static ID_BLOCK *substring_candidates( BackendDB *be, Filter *f );
static ID_BLOCK *substring_comp_candidates( BackendDB *be, char *type, char *val, int prepost );
-/*
- * test_filter - test a filter against a single entry.
- * returns 0 filter matched
- * -1 filter did not match
- * >0 an ldap error code
- */
-
ID_BLOCK *
bdb2i_filter_candidates(
BackendDB *be,
static ID_BLOCK *substring_comp_candidates( Backend *be, char *type,
struct berval *val, int prepost );
-/*
- * test_filter - test a filter against a single entry.
- * returns 0 filter matched
- * -1 filter did not match
- * >0 an ldap error code
- */
-
ID_BLOCK *
filter_candidates(
Backend *be,
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR,
"decoding error" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
(unsigned long) version, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "sasl bind requires LDAPv3" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- return -1;
+ return SLAPD_DISCONNECT;
}
ndn = ch_strdup( dn );
Debug( LDAP_DEBUG_ANY, "do_compare: get ava failed\n", 0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
break;
}
- if( rc == -1 ) tag = LBER_ERROR;
+ if( rc == SLAPD_DISCONNECT ) tag = LBER_ERROR;
ldap_pvt_thread_mutex_lock( &num_ops_mutex );
num_ops_completed++;
if(( tag = ber_peek_tag( ber, &len )) != LDAP_TAG_CONTROLS ) {
if( tag == LBER_ERROR ) {
- rc = -1;
+ rc = SLAPD_DISCONNECT;
errmsg = "unexpected data in PDU";
}
Debug( LDAP_DEBUG_TRACE, "=> get_ctrls\n", 0, 0, 0 );
if( op->o_protocol < LDAP_VERSION3 ) {
- rc = -1;
+ rc = SLAPD_DISCONNECT;
errmsg = "controls require LDAPv3";
goto return_results;
}
0, 0, 0 );
*ctrls = NULL;
ldap_controls_free( tctrls );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
errmsg = "decoding controls error";
goto return_results;
}
0, 0, 0 );
*ctrls = NULL;
ldap_controls_free( tctrls );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
errmsg = "decoding controls error";
goto return_results;
}
0, 0, 0 );
*ctrls = NULL;
ldap_controls_free( tctrls );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
errmsg = "decoding controls error";
goto return_results;
}
nctrls, rc, errmsg ? errmsg : "");
if( sendres && rc != LDAP_SUCCESS ) {
- if( rc == -1 ) {
+ if( rc == SLAPD_DISCONNECT ) {
send_ldap_disconnect( conn, op, rc, errmsg );
} else {
send_ldap_result( conn, op, rc,
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- return -1;
+ return SLAPD_DISCONNECT;
}
ndn = ch_strdup( dn );
int
get_filter( Connection *conn, BerElement *ber, Filter **filt, char **fstr )
{
+ ber_tag_t tag;
ber_len_t len;
int err;
Filter *f;
*
*/
+ tag = ber_peek_tag( ber, &len );
+
+ if( tag == LBER_ERROR ) {
+ return SLAPD_DISCONNECT;
+ }
+
f = (Filter *) ch_malloc( sizeof(Filter) );
f->f_next = NULL;
err = LDAP_SUCCESS;
*fstr = NULL;
- f->f_choice = ber_peek_tag( ber, &len );
+ f->f_choice = tag;
switch ( f->f_choice ) {
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ /* not yet implemented */
+#else
case LDAP_FILTER_EQUALITY:
Debug( LDAP_DEBUG_FILTER, "EQUALITY\n", 0, 0, 0 );
if ( (err = get_ava( ber, &f->f_ava )) == LDAP_SUCCESS ) {
case LDAP_FILTER_PRESENT:
Debug( LDAP_DEBUG_FILTER, "PRESENT\n", 0, 0, 0 );
if ( ber_scanf( ber, "a", &f->f_type ) == LBER_ERROR ) {
- err = -1;
- } else {
- err = LDAP_SUCCESS;
- attr_normalize( f->f_type );
- *fstr = ch_malloc( 5 + strlen( f->f_type ) );
- sprintf( *fstr, "(%s=*)", f->f_type );
+ err = SLAPD_DISCONNECT;
+ break;
}
+
+ err = LDAP_SUCCESS;
+ attr_normalize( f->f_type );
+ *fstr = ch_malloc( 5 + strlen( f->f_type ) );
+ sprintf( *fstr, "(%s=*)", f->f_type );
break;
case LDAP_FILTER_APPROX:
/* not yet implemented */
Debug( LDAP_DEBUG_ANY, "extensible match not yet implemented.\n",
f->f_choice, 0, 0 );
- err = -1;
- break;
-
- case LBER_DEFAULT:
- Debug( LDAP_DEBUG_ANY, "decoding filter error\n",
- 0, 0, 0 );
- err = -1;
+ err = LDAP_PROTOCOL_ERROR;
break;
default:
Debug( LDAP_DEBUG_FILTER, "begin get_substring_filter\n", 0, 0, 0 );
if ( ber_scanf( ber, "{a" /*}*/, &f->f_sub_type ) == LBER_ERROR ) {
- return( -1 );
+ return SLAPD_DISCONNECT;
}
attr_normalize( f->f_sub_type );
if( fstr ) {
*fstr = ch_malloc( strlen( f->f_sub_type ) + 3 );
- sprintf( *fstr, "(%s=", f->f_sub_type );
+ sprintf( *fstr, "(%s=" /*)*/, f->f_sub_type );
}
for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
{
rc = ber_scanf( ber, "O", &val );
if ( rc == LBER_ERROR ) {
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto return_error;
}
if ( f->f_sub_final == NULL ) {
strcat( *fstr, "*" );
}
- strcat( *fstr, ")" );
+ strcat( *fstr, /*(*/ ")" );
}
Debug( LDAP_DEBUG_FILTER, "end get_substring_filter\n", 0, 0, 0 );
}
break;
+ case SLAPD_FILTER_COMPUTED:
+ break;
+
default:
Debug( LDAP_DEBUG_ANY, "unknown filter type %lu\n",
f->f_choice, 0, 0 );
Filter *p;
if ( f == NULL ) {
- fprintf( stderr, "NULL" );
+ fprintf( stderr, "No filter!" );
}
switch ( f->f_choice ) {
fprintf( stderr, "(%s=*)",
f->f_desc->ad_cname );
#else
- fprintf( stderr, "%s=*", f->f_type );
+ fprintf( stderr, "(%s=*)", f->f_type );
#endif
break;
fprintf( stderr, /*(*/ ")" );
break;
+ case SLAPD_FILTER_COMPUTED:
+ fprintf( stderr, "(%s)",
+ f->f_result == LDAP_COMPARE_FALSE ? "false" :
+ f->f_result == LDAP_COMPARE_TRUE ? "true" :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? "undefined" :
+ "error" );
+ break;
+
default:
fprintf( stderr, "(unknown filter %lu)", f->f_choice );
break;
/*
* test_filter - test a filter against a single entry.
* returns:
- * LDAP_COMPARE_TRUE filter matched
- * LDAP_COMPARE_FALSE filter did not match
- * or an ldap error code
+ * LDAP_COMPARE_TRUE filter matched
+ * LDAP_COMPARE_FALSE filter did not match
+ * SLAPD_COMPARE_UNDEFINED filter is undefined
+ * or an ldap result code indicating error
*/
int
Debug( LDAP_DEBUG_FILTER, "=> test_filter\n", 0, 0, 0 );
switch ( f->f_choice ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ case SLAPD_FILTER_COMPUTED:
+ Debug( LDAP_DEBUG_FILTER, " COMPUTED %s (%d)\n",
+ f->f_result == LDAP_COMPARE_FALSE ? "false" :
+ f->f_result == LDAP_COMPARE_TRUE ? "true" :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? "undefined" : "error",
+ f->f_result, 0 );
+ rc = f->f_result;
+ break;
+#endif
+
case LDAP_FILTER_EQUALITY:
Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 );
#ifdef SLAPD_SCHEMA_NOT_COMPAT
Debug( LDAP_DEBUG_ANY, "do_modify: ber_scanf failed\n", 0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- return -1;
+ return SLAPD_DISCONNECT;
}
Debug( LDAP_DEBUG_ARGS, "do_modify: dn (%s)\n", dn, 0, 0 );
{
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding modlist error" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- return -1;
+ return SLAPD_DISCONNECT;
}
ndn = ch_strdup( dn );
0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "newSuperior requires LDAPv3" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
Debug( LDAP_DEBUG_ANY, "do_modrdn: ber_scanf failed\n", 0, 0, 0 );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto cleanup;
}
Operation *op /* info about the op to which we're responding */
)
{
- int i, err;
+ int i;
ber_int_t scope, deref, attrsonly;
ber_int_t sizelimit, timelimit;
char *base = NULL, *nbase = NULL, *fstr = NULL;
*/
/* baseObject, scope, derefAliases, sizelimit, timelimit, attrsOnly */
- if ( ber_scanf( op->o_ber, "{aiiiib",
+ if ( ber_scanf( op->o_ber, "{aiiiib" /*}*/,
&base, &scope, &deref, &sizelimit,
&timelimit, &attrsonly ) == LBER_ERROR ) {
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ rc = SLAPD_DISCONNECT;
goto return_results;
}
case LDAP_SCOPE_SUBTREE:
break;
default:
- send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR,
+ send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
NULL, "invalid scope", NULL, NULL );
- rc = -1;
goto return_results;
}
case LDAP_DEREF_ALWAYS:
break;
default:
- send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR,
+ send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
NULL, "invalid deref", NULL, NULL );
- rc = -1;
goto return_results;
}
nbase = ch_strdup( base );
if( dn_normalize( nbase ) == NULL ) {
- send_ldap_result( conn, op, LDAP_INVALID_DN_SYNTAX,
+ send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX,
NULL, "invalid DN", NULL, NULL );
- rc = -1;
goto return_results;
}
attrsonly);
/* filter - returns a "normalized" version */
- if ( (err = get_filter( conn, op->o_ber, &filter, &fstr )) != 0 ) {
- if( err == -1 ) {
+ if ( (rc = get_filter( conn, op->o_ber, &filter, &fstr )) != LDAP_SUCCESS ) {
+ if( rc == SLAPD_DISCONNECT ) {
send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decode error" );
+ LDAP_PROTOCOL_ERROR, "decode filter error" );
} else {
- send_ldap_result( conn, op, err,
- NULL, "Bad search filter", NULL, NULL );
+ send_ldap_result( conn, op, rc,
+ NULL, "bad search filter", NULL, NULL );
}
- rc = -1;
goto return_results;
}
/* attributes */
if ( ber_scanf( op->o_ber, /*{*/ "{v}}", &attrs ) == LBER_ERROR ) {
send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ LDAP_PROTOCOL_ERROR, "decoding attrs error" );
+ rc = SLAPD_DISCONNECT;
goto return_results;
}
#define MAXREMATCHES 10
-/* psuedo error code to indicating abandoned operation */
-#define SLAPD_ABANDON -1
+/* psuedo error code indicating disconnect */
+#define SLAPD_DISCONNECT -1
+
+/* psuedo error code indicating abandoned operation */
+#define SLAPD_ABANDON -2
+
/* We assume "C" locale, that is US-ASCII */
#define ASCII_SPACE(c) ( (c) == ' ' )
/*
* represents a search filter
*/
+
typedef struct slap_filter {
- ber_tag_t f_choice; /* values taken from ldap.h */
+ ber_tag_t f_choice; /* values taken from ldap.h, plus: */
+#define SLAPD_FILTER_COMPUTED ((ber_tag_t) 0x01U)
union f_un_u {
+ /* precomputed result */
+ ber_int_t f_un_result;
+
#ifdef SLAPD_SCHEMA_NOT_COMPAT
/* DN */
char *f_un_dn;
/* matching rule assertion */
MatchingRuleAssertion *f_un_mra;
- /* and, or, not */
- struct slap_filter *f_un_complex;
-
#define f_dn f_un.f_un_dn
#define f_desc f_un.f_un_desc
#define f_ava f_un.f_un_ava
/* extensible */
Mra f_un_fra;
- /* and, or, not, list */
- struct slap_filter *f_un_complex;
-
/* substrings */
struct sub {
char *f_un_sub_type;
#define f_sub_any f_un.f_un_sub.f_un_sub_any
#define f_sub_final f_un.f_un_sub.f_un_sub_final
#endif
+
+ /* and, or, not */
+ struct slap_filter *f_un_complex;
} f_un;
+#define f_result f_un.f_un_result
#define f_and f_un.f_un_complex
#define f_or f_un.f_un_complex
#define f_not f_un.f_un_complex
struct slap_filter *f_next;
} Filter;
+/* compare routines can return undefined */
+#define SLAPD_COMPARE_UNDEFINED ((ber_tag_t) -1)
+
/*
* represents an attribute (description + values)
*/
projects / openldap / commitdiff