap_sasl: conn %lu err=%d len=%lu\n", + op->o_connid, err, cred ? cred->bv_len : -1 ); +#else + Debug( LDAP_DEBUG_TRACE, "send_ldap_sasl: err=%d len=%ld\n", + err, cred ? (long) cred->bv_len : -1, NULL ); #endif - send_ldap_result2( conn, op, err, matched, text, 0 ); + + + tag = req2res( op->o_tag ); + msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; + + send_ldap_response( conn, op, tag, msgid, + err, matched, text, ref, + NULL, NULL, cred, ctrls ); } void -send_ldap_search_result( +send_ldap_extended( Connection *conn, Operation *op, - int err, - char *matched, - char *text, + ber_int_t err, + const char *matched, + const char *text, + BerVarray refs, + const char *rspoid, + struct berval *rspdata, + LDAPControl **ctrls +) +{ + ber_tag_t tag; + ber_int_t msgid; + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_ldap_extended: err=%d oid=%s len=%ld\n", + err, rspoid ? rspoid : "", + rspdata != NULL ? rspdata->bv_len : 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "send_ldap_extended err=%d oid=%s len=%ld\n", + err, + rspoid ? rspoid : "", + rspdata != NULL ? rspdata->bv_len : 0 ); +#endif + + + tag = req2res( op->o_tag ); + msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; + + send_ldap_response( conn, op, tag, msgid, + err, matched, text, refs, + rspoid, rspdata, NULL, ctrls ); +} + + +void +send_search_result( + Connection *conn, + Operation *op, + ber_int_t err, + const char *matched, + const char *text, + BerVarray refs, + LDAPControl **ctrls, int nentries ) { - send_ldap_result2( conn, op, err, matched, text, nentries ); + ber_tag_t tag; + ber_int_t msgid; + char *tmp = NULL; + + assert( !LDAP_API_ERROR( err ) ); + + if (op->o_callback && op->o_callback->sc_sresult) { + op->o_callback->sc_sresult(conn, op, err, matched, text, refs, + ctrls, nentries); + return; + } + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_search_result: err=%d matched=\"%s\" text=\"%s\"\n", + err, matched ? matched : "", text ? text : "" ); +#else + Debug( LDAP_DEBUG_TRACE, + "send_search_result: err=%d matched=\"%s\" text=\"%s\"\n", + err, matched ? matched : "", text ? text : "" ); +#endif + + + assert( err != LDAP_PARTIAL_RESULTS ); + + if( op->o_protocol < LDAP_VERSION3 ) { + /* send references in search results */ + if( err == LDAP_REFERRAL ) { + err = LDAP_PARTIAL_RESULTS; + } + + tmp = v2ref( refs, text ); + text = tmp; + refs = NULL; + + } else { + /* don't send references in search results */ + assert( refs == NULL ); + refs = NULL; + + if( err == LDAP_REFERRAL ) { + err = LDAP_SUCCESS; + } + } + + tag = req2res( op->o_tag ); + msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; + + send_ldap_response( conn, op, tag, msgid, + err, matched, text, refs, + NULL, NULL, NULL, ctrls ); + + { + char nbuf[64]; + snprintf( nbuf, sizeof nbuf, "%d nentries=%d", err, nentries ); + + Statslog( LDAP_DEBUG_STATS, + "conn=%lu op=%lu SEARCH RESULT tag=%lu err=%s text=%s\n", + op->o_connid, op->o_opid, tag, nbuf, text ? text : "" ); + } + + if (tmp != NULL) { + ch_free(tmp); + } } int @@ -181,207 +651,646 @@ send_search_entry( Connection *conn, Operation *op, Entry *e, - char **attrs, - int attrsonly + AttributeName *attrs, + int attrsonly, + LDAPControl **ctrls ) { - BerElement *ber; - Attribute *a; - int i, rc, bytes, sd; - struct acl *acl; - char *edn; + char berbuf[256]; + BerElement *ber = (BerElement *)berbuf; + Attribute *a, *aa; + int i, j, rc=-1, bytes; + char *edn; + int userattrs; + int opattrs; + static AccessControlState acl_state_init = ACL_STATE_INIT; + AccessControlState acl_state; + + AttributeDescription *ad_entry = slap_schema.si_ad_entry; + + /* a_flags: array of flags telling if the i-th element will be + * returned or filtered out + * e_flags: array of a_flags + */ + char **e_flags = NULL; + + if (op->o_callback && op->o_callback->sc_sendentry) { + return op->o_callback->sc_sendentry( be, conn, op, e, attrs, + attrsonly, ctrls ); + } - Debug( LDAP_DEBUG_TRACE, "=> send_search_entry (%s)\n", e->e_dn, 0, 0 ); +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_search_entry: conn %lu dn=\"%s\"%s\n", + op->o_connid, e->e_dn, attrsonly ? " (attrsOnly)" : "" ); +#else + Debug( LDAP_DEBUG_TRACE, + "=> send_search_entry: dn=\"%s\"%s\n", + e->e_dn, attrsonly ? " (attrsOnly)" : "", 0 ); +#endif - if ( ! access_allowed( be, conn, op, e, "entry", NULL, op->o_dn, - ACL_READ ) ) { - Debug( LDAP_DEBUG_ACL, "acl: access to entry not allowed\n", + if ( ! access_allowed( be, conn, op, e, + ad_entry, NULL, ACL_READ, NULL ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( ACL, INFO, + "send_search_entry: conn %lu access to entry (%s) not allowed\n", + op->o_connid, e->e_dn, 0 ); +#else + Debug( LDAP_DEBUG_ACL, + "send_search_entry: access to entry not allowed\n", 0, 0, 0 ); +#endif + return( 1 ); } - edn = dn_normalize_case( strdup( e->e_dn ) ); + edn = e->e_ndn; -#ifdef LDAP_COMPAT30 - if ( (ber = ber_alloc_t( conn->c_version == 30 ? 0 : LBER_USE_DER )) - == NULLBER ) + ber_init_w_nullc( ber, LBER_USE_DER ); + +#ifdef LDAP_CONNECTIONLESS + if (conn->c_is_udp) { + rc = ber_write(ber, (char *)&op->o_peeraddr, sizeof(struct sockaddr), 0); + if (rc != sizeof(struct sockaddr)) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber_printf failed\n", + conn ? conn->c_connid : 0, 0, 0 ); #else - if ( (ber = der_alloc()) == NULLBER ) + Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); #endif - { - Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, - "ber_alloc" ); - goto error_return; + ber_free_buf( ber ); + return( 1 ); + } } - -#ifdef LDAP_COMPAT30 - if ( conn->c_version == 30 ) { - rc = ber_printf( ber, "{it{{s{", op->o_msgid, - LDAP_RES_SEARCH_ENTRY, e->e_dn ); + if (conn->c_is_udp && op->o_protocol == LDAP_VERSION2) { + rc = ber_printf( ber, "{is{t{O{" /*}}}*/, + op->o_msgid, "", LDAP_RES_SEARCH_ENTRY, &e->e_name ); } else -#endif +#endif /* LDAP_CONNECTIONLESS */ { - rc = ber_printf( ber, "{it{s{", op->o_msgid, - LDAP_RES_SEARCH_ENTRY, e->e_dn ); + rc = ber_printf( ber, "{it{O{" /*}}}*/, op->o_msgid, + LDAP_RES_SEARCH_ENTRY, &e->e_name ); } if ( rc == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber_printf failed\n", + op->o_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); - ber_free( ber, 1 ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, - "ber_printf dn" ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encoding DN error", NULL, NULL ); goto error_return; } - for ( a = e->e_attrs; a != NULL; a = a->a_next ) { - regmatch_t matches[MAXREMATCHES]; + /* check for special all user attributes ("*") type */ + userattrs = ( attrs == NULL ) ? 1 + : an_find( attrs, &AllUser ); - if ( attrs != NULL && ! charray_inlist( attrs, a->a_type ) ) { - continue; + /* check for special all operational attributes ("+") type */ + opattrs = ( attrs == NULL ) ? 0 + : an_find( attrs, &AllOper ); + + /* create an array of arrays of flags. Each flag corresponds + * to particular value of attribute and equals 1 if value matches + * to ValuesReturnFilter or 0 if not + */ + if ( op->vrFilter != NULL ) { + int k = 0; + char *a_flags; + + for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) { + for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ) k++; + } + e_flags = ch_calloc ( 1, i * sizeof(char *) + k ); + a_flags = (char *)(e_flags + i); + for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) { + for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ); + e_flags[i] = a_flags; + a_flags += j; } - /* the lastmod attributes are ignored by ACL checking */ - if ( strcasecmp( a->a_type, "modifiersname" ) == 0 || - strcasecmp( a->a_type, "modifytimestamp" ) == 0 || - strcasecmp( a->a_type, "creatorsname" ) == 0 || - strcasecmp( a->a_type, "createtimestamp" ) == 0 ) - { - Debug( LDAP_DEBUG_ACL, "LASTMOD attribute: %s access DEFAULT\n", - a->a_type, 0, 0 ); - acl = NULL; + rc = filter_matched_values(be, conn, op, e->e_attrs, &e_flags) ; + if ( rc == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu matched values filtering failed\n", + conn ? conn->c_connid : 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "matched values filtering failed\n", 0, 0, 0 ); +#endif + ber_free( ber, 1 ); + + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "matched values filtering error", + NULL, NULL ); + goto error_return; + } + } + + for ( a = e->e_attrs, j = 0; a != NULL; a = a->a_next, j++ ) { + AttributeDescription *desc = a->a_desc; + + if ( attrs == NULL ) { + /* all attrs request, skip operational attributes */ + if( is_at_operational( desc->ad_type ) ) { + continue; + } + } else { - acl = acl_get_applicable( be, op, e, a->a_type, edn, - MAXREMATCHES, matches ); + /* specific attrs requested */ + if ( is_at_operational( desc->ad_type ) ) { + if( !opattrs && !ad_inlist( desc, attrs ) ) { + continue; + } + + } else { + if (!userattrs && !ad_inlist( desc, attrs ) ) { + continue; + } + } } - if ( ! acl_access_allowed( acl, be, conn, e, NULL, op, ACL_READ, - edn, matches ) ) + acl_state = acl_state_init; + + if ( ! access_allowed( be, conn, op, e, desc, NULL, + ACL_READ, &acl_state ) ) { +#ifdef NEW_LOGGING + LDAP_LOG( ACL, INFO, + "send_search_entry: conn %lu access to attribute %s not " + "allowed\n", op->o_connid, desc->ad_cname.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_ACL, "acl: " + "access to attribute %s not allowed\n", + desc->ad_cname.bv_val, 0, 0 ); +#endif continue; } - if ( ber_printf( ber, "{s[", a->a_type ) == -1 ) { + if (( rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname )) == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber_printf failed\n", + op->o_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); - ber_free( ber, 1 ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, - NULL, "ber_printf type" ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encoding description error", NULL, NULL ); goto error_return; } if ( ! attrsonly ) { - for ( i = 0; a->a_vals[i] != NULL; i++ ) { - if ( a->a_syntax & SYNTAX_DN && - ! acl_access_allowed( acl, be, conn, e, a->a_vals[i], op, - ACL_READ, edn, matches) ) + for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) { + if ( ! access_allowed( be, conn, op, e, + desc, &a->a_vals[i], ACL_READ, &acl_state ) ) { +#ifdef NEW_LOGGING + LDAP_LOG( ACL, INFO, + "send_search_entry: conn %lu " + "access to attribute %s, value %d not allowed\n", + op->o_connid, desc->ad_cname.bv_val, i ); +#else + Debug( LDAP_DEBUG_ACL, + "acl: access to attribute %s, " + "value %d not allowed\n", + desc->ad_cname.bv_val, i, 0 ); +#endif + continue; } - if ( ber_printf( ber, "o", - a->a_vals[i]->bv_val, - a->a_vals[i]->bv_len ) == -1 ) - { + if ( op->vrFilter && e_flags[j][i] == 0 ){ + continue; + } + + if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu " + "ber_printf failed.\n", op->o_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); - ber_free( ber, 1 ); - send_ldap_result( conn, op, - LDAP_OPERATIONS_ERROR, NULL, - "ber_printf value" ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encoding values error", + NULL, NULL ); goto error_return; } } } - if ( ber_printf( ber, "]}" ) == -1 ) { + if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber_printf failed\n", + op->o_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encode end error", NULL, NULL ); + goto error_return; + } + } + + /* free e_flags */ + if ( e_flags ) { + free( e_flags ); + e_flags = NULL; + } + + /* eventually will loop through generated operational attributes */ + /* only have subschemaSubentry implemented */ + aa = backend_operational( be, conn, op, e, attrs, opattrs ); + + if ( aa != NULL && op->vrFilter != NULL ) { + int k = 0; + char *a_flags; + + for ( a = aa, i=0; a != NULL; a = a->a_next, i++ ) { + for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ) k++; + } + e_flags = ch_calloc ( 1, i * sizeof(char *) + k ); + a_flags = (char *)(e_flags + i); + for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) { + for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ); + e_flags[i] = a_flags; + a_flags += j; + } + rc = filter_matched_values(be, conn, op, aa, &e_flags) ; + + if ( rc == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu " + "matched values filtering failed\n", + conn ? conn->c_connid : 0, 0, 0); +#else + Debug( LDAP_DEBUG_ANY, + "matched values filtering failed\n", 0, 0, 0 ); +#endif ber_free( ber, 1 ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, - NULL, "ber_printf type end" ); + + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "matched values filtering error", + NULL, NULL ); goto error_return; } } - free(edn); + for (a = aa, j=0; a != NULL; a = a->a_next, j++ ) { + AttributeDescription *desc = a->a_desc; -#ifdef LDAP_COMPAT30 - if ( conn->c_version == 30 ) { - rc = ber_printf( ber, "}}}}" ); - } else + if ( attrs == NULL ) { + /* all attrs request, skip operational attributes */ + if( is_at_operational( desc->ad_type ) ) { + continue; + } + + } else { + /* specific attrs requested */ + if( is_at_operational( desc->ad_type ) ) { + if( !opattrs && !ad_inlist( desc, attrs ) ) { + continue; + } + } else { + if (!userattrs && !ad_inlist( desc, attrs ) ) + { + continue; + } + } + } + + acl_state = acl_state_init; + + if ( ! access_allowed( be, conn, op, e, desc, NULL, + ACL_READ, &acl_state ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( ACL, INFO, + "send_search_entry: conn %lu " + "access to attribute %s not allowed\n", + op->o_connid, desc->ad_cname.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s " + "not allowed\n", + desc->ad_cname.bv_val, 0, 0 ); +#endif + + continue; + } + + rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname ); + if ( rc == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu " + "ber_printf failed\n", op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encoding description error", NULL, NULL ); + + attrs_free( aa ); + goto error_return; + } + + if ( ! attrsonly ) { + for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) { + if ( ! access_allowed( be, conn, op, e, + desc, &a->a_vals[i], ACL_READ, &acl_state ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( ACL, INFO, + "send_search_entry: conn %lu " + "access to %s, value %d not allowed\n", + op->o_connid, desc->ad_cname.bv_val, i ); +#else + Debug( LDAP_DEBUG_ACL, + "acl: access to attribute %s, " + "value %d not allowed\n", + desc->ad_cname.bv_val, i, 0 ); +#endif + + continue; + } + + if ( op->vrFilter && e_flags[j][i] == 0 ){ + continue; + } + + if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber_printf failed\n", + op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "ber_printf failed\n", 0, 0, 0 ); #endif - rc = ber_printf( ber, "}}}" ); + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encoding values error", + NULL, NULL ); + + attrs_free( aa ); + goto error_return; + } + } + } + + if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber_printf failed\n", + op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encode end error", NULL, NULL ); + + attrs_free( aa ); + goto error_return; + } + } + + /* free e_flags */ + if ( e_flags ) { + free( e_flags ); + e_flags = NULL; + } + + attrs_free( aa ); + rc = ber_printf( ber, /*{{*/ "}N}" ); + + if( rc != -1 && ctrls != NULL ) { + rc = send_ldap_controls( ber, ctrls ); + } + + if( rc != -1 ) { + rc = ber_printf( ber, /*{*/ "N}" ); + } + +#ifdef LDAP_CONNECTIONLESS + if (conn->c_is_udp && op->o_protocol == LDAP_VERSION2 && rc != -1) + rc = ber_printf( ber, "}" ); +#endif if ( rc == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber_printf failed\n", + op->o_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); - ber_free( ber, 1 ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, - "ber_printf entry end" ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encode entry end error", NULL, NULL ); return( 1 ); } - /* write only one pdu at a time - wait til it's our turn */ - pthread_mutex_lock( &conn->c_pdumutex ); + bytes = send_ldap_ber( conn, ber ); + ber_free_buf( ber ); - bytes = ber->ber_ptr - ber->ber_buf; - pthread_mutex_lock( &new_conn_mutex ); - while ( conn->c_connid == op->o_connid && ber_flush( &conn->c_sb, ber, - 1 ) != 0 ) { - pthread_mutex_unlock( &new_conn_mutex ); - /* - * we got an error. if it's ewouldblock, we need to - * wait on the socket being writable. otherwise, figure - * it's a hard error and return. - */ + if ( bytes < 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_entry: conn %lu ber write failed.\n", + op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "send_search_entry: ber write failed\n", + 0, 0, 0 ); +#endif - Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno %d msg (%s)\n", - errno, errno > -1 && errno < sys_nerr ? sys_errlist[errno] - : "unknown", 0 ); + return -1; + } - if ( errno != EWOULDBLOCK && errno != EAGAIN ) { - close_connection( conn, op->o_connid, op->o_opid ); + ldap_pvt_thread_mutex_lock( &num_sent_mutex ); + num_bytes_sent += bytes; + num_entries_sent++; + num_pdu_sent++; + ldap_pvt_thread_mutex_unlock( &num_sent_mutex ); - pthread_mutex_unlock( &conn->c_pdumutex ); - return( -1 ); + Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu ENTRY dn=\"%s\"\n", + conn->c_connid, op->o_opid, e->e_dn, 0, 0 ); + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_search_entry: conn %lu exit.\n", op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "<= send_search_entry\n", 0, 0, 0 ); +#endif + + rc = 0; + +error_return:; + if ( e_flags ) free( e_flags ); + return( rc ); +} + +int +send_search_reference( + Backend *be, + Connection *conn, + Operation *op, + Entry *e, + BerVarray refs, + LDAPControl **ctrls, + BerVarray *v2refs +) +{ + char berbuf[256]; + BerElement *ber = (BerElement *)berbuf; + int rc; + int bytes; + + AttributeDescription *ad_ref = slap_schema.si_ad_ref; + AttributeDescription *ad_entry = slap_schema.si_ad_entry; + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_search_reference: conn %lu dn=\"%s\"\n", + op->o_connid, e->e_dn, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "=> send_search_reference: dn=\"%s\"\n", + e->e_dn, 0, 0 ); +#endif + + + if ( ! access_allowed( be, conn, op, e, + ad_entry, NULL, ACL_READ, NULL ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( ACL, INFO, + "send_search_reference: conn %lu " + "access to entry %s not allowed\n", op->o_connid, e->e_dn, 0 ); +#else + Debug( LDAP_DEBUG_ACL, + "send_search_reference: access to entry not allowed\n", + 0, 0, 0 ); +#endif + + return( 1 ); + } + + if ( ! access_allowed( be, conn, op, e, + ad_ref, NULL, ACL_READ, NULL ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( ACL, INFO, + "send_search_reference: conn %lu access " + "to reference not allowed.\n", op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_ACL, + "send_search_reference: access " + "to reference not allowed\n", + 0, 0, 0 ); +#endif + + return( 1 ); + } + + if( refs == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_reference: conn %lu null ref in (%s).\n", + op->o_connid, e->e_dn, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "send_search_reference: null ref in (%s)\n", + e->e_dn, 0, 0 ); +#endif + + return( 1 ); + } + + if( op->o_protocol < LDAP_VERSION3 ) { + /* save the references for the result */ + if( refs[0].bv_val != NULL ) { + value_add( v2refs, refs ); } + return 0; + } - /* wait for socket to be write-ready */ - pthread_mutex_lock( &active_threads_mutex ); - active_threads--; - conn->c_writewaiter = 1; - pthread_kill( listener_tid, SIGUSR1 ); - pthread_cond_wait( &conn->c_wcv, &active_threads_mutex ); - pthread_mutex_unlock( &active_threads_mutex ); + ber_init_w_nullc( ber, LBER_USE_DER ); + + rc = ber_printf( ber, "{it{W}" /*"}"*/ , op->o_msgid, + LDAP_RES_SEARCH_REFERENCE, refs ); - pthread_yield(); - pthread_mutex_lock( &new_conn_mutex ); + if( rc != -1 && ctrls != NULL ) { + rc = send_ldap_controls( ber, ctrls ); } - pthread_mutex_unlock( &new_conn_mutex ); - pthread_mutex_unlock( &conn->c_pdumutex ); - pthread_mutex_lock( &num_sent_mutex ); - num_bytes_sent += bytes; - num_entries_sent++; - pthread_mutex_unlock( &num_sent_mutex ); + if( rc != -1 ) { + rc = ber_printf( ber, /*"{"*/ "N}", op->o_msgid, + LDAP_RES_SEARCH_REFERENCE, refs ); + } - pthread_mutex_lock( &new_conn_mutex ); - if ( conn->c_connid == op->o_connid ) { - rc = 0; - Statslog( LDAP_DEBUG_STATS2, "conn=%d op=%d ENTRY dn=\"%s\"\n", - conn->c_connid, op->o_opid, e->e_dn, 0, 0 ); - } else { - rc = -1; + if ( rc == -1 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "send_search_reference: conn %lu " + "ber_printf failed.\n", op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "send_search_reference: ber_printf failed\n", 0, 0, 0 ); +#endif + + ber_free_buf( ber ); + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "encode DN error", NULL, NULL ); + return -1; } - pthread_mutex_unlock( &new_conn_mutex ); - Debug( LDAP_DEBUG_TRACE, "<= send_search_entry\n", 0, 0, 0 ); + bytes = send_ldap_ber( conn, ber ); + ber_free_buf( ber ); - return( rc ); + ldap_pvt_thread_mutex_lock( &num_sent_mutex ); + num_bytes_sent += bytes; + num_refs_sent++; + num_pdu_sent++; + ldap_pvt_thread_mutex_unlock( &num_sent_mutex ); -error_return:; - free(edn); - return( 1 ); + Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu REF dn=\"%s\"\n", + conn->c_connid, op->o_opid, e->e_dn, 0, 0 ); + +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, + "send_search_reference: conn %lu exit.\n", op->o_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "<= send_search_reference\n", 0, 0, 0 ); +#endif + + return 0; } + int str2result( char *s, @@ -398,8 +1307,13 @@ str2result( *info = NULL; if ( strncasecmp( s, "RESULT", 6 ) != 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, + "str2result: (%s), expecting \"RESULT\"\n", s, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "str2result (%s) expecting \"RESULT\"\n", s, 0, 0 ); +#endif return( -1 ); } @@ -427,32 +1341,16 @@ str2result( *info = c; } } else { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, "str2result: (%s) unknown.\n", s, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "str2result (%s) unknown\n", s, 0, 0 ); +#endif + rc = -1; } } return( rc ); } - -/* - * close_connection - close a connection. takes the connection to close, - * the connid associated with the operation generating the close (so we - * don't accidentally close a connection that's not ours), and the opid - * of the operation generating the close (for logging purposes). - */ -void -close_connection( Connection *conn, int opconnid, int opid ) -{ - pthread_mutex_lock( &new_conn_mutex ); - if ( conn->c_sb.sb_sd != -1 && conn->c_connid == opconnid ) { - Statslog( LDAP_DEBUG_STATS, - "conn=%d op=%d fd=%d closed errno=%d\n", conn->c_connid, - opid, conn->c_sb.sb_sd, errno, 0 ); - close( conn->c_sb.sb_sd ); - conn->c_sb.sb_sd = -1; - conn->c_version = 0; - } - pthread_mutex_unlock( &new_conn_mutex ); -}