#include "slap.h"
int
-do_abandon(
- Connection *conn,
- Operation *op
-)
+do_abandon( Operation *op, SlapReply *rs )
{
ber_int_t id;
Operation *o;
- int rc;
int i;
#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, ENTRY, "conn: %d do_abandon\n", conn->c_connid, 0, 0);
+ LDAP_LOG( OPERATION, ENTRY, "conn: %d do_abandon\n", op->o_connid, 0, 0);
#else
Debug( LDAP_DEBUG_TRACE, "do_abandon\n", 0, 0, 0 );
#endif
#else
Debug( LDAP_DEBUG_ANY, "do_abandon: ber_scanf failed\n", 0, 0 ,0 );
#endif
- send_ldap_disconnect( conn, op,
+ send_ldap_discon( op, rs,
LDAP_PROTOCOL_ERROR, "decoding error" );
return -1;
}
- if( (rc = get_ctrls( conn, op, 0 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 0 ) != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, "do_abandon: get_ctrls failed\n", 0, 0 ,0 );
- return rc;
+ return rs->sr_err;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS, "do_abandon: conn: %d id=%ld\n",
- conn->c_connid, (long) id, 0 );
+ op->o_connid, (long) id, 0 );
#else
Debug( LDAP_DEBUG_ARGS, "do_abandon: id=%ld\n", (long) id, 0 ,0 );
#endif
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_abandon: conn: %d bad msgid %ld\n",
- conn->c_connid, (long) id, 0 );
+ op->o_connid, (long) id, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_abandon: bad msgid %ld\n", (long) id, 0, 0 );
return LDAP_SUCCESS;
}
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
/*
* find the operation being abandoned and set the o_abandon
* flag. It's up to the backend to periodically check this
* flag and abort the operation at a convenient time.
*/
- LDAP_STAILQ_FOREACH( o, &conn->c_ops, o_next ) {
+ LDAP_STAILQ_FOREACH( o, &op->o_conn->c_ops, o_next ) {
if ( o->o_msgid == id ) {
o->o_abandon = 1;
goto done;
}
}
- LDAP_STAILQ_FOREACH( o, &conn->c_pending_ops, o_next ) {
+ LDAP_STAILQ_FOREACH( o, &op->o_conn->c_pending_ops, o_next ) {
if ( o->o_msgid == id ) {
- LDAP_STAILQ_REMOVE( &conn->c_pending_ops, o, slap_op, o_next );
+ LDAP_STAILQ_REMOVE( &op->o_conn->c_pending_ops, o, slap_op, o_next );
slap_op_free( o );
goto done;
}
done:
+ op->oq_abandon.rs_msgid = id;
for ( i = 0; i < nbackends; i++ ) {
- Backend *be = &backends[i];
+ op->o_bd = &backends[i];
- if( be->be_abandon ) be->be_abandon( be, conn, op, id );
+ if( op->o_bd->be_abandon ) op->o_bd->be_abandon( op, rs );
}
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"do_abandon: conn: %d op=%ld %sfound\n",
- conn->c_connid, (long)id, o ? "" : "not " );
+ op->o_connid, (long)id, o ? "" : "not " );
#else
Debug( LDAP_DEBUG_TRACE, "do_abandon: op=%ld %sfound\n",
(long) id, o ? "" : "not ", 0 );
static AccessControl * acl_get(
AccessControl *ac, int *count,
- Backend *be, Operation *op,
- Entry *e,
+ Operation *op, Entry *e,
AttributeDescription *desc,
int nmatches, regmatch_t *matches );
static slap_control_t acl_mask(
AccessControl *ac, slap_mask_t *mask,
- Backend *be, Connection *conn, Operation *op,
- Entry *e,
+ Operation *op, Entry *e,
AttributeDescription *desc,
struct berval *val,
regmatch_t *matches,
#ifdef SLAPD_ACI_ENABLED
static int aci_mask(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
+ Operation *op, Entry *e,
AttributeDescription *desc,
struct berval *val,
struct berval *aci,
char *match, regmatch_t *matches);
typedef struct AciSetCookie {
- Backend *be;
- Entry *e;
- Connection *conn;
Operation *op;
+ Entry *e;
} AciSetCookie;
SLAP_SET_GATHER aci_set_gather;
-static int aci_match_set ( struct berval *subj, Backend *be,
- Entry *e, Connection *conn, Operation *op, int setref );
+static int aci_match_set ( struct berval *subj, Operation *op,
+ Entry *e, int setref );
/*
* access_allowed - check whether op->o_ndn is allowed the requested access
int
access_allowed(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
+ Operation *op,
+ Entry *e,
AttributeDescription *desc,
- struct berval *val,
- slap_access_t access,
+ struct berval *val,
+ slap_access_t access,
AccessControlState *state )
{
int ret = 1;
int count;
AccessControl *a = NULL;
+ Backend *be;
+ int be_null = 0;
#ifdef LDAP_DEBUG
char accessmaskbuf[ACCESSMASK_MAXLEN];
goto done;
}
- if ( be == NULL ) be = &backends[0];
+ be = op->o_bd;
+ if ( be == NULL ) {
+ be = &backends[0];
+ be_null = 1;
+ op->o_bd = be;
+ }
assert( be != NULL );
/* grant database root access */
#ifdef NEW_LOGGING
LDAP_LOG( ACL, INFO,
"access_allowed: conn %lu root access granted\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ACL,
"<= root access granted\n",
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"access_allowed: conn %lu NoUserMod Operational attribute: %s "
- "access granted\n", conn->c_connid, attr , 0 );
+ "access granted\n", op->o_connid, attr , 0 );
#else
Debug( LDAP_DEBUG_ACL, "NoUserMod Operational attribute:"
" %s access granted\n",
memset(matches, '\0', sizeof(matches));
}
- while((a = acl_get( a, &count, be, op, e, desc,
+ while((a = acl_get( a, &count, op, e, desc,
MAXREMATCHES, matches )) != NULL)
{
int i;
}
vd_access:
- control = acl_mask( a, &mask, be, conn, op,
+ control = acl_mask( a, &mask, op,
e, desc, val, matches, count, state );
if ( control != ACL_BREAK ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"access_allowed: conn %lu \"%s\" (%s) invalid!\n",
- conn->c_connid, e->e_dn, attr );
+ op->o_connid, e->e_dn, attr );
#else
Debug( LDAP_DEBUG_ACL,
"=> access_allowed: \"%s\" (%s) invalid!\n",
} else if ( control == ACL_BREAK ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
- "access_allowed: conn %lu no more rules\n", conn->c_connid, 0,0 );
+ "access_allowed: conn %lu no more rules\n", op->o_connid, 0,0 );
#else
Debug( LDAP_DEBUG_ACL,
"=> access_allowed: no more rules\n", 0, 0, 0);
state->as_recorded |= ACL_STATE_RECORDED;
state->as_result = ret;
}
+ if (be_null) op->o_bd = NULL;
return ret;
}
acl_get(
AccessControl *a,
int *count,
- Backend *be,
- Operation *op,
- Entry *e,
+ Operation *op,
+ Entry *e,
AttributeDescription *desc,
- int nmatch,
- regmatch_t *matches )
+ int nmatch,
+ regmatch_t *matches )
{
const char *attr;
int dnlen, patlen;
assert( attr != NULL );
if( a == NULL ) {
- if( be == NULL ) {
+ if( op->o_bd == NULL ) {
a = global_acl;
} else {
- a = be->be_acl;
+ a = op->o_bd->be_acl;
}
assert( a != NULL );
}
if ( a->acl_filter != NULL ) {
- ber_int_t rc = test_filter( NULL, NULL, NULL, e, a->acl_filter );
+ ber_int_t rc = test_filter( NULL, e, a->acl_filter );
if ( rc != LDAP_COMPARE_TRUE ) {
continue;
}
static slap_control_t
acl_mask(
- AccessControl *a,
+ AccessControl *a,
slap_mask_t *mask,
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
+ Operation *op,
+ Entry *e,
AttributeDescription *desc,
- struct berval *val,
+ struct berval *val,
regmatch_t *matches,
int count,
AccessControlState *state )
#ifdef NEW_LOGGING
LDAP_LOG( ACL, ENTRY,
"acl_mask: conn %lu access to entry \"%s\", attr \"%s\" requested\n",
- conn->c_connid, e->e_dn, attr );
+ op->o_connid, e->e_dn, attr );
LDAP_LOG( ACL, ARGS,
" to %s by \"%s\", (%s) \n", val ? "value" : "all values",
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_dn_pat: %s\n",
- conn->c_connid, b->a_dn_pat.bv_val ,0 );
+ op->o_connid, b->a_dn_pat.bv_val ,0 );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_dn_pat: %s\n",
b->a_dn_pat.bv_val, 0, 0);
}
if ( b->a_sockurl_pat.bv_len ) {
- if ( ! conn->c_listener ) {
+ if ( ! op->o_conn->c_listener ) {
continue;
}
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_sockurl_pat: %s\n",
- conn->c_connid, b->a_sockurl_pat.bv_val , 0 );
+ op->o_connid, b->a_sockurl_pat.bv_val , 0 );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_sockurl_pat: %s\n",
b->a_sockurl_pat.bv_val, 0, 0 );
if ( !ber_bvccmp( &b->a_sockurl_pat, '*' ) ) {
if ( b->a_sockurl_style == ACL_STYLE_REGEX) {
- if (!regex_matches( &b->a_sockurl_pat, conn->c_listener_url.bv_val,
+ if (!regex_matches( &b->a_sockurl_pat, op->o_conn->c_listener_url.bv_val,
e->e_ndn, matches ) )
{
continue;
}
} else {
- if ( ber_bvstrcasecmp( &b->a_sockurl_pat, &conn->c_listener_url ) != 0 )
+ if ( ber_bvstrcasecmp( &b->a_sockurl_pat, &op->o_conn->c_listener_url ) != 0 )
continue;
}
}
}
if ( b->a_domain_pat.bv_len ) {
- if ( !conn->c_peer_domain.bv_val ) {
+ if ( !op->o_conn->c_peer_domain.bv_val ) {
continue;
}
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_domain_pat: %s\n",
- conn->c_connid, b->a_domain_pat.bv_val , 0 );
+ op->o_connid, b->a_domain_pat.bv_val , 0 );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_domain_pat: %s\n",
b->a_domain_pat.bv_val, 0, 0 );
#endif
if ( !ber_bvccmp( &b->a_domain_pat, '*' ) ) {
if ( b->a_domain_style == ACL_STYLE_REGEX) {
- if (!regex_matches( &b->a_domain_pat, conn->c_peer_domain.bv_val,
+ if (!regex_matches( &b->a_domain_pat, op->o_conn->c_peer_domain.bv_val,
e->e_ndn, matches ) )
{
continue;
} else {
char buf[ACL_BUF_SIZE];
- struct berval cmp = conn->c_peer_domain;
+ struct berval cmp = op->o_conn->c_peer_domain;
struct berval pat = b->a_domain_pat;
if ( b->a_domain_expand ) {
}
if ( b->a_peername_pat.bv_len ) {
- if ( !conn->c_peer_name.bv_val ) {
+ if ( !op->o_conn->c_peer_name.bv_val ) {
continue;
}
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_peername_path: %s\n",
- conn->c_connid, b->a_peername_pat.bv_val , 0 );
+ op->o_connid, b->a_peername_pat.bv_val , 0 );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_peername_path: %s\n",
b->a_peername_pat.bv_val, 0, 0 );
#endif
if ( !ber_bvccmp( &b->a_peername_pat, '*' ) ) {
if ( b->a_peername_style == ACL_STYLE_REGEX) {
- if (!regex_matches( &b->a_peername_pat, conn->c_peer_name.bv_val,
+ if (!regex_matches( &b->a_peername_pat, op->o_conn->c_peer_name.bv_val,
e->e_ndn, matches ) )
{
continue;
}
} else {
- if ( ber_bvstrcasecmp( &b->a_peername_pat, &conn->c_peer_name ) != 0 )
+ if ( ber_bvstrcasecmp( &b->a_peername_pat, &op->o_conn->c_peer_name ) != 0 )
continue;
}
}
}
if ( b->a_sockname_pat.bv_len ) {
- if ( !conn->c_sock_name.bv_val ) {
+ if ( !op->o_conn->c_sock_name.bv_val ) {
continue;
}
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_sockname_path: %s\n",
- conn->c_connid, b->a_sockname_pat.bv_val , 0 );
+ op->o_connid, b->a_sockname_pat.bv_val , 0 );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_sockname_path: %s\n",
b->a_sockname_pat.bv_val, 0, 0 );
#endif
if ( !ber_bvccmp( &b->a_sockname_pat, '*' ) ) {
if ( b->a_sockname_style == ACL_STYLE_REGEX) {
- if (!regex_matches( &b->a_sockname_pat, conn->c_sock_name.bv_val,
+ if (!regex_matches( &b->a_sockname_pat, op->o_conn->c_sock_name.bv_val,
e->e_ndn, matches ) )
{
continue;
}
} else {
- if ( ber_bvstrcasecmp( &b->a_sockname_pat, &conn->c_sock_name ) != 0 )
+ if ( ber_bvstrcasecmp( &b->a_sockname_pat, &op->o_conn->c_sock_name ) != 0 )
continue;
}
}
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_dn_pat: %s\n",
- conn->c_connid, attr , 0 );
+ op->o_connid, attr , 0 );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_dn_at: %s\n",
attr, 0, 0);
bv = b->a_group_pat;
}
- rc = backend_group( be, conn, op, e, &bv, &op->o_ndn,
+ rc = backend_group( op, e, &bv, &op->o_ndn,
b->a_group_oc, b->a_group_at );
if ( ndn.bv_val ) free( ndn.bv_val );
}else{
bv = b->a_set_pat;
}
- if (aci_match_set( &bv, be, e, conn, op, 0 ) == 0) {
+ if (aci_match_set( &bv, op, e, 0 ) == 0) {
continue;
}
}
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_authz.sai_ssf: ACL %u > OP %u\n",
- conn->c_connid, b->a_authz.sai_ssf, op->o_ssf );
+ op->o_connid, b->a_authz.sai_ssf, op->o_ssf );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_authz.sai_ssf: ACL %u > OP %u\n",
b->a_authz.sai_ssf, op->o_ssf, 0 );
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_authz.sai_transport_ssf: "
"ACL %u > OP %u\n",
- conn->c_connid, b->a_authz.sai_transport_ssf,
+ op->o_connid, b->a_authz.sai_transport_ssf,
op->o_transport_ssf );
#else
Debug( LDAP_DEBUG_ACL,
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_authz.sai_tls_ssf: ACL %u > "
"OP %u\n",
- conn->c_connid, b->a_authz.sai_tls_ssf, op->o_tls_ssf );
+ op->o_connid, b->a_authz.sai_tls_ssf, op->o_tls_ssf );
#else
Debug( LDAP_DEBUG_ACL,
"<= check a_authz.sai_tls_ssf: ACL %u > OP %u\n",
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_authz.sai_sasl_ssf: "
"ACL %u > OP %u\n",
- conn->c_connid, b->a_authz.sai_sasl_ssf, op->o_sasl_ssf );
+ op->o_connid, b->a_authz.sai_sasl_ssf, op->o_sasl_ssf );
#else
Debug( LDAP_DEBUG_ACL,
"<= check a_authz.sai_sasl_ssf: ACL %u > OP %u\n",
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu [%d] mask: %s\n",
- conn->c_connid, i, accessmask2str( *mask, accessmaskbuf) );
+ op->o_connid, i, accessmask2str( *mask, accessmaskbuf) );
#else
Debug( LDAP_DEBUG_ACL,
"<= acl_mask: [%d] mask: %s\n",
#ifdef NEW_LOGGING
LDAP_LOG( ACL, RESULTS,
"acl_mask: conn %lu no more <who> clauses, returning %d (stop)\n",
- conn->c_connid, accessmask2str( *mask, accessmaskbuf) , 0 );
+ op->o_connid, accessmask2str( *mask, accessmaskbuf) , 0 );
#else
Debug( LDAP_DEBUG_ACL,
"<= acl_mask: no more <who> clauses, returning %s (stop)\n",
int
acl_check_modlist(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- Modifications *mlist
+ Operation *op,
+ Entry *e,
+ Modifications *mlist
)
{
struct berval *bv;
AccessControlState state = ACL_STATE_INIT;
- assert( be != NULL );
+ assert( op->o_bd != NULL );
/* short circuit root database access */
- if ( be_isroot( be, &op->o_ndn ) ) {
+ if ( be_isroot( op->o_bd, &op->o_ndn ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_check_modlist: conn %lu access granted to root user\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ACL,
"<= acl_access_allowed: granted to database root\n",
}
/* use backend default access if no backend acls */
- if( be != NULL && be->be_acl == NULL ) {
+ if( op->o_bd != NULL && op->o_bd->be_acl == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_check_modlist: backend default %s access %s to \"%s\"\n",
access2str( ACL_WRITE ),
- be->be_dfltaccess >= ACL_WRITE ? "granted" : "denied",
+ op->o_bd->be_dfltaccess >= ACL_WRITE ? "granted" : "denied",
op->o_dn.bv_val );
#else
Debug( LDAP_DEBUG_ACL,
"=> access_allowed: backend default %s access %s to \"%s\"\n",
access2str( ACL_WRITE ),
- be->be_dfltaccess >= ACL_WRITE ? "granted" : "denied", op->o_dn.bv_val );
+ op->o_bd->be_dfltaccess >= ACL_WRITE ? "granted" : "denied", op->o_dn.bv_val );
#endif
- return be->be_dfltaccess >= ACL_WRITE;
+ return op->o_bd->be_dfltaccess >= ACL_WRITE;
#ifdef notdef
- /* be is always non-NULL */
+ /* op->o_bd is always non-NULL */
/* use global default access if no global acls */
- } else if ( be == NULL && global_acl == NULL ) {
+ } else if ( op->o_bd == NULL && global_acl == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_check_modlist: global default %s access %s to \"%s\"\n",
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_check_modlist: conn %lu no-user-mod %s: modify access granted\n",
- conn->c_connid, mlist->sml_desc->ad_cname.bv_val , 0 );
+ op->o_connid, mlist->sml_desc->ad_cname.bv_val , 0 );
#else
Debug( LDAP_DEBUG_ACL, "acl: no-user-mod %s:"
" modify access granted\n",
* attribute and permission to add the specific attributes.
* This prevents abuse from selfwriters.
*/
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
mlist->sml_desc, NULL, ACL_WRITE, &state ) )
{
return( 0 );
for ( bv = mlist->sml_bvalues; bv->bv_val != NULL; bv++ )
#endif
{
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
mlist->sml_desc, bv, ACL_WRITE, &state ) )
{
return( 0 );
case LDAP_MOD_DELETE:
if ( mlist->sml_bvalues == NULL ) {
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
mlist->sml_desc, NULL, ACL_WRITE, NULL ) )
{
return( 0 );
for ( bv = mlist->sml_bvalues; bv->bv_val != NULL; bv++ )
#endif
{
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
mlist->sml_desc, bv, ACL_WRITE, &state ) )
{
return( 0 );
const char *text;
AttributeDescription *desc = NULL;
if (slap_bv2ad(attr, &desc, &text) == LDAP_SUCCESS) {
- backend_attribute(cp->be, NULL, cp->op,
+ backend_attribute(cp->op,
cp->e, &ndn, desc, &bvals);
}
free(ndn.bv_val);
static int
aci_match_set (
struct berval *subj,
- Backend *be,
- Entry *e,
- Connection *conn,
- Operation *op,
- int setref
+ Operation *op,
+ Entry *e,
+ int setref
)
{
struct berval set = { 0, NULL };
if ( dnNormalize2(NULL, &subjdn, &ndn) == LDAP_SUCCESS
&& slap_bv2ad(&setat, &desc, &text) == LDAP_SUCCESS )
{
- backend_attribute(be, NULL, op, e,
+ backend_attribute(op, e,
&ndn, desc, &bvals);
if ( bvals != NULL ) {
if ( bvals[0].bv_val != NULL ) {
}
if (set.bv_val != NULL) {
- cookie.be = be;
- cookie.e = e;
- cookie.conn = conn;
cookie.op = op;
+ cookie.e = e;
rc = (slap_set_filter(aci_set_gather, &cookie, &set,
&op->o_ndn, &e->e_nname, NULL) > 0);
ch_free(set.bv_val);
struct berval *subj,
struct berval *defgrpoc,
struct berval *defgrpat,
- Backend *be,
- Entry *e,
- Connection *conn,
- Operation *op,
+ Operation *op,
+ Entry *e,
regmatch_t *matches
)
{
bv.bv_val = (char *)&buf;
string_expand(&bv, &subjdn, e->e_ndn, matches);
if ( dnNormalize2(NULL, &bv, &ndn) == LDAP_SUCCESS ) {
- rc = (backend_group(be, conn, op, e, &ndn, &op->o_ndn,
+ rc = (backend_group(op, e, &ndn, &op->o_ndn,
grp_oc, grp_ad) == 0);
free( ndn.bv_val );
}
static int
aci_mask(
- Backend *be,
- Connection *conn,
Operation *op,
Entry *e,
AttributeDescription *desc,
} else if (ber_bvstrcasecmp( &aci_bv_group, &bv ) == 0) {
- if (aci_group_member(&sdn, &aci_bv_group_class, &aci_bv_group_attr, be, e, conn, op, matches))
+ if (aci_group_member(&sdn, &aci_bv_group_class, &aci_bv_group_attr, op, e, matches))
return(1);
} else if (ber_bvstrcasecmp( &aci_bv_role, &bv ) == 0) {
- if (aci_group_member(&sdn, &aci_bv_role_class, &aci_bv_role_attr, be, e, conn, op, matches))
+ if (aci_group_member(&sdn, &aci_bv_role_class, &aci_bv_role_attr, op, e, matches))
return(1);
} else if (ber_bvstrcasecmp( &aci_bv_set, &bv ) == 0) {
- if (aci_match_set(&sdn, be, e, conn, op, 0))
+ if (aci_match_set(&sdn, op, e, 0))
return(1);
} else if (ber_bvstrcasecmp( &aci_bv_set_ref, &bv ) == 0) {
- if (aci_match_set(&sdn, be, e, conn, op, 1))
+ if (aci_match_set(&sdn, op, e, 1))
return(1);
}
#ifdef LDAP_SLAPI
#include "slapi.h"
-static Slapi_PBlock *initAddPlugin( Backend *be, Connection *conn, Operation *op,
+static void initAddPlugin( Operation *op,
struct berval *dn, Entry *e, int manageDSAit );
-static int doPreAddPluginFNs( Backend *be, Slapi_PBlock *pb );
-static void doPostAddPluginFNs( Backend *be, Slapi_PBlock *pb );
+static int doPreAddPluginFNs( Operation *op );
+static void doPostAddPluginFNs( Operation *op );
#endif /* LDAP_SLAPI */
int
-do_add( Connection *conn, Operation *op )
+do_add( Operation *op, SlapReply *rs )
{
BerElement *ber = op->o_ber;
char *last;
ber_len_t len;
ber_tag_t tag;
Entry *e;
- Backend *be;
Modifications *modlist = NULL;
Modifications **modtail = &modlist;
Modifications tmp;
- const char *text;
- int rc = LDAP_SUCCESS;
int manageDSAit;
-#ifdef LDAP_SLAPI
- Slapi_PBlock *pb = NULL;
-#endif /* LDAP_SLAPI */
#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, ENTRY, "do_add: conn %d enter\n", conn->c_connid,0,0 );
+ LDAP_LOG( OPERATION, ENTRY, "do_add: conn %d enter\n", op->o_connid,0,0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_add\n", 0, 0, 0 );
#endif
if ( ber_scanf( ber, "{m", /*}*/ &dn ) == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_add: conn %d ber_scanf failed\n", conn->c_connid,0,0 );
+ "do_add: conn %d ber_scanf failed\n", op->o_connid,0,0 );
#else
Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
return -1;
}
e = (Entry *) ch_calloc( 1, sizeof(Entry) );
- rc = dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname );
+ rs->sr_err = dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname );
- if( rc != LDAP_SUCCESS ) {
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_add: conn %d invalid dn (%s)\n", conn->c_connid, dn.bv_val, 0 );
+ "do_add: conn %d invalid dn (%s)\n", op->o_connid, dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
goto done;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
- "do_add: conn %d dn (%s)\n", conn->c_connid, e->e_dn, 0 );
+ "do_add: conn %d dn (%s)\n", op->o_connid, e->e_dn, 0 );
#else
Debug( LDAP_DEBUG_ARGS, "do_add: dn (%s)\n", e->e_dn, 0, 0 );
#endif
+ op->o_req_dn = e->e_name;
+ op->o_req_ndn = e->e_nname;
+
/* get the attrs */
for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
tag = ber_next_element( ber, &len, last ) )
if ( rtag == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_add: conn %d decoding error \n", conn->c_connid, 0, 0 );
+ "do_add: conn %d decoding error \n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_add: decoding error\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ rs->sr_err = -1;
goto done;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_add: conn %d no values for type %s\n",
- conn->c_connid, tmp.sml_type.bv_val, 0 );
+ op->o_connid, tmp.sml_type.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY, "no values for type %s\n",
tmp.sml_type.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
- NULL, "no values for attribute type", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "no values for attribute type" );
goto done;
}
if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_add: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 );
+ "do_add: conn %d ber_scanf failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ rs->sr_err = -1;
goto done;
}
- if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
- "do_add: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 );
+ "do_add: conn %d get_ctrls failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_add: get_ctrls failed\n", 0, 0, 0 );
#endif
}
if ( modlist == NULL ) {
- send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
- NULL, "no attributes provided", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "no attributes provided" );
goto done;
}
Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu ADD dn=\"%s\"\n",
- op->o_connid, op->o_opid, e->e_dn, 0, 0 );
+ op->o_connid, op->o_opid, e->e_name.bv_val, 0, 0 );
if( e->e_nname.bv_len == 0 ) {
/* protocolError may be a more appropriate error */
- send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS,
- NULL, "root DSE already exists",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_ALREADY_EXISTS, "root DSE already exists" );
goto done;
} else if ( bvmatch( &e->e_nname, &global_schemandn ) ) {
- send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS,
- NULL, "subschema subentry already exists",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_ALREADY_EXISTS, "subschema subentry already exists" );
goto done;
}
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
- be = select_backend( &e->e_nname, manageDSAit, 0 );
- if ( be == NULL ) {
- BerVarray ref = referral_rewrite( default_referral,
+ op->o_bd = select_backend( &e->e_nname, manageDSAit, 0 );
+ if ( op->o_bd == NULL ) {
+ rs->sr_ref = referral_rewrite( default_referral,
NULL, &e->e_name, LDAP_SCOPE_DEFAULT );
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, ref ? ref : default_referral, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
+ send_ldap_result( op, rs );
- if ( ref ) ber_bvarray_free( ref );
+ if ( rs->sr_ref != default_referral ) ber_bvarray_free( rs->sr_ref );
goto done;
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto done;
}
/* check for referrals */
- rc = backend_check_referrals( be, conn, op, &e->e_name, &e->e_nname );
- if ( rc != LDAP_SUCCESS ) {
+ if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) {
goto done;
}
#ifdef LDAP_SLAPI
- pb = initAddPlugin( be, conn, op, &dn, e, manageDSAit );
+ initAddPlugin( op, &dn, e, manageDSAit );
#endif /* LDAP_SLAPI */
/*
* 2) this backend is master for what it holds;
* 3) it's a replica and the dn supplied is the updatedn.
*/
- if ( be->be_add ) {
+ if ( op->o_bd->be_add ) {
/* do the update here */
- int repl_user = be_isupdate(be, &op->o_ndn );
+ int repl_user = be_isupdate(op->o_bd, &op->o_ndn );
#ifndef SLAPD_MULTIMASTER
- if ( !be->be_update_ndn.bv_len || repl_user )
+ if ( !op->o_bd->be_update_ndn.bv_len || repl_user )
#endif
{
- int update = be->be_update_ndn.bv_len;
+ int update = op->o_bd->be_update_ndn.bv_len;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
- rc = slap_mods_check( modlist, update, &text,
+ rs->sr_err = slap_mods_check( modlist, update, &rs->sr_text,
textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto done;
}
assert( (*modtail)->sml_op == LDAP_MOD_ADD );
assert( (*modtail)->sml_desc != NULL );
}
- rc = slap_mods_opattrs( be, op, modlist, modtail, &text,
- textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ rs->sr_err = slap_mods_opattrs( op, modlist, modtail,
+ &rs->sr_text, textbuf, textlen );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto done;
}
}
- rc = slap_mods2entry( modlist, &e, repl_user, &text,
+ rs->sr_err = slap_mods2entry( modlist, &e, repl_user, &rs->sr_text,
textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto done;
}
* Call the preoperation plugin here, because the entry
* will actually contain something.
*/
- rc = doPreAddPluginFNs( be, pb );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = doPreAddPluginFNs( op );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
/* plugin will have sent result */
goto done;
}
#endif /* LDAP_SLAPI */
- if ( (*be->be_add)( be, conn, op, e ) == 0 ) {
+ op->oq_add.rs_e = e;
+ if ( (op->o_bd->be_add)( op, rs ) == 0 ) {
#ifdef SLAPD_MULTIMASTER
if ( !repl_user )
#endif
{
- replog( be, op, &e->e_name, &e->e_nname, e );
+ replog( op );
}
- be_entry_release_w( be, conn, op, e );
+ be_entry_release_w( op, e );
e = NULL;
}
* SLAPI_ADD_ENTRY will be empty, but this may be acceptable
* on replicas (for now, it involves the minimum code intrusion).
*/
- rc = doPreAddPluginFNs( be, pb );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = doPreAddPluginFNs( op );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
/* plugin will have sent result */
goto done;
}
#endif /* LDAP_SLAPI */
- defref = be->be_update_refs
- ? be->be_update_refs : default_referral;
- ref = referral_rewrite( defref,
+ defref = op->o_bd->be_update_refs
+ ? op->o_bd->be_update_refs : default_referral;
+ rs->sr_ref = referral_rewrite( defref,
NULL, &e->e_name, LDAP_SCOPE_DEFAULT );
- send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL,
- ref ? ref : defref, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
+ send_ldap_result( op, rs );
- if ( ref ) ber_bvarray_free( ref );
+ if ( rs->sr_ref != default_referral ) ber_bvarray_free( rs->sr_ref );
#endif /* SLAPD_MULTIMASTER */
}
} else {
#ifdef LDAP_SLAPI
- rc = doPreAddPluginFNs( be, pb );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = doPreAddPluginFNs( op );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
/* plugin will have sent result */
goto done;
}
#endif
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
- "do_add: conn %d no backend support\n", conn->c_connid, 0, 0 );
+ "do_add: conn %d no backend support\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS, " do_add: no backend support\n", 0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
#ifdef LDAP_SLAPI
- doPostAddPluginFNs( be, pb );
+ doPostAddPluginFNs( op );
#endif /* LDAP_SLAPI */
done:
entry_free( e );
}
- return rc;
+ return rs->sr_err;
}
int
}
#ifdef LDAP_SLAPI
-static Slapi_PBlock *initAddPlugin( Backend *be, Connection *conn, Operation *op,
+static void Slapi_PBlock *initAddPlugin( Operation *op,
struct berval *dn, Entry *e, int manageDSAit )
{
- Slapi_PBlock *pb;
-
- pb = op->o_pb;
-
- slapi_x_backend_set_pb( pb, be );
- slapi_x_connection_set_pb( pb, conn );
+ slapi_x_backend_set_pb( pb, op->o_bd );
+ slapi_x_connection_set_pb( pb, op->o_conn );
slapi_x_operation_set_pb( pb, op );
- slapi_pblock_set( pb, SLAPI_ADD_TARGET, (void *)dn->bv_val );
- slapi_pblock_set( pb, SLAPI_ADD_ENTRY, (void *)e );
- slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit );
-
- return pb;
+ slapi_pblock_set( op->o_pb, SLAPI_ADD_TARGET, (void *)dn->bv_val );
+ slapi_pblock_set( op->o_pb, SLAPI_ADD_ENTRY, (void *)e );
+ slapi_pblock_set( op->o_pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit );
}
-static int doPreAddPluginFNs( Backend *be, Slapi_PBlock *pb )
+static int doPreAddPluginFNs( Operation *op )
{
int rc;
- rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_ADD_FN, pb );
+ rc = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_ADD_FN, op->o_pb );
if ( rc != 0 ) {
/*
* A preoperation plugin failure will abort the
#else
Debug(LDAP_DEBUG_TRACE, "do_add: add preoperation plugin failed.\n",
0, 0, 0);
- if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0 )
+ if ( slapi_pblock_get( op->o_pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0 )
rc = LDAP_OTHER;
#endif
} else {
return rc;
}
-static void doPostAddPluginFNs( Backend *be, Slapi_PBlock *pb )
+static void doPostAddPluginFNs( Operation *op );
{
int rc;
- rc = doPluginFNs( be, SLAPI_PLUGIN_POST_ADD_FN, pb );
+ rc = doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_ADD_FN, op->o_pb );
if ( rc != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_add: add postoperation plugin failed\n",
#include "external.h"
int
-bdb_add(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- Entry *e )
+bdb_add(Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
struct berval pdn;
Entry *p = NULL;
- int rc;
const char *text;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
#endif
u_int32_t locker = 0;
DB_LOCK lock;
-#if 0
- u_int32_t lockid;
- DB_LOCK lock;
-#endif
int noop = 0;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
#endif
#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ARGS, "==> bdb_add: %s\n", e->e_dn, 0, 0 );
+ LDAP_LOG ( OPERATION, ARGS, "==> bdb_add: %s\n", op->oq_add.rs_e->e_name.bv_val, 0, 0 );
#else
- Debug(LDAP_DEBUG_ARGS, "==> bdb_add: %s\n", e->e_dn, 0, 0);
+ Debug(LDAP_DEBUG_ARGS, "==> bdb_add: %s\n", op->oq_add.rs_e->e_name.bv_val, 0, 0);
#endif
/* check entry's schema */
- rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL, &rs->sr_text, textbuf, textlen );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "bdb_add: entry failed schema check: %s (%d)\n", text, rc, 0 );
+ "bdb_add: entry failed schema check: %s (%d)\n", rs->sr_text, rs->sr_err, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_add: entry failed schema check: %s (%d)\n",
- text, rc, 0 );
+ rs->sr_text, rs->sr_err, 0 );
#endif
goto return_results;
}
#ifdef BDB_SUBENTRIES
- subentry = is_entry_subentry( e );
+ subentry = is_entry_subentry( op->oq_add.rs_e );
#endif
/*
* acquire an ID outside of the operation transaction
* to avoid serializing adds.
*/
- rc = bdb_next_id( be, NULL, &e->e_id );
- if( rc != 0 ) {
+ rs->sr_err = bdb_next_id( op->o_bd, NULL, &op->oq_add.rs_e->e_id );
+ if( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "bdb_add: next_id failed (%d)\n", rc, 0, 0 );
+ "bdb_add: next_id failed (%d)\n", rs->sr_err, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_add: next_id failed (%d)\n",
- rc, 0, 0 );
+ rs->sr_err, 0, 0 );
#endif
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p );
p = NULL;
}
- rc = TXN_ABORT( ltid );
+ rs->sr_err = TXN_ABORT( ltid );
ltid = NULL;
op->o_private = NULL;
op->o_do_not_cache = opinfo.boi_acl_cache;
- if( rc != 0 ) {
- rc = LDAP_OTHER;
- text = "internal error";
+ if( rs->sr_err != 0 ) {
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
ldap_pvt_thread_yield();
}
/* begin transaction */
- rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
+ rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
bdb->bi_db_opflags );
- text = NULL;
- if( rc != 0 ) {
+ rs->sr_text = NULL;
+ if( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "bdb_add: txn_begin failed: %s (%d)\n", db_strerror(rc), rc, 0 );
+ "bdb_add: txn_begin failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_add: txn_begin failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
locker = TXN_ID ( ltid );
-#if 0
- lockid = TXN_ID( ltid );
-#endif
- opinfo.boi_bdb = be;
+ opinfo.boi_bdb = op->o_bd;
opinfo.boi_txn = ltid;
opinfo.boi_locker = locker;
opinfo.boi_err = 0;
* If the parent does not exist, only allow the "root" user to
* add the entry.
*/
- if ( be_issuffix( be, &e->e_nname ) ) {
+ if ( be_issuffix( op->o_bd, &op->oq_add.rs_e->e_nname ) ) {
pdn = slap_empty_bv;
} else {
- dnParent( &e->e_nname, &pdn );
+ dnParent( &op->oq_add.rs_e->e_nname, &pdn );
}
if( pdn.bv_len != 0 ) {
Entry *matched = NULL;
-#if 0
- if ( ltid ) {
- DBT obj;
- obj.data = pdn.bv_val-1;
- obj.size = pdn.bv_len+1;
- rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj,
- DB_LOCK_WRITE, &lock);
- }
-#endif
-
/* get parent */
- rc = bdb_dn2entry_r( be, ltid, &pdn, &p, &matched, 0, locker, &lock );
+ rs->sr_err = bdb_dn2entry_r( op->o_bd, ltid, &pdn, &p, &matched, 0, locker, &lock );
- switch( rc ) {
+ switch( rs->sr_err ) {
case 0:
case DB_NOTFOUND:
break;
case DB_LOCK_NOTGRANTED:
goto retry;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
if ( p == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs;
-
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, matched );
matched = NULL;
} else {
- refs = referral_rewrite( default_referral,
- NULL, &e->e_name, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->oq_add.rs_e->e_name, LDAP_SCOPE_DEFAULT );
}
#ifdef NEW_LOGGING
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
- ch_free( matched_dn );
+ ber_bvarray_free( rs->sr_ref );
+ ch_free( (char *)rs->sr_matched );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto done;
}
- rc = access_allowed( be, conn, op, p,
+ rs->sr_err = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
Debug( LDAP_DEBUG_TRACE, "bdb_add: no write access to parent\n",
0, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
- text = "no write access to parent";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to parent";
goto return_results;;
}
Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
0, 0, 0 );
#endif
- rc = LDAP_OBJECT_CLASS_VIOLATION;
- text = "parent is a subentry";
+ rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
+ rs->sr_text = "parent is a subentry";
goto return_results;;
}
#endif
Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is alias\n",
0, 0, 0 );
#endif
- rc = LDAP_ALIAS_PROBLEM;
- text = "parent is an alias";
+ rs->sr_err = LDAP_ALIAS_PROBLEM;
+ rs->sr_text = "parent is an alias";
goto return_results;;
}
#endif
if ( is_entry_referral( p ) ) {
/* parent is a referral, don't allow add */
- char *matched_dn = p->e_dn;
- BerVarray refs = get_entry_referrals( be, conn, op, p );
+ rs->sr_matched = p->e_name.bv_val;
+ rs->sr_ref = get_entry_referrals( op, p );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
p = NULL;
goto done;
}
* no parent!
* must be adding entry at suffix or with parent ""
*/
- if ( !be_isroot( be, &op->o_ndn )) {
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv )
- || be_isupdate( be, &op->o_ndn ) )
+ if ( !be_isroot( op->o_bd, &op->o_ndn )) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
+ || be_isupdate( op->o_bd, &op->o_ndn ) )
{
p = (Entry *)&slap_entry_root;
/* check parent for "children" acl */
- rc = access_allowed( be, conn, op, p,
+ rs->sr_err = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
p = NULL;
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
"bdb_add: no write access to parent\n",
0, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
- text = "no write access to parent";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to parent";
goto return_results;;
}
pdn.bv_len == 0 ? "suffix" : "entry at root",
0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
}
"bdb_add: no parent, cannot add subentry\n",
0, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
- text = "no parent, cannot add subentry";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no parent, cannot add subentry";
goto return_results;;
}
-#endif
-#if 0
- if ( ltid ) {
- DBT obj;
- obj.data = ",";
- obj.size = 1;
- rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj,
- DB_LOCK_WRITE, &lock);
- }
#endif
}
- rc = access_allowed( be, conn, op, e,
+ rs->sr_err = access_allowed( op, op->oq_add.rs_e,
entry, NULL, ACL_WRITE, NULL );
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
Debug( LDAP_DEBUG_TRACE, "bdb_add: no write access to entry\n",
0, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
- text = "no write access to entry";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to entry";
goto return_results;;
}
/* dn2id index */
- rc = bdb_dn2id_add( be, ltid, &pdn, e );
- if ( rc != 0 ) {
+ rs->sr_err = bdb_dn2id_add( op->o_bd, ltid, &pdn, op->oq_add.rs_e );
+ if ( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "bdb_add: dn2id_add failed: %s (%d)\n", db_strerror(rc), rc, 0 );
+ "bdb_add: dn2id_add failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "bdb_add: dn2id_add failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
case DB_KEYEXIST:
- rc = LDAP_ALREADY_EXISTS;
+ rs->sr_err = LDAP_ALREADY_EXISTS;
break;
default:
- rc = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
}
goto return_results;
}
/* id2entry index */
- rc = bdb_id2entry_add( be, ltid, e );
- if ( rc != 0 ) {
+ rs->sr_err = bdb_id2entry_add( op->o_bd, ltid, op->oq_add.rs_e );
+ if ( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR, "bdb_add: id2entry_add failed\n", 0, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "bdb_add: id2entry_add failed\n",
0, 0, 0 );
#endif
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
default:
- rc = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
}
- text = "entry store failed";
+ rs->sr_text = "entry store failed";
goto return_results;
}
/* attribute indexes */
- rc = bdb_index_entry_add( be, ltid, e, e->e_attrs );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = bdb_index_entry_add( op->o_bd, ltid, op->oq_add.rs_e );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"bdb_add: index_entry_add failed\n", 0, 0, 0 );
Debug( LDAP_DEBUG_TRACE, "bdb_add: index_entry_add failed\n",
0, 0, 0 );
#endif
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
default:
- rc = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
}
- text = "index generation failed";
+ rs->sr_text = "index generation failed";
goto return_results;
}
if( op->o_noop ) {
- if (( rc=TXN_ABORT( ltid )) != 0 ) {
- text = "txn_abort (no-op) failed";
+ if (( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
+ rs->sr_text = "txn_abort (no-op) failed";
} else {
noop = 1;
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
}
} else {
snprintf( gid, sizeof( gid ), "%s-%08lx-%08lx",
bdb_uuid.bv_val, (long) op->o_connid, (long) op->o_opid );
- if (( rc=TXN_PREPARE( ltid, gid )) != 0 ) {
- text = "txn_prepare failed";
+ if (( rs->sr_err=TXN_PREPARE( ltid, gid )) != 0 ) {
+ rs->sr_text = "txn_prepare failed";
} else {
int ret = bdb_cache_add_entry_rw(bdb->bi_dbenv,
- &bdb->bi_cache, e, CACHE_WRITE_LOCK,
+ &bdb->bi_cache, op->oq_add.rs_e, CACHE_WRITE_LOCK,
locker, &lock);
-#if 0
- if ( bdb_cache_add_entry_rw(&bdb->bi_cache,
- e, CACHE_WRITE_LOCK) != 0 )
-#endif
switch ( ret ) {
case 0:
break;
}
if ( ret ) {
- if(( rc=TXN_ABORT( ltid )) != 0 ) {
- text = "cache add & txn_abort failed";
+ if(( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
+ rs->sr_text = "cache add & txn_abort failed";
} else {
- rc = LDAP_OTHER;
- text = "cache add failed";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "cache add failed";
}
} else {
- if(( rc=TXN_COMMIT( ltid, 0 )) != 0 ) {
- text = "txn_commit failed";
+ if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) {
+ rs->sr_text = "txn_commit failed";
} else {
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
}
}
}
ltid = NULL;
op->o_private = NULL;
- if (rc == LDAP_SUCCESS) {
+ if (rs->sr_err == LDAP_SUCCESS) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, RESULTS,
"bdb_add: added%s id=%08lx dn=\"%s\"\n",
- op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn );
+ op->o_noop ? " (no-op)" : "", op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn );
#else
Debug(LDAP_DEBUG_TRACE, "bdb_add: added%s id=%08lx dn=\"%s\"\n",
- op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn );
+ op->o_noop ? " (no-op)" : "", op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn );
#endif
- text = NULL;
+ rs->sr_text = NULL;
if ( !noop ) {
- bdb_cache_entry_commit( e );
+ bdb_cache_entry_commit( op->oq_add.rs_e );
}
}
else {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "bdb_add: %s : %s (%d)\n", text, db_strerror(rc), rc );
+ "bdb_add: %s : %s (%d)\n", rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
#else
Debug( LDAP_DEBUG_TRACE, "bdb_add: %s : %s (%d)\n",
- text, db_strerror(rc), rc );
+ rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
#endif
- rc = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
}
return_results:
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- if ( rc == LDAP_SUCCESS && !noop ) {
- LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) {
- bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_ADD );
+ if ( rs->sr_err == LDAP_SUCCESS && !noop ) {
+ LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ bdb_psearch( op, rs, ps_list, op->oq_add.rs_e, LDAP_PSEARCH_BY_ADD );
}
}
#endif /* LDAP_CLIENT_UPDATE */
- if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
+ if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) {
ldap_pvt_thread_yield();
TXN_CHECKPOINT( bdb->bi_dbenv,
bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
op->o_private = NULL;
}
- return ( ( rc == LDAP_SUCCESS ) ? noop : rc );
+ return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err );
}
ID bi_lastid;
ldap_pvt_thread_mutex_t bi_lastid_mutex;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- LDAP_LIST_HEAD(pl, slap_op) psearch_list;
+ LDAP_LIST_HEAD(pl, slap_op) bi_psearch_list;
#endif
#ifdef SLAP_IDL_CACHE
int bi_idl_cache_max_size;
#include "external.h"
int
-bdb_bind(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- int method,
- struct berval *cred,
- struct berval *edn
-)
+bdb_bind( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
Entry *e;
Attribute *a;
- int rc;
Entry *matched;
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
char krbname[MAX_K_NAME_SZ + 1];
AttributeDescription *krbattr = slap_schema.si_ad_krbName;
+ struct berval krbval;
AUTH_DAT ad;
#endif
DB_LOCK lock;
#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ARGS, "==> bdb_bind: dn: %s\n", dn->bv_val, 0, 0 );
+ LDAP_LOG ( OPERATION, ARGS, "==> bdb_bind: dn: %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
- Debug( LDAP_DEBUG_ARGS, "==> bdb_bind: dn: %s\n", dn->bv_val, 0, 0);
+ Debug( LDAP_DEBUG_ARGS, "==> bdb_bind: dn: %s\n", op->o_req_dn.bv_val, 0, 0);
#endif
- rc = LOCK_ID(bdb->bi_dbenv, &locker);
- switch(rc) {
+ /* allow noauth binds */
+ if ( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op )) {
+ ber_dupbv( &op->oq_bind.rb_edn, be_root_dn( op->o_bd ) );
+ /* front end will send result */
+ return LDAP_SUCCESS;
+ }
+
+ rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker);
+ switch(rs->sr_err) {
case 0:
break;
default:
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
- return rc;
+ rs->sr_text = "internal error";
+ send_ldap_result( op, rs );
+ return rs->sr_err;
}
dn2entry_retry:
- /* get entry */
- rc = bdb_dn2entry_r( be, NULL, ndn, &e, &matched, 0, locker, &lock );
+ /* get entry with reader lock */
+ rs->sr_err = bdb_dn2entry_r( op->o_bd, NULL, &op->o_req_ndn, &e, &matched, 0, locker, &lock );
- switch(rc) {
+ switch(rs->sr_err) {
case DB_NOTFOUND:
case 0:
break;
case LDAP_BUSY:
- send_ldap_result( conn, op, LDAP_BUSY,
- NULL, "ldap server busy", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_BUSY, "ldap_server_busy" );
LOCK_ID_FREE(bdb->bi_dbenv, locker);
return LDAP_BUSY;
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto dn2entry_retry;
default:
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
LOCK_ID_FREE(bdb->bi_dbenv, locker);
- return rc;
+ return rs->sr_err;
}
- /* get entry with reader lock */
if ( e == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs;
-
if( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
-
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
+ if (rs->sr_ref)
+ rs->sr_matched = ch_strdup( matched->e_name.bv_val );
bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, matched, &lock );
matched = NULL;
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- /* allow noauth binds */
- rc = 1;
- if ( method == LDAP_AUTH_SIMPLE ) {
- if ( be_isroot_pw( be, conn, ndn, cred ) ) {
- ber_dupbv( edn, be_root_dn( be ) );
- rc = LDAP_SUCCESS; /* front end will send result */
-
- } else if ( refs != NULL ) {
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
-
- } else {
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
- }
-
- } else if ( refs != NULL ) {
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
-
+ if ( rs->sr_ref != NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+ free( (char *)rs->sr_matched );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
} else {
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op, rs );
}
LOCK_ID_FREE(bdb->bi_dbenv, locker);
- ber_bvarray_free( refs );
- free( matched_dn );
-
- return rc;
+ return rs->sr_err;
}
- ber_dupbv( edn, &e->e_name );
+ ber_dupbv( &op->oq_bind.rb_edn, &e->e_name );
/* check for deleted */
#ifdef BDB_SUBENTRIES
0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op );
goto done;
}
0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_ALIAS_PROBLEM,
- NULL, "entry is alias", NULL, NULL );
+ send_ldap_error( op, LDAP_ALIAS_PROBLEM, "entry is alias");
goto done;
}
if ( is_entry_referral( e ) ) {
/* entry is a referral, don't allow bind */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
0, 0 );
#endif
- if( refs != NULL ) {
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
-
+ if( rs->sr_ref != NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
} else {
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op, rs );
}
- ber_bvarray_free( refs );
-
goto done;
}
- switch ( method ) {
+ switch ( op->oq_bind.rb_method ) {
case LDAP_AUTH_SIMPLE:
- /* check for root dn/passwd */
- if ( be_isroot_pw( be, conn, ndn, cred ) ) {
- /* front end will send result */
- if(edn->bv_val != NULL) free( edn->bv_val );
- ber_dupbv( edn, be_root_dn( be ) );
- rc = LDAP_SUCCESS;
- goto done;
- }
-
- rc = access_allowed( be, conn, op, e,
+ rs->sr_err = access_allowed( op, e,
password, NULL, ACL_AUTH, NULL );
- if ( ! rc ) {
- send_ldap_result( conn, op, rc = LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ if ( ! rs->sr_err ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ send_ldap_result( op, rs );
goto done;
}
if ( (a = attr_find( e->e_attrs, password )) == NULL ) {
- send_ldap_result( conn, op, rc = LDAP_INAPPROPRIATE_AUTH,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
+ send_ldap_result( op, rs );
goto done;
}
- if ( slap_passwd_check( conn, a, cred ) != 0 ) {
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred ) != 0 ) {
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op, rs );
goto done;
}
- rc = 0;
+ rs->sr_err = 0;
break;
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
case LDAP_AUTH_KRBV41:
- if ( krbv4_ldap_auth( be, cred, &ad ) != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ if ( krbv4_ldap_auth( op->o_bd, &op->oq_bind.rb_cred, &ad ) != LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_INVALID_CREDENTIALS,
+ send_ldap_result( op );
goto done;
}
- rc = access_allowed( be, conn, op, e,
+ rs->sr_err = access_allowed( op, e,
krbattr, NULL, ACL_AUTH, NULL );
- if ( ! rc ) {
- send_ldap_result( conn, op, rc = LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ if ( ! rs->sr_err ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS,
+ send_ldap_result( op );
goto done;
}
- sprintf( krbname, "%s%s%s@%s", ad.pname, *ad.pinst ? "."
+ krbval.bv_len = sprintf( krbname, "%s%s%s@%s", ad.pname, *ad.pinst ? "."
: "", ad.pinst, ad.prealm );
if ( (a = attr_find( e->e_attrs, krbattr )) == NULL ) {
/*
* no krbname values present: check against DN
*/
- if ( strcasecmp( dn, krbname ) == 0 ) {
- rc = 0;
+ if ( strcasecmp( op->o_req_dn.bv_val, krbname ) == 0 ) {
+ rs->sr_err = 0;
break;
}
- send_ldap_result( conn, op, rc = LDAP_INAPPROPRIATE_AUTH,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INAPPROPRIATE_AUTH,
+ send_ldap_result( op );
goto done;
} else { /* look for krbname match */
- struct berval krbval;
-
krbval.bv_val = krbname;
- krbval.bv_len = strlen( krbname );
if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) {
- send_ldap_result( conn, op,
- rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op );
goto done;
}
}
- rc = 0;
+ rs->sr_err = 0;
break;
case LDAP_AUTH_KRBV42:
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "Kerberos bind step 2 not supported",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Kerberos bind step 2 not supported" );
goto done;
#endif
default:
- send_ldap_result( conn, op, rc = LDAP_STRONG_AUTH_NOT_SUPPORTED,
- NULL, "authentication method not supported", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_STRONG_AUTH_NOT_SUPPORTED,
+ "authentication method not supported" );
goto done;
}
LOCK_ID_FREE(bdb->bi_dbenv, locker);
- /* front end will send result on success (rc==0) */
- return rc;
+ /* front end will send result on success (rs->sr_err==0) */
+ return rs->sr_err;
}
#include "external.h"
int
-bdb_compare(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- AttributeAssertion *ava
-)
+bdb_compare( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
Entry *matched;
Entry *e;
Attribute *a;
- int rc;
- const char *text = NULL;
int manageDSAit = get_manageDSAit( op );
u_int32_t locker;
DB_LOCK lock;
- rc = LOCK_ID(bdb->bi_dbenv, &locker);
- switch(rc) {
+ rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker);
+ switch(rs->sr_err) {
case 0:
break;
default:
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
- return rc;
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
+ return rs->sr_err;
}
dn2entry_retry:
/* get entry */
- rc = bdb_dn2entry_r( be, NULL, ndn, &e, &matched, 0, locker, &lock );
+ rs->sr_err = bdb_dn2entry_r( op->o_bd, NULL, &op->o_req_ndn, &e, &matched, 0, locker, &lock );
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_NOTFOUND:
case 0:
break;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto dn2entry_retry;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
if ( e == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs;
-
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, matched, &lock );
matched = NULL;
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
- free( matched_dn );
+ ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto done;
}
if (!manageDSAit && is_entry_referral( e ) ) {
/* entry is a referral, don't allow add */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto done;
}
- rc = access_allowed( be, conn, op, e,
- ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL );
- if ( ! rc ) {
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = access_allowed( op, e,
+ op->oq_compare.rs_ava->aa_desc, &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
+ if ( ! rs->sr_err ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
- rc = LDAP_NO_SUCH_ATTRIBUTE;
+ rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
- for(a = attrs_find( e->e_attrs, ava->aa_desc );
+ for(a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
a != NULL;
- a = attrs_find( a->a_next, ava->aa_desc ))
+ a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ))
{
- rc = LDAP_COMPARE_FALSE;
+ rs->sr_err = LDAP_COMPARE_FALSE;
#ifdef SLAP_NVALUES
- if ( value_find_ex( ava->aa_desc,
+ if ( value_find_ex( op->oq_compare.rs_ava->aa_desc,
SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
- a->a_nvals, &ava->aa_value ) == 0 )
+ a->a_nvals, &op->oq_compare.rs_ava->aa_value ) == 0 )
#else
- if ( value_find( ava->aa_desc, a->a_vals, &ava->aa_value ) == 0 )
+ if ( value_find( op->oq_compare.rs_ava->aa_desc, a->a_vals, &op->oq_compare.rs_ava->aa_value ) == 0 )
#endif
{
- rc = LDAP_COMPARE_TRUE;
+ rs->sr_err = LDAP_COMPARE_TRUE;
break;
}
}
return_results:
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
- if( rc == LDAP_COMPARE_FALSE || rc == LDAP_COMPARE_TRUE ) {
- rc = LDAP_SUCCESS;
+ if( rs->sr_err == LDAP_COMPARE_FALSE || rs->sr_err == LDAP_COMPARE_TRUE ) {
+ rs->sr_err = LDAP_SUCCESS;
}
done:
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
- return rc;
+ return rs->sr_err;
}
#include "external.h"
int
-bdb_delete(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn
-)
+bdb_delete( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
Entry *matched;
struct berval pdn = {0, NULL};
Entry *e = NULL;
Entry *p = NULL;
- int rc;
- const char *text;
int manageDSAit = get_manageDSAit( op );
AttributeDescription *children = slap_schema.si_ad_children;
AttributeDescription *entry = slap_schema.si_ad_entry;
u_int32_t locker = 0;
DB_LOCK lock;
-#if 0
- u_int32_t lockid;
- DB_LOCK lock;
-#endif
int noop = 0;
#endif
#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ARGS, "==> bdb_delete: %s\n", dn->bv_val, 0, 0 );
+ LDAP_LOG ( OPERATION, ARGS, "==> bdb_delete: %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS, "==> bdb_delete: %s\n",
- dn->bv_val, 0, 0 );
+ op->o_req_dn.bv_val, 0, 0 );
#endif
if( 0 ) {
Debug( LDAP_DEBUG_TRACE, "==> bdb_delete: retrying...\n",
0, 0, 0 );
#endif
- rc = TXN_ABORT( ltid );
+ rs->sr_err = TXN_ABORT( ltid );
ltid = NULL;
op->o_private = NULL;
op->o_do_not_cache = opinfo.boi_acl_cache;
- if( rc != 0 ) {
- rc = LDAP_OTHER;
- text = "internal error";
+ if( rs->sr_err != 0 ) {
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
ldap_pvt_thread_yield();
}
/* begin transaction */
- rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
+ rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
bdb->bi_db_opflags );
- text = NULL;
- if( rc != 0 ) {
+ rs->sr_text = NULL;
+ if( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"==> bdb_delete: txn_begin failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_delete: txn_begin failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
locker = TXN_ID ( ltid );
-#if 0
- lockid = TXN_ID( ltid );
-#endif
- opinfo.boi_bdb = be;
+ opinfo.boi_bdb = op->o_bd;
opinfo.boi_txn = ltid;
opinfo.boi_locker = locker;
opinfo.boi_err = 0;
opinfo.boi_acl_cache = op->o_do_not_cache;
op->o_private = &opinfo;
- if ( !be_issuffix( be, ndn ) ) {
- dnParent( ndn, &pdn );
+ if ( !be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
+ dnParent( &op->o_req_ndn, &pdn );
}
if( pdn.bv_len != 0 ) {
-#if 0
- if ( ltid ) {
- DBT obj;
- obj.data = pdn.bv_val-1;
- obj.size = pdn.bv_len+1;
- rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj,
- DB_LOCK_WRITE, &lock);
- }
-#endif
/* get parent */
- rc = bdb_dn2entry_r( be, ltid, &pdn, &p, NULL, 0, locker, &lock );
+ rs->sr_err = bdb_dn2entry_r( op->o_bd, ltid, &pdn, &p, NULL, 0, locker, &lock );
- switch( rc ) {
+ switch( rs->sr_err ) {
case 0:
case DB_NOTFOUND:
break;
case DB_LOCK_NOTGRANTED:
goto retry;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
"<=- bdb_delete: parent does not exist\n",
0, 0, 0);
#endif
- rc = LDAP_OTHER;
- text = "could not locate parent of entry";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "could not locate parent of entry";
goto return_results;
}
/* check parent for "children" acl */
- rc = access_allowed( be, conn, op, p,
+ rs->sr_err = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, p);
p = NULL;
- if ( !rc ) {
+ if ( !rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
"<=- bdb_delete: no write access to parent\n",
0, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
- text = "no write access to parent";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to parent";
goto return_results;
}
} else {
/* no parent, must be root to delete */
- if( ! be_isroot( be, &op->o_ndn ) ) {
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv )
- || be_isupdate( be, &op->o_ndn ) ) {
+ if( ! be_isroot( op->o_bd, &op->o_ndn ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
+ || be_isupdate( op->o_bd, &op->o_ndn ) ) {
p = (Entry *)&slap_entry_root;
/* check parent for "children" acl */
- rc = access_allowed( be, conn, op, p,
+ rs->sr_err = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
p = NULL;
- if ( !rc ) {
+ if ( !rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
"<=- bdb_delete: no access "
"to parent\n", 0, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
- text = "no write access to parent";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to parent";
goto return_results;
}
"<=- bdb_delete: no parent "
"and not root\n", 0, 0, 0);
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
}
-
-#if 0
- if ( ltid ) {
- DBT obj;
- obj.data = ",";
- obj.size = 1;
- rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj,
- DB_LOCK_WRITE, &lock);
- }
-#endif
}
/* get entry for read/modify/write */
- rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, DB_RMW, locker, &lock );
+ rs->sr_err = bdb_dn2entry_w( op->o_bd, ltid, &op->o_req_ndn, &e, &matched, DB_RMW, locker, &lock );
- switch( rc ) {
+ switch( rs->sr_err ) {
case 0:
case DB_NOTFOUND:
break;
case DB_LOCK_NOTGRANTED:
goto retry;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
if ( e == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs;
-
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ARGS,
- "<=- bdb_delete: no such object %s\n", dn->bv_val, 0, 0);
+ "<=- bdb_delete: no such object %s\n", op->o_req_dn.bv_val, 0, 0);
#else
Debug( LDAP_DEBUG_ARGS,
"<=- bdb_delete: no such object %s\n",
- dn->bv_val, 0, 0);
+ op->o_req_dn.bv_val, 0, 0);
#endif
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, matched);
matched = NULL;
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
- free( matched_dn );
+ ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
- rc = -1;
+ rs->sr_err = -1;
goto done;
}
- rc = access_allowed( be, conn, op, e,
+ rs->sr_err = access_allowed( op, e,
entry, NULL, ACL_WRITE, NULL );
- if ( !rc ) {
+ if ( !rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
"<=- bdb_delete: no write access to entry\n",
0, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
- text = "no write access to entry";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to entry";
goto return_results;
}
if ( !manageDSAit && is_entry_referral( e ) ) {
/* entry is a referral, don't allow delete */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
0, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
- rc = 1;
+ rs->sr_err = 1;
goto done;
}
- rc = bdb_dn2id_children( be, ltid, &e->e_nname, 0 );
- if( rc != DB_NOTFOUND ) {
- switch( rc ) {
+ rs->sr_err = bdb_dn2id_children( op->o_bd, ltid, &e->e_nname, 0 );
+ if( rs->sr_err != DB_NOTFOUND ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
case 0:
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
- "<=- bdb_delete: non-leaf %s\n", dn->bv_val, 0, 0 );
+ "<=- bdb_delete: non-leaf %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- bdb_delete: non-leaf %s\n",
- dn->bv_val, 0, 0);
+ op->o_req_dn.bv_val, 0, 0);
#endif
- rc = LDAP_NOT_ALLOWED_ON_NONLEAF;
- text = "subtree delete not supported";
+ rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
+ rs->sr_text = "subtree delete not supported";
break;
default:
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"<=- bdb_delete: has_children failed %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- bdb_delete: has_children failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
}
goto return_results;
}
/* delete from dn2id */
- rc = bdb_dn2id_delete( be, ltid, pdn.bv_val, e );
- if ( rc != 0 ) {
- switch( rc ) {
+ rs->sr_err = bdb_dn2id_delete( op->o_bd, ltid, pdn.bv_val, e );
+ if ( rs->sr_err != 0 ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "<=- bdb_delete: dn2id failed %s (%d)\n", db_strerror(rc), rc, 0 );
+ "<=- bdb_delete: dn2id failed %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- bdb_delete: dn2id failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- text = "DN index delete failed";
- rc = LDAP_OTHER;
+ rs->sr_text = "DN index delete failed";
+ rs->sr_err = LDAP_OTHER;
goto return_results;
}
/* delete from id2entry */
- rc = bdb_id2entry_delete( be, ltid, e );
- if ( rc != 0 ) {
- switch( rc ) {
+ rs->sr_err = bdb_id2entry_delete( op->o_bd, ltid, e );
+ if ( rs->sr_err != 0 ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"<=- bdb_delete: id2entry failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- bdb_delete: id2entry failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- text = "entry delete failed";
- rc = LDAP_OTHER;
+ rs->sr_text = "entry delete failed";
+ rs->sr_err = LDAP_OTHER;
goto return_results;
}
/* delete indices for old attributes */
- rc = bdb_index_entry_del( be, ltid, e, e->e_attrs );
- if ( rc != LDAP_SUCCESS ) {
- switch( rc ) {
+ rs->sr_err = bdb_index_entry_del( op->o_bd, ltid, e );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
Debug( LDAP_DEBUG_ANY, "entry index delete failed!\n",
0, 0, 0 );
#endif
- text = "entry index delete failed";
- rc = LDAP_OTHER;
+ rs->sr_text = "entry index delete failed";
+ rs->sr_err = LDAP_OTHER;
goto return_results;
}
#if 0 /* Do we want to reclaim deleted IDs? */
ldap_pvt_thread_mutex_lock( &bdb->bi_lastid_mutex );
if ( e->e_id == bdb->bi_lastid ) {
- bdb_last_id( be, ltid );
+ bdb_last_id( op->o_bd, ltid );
}
ldap_pvt_thread_mutex_unlock( &bdb->bi_lastid_mutex );
#endif
if( op->o_noop ) {
- if ( ( rc = TXN_ABORT( ltid ) ) != 0 ) {
- text = "txn_abort (no-op) failed";
+ if ( ( rs->sr_err = TXN_ABORT( ltid ) ) != 0 ) {
+ rs->sr_text = "txn_abort (no-op) failed";
} else {
noop = 1;
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
}
} else {
- rc = TXN_COMMIT( ltid, 0 );
+ rs->sr_err = TXN_COMMIT( ltid, 0 );
}
ltid = NULL;
op->o_private = NULL;
- if( rc != 0 ) {
+ if( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"bdb_delete: txn_%s failed: %s (%d)\n",
- op->o_noop ? "abort (no-op)" : "commit", db_strerror(rc), rc );
+ op->o_noop ? "abort (no-op)" : "commit", db_strerror(rs->sr_err), rs->sr_err );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_delete: txn_%s failed: %s (%d)\n",
op->o_noop ? "abort (no-op)" : "commit",
- db_strerror(rc), rc );
+ db_strerror(rs->sr_err), rs->sr_err );
#endif
- rc = LDAP_OTHER;
- text = "commit failed";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "commit failed";
} else {
#ifdef NEW_LOGGING
op->o_noop ? " (no-op)" : "",
e->e_id, e->e_dn );
#endif
- rc = LDAP_SUCCESS;
- text = NULL;
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_text = NULL;
}
return_results:
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- if ( rc == LDAP_SUCCESS && !noop ) {
- LDAP_LIST_FOREACH( ps_list, &bdb->psearch_list, link ) {
- bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_DELETE );
+ if ( rs->sr_err == LDAP_SUCCESS && !noop ) {
+ LDAP_LIST_FOREACH( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_DELETE );
}
}
#endif
- if(rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
+ if(rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) {
ldap_pvt_thread_yield();
TXN_CHECKPOINT( bdb->bi_dbenv,
bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
op->o_private = NULL;
}
- return ( ( rc == LDAP_SUCCESS ) ? noop : rc );
+ return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err );
}
};
int
-bdb_extended(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *reqoid,
+bdb_extended( Operation *op, SlapReply *rs )
+/* struct berval *reqoid,
struct berval *reqdata,
char **rspoid,
struct berval **rspdata,
LDAPControl *** rspctrls,
const char** text,
BerVarray *refs
-)
+) */
{
int i;
for( i=0; exop_table[i].extended != NULL; i++ ) {
- if( ber_bvcmp( exop_table[i].oid, reqoid ) == 0 ) {
- return (exop_table[i].extended)(
- be, conn, op,
- reqoid, reqdata,
- rspoid, rspdata, rspctrls,
- text, refs );
+ if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) {
+ return (exop_table[i].extended)( op, rs );
}
}
- *text = "not supported within naming context";
+ rs->sr_text = "not supported within naming context";
return LDAP_UNWILLING_TO_PERFORM;
}
}
int bdb_entry_release(
- BackendDB *be,
- Connection *c,
Operation *o,
Entry *e,
int rw )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) o->o_bd->be_private;
struct bdb_op_info *boi = NULL;
/* slapMode : SLAP_SERVER_MODE, SLAP_TOOL_MODE,
/* return LDAP_SUCCESS IFF we can retrieve the specified entry.
*/
int bdb_entry_get(
- BackendDB *be,
- Connection *c,
Operation *op,
struct berval *ndn,
ObjectClass *oc,
int rw,
Entry **ent )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
struct bdb_op_info *boi = NULL;
DB_TXN *txn = NULL;
Entry *e;
#endif
if( op ) boi = (struct bdb_op_info *) op->o_private;
- if( boi != NULL && be == boi->boi_bdb ) {
+ if( boi != NULL && op->o_bd == boi->boi_bdb ) {
txn = boi->boi_txn;
locker = boi->boi_locker;
}
dn2entry_retry:
/* can we find entry */
- rc = bdb_dn2entry_rw( be, txn, ndn, &e, NULL, 0, rw, locker, &lock );
+ rc = bdb_dn2entry_rw( op->o_bd, txn, ndn, &e, NULL, 0, rw, locker, &lock );
switch( rc ) {
case DB_NOTFOUND:
case 0:
Backend *be,
DB_TXN *txn,
int op,
- Entry *e,
- Attribute *ap )
+ Entry *e )
{
int rc;
+ Attribute *ap = e->e_attrs;
#ifdef NEW_LOGGING
LDAP_LOG( INDEX, ENTRY, "index_entry: %s (%s) %ld\n",
bdb->bi_search_stack = NULL;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- LDAP_LIST_INIT (&bdb->psearch_list);
+ LDAP_LIST_INIT (&bdb->bi_psearch_list);
#endif
ldap_pvt_thread_mutex_init( &bdb->bi_lastid_mutex );
#include "external.h"
int bdb_modify_internal(
- BackendDB *be,
- Connection *conn,
Operation *op,
DB_TXN *tid,
Modifications *modlist,
e->e_id, e->e_dn, 0);
#endif
- if ( !acl_check_modlist( be, conn, op, e, modlist )) {
+ if ( !acl_check_modlist( op, e, modlist )) {
return LDAP_INSUFFICIENT_ACCESS;
}
/* check if modified attribute was indexed
* but not in case of NOOP... */
- err = bdb_index_is_indexed( be, mod->sm_desc );
+ err = bdb_index_is_indexed( op->o_bd, mod->sm_desc );
if ( err == LDAP_SUCCESS && !op->o_noop ) {
ap = attr_find( save_attrs, mod->sm_desc );
if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL;
}
/* check that the entry still obeys the schema */
- rc = entry_schema_check( be, e, save_attrs, text, textbuf, textlen );
+ rc = entry_schema_check( op->o_bd, e, save_attrs, text, textbuf, textlen );
if ( rc != LDAP_SUCCESS || op->o_noop ) {
attrs_free( e->e_attrs );
e->e_attrs = save_attrs;
/* start with deleting the old index entries */
for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) {
if ( ap->a_flags & SLAP_ATTR_IXDEL ) {
- rc = bdb_index_values( be, tid, ap->a_desc,
+ rc = bdb_index_values( op->o_bd, tid, ap->a_desc,
#ifdef SLAP_NVALUES
ap->a_nvals,
#else
/* add the new index entries */
for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) {
if (ap->a_flags & SLAP_ATTR_IXADD) {
- rc = bdb_index_values( be, tid, ap->a_desc,
+ rc = bdb_index_values( op->o_bd, tid, ap->a_desc,
#ifdef SLAP_NVALUES
ap->a_nvals,
#else
int
-bdb_modify(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- Modifications *modlist )
+bdb_modify( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
- int rc;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
Entry *matched = NULL;
Entry *e = NULL;
int manageDSAit = get_manageDSAit( op );
- const char *text = NULL;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
DB_TXN *ltid = NULL;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
Operation* ps_list;
- struct psid_entry* pm_list;
- struct psid_entry* pm_prev;
+ struct psid_entry *pm_list, *pm_prev;
#endif
#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ENTRY, "bdb_modify: %s\n", dn->bv_val, 0, 0 );
+ LDAP_LOG ( OPERATION, ENTRY, "bdb_modify: %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
- Debug( LDAP_DEBUG_ARGS, "bdb_modify: %s\n", dn->bv_val, 0, 0 );
+ Debug( LDAP_DEBUG_ARGS, "bdb_modify: %s\n", op->o_req_dn.bv_val, 0, 0 );
#endif
if( 0 ) {
#endif
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- pm_list = LDAP_LIST_FIRST(&op->premodify_list);
+ pm_list = LDAP_LIST_FIRST(&op->o_pm_list);
while ( pm_list != NULL ) {
- LDAP_LIST_REMOVE ( pm_list, link );
+ LDAP_LIST_REMOVE ( pm_list, ps_link );
pm_prev = pm_list;
- pm_list = LDAP_LIST_NEXT ( pm_list, link );
- free (pm_prev);
+ pm_list = LDAP_LIST_NEXT ( pm_list, ps_link );
+ ch_free( pm_prev );
}
#endif
- rc = TXN_ABORT( ltid );
+ rs->sr_err = TXN_ABORT( ltid );
ltid = NULL;
op->o_private = NULL;
op->o_do_not_cache = opinfo.boi_acl_cache;
- if( rc != 0 ) {
- rc = LDAP_OTHER;
- text = "internal error";
+ if( rs->sr_err != 0 ) {
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
ldap_pvt_thread_yield();
}
/* begin transaction */
- rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
+ rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
bdb->bi_db_opflags );
- text = NULL;
- if( rc != 0 ) {
+ rs->sr_text = NULL;
+ if( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
- "bdb_modify: txn_begin failed: %s (%d)\n", db_strerror(rc), rc, 0 );
+ "bdb_modify: txn_begin failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_modify: txn_begin failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
locker = TXN_ID ( ltid );
- opinfo.boi_bdb = be;
+ opinfo.boi_bdb = op->o_bd;
opinfo.boi_txn = ltid;
opinfo.boi_locker = locker;
opinfo.boi_err = 0;
op->o_private = &opinfo;
/* get entry */
- rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, 0, locker, &lock );
+ rs->sr_err = bdb_dn2entry_w( op->o_bd, ltid, &op->o_req_ndn, &e, &matched, 0, locker, &lock );
- if ( rc != 0 ) {
+ if ( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
- "bdb_modify: dn2entry failed: (%d)\n", rc, 0, 0 );
+ "bdb_modify: dn2entry failed: (%d)\n", rs->sr_err, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_modify: dn2entry failed (%d)\n",
- rc, 0, 0 );
+ rs->sr_err, 0, 0 );
#endif
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
case DB_NOTFOUND:
break;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
default:
- rc = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
}
- text = "internal error";
+ rs->sr_text = "internal error";
goto return_results;
}
/* acquire and lock entry */
if ( e == NULL ) {
- char* matched_dn = NULL;
- BerVarray refs;
-
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
bdb_unlocked_cache_return_entry_r (&bdb->bi_cache, matched);
matched = NULL;
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
- free( matched_dn );
+ ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto done;
}
if ( !manageDSAit && is_entry_referral( e ) ) {
/* entry is a referral, don't allow modify */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1, "bdb_modify: entry is referral\n", 0, 0, 0 );
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto done;
}
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- if ( rc == LDAP_SUCCESS && !op->o_noop ) {
- LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) {
- bdb_psearch(be, conn, op, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY );
+ if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) {
+ LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ bdb_psearch(op, rs, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY );
}
}
#endif
/* Modify the entry */
- rc = bdb_modify_internal( be, conn, op, ltid, modlist, e,
- &text, textbuf, textlen );
+ rs->sr_err = bdb_modify_internal( op, ltid, op->oq_modify.rs_modlist, e,
+ &rs->sr_text, textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "bdb_modify: modify failed (%d)\n", rc, 0, 0 );
+ "bdb_modify: modify failed (%d)\n", rs->sr_err, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_modify: modify failed (%d)\n",
- rc, 0, 0 );
+ rs->sr_err, 0, 0 );
#endif
- if ( (rc == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) {
- rc = opinfo.boi_err;
+ if ( (rs->sr_err == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) {
+ rs->sr_err = opinfo.boi_err;
}
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
/* change the entry itself */
- rc = bdb_id2entry_update( be, ltid, e );
- if ( rc != 0 ) {
+ rs->sr_err = bdb_id2entry_update( op->o_bd, ltid, e );
+ if ( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
- "bdb_modify: id2entry update failed (%d)\n", rc, 0, 0 );
+ "bdb_modify: id2entry update failed (%d)\n", rs->sr_err, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_modify: id2entry update failed (%d)\n",
- rc, 0, 0 );
+ rs->sr_err, 0, 0 );
#endif
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- text = "entry update failed";
+ rs->sr_text = "entry update failed";
goto return_results;
}
if( op->o_noop ) {
- if ( ( rc = TXN_ABORT( ltid ) ) != 0 ) {
- text = "txn_abort (no-op) failed";
+ if ( ( rs->sr_err = TXN_ABORT( ltid ) ) != 0 ) {
+ rs->sr_text = "txn_abort (no-op) failed";
} else {
noop = 1;
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
}
} else {
- rc = TXN_COMMIT( ltid, 0 );
+ rs->sr_err = TXN_COMMIT( ltid, 0 );
}
ltid = NULL;
op->o_private = NULL;
- if( rc != 0 ) {
+ if( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"bdb_modify: txn_%s failed %s (%d)\n",
- op->o_noop ? "abort (no_op)" : "commit", db_strerror(rc), rc );
+ op->o_noop ? "abort (no_op)" : "commit", db_strerror(rs->sr_err), rs->sr_err );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_modify: txn_%s failed: %s (%d)\n",
op->o_noop ? "abort (no-op)" : "commit",
- db_strerror(rc), rc );
+ db_strerror(rs->sr_err), rs->sr_err );
#endif
- rc = LDAP_OTHER;
- text = "commit failed";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "commit failed";
} else {
#ifdef NEW_LOGGING
op->o_noop ? " (no-op)" : "",
e->e_id, e->e_dn );
#endif
- rc = LDAP_SUCCESS;
- text = NULL;
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_text = NULL;
}
return_results:
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- if ( rc == LDAP_SUCCESS && !op->o_noop ) {
+ if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) {
/* Loop through in-scope entries for each psearch spec */
- LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) {
- bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_MODIFY );
+ LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_MODIFY );
}
- pm_list = LDAP_LIST_FIRST(&op->premodify_list);
+ pm_list = LDAP_LIST_FIRST(&op->o_pm_list);
while ( pm_list != NULL ) {
- bdb_psearch(be, conn, op, pm_list->ps->op,
+ bdb_psearch(op, rs, pm_list->ps_op,
e, LDAP_PSEARCH_BY_SCOPEOUT);
- LDAP_LIST_REMOVE ( pm_list, link );
+ LDAP_LIST_REMOVE ( pm_list, ps_link );
pm_prev = pm_list;
- pm_list = LDAP_LIST_NEXT ( pm_list, link );
- free (pm_prev);
+ pm_list = LDAP_LIST_NEXT ( pm_list, ps_link );
+ ch_free( pm_prev );
}
}
#endif
- if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
+ if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) {
ldap_pvt_thread_yield();
TXN_CHECKPOINT( bdb->bi_dbenv,
bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
done:
if( ltid != NULL ) {
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- pm_list = LDAP_LIST_FIRST(&op->premodify_list);
+ pm_list = LDAP_LIST_FIRST(&op->o_pm_list);
while ( pm_list != NULL ) {
- LDAP_LIST_REMOVE ( pm_list, link );
+ LDAP_LIST_REMOVE ( pm_list, ps_link );
pm_prev = pm_list;
- pm_list = LDAP_LIST_NEXT ( pm_list, link );
- free (pm_prev);
+ pm_list = LDAP_LIST_NEXT ( pm_list, ps_link );
+ ch_free( pm_prev );
}
#endif
TXN_ABORT( ltid );
if( e != NULL ) {
bdb_unlocked_cache_return_entry_w (&bdb->bi_cache, e);
}
- return ( ( rc == LDAP_SUCCESS ) ? noop : rc );
+ return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err );
}
#include "external.h"
int
-bdb_modrdn(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- struct berval *newrdn,
- struct berval *nnewrdn,
- int deleteoldrdn,
- struct berval *newSuperior,
- struct berval *nnewSuperior )
+bdb_modrdn( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
AttributeDescription *children = slap_schema.si_ad_children;
AttributeDescription *entry = slap_schema.si_ad_entry;
struct berval p_dn, p_ndn;
/* LDAP v2 supporting correct attribute handling. */
LDAPRDN *new_rdn = NULL;
LDAPRDN *old_rdn = NULL;
- int rc;
- const char *text;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
DB_TXN * ltid = NULL;
int noop = 0;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- Operation* ps_list;
- struct psid_entry* pm_list;
- struct psid_entry* pm_prev;
+ Operation *ps_list;
+ struct psid_entry *pm_list, *pm_prev;
#endif
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ENTRY, "==>bdb_modrdn(%s,%s,%s)\n",
- dn->bv_val,newrdn->bv_val, newSuperior ? newSuperior->bv_val : "NULL" );
+ op->o_req_dn.bv_val,op->oq_modrdn.rs_newrdn.bv_val,
+ op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_val : "NULL" );
#else
Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn(%s,%s,%s)\n",
- dn->bv_val, newrdn->bv_val,
- newSuperior ? newSuperior->bv_val : "NULL" );
+ op->o_req_dn.bv_val,op->oq_modrdn.rs_newrdn.bv_val,
+ op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_val : "NULL" );
#endif
if( 0 ) {
#endif
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- pm_list = LDAP_LIST_FIRST(&op->premodify_list);
+ pm_list = LDAP_LIST_FIRST(&op->o_pm_list);
while ( pm_list != NULL ) {
- LDAP_LIST_REMOVE ( pm_list, link );
- pm_prev = pm_list;
- pm_list = LDAP_LIST_NEXT ( pm_list, link );
- free (pm_prev);
+ LDAP_LIST_REMOVE ( pm_list, ps_link );
+ pm_prev = pm_list;
+ pm_list = LDAP_LIST_NEXT ( pm_list, ps_link );
+ ch_free( pm_prev );
}
#endif
- rc = TXN_ABORT( ltid );
+ rs->sr_err = TXN_ABORT( ltid );
ltid = NULL;
op->o_private = NULL;
op->o_do_not_cache = opinfo.boi_acl_cache;
- if( rc != 0 ) {
- rc = LDAP_OTHER;
- text = "internal error";
+ if( rs->sr_err != 0 ) {
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
ldap_pvt_thread_yield();
}
/* begin transaction */
- rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
+ rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
bdb->bi_db_opflags );
- text = NULL;
- if( rc != 0 ) {
+ rs->sr_text = NULL;
+ if( rs->sr_err != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"==>bdb_modrdn: txn_begin failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_delete: txn_begin failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
locker = TXN_ID ( ltid );
- opinfo.boi_bdb = be;
+ opinfo.boi_bdb = op->o_bd;
opinfo.boi_txn = ltid;
opinfo.boi_locker = locker;
opinfo.boi_err = 0;
op->o_private = &opinfo;
/* get entry */
- rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, DB_RMW, locker, &lock );
+ rs->sr_err = bdb_dn2entry_w( op->o_bd, ltid, &op->o_req_ndn, &e, &matched, DB_RMW, locker, &lock );
- switch( rc ) {
+ switch( rs->sr_err ) {
case 0:
case DB_NOTFOUND:
break;
case DB_LOCK_NOTGRANTED:
goto retry;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
if ( e == NULL ) {
- char* matched_dn = NULL;
- BerVarray refs;
-
if( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, matched);
matched = NULL;
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
- free( matched_dn );
+ ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto done;
}
/* check write on old entry */
- rc = access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE, NULL );
+ rs->sr_err = access_allowed( op, e, entry, NULL, ACL_WRITE, NULL );
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
0, 0 );
#endif
- text = "no write access to old entry";
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to old entry";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
#ifndef BDB_HIER
- rc = bdb_dn2id_children( be, ltid, &e->e_nname, 0 );
- if ( rc != DB_NOTFOUND ) {
- switch( rc ) {
+ rs->sr_err = bdb_dn2id_children( op->o_bd, ltid, &e->e_nname, 0 );
+ if ( rs->sr_err != DB_NOTFOUND ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
case 0:
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
- "<=- bdb_modrdn: non-leaf %s\n", dn->bv_val, 0, 0 );
+ "<=- bdb_modrdn: non-leaf %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- bdb_modrdn: non-leaf %s\n",
- dn->bv_val, 0, 0);
+ op->o_req_dn.bv_val, 0, 0);
#endif
- rc = LDAP_NOT_ALLOWED_ON_NONLEAF;
- text = "subtree rename not supported";
+ rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
+ rs->sr_text = "subtree rename not supported";
break;
default:
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"<=- bdb_modrdn: has_children failed %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- bdb_modrdn: has_children failed: %s (%d)\n",
- db_strerror(rc), rc, 0 );
+ db_strerror(rs->sr_err), rs->sr_err, 0 );
#endif
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
}
goto return_results;
}
#endif
if (!manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
- /* parent is an alias, don't allow add */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
e->e_dn, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL,
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto done;
}
- if ( be_issuffix( be, &e->e_nname ) ) {
+ if ( be_issuffix( op->o_bd, &e->e_nname ) ) {
p_ndn = slap_empty_bv;
} else {
dnParent( &e->e_nname, &p_ndn );
/* Make sure parent entry exist and we can write its
* children.
*/
- rc = bdb_dn2entry_r( be, ltid, &p_ndn, &p, NULL, 0, locker, &lock );
+ rs->sr_err = bdb_dn2entry_r( op->o_bd, ltid, &p_ndn, &p, NULL, 0, locker, &lock );
- switch( rc ) {
+ switch( rs->sr_err ) {
case 0:
case DB_NOTFOUND:
break;
case DB_LOCK_NOTGRANTED:
goto retry;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: parent does not exist\n",
0, 0, 0);
#endif
- rc = LDAP_OTHER;
- text = "old entry's parent does not exist";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "old entry's parent does not exist";
goto return_results;
}
/* check parent for "children" acl */
- rc = access_allowed( be, conn, op, p,
+ rs->sr_err = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"==>bdb_modrdn: no access to parent\n", 0, 0, 0 );
Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
0, 0 );
#endif
- text = "no write access to old parent's children";
+ rs->sr_text = "no write access to old parent's children";
goto return_results;
}
} else {
/* no parent, modrdn entry directly under root */
- isroot = be_isroot( be, &op->o_ndn );
+ isroot = be_isroot( op->o_bd, &op->o_ndn );
if ( ! isroot ) {
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv )
- || be_isupdate( be, &op->o_ndn ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
+ || be_isupdate( op->o_bd, &op->o_ndn ) ) {
p = (Entry *)&slap_entry_root;
/* check parent for "children" acl */
- rc = access_allowed( be, conn, op, p,
+ rs->sr_err = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
p = NULL;
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"==>bdb_modrdn: no access to parent\n", 0, 0, 0 );
"no access to parent\n",
0, 0, 0 );
#endif
- text = "no write access to old parent";
+ rs->sr_text = "no write access to old parent";
goto return_results;
}
"& \"\" is not suffix\n",
0, 0, 0);
#endif
- text = "no write access to old parent";
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to old parent";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
}
new_parent_dn = &p_dn; /* New Parent unless newSuperior given */
- if ( newSuperior != NULL ) {
+ if ( op->oq_modrdn.rs_newSup != NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
"==>bdb_modrdn: new parent \"%s\" requested...\n",
- newSuperior->bv_val, 0, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_modrdn: new parent \"%s\" requested...\n",
- newSuperior->bv_val, 0, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, 0, 0 );
#endif
/* newSuperior == oldParent? */
- if( dn_match( &p_ndn, nnewSuperior ) ) {
+ if( dn_match( &p_ndn, op->oq_modrdn.rs_nnewSup ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, INFO, "bdb_back_modrdn: "
"new parent \"%s\" same as the old parent \"%s\"\n",
- newSuperior->bv_val, p_dn.bv_val, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "bdb_back_modrdn: "
"new parent \"%s\" same as the old parent \"%s\"\n",
- newSuperior->bv_val, p_dn.bv_val, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 );
#endif
- newSuperior = NULL; /* ignore newSuperior */
+ op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */
}
}
- if ( newSuperior != NULL ) {
- if ( newSuperior->bv_len ) {
- np_dn = newSuperior;
- np_ndn = nnewSuperior;
+ if ( op->oq_modrdn.rs_newSup != NULL ) {
+ if ( op->oq_modrdn.rs_newSup->bv_len ) {
+ np_dn = op->oq_modrdn.rs_newSup;
+ np_ndn = op->oq_modrdn.rs_nnewSup;
/* newSuperior == oldParent?, if so ==> ERROR */
/* newSuperior == entry being moved?, if so ==> ERROR */
/* Get Entry with dn=newSuperior. Does newSuperior exist? */
- rc = bdb_dn2entry_r( be,
- ltid, nnewSuperior, &np, NULL, 0, locker, &lock );
+ rs->sr_err = bdb_dn2entry_r( op->o_bd,
+ ltid, np_ndn, &np, NULL, 0, locker, &lock );
- switch( rc ) {
+ switch( rs->sr_err ) {
case 0:
case DB_NOTFOUND:
break;
case DB_LOCK_NOTGRANTED:
goto retry;
case LDAP_BUSY:
- text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto return_results;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
"bdb_modrdn: newSup(ndn=%s) not here!\n",
np_ndn->bv_val, 0, 0);
#endif
- text = "new superior not found";
- rc = LDAP_OTHER;
+ rs->sr_text = "new superior not found";
+ rs->sr_err = LDAP_OTHER;
goto return_results;
}
#endif
/* check newSuperior for "children" acl */
- rc = access_allowed( be, conn, op, np, children,
+ rs->sr_err = access_allowed( op, np, children,
NULL, ACL_WRITE, NULL );
- if( ! rc ) {
+ if( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
"bdb_modrdn: no wr to newSup children\n",
0, 0, 0 );
#endif
- text = "no write access to new superior's children";
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to new superior's children";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n",
0, 0, 0 );
#endif
- text = "new superior is an alias";
- rc = LDAP_ALIAS_PROBLEM;
+ rs->sr_text = "new superior is an alias";
+ rs->sr_err = LDAP_ALIAS_PROBLEM;
goto return_results;
}
#endif
Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n",
0, 0, 0 );
#endif
- text = "new superior is a referral";
- rc = LDAP_OTHER;
+ rs->sr_text = "new superior is a referral";
+ rs->sr_err = LDAP_OTHER;
goto return_results;
}
} else {
if ( isroot == -1 ) {
- isroot = be_isroot( be, &op->o_ndn );
+ isroot = be_isroot( op->o_bd, &op->o_ndn );
}
np_dn = NULL;
/* no parent, modrdn entry directly under root */
if ( ! isroot ) {
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv )
- || be_isupdate( be, &op->o_ndn ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
+ || be_isupdate( op->o_bd, &op->o_ndn ) ) {
np = (Entry *)&slap_entry_root;
/* check parent for "children" acl */
- rc = access_allowed( be, conn, op, np,
+ rs->sr_err = access_allowed( op, np,
children, NULL, ACL_WRITE, NULL );
np = NULL;
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"==>bdb_modrdn: no access to superior\n", 0, 0, 0 );
"no access to new superior\n",
0, 0, 0 );
#endif
- text = "no write access to new superior's children";
+ rs->sr_text = "no write access to new superior's children";
goto return_results;
}
"& \"\" is not suffix\n",
0, 0, 0);
#endif
- text = "no write access to new superior's children";
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_text = "no write access to new superior's children";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
}
}
/* Build target dn and make sure target entry doesn't exist already. */
- if (!new_dn.bv_val) build_new_dn( &new_dn, new_parent_dn, newrdn );
+ if (!new_dn.bv_val) build_new_dn( &new_dn, new_parent_dn, &op->oq_modrdn.rs_newrdn );
if (!new_ndn.bv_val) dnNormalize2( NULL, &new_dn, &new_ndn );
new_ndn.bv_val, 0, 0 );
#endif
- rc = bdb_dn2id ( be, ltid, &new_ndn, &id, 0 );
- switch( rc ) {
+ rs->sr_err = bdb_dn2id ( op->o_bd, ltid, &new_ndn, &id, 0 );
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
case DB_NOTFOUND:
break;
case 0:
- rc = LDAP_ALREADY_EXISTS;
+ rs->sr_err = LDAP_ALREADY_EXISTS;
goto return_results;
default:
- rc = LDAP_OTHER;
- text = "internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "internal error";
goto return_results;
}
/* Get attribute type and attribute value of our new rdn, we will
* need to add that to our new entry
*/
- if ( !new_rdn && ldap_bv2rdn( newrdn, &new_rdn, (char **)&text,
+ if ( !new_rdn && ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn, (char **)&rs->sr_text,
LDAP_DN_FORMAT_LDAP ) )
{
#ifdef NEW_LOGGING
"type(s)/values(s) of newrdn\n",
0, 0, 0 );
#endif
- rc = LDAP_INVALID_DN_SYNTAX;
- text = "unknown type(s) used in RDN";
+ rs->sr_err = LDAP_INVALID_DN_SYNTAX;
+ rs->sr_text = "unknown type(s) used in RDN";
goto return_results;
}
new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 );
#endif
- if ( deleteoldrdn ) {
- if ( !old_rdn && ldap_bv2rdn( dn, &old_rdn, (char **)&text,
+ if ( op->oq_modrdn.rs_deleteoldrdn ) {
+ if ( !old_rdn && ldap_bv2rdn( &op->o_req_dn, &old_rdn, (char **)&rs->sr_text,
LDAP_DN_FORMAT_LDAP ) )
{
#ifdef NEW_LOGGING
"the old_rdn type(s)/value(s)\n",
0, 0, 0 );
#endif
- rc = LDAP_OTHER;
- text = "cannot parse RDN from old DN";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "cannot parse RDN from old DN";
goto return_results;
}
}
/* prepare modlist of modifications from old/new rdn */
if (!mod) {
- rc = slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn,
- deleteoldrdn, &mod );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = slap_modrdn2mods( op, rs, e, old_rdn, new_rdn, &mod );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
goto return_results;
}
}
/* delete old one */
- rc = bdb_dn2id_delete( be, ltid, p_ndn.bv_val, e );
- if ( rc != 0 ) {
- switch( rc ) {
+ rs->sr_err = bdb_dn2id_delete( op->o_bd, ltid, p_ndn.bv_val, e );
+ if ( rs->sr_err != 0 ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- rc = LDAP_OTHER;
- text = "DN index delete fail";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "DN index delete fail";
goto return_results;
}
* free individual fields. But if a previous modrdn has
* already happened, must free the names.
*/
+#ifdef BDB_HIER
+ ch_free(e->e_name.bv_val);
+ e->e_name.bv_val = ch_malloc(new_dn.bv_len + new_ndn.bv_len + 2);
+ e->e_name.bv_len = new_dn.bv_len;
+ e->e_nname.bv_val = e->e_name.bv_val + new_dn.bv_len + 1;
+ e->e_nname.bv_len = new_ndn.bv_len;
+ strcpy(e->e_name.bv_val, new_dn.bv_val);
+ strcpy(e->e_nname.bv_val, new_ndn.bv_val);
+#else
if( e->e_nname.bv_val < e->e_bv.bv_val || e->e_nname.bv_val >
e->e_bv.bv_val + e->e_bv.bv_len ) {
ch_free(e->e_name.bv_val);
}
e->e_name = new_dn;
e->e_nname = new_ndn;
-
new_dn.bv_val = NULL;
new_ndn.bv_val = NULL;
-
+#endif
/* add new one */
- rc = bdb_dn2id_add( be, ltid, np_ndn, e );
- if ( rc != 0 ) {
- switch( rc ) {
+ rs->sr_err = bdb_dn2id_add( op->o_bd, ltid, np_ndn, e );
+ if ( rs->sr_err != 0 ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- rc = LDAP_OTHER;
- text = "DN index add failed";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "DN index add failed";
goto return_results;
}
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- if ( rc == LDAP_SUCCESS && !op->o_noop ) {
- LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) {
- bdb_psearch(be, conn, op, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY );
+ if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) {
+ LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY );
}
}
#endif
/* modify entry */
- rc = bdb_modify_internal( be, conn, op, ltid, &mod[0], e,
- &text, textbuf, textlen );
+ rs->sr_err = bdb_modify_internal( op, ltid, &mod[0], e,
+ &rs->sr_text, textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
- if ( ( rc == LDAP_INSUFFICIENT_ACCESS ) && opinfo.boi_err ) {
- rc = opinfo.boi_err;
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ if ( ( rs->sr_err == LDAP_INSUFFICIENT_ACCESS ) && opinfo.boi_err ) {
+ rs->sr_err = opinfo.boi_err;
}
- switch( rc ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
/* id2entry index */
- rc = bdb_id2entry_update( be, ltid, e );
- if ( rc != 0 ) {
- switch( rc ) {
+ rs->sr_err = bdb_id2entry_update( op->o_bd, ltid, e );
+ if ( rs->sr_err != 0 ) {
+ switch( rs->sr_err ) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- rc = LDAP_OTHER;
- text = "entry update failed";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "entry update failed";
goto return_results;
}
if( op->o_noop ) {
- if(( rc=TXN_ABORT( ltid )) != 0 ) {
- text = "txn_abort (no-op) failed";
+ if(( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
+ rs->sr_text = "txn_abort (no-op) failed";
} else {
noop = 1;
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
}
} else {
snprintf( gid, sizeof( gid ), "%s-%08lx-%08lx",
bdb_uuid.bv_val, (long) op->o_connid, (long) op->o_opid );
- if(( rc=TXN_PREPARE( ltid, gid )) != 0 ) {
- text = "txn_prepare failed";
+ if(( rs->sr_err=TXN_PREPARE( ltid, gid )) != 0 ) {
+ rs->sr_text = "txn_prepare failed";
} else {
if( bdb_cache_update_entry(&bdb->bi_cache, e) == -1 ) {
- if(( rc=TXN_ABORT( ltid )) != 0 ) {
- text ="cache update & txn_abort failed";
+ if(( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
+ rs->sr_text ="cache update & txn_abort failed";
} else {
- rc = LDAP_OTHER;
- text = "cache update failed";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "cache update failed";
}
} else {
bdb_cache_entry_commit( e );
- if(( rc=TXN_COMMIT( ltid, 0 )) != 0 ) {
- text = "txn_commit failed";
+ if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) {
+ rs->sr_text = "txn_commit failed";
} else {
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
}
}
}
ltid = NULL;
op->o_private = NULL;
- if( rc == LDAP_SUCCESS ) {
+ if( rs->sr_err == LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, RESULTS,
"bdb_modrdn: rdn modified%s id=%08lx dn=\"%s\"\n",
"bdb_modrdn: rdn modified%s id=%08lx dn=\"%s\"\n",
op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn );
#endif
- text = NULL;
+ rs->sr_text = NULL;
} else {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, RESULTS, "bdb_modrdn: %s : %s (%d)\n",
- text, db_strerror(rc), rc );
+ rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
#else
Debug( LDAP_DEBUG_TRACE, "bdb_add: %s : %s (%d)\n",
- text, db_strerror(rc), rc );
+ rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
#endif
- rc = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
}
return_results:
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- if ( rc == LDAP_SUCCESS && !op->o_noop ) {
+ if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) {
/* Loop through in-scope entries for each psearch spec */
- LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) {
- bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_MODIFY );
+ LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_MODIFY );
}
- pm_list = LDAP_LIST_FIRST(&op->premodify_list);
+ pm_list = LDAP_LIST_FIRST(&op->o_pm_list);
while ( pm_list != NULL ) {
- bdb_psearch(be, conn, op, pm_list->ps->op,
+ bdb_psearch(op, rs, pm_list->ps_op,
e, LDAP_PSEARCH_BY_SCOPEOUT);
- LDAP_LIST_REMOVE ( pm_list, link );
pm_prev = pm_list;
- pm_list = LDAP_LIST_NEXT ( pm_list, link );
- free (pm_prev);
+ LDAP_LIST_REMOVE ( pm_list, ps_link );
+ pm_list = LDAP_LIST_NEXT ( pm_list, ps_link );
+ ch_free( pm_prev );
}
}
#endif
- if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
+ if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) {
ldap_pvt_thread_yield();
TXN_CHECKPOINT( bdb->bi_dbenv,
bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
if( ltid != NULL ) {
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- pm_list = LDAP_LIST_FIRST(&op->premodify_list);
+ pm_list = LDAP_LIST_FIRST(&op->o_pm_list);
while ( pm_list != NULL ) {
- LDAP_LIST_REMOVE ( pm_list, link );
- pm_prev = pm_list;
- pm_list = LDAP_LIST_NEXT ( pm_list, link );
- free (pm_prev);
+ LDAP_LIST_REMOVE ( pm_list, ps_link );
+ pm_prev = pm_list;
+ pm_list = LDAP_LIST_NEXT ( pm_list, ps_link );
+ ch_free( pm_prev );
}
#endif
TXN_ABORT( ltid );
op->o_private = NULL;
}
- return ( ( rc == LDAP_SUCCESS ) ? noop : rc );
+ return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err );
}
#include "slap.h"
#include "back-bdb.h"
#include "proto-bdb.h"
+#include "external.h"
/*
* sets *hasSubordinates to LDAP_COMPARE_TRUE/LDAP_COMPARE_FALSE
*/
int
bdb_hasSubordinates(
- BackendDB *be,
- Connection *conn,
Operation *op,
Entry *e,
int *hasSubordinates )
int rc;
assert( e );
- assert( hasSubordinates );
retry:
- rc = bdb_dn2id_children( be, NULL, &e->e_nname, 0 );
+ rc = bdb_dn2id_children( op->o_bd, NULL, &e->e_nname, 0 );
switch( rc ) {
case DB_LOCK_DEADLOCK:
*/
int
bdb_operational(
- BackendDB *be,
- Connection *conn,
Operation *op,
- Entry *e,
- AttributeName *attrs,
+ SlapReply *rs,
int opattrs,
Attribute **a )
{
Attribute **aa = a;
- int rc = 0;
- assert( e );
+ assert( rs->sr_entry );
- if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, attrs ) ) {
+ if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, rs->sr_attrs ) ) {
int hasSubordinates;
- rc = bdb_hasSubordinates( be, conn, op, e, &hasSubordinates );
- if ( rc == LDAP_SUCCESS ) {
+ rs->sr_err = bdb_hasSubordinates( op, rs->sr_entry, &hasSubordinates );
+ if ( rs->sr_err == LDAP_SUCCESS ) {
*aa = slap_operational_hasSubordinate( hasSubordinates == LDAP_COMPARE_TRUE );
if ( *aa != NULL ) {
aa = &(*aa)->a_next;
}
}
- return rc;
+ return rs->sr_err;
}
#include "lber_pvt.h"
int
-bdb_exop_passwd(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char **text,
- BerVarray *refs )
+bdb_exop_passwd( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
int rc;
Entry *e = NULL;
struct berval hash = { 0, NULL };
u_int32_t locker = 0;
DB_LOCK lock;
- assert( reqoid != NULL );
- assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 );
+ assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 );
- rc = slap_passwd_parse( reqdata,
- &id, NULL, &new, text );
+ rc = slap_passwd_parse( op->oq_extended.rs_reqdata,
+ &id, NULL, &new, &rs->sr_text );
#ifdef NEW_LOGGING
LDAP_LOG ( ACL, ENTRY,
slap_passwd_generate(&new);
if( new.bv_len == 0 ) {
- *text = "password generation failed.";
+ rs->sr_text = "password generation failed.";
rc = LDAP_OTHER;
goto done;
}
- *rspdata = slap_passwd_return( &new );
+ rs->sr_rspdata = slap_passwd_return( &new );
}
slap_passwd_hash( &new, &hash );
if( hash.bv_len == 0 ) {
- *text = "password hash failed";
+ rs->sr_text = "password hash failed";
rc = LDAP_OTHER;
goto done;
}
#endif
if( dn.bv_len == 0 ) {
- *text = "No password is associated with the Root DSE";
+ rs->sr_text = "No password is associated with the Root DSE";
rc = LDAP_UNWILLING_TO_PERFORM;
goto done;
}
rc = dnNormalize2( NULL, &dn, &ndn );
if( rc != LDAP_SUCCESS ) {
- *text = "Invalid DN";
+ rs->sr_text = "Invalid DN";
goto done;
}
op->o_do_not_cache = opinfo.boi_acl_cache;
if( rc != 0 ) {
rc = LDAP_OTHER;
- *text = "internal error";
+ rs->sr_text = "internal error";
goto done;
}
ldap_pvt_thread_yield();
/* begin transaction */
rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
bdb->bi_db_opflags );
- *text = NULL;
+ rs->sr_text = NULL;
if( rc != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG ( ACL, ERR,
db_strerror(rc), rc, 0 );
#endif
rc = LDAP_OTHER;
- *text = "internal error";
+ rs->sr_text = "internal error";
goto done;
}
locker = TXN_ID ( ltid );
- opinfo.boi_bdb = be;
+ opinfo.boi_bdb = op->o_bd;
opinfo.boi_txn = ltid;
opinfo.boi_locker = locker;
opinfo.boi_err = 0;
op->o_private = &opinfo;
/* get entry */
- rc = bdb_dn2entry_w( be, ltid, &ndn, &e, NULL, 0 , locker, &lock);
+ rc = bdb_dn2entry_w( op->o_bd, ltid, &ndn, &e, NULL, 0 , locker, &lock);
switch(rc) {
case DB_LOCK_DEADLOCK:
case 0:
break;
case LDAP_BUSY:
- *text = "ldap server busy";
+ rs->sr_text = "ldap server busy";
goto done;
default:
rc = LDAP_OTHER;
- *text = "internal error";
+ rs->sr_text = "internal error";
goto done;
}
if( e == NULL ) {
- *text = "could not locate authorization entry";
+ rs->sr_text = "could not locate authorization entry";
rc = LDAP_NO_SUCH_OBJECT;
goto done;
}
#ifdef BDB_SUBENTRIES
if( is_entry_subentry( e ) ) {
/* entry is an alias, don't allow operation */
- *text = "authorization entry is subentry";
+ rs->sr_text = "authorization entry is subentry";
rc = LDAP_OTHER;
goto done;
}
#ifdef BDB_ALIASES
if( is_entry_alias( e ) ) {
/* entry is an alias, don't allow operation */
- *text = "authorization entry is alias";
+ rs->sr_text = "authorization entry is alias";
rc = LDAP_ALIAS_PROBLEM;
goto done;
}
if( is_entry_referral( e ) ) {
/* entry is an referral, don't allow operation */
- *text = "authorization entry is referral";
+ rs->sr_text = "authorization entry is referral";
rc = LDAP_OTHER;
goto done;
}
ml.sml_op = LDAP_MOD_REPLACE;
ml.sml_next = NULL;
- rc = bdb_modify_internal( be, conn, op, ltid,
- &ml, e, text, textbuf, textlen );
+ rc = bdb_modify_internal( op, ltid,
+ &ml, e, &rs->sr_text, textbuf, textlen );
if ( (rc == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) {
rc = opinfo.boi_err;
switch(rc) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
- *text = NULL;
+ rs->sr_text = NULL;
goto retry;
case 0:
- *text = NULL;
+ rs->sr_text = NULL;
break;
default:
rc = LDAP_OTHER;
- *text = "entry modify failed";
+ rs->sr_text = "entry modify failed";
goto done;
}
/* change the entry itself */
- rc = bdb_id2entry_update( be, ltid, e );
+ rc = bdb_id2entry_update( op->o_bd, ltid, e );
if( rc != 0 ) {
switch(rc) {
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto retry;
}
- *text = "entry update failed";
+ rs->sr_text = "entry update failed";
rc = LDAP_OTHER;
}
op->o_private = NULL;
if( rc == LDAP_SUCCESS ) {
- replog( be, op, &e->e_name, &e->e_nname, &ml );
+ op->o_req_dn = e->e_name;
+ op->o_req_ndn = e->e_nname;
+ op->oq_modify.rs_modlist = &ml;
+ replog( op );
+ op->oq_extended.rs_reqoid = slap_EXOP_MODIFY_PASSWD;
}
}
ID id,
int op ));
-int bdb_index_entry LDAP_P(( Backend *be, DB_TXN *t,
- int r, Entry *e, Attribute *ap ));
+int bdb_index_entry LDAP_P(( Backend *be, DB_TXN *t, int r, Entry *e ));
-#define bdb_index_entry_add(be,t,e,ap) \
- bdb_index_entry((be),(t),SLAP_INDEX_ADD_OP,(e),(ap))
-#define bdb_index_entry_del(be,t,e,ap) \
- bdb_index_entry((be),(t),SLAP_INDEX_DELETE_OP,(e),(ap))
+#define bdb_index_entry_add(be,t,e) \
+ bdb_index_entry((be),(t),SLAP_INDEX_ADD_OP,(e))
+#define bdb_index_entry_del(be,t,e) \
+ bdb_index_entry((be),(t),SLAP_INDEX_DELETE_OP,(e))
/*
* init.c
* modify.c
*/
int bdb_modify_internal(
- BackendDB *be,
- Connection *conn,
Operation *op,
DB_TXN *tid,
Modifications *modlist,
char *textbuf,
size_t textlen );
-/*
- * operational.c
- */
-int
-bdb_hasSubordinates(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- int *hasSubordinates );
-
/*
* passwd.c
*/
* lcup.c
*/
-int bdb_abandon(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- ber_int_t id
-);
+BI_op_abandon bdb_abandon;
-int bdb_cancel(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- ber_int_t id
-);
+BI_op_cancel bdb_cancel;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
-int bdb_add_psearch_spec(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *fstr,
- AttributeName *attrs,
- int attrsonly,
- int protocol
-);
-
-int bdb_psearch(
- BackendDB *be,
- Connection *conn,
+int bdb_do_search(
Operation *op,
+ SlapReply *rs,
Operation *ps_op,
Entry *entry,
int psearch_type
);
+#define bdb_psearch(op, rs, sop, e, ps_type) bdb_do_search(op, rs, sop, e, ps_type)
#endif
/*
#ifdef LDAP_CLIENT_UPDATE
int
bdb_build_lcup_update_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
Entry *e,
int entry_count,
LDAPControl **ctrls,
int
bdb_build_lcup_done_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
LDAPControl **ctrls,
int num_ctrls,
struct berval *latest_entrycsn_bv );
#ifdef LDAP_SYNC
int
bdb_build_sync_state_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
Entry *e,
int entry_sync_state,
LDAPControl **ctrls,
int
bdb_build_sync_done_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
LDAPControl **ctrls,
int num_ctrls,
int send_cookie,
int
bdb_send_ldap_intermediate(
- Connection *conn,
Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
+ SlapReply *rs,
int state,
- struct berval *cookie,
- LDAPControl **ctrls );
+ struct berval *cookie );
#endif
#ifdef BDB_REUSE_LOCKERS
+++ /dev/null
-/* psearch.c - psearch operations */
-/* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-
-#include "portable.h"
-
-#include <stdio.h>
-
-#include "back-bdb.h"
-#include "idl.h"
-#include "external.h"
-
-#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
-
-#define IS_BDB_REPLACE (( psearch_type == LDAP_PSEARCH_BY_DELETE ) || \
- ( psearch_type == LDAP_PSEARCH_BY_SCOPEOUT ))
-#define IS_BDB_LCUP_REPLACE (( protocol == LDAP_CLIENT_UPDATE ) && IS_BDB_REPLACE )
-
-static int psearch_base_candidate(
- BackendDB *be,
- Entry *e,
- ID *ids );
-
-static int psearch_candidates(
- BackendDB *be,
- Operation *op,
- Entry *e,
- Filter *filter,
- int scope,
- int deref,
- ID *ids );
-
-int
-bdb_abandon(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- ber_int_t id )
-{
- Operation *ps_list;
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
-
- LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) {
- if ( ps_list->o_connid == conn->c_connid ) {
- if ( ps_list->o_msgid == id ) {
- ps_list->o_abandon = 1;
- LDAP_LIST_REMOVE( ps_list, link );
- slap_op_free ( ps_list );
- return LDAP_SUCCESS;
- }
- }
- }
- return LDAP_UNAVAILABLE;
-}
-
-int
-bdb_cancel(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- ber_int_t id )
-{
- Operation *ps_list;
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
-
- LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) {
- if ( ps_list->o_connid == conn->c_connid ) {
- if ( ps_list->o_msgid == id ) {
- ps_list->o_cancel = SLAP_CANCEL_DONE;
- LDAP_LIST_REMOVE( ps_list, link );
-
-#if 0
- bdb_build_sync_done_ctrl( conn, ps_list, ps_list->ctrls, 1, &latest_entrycsn_bv );
- send_search_result( conn, ps_list, LDAP_CANCELLED,
- NULL, NULL, NULL, ps_list->ctrls, ps_list->nentries);
-#endif
- send_search_result( conn, ps_list, LDAP_CANCELLED,
- NULL, NULL, NULL, NULL, 0);
-
-
-
- slap_op_free ( ps_list );
- return LDAP_SUCCESS;
- }
- }
- }
- return LDAP_UNAVAILABLE;
-}
-
-int
-bdb_add_psearch_spec(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *fstr,
- AttributeName *attrs,
- int attrsonly,
- int protocol )
-{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
-
- LDAP_LIST_FIRST( &op->psearch_spec ) = (struct ldap_psearch_spec *)
- calloc ( 1, sizeof ( struct ldap_psearch_spec ) );
-
- LDAP_LIST_FIRST( &op->psearch_spec )->op = op;
-
- LDAP_LIST_FIRST( &op->psearch_spec )->base = ber_dupbv(NULL, base);
- LDAP_LIST_FIRST( &op->psearch_spec )->nbase = ber_dupbv(NULL, nbase);
-
- LDAP_LIST_FIRST( &op->psearch_spec )->scope = scope;
- LDAP_LIST_FIRST( &op->psearch_spec )->deref = deref;
- LDAP_LIST_FIRST( &op->psearch_spec )->slimit = slimit;
- LDAP_LIST_FIRST( &op->psearch_spec )->tlimit = tlimit;
-
- LDAP_LIST_FIRST( &op->psearch_spec )->filter = filter;
- LDAP_LIST_FIRST( &op->psearch_spec )->filterstr = ber_dupbv(NULL, fstr);
- LDAP_LIST_FIRST( &op->psearch_spec )->attrs = attrs;
-
- LDAP_LIST_FIRST( &op->psearch_spec )->attrsonly = attrsonly;
-
- LDAP_LIST_FIRST( &op->psearch_spec )->entry_count = 0;
-
- LDAP_LIST_FIRST( &op->psearch_spec )->protocol = protocol;
-
- LDAP_LIST_INSERT_HEAD( &bdb->psearch_list, op, link );
-}
-
-int
-bdb_psearch(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- Operation *ps_op,
- Entry *entry,
- int psearch_type )
-{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
- int rc;
- const char *text = NULL;
- time_t stoptime;
- unsigned cursor;
- ID id;
- ID candidates[BDB_IDL_UM_SIZE];
- Entry *e = NULL;
- BerVarray v2refs = NULL;
- Entry *matched = NULL;
- struct berval realbase = { 0, NULL };
- int nentries = 0;
- int manageDSAit;
-
- Filter cookief, csnfnot, csnfeq, csnfand, csnfge;
- AttributeAssertion aa_ge, aa_eq;
- struct berval entrycsn_bv = { 0, NULL };
- struct berval latest_entrycsn_bv = { 0, NULL };
-
- LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS];
- int num_ctrls = 0;
-
- struct slap_limits_set *limit = NULL;
- int isroot = 0;
- int scopeok = 0;
-
- u_int32_t locker;
- DB_LOCK lock;
-
- Connection *ps_conn = ps_op->o_conn;
- struct berval *base = LDAP_LIST_FIRST( &ps_op->psearch_spec )->base;
- struct berval *nbase = LDAP_LIST_FIRST( &ps_op->psearch_spec )->nbase;
- int scope = LDAP_LIST_FIRST( &ps_op->psearch_spec )->scope;
- int deref = LDAP_LIST_FIRST( &ps_op->psearch_spec )->deref;
- int slimit = LDAP_LIST_FIRST( &ps_op->psearch_spec )->slimit;
- int tlimit = LDAP_LIST_FIRST( &ps_op->psearch_spec )->tlimit;
- Filter *filter = LDAP_LIST_FIRST( &ps_op->psearch_spec )->filter;
- struct berval *filterstr = LDAP_LIST_FIRST( &ps_op->psearch_spec )->filterstr;
- int attrsonly = LDAP_LIST_FIRST( &ps_op->psearch_spec )->attrsonly;
- int protocol = LDAP_LIST_FIRST( &ps_op->psearch_spec )->protocol;
- AttributeName uuid_attr[2];
- AttributeName *attrs;
-
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ENTRY, "bdb_back_search\n", 0, 0, 0 );
-#else
- Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n",
- 0, 0, 0);
-#endif
-
- manageDSAit = get_manageDSAit( ps_op );
-
- rc = LOCK_ID (bdb->bi_dbenv, &locker );
- switch(rc) {
- case 0:
- break;
- default:
- send_ldap_result( ps_conn, ps_op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
- return rc;
- }
-
- for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ )
- ctrls[num_ctrls] = NULL;
- num_ctrls = 0;
-
- if ( !IS_BDB_REPLACE ) {
- attrs = LDAP_LIST_FIRST(&ps_op->psearch_spec)->attrs;
- } else {
-#ifdef LDAP_CLIENT_UPDATE
- if ( protocol == LDAP_CLIENT_UPDATE ) {
- attrs = uuid_attr;
- attrs[0].an_desc = slap_schema.si_ad_entryUUID;
- attrs[0].an_oc = NULL;
- ber_dupbv( &attrs[0].an_name, &attrs[0].an_desc->ad_cname );
- attrs[1].an_desc = NULL;
- attrs[1].an_oc = NULL;
- attrs[1].an_name.bv_len = 0;
- attrs[1].an_name.bv_val = NULL;
- } else
-#endif
-#ifdef LDAP_SYNC
- if (protocol == LDAP_SYNC ) {
- attrs = uuid_attr;
- attrs[0].an_desc = NULL;
- attrs[0].an_oc = NULL;
- attrs[0].an_name.bv_len = 0;
- attrs[0].an_name.bv_val = NULL;
- } else
-#endif
- {
- rc = 1;
- goto done;
- }
- }
-
- if ( nbase->bv_len == 0 ) {
- /* DIT root special case */
- e = (Entry *) &slap_entry_root;
- rc = 0;
- } else
-#ifdef BDB_ALIASES
- /* get entry with reader lock */
- if ( deref & LDAP_DEREF_FINDING ) {
- e = deref_dn_r( be, nbase-, &err, &matched, &text );
-
- } else
-#endif
- {
-dn2entry_retry:
- rc = bdb_dn2entry_r( be, NULL, nbase, &e, &matched, 0, locker, &lock );
- }
-
- switch(rc) {
- case DB_NOTFOUND:
- case 0:
- break;
- case LDAP_BUSY:
- if (e != NULL) {
- bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache,
- e, &lock);
- }
- if (matched != NULL) {
- bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache,
- matched, &lock);
- }
- send_ldap_result( ps_conn, ps_op, LDAP_BUSY,
- NULL, "ldap server busy", NULL, NULL );
- LOCK_ID_FREE( bdb->bi_dbenv, locker );
-#ifdef LDAP_CLIENT_UPDATE
- if ( IS_BDB_LCUP_REPLACE )
- ch_free( attrs[0].an_name.bv_val );
-#endif
- return LDAP_BUSY;
- case DB_LOCK_DEADLOCK:
- case DB_LOCK_NOTGRANTED:
- goto dn2entry_retry;
- default:
- if (e != NULL) {
- bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache,
- e, &lock);
- }
- if (matched != NULL) {
- bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache,
- matched, &lock);
- }
- send_ldap_result( ps_conn, ps_op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
- LOCK_ID_FREE( bdb->bi_dbenv, locker );
-#ifdef LDAP_CLIENT_UPDATE
- if ( IS_BDB_LCUP_REPLACE )
- ch_free( attrs[0].an_name.bv_val );
-#endif
- return rc;
- }
-
- if ( e == NULL ) {
- struct berval matched_dn = { 0, NULL };
- BerVarray refs = NULL;
-
- if ( matched != NULL ) {
- BerVarray erefs;
- ber_dupbv( &matched_dn, &matched->e_name );
-
- erefs = is_entry_referral( matched )
- ? get_entry_referrals( be, ps_conn, ps_op, matched )
- : NULL;
-
- bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache,
- matched, &lock);
- matched = NULL;
-
- if( erefs ) {
- refs = referral_rewrite( erefs, &matched_dn,
- base, scope );
- ber_bvarray_free( erefs );
- }
-
- } else {
- refs = referral_rewrite( default_referral,
- NULL, base, scope );
- }
-
- send_ldap_result( ps_conn, ps_op, rc=LDAP_REFERRAL ,
- matched_dn.bv_val, text, refs, NULL );
-
- LOCK_ID_FREE( bdb->bi_dbenv, locker );
- if ( refs ) ber_bvarray_free( refs );
- if ( matched_dn.bv_val ) ber_memfree( matched_dn.bv_val );
-#ifdef LDAP_CLIENT_UPDATE
- if ( IS_BDB_LCUP_REPLACE )
- ch_free( attrs[0].an_name.bv_val );
-#endif
- return rc;
- }
-
- if (!manageDSAit && e != &slap_entry_root && is_entry_referral( e ) ) {
- /* entry is a referral, don't allow add */
- struct berval matched_dn;
- BerVarray erefs, refs;
-
- ber_dupbv( &matched_dn, &e->e_name );
- erefs = get_entry_referrals( be, ps_conn, ps_op, e );
- refs = NULL;
-
- bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
- e = NULL;
-
- if( erefs ) {
- refs = referral_rewrite( erefs, &matched_dn,
- base, scope );
- ber_bvarray_free( erefs );
- }
-
-#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, RESULTS,
- "bdb_search: entry is referral\n", 0, 0, 0 );
-#else
- Debug( LDAP_DEBUG_TRACE, "bdb_search: entry is referral\n",
- 0, 0, 0 );
-#endif
-
- send_ldap_result( ps_conn, ps_op, LDAP_REFERRAL,
- matched_dn.bv_val,
- refs ? NULL : "bad referral object",
- refs, NULL );
-
- LOCK_ID_FREE( bdb->bi_dbenv, locker );
- ber_bvarray_free( refs );
- ber_memfree( matched_dn.bv_val );
-#ifdef LDAP_CLIENT_UPDATE
- if ( IS_BDB_LCUP_REPLACE )
- ch_free( attrs[0].an_name.bv_val );
-#endif
- return 1;
- }
-
- /* if not root, get appropriate limits */
- if ( be_isroot( be, &ps_op->o_ndn ) ) {
- isroot = 1;
- } else {
- ( void ) get_limits( be, &ps_op->o_ndn, &limit );
- }
-
- /* The time/size limits come first because they require very little
- * effort, so there's no chance the candidates are selected and then
- * the request is not honored only because of time/size constraints */
-
- /* if no time limit requested, use soft limit (unless root!) */
- if ( isroot ) {
- if ( tlimit == 0 ) {
- tlimit = -1; /* allow root to set no limit */
- }
-
- if ( slimit == 0 ) {
- slimit = -1;
- }
-
- } else {
- /* if no limit is required, use soft limit */
- if ( tlimit <= 0 ) {
- tlimit = limit->lms_t_soft;
-
- /* if requested limit higher than hard limit, abort */
- } else if ( tlimit > limit->lms_t_hard ) {
- /* no hard limit means use soft instead */
- if ( limit->lms_t_hard == 0 && tlimit > limit->lms_t_soft ) {
- tlimit = limit->lms_t_soft;
-
- /* positive hard limit means abort */
- } else if ( limit->lms_t_hard > 0 ) {
- send_search_result( ps_conn, ps_op,
- LDAP_UNWILLING_TO_PERFORM,
- NULL, NULL, NULL, NULL, 0 );
- rc = 0;
- goto done;
- }
-
- /* negative hard limit means no limit */
- }
-
- /* if no limit is required, use soft limit */
- if ( slimit <= 0 ) {
- slimit = limit->lms_s_soft;
-
- /* if requested limit higher than hard limit, abort */
- } else if ( slimit > limit->lms_s_hard ) {
- /* no hard limit means use soft instead */
- if ( limit->lms_s_hard == 0 && slimit > limit->lms_s_soft ) {
- slimit = limit->lms_s_soft;
-
- /* positive hard limit means abort */
- } else if ( limit->lms_s_hard > 0 ) {
- send_search_result( ps_conn, ps_op,
- LDAP_UNWILLING_TO_PERFORM,
- NULL, NULL, NULL, NULL, 0 );
- rc = 0;
- goto done;
- }
-
- /* negative hard limit means no limit */
- }
- }
-
- /* compute it anyway; root does not use it */
- stoptime = ps_op->o_time + tlimit;
-
- /* select candidates */
- if ( scope == LDAP_SCOPE_BASE ) {
- rc = psearch_base_candidate( be, e, candidates );
- } else {
- BDB_IDL_ALL( bdb, candidates );
- rc = psearch_candidates( be, op, e, filter,
- scope, deref, candidates );
- }
-
- if ( !BDB_IDL_IS_RANGE( candidates ) ) {
- cursor = bdb_idl_search( candidates, entry->e_id );
- if ( candidates[cursor] != entry->e_id ) {
- goto test_done;
- }
- } else {
- if ( entry->e_id < BDB_IDL_RANGE_FIRST(candidates) &&
- entry->e_id > BDB_IDL_RANGE_LAST(candidates) )
- {
- goto test_done;
- }
- }
-
- /* candidates = { e } */
- candidates[0] = 1;
- candidates[1] = entry->e_id;
-
- /* need normalized dn below */
- ber_dupbv( &realbase, &e->e_nname );
-
- if ( e != &slap_entry_root ) {
- bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, e, &lock);
- }
- e = NULL;
-
- if ( candidates[0] == 0 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, RESULTS,
- "bdb_search: no candidates\n", 0, 0, 0 );
-#else
- Debug( LDAP_DEBUG_TRACE, "bdb_search: no candidates\n",
- 0, 0, 0 );
-#endif
-
- send_search_result( ps_conn, ps_op,
- LDAP_SUCCESS,
- NULL, NULL, NULL, NULL, 0 );
-
- rc = 1;
- goto done;
- }
-
- /* if not root and candidates exceed to-be-checked entries, abort */
- if ( !isroot && limit->lms_s_unchecked != -1 ) {
- if ( BDB_IDL_N(candidates) > (unsigned) limit->lms_s_unchecked ) {
- send_search_result( ps_conn, ps_op, LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL, 0 );
- rc = 1;
- goto done;
- }
- }
-
-#ifdef LDAP_CLIENT_UPDATE
- if ( protocol == LDAP_CLIENT_UPDATE ) {
- cookief.f_choice = LDAP_FILTER_AND;
- cookief.f_and = &csnfnot;
- cookief.f_next = NULL;
-
- csnfnot.f_choice = LDAP_FILTER_NOT;
- csnfnot.f_not = &csnfeq;
- csnfnot.f_next = &csnfand;
-
- csnfeq.f_choice = LDAP_FILTER_EQUALITY;
- csnfeq.f_ava = &aa_eq;
- csnfeq.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfeq.f_av_value, &ps_op->o_clientupdate_state );
-
- csnfand.f_choice = LDAP_FILTER_AND;
- csnfand.f_and = &csnfge;
- csnfand.f_next = NULL;
-
- csnfge.f_choice = LDAP_FILTER_GE;
- csnfge.f_ava = &aa_ge;
- csnfge.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfge.f_av_value, &ps_op->o_clientupdate_state );
- csnfge.f_next = filter;
- }
-#endif
-#if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC)
- else
-#endif
-#ifdef LDAP_SYNC
- if ( protocol == LDAP_SYNC ) {
- cookief.f_choice = LDAP_FILTER_AND;
- cookief.f_and = &csnfnot;
- cookief.f_next = NULL;
-
- csnfnot.f_choice = LDAP_FILTER_NOT;
- csnfnot.f_not = &csnfeq;
- csnfnot.f_next = &csnfand;
-
- csnfeq.f_choice = LDAP_FILTER_EQUALITY;
- csnfeq.f_ava = &aa_eq;
- csnfeq.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfeq.f_av_value, &ps_op->o_sync_state );
-
- csnfand.f_choice = LDAP_FILTER_AND;
- csnfand.f_and = &csnfge;
- csnfand.f_next = NULL;
-
- csnfge.f_choice = LDAP_FILTER_GE;
- csnfge.f_ava = &aa_ge;
- csnfge.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfge.f_av_value, &ps_op->o_sync_state );
- csnfge.f_next = filter;
- }
-#endif
-
- id = entry->e_id;
-
- /* check for abandon */
- if ( ps_op->o_abandon ) {
- rc = 0;
- goto done;
- }
-
- /* check time limit */
- if ( tlimit != -1 && slap_get_time() > stoptime ) {
- send_search_result( ps_conn, ps_op, rc = LDAP_TIMELIMIT_EXCEEDED,
- NULL, NULL, v2refs, NULL, nentries );
- goto done;
- }
-
- e = entry;
-
-#ifdef BDB_SUBENTRIES
- if ( is_entry_subentry( e ) ) {
- if( scope != LDAP_SCOPE_BASE ) {
- if(!get_subentries_visibility( ps_op )) {
- /* only subentries are visible */
- goto test_done;
- }
-
- } else if ( get_subentries( ps_op ) &&
- !get_subentries_visibility( ps_op ))
- {
- /* only subentries are visible */
- goto test_done;
- }
-
- } else if ( get_subentries_visibility( ps_op )) {
- /* only subentries are visible */
- goto test_done;
- }
-#endif
-
-#ifdef BDB_ALIASES
- if ( deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) {
- Entry *matched;
- int err;
- const char *text;
-
- e = deref_entry_r( be, e, &err, &matched, &text );
-
- if( e == NULL ) {
- e = matched;
- goto test_done;
- }
-
- if( e->e_id == id ) {
- /* circular loop */
- goto test_done;
- }
-
- /* need to skip alias which deref into scope */
- if( scope & LDAP_SCOPE_ONELEVEL ) {
- struct berval pdn;
-
- dnParent( &e->e_nname, &pdn ):
- if ( ber_bvcmp( pdn, &realbase ) ) {
- goto test_done;
- }
-
- } else if ( dnIsSuffix( &e->e_nname, &realbase ) ) {
- /* alias is within scope */
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, RESULTS,
- "bdb_search: \"%s\" in subtree\n", e->edn, 0, 0);
-#else
- Debug( LDAP_DEBUG_TRACE,
- "bdb_search: \"%s\" in subtree\n",
- e->e_dn, 0, 0 );
-#endif
- goto test_done;
- }
-
- scopeok = 1;
- }
-#endif
-
- /*
- * if it's a referral, add it to the list of referrals. only do
- * this for non-base searches, and don't check the filter
- * explicitly here since it's only a candidate anyway.
- */
- if ( !manageDSAit && scope != LDAP_SCOPE_BASE &&
- is_entry_referral( e ) )
- {
- struct berval dn;
-
- /* check scope */
- if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) {
- if ( !be_issuffix( be, &e->e_nname ) ) {
- dnParent( &e->e_nname, &dn );
- scopeok = dn_match( &dn, &realbase );
- } else {
- scopeok = (realbase.bv_len == 0);
- }
-
- } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) {
- scopeok = dnIsSuffix( &e->e_nname, &realbase );
-
- } else {
- scopeok = 1;
- }
-
- if( scopeok ) {
- BerVarray erefs = get_entry_referrals(
- be, ps_conn, ps_op, e );
- BerVarray refs = referral_rewrite( erefs,
- &e->e_name, NULL,
- scope == LDAP_SCOPE_SUBTREE
- ? LDAP_SCOPE_SUBTREE
- : LDAP_SCOPE_BASE );
-
- send_search_reference( be, ps_conn, ps_op,
- e, refs, NULL, &v2refs );
-
- ber_bvarray_free( refs );
-
- } else {
-#ifdef NEW_LOGGING
- LDAP_LOG(OPERATION, DETAIL2,
- "bdb_search: candidate referral %ld scope not okay\n",
- id, 0, 0 );
-#else
- Debug( LDAP_DEBUG_TRACE,
- "bdb_search: candidate referral %ld scope not okay\n",
- id, 0, 0 );
-#endif
- }
-
- goto test_done;
- }
-
- if ( psearch_type != LDAP_PSEARCH_BY_SCOPEOUT ) {
- rc = test_filter( be, ps_conn, ps_op, e, &cookief );
- } else {
- rc = LDAP_COMPARE_TRUE;
- }
-
- if ( rc == LDAP_COMPARE_TRUE ) {
- struct berval dn;
-
- /* check scope */
- if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) {
- if ( be_issuffix( be, &e->e_nname ) ) {
- scopeok = (realbase.bv_len == 0);
- } else {
- dnParent( &e->e_nname, &dn );
- scopeok = dn_match( &dn, &realbase );
- }
-
- } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) {
- scopeok = dnIsSuffix( &e->e_nname, &realbase );
-
- } else {
- scopeok = 1;
- }
-
- if ( scopeok ) {
- /* check size limit */
- if ( --slimit == -1 ) {
- send_search_result( ps_conn, ps_op,
- rc = LDAP_SIZELIMIT_EXCEEDED, NULL, NULL,
- v2refs, NULL, nentries );
- goto done;
- }
-
- if (e) {
- int result;
-
-#if 0 /* noop is masked SLAP_CTRL_UPDATE */
- if( ps_op->o_noop ) {
- result = 0;
- } else
-#endif
- {
-#ifdef LDAP_SYNC
- int premodify_found = 0;
- int entry_sync_state;
-#endif
-
- if ( psearch_type == LDAP_PSEARCH_BY_ADD ||
- psearch_type == LDAP_PSEARCH_BY_DELETE ||
- psearch_type == LDAP_PSEARCH_BY_MODIFY ||
- psearch_type == LDAP_PSEARCH_BY_SCOPEOUT )
- {
- if ( psearch_type == LDAP_PSEARCH_BY_MODIFY ) {
- struct psid_entry* psid_e;
- LDAP_LIST_FOREACH( psid_e, &op->premodify_list, link)
- {
- if( psid_e->ps == LDAP_LIST_FIRST(&ps_op->psearch_spec))
- {
-#ifdef LDAP_SYNC
- premodify_found = 1;
-#endif
- LDAP_LIST_REMOVE(psid_e, link);
- break;
- }
- }
- if (psid_e != NULL) free (psid_e);
- }
-#ifdef LDAP_SYNC
- if ( psearch_type == LDAP_PSEARCH_BY_ADD )
- entry_sync_state = LDAP_SYNC_ADD;
- else if ( psearch_type == LDAP_PSEARCH_BY_DELETE )
- entry_sync_state = LDAP_SYNC_DELETE;
- else if ( psearch_type == LDAP_PSEARCH_BY_MODIFY ) {
- if ( premodify_found )
- entry_sync_state = LDAP_SYNC_MODIFY;
- else
- entry_sync_state = LDAP_SYNC_ADD;
- } else if ( psearch_type == LDAP_PSEARCH_BY_SCOPEOUT )
- entry_sync_state = LDAP_SYNC_DELETE;
- else {
- rc = 1;
- goto done;
- }
-#endif
-
-#ifdef LDAP_CLIENT_UPDATE
- if ( protocol == LDAP_CLIENT_UPDATE ) {
- int entry_count = ++(LDAP_LIST_FIRST(&ps_op->psearch_spec)->entry_count);
- if ( IS_BDB_REPLACE ) {
- rc = bdb_build_lcup_update_ctrl( ps_conn, ps_op, e, entry_count, ctrls,
- num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_TRUE );
- } else {
- rc = bdb_build_lcup_update_ctrl( ps_conn, ps_op, e, entry_count, ctrls,
- num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_FALSE );
- }
- if ( rc != LDAP_SUCCESS )
- goto done;
- result = send_search_entry( be, ps_conn, ps_op, e, attrs, attrsonly, ctrls );
- if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL )
- ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
- ch_free( ctrls[--num_ctrls] );
- ctrls[num_ctrls] = NULL;
- } else
-#endif
-#ifdef LDAP_SYNC
- if ( protocol == LDAP_SYNC ) {
- rc = bdb_build_sync_state_ctrl( ps_conn, ps_op, e, entry_sync_state, ctrls,
- num_ctrls++, 1, &latest_entrycsn_bv );
- if ( rc != LDAP_SUCCESS )
- goto done;
- result = send_search_entry( be, ps_conn, ps_op, e, attrs, attrsonly, ctrls );
- if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL )
- ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
- ch_free( ctrls[--num_ctrls] );
- ctrls[num_ctrls] = NULL;
- } else
-#endif
- {
- rc = 1;
- goto done;
- }
-
- } else if ( psearch_type == LDAP_PSEARCH_BY_PREMODIFY ) {
- struct psid_entry* psid_e;
- psid_e = (struct psid_entry *) calloc (1,
- sizeof(struct psid_entry));
- psid_e->ps = LDAP_LIST_FIRST(&ps_op->psearch_spec);
- LDAP_LIST_INSERT_HEAD( &op->premodify_list,
- psid_e, link );
-
- } else {
- printf("Error !\n");
- }
- }
-
- switch (result) {
- case 0: /* entry sent ok */
- nentries++;
- break;
- case 1: /* entry not sent */
- break;
- case -1: /* connection closed */
- rc = LDAP_OTHER;
- goto done;
- }
- }
- } else {
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, RESULTS,
- "bdb_search: %ld scope not okay\n", (long) id, 0, 0);
-#else
- Debug( LDAP_DEBUG_TRACE,
- "bdb_search: %ld scope not okay\n", (long) id, 0, 0 );
-#endif
- }
- } else {
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, RESULTS,
- "bdb_search: %ld does match filter\n", (long) id, 0, 0);
-#else
- Debug( LDAP_DEBUG_TRACE,
- "bdb_search: %ld does match filter\n",
- (long) id, 0, 0 );
-#endif
- }
-
-test_done:
- rc = LDAP_SUCCESS;
-
-done:
- if ( csnfeq.f_ava != NULL && csnfeq.f_av_value.bv_val != NULL ) {
- ch_free( csnfeq.f_av_value.bv_val );
- }
-
- if ( csnfge.f_ava != NULL && csnfge.f_av_value.bv_val != NULL ) {
- ch_free( csnfge.f_av_value.bv_val );
- }
-
- LOCK_ID_FREE( bdb->bi_dbenv, locker );
-
- if( v2refs ) ber_bvarray_free( v2refs );
- if( realbase.bv_val ) ch_free( realbase.bv_val );
-#ifdef LDAP_CLIENT_UPDATE
- if ( IS_BDB_LCUP_REPLACE )
- ch_free( attrs[0].an_name.bv_val );
-#endif
-
- return rc;
-}
-
-static int psearch_base_candidate(
- BackendDB *be,
- Entry *e,
- ID *ids )
-{
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ENTRY,
- "psearch_base_candidate: base: \"%s\" (0x%08lx)\n", e->e_dn, (long) e->e_id, 0);
-#else
- Debug(LDAP_DEBUG_ARGS, "psearch_base_candidates: base: \"%s\" (0x%08lx)\n",
- e->e_dn, (long) e->e_id, 0);
-#endif
-
- ids[0] = 1;
- ids[1] = e->e_id;
- return 0;
-}
-
-/* Look for "objectClass Present" in this filter.
- * Also count depth of filter tree while we're at it.
- */
-static int psearch_oc_filter(
- Filter *f,
- int cur,
- int *max
-)
-{
- int rc = 0;
-
- if( cur > *max ) *max = cur;
-
- switch(f->f_choice) {
- case LDAP_FILTER_PRESENT:
- if (f->f_desc == slap_schema.si_ad_objectClass) {
- rc = 1;
- }
- break;
-
- case LDAP_FILTER_AND:
- case LDAP_FILTER_OR:
- cur++;
- for (f=f->f_and; f; f=f->f_next) {
- (void) psearch_oc_filter(f, cur, max);
- }
- break;
-
- default:
- break;
- }
- return rc;
-}
-
-static int psearch_candidates(
- BackendDB *be,
- Operation *op,
- Entry *e,
- Filter *filter,
- int scope,
- int deref,
- ID *ids )
-{
- int rc, depth = 1;
- Filter f, scopef, rf, xf;
- ID *stack;
- AttributeAssertion aa_ref;
-#ifdef BDB_SUBENTRIES
- Filter sf;
- AttributeAssertion aa_subentry;
-#endif
-#ifdef BDB_ALIASES
- Filter af;
- AttributeAssertion aa_alias;
-#endif
-
- /*
- * This routine takes as input a filter (user-filter)
- * and rewrites it as follows:
- * (&(scope=DN)[(objectClass=subentry)]
- * (|[(objectClass=referral)(objectClass=alias)](user-filter))
- */
-
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ENTRY,
- "psearch_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
- e->e_dn, (long) e->e_id, scope);
-#else
- Debug(LDAP_DEBUG_TRACE,
- "psearch_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
- e->e_dn, (long) e->e_id, scope );
-#endif
-
- xf.f_or = filter;
- xf.f_choice = LDAP_FILTER_OR;
- xf.f_next = NULL;
-
- /* If the user's filter uses objectClass=*,
- * these clauses are redundant.
- */
- if (!psearch_oc_filter(filter, 1, &depth) && !get_subentries_visibility(op) ) {
- if( !get_manageDSAit(op) ) { /* match referrals */
- struct berval bv_ref = { sizeof("REFERRAL")-1, "REFERRAL" };
- rf.f_choice = LDAP_FILTER_EQUALITY;
- rf.f_ava = &aa_ref;
- rf.f_av_desc = slap_schema.si_ad_objectClass;
- rf.f_av_value = bv_ref;
- rf.f_next = xf.f_or;
- xf.f_or = &rf;
- }
-
-#ifdef BDB_ALIASES
- if( deref & LDAP_DEREF_SEARCHING ) { /* match aliases */
- struct berval bv_alias = { sizeof("ALIAS")-1, "ALIAS" };
- af.f_choice = LDAP_FILTER_EQUALITY;
- af.f_ava = &aa_alias;
- af.f_av_desc = slap_schema.si_ad_objectClass;
- af.f_av_value = bv_alias;
- af.f_next = xf.f_or;
- xf.f_or = ⁡
- }
-#endif
- /* We added one of these clauses, filter depth increased */
- if( xf.f_or != filter ) depth++;
- }
-
- f.f_next = NULL;
- f.f_choice = LDAP_FILTER_AND;
- f.f_and = &scopef;
- scopef.f_choice = scope == LDAP_SCOPE_SUBTREE
- ? SLAPD_FILTER_DN_SUBTREE
- : SLAPD_FILTER_DN_ONE;
- scopef.f_dn = &e->e_nname;
- scopef.f_next = xf.f_or == filter ? filter : &xf ;
- /* Filter depth increased again, adding scope clause */
- depth++;
-
-#ifdef BDB_SUBENTRIES
- if( get_subentries_visibility( op ) ) {
- struct berval bv_subentry = { sizeof("SUBENTRY")-1, "SUBENTRY" };
- sf.f_choice = LDAP_FILTER_EQUALITY;
- sf.f_ava = &aa_subentry;
- sf.f_av_desc = slap_schema.si_ad_objectClass;
- sf.f_av_value = bv_subentry;
- sf.f_next = scopef.f_next;
- scopef.f_next = &sf;
- }
-#endif
-
- /* Allocate IDL stack, plus 1 more for former tmp */
- stack = ch_malloc( (depth + 1) * BDB_IDL_UM_SIZE * sizeof( ID ) );
-
- rc = bdb_filter_candidates( be, &f, ids, stack, stack+BDB_IDL_UM_SIZE );
-
- ch_free( stack );
-
- if( rc ) {
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, DETAIL1,
- "bdb_psearch_candidates: failed (rc=%d)\n", rc, 0, 0 );
-#else
- Debug(LDAP_DEBUG_TRACE,
- "bdb_psearch_candidates: failed (rc=%d)\n",
- rc, NULL, NULL );
-#endif
-
- } else {
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, DETAIL1,
- "bdb_psearch_candidates: id=%ld first=%ld last=%ld\n",
- (long) ids[0], (long) BDB_IDL_FIRST(ids),
- (long) BDB_IDL_LAST(ids));
-#else
- Debug(LDAP_DEBUG_TRACE,
- "bdb_psearch_candidates: id=%ld first=%ld last=%ld\n",
- (long) ids[0],
- (long) BDB_IDL_FIRST(ids),
- (long) BDB_IDL_LAST(ids) );
-#endif
- }
-
- return rc;
-}
-
-
-#endif
#include "external.h"
int
-bdb_referrals(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- const char **text )
+bdb_referrals( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
- int rc = LDAP_SUCCESS;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
Entry *e = NULL;
Entry *matched = NULL;
+ int rc = LDAP_SUCCESS;
u_int32_t locker;
DB_LOCK lock;
dn2entry_retry:
/* get entry */
- rc = bdb_dn2entry_r( be, NULL, ndn, &e, &matched, 0, locker, &lock );
+ rc = bdb_dn2entry_r( op->o_bd, NULL, &op->o_req_ndn, &e, &matched, 0, locker, &lock );
switch(rc) {
case DB_NOTFOUND:
if (matched != NULL) {
bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock);
}
- send_ldap_result( conn, op, LDAP_BUSY,
- NULL, "ldap server busy", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_BUSY, "ldap server busy" );
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
return LDAP_BUSY;
case DB_LOCK_DEADLOCK:
if (matched != NULL) {
bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock);
}
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
- return rc;
+ return rs->sr_err;
}
if ( e == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs = NULL;
-
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
+ rs->sr_matched = ch_strdup( matched->e_name.bv_val );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
"bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- (long) op->o_tag, dn->bv_val, matched_dn );
+ (long) op->o_tag, op->o_req_dn.bv_val, rs->sr_matched );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- (long) op->o_tag, dn->bv_val, matched_dn );
+ (long) op->o_tag, op->o_req_dn.bv_val, rs->sr_matched );
#endif
if( is_entry_referral( matched ) ) {
rc = LDAP_OTHER;
- refs = get_entry_referrals( be, conn, op, matched );
+ rs->sr_ref = get_entry_referrals( op, matched );
}
bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache, matched, &lock);
matched = NULL;
} else if ( default_referral != NULL ) {
rc = LDAP_OTHER;
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- if( refs != NULL ) {
+ if( rs->sr_ref != NULL ) {
/* send referrals */
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
- ber_bvarray_free( refs );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
} else if ( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, matched_dn,
- matched_dn ? "bad referral object" : NULL,
- NULL, NULL );
+ rs->sr_err = rc;
+ rs->sr_text = rs->sr_matched ? "bad referral object" : NULL;
+ send_ldap_result( op, rs );
}
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
- free( matched_dn );
+ free( (char *)rs->sr_matched );
+ rs->sr_matched = NULL;
return rc;
}
if ( is_entry_referral( e ) ) {
/* entry is a referral */
- BerVarray refs = get_entry_referrals( be, conn, op, e );
- BerVarray rrefs = referral_rewrite(
- refs, &e->e_name, dn, LDAP_SCOPE_DEFAULT );
+ BerVarray refs = get_entry_referrals( op, e );
+ rs->sr_ref = referral_rewrite(
+ refs, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
"bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- (long) op->o_tag, dn->bv_val, e->e_dn );
+ (long) op->o_tag, op->o_req_dn.bv_val, e->e_dn );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- (long) op->o_tag, dn->bv_val, e->e_dn );
+ (long) op->o_tag, op->o_req_dn.bv_val, e->e_dn );
#endif
- if( rrefs != NULL ) {
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- e->e_dn, NULL, rrefs, NULL );
- ber_bvarray_free( rrefs );
+ rs->sr_matched = e->e_name.bv_val;
+ if( rs->sr_ref != NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
} else {
- send_ldap_result( conn, op, rc = LDAP_OTHER, e->e_dn,
- "bad referral object", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "bad referral object" );
+ rc = rs->sr_err;
}
+ rs->sr_matched = NULL;
ber_bvarray_free( refs );
}
Entry *e,
ID *ids );
static int search_candidates(
- BackendDB *be,
Operation *op,
+ Operation *stackop, /* op with the current threadctx/slab cache */
Entry *e,
- Filter *filter,
- int scope,
- int deref,
ID *ids );
static void send_pagerequest_response(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
ID lastid,
- int nentries,
int tentries );
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
+#define IS_BDB_REPLACE(type) (( type == LDAP_PSEARCH_BY_DELETE ) || \
+ ( type == LDAP_PSEARCH_BY_SCOPEOUT ))
+#define IS_BDB_LCUP_REPLACE(proto,type) (( proto == LDAP_CLIENT_UPDATE ) && IS_BDB_REPLACE(type) )
+
+#define IS_PSEARCH (op != sop)
+
int
-bdb_search(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly )
+bdb_abandon( Operation *op, SlapReply *rs )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
- int rc;
- const char *text = NULL;
+ Operation *ps_list;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
+
+ LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ if ( ps_list->o_connid == op->o_connid ) {
+ if ( ps_list->o_msgid == op->oq_abandon.rs_msgid ) {
+ ps_list->o_abandon = 1;
+ LDAP_LIST_REMOVE( ps_list, o_ps_link );
+ slap_op_free ( ps_list );
+ return LDAP_SUCCESS;
+ }
+ }
+ }
+ return LDAP_UNAVAILABLE;
+}
+
+int
+bdb_cancel( Operation *op, SlapReply *rs )
+{
+ Operation *ps_list;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
+
+ LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
+ if ( ps_list->o_connid == op->o_connid ) {
+ if ( ps_list->o_msgid == op->oq_cancel.rs_msgid ) {
+ ps_list->o_cancel = SLAP_CANCEL_DONE;
+ LDAP_LIST_REMOVE( ps_list, o_ps_link );
+
+#if 0
+ bdb_build_sync_done_ctrl( conn, ps_list, ps_list->ctrls, 1, &latest_entrycsn_bv );
+ send_search_result( conn, ps_list, LDAP_CANCELLED,
+ NULL, NULL, NULL, ps_list->ctrls, ps_list->nentries);
+#endif
+ rs->sr_err = LDAP_CANCELLED;
+ rs->sr_nentries = 0;
+ send_search_result( ps_list, rs );
+
+ slap_op_free ( ps_list );
+ return LDAP_SUCCESS;
+ }
+ }
+ }
+ return LDAP_UNAVAILABLE;
+}
+
+int bdb_search( Operation *op, SlapReply *rs )
+{
+ return bdb_do_search( op, rs, op, NULL, 0 );
+}
+
+/* For persistent searches, op is the currently executing operation,
+ * sop is the persistent search. For regular searches, sop = op.
+ */
+int
+bdb_do_search( Operation *op, SlapReply *rs, Operation *sop, Entry *ps_e, int ps_type )
+#else
+int bdb_search( Operation *op, SlapReply *rs )
+#define sop op
+#define IS_PSEARCH 0
+#endif
+{
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
time_t stoptime;
ID id, cursor;
ID candidates[BDB_IDL_UM_SIZE];
Entry *e = NULL;
- BerVarray v2refs = NULL;
Entry *matched = NULL;
struct berval realbase = { 0, NULL };
- int nentries = 0;
int manageDSAit;
- int tentries = 0;
+ int nentries = 0, tentries = 0;
ID lastid = NOID;
+ AttributeName *attrs;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
Filter cookief, csnfnot, csnfeq, csnfand, csnfge;
AttributeAssertion aa_ge, aa_eq;
int entry_count = 0;
+ struct berval entrycsn_bv = { 0, NULL };
struct berval latest_entrycsn_bv = { 0, NULL };
LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS];
int num_ctrls = 0;
-#endif
-
+ AttributeName uuid_attr[2];
#ifdef LDAP_SYNC
int rc_sync = 0;
int entry_sync_state = -1;
AttributeName null_attr;
#endif
-
+#endif
struct slap_limits_set *limit = NULL;
int isroot = 0;
Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n",
0, 0, 0);
#endif
+ attrs = sop->oq_search.rs_attrs;
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
#ifdef LDAP_CLIENT_UPDATE
- if ( op->o_clientupdate_type & SLAP_LCUP_PERSIST ) {
- bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit,
- tlimit, filter, filterstr, attrs, attrsonly, LDAP_CLIENT_UPDATE );
+ if ( !IS_PSEARCH && sop->o_clientupdate_type & SLAP_LCUP_PERSIST ) {
+ sop->o_ps_protocol = LDAP_CLIENT_UPDATE;
+ LDAP_LIST_INSERT_HEAD( &bdb->bi_psearch_list, sop, o_ps_link );
return LDAP_SUCCESS;
}
#endif
-#if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC)
- else
-#endif
#ifdef LDAP_SYNC
/* psearch needs to be registered before refresh begins */
/* psearch and refresh transmission is serialized in send_ldap_ber() */
- if ( op->o_sync_mode & SLAP_SYNC_PERSIST ) {
- bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit,
- tlimit, filter, filterstr, attrs, attrsonly, LDAP_SYNC );
+ if ( !IS_PSEARCH && sop->o_sync_mode & SLAP_SYNC_PERSIST ) {
+ sop->o_ps_protocol = LDAP_SYNC;
+ LDAP_LIST_INSERT_HEAD( &bdb->bi_psearch_list, sop, o_ps_link );
}
null_attr.an_desc = NULL;
null_attr.an_oc = NULL;
null_attr.an_name.bv_val = NULL;
#endif
-#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ )
ctrls[num_ctrls] = NULL;
num_ctrls = 0;
-#endif
+ if ( IS_PSEARCH && IS_BDB_REPLACE(ps_type)) {
+#ifdef LDAP_CLIENT_UPDATE
+ if ( sop->o_ps_protocol == LDAP_CLIENT_UPDATE ) {
+ attrs = uuid_attr;
+ attrs[0].an_desc = slap_schema.si_ad_entryUUID;
+ attrs[0].an_oc = NULL;
+ attrs[0].an_name = attrs[0].an_desc->ad_cname;
+ attrs[1].an_desc = NULL;
+ attrs[1].an_oc = NULL;
+ attrs[1].an_name.bv_len = 0;
+ attrs[1].an_name.bv_val = NULL;
+ } else
+#endif
+#ifdef LDAP_SYNC
+ if (sop->o_ps_protocol == LDAP_SYNC ) {
+ attrs = uuid_attr;
+ attrs[0].an_desc = NULL;
+ attrs[0].an_oc = NULL;
+ attrs[0].an_name.bv_len = 0;
+ attrs[0].an_name.bv_val = NULL;
+ } else
+#endif
+ {
+ rs->sr_err = 1;
+ goto done;
+ }
+ }
+#endif
+ manageDSAit = get_manageDSAit( sop );
- manageDSAit = get_manageDSAit( op );
-
- rc = LOCK_ID (bdb->bi_dbenv, &locker );
+ rs->sr_err = LOCK_ID (bdb->bi_dbenv, &locker );
- switch(rc) {
+ switch(rs->sr_err) {
case 0:
break;
default:
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
- return rc;
+ send_ldap_error( sop, rs, LDAP_OTHER, "internal error" );
+ return rs->sr_err;
}
- if ( nbase->bv_len == 0 ) {
+ if ( sop->o_req_ndn.bv_len == 0 ) {
/* DIT root special case */
e = (Entry *) &slap_entry_root;
- rc = 0;
+ rs->sr_err = 0;
} else
#ifdef BDB_ALIASES
/* get entry with reader lock */
if ( deref & LDAP_DEREF_FINDING ) {
- e = deref_dn_r( be, nbase-, &err, &matched, &text );
+ e = deref_dn_r( op->o_bd, &sop->o_req_ndn, &rs->sr_err, &matched, &rs->sr_text );
} else
#endif
{
dn2entry_retry:
- rc = bdb_dn2entry_r( be, NULL, nbase, &e, &matched, 0, locker, &lock );
+ rs->sr_err = bdb_dn2entry_r( op->o_bd, NULL, &sop->o_req_ndn, &e, &matched, 0, locker, &lock );
}
- switch(rc) {
+ switch(rs->sr_err) {
case DB_NOTFOUND:
case 0:
break;
if (matched != NULL) {
bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock);
}
- send_ldap_result( conn, op, LDAP_BUSY,
- NULL, "ldap server busy", NULL, NULL );
+ send_ldap_error( sop, rs, LDAP_BUSY, "ldap server busy" );
LOCK_ID_FREE (bdb->bi_dbenv, locker );
return LDAP_BUSY;
case DB_LOCK_DEADLOCK:
if (matched != NULL) {
bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock);
}
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( sop, rs, LDAP_OTHER, "internal error" );
LOCK_ID_FREE (bdb->bi_dbenv, locker );
- return rc;
+ return rs->sr_err;
}
if ( e == NULL ) {
struct berval matched_dn = { 0, NULL };
- BerVarray refs = NULL;
if ( matched != NULL ) {
BerVarray erefs;
ber_dupbv( &matched_dn, &matched->e_name );
erefs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ ? get_entry_referrals( op, matched )
: NULL;
bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache, matched, &lock);
matched = NULL;
if( erefs ) {
- refs = referral_rewrite( erefs, &matched_dn,
- base, scope );
+ rs->sr_ref = referral_rewrite( erefs, &matched_dn,
+ &sop->o_req_dn, sop->oq_search.rs_scope );
ber_bvarray_free( erefs );
}
} else {
- refs = referral_rewrite( default_referral,
- NULL, base, scope );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &sop->o_req_dn, sop->oq_search.rs_scope );
}
- send_ldap_result( conn, op, rc=LDAP_REFERRAL ,
- matched_dn.bv_val, text, refs, NULL );
+ rs->sr_err=LDAP_REFERRAL;
+ rs->sr_matched = matched_dn.bv_val;
+ send_ldap_result( sop, rs );
LOCK_ID_FREE (bdb->bi_dbenv, locker );
- if ( refs ) ber_bvarray_free( refs );
- if ( matched_dn.bv_val ) ber_memfree( matched_dn.bv_val );
- return rc;
+ if ( rs->sr_ref ) {
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ }
+ if ( matched_dn.bv_val ) {
+ ber_memfree( matched_dn.bv_val );
+ rs->sr_matched = NULL;
+ }
+ return rs->sr_err;
}
if (!manageDSAit && e != &slap_entry_root && is_entry_referral( e ) ) {
/* entry is a referral, don't allow add */
struct berval matched_dn;
- BerVarray erefs, refs;
+ BerVarray erefs;
ber_dupbv( &matched_dn, &e->e_name );
- erefs = get_entry_referrals( be, conn, op, e );
- refs = NULL;
+ erefs = get_entry_referrals( op, e );
bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
e = NULL;
if( erefs ) {
- refs = referral_rewrite( erefs, &matched_dn,
- base, scope );
+ rs->sr_ref = referral_rewrite( erefs, &matched_dn,
+ &sop->o_req_dn, sop->oq_search.rs_scope );
ber_bvarray_free( erefs );
}
0, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn.bv_val,
- refs ? NULL : "bad referral object",
- refs, NULL );
+ if (!rs->sr_ref) rs->sr_text = "bad_referral object";
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = matched_dn.bv_val;
+ send_ldap_result( sop, rs );
LOCK_ID_FREE (bdb->bi_dbenv, locker );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
ber_memfree( matched_dn.bv_val );
+ rs->sr_matched = NULL;
return 1;
}
/* if not root, get appropriate limits */
- if ( be_isroot( be, &op->o_ndn ) ) {
+ if ( be_isroot( op->o_bd, &sop->o_ndn ) ) {
isroot = 1;
} else {
- ( void ) get_limits( be, &op->o_ndn, &limit );
+ ( void ) get_limits( op->o_bd, &sop->o_ndn, &limit );
}
/* The time/size limits come first because they require very little
/* if no time limit requested, use soft limit (unless root!) */
if ( isroot ) {
- if ( tlimit == 0 ) {
- tlimit = -1; /* allow root to set no limit */
+ if ( sop->oq_search.rs_tlimit == 0 ) {
+ sop->oq_search.rs_tlimit = -1; /* allow root to set no limit */
}
- if ( slimit == 0 ) {
- slimit = -1;
+ if ( sop->oq_search.rs_slimit == 0 ) {
+ sop->oq_search.rs_slimit = -1;
}
} else {
/* if no limit is required, use soft limit */
- if ( tlimit <= 0 ) {
- tlimit = limit->lms_t_soft;
+ if ( sop->oq_search.rs_tlimit <= 0 ) {
+ sop->oq_search.rs_tlimit = limit->lms_t_soft;
/* if requested limit higher than hard limit, abort */
- } else if ( tlimit > limit->lms_t_hard ) {
+ } else if ( sop->oq_search.rs_tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */
if ( limit->lms_t_hard == 0
&& limit->lms_t_soft > -1
- && tlimit > limit->lms_t_soft ) {
- tlimit = limit->lms_t_soft;
+ && sop->oq_search.rs_tlimit > limit->lms_t_soft ) {
+ sop->oq_search.rs_tlimit = limit->lms_t_soft;
/* positive hard limit means abort */
} else if ( limit->lms_t_hard > 0 ) {
- send_search_result( conn, op,
- LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL, 0 );
- rc = 0;
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_search_result( sop, rs );
+ rs->sr_err = 0;
goto done;
}
}
/* if no limit is required, use soft limit */
- if ( slimit <= 0 ) {
- if ( get_pagedresults(op) && limit->lms_s_pr != 0 ) {
- slimit = limit->lms_s_pr;
+ if ( sop->oq_search.rs_slimit <= 0 ) {
+ if ( get_pagedresults(sop) && limit->lms_s_pr != 0 ) {
+ sop->oq_search.rs_slimit = limit->lms_s_pr;
} else {
- slimit = limit->lms_s_soft;
+ sop->oq_search.rs_slimit = limit->lms_s_soft;
}
/* if requested limit higher than hard limit, abort */
- } else if ( slimit > limit->lms_s_hard ) {
+ } else if ( sop->oq_search.rs_slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */
if ( limit->lms_s_hard == 0
&& limit->lms_s_soft > -1
- && slimit > limit->lms_s_soft ) {
- slimit = limit->lms_s_soft;
+ && sop->oq_search.rs_slimit > limit->lms_s_soft ) {
+ sop->oq_search.rs_slimit = limit->lms_s_soft;
/* positive hard limit means abort */
} else if ( limit->lms_s_hard > 0 ) {
- send_search_result( conn, op,
- LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL, 0 );
- rc = 0;
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_search_result( sop, rs );
+ rs->sr_err = 0;
goto done;
}
}
/* compute it anyway; root does not use it */
- stoptime = op->o_time + tlimit;
+ stoptime = op->o_time + sop->oq_search.rs_tlimit;
/* select candidates */
- if ( scope == LDAP_SCOPE_BASE ) {
- rc = base_candidate( be, e, candidates );
+ if ( sop->oq_search.rs_scope == LDAP_SCOPE_BASE ) {
+ rs->sr_err = base_candidate( op->o_bd, e, candidates );
} else {
BDB_IDL_ALL( bdb, candidates );
- rc = search_candidates( be, op, e, filter,
- scope, deref, candidates );
+ rs->sr_err = search_candidates( sop, op, e, candidates );
}
/* start cursor at beginning of candidates.
*/
cursor = 0;
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
+ if (IS_PSEARCH) {
+ if ( !BDB_IDL_IS_RANGE( candidates ) ) {
+ cursor = bdb_idl_search( candidates, ps_e->e_id );
+ if ( candidates[cursor] != ps_e->e_id ) {
+ rs->sr_err = LDAP_SUCCESS;
+ goto done;
+ }
+ } else {
+ if ( ps_e->e_id < BDB_IDL_RANGE_FIRST(candidates)
+ || ps_e->e_id > BDB_IDL_RANGE_LAST(candidates)){
+ rs->sr_err = LDAP_SUCCESS;
+ goto done;
+ }
+ }
+ candidates[0] = 1;
+ candidates[1] = ps_e->e_id;
+ }
+#endif
/* need normalized dn below */
ber_dupbv( &realbase, &e->e_nname );
0, 0, 0 );
#endif
- send_search_result( conn, op,
- LDAP_SUCCESS,
- NULL, NULL, NULL, NULL, 0 );
-
- rc = 1;
+ rs->sr_err = LDAP_SUCCESS;
+ send_search_result( sop, rs );
+ rs->sr_err = 1;
goto done;
}
/* if not root and candidates exceed to-be-checked entries, abort */
if ( !isroot && limit->lms_s_unchecked != -1 ) {
if ( BDB_IDL_N(candidates) > (unsigned) limit->lms_s_unchecked ) {
- send_search_result( conn, op,
- LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL, 0 );
- rc = 1;
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_search_result( sop, rs );
+ rs->sr_err = 1;
goto done;
}
}
}
#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( get_pagedresults(op) ) {
- if ( op->o_pagedresults_state.ps_cookie == 0 ) {
+ if ( get_pagedresults(sop) ) {
+ if ( sop->o_pagedresults_state.ps_cookie == 0 ) {
id = 0;
} else {
- if ( op->o_pagedresults_size == 0 ) {
- send_search_result( conn, op, LDAP_SUCCESS,
- NULL, "search abandoned by pagedResult size=0",
- NULL, NULL, 0);
+ if ( sop->o_pagedresults_size == 0 ) {
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_text = "search abandoned by pagedResult size=0";
+ send_search_result( sop, rs );
goto done;
}
for ( id = bdb_idl_first( candidates, &cursor );
- id != NOID && id <= (ID)( op->o_pagedresults_state.ps_cookie );
+ id != NOID && id <= (ID)( sop->o_pagedresults_state.ps_cookie );
id = bdb_idl_next( candidates, &cursor ) );
}
if ( cursor == NOID ) {
"bdb_search: no paged results candidates\n",
0, 0, 0 );
#endif
- send_pagerequest_response( conn, op, lastid, 0, 0 );
+ rs->sr_nentries = nentries;
+ send_pagerequest_response( sop, rs, lastid, 0 );
- rc = 1;
+ rs->sr_err = 1;
goto done;
}
goto loop_begin;
#endif
#ifdef LDAP_CLIENT_UPDATE
- if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) {
+ if ( (sop->o_clientupdate_type & SLAP_LCUP_SYNC) ||
+ (IS_PSEARCH && sop->o_ps_protocol == LDAP_CLIENT_UPDATE )) {
cookief.f_choice = LDAP_FILTER_AND;
cookief.f_and = &csnfnot;
cookief.f_next = NULL;
csnfeq.f_choice = LDAP_FILTER_EQUALITY;
csnfeq.f_ava = &aa_eq;
csnfeq.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfeq.f_av_value, &op->o_clientupdate_state );
+ csnfeq.f_av_value = sop->o_clientupdate_state;
csnfand.f_choice = LDAP_FILTER_AND;
csnfand.f_and = &csnfge;
csnfge.f_choice = LDAP_FILTER_GE;
csnfge.f_ava = &aa_ge;
csnfge.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfge.f_av_value, &op->o_clientupdate_state );
- csnfge.f_next = filter;
+ csnfge.f_av_value = sop->o_clientupdate_state;
+ csnfge.f_next = sop->oq_search.rs_filter;
}
#endif
#if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC)
else
#endif
#ifdef LDAP_SYNC
- if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) {
+ if ( (sop->o_sync_mode & SLAP_SYNC_REFRESH) ||
+ ( IS_PSEARCH && sop->o_ps_protocol == LDAP_SYNC )) {
cookief.f_choice = LDAP_FILTER_AND;
cookief.f_and = &csnfnot;
cookief.f_next = NULL;
csnfeq.f_choice = LDAP_FILTER_EQUALITY;
csnfeq.f_ava = &aa_eq;
csnfeq.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfeq.f_av_value, &op->o_sync_state );
+ csnfeq.f_av_value = sop->o_sync_state;
csnfand.f_choice = LDAP_FILTER_AND;
csnfand.f_and = &csnfge;
csnfge.f_choice = LDAP_FILTER_GE;
csnfge.f_ava = &aa_ge;
csnfge.f_av_desc = slap_schema.si_ad_entryCSN;
- ber_dupbv( &csnfge.f_av_value, &op->o_sync_state );
- csnfge.f_next = filter;
+ csnfge.f_av_value = sop->o_sync_state;
+ csnfge.f_next = op->oq_search.rs_filter;
}
#endif
loop_begin:
/* check for abandon */
- if ( op->o_abandon ) {
- rc = 0;
+ if ( sop->o_abandon ) {
+ rs->sr_err = 0;
goto done;
}
#ifdef LDAP_EXOP_X_CANCEL
- if ( op->o_cancel ) {
- assert( op->o_cancel == SLAP_CANCEL_REQ );
- rc = 0;
- send_search_result( conn, op, LDAP_CANCELLED,
- NULL, NULL, NULL, NULL, 0 );
- op->o_cancel = SLAP_CANCEL_ACK;
+ if ( sop->o_cancel ) {
+ assert( sop->o_cancel == SLAP_CANCEL_REQ );
+ rs->sr_err = LDAP_CANCELLED;
+ rs->sr_nentries = nentries;
+ send_search_result( sop, rs );
+ sop->o_cancel = SLAP_CANCEL_ACK;
+ rs->sr_err = 0;
goto done;
}
#endif
/* check time limit */
- if ( tlimit != -1 && slap_get_time() > stoptime ) {
- send_search_result( conn, op, rc = LDAP_TIMELIMIT_EXCEEDED,
- NULL, NULL, v2refs, NULL, nentries );
+ if ( sop->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
+ rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
+ rs->sr_ref = rs->sr_v2ref;
+ rs->sr_nentries = nentries;
+ send_search_result( sop, rs );
goto done;
}
+
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
+ if (!IS_PSEARCH) {
+#endif
id2entry_retry:
- /* get the entry with reader lock */
- rc = bdb_id2entry_r( be, NULL, id, &e, locker, &lock );
+ /* get the entry with reader lock */
+ rs->sr_err = bdb_id2entry_r( op->o_bd, NULL, id, &e, locker, &lock );
- if (rc == LDAP_BUSY) {
- send_ldap_result( conn, op, rc=LDAP_BUSY,
- NULL, "ldap server busy", NULL, NULL );
- goto done;
+ if (rs->sr_err == LDAP_BUSY) {
+ rs->sr_text = "ldap server busy";
+ send_ldap_result( sop, rs );
+ goto done;
- } else if ( rc == DB_LOCK_DEADLOCK || rc == DB_LOCK_NOTGRANTED ) {
- goto id2entry_retry;
- }
+ } else if ( rs->sr_err == DB_LOCK_DEADLOCK || rs->sr_err == DB_LOCK_NOTGRANTED ) {
+ goto id2entry_retry;
+ }
- if ( e == NULL ) {
- if( !BDB_IDL_IS_RANGE(candidates) ) {
- /* only complain for non-range IDLs */
+ if ( e == NULL ) {
+ if( !BDB_IDL_IS_RANGE(candidates) ) {
+ /* only complain for non-range IDLs */
#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, RESULTS,
- "bdb_search: candidate %ld not found\n", (long) id, 0, 0);
+ LDAP_LOG ( OPERATION, RESULTS,
+ "bdb_search: candidate %ld not found\n", (long) id, 0, 0);
#else
- Debug( LDAP_DEBUG_TRACE,
- "bdb_search: candidate %ld not found\n",
- (long) id, 0, 0 );
+ Debug( LDAP_DEBUG_TRACE,
+ "bdb_search: candidate %ld not found\n",
+ (long) id, 0, 0 );
#endif
- }
+ }
- goto loop_continue;
+ goto loop_continue;
+ }
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
+ } else {
+ e = ps_e;
}
+#endif
+ rs->sr_entry = e;
#ifdef BDB_SUBENTRIES
if ( is_entry_subentry( e ) ) {
- if( scope != LDAP_SCOPE_BASE ) {
- if(!get_subentries_visibility( op )) {
+ if( sop->oq_search.rs_scope != LDAP_SCOPE_BASE ) {
+ if(!get_subentries_visibility( sop )) {
/* only subentries are visible */
goto loop_continue;
}
- } else if ( get_subentries( op ) &&
- !get_subentries_visibility( op ))
+ } else if ( get_subentries( sop ) &&
+ !get_subentries_visibility( sop ))
{
/* only subentries are visible */
goto loop_continue;
}
- } else if ( get_subentries_visibility( op )) {
+ } else if ( get_subentries_visibility( sop )) {
/* only subentries are visible */
goto loop_continue;
}
#endif
#ifdef BDB_ALIASES
- if ( deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) {
+ if ( sop->oq_search.rs_deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) {
Entry *matched;
int err;
const char *text;
- e = deref_entry_r( be, e, &err, &matched, &text );
+ e = deref_entry_r( op->o_bd, e, &rs->sr_err, &matched, &rs->sr_text );
if( e == NULL ) {
e = matched;
}
/* need to skip alias which deref into scope */
- if( scope & LDAP_SCOPE_ONELEVEL ) {
+ if( sop->oq_search.rs_scope & LDAP_SCOPE_ONELEVEL ) {
struct berval pdn;
dnParent( &e->e_nname, &pdn ):
* this for non-base searches, and don't check the filter
* explicitly here since it's only a candidate anyway.
*/
- if ( !manageDSAit && scope != LDAP_SCOPE_BASE &&
+ if ( !manageDSAit && sop->oq_search.rs_scope != LDAP_SCOPE_BASE &&
is_entry_referral( e ) )
{
struct berval dn;
/* check scope */
- if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) {
- if ( !be_issuffix( be, &e->e_nname ) ) {
+ if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+ if ( !be_issuffix( op->o_bd, &e->e_nname ) ) {
dnParent( &e->e_nname, &dn );
scopeok = dn_match( &dn, &realbase );
} else {
scopeok = (realbase.bv_len == 0);
}
- } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) {
+ } else if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) {
scopeok = dnIsSuffix( &e->e_nname, &realbase );
} else {
}
if( scopeok ) {
- BerVarray erefs = get_entry_referrals(
- be, conn, op, e );
- BerVarray refs = referral_rewrite( erefs,
+ BerVarray erefs = get_entry_referrals( sop, e );
+ rs->sr_ref = referral_rewrite( erefs,
&e->e_name, NULL,
- scope == LDAP_SCOPE_SUBTREE
+ sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE
? LDAP_SCOPE_SUBTREE
: LDAP_SCOPE_BASE );
- send_search_reference( be, conn, op,
- e, refs, NULL, &v2refs );
+ send_search_reference( sop, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
+ ber_bvarray_free( erefs );
+ rs->sr_ref = NULL;
} else {
#ifdef NEW_LOGGING
}
/* if it matches the filter and scope, send it */
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
+ if (IS_PSEARCH) {
+ if (ps_type != LDAP_PSEARCH_BY_SCOPEOUT) {
+ rs->sr_err = test_filter( sop, rs->sr_entry, &cookief );
+ } else {
+ rs->sr_err = LDAP_COMPARE_TRUE;
+ }
+ } else {
#ifdef LDAP_CLIENT_UPDATE
- if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) {
- rc = test_filter( be, conn, op, e, &cookief );
- } else
+ if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) {
+ rs->sr_err = test_filter( sop, rs->sr_entry, &cookief );
+ } else
#endif
#ifdef LDAP_SYNC
- if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) {
- rc_sync = test_filter( be, conn, op, e, &cookief );
- rc = test_filter( be, conn, op, e, filter );
- if ( rc == LDAP_COMPARE_TRUE ) {
- if ( rc_sync == LDAP_COMPARE_TRUE ) {
- entry_sync_state = LDAP_SYNC_ADD;
- } else {
- entry_sync_state = LDAP_SYNC_PRESENT;
+ if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
+ rc_sync = test_filter( sop, rs->sr_entry, &cookief );
+ rs->sr_err = test_filter( sop, rs->sr_entry, sop->oq_search.rs_filter );
+ if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
+ if ( rc_sync == LDAP_COMPARE_TRUE ) {
+ entry_sync_state = LDAP_SYNC_ADD;
+ } else {
+ entry_sync_state = LDAP_SYNC_PRESENT;
+ }
}
- }
- } else
+ } else
#endif
- {
- rc = test_filter( be, conn, op, e, filter );
+#endif
+ {
+ rs->sr_err = test_filter( sop, rs->sr_entry, sop->oq_search.rs_filter );
+ }
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
}
+#endif
- if ( rc == LDAP_COMPARE_TRUE ) {
+ if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
struct berval dn;
/* check scope */
- if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) {
- if ( be_issuffix( be, &e->e_nname ) ) {
+ if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+ if ( be_issuffix( op->o_bd, &e->e_nname ) ) {
scopeok = (realbase.bv_len == 0);
} else {
dnParent( &e->e_nname, &dn );
scopeok = dn_match( &dn, &realbase );
}
- } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) {
+ } else if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) {
scopeok = dnIsSuffix( &e->e_nname, &realbase );
} else {
if ( scopeok ) {
/* check size limit */
- if ( --slimit == -1 ) {
+ if ( --sop->oq_search.rs_slimit == -1 ) {
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
+ if (!IS_PSEARCH)
+#endif
bdb_cache_return_entry_r( bdb->bi_dbenv,
&bdb->bi_cache, e, &lock );
e = NULL;
- send_search_result( conn, op,
- rc = LDAP_SIZELIMIT_EXCEEDED, NULL, NULL,
- v2refs, NULL, nentries );
+ rs->sr_entry = NULL;
+ rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
+ rs->sr_ref = rs->sr_v2ref;
+ rs->sr_nentries = nentries;
+ send_search_result( sop, rs );
goto done;
}
#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( get_pagedresults(op) ) {
- if ( nentries >= op->o_pagedresults_size ) {
- send_pagerequest_response( conn, op,
- lastid, nentries, tentries );
+ if ( get_pagedresults(sop) ) {
+ if ( nentries >= sop->o_pagedresults_size ) {
+ rs->sr_nentries = nentries;
+ send_pagerequest_response( sop, rs,
+ lastid, tentries );
goto done;
}
lastid = id;
result = 0;
} else
#endif
- {
+#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
+ if (IS_PSEARCH) {
+#ifdef LDAP_SYNC
+ int premodify_found = 0;
+ int entry_sync_state;
+#endif
+
+ if ( ps_type == LDAP_PSEARCH_BY_ADD ||
+ ps_type == LDAP_PSEARCH_BY_DELETE ||
+ ps_type == LDAP_PSEARCH_BY_MODIFY ||
+ ps_type == LDAP_PSEARCH_BY_SCOPEOUT )
+ {
+ if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) {
+ struct psid_entry* psid_e;
+ LDAP_LIST_FOREACH( psid_e, &op->o_pm_list, ps_link)
+ {
+ if( psid_e->ps_op == sop )
+ {
+#ifdef LDAP_SYNC
+ premodify_found = 1;
+#endif
+ LDAP_LIST_REMOVE(psid_e, ps_link);
+ break;
+ }
+ }
+ if (psid_e != NULL) free (psid_e);
+ }
+#ifdef LDAP_SYNC
+ if ( ps_type == LDAP_PSEARCH_BY_ADD )
+ entry_sync_state = LDAP_SYNC_ADD;
+ else if ( ps_type == LDAP_PSEARCH_BY_DELETE )
+ entry_sync_state = LDAP_SYNC_DELETE;
+ else if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) {
+ if ( premodify_found )
+ entry_sync_state = LDAP_SYNC_MODIFY;
+ else
+ entry_sync_state = LDAP_SYNC_ADD;
+ } else if ( ps_type == LDAP_PSEARCH_BY_SCOPEOUT )
+ entry_sync_state = LDAP_SYNC_DELETE;
+ else {
+ rs->sr_err = 1;
+ goto done;
+ }
+#endif
+
+#ifdef LDAP_CLIENT_UPDATE
+ if ( sop->o_ps_protocol == LDAP_CLIENT_UPDATE ) {
+ int entry_count = ++sop->o_ps_entries;
+ if ( IS_BDB_REPLACE(ps_type) ) {
+ rs->sr_err = bdb_build_lcup_update_ctrl( sop, rs, e, entry_count, ctrls,
+ num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_TRUE );
+ } else {
+ rs->sr_err = bdb_build_lcup_update_ctrl( sop, rs, e, entry_count, ctrls,
+ num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_FALSE );
+ }
+ if ( rs->sr_err != LDAP_SUCCESS )
+ goto done;
+ rs->sr_attrs = attrs;
+ rs->sr_ctrls = ctrls;
+ result = send_search_entry( sop, rs );
+ if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL )
+ ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
+ ch_free( ctrls[--num_ctrls] );
+ ctrls[num_ctrls] = NULL;
+ rs->sr_ctrls = NULL;
+ } else
+#endif
+#ifdef LDAP_SYNC
+ if ( sop->o_ps_protocol == LDAP_SYNC ) {
+ rs->sr_err = bdb_build_sync_state_ctrl( sop, rs, e, entry_sync_state, ctrls,
+ num_ctrls++, 1, &latest_entrycsn_bv );
+ if ( rs->sr_err != LDAP_SUCCESS )
+ goto done;
+ rs->sr_attrs = attrs;
+ rs->sr_ctrls = ctrls;
+ result = send_search_entry( sop, rs );
+ if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL )
+ ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
+ ch_free( ctrls[--num_ctrls] );
+ ctrls[num_ctrls] = NULL;
+ rs->sr_ctrls = NULL;
+ } else
+#endif
+ {
+ rs->sr_err = 1;
+ goto done;
+ }
+
+ } else if ( ps_type == LDAP_PSEARCH_BY_PREMODIFY ) {
+ struct psid_entry* psid_e;
+ psid_e = (struct psid_entry *) calloc (1,
+ sizeof(struct psid_entry));
+ psid_e->ps_op = sop;
+ LDAP_LIST_INSERT_HEAD( &op->o_pm_list, psid_e, ps_link );
+
+ } else {
+ printf("Error !\n");
+ }
+ } else {
#ifdef LDAP_CLIENT_UPDATE
- if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) {
- rc = bdb_build_lcup_update_ctrl( conn, op, e, ++entry_count, ctrls,
+ if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) {
+ rs->sr_err = bdb_build_lcup_update_ctrl( sop, rs, e, ++entry_count, ctrls,
num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_FALSE );
- if ( rc != LDAP_SUCCESS )
+ if ( rs->sr_err != LDAP_SUCCESS )
goto done;
- result = send_search_entry( be, conn, op,
- e, attrs, attrsonly, ctrls);
+ rs->sr_ctrls = ctrls;
+ rs->sr_attrs = sop->oq_search.rs_attrs;
+ result = send_search_entry( sop, rs );
if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL )
ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
ch_free( ctrls[--num_ctrls] );
ctrls[num_ctrls] = NULL;
+ rs->sr_ctrls = NULL;
} else
#endif
#ifdef LDAP_SYNC
- if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) {
- rc = bdb_build_sync_state_ctrl( conn, op, e, entry_sync_state, ctrls,
+ if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
+ rs->sr_err = bdb_build_sync_state_ctrl( sop, rs, e, entry_sync_state, ctrls,
num_ctrls++, 0, &latest_entrycsn_bv );
- if ( rc != LDAP_SUCCESS )
+ if ( rs->sr_err != LDAP_SUCCESS )
goto done;
+ rs->sr_ctrls = ctrls;
if ( rc_sync == LDAP_COMPARE_TRUE ) { /* ADD */
- result = send_search_entry( be, conn, op,
- e, attrs, attrsonly, ctrls);
+ rs->sr_attrs = sop->oq_search.rs_attrs;
} else { /* PRESENT */
- result = send_search_entry( be, conn, op,
- e, &null_attr, attrsonly, ctrls);
+ rs->sr_attrs = &null_attr;
}
+ result = send_search_entry( sop, rs );
if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL )
ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
ch_free( ctrls[--num_ctrls] );
ctrls[num_ctrls] = NULL;
+ rs->sr_ctrls = NULL;
} else
#endif
-
+#endif
{
- result = send_search_entry( be, conn, op,
- e, attrs, attrsonly, NULL);
+ rs->sr_attrs = sop->oq_search.rs_attrs;
+ rs->sr_ctrls = NULL;
+ result = send_search_entry( sop, rs );
}
}
case 1: /* entry not sent */
break;
case -1: /* connection closed */
+ if (!IS_PSEARCH)
bdb_cache_return_entry_r(bdb->bi_dbenv,
&bdb->bi_cache, e, &lock);
e = NULL;
- rc = LDAP_OTHER;
+ rs->sr_entry = NULL;
+ rs->sr_err = LDAP_OTHER;
goto done;
}
}
loop_continue:
if( e != NULL ) {
/* free reader lock */
+ if (!IS_PSEARCH)
bdb_cache_return_entry_r( bdb->bi_dbenv,
&bdb->bi_cache, e , &lock);
e = NULL;
+ rs->sr_entry = NULL;
}
ldap_pvt_thread_yield();
}
+ if (!IS_PSEARCH) {
#ifdef LDAP_CLIENT_UPDATE
- if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) {
- bdb_build_lcup_done_ctrl( conn, op, ctrls, num_ctrls++, &latest_entrycsn_bv );
+ if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) {
+ bdb_build_lcup_done_ctrl( sop, rs, ctrls, num_ctrls++, &latest_entrycsn_bv );
- send_search_result( conn, op,
- v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL,
- NULL, NULL, v2refs, ctrls, nentries );
+ rs->sr_ctrls = ctrls;
+ rs->sr_ref = rs->sr_v2ref;
+ rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
+ rs->sr_nentries = nentries;
+ send_search_result( sop, rs );
ch_free( latest_entrycsn_bv.bv_val );
latest_entrycsn_bv.bv_val = NULL;
} else
#endif
#ifdef LDAP_SYNC
- if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) {
- if ( op->o_sync_mode & SLAP_SYNC_PERSIST ) {
+ if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
+ if ( sop->o_sync_mode & SLAP_SYNC_PERSIST ) {
/* refreshAndPersist mode */
- bdb_send_ldap_intermediate( conn, op,
- LDAP_SUCCESS, NULL, NULL, NULL, LDAP_SYNC_INFO,
- LDAP_SYNC_REFRESH_DONE, &latest_entrycsn_bv, NULL );
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_rspoid = LDAP_SYNC_INFO;
+ rs->sr_ctrls = NULL;
+ bdb_send_ldap_intermediate( sop, rs,
+ LDAP_SYNC_REFRESH_DONE, &latest_entrycsn_bv );
} else {
/* refreshOnly mode */
- bdb_build_sync_done_ctrl( conn, op, ctrls, num_ctrls++, 1, &latest_entrycsn_bv );
- send_search_result( conn, op,
- v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL,
- NULL, NULL, v2refs, ctrls, nentries );
+ bdb_build_sync_done_ctrl( sop, rs, ctrls, num_ctrls++, 1, &latest_entrycsn_bv );
+ rs->sr_ctrls = ctrls;
+ rs->sr_ref = rs->sr_v2ref;
+ rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
+ rs->sr_nentries = nentries;
+ send_search_result( sop, rs );
if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL )
ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val );
ch_free( ctrls[--num_ctrls] );
} else
#endif
{
- send_search_result( conn, op,
- v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL,
- NULL, NULL, v2refs, NULL, nentries );
+ rs->sr_ctrls = NULL;
+ rs->sr_ref = rs->sr_v2ref;
+ rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
+ rs->sr_nentries = nentries;
+ send_search_result( sop, rs );
+ }
}
- rc = 0;
+ rs->sr_err = LDAP_SUCCESS;
done:
- if( e != NULL ) {
+ if( !IS_PSEARCH && e != NULL ) {
/* free reader lock */
bdb_cache_return_entry_r ( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
}
-#ifdef LDAP_CLIENT_UPDATE
- if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) {
- if ( csnfeq.f_ava != NULL && csnfeq.f_av_value.bv_val != NULL ) {
- ch_free( csnfeq.f_av_value.bv_val );
- }
-
- if ( csnfge.f_ava != NULL && csnfge.f_av_value.bv_val != NULL ) {
- ch_free( csnfge.f_av_value.bv_val );
- }
- }
-#endif
-#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- else
-#endif
-#ifdef LDAP_SYNC
- if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) {
- if ( csnfeq.f_ava != NULL && csnfeq.f_av_value.bv_val != NULL ) {
- ch_free( csnfeq.f_av_value.bv_val );
- }
-
- if ( csnfge.f_ava != NULL && csnfge.f_av_value.bv_val != NULL ) {
- ch_free( csnfge.f_av_value.bv_val );
- }
- }
-#endif
-
LOCK_ID_FREE (bdb->bi_dbenv, locker );
- if( v2refs ) ber_bvarray_free( v2refs );
+ if( rs->sr_v2ref ) {
+ ber_bvarray_free( rs->sr_v2ref );
+ rs->sr_v2ref = NULL;
+ }
if( realbase.bv_val ) ch_free( realbase.bv_val );
- return rc;
+ return rs->sr_err;
}
}
static void *search_stack(
- BackendDB *be,
Operation *op
)
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
void *ret = NULL;
if ( op->o_threadctx ) {
}
static int search_candidates(
- BackendDB *be,
Operation *op,
+ Operation *stackop,
Entry *e,
- Filter *filter,
- int scope,
- int deref,
ID *ids )
{
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
int rc, depth = 1;
Filter f, scopef, rf, xf;
ID *stack;
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ENTRY,
"search_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
- e->e_dn, (long) e->e_id, scope);
+ e->e_dn, (long) e->e_id, op->oq_search.rs_scope);
#else
Debug(LDAP_DEBUG_TRACE,
"search_candidates: base=\"%s\" (0x%08lx) scope=%d\n",
- e->e_dn, (long) e->e_id, scope );
+ e->e_dn, (long) e->e_id, op->oq_search.rs_scope );
#endif
- xf.f_or = filter;
+ xf.f_or = op->oq_search.rs_filter;
xf.f_choice = LDAP_FILTER_OR;
xf.f_next = NULL;
/* If the user's filter uses objectClass=*,
* these clauses are redundant.
*/
- if (!oc_filter(filter, 1, &depth) && !get_subentries_visibility(op) ) {
+ if (!oc_filter(op->oq_search.rs_filter, 1, &depth) && !get_subentries_visibility(op) ) {
if( !get_manageDSAit(op) && !get_domainScope(op) ) {
/* match referral objects */
struct berval bv_ref = { sizeof("referral")-1, "referral" };
}
#ifdef BDB_ALIASES
- if( deref & LDAP_DEREF_SEARCHING ) {
+ if( op->oq_search.rs_deref & LDAP_DEREF_SEARCHING ) {
/* match alias objects */
struct berval bv_alias = { sizeof("alias")-1, "alias" };
af.f_choice = LDAP_FILTER_EQUALITY;
}
#endif
/* We added one of these clauses, filter depth increased */
- if( xf.f_or != filter ) depth++;
+ if( xf.f_or != op->oq_search.rs_filter ) depth++;
}
f.f_next = NULL;
f.f_choice = LDAP_FILTER_AND;
f.f_and = &scopef;
- scopef.f_choice = scope == LDAP_SCOPE_SUBTREE
+ scopef.f_choice = op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE
? SLAPD_FILTER_DN_SUBTREE
: SLAPD_FILTER_DN_ONE;
scopef.f_dn = &e->e_nname;
- scopef.f_next = xf.f_or == filter ? filter : &xf ;
+ scopef.f_next = xf.f_or == op->oq_search.rs_filter ? op->oq_search.rs_filter : &xf ;
/* Filter depth increased again, adding scope clause */
depth++;
if ( depth+1 > bdb->bi_search_stack_depth ) {
stack = ch_malloc( (depth + 1) * BDB_IDL_UM_SIZE * sizeof( ID ) );
} else {
- stack = search_stack( be, op );
+ stack = search_stack( stackop );
}
- rc = bdb_filter_candidates( be, &f, ids, stack, stack+BDB_IDL_UM_SIZE );
+ rc = bdb_filter_candidates( op->o_bd, &f, ids, stack, stack+BDB_IDL_UM_SIZE );
if ( depth+1 > bdb->bi_search_stack_depth ) {
ch_free( stack );
#ifdef LDAP_CONTROL_PAGEDRESULTS
static void
send_pagerequest_response(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
ID lastid,
- int nentries,
int tentries )
{
LDAPControl ctrl, *ctrls[2];
LDAP_LOG ( OPERATION, ENTRY,
"send_pagerequest_response: lastid: (0x%08lx) "
"nentries: (0x%081x)\n",
- lastid, nentries, NULL );
+ lastid, rs->sr_nentries, NULL );
#else
Debug(LDAP_DEBUG_ARGS, "send_pagerequest_response: lastid: (0x%08lx) "
- "nentries: (0x%081x)\n", lastid, nentries, NULL );
+ "nentries: (0x%081x)\n", lastid, rs->sr_nentries, NULL );
#endif
ctrl.ldctl_value.bv_val = NULL;
ber_init2( ber, NULL, LBER_USE_DER );
respcookie = ( PagedResultsCookie )lastid;
- conn->c_pagedresults_state.ps_cookie = respcookie;
+ op->o_conn->c_pagedresults_state.ps_cookie = respcookie;
cookie.bv_len = sizeof( respcookie );
cookie.bv_val = (char *)&respcookie;
ctrls[0]->ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
ctrls[0]->ldctl_iscritical = 0;
- send_search_result( conn, op,
- LDAP_SUCCESS,
- NULL, NULL, NULL, ctrls, nentries );
+ rs->sr_ctrls = ctrls;
+ rs->sr_err = LDAP_SUCCESS;
+ send_search_result( op, rs );
done:
(void) ber_free_buf( ber );
#ifdef LDAP_CLIENT_UPDATE
int
bdb_build_lcup_update_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
Entry *e,
int entry_count,
LDAPControl **ctrls,
"bdb_build_lcup_ctrl: ber_flatten2 failed\n",
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
return ret;
}
int
bdb_build_lcup_done_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
LDAPControl **ctrls,
int num_ctrls,
struct berval *latest_entrycsn_bv )
Debug( LDAP_DEBUG_TRACE, "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
return ret;
}
#ifdef LDAP_SYNC
int
bdb_build_sync_state_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
Entry *e,
int entry_sync_state,
LDAPControl **ctrls,
"bdb_build_sync_ctrl: ber_flatten2 failed\n",
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
return ret;
}
int
bdb_build_sync_done_ctrl(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
LDAPControl **ctrls,
int num_ctrls,
int send_cookie,
Debug( LDAP_DEBUG_TRACE, "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
return ret;
}
int
bdb_send_ldap_intermediate(
- Connection *conn,
Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
+ SlapReply *rs,
int state,
- struct berval *cookie,
- LDAPControl **ctrls )
+ struct berval *cookie )
{
char berbuf[LBER_ELEMENT_SIZEOF];
BerElement *ber = (BerElement *)berbuf;
Debug( LDAP_DEBUG_TRACE, "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n",
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc=LDAP_OTHER,
- NULL, "internal error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
return ret;
}
- send_ldap_intermediate_resp( conn, op, err, matched, text, refs, rspoid, &rspdata, ctrls );
-
+ rs->sr_rspdata = &rspdata;
+ send_ldap_intermediate_resp( op, rs );
+ rs->sr_rspdata = NULL;
ber_free_buf( ber );
return LDAP_SUCCESS;
goto done;
}
- rc = bdb_index_entry_add( be, tid, e, e->e_attrs );
+ rc = bdb_index_entry_add( be, tid, e );
if( rc != 0 ) {
snprintf( text->bv_val, text->bv_len,
"index_entry_add failed: %s (%d)",
goto done;
}
- rc = bdb_index_entry_add( be, tid, e, e->e_attrs );
+ rc = bdb_index_entry_add( be, tid, e );
done:
if( rc == 0 ) {
int
dnssrv_back_bind(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- int method,
- struct berval *cred,
- struct berval *edn )
+ SlapReply *rs )
{
Debug( LDAP_DEBUG_TRACE, "DNSSRV: bind %s (%d)\n",
- dn->bv_val == NULL ? "" : dn->bv_val,
- method, NULL );
+ op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val,
+ op->oq_bind.rb_method, NULL );
- if( method == LDAP_AUTH_SIMPLE && cred != NULL && cred->bv_len ) {
+ if( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && op->oq_bind.rb_cred.bv_val != NULL && op->oq_bind.rb_cred.bv_len ) {
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu DNSSRV BIND dn=\"%s\" provided passwd\n",
op->o_connid, op->o_opid,
- dn->bv_val == NULL ? "" : dn->bv_val , 0, 0 );
+ op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val , 0, 0 );
Debug( LDAP_DEBUG_TRACE,
"DNSSRV: BIND dn=\"%s\" provided cleartext password\n",
- dn->bv_val == NULL ? "" : dn->bv_val, 0, 0 );
+ op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 );
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "you shouldn\'t send strangers your password",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "you shouldn\'t send strangers your password" );
} else {
Debug( LDAP_DEBUG_TRACE, "DNSSRV: BIND dn=\"%s\"\n",
- dn->bv_val == NULL ? "" : dn->bv_val, 0, 0 );
+ op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 );
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "anonymous bind expected",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "anonymous bind expected" );
}
return 1;
int
dnssrv_back_referrals(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- const char **text )
+ SlapReply *rs )
{
int i;
int rc = LDAP_OTHER;
char **hosts = NULL;
BerVarray urls = NULL;
- if( ndn->bv_len == 0 ) {
- *text = "DNS SRV operation upon null (empty) DN disallowed";
+ if( op->o_req_dn.bv_len == 0 ) {
+ rs->sr_text = "DNS SRV operation upon null (empty) DN disallowed";
return LDAP_UNWILLING_TO_PERFORM;
}
return LDAP_SUCCESS;
}
- *text = "DNS SRV problem processing manageDSAit control";
+ rs->sr_text = "DNS SRV problem processing manageDSAit control";
return LDAP_OTHER;
}
- if( ldap_dn2domain( dn->bv_val, &domain ) || domain == NULL ) {
- send_ldap_result( conn, op, LDAP_REFERRAL,
- NULL, NULL, default_referral, NULL );
+ if( ldap_dn2domain( op->o_req_dn.bv_val, &domain ) || domain == NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_ref = default_referral;
+ send_ldap_result( op, rs );
return LDAP_REFERRAL;
}
Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" -> domain=\"%s\"\n",
- dn->bv_val, domain, 0 );
+ op->o_req_dn.bv_val, domain, 0 );
if( ( rc = ldap_domain2hostlist( domain, &hostlist ) ) ) {
Debug( LDAP_DEBUG_TRACE,
"DNSSRV: domain2hostlist(%s) returned %d\n",
domain, rc, 0 );
- *text = "no DNS SRV RR available for DN";
+ rs->sr_text = "no DNS SRV RR available for DN";
rc = LDAP_NO_SUCH_OBJECT;
goto done;
}
if( hosts == NULL ) {
Debug( LDAP_DEBUG_TRACE, "DNSSRV: str2charrary error\n", 0, 0, 0 );
- *text = "problem processing DNS SRV records for DN";
+ rs->sr_text = "problem processing DNS SRV records for DN";
goto done;
}
if ( ber_bvarray_add( &urls, &url ) < 0 ) {
free( url.bv_val );
- *text = "problem processing DNS SRV records for DN";
+ rs->sr_text = "problem processing DNS SRV records for DN";
goto done;
}
}
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu DNSSRV p=%d dn=\"%s\" url=\"%s\"\n",
op->o_connid, op->o_opid, op->o_protocol,
- dn->bv_val, urls[0].bv_val );
+ op->o_req_dn.bv_val, urls[0].bv_val );
Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" -> url=\"%s\"\n",
- dn->bv_val, urls[0].bv_val, 0 );
+ op->o_req_dn.bv_val, urls[0].bv_val, 0 );
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, "DNS SRV generated referrals", urls, NULL );
+ rs->sr_ref = urls;
+ send_ldap_error( op, rs, LDAP_REFERRAL,
+ "DNS SRV generated referrals" );
done:
if( domain != NULL ) ch_free( domain );
int
dnssrv_back_search(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- int scope,
- int deref,
- int size,
- int time,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly )
+ SlapReply *rs )
{
int i;
int rc;
assert( get_manageDSAit( op ) );
- if( ldap_dn2domain( dn->bv_val, &domain ) || domain == NULL ) {
- send_ldap_result( conn, op, LDAP_REFERRAL,
- NULL, NULL, default_referral, NULL );
+ if( ldap_dn2domain( op->o_req_dn.bv_val, &domain ) || domain == NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_ref = default_referral;
+ send_ldap_result( op, rs );
goto done;
}
Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" -> domain=\"%s\"\n",
- dn->bv_len ? dn->bv_val : "", domain, 0 );
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", domain, 0 );
if( ( rc = ldap_domain2hostlist( domain, &hostlist ) ) ) {
Debug( LDAP_DEBUG_TRACE, "DNSSRV: domain2hostlist returned %d\n",
rc, 0, 0 );
- send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT,
- NULL, "no DNS SRV RR available for DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT,
+ "no DNS SRV RR available for DN" );
goto done;
}
if( hosts == NULL ) {
Debug( LDAP_DEBUG_TRACE, "DNSSRV: str2charrary error\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "problem processing DNS SRV records for DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "problem processing DNS SRV records for DN" );
goto done;
}
if( ber_bvarray_add( &urls, &url ) < 0 ) {
free( url.bv_val );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "problem processing DNS SRV records for DN",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "problem processing DNS SRV records for DN" );
goto done;
}
}
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu DNSSRV p=%d dn=\"%s\" url=\"%s\"\n",
op->o_connid, op->o_opid, op->o_protocol,
- dn->bv_len ? dn->bv_val : "", urls[0].bv_val );
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", urls[0].bv_val );
Debug( LDAP_DEBUG_TRACE,
"DNSSRV: ManageDSAit scope=%d dn=\"%s\" -> url=\"%s\"\n",
- scope,
- dn->bv_len ? dn->bv_val : "",
+ op->oq_search.rs_scope,
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "",
urls[0].bv_val );
rc = ldap_domain2dn(domain, &refdn);
if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "DNS SRV problem processing manageDSAit control",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "DNS SRV problem processing manageDSAit control" );
goto done;
} else {
rc = dnNormalize2( NULL, &bv, &nrefdn );
if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "DNS SRV problem processing manageDSAit control",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "DNS SRV problem processing manageDSAit control" );
goto done;
}
}
- if( !dn_match( &nrefdn, ndn ) ) {
+ if( !dn_match( &nrefdn, &op->o_req_ndn ) ) {
/* requested dn is subordinate */
Debug( LDAP_DEBUG_TRACE,
- "DNSSRV: dn=\"%s\" subordindate to refdn=\"%s\"\n",
- dn->bv_len ? dn->bv_val : "",
+ "DNSSRV: dn=\"%s\" subordinate to refdn=\"%s\"\n",
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "",
refdn == NULL ? "" : refdn,
NULL );
- send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT,
- refdn, NULL,
- NULL, NULL );
+ rs->sr_matched = refdn;
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ send_ldap_result( op, rs );
- } else if ( scope == LDAP_SCOPE_ONELEVEL ) {
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+ } else if ( op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+ send_ldap_error( op, rs, LDAP_SUCCESS, NULL );
} else {
struct berval vals[2];
AttributeDescription *ad_objectClass
= slap_schema.si_ad_objectClass;
AttributeDescription *ad_ref = slap_schema.si_ad_ref;
- e->e_dn = strdup( dn->bv_val );
- e->e_name.bv_len = dn->bv_len;
- e->e_ndn = strdup( ndn->bv_val );
- e->e_nname.bv_len = ndn->bv_len;
+ e->e_name.bv_val = strdup( op->o_req_dn.bv_val );
+ e->e_name.bv_len = op->o_req_dn.bv_len;
+ e->e_nname.bv_val = strdup( op->o_req_ndn.bv_val );
+ e->e_nname.bv_len = op->o_req_ndn.bv_len;
e->e_attrs = NULL;
e->e_private = NULL;
attr_mergeit( e, ad_ref, urls );
- rc = test_filter( be, conn, op, e, filter );
+ rc = test_filter( op, e, op->oq_search.rs_filter );
if( rc == LDAP_COMPARE_TRUE ) {
- send_search_entry( be, conn, op,
- e, attrs, attrsonly, NULL );
+ rs->sr_entry = e;
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry( op, rs );
}
entry_free( e );
-
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+
+ rs->sr_err = LDAP_SUCCESS;
+ send_ldap_result( op, rs );
}
if ( refdn ) free( refdn );
int
ldap_back_add(
- Backend *be,
- Connection *conn,
Operation *op,
- Entry *e
-)
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
int i, j;
Attribute *a;
ber_int_t msgid;
#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDAP, ENTRY, "ldap_back_add: %s\n", e->e_dn, 0, 0 );
+ LDAP_LOG( BACK_LDAP, ENTRY, "ldap_back_add: %s\n", op->o_req_dn.bv_val, 0, 0 );
#else /* !NEW_LOGGING */
- Debug(LDAP_DEBUG_ARGS, "==> ldap_back_add: %s\n", e->e_dn, 0, 0);
+ Debug(LDAP_DEBUG_ARGS, "==> ldap_back_add: %s\n", op->o_req_dn.bv_val, 0, 0);
#endif /* !NEW_LOGGING */
- lc = ldap_back_getconn(li, conn, op);
- if ( !lc || !ldap_back_dobind( li, lc, conn, op ) ) {
+ lc = ldap_back_getconn(li, op, rs);
+ if ( !lc || !ldap_back_dobind( li, lc, op, rs ) ) {
return( -1 );
}
* Rewrite the add dn, if needed
*/
#ifdef ENABLE_REWRITE
- switch (rewrite_session( li->rwinfo, "addDn", e->e_dn, conn,
+ switch (rewrite_session( li->rwinfo, "addDn", op->o_req_dn.bv_val, op->o_conn,
&mdn.bv_val )) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val != NULL && mdn.bv_val[ 0 ] != '\0' ) {
mdn.bv_len = strlen( mdn.bv_val );
} else {
- mdn = e->e_name;
+ mdn = op->o_req_ndn;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
- "[rw] addDn: \"%s\" -> \"%s\"\n", e->e_dn, mdn.bv_val, 0 );
+ "[rw] addDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> addDn: \"%s\" -> \"%s\"\n%s",
- e->e_dn, mdn.bv_val, "" );
+ op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, &e->e_name, &mdn, 0, 1 );
+ ldap_back_dn_massage( li, &op->o_req_ndn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
/* Count number of attributes in entry */
- for (i = 1, a = e->e_attrs; a; i++, a = a->a_next)
+ for (i = 1, a = op->oq_add.rs_e->e_attrs; a; i++, a = a->a_next)
;
/* Create array of LDAPMods for ldap_add() */
attrs = (LDAPMod **)ch_malloc(sizeof(LDAPMod *)*i);
- for (i=0, a=e->e_attrs; a; a=a->a_next) {
+ for (i=0, a=op->oq_add.rs_e->e_attrs; a; a=a->a_next) {
/*
* lastmod should always be <off>, so that
* creation/modification operational attrs
* FIXME: rewrite could fail; in this case
* the operation should give up, right?
*/
- (void)ldap_dnattr_rewrite( li->rwinfo, a->a_vals, conn );
+ (void)ldap_dnattr_rewrite( li->rwinfo, a->a_vals, op->o_conn );
}
#endif /* ENABLE_REWRITE */
ch_free(attrs[i]);
}
ch_free(attrs);
- if ( mdn.bv_val != e->e_dn ) {
+ if ( mdn.bv_val != op->o_req_dn.bv_val ) {
free( mdn.bv_val );
}
- return( ldap_back_op_result( li, lc, conn, op, msgid, j, 1 ) );
+ return( ldap_back_op_result( li, lc, op, rs, msgid, j, 1 ) );
}
#ifdef ENABLE_REWRITE
struct ldapmap at_map;
};
-struct ldapconn *ldap_back_getconn(struct ldapinfo *li, struct slap_conn *conn,
- struct slap_op *op);
-int ldap_back_dobind(struct ldapinfo *li, struct ldapconn *lc, Connection *conn, Operation *op);
+struct ldapconn *ldap_back_getconn(struct ldapinfo *li, struct slap_op *op, struct slap_rep *rs);
+int ldap_back_dobind(struct ldapinfo *li, struct ldapconn *lc, Operation *op, SlapReply *rs);
int ldap_back_map_result(int err);
int ldap_back_op_result(struct ldapinfo *li, struct ldapconn *lc,
- Connection *conn, Operation *op, ber_int_t msgid, int rc, int sendok);
+ Operation *op, SlapReply *rs, ber_int_t msgid, int rc, int sendok);
int back_ldap_LTX_init_module(int argc, char *argv[]);
void ldap_back_dn_massage(struct ldapinfo *li, struct berval *dn,
int
ldap_back_bind(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- int method,
- struct berval *cred,
- struct berval *edn
-)
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
struct berval mdn = { 0, NULL };
int rc = 0;
ber_int_t msgid;
- lc = ldap_back_getconn(li, conn, op);
+ lc = ldap_back_getconn(li, op, rs);
if ( !lc ) {
return( -1 );
}
* Rewrite the bind dn if needed
*/
#ifdef ENABLE_REWRITE
- switch ( rewrite_session( li->rwinfo, "bindDn", dn->bv_val, conn, &mdn.bv_val ) ) {
+ switch ( rewrite_session( li->rwinfo, "bindDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
- mdn.bv_val = ( char * )dn->bv_val;
+ mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
- "[rw] bindDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 );
+ "[rw] bindDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> bindDn: \"%s\" -> \"%s\"\n%s",
- dn->bv_val, mdn.bv_val, "" );
+ op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, dn, &mdn, 0, 1 );
+ ldap_back_dn_massage( li, &op->o_req_dn &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
if ( lc->bound_dn.bv_val ) {
lc->bound = 0;
/* method is always LDAP_AUTH_SIMPLE if we got here */
rc = ldap_sasl_bind(lc->ld, mdn.bv_val, LDAP_SASL_SIMPLE,
- cred, op->o_ctrls, NULL, &msgid);
- rc = ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 );
+ &op->oq_bind.rb_cred, op->o_ctrls, NULL, &msgid);
+ rc = ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 );
if (rc == LDAP_SUCCESS) {
lc->bound = 1;
- if ( mdn.bv_val != dn->bv_val ) {
+ if ( mdn.bv_val != op->o_req_dn.bv_val ) {
lc->bound_dn = mdn;
} else {
- ber_dupbv( &lc->bound_dn, dn );
+ ber_dupbv( &lc->bound_dn, &op->o_req_dn );
}
if ( li->savecred ) {
if ( lc->cred.bv_val )
ch_free( lc->cred.bv_val );
- ber_dupbv( &lc->cred, cred );
+ ber_dupbv( &lc->cred, &op->oq_bind.rb_cred );
ldap_set_rebind_proc( lc->ld, ldap_back_rebind, lc );
}
}
/* must re-insert if local DN changed as result of bind */
- if ( lc->bound && ber_bvcmp(ndn, &lc->local_dn ) ) {
+ if ( lc->bound && ber_bvcmp(&op->o_req_ndn, &lc->local_dn ) ) {
int err;
ldap_pvt_thread_mutex_lock( &li->conn_mutex );
lc = avl_delete( &li->conntree, (caddr_t)lc, ldap_back_conn_cmp );
if ( lc->local_dn.bv_val )
ch_free( lc->local_dn.bv_val );
- ber_dupbv( &lc->local_dn, ndn );
+ ber_dupbv( &lc->local_dn, &op->o_req_ndn );
err = avl_insert( &li->conntree, (caddr_t)lc,
ldap_back_conn_cmp, ldap_back_conn_dup );
ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
#endif /* PRINT_CONNTREE */
struct ldapconn *
-ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op)
+ldap_back_getconn(struct ldapinfo *li, Operation *op, SlapReply *rs)
{
struct ldapconn *lc, lc_curr;
LDAP *ld;
/* Explicit binds must not be shared */
if ( op->o_tag == LDAP_REQ_BIND ) {
- lc_curr.conn = conn;
+ lc_curr.conn = op->o_conn;
} else {
lc_curr.conn = NULL;
}
/* Looks like we didn't get a bind. Open a new session... */
if (!lc) {
- int vers = conn->c_protocol;
- int err = ldap_initialize(&ld, li->url);
+ int vers = op->o_conn->c_protocol;
+ rs->sr_err = ldap_initialize(&ld, li->url);
- if (err != LDAP_SUCCESS) {
- err = ldap_back_map_result(err);
- send_ldap_result( conn, op, err,
- NULL, "ldap_initialize() failed", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_err = ldap_back_map_result(rs->sr_err);
+ rs->sr_text = "ldap_initialize() failed";
+ send_ldap_result( op, rs );
return( NULL );
}
/* Set LDAP version. This will always succeed: If the client
/*
* Sets a cookie for the rewrite session
*/
- ( void )rewrite_session_init( li->rwinfo, conn );
+ ( void )rewrite_session_init( li->rwinfo, op->o_conn );
#endif /* ENABLE_REWRITE */
- if ( conn->c_dn.bv_len != 0 ) {
+ if ( op->o_conn->c_dn.bv_len != 0 ) {
/*
* Rewrite the bind dn if needed
lc->bound_dn.bv_val = NULL;
lc->bound_dn.bv_len = 0;
switch ( rewrite_session( li->rwinfo, "bindDn",
- conn->c_dn.bv_val, conn,
+ op->o_conn->c_dn.bv_val, op->o_conn,
&lc->bound_dn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( lc->bound_dn.bv_val == NULL ) {
ber_dupbv( &lc->bound_dn,
- &conn->c_dn );
+ &op->o_conn->c_dn );
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] bindDn: \"%s\" ->"
" \"%s\"\n%s",
- conn->c_dn.bv_val,
+ op->o_conn->c_dn.bv_val,
lc->bound_dn.bv_val, "" );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"rw> bindDn: \"%s\" ->"
" \"%s\"\n%s",
- conn->c_dn.bv_val,
+ op->o_conn->c_dn.bv_val,
lc->bound_dn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed",
- NULL, NULL );
+ "Operation not allowed" );
return( NULL );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_OTHER,
- NULL, "Rewrite error",
- NULL, NULL );
+ "Rewrite error" );
return( NULL );
}
#else /* !ENABLE_REWRITE */
struct berval bv;
- ldap_back_dn_massage( li, &conn->c_dn, &bv, 0, 1 );
- if ( bv.bv_val == conn->c_dn.bv_val ) {
+ ldap_back_dn_massage( li, &op->o_conn->c_dn, &bv, 0, 1 );
+ if ( bv.bv_val == op->o_conn->c_dn.bv_val ) {
ber_dupbv( &lc->bound_dn, &bv );
} else {
lc->bound_dn = bv;
/* Inserts the newly created ldapconn in the avl tree */
ldap_pvt_thread_mutex_lock( &li->conn_mutex );
- err = avl_insert( &li->conntree, (caddr_t)lc,
+ rs->sr_err = avl_insert( &li->conntree, (caddr_t)lc,
ldap_back_conn_cmp, ldap_back_conn_dup );
#if PRINT_CONNTREE > 0
#endif /* !NEW_LOGGING */
/* Err could be -1 in case a duplicate ldapconn is inserted */
- if ( err != 0 ) {
+ if ( rs->sr_err != 0 ) {
ldap_back_conn_free( lc );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "internal server error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "internal server error" );
return( NULL );
}
} else {
* it can be used to simplify the check.
*/
int
-ldap_back_dobind( struct ldapinfo *li, struct ldapconn *lc, Connection *conn, Operation *op )
+ldap_back_dobind( struct ldapinfo *li, struct ldapconn *lc, Operation *op, SlapReply *rs )
{
int rc;
ber_int_t msgid;
if ( !lc->bound ) {
rc = ldap_sasl_bind(lc->ld, lc->bound_dn.bv_val,
LDAP_SASL_SIMPLE, &lc->cred, NULL, NULL, &msgid);
- rc = ldap_back_op_result( li, lc, conn, op, msgid, rc, 0 );
+ rc = ldap_back_op_result( li, lc, op, rs, msgid, rc, 0 );
if (rc == LDAP_SUCCESS) {
lc->bound = 1;
}
int
ldap_back_op_result(struct ldapinfo *li, struct ldapconn *lc,
- Connection *conn, Operation *op, ber_int_t msgid, int err, int sendok)
+ Operation *op, SlapReply *rs, ber_int_t msgid, int err, int sendok)
{
- char *msg = NULL;
char *match = NULL;
- char *mmatch = NULL;
LDAPMessage *res;
int rc;
+ rs->sr_text = NULL;
+ rs->sr_matched = NULL;
+
if (err == LDAP_SUCCESS) {
if (ldap_result(lc->ld, msgid, 1, NULL, &res) == -1) {
ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER, &err);
} else {
rc = ldap_parse_result(lc->ld, res, &err, &match,
- &msg, NULL, NULL, 1);
+ (char **)&rs->sr_text, NULL, NULL, 1);
if (rc != LDAP_SUCCESS) err = rc;
}
}
err = ldap_back_map_result(err);
/* internal ops must not reply to client */
- if ( conn && !op->o_do_not_cache ) {
+ if ( op->o_conn && !op->o_do_not_cache ) {
#ifdef ENABLE_REWRITE
if (match) {
- switch(rewrite_session(li->rwinfo, "matchedDn", match, conn,
- &mmatch)) {
+ switch(rewrite_session(li->rwinfo, "matchedDn", match, op->o_conn,
+ (char **)&rs->sr_matched)) {
case REWRITE_REGEXEC_OK:
- if (!mmatch) mmatch = match; break;
+ if (!rs->sr_matched) rs->sr_matched = match; break;
case REWRITE_REGEXEC_UNWILLING:
case REWRITE_REGEXEC_ERR:
break;
if (match) {
ber_str2bv(match, 0, 0, &dn);
ldap_back_dn_massage(li, &dn, &mdn, 0, 0);
- mmatch = mdn.bv_val;
+ rs->sr_matched = mdn.bv_val;
}
#endif
}
}
if (sendok || err != LDAP_SUCCESS) {
- send_ldap_result( conn, op, err, mmatch, msg, NULL, NULL );
+ rs->sr_err = err;
+ send_ldap_result( op, rs );
}
- if (mmatch != match) free(mmatch);
+ if (rs->sr_matched != match) free((char *)rs->sr_matched);
+ rs->sr_matched = NULL;
if ( match ) free( match );
- if ( msg ) free( msg );
+ if ( rs->sr_text ) {
+ free( (char *)rs->sr_text );
+ rs->sr_text = NULL;
+ }
return( (err==LDAP_SUCCESS) ? 0 : -1 );
}
int
ldap_back_compare(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- AttributeAssertion *ava
-)
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
struct berval mapped_oc, mapped_at;
struct berval mdn = { 0, NULL };
int rc;
ber_int_t msgid;
- lc = ldap_back_getconn(li, conn, op);
- if (!lc || !ldap_back_dobind( li, lc, conn, op ) ) {
+ lc = ldap_back_getconn(li, op, rs);
+ if (!lc || !ldap_back_dobind( li, lc, op, rs ) ) {
return( -1 );
}
* Rewrite the compare dn, if needed
*/
#ifdef ENABLE_REWRITE
- switch ( rewrite_session( li->rwinfo, "compareDn", dn->bv_val, conn, &mdn.bv_val ) ) {
+ switch ( rewrite_session( li->rwinfo, "compareDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
- mdn.bv_val = ( char * )dn->bv_val;
+ mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
- "[rw] compareDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 );
+ "[rw] compareDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> compareDn: \"%s\" -> \"%s\"\n%s",
- dn->bv_val, mdn.bv_val, "" );
+ op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, dn, &mdn, 0, 1 );
+ ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
if ( mdn.bv_val == NULL ) {
return -1;
}
#endif /* !ENABLE_REWRITE */
- if ( ava->aa_desc == slap_schema.si_ad_objectClass ) {
- ldap_back_map(&li->oc_map, &ava->aa_desc->ad_cname, &mapped_oc,
+ if ( op->oq_compare.rs_ava->aa_desc == slap_schema.si_ad_objectClass ) {
+ ldap_back_map(&li->oc_map, &op->oq_compare.rs_ava->aa_desc->ad_cname, &mapped_oc,
BACKLDAP_MAP);
if (mapped_oc.bv_val == NULL || mapped_oc.bv_val[0] == '\0') {
return( -1 );
}
} else {
- ldap_back_map(&li->at_map, &ava->aa_value, &mapped_at,
+ ldap_back_map(&li->at_map, &op->oq_compare.rs_ava->aa_value, &mapped_at,
BACKLDAP_MAP);
if (mapped_at.bv_val == NULL || mapped_at.bv_val[0] == '\0') {
return( -1 );
rc = ldap_compare_ext( lc->ld, mdn.bv_val, mapped_oc.bv_val,
&mapped_at, op->o_ctrls, NULL, &msgid );
- if ( mdn.bv_val != dn->bv_val ) {
+ if ( mdn.bv_val != op->o_req_dn.bv_val ) {
free( mdn.bv_val );
}
- return( ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ) );
+ return( ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ) );
}
static int
ldap_back_exop_whoami(
- Connection *conn,
Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl ***rspctrls,
- const char **text,
- BerVarray *refs )
+ SlapReply *rs )
{
struct berval *bv = NULL;
- int rc = LDAP_SUCCESS;
- if ( reqdata != NULL ) {
+ if ( op->oq_extended.rs_reqdata != NULL ) {
/* no request data should be provided */
- *text = "no request data expected";
+ rs->sr_text = "no request data expected";
return LDAP_PROTOCOL_ERROR;
}
{
- rc = backend_check_restrictions( conn->c_authz_backend,
- conn, op, (struct berval *)&slap_EXOP_WHOAMI, text );
+ rs->sr_err = backend_check_restrictions( op, rs,
+ (struct berval *)&slap_EXOP_WHOAMI );
- if( rc != LDAP_SUCCESS ) return rc;
+ if( rs->sr_err != LDAP_SUCCESS ) return rs->sr_err;
}
/* if auth'd by back-ldap and request is proxied, forward it */
- if ( conn->c_authz_backend && !strcmp(conn->c_authz_backend->be_type, "ldap" ) && !dn_match(&op->o_ndn, &conn->c_ndn)) {
+ if ( op->o_conn->c_authz_backend && !strcmp(op->o_conn->c_authz_backend->be_type, "ldap" ) && !dn_match(&op->o_ndn, &op->o_conn->c_ndn)) {
struct ldapinfo *li =
- (struct ldapinfo *)conn->c_authz_backend->be_private;
+ (struct ldapinfo *)op->o_conn->c_authz_backend->be_private;
struct ldapconn *lc;
LDAPControl c, *ctrls[2] = {&c, NULL};
Operation op2 = *op;
ber_int_t msgid;
- op2.o_ndn = conn->c_ndn;
- lc = ldap_back_getconn(li, conn, &op2);
- if (!lc || !ldap_back_dobind( li, lc, conn, op )) {
+ op2.o_ndn = op->o_conn->c_ndn;
+ lc = ldap_back_getconn(li, &op2, rs);
+ if (!lc || !ldap_back_dobind( li, lc, op, rs )) {
return -1;
}
c.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
strcpy(c.ldctl_value.bv_val, "dn:");
strcpy(c.ldctl_value.bv_val+3, op->o_ndn.bv_val);
- rc = ldap_whoami(lc->ld, ctrls, NULL, &msgid);
- if (rc == LDAP_SUCCESS) {
+ rs->sr_err = ldap_whoami(lc->ld, ctrls, NULL, &msgid);
+ if (rs->sr_err == LDAP_SUCCESS) {
if (ldap_result(lc->ld, msgid, 1, NULL, &res) == -1) {
ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER,
- &rc);
+ &rs->sr_err);
} else {
- rc = ldap_parse_whoami(lc->ld, res, &bv);
+ rs->sr_err = ldap_parse_whoami(lc->ld, res, &bv);
ldap_msgfree(res);
}
}
ch_free(c.ldctl_value.bv_val);
- if (rc != LDAP_SUCCESS) {
- rc = ldap_back_map_result(rc);
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_err = ldap_back_map_result(rs->sr_err);
}
} else {
/* else just do the same as before */
}
}
- *rspdata = bv;
- return rc;
+ rs->sr_rspdata = bv;
+ return rs->sr_err;
}
int
ldap_back_delete(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn
-)
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
int rc;
ber_int_t msgid;
struct berval mdn = { 0, NULL };
- lc = ldap_back_getconn( li, conn, op );
+ lc = ldap_back_getconn( li, op, rs );
- if ( !lc || !ldap_back_dobind( li, lc, conn, op ) ) {
+ if ( !lc || !ldap_back_dobind( li, lc, op, rs ) ) {
return( -1 );
}
/*
- * Rewrite the compare dn, if needed
+ * Rewrite the request dn, if needed
*/
#ifdef ENABLE_REWRITE
- switch ( rewrite_session( li->rwinfo, "deleteDn", dn->bv_val, conn, &mdn.bv_val ) ) {
+ switch ( rewrite_session( li->rwinfo, "deleteDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
- mdn.bv_val = ( char * )dn->bv_val;
+ mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
- "[rw] deleteDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 );
+ "[rw] deleteDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> deleteDn: \"%s\" -> \"%s\"\n%s",
- dn->bv_val, mdn.bv_val, "" );
+ op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, dn, &mdn, 0, 1 );
+ ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
rc = ldap_delete_ext( lc->ld, mdn.bv_val, op->o_ctrls, NULL, &msgid );
- if ( mdn.bv_val != dn->bv_val ) {
+ if ( mdn.bv_val != op->o_req_dn.bv_val ) {
free( mdn.bv_val );
}
- return( ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ) );
+ return( ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ) );
}
int
ldap_back_extended(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char** text,
- BerVarray *refs
-)
+ SlapReply *rs )
{
int i;
for( i=0; exop_table[i].extended != NULL; i++ ) {
- if( ber_bvcmp( exop_table[i].oid, reqoid ) == 0 ) {
- return (exop_table[i].extended)(
- be, conn, op,
- reqoid, reqdata,
- rspoid, rspdata, rspctrls,
- text, refs );
+ if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) {
+ return (exop_table[i].extended)( op, rs );
}
}
- *text = "not supported within naming context";
+ rs->sr_text = "not supported within naming context";
return LDAP_UNWILLING_TO_PERFORM;
}
int
ldap_back_exop_passwd(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char **text,
- BerVarray *refs )
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
struct berval id = { 0, NULL };
struct berval old = { 0, NULL };
struct berval dn, mdn = { 0, NULL }, newpw;
LDAPMessage *res;
ber_int_t msgid;
- char *msg = NULL, *match = NULL;
int rc;
- lc = ldap_back_getconn(li, conn, op);
- if (!lc || !ldap_back_dobind(li, lc, conn, op) ) {
+ lc = ldap_back_getconn(li, op, rs);
+ if (!lc || !ldap_back_dobind(li, lc, op, rs) ) {
return -1;
}
- rc = slap_passwd_parse( reqdata, &id, &old, &new, text );
+ rc = slap_passwd_parse( op->oq_extended.rs_reqdata, &id, &old, &new, &rs->sr_text );
if (rc != LDAP_SUCCESS)
return rc;
#endif
if (dn.bv_len == 0) {
- *text = "No password is associated with the Root DSE";
+ rs->sr_text = "No password is associated with the Root DSE";
return LDAP_UNWILLING_TO_PERFORM;
}
if (id.bv_len) {
#ifdef ENABLE_REWRITE
- switch ( rewrite_session( li->rwinfo, "modifyPwd", dn.bv_val, conn, &mdn.bv_val ) ) {
+ switch ( rewrite_session( li->rwinfo, "modifyPwd", dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn.bv_val = dn.bv_val;
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
/* sigh. parse twice, because parse_passwd doesn't give
* us the err / match / msg info.
*/
- int err;
- rc = ldap_parse_result(lc->ld, res, &err, &match, &msg,
+ rc = ldap_parse_result(lc->ld, res, &rs->sr_err, (char **)&rs->sr_matched, (char **)&rs->sr_text,
NULL, NULL, 0);
if (rc == LDAP_SUCCESS) {
- if (err == LDAP_SUCCESS) {
+ if (rs->sr_err == LDAP_SUCCESS) {
rc = ldap_parse_passwd(lc->ld, res, &newpw);
if (rc == LDAP_SUCCESS && newpw.bv_val) {
- *rspdata = slap_passwd_return(&newpw);
+ rs->sr_type = REP_EXTENDED;
+ rs->sr_rspdata = slap_passwd_return(&newpw);
free(newpw.bv_val);
}
} else {
- rc = err;
+ rc = rs->sr_err;
}
}
ldap_msgfree(res);
}
}
if (rc != LDAP_SUCCESS) {
- rc = ldap_back_map_result(rc);
- send_ldap_result(conn, op, rc, match, msg, NULL, NULL);
- if (match) free(match);
- if (msg) free(msg);
+ rs->sr_err = ldap_back_map_result(rc);
+ send_ldap_result(op, rs);
+ if (rs->sr_matched) free((char *)rs->sr_matched);
+ if (rs->sr_text) free((char *)rs->sr_text);
+ rs->sr_matched = NULL;
+ rs->sr_text = NULL;
rc = -1;
}
return rc;
int
ldap_back_modify(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- Modifications *modlist
-)
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
LDAPMod **modv = NULL;
LDAPMod *mods;
struct berval mdn = { 0, NULL };
ber_int_t msgid;
- lc = ldap_back_getconn(li, conn, op);
- if ( !lc || !ldap_back_dobind( li, lc, conn, op ) ) {
+ lc = ldap_back_getconn(li, op, rs);
+ if ( !lc || !ldap_back_dobind( li, lc, op, rs ) ) {
return( -1 );
}
* Rewrite the modify dn, if needed
*/
#ifdef ENABLE_REWRITE
- switch ( rewrite_session( li->rwinfo, "modifyDn", dn->bv_val, conn, &mdn.bv_val ) ) {
+ switch ( rewrite_session( li->rwinfo, "modifyDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
- mdn.bv_val = ( char * )dn->bv_val;
+ mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
- "[rw] modifyDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 );
+ "[rw] modifyDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> modifyDn: \"%s\" -> \"%s\"\n%s",
- dn->bv_val, mdn.bv_val, "" );
+ op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, dn, &mdn, 0, 1 );
+ ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
- for (i=0, ml=modlist; ml; i++,ml=ml->sml_next)
+ for (i=0, ml=op->oq_modify.rs_modlist; ml; i++,ml=ml->sml_next)
;
mods = (LDAPMod *)ch_malloc(i*sizeof(LDAPMod));
goto cleanup;
}
- for (i=0, ml=modlist; ml; ml=ml->sml_next) {
+ for (i=0, ml=op->oq_modify.rs_modlist; ml; ml=ml->sml_next) {
if ( ml->sml_desc->ad_type->sat_no_user_mod ) {
continue;
}
if ( strcmp( ml->sml_desc->ad_type->sat_syntax->ssyn_oid,
SLAPD_DN_SYNTAX ) == 0 ) {
ldap_dnattr_rewrite( li->rwinfo,
- ml->sml_bvalues, conn );
+ ml->sml_bvalues, op->o_conn );
}
#endif /* ENABLE_REWRITE */
rc = ldap_modify_ext( lc->ld, mdn.bv_val, modv, op->o_ctrls, NULL, &msgid );
cleanup:;
- if ( mdn.bv_val != dn->bv_val ) {
+ if ( mdn.bv_val != op->o_req_dn.bv_val ) {
free( mdn.bv_val );
}
for (i=0; modv[i]; i++) {
ch_free( mods );
ch_free( modv );
- return ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 );
+ return ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 );
}
int
ldap_back_modrdn(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- struct berval *newrdn,
- struct berval *nnewrdn,
- int deleteoldrdn,
- struct berval *newSuperior,
- struct berval *nnewSuperior
-)
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
int rc;
ber_int_t msgid;
struct berval mdn = { 0, NULL }, mnewSuperior = { 0, NULL };
- lc = ldap_back_getconn( li, conn, op );
- if ( !lc || !ldap_back_dobind(li, lc, conn, op) ) {
+ lc = ldap_back_getconn( li, op, rs );
+ if ( !lc || !ldap_back_dobind(li, lc, op, rs) ) {
return( -1 );
}
- if (newSuperior) {
+ if (op->oq_modrdn.rs_newSup) {
int version = LDAP_VERSION3;
ldap_set_option( lc->ld, LDAP_OPT_PROTOCOL_VERSION, &version);
*/
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "newSuperiorDn",
- newSuperior->bv_val, conn, &mnewSuperior.bv_val ) ) {
+ op->oq_modrdn.rs_newSup->bv_val, op->o_conn, &mnewSuperior.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mnewSuperior.bv_val == NULL ) {
- mnewSuperior.bv_val = ( char * )newSuperior;
+ mnewSuperior.bv_val = ( char * )op->oq_modrdn.rs_newSup->bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] newSuperiorDn:" " \"%s\" -> \"%s\"\n",
- newSuperior, mnewSuperior.bv_val, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, mnewSuperior.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> newSuperiorDn:"
" \"%s\" -> \"%s\"\n%s",
- newSuperior->bv_val, mnewSuperior.bv_val, "" );
+ op->oq_modrdn.rs_newSup->bv_val, mnewSuperior.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, newSuperior, &mnewSuperior, 0, 1 );
+ ldap_back_dn_massage( li, op->oq_modrdn.rs_newSup, &mnewSuperior, 0, 1 );
if ( mnewSuperior.bv_val == NULL ) {
return( -1 );
}
/*
* Rewrite the modrdn dn, if required
*/
- switch ( rewrite_session( li->rwinfo, "modrDn", dn->bv_val, conn, &mdn.bv_val ) ) {
+ switch ( rewrite_session( li->rwinfo, "modrDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
- mdn.bv_val = ( char * )dn->bv_val;
+ mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
- "[rw] modrDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 );
+ "[rw] modrDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> modrDn: \"%s\" -> \"%s\"\n%s",
- dn->bv_val, mdn.bv_val, "" );
+ op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
return( -1 );
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, dn, &mdn, 0, 1 );
+ ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
- rc = ldap_rename( lc->ld, mdn.bv_val, newrdn->bv_val, mnewSuperior.bv_val,
- deleteoldrdn, op->o_ctrls, NULL, &msgid );
+ rc = ldap_rename( lc->ld, mdn.bv_val, op->oq_modrdn.rs_newrdn.bv_val, mnewSuperior.bv_val,
+ op->oq_modrdn.rs_deleteoldrdn, op->o_ctrls, NULL, &msgid );
- if ( mdn.bv_val != dn->bv_val ) {
+ if ( mdn.bv_val != op->o_req_dn.bv_val ) {
free( mdn.bv_val );
}
if ( mnewSuperior.bv_val != NULL
- && mnewSuperior.bv_val != newSuperior->bv_val ) {
+ && mnewSuperior.bv_val != op->oq_modrdn.rs_newSup->bv_val ) {
free( mnewSuperior.bv_val );
}
- return( ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ) );
+ return( ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ) );
}
int
ldap_back_search(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly
-)
+ SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
struct timeval tv;
LDAPMessage *res, *e;
int count, rc = 0, msgid, sres = LDAP_SUCCESS;
- char *match = NULL, *err = NULL;
+ char *match = NULL;
char **mapped_attrs = NULL;
struct berval mbase;
- char *mmatch = NULL;
struct berval mfilter = { 0, NULL };
struct slap_limits_set *limit = NULL;
int isroot = 0;
BerVarray v2refs = NULL;
- lc = ldap_back_getconn(li, conn, op);
+ lc = ldap_back_getconn(li, op, rs);
if ( !lc ) {
return( -1 );
}
* FIXME: in case of values return filter, we might want
* to map attrs and maybe rewrite value
*/
- if ( !ldap_back_dobind( li, lc, conn, op ) ) {
+ if ( !ldap_back_dobind( li, lc, op, rs ) ) {
return( -1 );
}
/* if not root, get appropriate limits */
- if ( be_isroot( be, &op->o_ndn ) ) {
+ if ( be_isroot( op->o_bd, &op->o_ndn ) ) {
isroot = 1;
} else {
- ( void ) get_limits( be, &op->o_ndn, &limit );
+ ( void ) get_limits( op->o_bd, &op->o_ndn, &limit );
}
/* if no time limit requested, rely on remote server limits */
/* if requested limit higher than hard limit, abort */
- if ( !isroot && tlimit > limit->lms_t_hard ) {
+ if ( !isroot && op->oq_search.rs_tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */
if ( limit->lms_t_hard == 0
&& limit->lms_t_soft > -1
- && tlimit > limit->lms_t_soft ) {
- tlimit = limit->lms_t_soft;
+ && op->oq_search.rs_tlimit > limit->lms_t_soft ) {
+ op->oq_search.rs_tlimit = limit->lms_t_soft;
/* positive hard limit means abort */
} else if ( limit->lms_t_hard > 0 ) {
- send_ldap_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_ldap_result( op, rs );
rc = 0;
goto finish;
}
/* if no size limit requested, rely on remote server limits */
/* if requested limit higher than hard limit, abort */
- if ( !isroot && slimit > limit->lms_s_hard ) {
+ if ( !isroot && op->oq_search.rs_slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */
if ( limit->lms_s_hard == 0
&& limit->lms_s_soft > -1
- && slimit > limit->lms_s_soft ) {
- slimit = limit->lms_s_soft;
+ && op->oq_search.rs_slimit > limit->lms_s_soft ) {
+ op->oq_search.rs_slimit = limit->lms_s_soft;
/* positive hard limit means abort */
} else if ( limit->lms_s_hard > 0 ) {
- send_ldap_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_ldap_result( op, rs );
rc = 0;
goto finish;
}
}
/* should we check return values? */
- if (deref != -1)
- ldap_set_option( lc->ld, LDAP_OPT_DEREF, (void *)&deref);
- if (tlimit != -1) {
- tv.tv_sec = tlimit;
+ if (op->oq_search.rs_deref != -1)
+ ldap_set_option( lc->ld, LDAP_OPT_DEREF, (void *)&op->oq_search.rs_deref);
+ if (op->oq_search.rs_tlimit != -1) {
+ tv.tv_sec = op->oq_search.rs_tlimit;
tv.tv_usec = 0;
} else {
tv.tv_sec = 0;
*/
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "searchBase",
- base->bv_val, conn, &mbase.bv_val ) ) {
+ op->o_req_dn.bv_val, op->o_conn, &mbase.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mbase.bv_val == NULL ) {
- mbase = *base;
+ mbase = op->o_req_dn;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] searchBase: \"%s\" -> \"%s\"\n",
- base->bv_val, mbase.bv_val, 0 );
+ op->o_req_dn.bv_val, mbase.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> searchBase: \"%s\" -> \"%s\"\n%s",
- base->bv_val, mbase.bv_val, "" );
+ op->o_req_dn.bv_val, mbase.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Operation not allowed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Operation not allowed" );
rc = -1;
goto finish;
case REWRITE_REGEXEC_ERR:
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "Rewrite error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "Rewrite error" );
rc = -1;
goto finish;
}
#else /* !ENABLE_REWRITE */
- ldap_back_dn_massage( li, base, &mbase, 0, 1 );
+ ldap_back_dn_massage( li, &op->oq_req_dn &mbase, 0, 1 );
#endif /* !ENABLE_REWRITE */
#ifdef ENABLE_REWRITE
- rc = ldap_back_filter_map_rewrite_( li->rwinfo, conn,
- &li->at_map, &li->oc_map, filter, &mfilter,
+ rc = ldap_back_filter_map_rewrite_( li->rwinfo, op->o_conn,
+ &li->at_map, &li->oc_map, op->oq_search.rs_filter, &mfilter,
BACKLDAP_MAP );
#else /* ! ENABLE_REWRITE */
rc = ldap_back_filter_map_rewrite_( &li->at_map, &li->oc_map,
- filter, &mfilter, BACKLDAP_MAP );
+ op->oq_search.rs_filter, &mfilter, BACKLDAP_MAP );
#endif /* ! ENABLE_REWRITE */
if ( rc ) {
goto finish;
}
- mapped_attrs = ldap_back_map_attrs(&li->at_map, attrs, BACKLDAP_MAP);
- if ( mapped_attrs == NULL && attrs) {
- for (count=0; attrs[count].an_name.bv_val; count++);
+ mapped_attrs = ldap_back_map_attrs(&li->at_map, op->oq_search.rs_attrs, BACKLDAP_MAP);
+ if ( mapped_attrs == NULL && op->oq_search.rs_attrs) {
+ for (count=0; op->oq_search.rs_attrs[count].an_name.bv_val; count++);
mapped_attrs = ch_malloc( (count+1) * sizeof(char *));
- for (count=0; attrs[count].an_name.bv_val; count++) {
- mapped_attrs[count] = attrs[count].an_name.bv_val;
+ for (count=0; op->oq_search.rs_attrs[count].an_name.bv_val; count++) {
+ mapped_attrs[count] = op->oq_search.rs_attrs[count].an_name.bv_val;
}
mapped_attrs[count] = NULL;
}
- rc = ldap_search_ext(lc->ld, mbase.bv_val, scope, mfilter.bv_val,
- mapped_attrs, attrsonly, op->o_ctrls, NULL, tv.tv_sec ? &tv
- : NULL, slimit, &msgid);
+ rc = ldap_search_ext(lc->ld, mbase.bv_val, op->oq_search.rs_scope, mfilter.bv_val,
+ mapped_attrs, op->oq_search.rs_attrsonly, op->o_ctrls, NULL, tv.tv_sec ? &tv
+ : NULL, op->oq_search.rs_slimit, &msgid);
if ( rc != LDAP_SUCCESS ) {
fail:;
- rc = ldap_back_op_result(li, lc, conn, op, msgid, rc, 0);
+ rc = ldap_back_op_result(li, lc, op, rs, msgid, rc, 0);
goto finish;
}
* but this is necessary for version matching, and for ACL processing.
*/
- for ( count=0, rc=0;
+ for ( rs->sr_nentries=0, rc=0;
rc != -1;
rc = ldap_result(lc->ld, msgid, 0, &tv, &res))
{
Entry ent;
struct berval bdn;
e = ldap_first_entry(lc->ld,res);
- if ( ldap_build_entry(be, conn, e, &ent, &bdn, 1) == LDAP_SUCCESS ) {
+ if ( ldap_build_entry(op->o_bd, op->o_conn, e, &ent, &bdn, 1) == LDAP_SUCCESS ) {
Attribute *a;
- count++;
- send_search_entry( be, conn, op, &ent, attrs,
- attrsonly, NULL );
+ rs->sr_nentries++;
+ rs->sr_entry = &ent;
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry( op, rs );
while (ent.e_attrs) {
a = ent.e_attrs;
ent.e_attrs = a->a_next;
} else if ( rc == LDAP_RES_SEARCH_REFERENCE ) {
char **references = NULL;
- LDAPControl **ctrls = NULL;
- BerVarray refs;
int cnt;
rc = ldap_parse_reference( lc->ld, res,
- &references, &ctrls, 1 );
+ &references, &rs->sr_ctrls, 1 );
if ( rc != LDAP_SUCCESS ) {
continue;
for ( cnt = 0; references[ cnt ]; cnt++ )
/* NO OP */ ;
- refs = ch_calloc( cnt + 1, sizeof( struct berval ) );
+ rs->sr_ref = ch_calloc( cnt + 1, sizeof( struct berval ) );
for ( cnt = 0; references[ cnt ]; cnt++ ) {
- refs[ cnt ].bv_val = references[ cnt ];
- refs[ cnt ].bv_len = strlen( references[ cnt ] );
+ rs->sr_ref[ cnt ].bv_val = references[ cnt ];
+ rs->sr_ref[ cnt ].bv_len = strlen( references[ cnt ] );
}
/* ignore return value by now */
- ( void )send_search_reference( be, conn, op,
- NULL, refs, ctrls, &v2refs );
+ ( void )send_search_reference( op, rs );
/* cleanup */
if ( references ) {
ldap_value_free( references );
- ch_free( refs );
+ ch_free( rs->sr_ref );
+ rs->sr_ref = NULL;
}
- if ( ctrls ) {
- ldap_controls_free( ctrls );
+ if ( rs->sr_ctrls ) {
+ ldap_controls_free( rs->sr_ctrls );
+ rs->sr_ctrls = NULL;
}
} else {
- rc = ldap_parse_result(lc->ld, res, &sres, &match,
- &err, NULL, NULL, 1);
- if (rc != LDAP_SUCCESS ) sres = rc;
- sres = ldap_back_map_result(sres);
+ rc = ldap_parse_result(lc->ld, res, &rs->sr_err, &match,
+ (char **)&rs->sr_text, NULL, NULL, 1);
+ if (rc != LDAP_SUCCESS ) rs->sr_err = rc;
+ rs->sr_err = ldap_back_map_result(rs->sr_err);
rc = 0;
break;
}
*/
if ( match != NULL ) {
switch ( rewrite_session( li->rwinfo, "matchedDn",
- match, conn, &mmatch ) ) {
+ match, op->o_conn, (char **)&rs->sr_matched ) ) {
case REWRITE_REGEXEC_OK:
- if ( mmatch == NULL ) {
- mmatch = ( char * )match;
+ if ( rs->sr_matched == NULL ) {
+ rs->sr_matched = ( char * )match;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
- "[rw] matchedDn:" " \"%s\" -> \"%s\"\n", match, mmatch, 0 );
+ "[rw] matchedDn:" " \"%s\" -> \"%s\"\n", match, rs->sr_matched, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> matchedDn:"
" \"%s\" -> \"%s\"\n%s",
- match, mmatch, "" );
+ match, rs->sr_matched, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_ERR:
/* FIXME: no error, but no matched ... */
- mmatch = NULL;
+ rs->sr_matched = NULL;
break;
}
}
-
- if ( v2refs ) {
- sres = LDAP_REFERRAL;
- }
-
- send_search_result( conn, op, sres,
- mmatch, err, v2refs, NULL, count );
-
#else /* !ENABLE_REWRITE */
if ( match != NULL ) {
struct berval dn, mdn;
ber_str2bv(match, 0, 0, &dn);
ldap_back_dn_massage(li, &dn, &mdn, 0, 0);
- mmatch = mdn.bv_val;
+ rs->sr_matched = mdn.bv_val;
}
-
- if ( v2refs ) {
- sres = LDAP_REFERRAL;
- }
- send_search_result( conn, op, sres,
- mmatch, err, v2refs, NULL, count );
#endif /* !ENABLE_REWRITE */
+ if ( rs->sr_v2ref ) {
+ rs->sr_err = LDAP_REFERRAL;
+ }
+ send_search_result( op, rs );
finish:;
if ( match ) {
- if ( mmatch != match ) {
- free( mmatch );
+ if ( rs->sr_matched != match ) {
+ free( (char *)rs->sr_matched );
}
+ rs->sr_matched = NULL;
LDAP_FREE(match);
}
- if ( err ) {
- LDAP_FREE( err );
+ if ( rs->sr_text ) {
+ LDAP_FREE( (char *)rs->sr_text );
+ rs->sr_text = NULL;
}
if ( mapped_attrs ) {
ch_free( mapped_attrs );
}
- if ( mfilter.bv_val != filterstr->bv_val ) {
+ if ( mfilter.bv_val != op->oq_search.rs_filterstr.bv_val ) {
ch_free( mfilter.bv_val );
}
- if ( mbase.bv_val != base->bv_val ) {
+ if ( mbase.bv_val != op->o_req_dn.bv_val ) {
free( mbase.bv_val );
}
*/
int
ldap_back_entry_get(
- Backend *be,
- Connection *conn,
Operation *op,
struct berval *ndn,
ObjectClass *oc,
Entry **ent
)
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
+ struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
int rc = 1, is_oc;
struct berval mapped = { 0, NULL }, bdn;
LDAPMessage *result = NULL, *e = NULL;
char *gattr[3];
char *filter;
+ Connection *oconn;
+ SlapReply rs;
ldap_back_map(&li->at_map, &at->ad_cname, &mapped, BACKLDAP_MAP);
if (mapped.bv_val == NULL || mapped.bv_val[0] == '\0') {
/* Tell getconn this is a privileged op */
is_oc = op->o_do_not_cache;
op->o_do_not_cache = 1;
- lc = ldap_back_getconn(li, conn, op);
- if ( !lc || !ldap_back_dobind(li, lc, NULL, op) ) {
+ lc = ldap_back_getconn(li, op, &rs);
+ oconn = op->o_conn;
+ op->o_conn = NULL;
+ if ( !lc || !ldap_back_dobind(li, lc, op, &rs) ) {
op->o_do_not_cache = is_oc;
+ op->o_conn = oconn;
return 1;
}
op->o_do_not_cache = is_oc;
+ op->o_conn = oconn;
is_oc = (strcasecmp("objectclass", mapped.bv_val) == 0);
if (oc && !is_oc) {
*ent = ch_malloc(sizeof(Entry));
- rc = ldap_build_entry(be, conn, e, *ent, &bdn, 0);
+ rc = ldap_build_entry(op->o_bd, op->o_conn, e, *ent, &bdn, 0);
if (rc != LDAP_SUCCESS) {
ch_free(*ent);
int
ldbm_back_add(
- Backend *be,
- Connection *conn,
Operation *op,
- Entry *e
-)
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
struct berval pdn;
Entry *p = NULL;
- int rc;
ID id = NOID;
- const char *text = NULL;
AttributeDescription *children = slap_schema.si_ad_children;
AttributeDescription *entry = slap_schema.si_ad_entry;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_add: %s\n", e->e_dn, 0, 0 );
+ LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_add: %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
- Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", e->e_dn, 0, 0);
+ Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", op->o_req_dn.bv_val, 0, 0);
#endif
#ifndef LDAP_CACHING
- rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen );
+ rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL, &rs->sr_text, textbuf, textlen );
#else /* LDAP_CACHING */
if ( !op->o_caching_on ) {
- rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen );
+ rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL, &rs->sr_text, textbuf, textlen );
} else {
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
}
#endif /* LDAP_CACHING */
- if ( rc != LDAP_SUCCESS ) {
+ if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_add: entry (%s) failed schema check.\n", e->e_dn, 0, 0 );
+ "ldbm_back_add: entry (%s) failed schema check.\n", op->o_req_dn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n",
- text, 0, 0 );
+ rs->sr_text, 0, 0 );
#endif
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
return( -1 );
}
#ifdef LDAP_CACHING
if ( !op->o_caching_on ) {
#endif /* LDAP_CACHING */
- if ( !access_allowed( be, conn, op, e,
+ if ( !access_allowed( op, op->oq_add.rs_e,
entry, NULL, ACL_WRITE, NULL ) )
{
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_add: No write access to entry (%s).\n",
- e->e_dn, 0, 0 );
+ op->o_req_dn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "no write access to entry\n", 0,
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, "no write access to entry", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ "no write access to entry" );
return -1;
}
/* grab giant lock for writing */
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
- if ( ( rc = dn2id( be, &e->e_nname, &id ) ) || id != NOID ) {
- /* if (rc) something bad happened to ldbm cache */
+ if ( ( rs->sr_err = dn2id( op->o_bd, &op->o_req_ndn, &id ) ) || id != NOID ) {
+ /* if (rs->sr_err) something bad happened to ldbm cache */
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
- send_ldap_result( conn, op,
- rc ? LDAP_OTHER : LDAP_ALREADY_EXISTS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
+ send_ldap_result( op, rs );
return( -1 );
}
* add the entry.
*/
- if ( be_issuffix( be, &e->e_nname ) ) {
+ if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
pdn = slap_empty_bv;
} else {
- dnParent( &e->e_nname, &pdn );
+ dnParent( &op->o_req_ndn, &pdn );
}
#ifndef LDAP_CACHING
Entry *matched = NULL;
/* get parent with writer lock */
- if ( (p = dn2entry_w( be, &pdn, &matched )) == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs;
-
+ if ( (p = dn2entry_w( op->o_bd, &pdn, &matched )) == NULL ) {
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
- refs = referral_rewrite( default_referral,
- NULL, &e->e_name, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_add: Parent of (%s) does not exist.\n",
- e->e_dn, 0, 0 );
+ op->o_req_dn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
0, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_REFERRAL, matched_dn,
- refs == NULL ? "parent does not exist" : "parent is referral",
- refs, NULL );
+ rs->sr_text = rs->sr_ref ? "parent is referral" : "parent does not exist";
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
- free( matched_dn );
+ ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
return -1;
}
- if ( ! access_allowed( be, conn, op, p,
+ if ( ! access_allowed( op, p,
children, NULL, ACL_WRITE, NULL ) )
{
/* free parent and writer lock */
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_add: No write access to parent (%s).\n",
- e->e_dn, 0, 0 );
+ op->o_req_dn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "no write access to parent\n", 0,
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, "no write access to parent", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ "no write access to parent" );
return -1;
}
#endif
- send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM,
- NULL, "parent is an alias", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
+ "parent is an alias" );
return -1;
}
if ( is_entry_referral( p ) ) {
/* parent is a referral, don't allow add */
- char *matched_dn = ch_strdup( p->e_dn );
- BerVarray refs = is_entry_referral( p )
- ? get_entry_referrals( be, conn, op, p )
+ rs->sr_matched = ch_strdup( p->e_dn );
+ rs->sr_ref = is_entry_referral( p )
+ ? get_entry_referrals( op, p )
: NULL;
/* free parent and writer lock */
Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
0, 0 );
#endif
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
-
- ber_bvarray_free( refs );
- free( matched_dn );
+ ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
return -1;
}
/* no parent, must be adding entry to root */
#ifndef LDAP_CACHING
- if ( !be_isroot( be, &op->o_ndn ) )
+ if ( !be_isroot( op->o_bd, &op->o_ndn ) )
#else /* LDAP_CACHING */
- if ( !be_isroot( be, &op->o_ndn ) && !op->o_caching_on )
+ if ( !be_isroot( op->o_bd, &op->o_ndn ) && !op->o_caching_on )
#endif /* LDAP_CACHING */
{
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
p = (Entry *)&slap_entry_root;
- rc = access_allowed( be, conn, op, p,
+ rs->sr_err = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
p = NULL;
- if ( ! rc ) {
+ if ( ! rs->sr_err ) {
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
#ifdef NEW_LOGGING
0, 0, 0 );
#endif
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS,
- NULL,
- "no write access to parent",
- NULL, NULL );
+ "no write access to parent" );
return -1;
}
: "entry at root", 0, 0 );
#endif
- send_ldap_result( conn, op,
- LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs,
+ LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
}
}
- if ( next_id( be, &e->e_id ) ) {
+ if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {
if( p != NULL) {
/* free parent and writer lock */
cache_return_entry_w( &li->li_cache, p );
0, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "next_id add failed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "next_id add failed" );
return( -1 );
}
/*
* Try to add the entry to the cache, assign it a new dnid.
*/
- rc = cache_add_entry_rw(&li->li_cache, e, CACHE_WRITE_LOCK);
+ rs->sr_err = cache_add_entry_rw(&li->li_cache, op->oq_add.rs_e, CACHE_WRITE_LOCK);
- if ( rc != 0 ) {
+ if ( rs->sr_err != 0 ) {
if( p != NULL) {
/* free parent and writer lock */
cache_return_entry_w( &li->li_cache, p );
0 );
#endif
- send_ldap_result( conn, op,
- rc > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER,
- NULL, rc > 0 ? NULL : "cache add failed", NULL, NULL );
+ rs->sr_text = rs->sr_err > 0 ? NULL : "cache add failed";
+ rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER;
+ send_ldap_result( op, rs );
return( -1 );
}
- rc = -1;
+ rs->sr_err = -1;
/* attribute indexes */
- if ( index_entry_add( be, e, e->e_attrs ) != LDAP_SUCCESS ) {
+ if ( index_entry_add( op->o_bd, op->oq_add.rs_e ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_add: index_entry_add failed.\n", 0, 0, 0 );
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "index generation failed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "index generation failed" );
goto return_results;
}
/* dn2id index */
- if ( dn2id_add( be, &e->e_nname, e->e_id ) != 0 ) {
+ if ( dn2id_add( op->o_bd, &op->oq_add.rs_e->e_nname, op->oq_add.rs_e->e_id ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_add: dn2id_add failed.\n", 0, 0, 0 );
#endif
/* FIXME: delete attr indices? */
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "DN index generation failed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "DN index generation failed" );
goto return_results;
}
/* id2entry index */
- if ( id2entry_add( be, e ) != 0 ) {
+ if ( id2entry_add( op->o_bd, op->oq_add.rs_e ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_add: id2entry_add failed.\n", 0, 0, 0 );
#endif
/* FIXME: delete attr indices? */
- (void) dn2id_delete( be, &e->e_nname, e->e_id );
+ (void) dn2id_delete( op->o_bd, &op->oq_add.rs_e->e_nname, op->oq_add.rs_e->e_id );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "entry store failed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "entry store failed" );
goto return_results;
}
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_SUCCESS;
+ send_ldap_result( op, rs );
/* marks the entry as committed, so it is added to the cache;
* otherwise it is removed from the cache, but not destroyed;
* it will be destroyed by the caller */
- rc = 0;
- cache_entry_commit( e );
+ cache_entry_commit( op->oq_add.rs_e );
return_results:;
if (p != NULL) {
cache_return_entry_w( &li->li_cache, p );
}
- if ( rc ) {
+ if ( rs->sr_err ) {
/*
* in case of error, writer lock is freed
* and entry's private data is destroyed.
* otherwise, this is done when entry is released
*/
- cache_return_entry_w( &li->li_cache, e );
+ cache_return_entry_w( &li->li_cache, op->oq_add.rs_e );
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
}
- return( rc );
+ return( rs->sr_err );
}
int
ldbm_back_bind(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- int method,
- struct berval *cred,
- struct berval *edn
-)
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
Entry *e;
Attribute *a;
int rc;
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ENTRY,
- "ldbm_back_bind: dn: %s.\n", dn->bv_val, 0, 0 );
+ "ldbm_back_bind: dn: %s.\n", op->o_req_dn.bv_val, 0, 0 );
#else
- Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", dn->bv_val, 0, 0);
+ Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", op->o_req_dn.bv_val, 0, 0);
#endif
- dn = ndn;
+ if ( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op ) ) {
+ ber_dupbv( &op->oq_bind.rb_edn, be_root_dn( op->o_bd ) );
+ /* front end will send result */
+ return LDAP_SUCCESS;
+ }
/* grab giant lock for reading */
ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock);
/* get entry with reader lock */
- if ( (e = dn2entry_r( be, dn, &matched )) == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs = NULL;
-
+ if ( (e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
if( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
+ rs->sr_matched = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
/* allow noauth binds */
rc = 1;
- if ( method == LDAP_AUTH_SIMPLE ) {
- if ( be_isroot_pw( be, conn, dn, cred ) ) {
- ber_dupbv( edn, be_root_dn( be ) );
- rc = 0; /* front end will send result */
-
- } else if ( refs != NULL ) {
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
-
- } else {
- send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
- }
-
- } else if ( refs != NULL ) {
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
-
+ if ( rs->sr_ref != NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
} else {
- send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
}
+ send_ldap_result( op, rs );
- if ( refs ) ber_bvarray_free( refs );
- if ( matched_dn ) free( matched_dn );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ if ( rs->sr_matched ) free( (char *)rs->sr_matched );
return( rc );
}
- ber_dupbv( edn, &e->e_name );
+ ber_dupbv( &op->oq_bind.rb_edn, &e->e_name );
/* check for deleted */
/* entry is an alias, don't allow bind */
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
- "ldbm_back_bind: entry (%s) is an alias.\n", e->e_dn, 0, 0 );
+ "ldbm_back_bind: entry (%s) is an alias.\n", e->e_name.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "entry is alias\n", 0,
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM,
- NULL, "entry is alias", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
+ "entry is alias" );
rc = 1;
goto return_results;
if ( is_entry_referral( e ) ) {
/* entry is a referral, don't allow bind */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
#endif
- if( refs != NULL ) {
- send_ldap_result( conn, op, LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ if( rs->sr_ref != NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
} else {
- send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
}
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
rc = 1;
goto return_results;
}
- switch ( method ) {
+ switch ( op->oq_bind.rb_method ) {
case LDAP_AUTH_SIMPLE:
- /* check for root dn/passwd */
- if ( be_isroot_pw( be, conn, dn, cred ) ) {
- /* front end will send result */
- if(edn->bv_val != NULL) free( edn->bv_val );
- ber_dupbv( edn, be_root_dn( be ) );
- rc = 0;
- goto return_results;
- }
-
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
password, NULL, ACL_AUTH, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
rc = 1;
goto return_results;
}
if ( (a = attr_find( e->e_attrs, password )) == NULL ) {
- send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
/* stop front end from sending result */
rc = 1;
goto return_results;
}
- if ( slap_passwd_check( conn, a, cred ) != 0 ) {
- send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred ) != 0 ) {
+ send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
/* stop front end from sending result */
rc = 1;
goto return_results;
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
case LDAP_AUTH_KRBV41:
- if ( krbv4_ldap_auth( be, cred, &ad ) != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ if ( krbv4_ldap_auth( op->o_bd, &op->oq_bind.rb_cred, &ad ) != LDAP_SUCCESS ) {
+ send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
rc = 1;
goto return_results;
}
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
krbattr, NULL, ACL_AUTH, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ NULL );
rc = 1;
goto return_results;
}
/*
* no krbname values present: check against DN
*/
- if ( strcasecmp( dn->bv_val, krbname ) == 0 ) {
+ if ( strcasecmp( op->o_req_dn.bv_val, krbname ) == 0 ) {
rc = 0;
break;
}
- send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
rc = 1;
goto return_results;
krbval.bv_len = strlen( krbname );
if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) {
- send_ldap_result( conn, op,
- LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs,
+ LDAP_INVALID_CREDENTIALS, NULL );
rc = 1;
goto return_results;
}
break;
case LDAP_AUTH_KRBV42:
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
- NULL, "Kerberos bind step 2 not supported",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "Kerberos bind step 2 not supported" );
/* stop front end from sending result */
rc = LDAP_UNWILLING_TO_PERFORM;
goto return_results;
#endif
default:
- send_ldap_result( conn, op, LDAP_STRONG_AUTH_NOT_SUPPORTED,
- NULL, "authentication method not supported", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_STRONG_AUTH_NOT_SUPPORTED,
+ "authentication method not supported" );
rc = 1;
goto return_results;
}
int
ldbm_back_compare(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- AttributeAssertion *ava
-)
+ Operation *op,
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
Entry *matched;
Entry *e;
Attribute *a;
- int rc;
int manageDSAit = get_manageDSAit( op );
/* grab giant lock for reading */
ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock);
/* get entry with reader lock */
- if ( (e = dn2entry_r( be, ndn, &matched )) == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs = NULL;
-
+ if ( (e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- if ( refs ) ber_bvarray_free( refs );
- free( matched_dn );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
return( 1 );
}
if (!manageDSAit && is_entry_referral( e ) ) {
/* entry is a referral, don't allow add */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
#endif
- send_ldap_result( conn, op, LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- if (refs ) ber_bvarray_free( refs );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
- rc = 1;
+ rs->sr_err = 1;
goto return_results;
}
- if ( ! access_allowed( be, conn, op, e,
- ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ) )
+ if ( ! access_allowed( op, e,
+ op->oq_compare.rs_ava->aa_desc, &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
- rc = 1;
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ NULL );
+ rs->sr_err = 1;
goto return_results;
}
- rc = LDAP_NO_SUCH_ATTRIBUTE;
+ rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
- for(a = attrs_find( e->e_attrs, ava->aa_desc );
+ for(a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
a != NULL;
- a = attrs_find( a->a_next, ava->aa_desc ))
+ a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ))
{
- rc = LDAP_COMPARE_FALSE;
+ rs->sr_err = LDAP_COMPARE_FALSE;
#ifdef SLAP_NVALUES
- if ( value_find_ex( ava->aa_desc,
+ if ( value_find_ex( op->oq_compare.rs_ava->aa_desc,
SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
- a->a_nvals, &ava->aa_value ) == 0 )
+ a->a_nvals, &op->oq_compare.rs_ava->aa_value ) == 0 )
#else
- if ( value_find( ava->aa_desc, a->a_vals, &ava->aa_value ) == 0 )
+ if ( value_find( op->oq_compare.rs_ava->aa_desc, a->a_vals, &op->oq_compare.rs_ava->aa_value ) == 0 )
#endif
{
- rc = LDAP_COMPARE_TRUE;
+ rs->sr_err = LDAP_COMPARE_TRUE;
break;
}
}
- send_ldap_result( conn, op, rc,
- NULL, NULL, NULL, NULL );
+ send_ldap_result( op, rs );
- if( rc != LDAP_NO_SUCH_ATTRIBUTE ) {
- rc = 0;
+ if( rs->sr_err != LDAP_NO_SUCH_ATTRIBUTE ) {
+ rs->sr_err = 0;
}
return_results:;
cache_return_entry_r( &li->li_cache, e );
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
- return( rc );
+ return( rs->sr_err );
}
int
ldbm_back_delete(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn
-)
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
Entry *matched;
struct berval pdn;
Entry *e, *p = NULL;
AttributeDescription *entry = slap_schema.si_ad_entry;
#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_delete: %s\n", dn->bv_val, 0, 0 );
+ LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_delete: %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
- Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", dn->bv_val, 0, 0);
+ Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", op->o_req_dn.bv_val, 0, 0);
#endif
/* grab giant lock for writing */
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
/* get entry with writer lock */
- if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs;
-
+ if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
- "ldbm_back_delete: no such object %s\n", dn->bv_val, 0, 0 );
+ "ldbm_back_delete: no such object %s\n", op->o_req_dn.bv_val, 0, 0 );
#else
Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: no such object %s\n",
- dn->bv_val, 0, 0);
+ op->o_req_dn.bv_val, 0, 0);
#endif
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- if ( refs ) ber_bvarray_free( refs );
- free( matched_dn );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
return( -1 );
}
#ifdef LDAP_CACHING
if( !op->o_caching_on ) {
#endif /* LDAP_CACHING */
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
entry, NULL, ACL_WRITE, NULL ) )
{
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_delete: no write access to entry of (%s)\n",
- dn->bv_val, 0, 0 );
+ op->o_req_dn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: no write access to entry\n", 0,
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, "no write access to entry", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ "no write access to entry" );
rc = 1;
goto return_results;
if ( !manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- if ( refs ) ber_bvarray_free( refs );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
rc = 1;
goto return_results;
}
- if ( has_children( be, e ) ) {
+ if ( has_children( op->o_bd, e ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: (%s) is a non-leaf node.\n", dn->bv_val, 0,0);
+ "ldbm_back_delete: (%s) is a non-leaf node.\n", op->o_req_dn.bv_val, 0,0);
#else
Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: non leaf %s\n",
- dn->bv_val, 0, 0);
+ op->o_req_dn.bv_val, 0, 0);
#endif
- send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF,
- NULL, "subtree delete not supported", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_NOT_ALLOWED_ON_NONLEAF,
+ "subtree delete not supported" );
goto return_results;
}
/* delete from parent's id2children entry */
- if( !be_issuffix( be, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ),
+ if( !be_issuffix( op->o_bd, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ),
pdn.bv_len) ) {
- if( (p = dn2entry_w( be, &pdn, NULL )) == NULL) {
+ if( (p = dn2entry_w( op->o_bd, &pdn, NULL )) == NULL) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: parent of (%s) does not exist\n", dn, 0, 0 );
+ "ldbm_back_delete: parent of (%s) does not exist\n", op->o_req_dn. 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: parent does not exist\n",
0, 0, 0);
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "could not locate parent of entry", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not locate parent of entry" );
goto return_results;
}
/* check parent for "children" acl */
- if ( ! access_allowed( be, conn, op, p,
+ if ( ! access_allowed( op, p,
children, NULL, ACL_WRITE, NULL ) )
{
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_delete: no access to parent of (%s)\n",
- dn->bv_val, 0, 0 );
+ op->o_req_dn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: no access to parent\n", 0,
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, "no write access to parent", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ "no write access to parent" );
goto return_results;
}
} else {
/* no parent, must be root to delete */
- if( ! be_isroot( be, &op->o_ndn ) ) {
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) {
+ if( ! be_isroot( op->o_bd, &op->o_ndn ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
p = (Entry *)&slap_entry_root;
- rc = access_allowed( be, conn, op, p,
+ rc = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
p = NULL;
"access to parent\n", 0, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, "no write access to parent", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ "no write access to parent" );
goto return_results;
}
"not root\n", 0, 0, 0);
#endif
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ NULL );
goto return_results;
}
}
#endif /* LDAP_CACHING */
/* delete from dn2id mapping */
- if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) {
+ if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: (%s) operations error\n", dn->bv_val, 0, 0 );
+ "ldbm_back_delete: (%s) operations error\n", op->o_req_dn.bv_val, 0, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- ldbm_back_delete: operations error %s\n",
- dn->bv_val, 0, 0);
+ op->o_req_dn.bv_val, 0, 0);
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "DN index delete failed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "DN index delete failed" );
goto return_results;
}
/* delete from disk and cache */
- if ( id2entry_delete( be, e ) != 0 ) {
+ if ( id2entry_delete( op->o_bd, e ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: (%s) operations error\n", dn->bv_val, 0, 0 );
+ "ldbm_back_delete: (%s) operations error\n", op->o_req_dn.bv_val, 0, 0 );
#else
Debug(LDAP_DEBUG_ARGS,
"<=- ldbm_back_delete: operations error %s\n",
- dn->bv_val, 0, 0);
+ op->o_req_dn.bv_val, 0, 0);
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "entry delete failed", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "entry delete failed" );
goto return_results;
}
/* delete attribute indices */
- (void) index_entry_del( be, e, e->e_attrs );
+ (void) index_entry_del( op->o_bd, e );
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_SUCCESS;
+ send_ldap_result( op, rs );
rc = 0;
return_results:;
int
ldbm_back_entry_release_rw(
- Backend *be,
- Connection *conn,
Operation *op,
Entry *e,
int rw
)
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
if ( slapMode == SLAP_SERVER_MODE ) {
/* free entry and reader or writer lock */
/* return LDAP_SUCCESS IFF we can retrieve the specified entry.
*/
int ldbm_back_entry_get(
- BackendDB *be,
- Connection *c,
Operation *op,
struct berval *ndn,
ObjectClass *oc,
int rw,
Entry **ent )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
Entry *e;
int rc;
const char *at_name = at->ad_cname.bv_val;
/* don't grab the giant lock - our caller has already gotten it. */
/* can we find entry */
- e = dn2entry_rw( be, ndn, NULL, rw );
+ e = dn2entry_rw( op->o_bd, ndn, NULL, rw );
if (e == NULL) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, INFO,
int
ldbm_back_extended(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char** text,
- BerVarray *refs
-)
+ Operation *op,
+ SlapReply *rs )
{
int i;
for( i=0; exop_table[i].extended != NULL; i++ ) {
- if( ber_bvcmp( exop_table[i].oid, reqoid ) == 0 ) {
- return (exop_table[i].extended)(
- be, conn, op,
- reqoid, reqdata,
- rspoid, rspdata, rspctrls,
- text, refs );
+ if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) {
+ return exop_table[i].extended( op, rs );
}
}
- *text = "not supported within naming context";
+ rs->sr_text = "not supported within naming context";
return LDAP_UNWILLING_TO_PERFORM;
}
int
index_entry(
- Backend *be,
+ Backend *be,
int op,
- Entry *e,
- Attribute *ap )
+ Entry *e )
{
+ Attribute *ap = e->e_attrs;
#ifdef NEW_LOGGING
LDAP_LOG( INDEX, ENTRY,
"index_entry: %s (%s)%ld\n", op == SLAP_INDEX_ADD_OP ? "add" : "del",
* Juan C. Gomez (gomez@engr.sgi.com) 05/18/99
*/
int ldbm_modify_internal(
- Backend *be,
- Connection *conn,
Operation *op,
- const char *dn,
Modifications *modlist,
Entry *e,
const char **text,
Attribute *ap;
#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_modify_internal: %s\n", dn, 0, 0 );
+ LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0 );
#else
- Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal: %s\n", dn, 0, 0);
+ Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0);
#endif
- if ( !acl_check_modlist( be, conn, op, e, modlist )) {
+ if ( !acl_check_modlist( op, e, modlist )) {
return LDAP_INSUFFICIENT_ACCESS;
}
}
/* check if modified attribute was indexed */
- rc = index_is_indexed( be, mod->sm_desc );
+ rc = index_is_indexed( op->o_bd, mod->sm_desc );
if ( rc == LDAP_SUCCESS ) {
ap = attr_find( save_attrs, mod->sm_desc );
if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL;
/* check that the entry still obeys the schema */
#ifndef LDAP_CACHING
- rc = entry_schema_check( be, e, save_attrs, text, textbuf, textlen );
+ rc = entry_schema_check( op->o_bd, e, save_attrs, text, textbuf, textlen );
#else /* LDAP_CACHING */
if ( !op->o_caching_on ) {
- rc = entry_schema_check( be, e, save_attrs,
+ rc = entry_schema_check( op->o_bd, e, save_attrs,
text, textbuf, textlen );
} else {
rc = LDAP_SUCCESS;
/* start with deleting the old index entries */
for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) {
if ( ap->a_flags & SLAP_ATTR_IXDEL ) {
- rc = index_values( be, ap->a_desc,
+ rc = index_values( op->o_bd, ap->a_desc,
#ifdef SLAP_NVALUES
ap->a_nvals,
#else
/* add the new index entries */
for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) {
if ( ap->a_flags & SLAP_ATTR_IXADD ) {
- rc = index_values( be, ap->a_desc,
+ rc = index_values( op->o_bd, ap->a_desc,
#ifdef SLAP_NVALUES
ap->a_nvals,
#else
int
ldbm_back_modify(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- Modifications *modlist
-)
+ SlapReply *rs )
{
- int rc;
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
Entry *matched;
Entry *e;
int manageDSAit = get_manageDSAit( op );
- const char *text = NULL;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
/* acquire and lock entry */
- if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) {
- char* matched_dn = NULL;
- BerVarray refs;
-
+ if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- if ( refs ) ber_bvarray_free( refs );
- free( matched_dn );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
return( -1 );
}
{
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
- "ldbm_back_modify: entry (%s) is referral\n", ndn->bv_val, 0, 0 );
+ "ldbm_back_modify: entry (%s) is referral\n", op->o_req_ndn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
0, 0 );
#endif
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- send_ldap_result( conn, op, LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
-
- if ( refs ) ber_bvarray_free( refs );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
goto error_return;
}
/* Modify the entry */
- rc = ldbm_modify_internal( be, conn, op, ndn->bv_val, modlist, e,
- &text, textbuf, textlen );
+ rs->sr_err = ldbm_modify_internal( op, op->oq_modify.rs_modlist, e,
+ &rs->sr_text, textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
- if( rc != SLAPD_ABANDON ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ if( rs->sr_err != SLAPD_ABANDON ) {
+ send_ldap_result( op, rs );
}
goto error_return;
}
/* change the entry itself */
- if ( id2entry_add( be, e ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "id2entry failure", NULL, NULL );
+ if ( id2entry_add( op->o_bd, e ) != 0 ) {
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "id2entry failure" );
goto error_return;
}
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_SUCCESS,
+ NULL );
cache_return_entry_w( &li->li_cache, e );
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
int
ldbm_back_modrdn(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- struct berval *newrdn,
- struct berval *nnewrdn,
- int deleteoldrdn,
- struct berval *newSuperior,
- struct berval *nnewSuperior
-)
+ SlapReply *rs )
{
AttributeDescription *children = slap_schema.si_ad_children;
AttributeDescription *entry = slap_schema.si_ad_entry;
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
struct berval p_dn, p_ndn;
struct berval new_dn = { 0, NULL}, new_ndn = { 0, NULL };
Entry *e, *p = NULL;
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ENTRY,
"ldbm_back_modrdn: dn: %s newSuperior=%s\n",
- dn->bv_len ? dn->bv_val : "NULL",
- ( newSuperior && newSuperior->bv_len ) ? newSuperior->bv_val : "NULL",0 );
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "NULL",
+ ( op->oq_modrdn.rs_newSup && op->oq_modrdn.rs_newSup->bv_len ) ? op->oq_modrdn.rs_newSup->bv_val : "NULL",0 );
#else
Debug( LDAP_DEBUG_TRACE,
"==>ldbm_back_modrdn: dn: %s newSuperior=%s\n",
- dn->bv_len ? dn->bv_val : "NULL",
- ( newSuperior && newSuperior->bv_len )
- ? newSuperior->bv_val : "NULL", 0 );
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "NULL",
+ ( op->oq_modrdn.rs_newSup && op->oq_modrdn.rs_newSup->bv_len )
+ ? op->oq_modrdn.rs_newSup->bv_val : "NULL", 0 );
#endif
/* grab giant lock for writing */
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
/* get entry with writer lock */
- if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) {
- char* matched_dn = NULL;
- BerVarray refs;
-
+ if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
if( matched != NULL ) {
- matched_dn = strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- if ( refs ) ber_bvarray_free( refs );
- free( matched_dn );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
return( -1 );
}
/* check entry for "entry" acl */
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, e,
entry, NULL, ACL_WRITE, NULL ) )
{
#ifdef NEW_LOGGING
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, "no write access to entry", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ "no write access to entry" );
goto return_results;
}
if (!manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */
- BerVarray refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
- if ( refs ) ber_bvarray_free( refs );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
goto return_results;
}
- if ( has_children( be, e ) ) {
+ if ( has_children( op->o_bd, e ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
"ldbm_back_modrdn: entry %s has children\n", e->e_dn, 0, 0 );
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF,
- NULL, "subtree rename not supported", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_NOT_ALLOWED_ON_NONLEAF,
+ "subtree rename not supported" );
goto return_results;
}
- if ( be_issuffix( be, &e->e_nname ) ) {
+ if ( be_issuffix( op->o_bd, &e->e_nname ) ) {
p_ndn = slap_empty_bv ;
} else {
dnParent( &e->e_nname, &p_ndn );
* children.
*/
- if( (p = dn2entry_w( be, &p_ndn, NULL )) == NULL) {
+ if( (p = dn2entry_w( op->o_bd, &p_ndn, NULL )) == NULL) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
"ldbm_back_modrdn: parent of %s does not exist\n",
0, 0, 0);
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "parent entry does not exist", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "parent entry does not exist" );
goto return_results;
}
/* check parent for "children" acl */
- if ( ! access_allowed( be, conn, op, p,
+ if ( ! access_allowed( op, p,
children, NULL, ACL_WRITE, NULL ) )
{
#ifdef NEW_LOGGING
0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
+ NULL );
goto return_results;
}
} else {
/* no parent, must be root to modify rdn */
- isroot = be_isroot( be, &op->o_ndn );
+ isroot = be_isroot( op->o_bd, &op->o_ndn );
if ( ! isroot ) {
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
int can_access;
p = (Entry *)&slap_entry_root;
- can_access = access_allowed( be, conn, op, p,
+ can_access = access_allowed( op, p,
children, NULL, ACL_WRITE, NULL );
p = NULL;
"access to parent\n", 0, 0, 0 );
#endif
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ NULL );
goto return_results;
}
"not root\n", 0, 0, 0);
#endif
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ NULL );
goto return_results;
}
}
new_parent_dn = &p_dn; /* New Parent unless newSuperior given */
- if ( newSuperior != NULL ) {
+ if ( op->oq_modrdn.rs_newSup != NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, DETAIL1,
"ldbm_back_modrdn: new parent \"%s\" requested\n",
- newSuperior->bv_val, 0, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"ldbm_back_modrdn: new parent \"%s\" requested...\n",
- newSuperior->bv_val, 0, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, 0, 0 );
#endif
- np_ndn = nnewSuperior;
+ np_ndn = op->oq_modrdn.rs_nnewSup;
/* newSuperior == oldParent? */
if ( dn_match( &p_ndn, np_ndn ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO, "ldbm_back_modrdn: "
"new parent\"%s\" seems to be the same as the "
- "old parent \"%s\"\n", newSuperior->bv_val, p_dn.bv_val, 0 );
+ "old parent \"%s\"\n", op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: "
"new parent\"%s\" seems to be the same as the "
"old parent \"%s\"\n",
- newSuperior->bv_val, p_dn.bv_val, 0 );
+ op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 );
#endif
- newSuperior = NULL; /* ignore newSuperior */
+ op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */
}
}
- if ( newSuperior != NULL ) {
+ if ( op->oq_modrdn.rs_newSup != NULL ) {
/* newSuperior == entry being moved?, if so ==> ERROR */
/* Get Entry with dn=newSuperior. Does newSuperior exist? */
- if ( nnewSuperior->bv_len ) {
- if( (np = dn2entry_w( be, np_ndn, NULL )) == NULL) {
+ if ( op->oq_modrdn.rs_nnewSup->bv_len ) {
+ if( (np = dn2entry_w( op->o_bd, np_ndn, NULL )) == NULL) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ERR,
"ldbm_back_modrdn: newSup(ndn=%s) not found.\n",
np_ndn->bv_val, 0, 0);
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "newSuperior not found", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "newSuperior not found" );
goto return_results;
}
#endif
/* check newSuperior for "children" acl */
- if ( !access_allowed( be, conn, op, np, children, NULL,
+ if ( !access_allowed( op, np, children, NULL,
ACL_WRITE, NULL ) )
{
#ifdef NEW_LOGGING
0, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
goto return_results;
}
#endif
- send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM,
- NULL, "newSuperior is an alias", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
+ "newSuperior is an alias" );
goto return_results;
}
np->e_dn, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "newSuperior is a referral", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "newSuperior is a referral" );
goto return_results;
}
/* no parent, must be root to modify newSuperior */
if ( isroot == -1 ) {
- isroot = be_isroot( be, &op->o_ndn );
+ isroot = be_isroot( op->o_bd, &op->o_ndn );
}
if ( ! isroot ) {
- if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
int can_access;
np = (Entry *)&slap_entry_root;
- can_access = access_allowed( be, conn, op, np,
+ can_access = access_allowed( op, np,
children, NULL, ACL_WRITE, NULL );
np = NULL;
"access to new superior\n", 0, 0, 0 );
#endif
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ NULL );
goto return_results;
}
0, 0, 0);
#endif
- send_ldap_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ NULL );
goto return_results;
}
}
0, 0, 0 );
#endif
- new_parent_dn = newSuperior;
+ new_parent_dn = op->oq_modrdn.rs_newSup;
}
/* Build target dn and make sure target entry doesn't exist already. */
- build_new_dn( &new_dn, new_parent_dn, newrdn );
+ build_new_dn( &new_dn, new_parent_dn, &op->oq_modrdn.rs_newrdn );
dnNormalize2( NULL, &new_dn, &new_ndn );
#ifdef NEW_LOGGING
goto return_results;
}
- if ( ( rc_id = dn2id ( be, &new_ndn, &id ) ) || id != NOID ) {
+ if ( ( rc_id = dn2id ( op->o_bd, &new_ndn, &id ) ) || id != NOID ) {
/* if (rc_id) something bad happened to ldbm cache */
- send_ldap_result( conn, op,
- rc_id ? LDAP_OTHER : LDAP_ALREADY_EXISTS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = rc_id ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
+ send_ldap_result( op, rs );
goto return_results;
}
/* Get attribute type and attribute value of our new rdn, we will
* need to add that to our new entry
*/
- if ( ldap_bv2rdn( newrdn, &new_rdn, (char **)&text,
+ if ( ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn, (char **)&rs->sr_text,
LDAP_DN_FORMAT_LDAP ) )
{
#ifdef NEW_LOGGING
new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 );
#endif
- if ( deleteoldrdn ) {
- if ( ldap_bv2rdn( dn, &old_rdn, (char **)&text,
+ if ( op->oq_modrdn.rs_deleteoldrdn ) {
+ if ( ldap_bv2rdn( &op->o_req_dn, &old_rdn, (char **)&rs->sr_text,
LDAP_DN_FORMAT_LDAP ) )
{
#ifdef NEW_LOGGING
0, 0, 0 );
#endif
- if ( slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn,
- deleteoldrdn, &mod ) != LDAP_SUCCESS ) {
+ if ( slap_modrdn2mods( op, rs, e, old_rdn, new_rdn, &mod ) != LDAP_SUCCESS ) {
goto return_results;
}
}
/* delete old one */
- if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "DN index delete fail", NULL, NULL );
+ if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) {
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "DN index delete fail" );
goto return_results;
}
*/
/* add new one */
- if ( dn2id_add( be, &e->e_nname, e->e_id ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "DN index add failed", NULL, NULL );
+ if ( dn2id_add( op->o_bd, &e->e_nname, e->e_id ) != 0 ) {
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "DN index add failed" );
goto return_results;
}
/* modify memory copy of entry */
- rc_id = ldbm_modify_internal( be, conn, op, dn->bv_val, &mod[0], e,
- &text, textbuf, textlen );
+ rc_id = ldbm_modify_internal( op, &mod[0], e,
+ &rs->sr_text, textbuf, textlen );
switch ( rc_id ) {
case LDAP_SUCCESS:
break;
case SLAPD_ABANDON:
/* too late ... */
- send_ldap_result( conn, op, rc_id, NULL, text, NULL, NULL );
+ rs->sr_err = rc_id;
+ send_ldap_result( op, rs );
goto return_results;
default:
/* here we may try to delete the newly added dn */
- if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) {
+ if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) {
/* we already are in trouble ... */
;
}
(void) cache_update_entry( &li->li_cache, e );
/* id2entry index */
- if ( id2entry_add( be, e ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "entry update failed", NULL, NULL );
+ if ( id2entry_add( op->o_bd, e ) != 0 ) {
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "entry update failed" );
goto return_results;
}
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_SUCCESS;
+ send_ldap_result( op, rs );
rc = 0;
cache_entry_commit( e );
*/
int
ldbm_back_hasSubordinates(
- BackendDB *be,
- Connection *conn,
Operation *op,
Entry *e,
int *hasSubordinates )
{
- if ( has_children( be, e ) ) {
+ if ( has_children( op->o_bd, e ) ) {
*hasSubordinates = LDAP_COMPARE_TRUE;
} else {
*/
int
ldbm_back_operational(
- BackendDB *be,
- Connection *conn,
Operation *op,
- Entry *e,
- AttributeName *attrs,
+ SlapReply *rs,
int opattrs,
Attribute **a )
{
Attribute **aa = a;
- assert( e );
+ assert( rs->sr_entry );
- if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, attrs ) ) {
+ if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, rs->sr_attrs ) ) {
int hs;
- hs = has_children( be, e );
+ hs = has_children( op->o_bd, rs->sr_entry );
*aa = slap_operational_hasSubordinate( hs );
if ( *aa != NULL ) {
aa = &(*aa)->a_next;
int
ldbm_back_exop_passwd(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char **text,
- BerVarray *refs
-)
+ Operation *op,
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
int rc;
Entry *e = NULL;
struct berval hash = { 0, NULL };
struct berval dn = { 0, NULL };
struct berval ndn = { 0, NULL };
- assert( reqoid != NULL );
- assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 );
+ assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 );
- rc = slap_passwd_parse( reqdata,
- &id, NULL, &new, text );
+ rc = slap_passwd_parse( op->oq_extended.rs_reqdata,
+ &id, NULL, &new, &rs->sr_text );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ENTRY,
slap_passwd_generate(&new);
if( new.bv_len == 0 ) {
- *text = "password generation failed.";
+ rs->sr_text = "password generation failed.";
rc = LDAP_OTHER;
goto done;
}
- *rspdata = slap_passwd_return( &new );
+ rs->sr_rspdata = slap_passwd_return( &new );
}
slap_passwd_hash( &new, &hash );
if( hash.bv_len == 0 ) {
- *text = "password hash failed";
+ rs->sr_text = "password hash failed";
rc = LDAP_OTHER;
goto done;
}
#endif
if( dn.bv_len == 0 ) {
- *text = "No password is associated with the Root DSE";
+ rs->sr_text = "No password is associated with the Root DSE";
rc = LDAP_UNWILLING_TO_PERFORM;
goto done;
}
rc = dnNormalize2( NULL, &dn, &ndn );
if( rc != LDAP_SUCCESS ) {
- *text = "Invalid DN";
+ rs->sr_text = "Invalid DN";
goto done;
}
/* grab giant lock for writing */
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
- e = dn2entry_w( be, &ndn, NULL );
+ e = dn2entry_w( op->o_bd, &ndn, NULL );
if( e == NULL ) {
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
- *text = "could not locate authorization entry";
+ rs->sr_text = "could not locate authorization entry";
rc = LDAP_NO_SUCH_OBJECT;
goto done;
}
if( is_entry_alias( e ) ) {
/* entry is an alias, don't allow operation */
- *text = "authorization entry is alias";
+ rs->sr_text = "authorization entry is alias";
rc = LDAP_ALIAS_PROBLEM;
goto done;
}
if( is_entry_referral( e ) ) {
/* entry is an referral, don't allow operation */
- *text = "authorization entry is referral";
+ rs->sr_text = "authorization entry is referral";
goto done;
}
ml.sml_op = LDAP_MOD_REPLACE;
ml.sml_next = NULL;
- rc = ldbm_modify_internal( be,
- conn, op, op->o_ndn.bv_val, &ml, e, text, textbuf,
+ rc = ldbm_modify_internal( op,
+ &ml, e, &rs->sr_text, textbuf,
sizeof( textbuf ) );
/* FIXME: ldbm_modify_internal may set *text = textbuf,
* which is BAD */
- if ( *text == textbuf ) {
- *text = NULL;
+ if ( rs->sr_text == textbuf ) {
+ rs->sr_text = NULL;
}
if( rc ) {
/* cannot return textbuf */
- *text = "entry modify failed";
+ rs->sr_text = "entry modify failed";
goto done;
}
/* change the entry itself */
- if( id2entry_add( be, e ) != 0 ) {
- *text = "entry update failed";
+ if( id2entry_add( op->o_bd, e ) != 0 ) {
+ rs->sr_text = "entry update failed";
rc = LDAP_OTHER;
}
if( rc == LDAP_SUCCESS ) {
- replog( be, op, &e->e_name, &e->e_nname, &ml );
+ replog( op );
}
}
/*
* entry.c
*/
-int ldbm_back_entry_release_rw LDAP_P(( Backend *be,
- Connection *conn, Operation *op,
- Entry *e, int rw ));
-
+BI_entry_release_rw ldbm_back_entry_release_rw;
BI_entry_get_rw ldbm_back_entry_get;
/*
ID id,
int op ));
-int index_entry LDAP_P(( Backend *be, int r, Entry *e, Attribute *ap ));
-#define index_entry_add(be,e,ap) index_entry((be),SLAP_INDEX_ADD_OP,(e),(ap))
-#define index_entry_del(be,e,ap) index_entry((be),SLAP_INDEX_DELETE_OP,(e),(ap))
+int index_entry LDAP_P(( Backend *be, int r, Entry *e ));
+#define index_entry_add(be,e) index_entry((be),SLAP_INDEX_ADD_OP,(e))
+#define index_entry_del(be,e) index_entry((be),SLAP_INDEX_DELETE_OP,(e))
/*
*/
/* returns LDAP error code indicating error OR SLAPD_ABANDON */
-int ldbm_modify_internal LDAP_P((Backend *be,
- Connection *conn, Operation *op,
- const char *dn, Modifications *mods, Entry *e,
+int ldbm_modify_internal LDAP_P(( Operation *op,
+ Modifications *mods, Entry *e,
const char **text, char *textbuf, size_t textlen ));
/*
int
ldbm_back_referrals(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- const char **text )
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- int rc = LDAP_SUCCESS;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
Entry *e, *matched;
if( op->o_tag == LDAP_REQ_SEARCH ) {
/* let search take care of itself */
- return rc;
+ return LDAP_SUCCESS;
}
if( get_manageDSAit( op ) ) {
/* let op take care of DSA management */
- return rc;
+ return LDAP_SUCCESS;
}
/* grab giant lock for reading */
ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock);
/* get entry with reader lock */
- e = dn2entry_r( be, ndn, &matched );
+ e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched );
if ( e == NULL ) {
- char *matched_dn = NULL;
- BerVarray refs = NULL;
-
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
+ rs->sr_matched = ch_strdup( matched->e_dn );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, DETAIL1,
"ldbm_back_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- op->o_tag, dn->bv_val, matched_dn );
+ op->o_tag, op->o_req_dn.bv_val, rs->sr_matched );
#else
Debug( LDAP_DEBUG_TRACE,
"ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- op->o_tag, dn->bv_val, matched_dn );
+ op->o_tag, op->o_req_dn.bv_val, rs->sr_matched );
#endif
if( is_entry_referral( matched ) ) {
- rc = LDAP_OTHER;
- refs = get_entry_referrals( be, conn, op, matched );
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_ref = get_entry_referrals( op, matched );
}
cache_return_entry_r( &li->li_cache, matched );
} else if ( default_referral != NULL ) {
- rc = LDAP_OTHER;
- refs = referral_rewrite( default_referral,
- NULL, dn, LDAP_SCOPE_DEFAULT );
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
- if( refs != NULL ) {
+ if( rs->sr_ref != NULL ) {
/* send referrals */
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
- ber_bvarray_free( refs );
-
- } else if ( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, matched_dn,
- matched_dn ? "bad referral object" : "bad default referral",
- NULL, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+ ber_bvarray_free( rs->sr_ref );
+
+ } else if ( rs->sr_err != LDAP_SUCCESS ) {
+ rs->sr_text = rs->sr_matched ? "bad referral object" : "bad default referral";
+ send_ldap_result( op, rs );
}
- if ( matched_dn ) free( matched_dn );
- return rc;
+ if ( rs->sr_matched ) free( (char *)rs->sr_matched );
+ return rs->sr_err;
}
if ( is_entry_referral( e ) ) {
/* entry is a referral */
- BerVarray refs = get_entry_referrals( be, conn, op, e );
- BerVarray rrefs = referral_rewrite(
- refs, &e->e_name, dn, LDAP_SCOPE_DEFAULT );
+ BerVarray refs = get_entry_referrals( op, e );
+ rs->sr_ref = referral_rewrite(
+ refs, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, DETAIL1,
"ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- op->o_tag, dn->bv_val, e->e_dn );
+ op->o_tag, op->o_req_dn.bv_val, e->e_dn );
#else
Debug( LDAP_DEBUG_TRACE,
"ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n",
- op->o_tag, dn->bv_val, e->e_dn );
+ op->o_tag, op->o_req_dn.bv_val, e->e_dn );
#endif
- if( rrefs != NULL ) {
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- e->e_dn, NULL, rrefs, NULL );
+ rs->sr_matched = e->e_name.bv_val;
+ if( rs->sr_ref != NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( rrefs );
+ ber_bvarray_free( rs->sr_ref );
} else {
- send_ldap_result( conn, op, rc = LDAP_OTHER, e->e_dn,
- "bad referral object", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "bad referral object" );
}
if( refs != NULL ) ber_bvarray_free( refs );
cache_return_entry_r( &li->li_cache, e );
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
- return rc;
+ return rs->sr_err;
}
int
ldbm_back_search(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly )
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
int rc, err;
const char *text = NULL;
time_t stoptime;
ID_BLOCK *candidates;
ID id, cursor;
Entry *e;
- BerVarray v2refs = NULL;
Entry *matched = NULL;
struct berval realbase = { 0, NULL };
- int nentries = 0;
int manageDSAit = get_manageDSAit( op );
int cscope = LDAP_SCOPE_DEFAULT;
+ int nentries = 0;
#ifdef LDAP_CACHING
Entry cache_base_entry;
ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock);
#ifndef LDAP_CACHING
- if ( nbase->bv_len == 0 ) {
+ if ( op->o_req_ndn.bv_len == 0 ) {
/* DIT root special case */
e = (Entry *) &slap_entry_root;
ber_dupbv( &realbase, &e->e_nname );
#else /* LDAP_CACHING */
- if ( op->o_caching_on || nbase->bv_len == 0 ) {
- if (nbase->bv_len == 0) {
+ if ( op->o_caching_on || op->o_req_ndn.bv_len == 0 ) {
+ if (op->o_req_ndn.bv_len == 0) {
e = (Entry *) &slap_entry_root;
/* need normalized dn below */
ber_dupbv( &realbase, &e->e_nname );
} else {
if ((scope == LDAP_SCOPE_BASE)
- && (e = dn2entry_r( be, nbase, &matched )))
+ && (e = dn2entry_r( op->o_bd, &op->o_req_ndn &matched )))
{
- candidates = base_candidate(be,e);
+ candidates = base_candidate(op->o_bd,e);
cache_return_entry_r( &li->li_cache, e );
goto searchit;
}
}
#endif /* LDAP_CACHING */
- candidates = search_candidates( be, e, filter,
- scope, deref,
+ candidates = search_candidates( op->o_bd, e, op->oq_search.rs_filter,
+ op->oq_search.rs_scope, op->oq_search.rs_deref,
manageDSAit || get_domainScope(op) );
goto searchit;
- } else if ( deref & LDAP_DEREF_FINDING ) {
+ } else if ( op->oq_search.rs_deref & LDAP_DEREF_FINDING ) {
/* deref dn and get entry with reader lock */
- e = deref_dn_r( be, nbase, &err, &matched, &text );
+ e = deref_dn_r( op->o_bd, &op->o_req_ndn, &rs->sr_err, &matched, &rs->sr_text );
- if( err == LDAP_NO_SUCH_OBJECT ) err = LDAP_REFERRAL;
+ if( rs->sr_err == LDAP_NO_SUCH_OBJECT ) rs->sr_err = LDAP_REFERRAL;
} else {
/* get entry with reader lock */
- e = dn2entry_r( be, nbase, &matched );
- err = e != NULL ? LDAP_SUCCESS : LDAP_REFERRAL;
- text = NULL;
+ e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched );
+ rs->sr_err = e != NULL ? LDAP_SUCCESS : LDAP_REFERRAL;
+ rs->sr_text = NULL;
}
if ( e == NULL ) {
struct berval matched_dn = { 0, NULL };
- BerVarray refs = NULL;
if ( matched != NULL ) {
BerVarray erefs;
ber_dupbv( &matched_dn, &matched->e_name );
erefs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
if( erefs ) {
- refs = referral_rewrite( erefs, &matched_dn,
- base, scope );
+ rs->sr_ref = referral_rewrite( erefs, &matched_dn,
+ &op->o_req_dn, op->oq_search.rs_scope );
ber_bvarray_free( erefs );
}
} else {
- refs = referral_rewrite( default_referral,
- NULL, base, scope );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, op->oq_search.rs_scope );
}
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
- send_ldap_result( conn, op, err, matched_dn.bv_val,
- text, refs, NULL );
+ rs->sr_matched = matched_dn.bv_val;
+ send_ldap_result( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
ber_memfree( matched_dn.bv_val );
return 1;
}
/* entry is a referral, don't allow add */
struct berval matched_dn;
BerVarray erefs;
- BerVarray refs;
ber_dupbv( &matched_dn, &e->e_name );
- erefs = get_entry_referrals( be, conn, op, e );
- refs = NULL;
+ erefs = get_entry_referrals( op, e );
+ rs->sr_ref = NULL;
cache_return_entry_r( &li->li_cache, e );
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
#endif
if( erefs ) {
- refs = referral_rewrite( erefs, &matched_dn,
- base, scope );
+ rs->sr_ref = referral_rewrite( erefs, &matched_dn,
+ &op->o_req_dn, op->oq_search.rs_scope );
ber_bvarray_free( erefs );
}
- if( refs ) {
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn.bv_val, NULL, refs, NULL );
- ber_bvarray_free( refs );
+ rs->sr_matched = matched_dn.bv_val;
+ if( rs->sr_ref ) {
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+ ber_bvarray_free( rs->sr_ref );
} else {
- send_ldap_result( conn, op, LDAP_OTHER,
- matched_dn.bv_val,
- "bad referral object", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "bad referral object" );
}
ber_memfree( matched_dn.bv_val );
if ( is_entry_alias( e ) ) {
/* don't deref */
- deref = LDAP_DEREF_NEVER;
+ op->oq_search.rs_deref = LDAP_DEREF_NEVER;
}
- if ( scope == LDAP_SCOPE_BASE ) {
+ if ( op->oq_search.rs_scope == LDAP_SCOPE_BASE ) {
cscope = LDAP_SCOPE_BASE;
- candidates = base_candidate( be, e );
+ candidates = base_candidate( op->o_bd, e );
} else {
- cscope = ( scope != LDAP_SCOPE_SUBTREE )
+ cscope = ( op->oq_search.rs_scope != LDAP_SCOPE_SUBTREE )
? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE;
- candidates = search_candidates( be, e, filter,
- scope, deref, manageDSAit );
+ candidates = search_candidates( op->o_bd, e, op->oq_search.rs_filter,
+ op->oq_search.rs_scope, op->oq_search.rs_deref, manageDSAit );
}
/* need normalized dn below */
}
#endif /* LDAP_CACHING */
- send_search_result( conn, op,
- LDAP_SUCCESS,
- NULL, NULL, NULL, NULL, 0 );
+ rs->sr_err = LDAP_SUCCESS;
+ send_search_result( op, rs );
#ifdef LDAP_CACHING
if ( op->o_caching_on ) {
/* if not root, get appropriate limits */
#ifndef LDAP_CACHING
- if ( be_isroot( be, &op->o_ndn ) )
+ if ( be_isroot( op->o_bd, &op->o_ndn ) )
#else /* LDAP_CACHING */
- if ( op->o_caching_on || be_isroot( be, &op->o_ndn ) )
+ if ( op->o_caching_on || be_isroot( op->o_bd, &op->o_ndn ) )
#endif /* LDAP_CACHING */
{
/*
*/
isroot = 1;
} else {
- ( void ) get_limits( be, &op->o_ndn, &limit );
+ ( void ) get_limits( op->o_bd, &op->o_ndn, &limit );
}
/* if candidates exceed to-be-checked entries, abort */
if ( !isroot && limit->lms_s_unchecked != -1 ) {
if ( ID_BLOCK_NIDS( candidates ) > (unsigned) limit->lms_s_unchecked ) {
- send_search_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL, 0 );
+ send_ldap_error( op, rs, LDAP_ADMINLIMIT_EXCEEDED,
+ NULL );
rc = 0;
goto done;
}
/* if root an no specific limit is required, allow unlimited search */
if ( isroot ) {
- if ( tlimit == 0 ) {
- tlimit = -1;
+ if ( op->oq_search.rs_tlimit == 0 ) {
+ op->oq_search.rs_tlimit = -1;
}
- if ( slimit == 0 ) {
- slimit = -1;
+ if ( op->oq_search.rs_slimit == 0 ) {
+ op->oq_search.rs_slimit = -1;
}
} else {
/* if no limit is required, use soft limit */
- if ( tlimit <= 0 ) {
- tlimit = limit->lms_t_soft;
+ if ( op->oq_search.rs_tlimit <= 0 ) {
+ op->oq_search.rs_tlimit = limit->lms_t_soft;
/* if requested limit higher than hard limit, abort */
- } else if ( tlimit > limit->lms_t_hard ) {
+ } else if ( op->oq_search.rs_tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */
if ( limit->lms_t_hard == 0
&& limit->lms_t_soft > -1
- && tlimit > limit->lms_t_soft ) {
- tlimit = limit->lms_t_soft;
+ && op->oq_search.rs_tlimit > limit->lms_t_soft ) {
+ op->oq_search.rs_tlimit = limit->lms_t_soft;
/* positive hard limit means abort */
} else if ( limit->lms_t_hard > 0 ) {
- send_search_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL, 0 );
+ NULL );
rc = 0;
goto done;
}
}
/* if no limit is required, use soft limit */
- if ( slimit <= 0 ) {
- slimit = limit->lms_s_soft;
+ if ( op->oq_search.rs_slimit <= 0 ) {
+ op->oq_search.rs_slimit = limit->lms_s_soft;
/* if requested limit higher than hard limit, abort */
- } else if ( slimit > limit->lms_s_hard ) {
+ } else if ( op->oq_search.rs_slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */
if ( limit->lms_s_hard == 0
&& limit->lms_s_soft > -1
- && slimit > limit->lms_s_soft ) {
- slimit = limit->lms_s_soft;
+ && op->oq_search.rs_slimit > limit->lms_s_soft ) {
+ op->oq_search.rs_slimit = limit->lms_s_soft;
/* positive hard limit means abort */
} else if ( limit->lms_s_hard > 0 ) {
- send_search_result( conn, op,
+ send_ldap_error( op, rs,
LDAP_ADMINLIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL, 0 );
+ NULL );
rc = 0;
goto done;
}
}
/* compute it anyway; root does not use it */
- stoptime = op->o_time + tlimit;
+ stoptime = op->o_time + op->oq_search.rs_tlimit;
+ rs->sr_attrs = op->oq_search.rs_attrs;
for ( id = idl_firstid( candidates, &cursor ); id != NOID;
id = idl_nextid( candidates, &cursor ) )
}
/* check time limit */
- if ( tlimit != -1 && slap_get_time() > stoptime ) {
- send_search_result( conn, op, LDAP_TIMELIMIT_EXCEEDED,
- NULL, NULL, v2refs, NULL, nentries );
+ if ( op->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
+ rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
+ rs->sr_nentries = nentries;
+ send_search_result( op, rs );
rc = 0;
goto done;
}
/* get the entry with reader lock */
- e = id2entry_r( be, id );
+ e = id2entry_r( op->o_bd, id );
if ( e == NULL ) {
#ifdef NEW_LOGGING
goto loop_continue;
}
+ rs->sr_entry = e;
#ifdef LDAP_CACHING
if ( !op->o_caching_on ) {
#endif /* LDAP_CACHING */
- if ( deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) {
+ if ( op->oq_search.rs_deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) {
Entry *matched;
int err;
const char *text;
- e = deref_entry_r( be, e, &err, &matched, &text );
+ e = deref_entry_r( op->o_bd, e, &err, &matched, &text );
if( e == NULL ) {
e = matched;
}
/* need to skip alias which deref into scope */
- if( scope & LDAP_SCOPE_ONELEVEL ) {
+ if( op->oq_search.rs_scope & LDAP_SCOPE_ONELEVEL ) {
struct berval pdn;
dnParent( &e->e_nname, &pdn );
if ( ber_bvcmp( &pdn, &realbase ) ) {
goto loop_continue;
}
+ rs->sr_entry = e;
+
scopeok = 1;
}
* this for non-base searches, and don't check the filter
* explicitly here since it's only a candidate anyway.
*/
- if ( !manageDSAit && scope != LDAP_SCOPE_BASE &&
+ if ( !manageDSAit && op->oq_search.rs_scope != LDAP_SCOPE_BASE &&
is_entry_referral( e ) )
{
struct berval dn;
/* check scope */
- if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) {
- if ( !be_issuffix( be, &e->e_nname ) ) {
+ if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+ if ( !be_issuffix( op->o_bd, &e->e_nname ) ) {
dnParent( &e->e_nname, &dn );
scopeok = dn_match( &dn, &realbase );
} else {
scopeok = (realbase.bv_len == 0);
}
- } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) {
+ } else if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) {
scopeok = dnIsSuffix( &e->e_nname, &realbase );
} else {
}
if( scopeok ) {
- BerVarray erefs = get_entry_referrals(
- be, conn, op, e );
- BerVarray refs = referral_rewrite( erefs,
+ BerVarray erefs = get_entry_referrals( op, e );
+ rs->sr_ref = referral_rewrite( erefs,
&e->e_name, NULL,
- scope == LDAP_SCOPE_SUBTREE
+ op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE
? LDAP_SCOPE_SUBTREE
: LDAP_SCOPE_BASE );
- send_search_reference( be, conn, op,
- e, refs, NULL, &v2refs );
+ send_search_reference( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
} else {
#ifdef NEW_LOGGING
#endif /* LDAP_CACHING */
/* if it matches the filter and scope, send it */
- result = test_filter( be, conn, op, e, filter );
+ result = test_filter( op, e, op->oq_search.rs_filter );
if ( result == LDAP_COMPARE_TRUE ) {
struct berval dn;
/* check scope */
- if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) {
- if ( !be_issuffix( be, &e->e_nname ) ) {
+ if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
+ if ( !be_issuffix( op->o_bd, &e->e_nname ) ) {
dnParent( &e->e_nname, &dn );
scopeok = dn_match( &dn, &realbase );
} else {
scopeok = (realbase.bv_len == 0);
}
- } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) {
+ } else if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) {
scopeok = dnIsSuffix( &e->e_nname, &realbase );
} else {
if ( scopeok ) {
/* check size limit */
- if ( --slimit == -1 ) {
+ if ( --op->oq_search.rs_slimit == -1 ) {
cache_return_entry_r( &li->li_cache, e );
- send_search_result( conn, op,
- LDAP_SIZELIMIT_EXCEEDED, NULL, NULL,
- v2refs, NULL, nentries );
+ rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
+ rs->sr_nentries = nentries;
+ send_search_result( op, rs );
rc = 0;
goto done;
}
}
#endif /* LDAP_CACHING */
- result = send_search_entry(be, conn, op,
- e, attrs, attrsonly, NULL);
+ result = send_search_entry( op, rs );
#ifdef LDAP_CACHING
if ( op->o_caching_on ) {
ldap_pvt_thread_yield();
}
- send_search_result( conn, op,
- v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL,
- NULL, NULL, v2refs, NULL, nentries );
+ rs->sr_err = rs->sr_v2ref ? LDAP_REFERRAL : LDAP_SUCCESS;
+ rs->sr_ref = rs->sr_v2ref;
+ rs->sr_nentries = nentries;
+ send_search_result( op, rs );
rc = 0;
if( candidates != NULL )
idl_free( candidates );
- if( v2refs ) ber_bvarray_free( v2refs );
+ if( rs->sr_v2ref ) ber_bvarray_free( rs->sr_v2ref );
if( realbase.bv_val ) free( realbase.bv_val );
return rc;
return NOID;
}
- rc = index_entry_add( be, e, e->e_attrs );
+ rc = index_entry_add( be, e );
if( rc != 0 ) {
strncpy( text->bv_val, "index add failed", text->bv_len );
return NOID;
#endif
dn2id_add( be, &e->e_nname, e->e_id );
- rc = index_entry_add( be, e, e->e_attrs );
+ rc = index_entry_add( be, e );
entry_free( e );
int
passwd_back_search(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly
-)
+ SlapReply *rs )
{
struct passwd *pw;
Entry *e;
time_t stoptime;
int sent = 0;
- int err = LDAP_SUCCESS;
LDAPRDN *rdn = NULL;
struct berval parent = { 0, NULL };
- char *matched = NULL;
- const char *text = NULL;
AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass;
- tlimit = (tlimit > be->be_timelimit || tlimit < 1) ? be->be_timelimit
- : tlimit;
- stoptime = op->o_time + tlimit;
- slimit = (slimit > be->be_sizelimit || slimit < 1) ? be->be_sizelimit
- : slimit;
+ op->oq_search.rs_tlimit = (op->oq_search.rs_tlimit > op->o_bd->be_timelimit || op->oq_search.rs_tlimit < 1) ? op->o_bd->be_timelimit
+ : op->oq_search.rs_tlimit;
+ stoptime = op->o_time + op->oq_search.rs_tlimit;
+ op->oq_search.rs_slimit = (op->oq_search.rs_slimit > op->o_bd->be_sizelimit || op->oq_search.rs_slimit < 1) ? op->o_bd->be_sizelimit
+ : op->oq_search.rs_slimit;
/* Handle a query for the base of this backend */
- if ( be_issuffix( be, nbase ) ) {
+ if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
struct berval vals[2];
vals[1].bv_val = NULL;
- matched = (char *) base;
+ rs->sr_matched = op->o_req_dn.bv_val;
- if( scope != LDAP_SCOPE_ONELEVEL ) {
+ if( op->oq_search.rs_scope != LDAP_SCOPE_ONELEVEL ) {
AttributeDescription *desc = NULL;
/* Create an entry corresponding to the base DN */
e = (Entry *) ch_calloc(1, sizeof(Entry));
- e->e_name.bv_val = ch_strdup( base->bv_val );
- e->e_name.bv_len = base->bv_len;
- e->e_nname.bv_val = ch_strdup( nbase->bv_val );
- e->e_nname.bv_len = nbase->bv_len;
+ e->e_name.bv_val = ch_strdup( op->o_req_dn.bv_val );
+ e->e_name.bv_len = op->o_req_dn.bv_len;
+ e->e_nname.bv_val = ch_strdup( op->o_req_ndn.bv_val );
+ e->e_nname.bv_len = op->o_req_ndn.bv_len;
e->e_attrs = NULL;
e->e_private = NULL;
/* Use the first attribute of the DN
* as an attribute within the entry itself.
*/
- if( ldap_bv2rdn( base, &rdn, (char **)&text,
+ if( ldap_bv2rdn( &op->o_req_dn, &rdn, (char **)&rs->sr_text,
LDAP_DN_FORMAT_LDAP ) )
{
- err = LDAP_INVALID_DN_SYNTAX;
+ rs->sr_err = LDAP_INVALID_DN_SYNTAX;
goto done;
}
- if( slap_bv2ad( &rdn[0][0]->la_attr, &desc, &text )) {
- err = LDAP_NO_SUCH_OBJECT;
+ if( slap_bv2ad( &rdn[0][0]->la_attr, &desc, &rs->sr_text )) {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
ldap_rdnfree(rdn);
goto done;
}
vals[0].bv_len = sizeof("organizationalUnit")-1;
attr_mergeit( e, ad_objectClass, vals );
- if ( test_filter( be, conn, op, e, filter ) == LDAP_COMPARE_TRUE ) {
- send_search_entry( be, conn, op,
- e, attrs, attrsonly, NULL );
+ if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) {
+ rs->sr_entry = e;
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry( op, rs );
sent++;
}
}
- if ( scope != LDAP_SCOPE_BASE ) {
+ if ( op->oq_search.rs_scope != LDAP_SCOPE_BASE ) {
/* check all our "children" */
ldap_pvt_thread_mutex_lock( &passwd_mutex );
- pw_start( be );
+ pw_start( op->o_bd );
for ( pw = getpwent(); pw != NULL; pw = getpwent() ) {
/* check for abandon */
if ( op->o_abandon ) {
/* check time limit */
if ( slap_get_time() > stoptime ) {
- send_ldap_result( conn, op, LDAP_TIMELIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_TIMELIMIT_EXCEEDED, NULL );
endpwent();
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
return( 0 );
}
- if ( !(e = pw2entry( be, pw, &text )) ) {
- err = LDAP_OTHER;
+ if ( !(e = pw2entry( op->o_bd, pw, &rs->sr_text )) ) {
+ rs->sr_err = LDAP_OTHER;
endpwent();
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
goto done;
}
- if ( test_filter( be, conn, op, e, filter ) == LDAP_COMPARE_TRUE ) {
+ if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) {
/* check size limit */
- if ( --slimit == -1 ) {
- send_ldap_result( conn, op, LDAP_SIZELIMIT_EXCEEDED,
- NULL, NULL, NULL, NULL );
+ if ( --op->oq_search.rs_slimit == -1 ) {
+ send_ldap_error( op, rs, LDAP_SIZELIMIT_EXCEEDED, NULL );
endpwent();
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
return( 0 );
}
- send_search_entry( be, conn, op,
- e, attrs, attrsonly, NULL );
+ rs->sr_entry = e;
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry( op, rs );
sent++;
}
}
} else {
- if (! be_issuffix( be, nbase ) ) {
- dnParent( nbase, &parent );
+ if (! be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
+ dnParent( &op->o_req_ndn, &parent );
}
/* This backend is only one layer deep. Don't answer requests for
* anything deeper than that.
*/
- if( !be_issuffix( be, &parent ) ) {
+ if( !be_issuffix( op->o_bd, &parent ) ) {
int i;
- for( i=0; be->be_nsuffix[i].bv_val != NULL; i++ ) {
- if( dnIsSuffix( nbase, &be->be_nsuffix[i] ) ) {
- matched = be->be_suffix[i].bv_val;
+ for( i=0; op->o_bd->be_nsuffix[i].bv_val != NULL; i++ ) {
+ if( dnIsSuffix( &op->o_req_ndn, &op->o_bd->be_nsuffix[i] ) ) {
+ rs->sr_matched = op->o_bd->be_suffix[i].bv_val;
break;
}
}
- err = LDAP_NO_SUCH_OBJECT;
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
goto done;
}
- if( scope == LDAP_SCOPE_ONELEVEL ) {
+ if( op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) {
goto done;
}
- if ( ldap_bv2rdn( base, &rdn, (char **)&text,
+ if ( ldap_bv2rdn( &op->o_req_dn, &rdn, (char **)&rs->sr_text,
LDAP_DN_FORMAT_LDAP ))
{
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
goto done;
}
ldap_pvt_thread_mutex_lock( &passwd_mutex );
- pw_start( be );
+ pw_start( op->o_bd );
if ( (pw = getpwnam( rdn[0][0]->la_value.bv_val )) == NULL ) {
- matched = parent.bv_val;
- err = LDAP_NO_SUCH_OBJECT;
+ rs->sr_matched = parent.bv_val;
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
goto done;
}
- e = pw2entry( be, pw, &text );
+ e = pw2entry( op->o_bd, pw, &rs->sr_text );
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
if ( !e ) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
goto done;
}
- if ( test_filter( be, conn, op, e, filter ) == LDAP_COMPARE_TRUE ) {
- send_search_entry( be, conn, op,
- e, attrs, attrsonly, NULL );
+ if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) {
+ rs->sr_entry = e;
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry( op, rs );
sent++;
}
}
done:
- send_ldap_result( conn, op,
- err, err == LDAP_NO_SUCH_OBJECT ? matched : NULL, text,
- NULL, NULL );
+ if( rs->sr_err != LDAP_NO_SUCH_OBJECT ) rs->sr_matched = NULL;
+ rs->sr_nentries = sent;
+ send_search_result( op, rs );
if( rdn != NULL ) ldap_rdnfree( rdn );
int
shell_back_abandon(
- Backend *be,
- Connection *conn,
Operation *op,
- int msgid
-)
+ SlapReply *rs )
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
FILE *rfp, *wfp;
pid_t pid;
Operation *o;
/* no abandon command defined - just kill the process handling it */
if ( si->si_abandon == NULL ) {
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
pid = -1;
- LDAP_STAILQ_FOREACH( o, &conn->c_ops, o_next ) {
- if ( o->o_msgid == msgid ) {
+ LDAP_STAILQ_FOREACH( o, &op->o_conn->c_ops, o_next ) {
+ if ( o->o_msgid == op->oq_abandon.rs_msgid ) {
pid = (pid_t) o->o_private;
break;
}
}
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
}
if ( pid == -1 ) {
- Debug( LDAP_DEBUG_ARGS, "shell could not find op %d\n", msgid, 0, 0 );
+ Debug( LDAP_DEBUG_ARGS, "shell could not find op %d\n", op->oq_abandon.rs_msgid, 0, 0 );
return 0;
}
/* write out the request to the abandon process */
fprintf( wfp, "ABANDON\n" );
- fprintf( wfp, "msgid: %d\n", msgid );
- print_suffixes( wfp, be );
+ fprintf( wfp, "msgid: %d\n", op->oq_abandon.rs_msgid );
+ print_suffixes( wfp, op->o_bd );
fprintf( wfp, "pid: %ld\n", (long) pid );
fclose( wfp );
int
shell_back_add(
- Backend *be,
- Connection *conn,
Operation *op,
- Entry *e
-)
+ SlapReply *rs )
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
FILE *rfp, *wfp;
int len;
if ( si->si_add == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "add not implemented", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "add not implemented" );
return( -1 );
}
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, op->oq_add.rs_e,
entry, NULL, ACL_WRITE, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (op->o_private = (void *) forkandexec( si->si_add, &rfp, &wfp )) == (void *) -1 ) {
- send_ldap_result( conn, op, LDAP_OTHER, NULL,
- "could not fork/exec", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not fork/exec" );
return( -1 );
}
/* write out the request to the add process */
fprintf( wfp, "ADD\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
+ print_suffixes( wfp, op->o_bd );
ldap_pvt_thread_mutex_lock( &entry2str_mutex );
- fprintf( wfp, "%s", entry2str( e, &len ) );
+ fprintf( wfp, "%s", entry2str( op->oq_add.rs_e, &len ) );
ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
fclose( wfp );
/* read in the result and send it along */
- read_and_send_results( be, conn, op, rfp, NULL, 0 );
+ read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
int
shell_back_bind(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- int method,
- struct berval *cred,
- struct berval *edn
-)
+ SlapReply *rs )
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
int rc;
if ( si->si_bind == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "bind not implemented", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "bind not implemented" );
return( -1 );
}
e.e_id = NOID;
- e.e_name = *dn;
- e.e_nname = *ndn;
+ e.e_name = op->o_req_dn;
+ e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
- if ( ! access_allowed( be, conn, op, &e,
+ if ( ! access_allowed( op, &e,
entry, NULL, ACL_AUTH, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (op->o_private = (void *) forkandexec( si->si_bind, &rfp, &wfp ))
== (void *) -1 ) {
- send_ldap_result( conn, op, LDAP_OTHER, NULL,
- "could not fork/exec", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not fork/exec" );
return( -1 );
}
/* write out the request to the bind process */
fprintf( wfp, "BIND\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn->bv_val );
- fprintf( wfp, "method: %d\n", method );
- fprintf( wfp, "credlen: %lu\n", cred->bv_len );
- fprintf( wfp, "cred: %s\n", cred->bv_val ); /* XXX */
+ print_suffixes( wfp, op->o_bd );
+ fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
+ fprintf( wfp, "method: %d\n", op->oq_bind.rb_method );
+ fprintf( wfp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len );
+ fprintf( wfp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */
fclose( wfp );
/* read in the results and send them along */
- rc = read_and_send_results( be, conn, op, rfp, NULL, 0 );
+ rc = read_and_send_results( op, rs, rfp );
fclose( rfp );
return( rc );
int
shell_back_compare(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- AttributeAssertion *ava
-)
+ SlapReply *rs )
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
if ( si->si_compare == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "compare not implemented", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "compare not implemented" );
return( -1 );
}
e.e_id = NOID;
- e.e_name = *dn;
- e.e_nname = *ndn;
+ e.e_name = op->o_req_dn;
+ e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
- if ( ! access_allowed( be, conn, op, &e,
+ if ( ! access_allowed( op, &e,
entry, NULL, ACL_READ, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (op->o_private = (void *) forkandexec( si->si_compare, &rfp, &wfp ))
== (void *) -1 ) {
- send_ldap_result( conn, op, LDAP_OTHER, NULL,
- "could not fork/exec", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not fork/exec" );
return( -1 );
}
/* write out the request to the compare process */
fprintf( wfp, "COMPARE\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn->bv_val );
+ print_suffixes( wfp, op->o_bd );
+ fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
fprintf( wfp, "%s: %s\n",
- ava->aa_desc->ad_cname.bv_val,
- ava->aa_value.bv_val /* could be binary! */ );
+ op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val,
+ op->oq_compare.rs_ava->aa_value.bv_val /* could be binary! */ );
fclose( wfp );
/* read in the result and send it along */
- read_and_send_results( be, conn, op, rfp, NULL, 0 );
+ read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
int
shell_back_delete(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn
-)
+ SlapReply *rs )
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
if ( si->si_delete == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "delete not implemented", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "delete not implemented" );
return( -1 );
}
e.e_id = NOID;
- e.e_name = *dn;
- e.e_nname = *ndn;
+ e.e_name = op->o_req_dn;
+ e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
- if ( ! access_allowed( be, conn, op, &e,
+ if ( ! access_allowed( op, &e,
entry, NULL, ACL_WRITE, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (op->o_private = (void *) forkandexec( si->si_delete, &rfp, &wfp ))
== (void *) -1 ) {
- send_ldap_result( conn, op, LDAP_OTHER, NULL,
- "could not fork/exec", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not fork/exec" );
return( -1 );
}
/* write out the request to the delete process */
fprintf( wfp, "DELETE\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn->bv_val );
+ print_suffixes( wfp, op->o_bd );
+ fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
fclose( wfp );
/* read in the results and send them along */
- read_and_send_results( be, conn, op, rfp, NULL, 0 );
+ read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}
int
shell_back_modify(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- Modifications *ml
-)
+ SlapReply *rs )
{
Modification *mod;
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
+ Modifications *ml = op->oq_modify.rs_modlist;
Entry e;
FILE *rfp, *wfp;
int i;
if ( si->si_modify == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "modify not implemented", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "modify not implemented" );
return( -1 );
}
e.e_id = NOID;
- e.e_name = *dn;
- e.e_nname = *ndn;
+ e.e_name = op->o_req_dn;
+ e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
- if ( ! access_allowed( be, conn, op, &e,
+ if ( ! access_allowed( op, &e,
entry, NULL, ACL_WRITE, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (op->o_private = (void *) forkandexec( si->si_modify, &rfp, &wfp ))
== (void *) -1 ) {
- send_ldap_result( conn, op, LDAP_OTHER, NULL,
- "could not fork/exec", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not fork/exec" );
return( -1 );
}
/* write out the request to the modify process */
fprintf( wfp, "MODIFY\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn->bv_val );
+ print_suffixes( wfp, op->o_bd );
+ fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
for ( ; ml != NULL; ml = ml->sml_next ) {
mod = &ml->sml_mod;
fclose( wfp );
/* read in the results and send them along */
- read_and_send_results( be, conn, op, rfp, NULL, 0 );
+ read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}
int
shell_back_modrdn(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn,
- struct berval *newrdn,
- struct berval *nnewrdn,
- int deleteoldrdn,
- struct berval *newSuperior,
- struct berval *nnewSuperior
-)
+ SlapReply *rs )
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
if ( si->si_modrdn == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "modrdn not implemented", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "modrdn not implemented" );
return( -1 );
}
e.e_id = NOID;
- e.e_name = *dn;
- e.e_nname = *ndn;
+ e.e_name = op->o_req_dn;
+ e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
- if ( ! access_allowed( be, conn, op, &e,
+ if ( ! access_allowed( op, &e,
entry, NULL, ACL_WRITE, NULL ) )
{
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (op->o_private = (void *) forkandexec( si->si_modrdn, &rfp, &wfp ))
== (void *) -1 ) {
- send_ldap_result( conn, op, LDAP_OTHER, NULL,
- "could not fork/exec", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not fork/exec" );
return( -1 );
}
/* write out the request to the modrdn process */
fprintf( wfp, "MODRDN\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn->bv_val );
- fprintf( wfp, "newrdn: %s\n", newrdn->bv_val );
- fprintf( wfp, "deleteoldrdn: %d\n", deleteoldrdn ? 1 : 0 );
- if (newSuperior != NULL) {
- fprintf( wfp, "newSuperior: %s\n", newSuperior->bv_val );
+ print_suffixes( wfp, op->o_bd );
+ fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
+ fprintf( wfp, "newrdn: %s\n", op->oq_modrdn.rs_newrdn.bv_val );
+ fprintf( wfp, "deleteoldrdn: %d\n", op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 );
+ if (op->oq_modrdn.rs_newSup != NULL) {
+ fprintf( wfp, "newSuperior: %s\n", op->oq_modrdn.rs_newSup->bv_val );
}
fclose( wfp );
/* read in the results and send them along */
- read_and_send_results( be, conn, op, rfp, NULL, 0 );
+ read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}
int
read_and_send_results(
- Backend *be,
- Connection *conn,
Operation *op,
- FILE *fp,
- AttributeName *attrs,
- int attrsonly
-)
+ SlapReply *rs,
+ FILE *fp )
{
int bsize, len;
char *buf, *bp;
char line[BUFSIZ];
- Entry *e;
- int err;
- char *matched, *info;
/* read in the result and send it along */
buf = (char *) ch_malloc( BUFSIZ );
break;
}
- if ( (e = str2entry( buf )) == NULL ) {
+ if ( (rs->sr_entry = str2entry( buf )) == NULL ) {
Debug( LDAP_DEBUG_ANY, "str2entry(%s) failed\n",
buf, 0, 0 );
} else {
- send_search_entry( be, conn, op, e,
- attrs, attrsonly, NULL );
- entry_free( e );
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry( op, rs );
+ entry_free( rs->sr_entry );
}
bp = buf;
}
}
- (void) str2result( buf, &err, &matched, &info );
+ (void) str2result( buf, &rs->sr_err, (char **)&rs->sr_matched, (char **)&rs->sr_text );
/* otherwise, front end will send this result */
- if ( err != 0 || op->o_tag != LDAP_REQ_BIND ) {
- send_ldap_result( conn, op, err, matched, info, NULL, NULL );
+ if ( rs->sr_err != 0 || op->o_tag != LDAP_REQ_BIND ) {
+ send_ldap_result( op, rs );
}
free( buf );
- return( err );
+ return( rs->sr_err );
}
void
int
shell_back_search(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int size,
- int time,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly
-)
+ SlapReply *rs )
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
FILE *rfp, *wfp;
AttributeName *an;
if ( si->si_search == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "search not implemented", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "search not implemented" );
return( -1 );
}
if ( (op->o_private = (void *) forkandexec( si->si_search, &rfp, &wfp ))
== (void *) -1 ) {
- send_ldap_result( conn, op, LDAP_OTHER, NULL,
- "could not fork/exec", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "could not fork/exec" );
return( -1 );
}
/* write out the request to the search process */
fprintf( wfp, "SEARCH\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
- fprintf( wfp, "base: %s\n", base->bv_val );
- fprintf( wfp, "scope: %d\n", scope );
- fprintf( wfp, "deref: %d\n", deref );
- fprintf( wfp, "sizelimit: %d\n", size );
- fprintf( wfp, "timelimit: %d\n", time );
- fprintf( wfp, "filter: %s\n", filterstr->bv_val );
- fprintf( wfp, "attrsonly: %d\n", attrsonly ? 1 : 0 );
- fprintf( wfp, "attrs:%s", attrs == NULL ? " all" : "" );
- for ( an = attrs; an && an->an_name.bv_val; an++ ) {
+ print_suffixes( wfp, op->o_bd );
+ fprintf( wfp, "base: %s\n", op->o_req_dn.bv_val );
+ fprintf( wfp, "scope: %d\n", op->oq_search.rs_scope );
+ fprintf( wfp, "deref: %d\n", op->oq_search.rs_deref );
+ fprintf( wfp, "sizelimit: %d\n", op->oq_search.rs_slimit );
+ fprintf( wfp, "timelimit: %d\n", op->oq_search.rs_tlimit );
+ fprintf( wfp, "filter: %s\n", op->oq_search.rs_filterstr.bv_val );
+ fprintf( wfp, "attrsonly: %d\n", op->oq_search.rs_attrsonly ? 1 : 0 );
+ fprintf( wfp, "attrs:%s", op->oq_search.rs_attrs == NULL ? " all" : "" );
+ for ( an = op->oq_search.rs_attrs; an && an->an_name.bv_val; an++ ) {
fprintf( wfp, " %s", an->an_name.bv_val );
}
fprintf( wfp, "\n" );
fclose( wfp );
/* read in the results and send them along */
- read_and_send_results( be, conn, op, rfp, attrs, attrsonly );
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
struct slap_backend_db *bd));
extern int read_and_send_results LDAP_P((
- struct slap_backend_db *bd,
- struct slap_conn *conn,
struct slap_op *op,
- FILE *fp,
- AttributeName *attrs,
- int attrsonly));
+ struct slap_rep *rs,
+ FILE *fp));
LDAP_END_DECL
int
shell_back_unbind(
- Backend *be,
- Connection *conn,
- Operation *op
+ Operation *op,
+ SlapReply *rs
)
{
- struct shellinfo *si = (struct shellinfo *) be->be_private;
+ struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
FILE *rfp, *wfp;
if ( si->si_unbind == NULL ) {
/* write out the request to the unbind process */
fprintf( wfp, "UNBIND\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
- print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", (conn->c_dn.bv_len ? conn->c_dn.bv_val : "") );
+ print_suffixes( wfp, op->o_bd );
+ fprintf( wfp, "dn: %s\n", (op->o_conn->c_dn.bv_len ? op->o_conn->c_dn.bv_val : "") );
fclose( wfp );
/* no response to unbind */
int
tcl_back_abandon (
- Backend * be,
- Connection * conn,
Operation * op,
- int msgid
+ SlapReply * rs
)
{
char *results, *command;
struct berval suf_tcl;
int code, err = 0;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
if (ti->ti_abandon.bv_len == 0) {
return (-1);
}
- if (tcl_merge_bvlist(be->be_suffix, &suf_tcl) == NULL) {
+ if (tcl_merge_bvlist(op->o_bd->be_suffix, &suf_tcl) == NULL) {
return (-1);
}
+ 80);
sprintf (command, "%s ABANDON {%ld/%ld} {%s} {%ld/%d}",
ti->ti_abandon.bv_val, op->o_connid, (long) op->o_msgid,
- suf_tcl.bv_val, op->o_connid, msgid);
+ suf_tcl.bv_val, op->o_connid, op->oq_abandon.rs_msgid);
Tcl_Free (suf_tcl.bv_val);
ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex);
int
tcl_back_add (
- Backend * be,
- Connection * conn,
Operation * op,
- Entry * e
+ SlapReply * rs
)
{
char *command, *entrystr, *results;
struct berval suf_tcl;
- int code, err = 0;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ int code;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
if (ti->ti_add.bv_len == 0) {
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "add not implemented", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "add not implemented" );
return (-1);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
- send_ldap_result (conn, op, LDAP_OTHER, NULL,
- NULL, NULL, NULL );
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
+ send_ldap_error (op, rs, LDAP_OTHER, NULL);
return (-1);
}
- entrystr = tcl_clean_entry(e);
+ entrystr = tcl_clean_entry(op->oq_add.rs_e);
command = (char *) ch_malloc (ti->ti_add.bv_len + suf_tcl.bv_len +
strlen(entrystr) + 52);
free (command);
if (code != TCL_OK) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
Debug (LDAP_DEBUG_SHELL, "tcl_add_error: %s\n", results, 0, 0);
} else {
- interp_send_results (be, conn, op, results, NULL, 0);
+ interp_send_results (op, rs, results);
}
- if (err != LDAP_SUCCESS)
- send_ldap_result (conn, op, err, NULL,
- "internal backend error", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_text = "internal backend error";
+ send_ldap_result (op, rs);
+ }
free (results);
- return (err);
+ return (rs->sr_err);
}
);
int interp_send_results (
- Backend * be,
- Connection * conn,
Operation * op,
- char *result,
- AttributeName *attrs,
- int attrsonly
+ SlapReply * rs,
+ char *result
);
#endif
int
tcl_back_bind (
- Backend * be,
- Connection * conn,
Operation * op,
- struct berval *dn,
- struct berval *ndn,
- int method,
- struct berval *cred,
- struct berval *edn
-)
+ SlapReply * rs )
{
char *command, *results;
struct berval suf_tcl;
- int code, err = 0;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ int code;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
if (ti->ti_bind.bv_len == 0) {
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "bind not implemented", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "bind not implemented" );
return (-1);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
- send_ldap_result (conn, op, LDAP_OTHER, NULL,
- NULL, NULL, NULL );
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
+ send_ldap_error (op, rs, LDAP_OTHER, NULL );
return (-1);
}
command = (char *) ch_malloc (ti->ti_bind.bv_len + suf_tcl.bv_len +
- dn->bv_len + cred->bv_len + 84);
+ op->o_req_dn.bv_len + op->oq_bind.rb_cred.bv_len + 84);
sprintf (command, "%s BIND {%ld/%ld} {%s} {%s} {%d} {%lu} {%s}",
ti->ti_bind.bv_val, op->o_connid, (long) op->o_msgid,
suf_tcl.bv_val,
- dn->bv_val, method, cred->bv_len, cred->bv_val);
+ op->o_req_dn.bv_val, op->oq_bind.rb_method, op->oq_bind.rb_cred.bv_len, op->oq_bind.rb_cred.bv_val);
Tcl_Free (suf_tcl.bv_val);
ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex);
free (command);
if (code != TCL_OK) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
Debug (LDAP_DEBUG_SHELL, "tcl_bind_error: %s\n", results, 0, 0);
} else {
- err = interp_send_results (be, conn, op, results, NULL, 0);
+ rs->sr_err = interp_send_results (op, rs, results);
}
- if (err != LDAP_SUCCESS)
- send_ldap_result (conn, op, err, NULL,
- "internal backend error", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_text = "internal backend error";
+ send_ldap_result (op, rs);
+ }
free (results);
- return (err);
+ return (rs->sr_err);
}
int
tcl_back_compare (
- Backend * be,
- Connection * conn,
Operation * op,
- struct berval *dn,
- struct berval *ndn,
- AttributeAssertion * ava
+ SlapReply * rs
)
{
char *command, *results;
struct berval suf_tcl;
- int code, err = 0;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ int code;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
if (ti->ti_compare.bv_len == 0) {
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "compare not implemented", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "compare not implemented" );
return (-1);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
- send_ldap_result (conn, op, LDAP_OTHER, NULL,
- NULL, NULL, NULL );
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
+ send_ldap_error (op, rs, LDAP_OTHER, NULL );
return (-1);
}
command = (char *) ch_malloc (ti->ti_compare.bv_len +
- suf_tcl.bv_len + dn->bv_len + ava->aa_desc->ad_cname.bv_len +
- ava->aa_value.bv_len + 84);
+ suf_tcl.bv_len + op->o_req_dn.bv_len + op->oq_compare.rs_ava->aa_desc->ad_cname.bv_len +
+ op->oq_compare.rs_ava->aa_value.bv_len + 84);
sprintf (command, "%s COMPARE {%ld/%ld} {%s} {%s} {%s: %s}",
ti->ti_compare.bv_val, op->o_connid, (long) op->o_msgid,
- suf_tcl.bv_val, dn->bv_val,
- ava->aa_desc->ad_cname.bv_val, ava->aa_value.bv_val);
+ suf_tcl.bv_val, op->o_req_dn.bv_val,
+ op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val, op->oq_compare.rs_ava->aa_value.bv_val);
Tcl_Free (suf_tcl.bv_val);
ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex);
free (command);
if (code != TCL_OK) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
Debug (LDAP_DEBUG_SHELL, "tcl_compare_error: %s\n", results,
0, 0);
} else {
- interp_send_results (be, conn, op, results, NULL, 0);
+ interp_send_results (op, rs, results);
}
- if (err != LDAP_SUCCESS)
- send_ldap_result (conn, op, err, NULL,
- "internal backend error", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_text = "internal backend error";
+ send_ldap_result (op, rs);
+ }
free (results);
- return (err);
+ return (rs->sr_err);
}
int
tcl_back_delete (
- Backend * be,
- Connection * conn,
Operation * op,
- struct berval *dn,
- struct berval *ndn
+ SlapReply * rs
)
{
char *command, *results;
struct berval suf_tcl;
int code, err = 0;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
if (ti->ti_delete.bv_len == 0) {
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "delete not implemented", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "delete not implemented" );
return (-1);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
- send_ldap_result (conn, op, LDAP_OTHER, NULL,
- NULL, NULL, NULL );
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
+ send_ldap_error (op, rs, LDAP_OTHER, NULL);
return (-1);
}
command = (char *) ch_malloc (ti->ti_delete.bv_len + suf_tcl.bv_len
- + dn->bv_len + 84);
+ + op->o_req_dn.bv_len + 84);
sprintf (command, "%s DELETE {%ld/%ld} {%s} {%s}",
ti->ti_delete.bv_val, op->o_connid, (long) op->o_msgid,
- suf_tcl.bv_val, dn->bv_val);
+ suf_tcl.bv_val, op->o_req_dn.bv_val);
Tcl_Free (suf_tcl.bv_val);
ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex);
free (command);
if (code != TCL_OK) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
Debug (LDAP_DEBUG_SHELL, "tcl_delete_error: %s\n", results,
0, 0);
} else {
- interp_send_results (be, conn, op, results, NULL, 0);
+ interp_send_results (op, rs, results);
}
- if (err != LDAP_SUCCESS)
- send_ldap_result (conn, op, err, NULL,
- "internal backend error", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_text = "internal backend error";
+ send_ldap_result (op, rs);
+ }
free (results);
- return (err);
+ return (rs->sr_err);
}
int
tcl_back_modify (
- Backend * be,
- Connection * conn,
Operation * op,
- struct berval *dn,
- struct berval *ndn,
- Modifications * modlist
+ SlapReply * rs
)
{
char *command, *bp, *tcl_mods, *results;
struct berval suf_tcl;
- int i, code, err = 0, len, bsize;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ int i, code, len, bsize;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
+ Modifications *modlist = op->oq_modify.rs_modlist;
if (ti->ti_modify.bv_len == 0) {
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "modify not implemented", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "modify not implemented" );
return (-1);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
- send_ldap_result (conn, op, LDAP_OTHER, NULL,
- NULL, NULL, NULL );
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
+ send_ldap_error (op, rs, LDAP_OTHER, NULL);
return (-1);
}
}
command = (char *) ch_malloc (ti->ti_modify.bv_len + suf_tcl.bv_len
- + dn->bv_len + strlen (tcl_mods) + 84);
+ + op->o_req_dn.bv_len + strlen (tcl_mods) + 84);
/* This space is simply for aesthetics--\ */
sprintf (command, "%s MODIFY {%ld/%ld} {%s} {%s} { %s}",
ti->ti_modify.bv_val, op->o_connid, (long) op->o_msgid,
- suf_tcl.bv_val, dn->bv_val, tcl_mods);
+ suf_tcl.bv_val, op->o_req_dn.bv_val, tcl_mods);
Tcl_Free (suf_tcl.bv_val);
free (tcl_mods);
free (command);
if (code != TCL_OK) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
Debug (LDAP_DEBUG_SHELL, "tcl_modify_error: %s\n", results,
0, 0);
} else {
- interp_send_results (be, conn, op, results, NULL, 0);
+ interp_send_results (op, rs, results);
}
- if (err != LDAP_SUCCESS)
- send_ldap_result (conn, op, err, NULL,
- "internal backend error", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_text = "internal backend error";
+ send_ldap_result (op, rs);
+ }
free (results);
- return (err);
+ return (rs->sr_err);
}
int
tcl_back_modrdn (
- Backend * be,
- Connection * conn,
Operation * op,
- struct berval *dn,
- struct berval *ndn,
- struct berval *newrdn,
- struct berval *nnewrdn,
- int deleteoldrdn,
- struct berval *newSuperior,
- struct berval *nnewSuperior
+ SlapReply * rs
)
{
char *command, *results;
struct berval suf_tcl;
- int code, err = 0;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ int code;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
if (ti->ti_modrdn.bv_len == 0) {
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "modrdn not implemented", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "modrdn not implemented" );
return (-1);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
- send_ldap_result (conn, op, LDAP_OTHER, NULL,
- NULL, NULL, NULL );
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
+ send_ldap_error (op, rs, LDAP_OTHER, NULL);
return (-1);
}
command = (char *) ch_malloc (ti->ti_modrdn.bv_len + suf_tcl.bv_len
- + dn->bv_len + newrdn->bv_len
- + (newSuperior ? newSuperior->bv_len : 0) + 84);
- if ( newSuperior ) {
+ + op->o_req_dn.bv_len + op->oq_modrdn.rs_newrdn.bv_len
+ + (op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_len : 0) + 84);
+ if ( op->oq_modrdn.rs_newSup ) {
sprintf (command, "%s MODRDN {%ld/%ld} {%s} {%s} {%s} %d {%s}",
ti->ti_modrdn.bv_val,
op->o_connid, (long) op->o_msgid,
- suf_tcl.bv_val, dn->bv_val,
- newrdn->bv_val, deleteoldrdn ? 1 : 0,
- newSuperior->bv_val );
+ suf_tcl.bv_val, op->o_req_dn.bv_val,
+ op->oq_modrdn.rs_newrdn.bv_val, op->oq_modrdn.rs_deleteoldrdn ? 1 : 0,
+ op->oq_modrdn.rs_newSup->bv_val );
} else {
sprintf (command, "%s MODRDN {%ld} {%s} {%s} {%s} %d",
ti->ti_modrdn.bv_val, (long) op->o_msgid,
- suf_tcl.bv_val, dn->bv_val,
- newrdn->bv_val, deleteoldrdn ? 1 : 0 );
+ suf_tcl.bv_val, op->o_req_dn.bv_val,
+ op->oq_modrdn.rs_newrdn.bv_val, op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 );
}
Tcl_Free (suf_tcl.bv_val);
free (command);
if (code != TCL_OK) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
Debug (LDAP_DEBUG_SHELL, "tcl_modrdn_error: %s\n", results,
0, 0);
} else {
- interp_send_results (be, conn, op, results, NULL, 0);
+ interp_send_results (op, rs, results);
}
- if (err != LDAP_SUCCESS)
- send_ldap_result (conn, op, err, NULL,
- "internal backend error", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_text = "internal backend error";
+ send_ldap_result (op, rs);
+ }
free (results);
- return (err);
+ return (rs->sr_err);
}
int
tcl_back_search (
- Backend * be,
- Connection * conn,
Operation * op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int sizelimit,
- int timelimit,
- Filter * filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly
-)
+ SlapReply * rs )
{
char *attrs_tcl = NULL, *results, *command;
struct berval suf_tcl;
- int i, err = 0, code;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ int i, code;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
AttributeName *an;
if (ti->ti_search.bv_len == 0) {
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "search not implemented", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "search not implemented" );
return (-1);
}
- for (i = 0, an = attrs; an && an->an_name.bv_val; an++, i++);
+ for (i = 0, an = op->oq_search.rs_attrs; an && an->an_name.bv_val; an++, i++);
if (i > 0) {
char **sattrs = ch_malloc( (i+1) * sizeof(char *));
- for (i = 0, an = attrs; an->an_name.bv_val; an++, i++)
+ for (i = 0, an = op->oq_search.rs_attrs; an->an_name.bv_val; an++, i++)
sattrs[i] = an->an_name.bv_val;
sattrs[i] = NULL;
attrs_tcl = Tcl_Merge (i, sattrs);
ch_free(sattrs);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
Tcl_Free (attrs_tcl);
- send_ldap_result (conn, op, LDAP_OTHER, NULL,
- NULL, NULL, NULL );
+ send_ldap_error (op, rs, LDAP_OTHER, NULL);
return (-1);
}
command = (char *) ch_malloc (ti->ti_search.bv_len + suf_tcl.bv_len
- + base->bv_len + 60 + filterstr->bv_len +
+ + op->o_req_dn.bv_len + 60 + op->oq_search.rs_filterstr.bv_len +
(attrs_tcl == NULL ? 5 : strlen (attrs_tcl)) + 72);
sprintf (command,
"%s SEARCH {%ld/%ld} {%s} {%s} {%d} {%d} {%d} {%d} {%s} {%d} {%s}",
ti->ti_search.bv_val, op->o_connid, (long) op->o_msgid,
- suf_tcl.bv_val, base->bv_val, scope, deref,
- sizelimit, timelimit, filterstr->bv_val, attrsonly ? 1 : 0,
- attrs_tcl == NULL ? "{all}" : attrs_tcl);
+ suf_tcl.bv_val, op->o_req_dn.bv_val, op->oq_search.rs_scope, op->oq_search.rs_deref,
+ op->oq_search.rs_slimit, op->oq_search.rs_tlimit, op->oq_search.rs_filterstr.bv_val,
+ op->oq_search.rs_attrsonly ? 1 : 0, attrs_tcl == NULL ? "{all}" : attrs_tcl);
Tcl_Free (attrs_tcl);
Tcl_Free (suf_tcl.bv_val);
free (command);
if (code != TCL_OK) {
- err = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
Debug (LDAP_DEBUG_SHELL, "tcl_search_error: %s\n", results,
0, 0);
} else {
- interp_send_results (be, conn, op, results, attrs, 0);
+ interp_send_results (op, rs, results );
}
- if (err != LDAP_SUCCESS)
- send_ldap_result (conn, op, err, NULL,
- "internal backend error", NULL, NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ rs->sr_text = "internal backend error";
+ send_ldap_result (op, rs );
+ }
free (results);
- return (err);
+ return (rs->sr_err);
}
int
tcl_back_unbind (
- Backend * be,
- Connection * conn,
- Operation * op
+ Operation * op,
+ SlapReply * rs
)
{
char *command, *results;
struct berval suf_tcl;
int code, err = 0;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
if (ti->ti_unbind.bv_len == 0) {
return (-1);
}
- if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) {
+ if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) {
return (-1);
}
command = (char *) ch_malloc (ti->ti_unbind.bv_len + suf_tcl.bv_len
- + conn->c_dn.bv_len + 84);
+ + op->o_conn->c_dn.bv_len + 84);
sprintf (command, "%s UNBIND {%ld/%ld} {%s} {%s}",
ti->ti_unbind.bv_val, op->o_connid, (long) op->o_msgid,
- suf_tcl.bv_val, conn->c_dn.bv_val ? conn->c_dn.bv_val : "");
+ suf_tcl.bv_val, op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : "");
Tcl_Free (suf_tcl.bv_val);
ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex);
int
interp_send_results (
- Backend * be,
- Connection * conn,
Operation * op,
- char *result,
- AttributeName *attrs,
- int attrsonly
+ SlapReply * rs,
+ char *result
)
{
- int bsize, len, argcPtr, i, err, code;
- char *buf, *bp, **argvPtr, *line, *matched, *info;
- Entry *e;
- struct tclinfo *ti = (struct tclinfo *) be->be_private;
+ int bsize, len, argcPtr, i, code;
+ char *buf, *bp, **argvPtr, *line;
+ struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private;
/*
* read in the result and send it along
code = Tcl_SplitList (ti->ti_ii->interp, result, &argcPtr, &argvPtr);
if (code != TCL_OK) {
argcPtr = 0;
- send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "internal backend error", NULL, NULL );
+ send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "internal backend error" );
return -1;
}
for (i = 0; i < argcPtr; i++) {
if (strncasecmp (buf, "RESULT", 6) == 0) {
break;
}
- if ((e = str2entry (buf)) == NULL) {
+ if ((rs->sr_entry = str2entry (buf)) == NULL) {
Debug (LDAP_DEBUG_SHELL,
"str2entry(%s) failed\n",
buf, 0, 0);
} else {
- send_search_entry (be, conn, op, e, attrs,
- attrsonly, NULL );
- entry_free (e);
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry (op, rs);
+ entry_free (rs->sr_entry);
}
bp = buf;
}
}
- (void) str2result (buf, &err, &matched, &info);
+ (void) str2result (buf, &rs->sr_err, (char **)&rs->sr_matched, (char **)&rs->sr_text);
/*
* otherwise, front end will send this result
*/
- if (err != 0 || op->o_tag != LDAP_REQ_BIND) {
- send_ldap_result (conn, op, err, matched, info, NULL, NULL );
+ if (rs->sr_err != 0 || op->o_tag != LDAP_REQ_BIND) {
+ send_ldap_result (op, rs);
}
free (buf);
Tcl_Free ((char *) argvPtr);
- return (err);
+ return (rs->sr_err);
}
char *
}
int
-be_isroot_pw( Backend *be,
- Connection *conn,
- struct berval *ndn,
- struct berval *cred )
+be_isroot_pw( Operation *op )
{
int result;
- if ( ! be_isroot( be, ndn ) ) {
+ if ( ! be_isroot( op->o_bd, &op->o_req_ndn ) ) {
return 0;
}
- if( be->be_rootpw.bv_len == 0 ) {
+ if( op->o_bd->be_rootpw.bv_len == 0 ) {
return 0;
}
#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
ldap_pvt_thread_mutex_lock( &passwd_mutex );
#ifdef SLAPD_SPASSWD
- lutil_passwd_sasl_conn = conn->c_sasl_context;
+ lutil_passwd_sasl_conn = op->o_conn->c_sasl_context;
#endif
#endif
- result = lutil_passwd( &be->be_rootpw, cred, NULL );
+ result = lutil_passwd( &op->o_bd->be_rootpw, &op->oq_bind.rb_cred, NULL );
#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
#ifdef SLAPD_SPASSWD
int
be_entry_release_rw(
- BackendDB *be,
- Connection *conn,
Operation *op,
Entry *e,
int rw )
{
- if ( be->be_release ) {
+ if ( op->o_bd->be_release ) {
/* free and release entry from backend */
- return be->be_release( be, conn, op, e, rw );
+ return op->o_bd->be_release( op, e, rw );
} else {
/* free entry */
entry_free( e );
}
int
-backend_unbind(
- Connection *conn,
- Operation *op
-)
+backend_unbind( Operation *op, SlapReply *rs )
{
int i;
#if defined( LDAP_SLAPI )
Slapi_PBlock *pb = op->o_pb;
int rc;
- slapi_x_connection_set_pb( pb, conn );
+ slapi_x_connection_set_pb( pb, op->o_conn );
slapi_x_operation_set_pb( pb, op );
#endif /* defined( LDAP_SLAPI ) */
#endif /* defined( LDAP_SLAPI ) */
if ( backends[i].be_unbind ) {
- (*backends[i].be_unbind)( &backends[i], conn, op );
+ op->o_bd = &backends[i];
+ (*backends[i].be_unbind)( op, rs );
}
#if defined( LDAP_SLAPI )
static int
backend_check_controls(
- Backend *be,
- Connection *conn,
Operation *op,
- const char **text )
+ SlapReply *rs )
{
LDAPControl **ctrls = op->o_ctrls;
+ rs->sr_err = LDAP_SUCCESS;
- if( ctrls == NULL ) return LDAP_SUCCESS;
-
- for( ; *ctrls != NULL ; ctrls++ ) {
- if( (*ctrls)->ldctl_iscritical &&
- !ldap_charray_inlist( be->be_controls, (*ctrls)->ldctl_oid ) )
- {
- *text = "control unavailable in context";
- return LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
+ if( ctrls ) {
+ for( ; *ctrls != NULL ; ctrls++ ) {
+ if( (*ctrls)->ldctl_iscritical &&
+ !ldap_charray_inlist( op->o_bd->be_controls, (*ctrls)->ldctl_oid ) )
+ {
+ rs->sr_text = "control unavailable in context";
+ rs->sr_err = LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
+ break;
+ }
}
}
- return LDAP_SUCCESS;
+ return rs->sr_err;
}
int
backend_check_restrictions(
- Backend *be,
- Connection *conn,
Operation *op,
- struct berval *opdata,
- const char **text )
+ SlapReply *rs,
+ struct berval *opdata )
{
- int rc;
slap_mask_t restrictops;
slap_mask_t requires;
slap_mask_t opflag;
int starttls = 0;
int session = 0;
- if( be ) {
- rc = backend_check_controls( be, conn, op, text );
-
- if( rc != LDAP_SUCCESS ) {
- return rc;
+ if( op->o_bd ) {
+ if ( backend_check_controls( op, rs ) != LDAP_SUCCESS ) {
+ return rs->sr_err;
}
- restrictops = be->be_restrictops;
- requires = be->be_requires;
- ssf = &be->be_ssf_set;
+ restrictops = op->o_bd->be_restrictops;
+ requires = op->o_bd->be_requires;
+ ssf = &op->o_bd->be_ssf_set;
} else {
restrictops = global_restrictops;
opflag = 0;
break;
default:
- *text = "restrict operations internal error";
- return LDAP_OTHER;
+ rs->sr_text = "restrict operations internal error";
+ rs->sr_err = LDAP_OTHER;
+ return rs->sr_err;
}
if ( !starttls ) {
/* these checks don't apply to StartTLS */
+ rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED;
if( op->o_transport_ssf < ssf->sss_transport ) {
- *text = "transport confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "transport confidentiality required";
+ return rs->sr_err;
}
if( op->o_tls_ssf < ssf->sss_tls ) {
- *text = "TLS confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "TLS confidentiality required";
+ return rs->sr_err;
}
if( op->o_tag == LDAP_REQ_BIND && opdata == NULL ) {
/* simple bind specific check */
if( op->o_ssf < ssf->sss_simple_bind ) {
- *text = "confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "confidentiality required";
+ return rs->sr_err;
}
}
/* these checks don't apply to SASL bind */
if( op->o_sasl_ssf < ssf->sss_sasl ) {
- *text = "SASL confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "SASL confidentiality required";
+ return rs->sr_err;
}
if( op->o_ssf < ssf->sss_ssf ) {
- *text = "confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "confidentiality required";
+ return rs->sr_err;
}
}
if( updateop ) {
if( op->o_transport_ssf < ssf->sss_update_transport ) {
- *text = "transport update confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "transport update confidentiality required";
+ return rs->sr_err;
}
if( op->o_tls_ssf < ssf->sss_update_tls ) {
- *text = "TLS update confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "TLS update confidentiality required";
+ return rs->sr_err;
}
if( op->o_sasl_ssf < ssf->sss_update_sasl ) {
- *text = "SASL update confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "SASL update confidentiality required";
+ return rs->sr_err;
}
if( op->o_ssf < ssf->sss_update_ssf ) {
- *text = "update confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "update confidentiality required";
+ return rs->sr_err;
}
if( !( global_allows & SLAP_ALLOW_UPDATE_ANON ) &&
op->o_ndn.bv_len == 0 )
{
- *text = "modifications require authentication";
- return LDAP_STRONG_AUTH_REQUIRED;
+ rs->sr_text = "modifications require authentication";
+ rs->sr_err = LDAP_STRONG_AUTH_REQUIRED;
+ return rs->sr_err;
}
#ifdef SLAP_X_LISTENER_MOD
- if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IWUSR ) ) {
+ if ( op->o_conn->c_listener && ! ( op->o_conn->c_listener->sl_perms & S_IWUSR ) ) {
/* no "w" mode means readonly */
- *text = "modifications not allowed on this listener";
- return LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_text = "modifications not allowed on this listener";
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ return rs->sr_err;
}
#endif /* SLAP_X_LISTENER_MOD */
}
if( ( op->o_transport_ssf < ssf->sss_transport
&& op->o_authmech.bv_len == 0 ) || op->o_dn.bv_len == 0 )
{
- *text = "strong authentication required";
- return LDAP_STRONG_AUTH_REQUIRED;
+ rs->sr_text = "strong authentication required";
+ rs->sr_err = LDAP_STRONG_AUTH_REQUIRED;
+ return rs->sr_err;
}
}
if( requires & SLAP_REQUIRE_SASL ) {
if( op->o_authmech.bv_len == 0 || op->o_dn.bv_len == 0 ) {
- *text = "SASL authentication required";
- return LDAP_STRONG_AUTH_REQUIRED;
+ rs->sr_text = "SASL authentication required";
+ rs->sr_err = LDAP_STRONG_AUTH_REQUIRED;
+ return rs->sr_err;
}
}
if( requires & SLAP_REQUIRE_AUTHC ) {
if( op->o_dn.bv_len == 0 ) {
- *text = "authentication required";
- return LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_text = "authentication required";
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ return rs->sr_err;
}
}
if( requires & SLAP_REQUIRE_BIND ) {
int version;
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- version = conn->c_protocol;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ version = op->o_conn->c_protocol;
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
if( !version ) {
/* no bind has occurred */
- *text = "BIND required";
- return LDAP_OPERATIONS_ERROR;
+ rs->sr_text = "BIND required";
+ rs->sr_err = LDAP_OPERATIONS_ERROR;
+ return rs->sr_err;
}
}
if( requires & SLAP_REQUIRE_LDAP_V3 ) {
if( op->o_protocol < LDAP_VERSION3 ) {
/* no bind has occurred */
- *text = "operation restricted to LDAPv3 clients";
- return LDAP_OPERATIONS_ERROR;
+ rs->sr_text = "operation restricted to LDAPv3 clients";
+ rs->sr_err = LDAP_OPERATIONS_ERROR;
+ return rs->sr_err;
}
}
#ifdef SLAP_X_LISTENER_MOD
if ( !starttls && op->o_dn.bv_len == 0 ) {
- if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IXUSR ) ) {
+ if ( op->o_conn->c_listener && ! ( op->o_conn->c_listener->sl_perms & S_IXUSR ) ) {
/* no "x" mode means bind required */
- *text = "bind required on this listener";
- return LDAP_STRONG_AUTH_REQUIRED;
+ rs->sr_text = "bind required on this listener";
+ rs->sr_err = LDAP_STRONG_AUTH_REQUIRED;
+ return rs->sr_err;
}
}
if ( !starttls && !updateop ) {
- if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IRUSR ) ) {
+ if ( op->o_conn->c_listener && ! ( op->o_conn->c_listener->sl_perms & S_IRUSR ) ) {
/* no "r" mode means no read */
- *text = "read not allowed on this listener";
- return LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_text = "read not allowed on this listener";
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ return rs->sr_err;
}
}
#endif /* SLAP_X_LISTENER_MOD */
if( restrictops & opflag ) {
if( restrictops == SLAP_RESTRICT_OP_READS ) {
- *text = "read operations restricted";
+ rs->sr_text = "read operations restricted";
} else {
- *text = "operation restricted";
+ rs->sr_text = "operation restricted";
}
- return LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ return rs->sr_err;
}
- return LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
+ return rs->sr_err;
}
-int backend_check_referrals(
- Backend *be,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn )
+int backend_check_referrals( Operation *op, SlapReply *rs )
{
- int rc = LDAP_SUCCESS;
-
- if( be->be_chk_referrals ) {
- const char *text;
+ rs->sr_err = LDAP_SUCCESS;
- rc = be->be_chk_referrals( be,
- conn, op, dn, ndn, &text );
+ if( op->o_bd->be_chk_referrals ) {
+ rs->sr_err = op->o_bd->be_chk_referrals( op, rs );
- if( rc != LDAP_SUCCESS && rc != LDAP_REFERRAL ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( rs->sr_err != LDAP_SUCCESS && rs->sr_err != LDAP_REFERRAL ) {
+ send_ldap_result( op, rs );
}
}
- return rc;
+ return rs->sr_err;
}
int
be_entry_get_rw(
- Backend *be,
- Connection *conn,
Operation *op,
struct berval *ndn,
ObjectClass *oc,
int rw,
Entry **e )
{
- be = select_backend( ndn, 0, 0 );
+ Backend *be = op->o_bd;
+ int rc;
- if (be == NULL) {
- return LDAP_NO_SUCH_OBJECT;
- }
+ op->o_bd = select_backend( ndn, 0, 0 );
- if ( be->be_fetch ) {
- return be->be_fetch( be, conn, op, ndn,
+ if (op->o_bd == NULL) {
+ op->o_bd = be;
+ rc = LDAP_NO_SUCH_OBJECT;
+ } else if ( op->o_bd->be_fetch ) {
+ rc = op->o_bd->be_fetch( op, ndn,
oc, at, rw, e );
+ } else {
+ rc = LDAP_UNWILLING_TO_PERFORM;
}
-
- return LDAP_UNWILLING_TO_PERFORM;
+ op->o_bd = be;
+ return rc;
}
int
backend_group(
- Backend *be,
- Connection *conn,
Operation *op,
Entry *target,
struct berval *gr_ndn,
if ( op->o_abandon ) return SLAPD_ABANDON;
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
- for (g = conn->c_groups; g; g=g->ga_next) {
- if (g->ga_be != be || g->ga_oc != group_oc ||
+ for (g = op->o_conn->c_groups; g; g=g->ga_next) {
+ if (g->ga_be != op->o_bd || g->ga_oc != group_oc ||
g->ga_at != group_at || g->ga_len != gr_ndn->bv_len)
continue;
if (strcmp( g->ga_ndn, gr_ndn->bv_val ) == 0)
break;
}
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
if (g) {
return g->ga_res;
if ( target && dn_match( &target->e_nname, gr_ndn ) ) {
e = target;
} else {
- rc = be_entry_get_rw(be, conn, op, gr_ndn, group_oc, group_at,
- 0, &e );
+ rc = be_entry_get_rw(op, gr_ndn, group_oc, group_at, 0, &e );
}
if ( e ) {
a = attr_find( e->e_attrs, group_at );
rc = LDAP_NO_SUCH_ATTRIBUTE;
}
if (e != target ) {
- be_entry_release_r( be, conn, op, e );
+ be_entry_release_r( op, e );
}
} else {
rc = LDAP_NO_SUCH_OBJECT;
if ( op->o_tag != LDAP_REQ_BIND && !op->o_do_not_cache ) {
g = ch_malloc(sizeof(GroupAssertion) + gr_ndn->bv_len);
- g->ga_be = be;
+ g->ga_be = op->o_bd;
g->ga_oc = group_oc;
g->ga_at = group_at;
g->ga_res = rc;
g->ga_len = gr_ndn->bv_len;
strcpy(g->ga_ndn, gr_ndn->bv_val);
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- g->ga_next = conn->c_groups;
- conn->c_groups = g;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ g->ga_next = op->o_conn->c_groups;
+ op->o_conn->c_groups = g;
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
}
return rc;
int
backend_attribute(
- Backend *be,
- Connection *conn,
Operation *op,
Entry *target,
struct berval *edn,
if ( target && dn_match( &target->e_nname, edn ) ) {
e = target;
} else {
- rc = be_entry_get_rw(be, conn, op, edn, NULL, entry_at,
- 0, &e );
+ rc = be_entry_get_rw(op, edn, NULL, entry_at, 0, &e );
if ( rc != LDAP_SUCCESS ) return rc;
}
if ( a ) {
BerVarray v;
- if ( conn && op && access_allowed( be,
- conn, op, e, entry_at, NULL, ACL_AUTH,
+ if ( op->o_conn && access_allowed( op,
+ e, entry_at, NULL, ACL_AUTH,
&acl_state ) == 0 ) {
rc = LDAP_INSUFFICIENT_ACCESS;
goto freeit;
v = ch_malloc( sizeof(struct berval) * (i+1) );
for ( i=0,j=0; a->a_vals[i].bv_val; i++ ) {
- if ( conn && op && access_allowed( be,
- conn, op, e, entry_at,
+ if ( op->o_conn && access_allowed( op,
+ e, entry_at,
#ifdef SLAP_NVALUES
&a->a_nvals[i],
#else
}
}
freeit: if (e != target ) {
- be_entry_release_r( be, conn, op, e );
+ be_entry_release_r( op, e );
}
}
}
Attribute *backend_operational(
- Backend *be,
- Connection *conn,
Operation *op,
- Entry *e,
- AttributeName *attrs,
+ SlapReply *rs,
int opattrs )
{
Attribute *a = NULL, **ap = &a;
* and the backend supports specific operational attributes,
* add them to the attribute list
*/
- if ( opattrs || ( attrs &&
- ad_inlist( slap_schema.si_ad_subschemaSubentry, attrs )) ) {
- *ap = slap_operational_subschemaSubentry( be );
+ if ( opattrs || ( op->oq_search.rs_attrs &&
+ ad_inlist( slap_schema.si_ad_subschemaSubentry, op->oq_search.rs_attrs )) ) {
+ *ap = slap_operational_subschemaSubentry( op->o_bd );
ap = &(*ap)->a_next;
}
- if ( ( opattrs || attrs ) && be && be->be_operational != NULL ) {
- ( void )be->be_operational( be, conn, op, e, attrs, opattrs, ap );
+ if ( ( opattrs || op->oq_search.rs_attrs ) && op->o_bd && op->o_bd->be_operational != NULL ) {
+ ( void )op->o_bd->be_operational( op, rs, opattrs, ap );
}
return a;
static int glueMode;
static BackendDB *glueBack;
+static slap_response glue_back_response;
+static slap_sresult glue_back_sresult;
+static slap_sendentry glue_back_sendentry;
+static slap_sendreference glue_back_sendreference;
+
/* Just like select_backend, but only for our backends */
static BackendDB *
glue_back_select (
} glue_state;
static void
-glue_back_response (
- Connection *conn,
- Operation *op,
- ber_tag_t tag,
- ber_int_t msgid,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray ref,
- const char *resoid,
- struct berval *resdata,
- struct berval *sasldata,
- LDAPControl **ctrls
-)
+glue_back_response ( Operation *op, SlapReply *rs )
{
glue_state *gs = op->o_callback->sc_private;
- if (err == LDAP_SUCCESS || gs->err != LDAP_SUCCESS)
- gs->err = err;
+ if (rs->sr_err == LDAP_SUCCESS || gs->err != LDAP_SUCCESS)
+ gs->err = rs->sr_err;
if (gs->err == LDAP_SUCCESS && gs->matched) {
- free (gs->matched);
+ ch_free (gs->matched);
gs->matched = NULL;
gs->matchlen = 0;
}
- if (gs->err != LDAP_SUCCESS && matched) {
+ if (gs->err != LDAP_SUCCESS && rs->sr_matched) {
int len;
- len = strlen (matched);
+ len = strlen (rs->sr_matched);
if (len > gs->matchlen) {
if (gs->matched)
- free (gs->matched);
- gs->matched = ch_strdup (matched);
+ ch_free (gs->matched);
+ gs->matched = ch_strdup (rs->sr_matched);
gs->matchlen = len;
}
}
- if (ref) {
+ if (rs->sr_ref) {
int i, j, k;
BerVarray new;
- for (i=0; ref[i].bv_val; i++);
+ for (i=0; rs->sr_ref[i].bv_val; i++);
j = gs->nrefs;
if (!j) {
(j+i+1)*sizeof(struct berval));
}
for (k=0; k<i; j++,k++) {
- ber_dupbv( &new[j], &ref[k] );
+ ber_dupbv( &new[j], &rs->sr_ref[k] );
}
new[j].bv_val = NULL;
gs->nrefs = j;
}
static void
-glue_back_sresult (
- Connection *c,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- LDAPControl **ctrls,
- int nentries
-)
+glue_back_sresult ( Operation *op, SlapReply *rs )
{
glue_state *gs = op->o_callback->sc_private;
- gs->nentries += nentries;
- glue_back_response (c, op, 0, 0, err, matched, text, refs,
- NULL, NULL, NULL, ctrls);
+ gs->nentries += rs->sr_nentries;
+ glue_back_response( op, rs );
}
static int
-glue_back_sendentry (
- BackendDB *be,
- Connection *c,
- Operation *op,
- Entry *e,
- AttributeName *an,
- int ao,
- LDAPControl **ctrls
-)
+glue_back_sendentry ( Operation *op, SlapReply *rs )
{
slap_callback *tmp = op->o_callback;
glue_state *gs = tmp->sc_private;
- int rc;
op->o_callback = gs->prevcb;
if (op->o_callback && op->o_callback->sc_sendentry) {
- rc = op->o_callback->sc_sendentry(be, c, op, e, an, ao, ctrls);
+ rs->sr_err = op->o_callback->sc_sendentry(op, rs);
} else {
- rc = send_search_entry(be, c, op, e, an, ao, ctrls);
+ rs->sr_err = send_search_entry(op, rs);
}
op->o_callback = tmp;
- return rc;
+ return rs->sr_err;
}
static int
-glue_back_sendreference (
- BackendDB *be,
- Connection *c,
- Operation *op,
- Entry *e,
- BerVarray bv,
- LDAPControl **ctrls,
- BerVarray *v2
-)
+glue_back_sendreference ( Operation *op, SlapReply *rs )
{
slap_callback *tmp = op->o_callback;
glue_state *gs = tmp->sc_private;
- int rc;
op->o_callback = gs->prevcb;
if (op->o_callback && op->o_callback->sc_sendreference) {
- rc = op->o_callback->sc_sendreference( be, c, op, e, bv, ctrls, v2 );
+ rs->sr_err = op->o_callback->sc_sendreference( op, rs );
} else {
- rc = send_search_reference( be, c, op, e, bv, ctrls, v2 );
+ rs->sr_err = send_search_reference( op, rs );
}
op->o_callback = tmp;
- return rc;
+ return rs->sr_err;
}
static int
-glue_back_search (
- BackendDB *b0,
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly
-)
+glue_back_search ( Operation *op, SlapReply *rs )
{
+ BackendDB *b0 = op->o_bd;
glueinfo *gi = (glueinfo *) b0->bd_info;
- BackendDB *be;
- int i, rc = 0, t2limit = 0, s2limit = 0;
+ int i;
long stoptime = 0;
glue_state gs = {0, 0, 0, NULL, 0, NULL, NULL};
slap_callback cb;
+ int scope0, slimit0, tlimit0;
+ struct berval dn, ndn;
cb.sc_response = glue_back_response;
cb.sc_sresult = glue_back_sresult;
cb.sc_sendentry = glue_back_sendentry;
+ cb.sc_sendreference = glue_back_sendreference;
cb.sc_private = &gs;
gs.prevcb = op->o_callback;
- if (tlimit) {
- stoptime = slap_get_time () + tlimit;
+ if (op->oq_search.rs_tlimit) {
+ stoptime = slap_get_time () + op->oq_search.rs_tlimit;
}
- switch (scope) {
+ switch (op->oq_search.rs_scope) {
case LDAP_SCOPE_BASE:
- be = glue_back_select (b0, ndn->bv_val);
+ op->o_bd = glue_back_select (b0, op->o_req_ndn.bv_val);
- if (be && be->be_search) {
- rc = be->be_search (be, conn, op, dn, ndn, scope,
- deref, slimit, tlimit, filter, filterstr,
- attrs, attrsonly);
+ if (op->o_bd && op->o_bd->be_search) {
+ rs->sr_err = op->o_bd->be_search( op, rs );
} else {
- rc = LDAP_UNWILLING_TO_PERFORM;
- send_ldap_result (conn, op, rc, NULL,
- "No search target found", NULL, NULL);
+ send_ldap_error(op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "No search target found");
}
- return rc;
+ return rs->sr_err;
case LDAP_SCOPE_ONELEVEL:
case LDAP_SCOPE_SUBTREE:
op->o_callback = &cb;
- rc = gs.err = LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_err = gs.err = LDAP_UNWILLING_TO_PERFORM;
+ scope0 = op->oq_search.rs_scope;
+ slimit0 = op->oq_search.rs_slimit;
+ tlimit0 = op->oq_search.rs_tlimit;
+ dn = op->o_req_dn;
+ ndn = op->o_req_ndn;
/*
* Execute in reverse order, most general first
for (i = gi->nodes-1; i >= 0; i--) {
if (!gi->n[i].be || !gi->n[i].be->be_search)
continue;
- if (tlimit) {
- t2limit = stoptime - slap_get_time ();
- if (t2limit <= 0) {
- rc = gs.err = LDAP_TIMELIMIT_EXCEEDED;
+ if (tlimit0) {
+ op->oq_search.rs_tlimit = stoptime - slap_get_time ();
+ if (op->oq_search.rs_tlimit <= 0) {
+ rs->sr_err = gs.err = LDAP_TIMELIMIT_EXCEEDED;
break;
}
}
- if (slimit) {
- s2limit = slimit - gs.nentries;
- if (s2limit <= 0) {
- rc = gs.err = LDAP_SIZELIMIT_EXCEEDED;
+ if (slimit0) {
+ op->oq_search.rs_slimit = slimit0 - gs.nentries;
+ if (op->oq_search.rs_slimit <= 0) {
+ rs->sr_err = gs.err = LDAP_SIZELIMIT_EXCEEDED;
break;
}
}
- rc = 0;
+ rs->sr_err = 0;
/*
* check for abandon
*/
if (op->o_abandon) {
goto done;
}
- be = gi->n[i].be;
- if (scope == LDAP_SCOPE_ONELEVEL &&
- dn_match(&gi->n[i].pdn, ndn)) {
- rc = be->be_search (be, conn, op,
- &be->be_suffix[0], &be->be_nsuffix[0],
- LDAP_SCOPE_BASE, deref,
- s2limit, t2limit, filter, filterstr,
- attrs, attrsonly);
-
- } else if (scope == LDAP_SCOPE_SUBTREE &&
- dnIsSuffix(&be->be_nsuffix[0], ndn)) {
- rc = be->be_search (be, conn, op,
- &be->be_suffix[0], &be->be_nsuffix[0],
- scope, deref,
- s2limit, t2limit, filter, filterstr,
- attrs, attrsonly);
-
- } else if (dnIsSuffix(ndn, &be->be_nsuffix[0])) {
- rc = be->be_search (be, conn, op, dn, ndn,
- scope, deref,
- s2limit, t2limit, filter, filterstr,
- attrs, attrsonly);
+ op->o_bd = gi->n[i].be;
+ if (scope0 == LDAP_SCOPE_ONELEVEL &&
+ dn_match(&gi->n[i].pdn, &ndn)) {
+ op->oq_search.rs_scope = LDAP_SCOPE_BASE;
+ op->o_req_dn = op->o_bd->be_suffix[0];
+ op->o_req_ndn = op->o_bd->be_nsuffix[0];
+ rs->sr_err = op->o_bd->be_search(op, rs);
+
+ } else if (scope0 == LDAP_SCOPE_SUBTREE &&
+ dnIsSuffix(&op->o_bd->be_nsuffix[0], &ndn)) {
+ op->o_req_dn = op->o_bd->be_suffix[0];
+ op->o_req_ndn = op->o_bd->be_nsuffix[0];
+ rs->sr_err = op->o_bd->be_search( op, rs );
+
+ } else if (dnIsSuffix(&ndn, &op->o_bd->be_nsuffix[0])) {
+ rs->sr_err = op->o_bd->be_search( op, rs );
}
switch ( gs.err ) {
}
}
end_of_loop:;
+ op->oq_search.rs_scope = scope0;
+ op->oq_search.rs_slimit = slimit0;
+ op->oq_search.rs_tlimit = tlimit0;
+ op->o_req_dn = dn;
+ op->o_req_ndn = ndn;
+
break;
}
op->o_callback = gs.prevcb;
+ rs->sr_err = gs.err;
+ rs->sr_matched = gs.matched;
+ rs->sr_ref = gs.refs;
+ rs->sr_nentries = gs.nentries;
- send_search_result (conn, op, gs.err, gs.matched, NULL,
- gs.refs, NULL, gs.nentries);
+ send_search_result( op, rs );
done:
+ op->o_bd = b0;
if (gs.matched)
free (gs.matched);
if (gs.refs)
ber_bvarray_free(gs.refs);
- return rc;
+ return rs->sr_err;
}
int
do_bind(
- Connection *conn,
- Operation *op
+ Operation *op,
+ SlapReply *rs
)
{
BerElement *ber = op->o_ber;
ber_tag_t method;
struct berval mech = { 0, NULL };
struct berval dn = { 0, NULL };
- struct berval pdn = { 0, NULL };
- struct berval ndn = { 0, NULL };
- struct berval edn = { 0, NULL };
ber_tag_t tag;
- int rc = LDAP_SUCCESS;
- const char *text;
- struct berval cred = { 0, NULL };
- Backend *be = NULL;
+ Backend *be;
#ifdef LDAP_SLAPI
Slapi_PBlock *pb = op->o_pb;
#endif
#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, ENTRY, "do_bind: conn %d\n", conn->c_connid, 0, 0 );
+ LDAP_LOG( OPERATION, ENTRY, "do_bind: conn %d\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_bind\n", 0, 0, 0 );
#endif
/*
* Force to connection to "anonymous" until bind succeeds.
*/
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- if ( conn->c_sasl_bind_in_progress ) be = conn->c_authz_backend;
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ if ( op->o_conn->c_sasl_bind_in_progress ) be = op->o_conn->c_authz_backend;
/* log authorization identity demotion */
- if ( conn->c_dn.bv_len ) {
+ if ( op->o_conn->c_dn.bv_len ) {
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu BIND anonymous mech=implicit ssf=0",
op->o_connid, op->o_opid, 0, 0, 0 );
}
- connection2anonymous( conn );
- if ( conn->c_sasl_bind_in_progress ) conn->c_authz_backend = be;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ connection2anonymous( op->o_conn );
+ if ( op->o_conn->c_sasl_bind_in_progress ) op->o_conn->c_authz_backend = be;
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
if ( op->o_dn.bv_val != NULL ) {
free( op->o_dn.bv_val );
if ( tag == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_bind: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 );
+ "do_bind: conn %d ber_scanf failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "bind: ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ rs->sr_err = -1;
goto cleanup;
}
op->o_protocol = version;
if( method != LDAP_AUTH_SASL ) {
- tag = ber_scanf( ber, /*{*/ "m}", &cred );
+ tag = ber_scanf( ber, /*{*/ "m}", &op->oq_bind.rb_cred );
} else {
- tag = ber_scanf( ber, "{o" /*}*/, &mech );
+ tag = ber_scanf( ber, "{m" /*}*/, &mech );
if ( tag != LBER_ERROR ) {
ber_len_t len;
tag = ber_peek_tag( ber, &len );
if ( tag == LDAP_TAG_LDAPCRED ) {
- tag = ber_scanf( ber, "m", &cred );
+ tag = ber_scanf( ber, "m", &op->oq_bind.rb_cred );
} else {
tag = LDAP_TAG_LDAPCRED;
- cred.bv_val = NULL;
- cred.bv_len = 0;
+ op->oq_bind.rb_cred.bv_val = NULL;
+ op->oq_bind.rb_cred.bv_len = 0;
}
if ( tag != LBER_ERROR ) {
}
if ( tag == LBER_ERROR ) {
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR,
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR,
"decoding error" );
- rc = SLAPD_DISCONNECT;
+ rs->sr_err = SLAPD_DISCONNECT;
goto cleanup;
}
- if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
- "do_bind: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 );
+ "do_bind: conn %d get_ctrls failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_bind: get_ctrls failed\n", 0, 0, 0 );
#endif
goto cleanup;
}
- rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_bind: conn %d invalid dn (%s)\n",
- conn->c_connid, dn.bv_val, 0 );
+ op->o_connid, dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY, "bind: invalid dn (%s)\n",
dn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
goto cleanup;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
"do_sasl_bind: conn %d dn (%s) mech %s\n",
- conn->c_connid, pdn.bv_val, mech.bv_val );
+ op->o_connid, op->o_req_dn.bv_val, mech.bv_val );
#else
Debug( LDAP_DEBUG_TRACE, "do_sasl_bind: dn (%s) mech %s\n",
- pdn.bv_val, mech.bv_val, NULL );
+ op->o_req_dn.bv_val, mech.bv_val, NULL );
#endif
} else {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
"do_bind: version=%ld dn=\"%s\" method=%ld\n",
- (unsigned long) version, pdn.bv_val, (unsigned long)method );
+ (unsigned long) version, op->o_req_dn.bv_val, (unsigned long)method );
#else
Debug( LDAP_DEBUG_TRACE,
"do_bind: version=%ld dn=\"%s\" method=%ld\n",
(unsigned long) version,
- pdn.bv_val, (unsigned long) method );
+ op->o_req_dn.bv_val, (unsigned long) method );
#endif
}
Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu BIND dn=\"%s\" method=%ld\n",
- op->o_connid, op->o_opid, pdn.bv_val, (unsigned long) method, 0 );
+ op->o_connid, op->o_opid, op->o_req_dn.bv_val, (unsigned long) method, 0 );
if ( version < LDAP_VERSION_MIN || version > LDAP_VERSION_MAX ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_bind: conn %d unknown version = %ld\n",
- conn->c_connid, (unsigned long)version, 0 );
+ op->o_connid, (unsigned long)version, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_bind: unknown version=%ld\n",
(unsigned long) version, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
- NULL, "requested protocol version not supported", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR,
+ "requested protocol version not supported" );
goto cleanup;
} else if (!( global_allows & SLAP_ALLOW_BIND_V2 ) &&
version < LDAP_VERSION3 )
{
- send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
- NULL, "historical protocol version requested, use LDAPv3 instead",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR,
+ "historical protocol version requested, use LDAPv3 instead" );
goto cleanup;
}
/* we set connection version regardless of whether bind succeeds
* or not.
*/
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- conn->c_protocol = version;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ op->o_conn->c_protocol = version;
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
/* check for inappropriate controls */
if( get_manageDSAit( op ) == SLAP_CRITICAL_CONTROL ) {
- send_ldap_result( conn, op,
- rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
- NULL, "manageDSAit control inappropriate",
- NULL, NULL );
+ send_ldap_error( op, rs,
+ LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
+ "manageDSAit control inappropriate" );
goto cleanup;
}
/* Set the bindop for the benefit of in-directory SASL lookups */
- conn->c_sasl_bindop = op;
+ op->o_conn->c_sasl_bindop = op;
if ( method == LDAP_AUTH_SASL ) {
- slap_ssf_t ssf = 0;
-
if ( version < LDAP_VERSION3 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_bind: conn %d sasl with LDAPv%ld\n",
- conn->c_connid, (unsigned long)version , 0 );
+ op->o_connid, (unsigned long)version , 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_bind: sasl with LDAPv%ld\n",
(unsigned long) version, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
+ send_ldap_discon( op, rs,
LDAP_PROTOCOL_ERROR, "SASL bind requires LDAPv3" );
- rc = SLAPD_DISCONNECT;
+ rs->sr_err = SLAPD_DISCONNECT;
goto cleanup;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_bind: conn %d no SASL mechanism provided\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_bind: no sasl mechanism provided\n",
0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_AUTH_METHOD_NOT_SUPPORTED,
- NULL, "no SASL mechanism provided", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_AUTH_METHOD_NOT_SUPPORTED,
+ "no SASL mechanism provided" );
goto cleanup;
}
/* check restrictions */
- rc = backend_check_restrictions( NULL, conn, op, &mech, &text );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, &mech ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- if ( conn->c_sasl_bind_in_progress ) {
- if( !bvmatch( &conn->c_sasl_bind_mech, &mech ) ) {
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ if ( op->o_conn->c_sasl_bind_in_progress ) {
+ if( !bvmatch( &op->o_conn->c_sasl_bind_mech, &mech ) ) {
/* mechanism changed between bind steps */
- slap_sasl_reset(conn);
+ slap_sasl_reset(op->o_conn);
}
} else {
- conn->c_sasl_bind_mech = mech;
- mech.bv_val = NULL;
- mech.bv_len = 0;
+ ber_dupbv(&op->o_conn->c_sasl_bind_mech, &mech);
}
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
- rc = slap_sasl_bind( conn, op,
- &pdn, &ndn,
- &cred, &edn, &ssf );
+ rs->sr_err = slap_sasl_bind( op, rs );
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- if( rc == LDAP_SUCCESS ) {
- conn->c_dn = edn;
- if( edn.bv_len != 0 ) {
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ if( rs->sr_err == LDAP_SUCCESS ) {
+ op->o_conn->c_dn = op->oq_bind.rb_edn;
+ if( op->oq_bind.rb_edn.bv_len != 0 ) {
/* edn is always normalized already */
- ber_dupbv( &conn->c_ndn, &conn->c_dn );
+ ber_dupbv( &op->o_conn->c_ndn, &op->o_conn->c_dn );
}
- conn->c_authmech = conn->c_sasl_bind_mech;
- conn->c_sasl_bind_mech.bv_val = NULL;
- conn->c_sasl_bind_mech.bv_len = 0;
- conn->c_sasl_bind_in_progress = 0;
-
- conn->c_sasl_ssf = ssf;
- if( ssf > conn->c_ssf ) {
- conn->c_ssf = ssf;
+ op->o_conn->c_authmech = op->o_conn->c_sasl_bind_mech;
+ op->o_conn->c_sasl_bind_mech.bv_val = NULL;
+ op->o_conn->c_sasl_bind_mech.bv_len = 0;
+ op->o_conn->c_sasl_bind_in_progress = 0;
+
+ op->o_conn->c_sasl_ssf = op->oq_bind.rb_ssf;
+ if( op->oq_bind.rb_ssf > op->o_conn->c_ssf ) {
+ op->o_conn->c_ssf = op->oq_bind.rb_ssf;
}
- if( conn->c_dn.bv_len != 0 ) {
+ if( op->o_conn->c_dn.bv_len != 0 ) {
ber_len_t max = sockbuf_max_incoming_auth;
- ber_sockbuf_ctrl( conn->c_sb,
+ ber_sockbuf_ctrl( op->o_conn->c_sb,
LBER_SB_OPT_SET_MAX_INCOMING, &max );
}
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu BIND dn=\"%s\" mech=%s ssf=%d\n",
op->o_connid, op->o_opid,
- conn->c_dn.bv_val ? conn->c_dn.bv_val : "<empty>",
- conn->c_authmech.bv_val, ssf );
+ op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : "<empty>",
+ op->o_conn->c_authmech.bv_val, op->oq_bind.rb_ssf );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
"do_bind: SASL/%s bind: dn=\"%s\" ssf=%d\n",
- conn->c_authmech.bv_val,
- conn->c_dn.bv_val ? conn->c_dn.bv_val : "<empty>",
- ssf );
+ op->o_conn->c_authmech.bv_val,
+ op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : "<empty>",
+ op->oq_bind.rb_ssf );
#else
Debug( LDAP_DEBUG_TRACE,
"do_bind: SASL/%s bind: dn=\"%s\" ssf=%d\n",
- conn->c_authmech.bv_val,
- conn->c_dn.bv_val ? conn->c_dn.bv_val : "<empty>",
- ssf );
+ op->o_conn->c_authmech.bv_val,
+ op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : "<empty>",
+ op->oq_bind.rb_ssf );
#endif
- } else if ( rc == LDAP_SASL_BIND_IN_PROGRESS ) {
- conn->c_sasl_bind_in_progress = 1;
+ } else if ( rs->sr_err == LDAP_SASL_BIND_IN_PROGRESS ) {
+ op->o_conn->c_sasl_bind_in_progress = 1;
} else {
- if ( conn->c_sasl_bind_mech.bv_val ) {
- free( conn->c_sasl_bind_mech.bv_val );
- conn->c_sasl_bind_mech.bv_val = NULL;
- conn->c_sasl_bind_mech.bv_len = 0;
+ if ( op->o_conn->c_sasl_bind_mech.bv_val ) {
+ free( op->o_conn->c_sasl_bind_mech.bv_val );
+ op->o_conn->c_sasl_bind_mech.bv_val = NULL;
+ op->o_conn->c_sasl_bind_mech.bv_len = 0;
}
- conn->c_sasl_bind_in_progress = 0;
+ op->o_conn->c_sasl_bind_in_progress = 0;
}
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
goto cleanup;
} else {
/* Not SASL, cancel any in-progress bind */
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
- if ( conn->c_sasl_bind_mech.bv_val != NULL ) {
- free(conn->c_sasl_bind_mech.bv_val);
- conn->c_sasl_bind_mech.bv_val = NULL;
- conn->c_sasl_bind_mech.bv_len = 0;
+ if ( op->o_conn->c_sasl_bind_mech.bv_val != NULL ) {
+ free(op->o_conn->c_sasl_bind_mech.bv_val);
+ op->o_conn->c_sasl_bind_mech.bv_val = NULL;
+ op->o_conn->c_sasl_bind_mech.bv_len = 0;
}
- conn->c_sasl_bind_in_progress = 0;
+ op->o_conn->c_sasl_bind_in_progress = 0;
- slap_sasl_reset( conn );
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ slap_sasl_reset( op->o_conn );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
}
if ( method == LDAP_AUTH_SIMPLE ) {
/* accept "anonymous" binds */
- if ( cred.bv_len == 0 || ndn.bv_len == 0 ) {
- rc = LDAP_SUCCESS;
- text = NULL;
+ if ( op->oq_bind.rb_cred.bv_len == 0 || op->o_req_ndn.bv_len == 0 ) {
+ rs->sr_err = LDAP_SUCCESS;
- if( cred.bv_len &&
+ if( op->oq_bind.rb_cred.bv_len &&
!( global_allows & SLAP_ALLOW_BIND_ANON_CRED ))
{
/* cred is not empty, disallow */
- rc = LDAP_INVALID_CREDENTIALS;
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
- } else if ( ndn.bv_len &&
+ } else if ( op->o_req_ndn.bv_len &&
!( global_allows & SLAP_ALLOW_BIND_ANON_DN ))
{
/* DN is not empty, disallow */
- rc = LDAP_UNWILLING_TO_PERFORM;
- text = "unauthenticated bind (DN with no password) disallowed";
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_text = "unauthenticated bind (DN with no password) disallowed";
} else if ( global_disallows & SLAP_DISALLOW_BIND_ANON ) {
/* disallow */
- rc = LDAP_INAPPROPRIATE_AUTH;
- text = "anonymous bind disallowed";
+ rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
+ rs->sr_text = "anonymous bind disallowed";
} else {
- rc = backend_check_restrictions( NULL, conn, op,
- &mech, &text );
+ backend_check_restrictions( op, rs, &mech );
}
/*
* we already forced connection to "anonymous",
* just need to send success
*/
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
"do_bind: conn %d v%d anonymous bind\n",
- conn->c_connid, version , 0 );
+ op->o_connid, version , 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_bind: v%d anonymous bind\n",
version, 0, 0 );
} else if ( global_disallows & SLAP_DISALLOW_BIND_SIMPLE ) {
/* disallow simple authentication */
- rc = LDAP_UNWILLING_TO_PERFORM;
- text = "unwilling to perform simple authentication";
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_text = "unwilling to perform simple authentication";
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_bind: conn %d v%d simple bind(%s) disallowed\n",
- conn->c_connid, version, ndn.bv_val );
+ op->o_connid, version, op->o_req_ndn.bv_val );
#else
Debug( LDAP_DEBUG_TRACE,
"do_bind: v%d simple bind(%s) disallowed\n",
- version, ndn.bv_val, 0 );
+ version, op->o_req_ndn.bv_val, 0 );
#endif
goto cleanup;
} else if (( global_disallows & SLAP_DISALLOW_BIND_SIMPLE_UNPROTECTED )
&& ( op->o_ssf <= 1 ))
{
- rc = LDAP_CONFIDENTIALITY_REQUIRED;
- text = "unwilling to perform simple authentication "
+ rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED;
+ rs->sr_text = "unwilling to perform simple authentication "
"without confidentilty protection";
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_bind: conn %d "
"v%d unprotected simple bind(%s) disallowed\n",
- conn->c_connid, version, ndn.bv_val );
+ op->o_connid, version, op->o_req_ndn.bv_val );
#else
Debug( LDAP_DEBUG_TRACE,
"do_bind: v%d unprotected simple bind(%s) disallowed\n",
- version, ndn.bv_val, 0 );
+ version, op->o_req_ndn.bv_val, 0 );
#endif
goto cleanup;
}
} else if ( method == LDAP_AUTH_KRBV41 || method == LDAP_AUTH_KRBV42 ) {
if ( global_disallows & SLAP_DISALLOW_BIND_KRBV4 ) {
/* disallow simple authentication */
- rc = LDAP_UNWILLING_TO_PERFORM;
- text = "unwilling to perform Kerberos V4 bind";
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_text = "unwilling to perform Kerberos V4 bind";
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
"do_bind: conn %d v%d Kerberos V4 bind\n",
- conn->c_connid, version , 0 );
+ op->o_connid, version , 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_bind: v%d Kerberos V4 bind\n",
version, 0, 0 );
#endif
} else {
- rc = LDAP_AUTH_METHOD_NOT_SUPPORTED;
- text = "unknown authentication method";
+ rs->sr_err = LDAP_AUTH_METHOD_NOT_SUPPORTED;
+ rs->sr_text = "unknown authentication method";
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_bind: conn %ld v%d unknown authentication method (%ld)\n",
- conn->c_connid, version, method );
+ op->o_connid, version, method );
#else
Debug( LDAP_DEBUG_TRACE,
"do_bind: v%d unknown authentication method (%ld)\n",
* if we don't hold it.
*/
- if ( (be = select_backend( &ndn, 0, 0 )) == NULL ) {
+ if ( (op->o_bd = select_backend( &op->o_req_ndn, 0, 0 )) == NULL ) {
if ( default_referral ) {
- BerVarray ref = referral_rewrite( default_referral,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, ref ? ref : default_referral, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( ref );
+ if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
} else {
/* noSuchObject is not allowed to be returned by bind */
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op, rs );
}
goto cleanup;
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
#if defined( LDAP_SLAPI )
- slapi_x_backend_set_pb( pb, be );
- slapi_x_connection_set_pb( pb, conn );
+ slapi_x_backend_set_pb( pb, op->o_bd );
+ slapi_x_connection_set_pb( pb, op->o_conn );
slapi_x_operation_set_pb( pb, op );
slapi_pblock_set( pb, SLAPI_BIND_TARGET, (void *)dn.bv_val );
slapi_pblock_set( pb, SLAPI_BIND_METHOD, (void *)method );
- slapi_pblock_set( pb, SLAPI_BIND_CREDENTIALS, (void *)&cred );
+ slapi_pblock_set( pb, SLAPI_BIND_CREDENTIALS, (void *)&op->oq_bind.rb_cred );
slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)(0) );
- rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_BIND_FN, pb );
- if ( rc != SLAPI_BIND_SUCCESS ) {
+ rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_BIND_FN, pb );
+ if ( rs->sr_err != SLAPI_BIND_SUCCESS ) {
/*
* Binding is a special case for SLAPI plugins. It is
* possible for a bind plugin to be successful *and*
if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&ldapRc ) != 0 )
ldapRc = LDAP_OTHER;
- edn.bv_val = NULL;
- edn.bv_len = 0;
- if ( rc != SLAPI_BIND_FAIL && ldapRc == LDAP_SUCCESS ) {
+ op->oq_bind.rb_edn.bv_val = NULL;
+ op->oq_bind.rb_edn.bv_len = 0;
+ if ( rs->sr_err != SLAPI_BIND_FAIL && ldapRc == LDAP_SUCCESS ) {
/* Set the new connection DN. */
- if ( rc != SLAPI_BIND_ANONYMOUS ) {
- slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&edn.bv_val );
+ if ( rs->sr_err != SLAPI_BIND_ANONYMOUS ) {
+ slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&op->oq_bind.rb_edn.bv_val );
}
- rc = dnPrettyNormal( NULL, &edn, &pdn, &ndn );
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- conn->c_dn = pdn;
- conn->c_ndn = ndn;
- pdn.bv_val = NULL;
- pdn.bv_len = 0;
- ndn.bv_val = NULL;
- ndn.bv_len = 0;
- if ( conn->c_dn.bv_len != 0 ) {
+ rs->sr_err = dnPrettyNormal( NULL, &op->oq_bind.rb_edn, &op->o_req_dn, &op->o_req_ndn );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ op->o_conn->c_dn = op->o_req_dn;
+ op->o_conn->c_ndn = op->o_req_ndn;
+ op->o_req_dn.bv_val = NULL;
+ op->o_req_dn.bv_len = 0;
+ op->o_req_ndn.bv_val = NULL;
+ op->o_req_ndn.bv_len = 0;
+ if ( op->o_conn->c_dn.bv_len != 0 ) {
ber_len_t max = sockbuf_max_incoming_auth;
- ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
+ ber_sockbuf_ctrl( op->o_conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
}
/* log authorization identity */
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu BIND dn=\"%s\" mech=simple (SLAPI) ssf=0\n",
op->o_connid, op->o_opid,
- conn->c_dn.bv_val, 0, 0 );
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ op->o_conn->c_dn.bv_val, 0, 0 );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_bind: Bind preoperation plugin returned %d\n",
- rc, 0, 0);
+ rs->sr_err, 0, 0);
#else
Debug(LDAP_DEBUG_TRACE, "do_bind: Bind preoperation plugin returned %d.\n",
- rc, 0, 0);
+ rs->sr_err, 0, 0);
#endif
- rc = ldapRc;
+ rs->sr_err = ldapRc;
goto cleanup;
}
#endif /* defined( LDAP_SLAPI ) */
- if ( be->be_bind ) {
- int ret;
-
- ret = (*be->be_bind)( be, conn, op,
- &pdn, &ndn, method, &cred, &edn );
+ if ( op->o_bd->be_bind ) {
+ op->oq_bind.rb_method = method;
+ rs->sr_err = (op->o_bd->be_bind)( op, rs );
- if ( ret == 0 ) {
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ if ( rs->sr_err == 0 ) {
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
- if( conn->c_authz_backend == NULL ) {
- conn->c_authz_backend = be;
+ if( op->o_conn->c_authz_backend == NULL ) {
+ op->o_conn->c_authz_backend = op->o_bd;
}
- if(edn.bv_len) {
- conn->c_dn = edn;
+ if(op->oq_bind.rb_edn.bv_len) {
+ op->o_conn->c_dn = op->oq_bind.rb_edn;
} else {
- conn->c_dn = pdn;
- pdn.bv_val = NULL;
- pdn.bv_len = 0;
+ op->o_conn->c_dn = op->o_req_dn;
+ op->o_req_dn.bv_val = NULL;
+ op->o_req_dn.bv_len = 0;
}
- conn->c_ndn = ndn;
- ndn.bv_val = NULL;
- ndn.bv_len = 0;
+ op->o_conn->c_ndn = op->o_req_ndn;
+ op->o_req_ndn.bv_val = NULL;
+ op->o_req_ndn.bv_len = 0;
- if( conn->c_dn.bv_len != 0 ) {
+ if( op->o_conn->c_dn.bv_len != 0 ) {
ber_len_t max = sockbuf_max_incoming_auth;
- ber_sockbuf_ctrl( conn->c_sb,
+ ber_sockbuf_ctrl( op->o_conn->c_sb,
LBER_SB_OPT_SET_MAX_INCOMING, &max );
}
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu BIND dn=\"%s\" mech=simple ssf=0\n",
op->o_connid, op->o_opid,
- conn->c_dn.bv_val, conn->c_authmech.bv_val, 0 );
+ op->o_conn->c_dn.bv_val, 0, 0 );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
"do_bind: v%d bind: \"%s\" to \"%s\" \n",
- version, conn->c_dn.bv_val, conn->c_dn.bv_val );
+ version, op->o_conn->c_dn.bv_val, op->o_conn->c_dn.bv_val );
#else
Debug( LDAP_DEBUG_TRACE,
"do_bind: v%d bind: \"%s\" to \"%s\"\n",
- version, dn.bv_val, conn->c_dn.bv_val );
+ version, dn.bv_val, op->o_conn->c_dn.bv_val );
#endif
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
/* send this here to avoid a race condition */
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+ send_ldap_result( op, rs );
- } else if (edn.bv_val != NULL) {
- free( edn.bv_val );
+ } else if (op->oq_bind.rb_edn.bv_val != NULL) {
+ free( op->oq_bind.rb_edn.bv_val );
}
} else {
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
#if defined( LDAP_SLAPI )
- if ( doPluginFNs( be, SLAPI_PLUGIN_POST_BIND_FN, pb ) != 0 ) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_BIND_FN, pb ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_bind: Bind postoperation plugins failed\n",
0, 0, 0);
#endif /* defined( LDAP_SLAPI ) */
cleanup:
- conn->c_sasl_bindop = NULL;
+ op->o_conn->c_sasl_bindop = NULL;
- if( pdn.bv_val != NULL ) {
- free( pdn.bv_val );
- }
- if( ndn.bv_val != NULL ) {
- free( ndn.bv_val );
+ if( op->o_req_dn.bv_val != NULL ) {
+ free( op->o_req_dn.bv_val );
}
- if ( mech.bv_val != NULL ) {
- free( mech.bv_val );
+ if( op->o_req_ndn.bv_val != NULL ) {
+ free( op->o_req_ndn.bv_val );
}
- return rc;
+ return rs->sr_err;
}
#include <lber_pvt.h>
#include <lutil.h>
-int cancel_extop(
- Connection *conn,
- Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl ***rspctrls,
- const char **text,
- BerVarray *refs )
+int cancel_extop( Operation *op, SlapReply *rs )
{
- Backend *be;
+ Operation *o;
int rc;
int found = 0;
int opid;
BerElement *ber;
int i;
- assert( reqoid != NULL );
- assert( ber_bvcmp( &slap_EXOP_CANCEL, reqoid ) == 0 );
+ assert( ber_bvcmp( &slap_EXOP_CANCEL, &op->oq_extended.rs_reqoid ) == 0 );
- if ( reqdata == NULL ) {
- *text = "no message ID supplied";
+ if ( op->oq_extended.rs_reqdata == NULL ) {
+ rs->sr_text = "no message ID supplied";
return LDAP_PROTOCOL_ERROR;
}
- ber = ber_init( reqdata );
+ ber = ber_init( op->oq_extended.rs_reqdata );
if ( ber == NULL ) {
- *text = "internal error";
+ rs->sr_text = "internal error";
return LDAP_OTHER;
}
if ( ber_scanf( ber, "{i}", &opid ) == LBER_ERROR ) {
- *text = "message ID parse failed";
+ rs->sr_text = "message ID parse failed";
return LDAP_PROTOCOL_ERROR;
}
(void) ber_free( ber, 1 );
if ( opid < 0 ) {
- *text = "message ID invalid";
+ rs->sr_text = "message ID invalid";
return LDAP_PROTOCOL_ERROR;
}
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- LDAP_STAILQ_FOREACH( op, &conn->c_pending_ops, o_next ) {
- if ( op->o_msgid == opid ) {
- LDAP_STAILQ_REMOVE( &conn->c_pending_ops, op, slap_op, o_next );
- slap_op_free( op );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ LDAP_STAILQ_FOREACH( o, &op->o_conn->c_pending_ops, o_next ) {
+ if ( o->o_msgid == opid ) {
+ LDAP_STAILQ_REMOVE( &op->o_conn->c_pending_ops, o, slap_op, o_next );
+ slap_op_free( o );
found = 1;
break;
}
}
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
if ( found ) return LDAP_SUCCESS;
found = 0;
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- LDAP_STAILQ_FOREACH( op, &conn->c_ops, o_next ) {
- if ( op->o_msgid == opid ) {
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ LDAP_STAILQ_FOREACH( o, &op->o_conn->c_ops, o_next ) {
+ if ( o->o_msgid == opid ) {
found = 1;
break;
}
if ( !found ) {
#ifdef LDAP_SYNC
for ( i = 0; i < nbackends; i++ ) {
- Backend *be = &backends[i];
- if( !be->be_cancel ) continue;
+ op->o_bd = &backends[i];
+ if( !op->o_bd->be_cancel ) continue;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
- if ( be->be_cancel( be, conn, op, opid ) == LDAP_SUCCESS ) {
+ op->oq_cancel.rs_msgid = opid;
+ if ( op->o_bd->be_cancel( op, rs ) == LDAP_SUCCESS ) {
return LDAP_SUCCESS;
- } else {
- *text = "message ID not found";
- return LDAP_NO_SUCH_OPERATION;
}
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
}
-#else
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
- *text = "message ID not found";
- return LDAP_NO_SUCH_OPERATION;
#endif
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
+ rs->sr_text = "message ID not found";
+ return LDAP_NO_SUCH_OPERATION;
}
if ( op->o_cancel != SLAP_CANCEL_NONE ) {
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
- *text = "message ID already being cancelled";
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
+ rs->sr_text = "message ID already being cancelled";
return LDAP_PROTOCOL_ERROR;
}
op->o_cancel = SLAP_CANCEL_REQ;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
while ( op->o_cancel == SLAP_CANCEL_REQ ) {
ldap_pvt_thread_yield();
#endif
static int compare_entry(
- Connection *conn,
Operation *op,
Entry *e,
AttributeAssertion *ava );
int
do_compare(
- Connection *conn,
- Operation *op
+ Operation *op,
+ SlapReply *rs
)
{
Entry *entry = NULL;
Entry *fentry = NULL;
struct berval dn = { 0, NULL };
- struct berval pdn = { 0, NULL };
- struct berval ndn = { 0, NULL };
struct berval desc = { 0, NULL };
struct berval value = { 0, NULL };
AttributeAssertion ava = { NULL, { 0, NULL } };
Backend *be;
- int rc = LDAP_SUCCESS;
- const char *text = NULL;
int manageDSAit;
#ifdef LDAP_SLAPI
ava.aa_desc = NULL;
#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, ENTRY, "do_compare: conn %d\n", conn->c_connid, 0, 0 );
+ LDAP_LOG( OPERATION, ENTRY, "do_compare: conn %d\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_compare\n", 0, 0, 0 );
#endif
if ( ber_scanf( op->o_ber, "{m" /*}*/, &dn ) == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_compare: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 );
+ "do_compare: conn %d ber_scanf failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
return SLAPD_DISCONNECT;
}
if ( ber_scanf( op->o_ber, "{mm}", &desc, &value ) == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_compare: conn %d get ava failed\n", conn->c_connid, 0, 0 );
+ "do_compare: conn %d get ava failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_compare: get ava failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = SLAPD_DISCONNECT;
- goto cleanup;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ return SLAPD_DISCONNECT;
}
if ( ber_scanf( op->o_ber, /*{*/ "}" ) == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_compare: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 );
+ "do_compare: conn %d ber_scanf failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = SLAPD_DISCONNECT;
- goto cleanup;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ return SLAPD_DISCONNECT;
}
- if( ( rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
- "do_compare: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 );
+ "do_compare: conn %d get_ctrls failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_compare: get_ctrls failed\n", 0, 0, 0 );
#endif
goto cleanup;
}
- rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn );
- if( rc != LDAP_SUCCESS ) {
+ rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn );
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_compare: conn %d invalid dn (%s)\n",
- conn->c_connid, dn.bv_val, 0 );
+ op->o_connid, dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_compare: invalid dn (%s)\n", dn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
goto cleanup;
}
- rc = slap_bv2ad( &desc, &ava.aa_desc, &text );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
+ rs->sr_err = slap_bv2ad( &desc, &ava.aa_desc, &rs->sr_text );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
#ifdef SLAP_NVALUES
- rc = asserted_value_validate_normalize( ava.aa_desc,
+ rs->sr_err = asserted_value_validate_normalize( ava.aa_desc,
ava.aa_desc->ad_type->sat_equality,
SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
- &value, &ava.aa_value, &text );
+ &value, &ava.aa_value, &rs->sr_text );
#else
- rc = value_validate_normalize( ava.aa_desc, SLAP_MR_EQUALITY,
- &value, &ava.aa_value, &text );
+ rs->sr_err = value_validate_normalize( ava.aa_desc, SLAP_MR_EQUALITY,
+ &value, &ava.aa_value, &rs->sr_text );
#endif
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
- if( strcasecmp( ndn.bv_val, LDAP_ROOT_DSE ) == 0 ) {
+ if( strcasecmp( op->o_req_ndn.bv_val, LDAP_ROOT_DSE ) == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"do_compare: dn (%s) attr(%s) value (%s)\n",
- pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
+ op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
#else
Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
- pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
+ op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
#endif
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu CMP dn=\"%s\" attr=\"%s\"\n",
- op->o_connid, op->o_opid, pdn.bv_val,
+ op->o_connid, op->o_opid, op->o_req_dn.bv_val,
ava.aa_desc->ad_cname.bv_val, 0 );
- rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
- rc = root_dse_info( conn, &entry, &text );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
+ rs->sr_err = root_dse_info( op->o_conn, &entry, &rs->sr_text );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
fentry = entry;
- } else if ( bvmatch( &ndn, &global_schemandn ) ) {
+ } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"do_compare: dn (%s) attr(%s) value (%s)\n",
- pdn.bv_val, ava.aa_desc->ad_cname.bv_val,
+ op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val,
ava.aa_value.bv_val );
#else
Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
- pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
+ op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
#endif
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu CMP dn=\"%s\" attr=\"%s\"\n",
- op->o_connid, op->o_opid, pdn.bv_val,
+ op->o_connid, op->o_opid, op->o_req_dn.bv_val,
ava.aa_desc->ad_cname.bv_val, 0 );
- rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
- rc = 0;
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
+ rs->sr_err = 0;
goto cleanup;
}
- rc = schema_info( &entry, &text );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
- rc = 0;
+ rs->sr_err = schema_info( &entry, &rs->sr_text );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
+ rs->sr_err = 0;
goto cleanup;
}
fentry = entry;
}
if( entry ) {
- rc = compare_entry( conn, op, entry, &ava );
+ rs->sr_err = compare_entry( op, entry, &ava );
if( fentry) entry_free( fentry );
- send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
- if( rc == LDAP_COMPARE_TRUE || rc == LDAP_COMPARE_FALSE ) {
- rc = 0;
+ if( rs->sr_err == LDAP_COMPARE_TRUE || rs->sr_err == LDAP_COMPARE_FALSE ) {
+ rs->sr_err = 0;
}
goto cleanup;
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
- if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) {
- BerVarray ref = referral_rewrite( default_referral,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
+ if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, ref ? ref : default_referral, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
+ send_ldap_result( op, rs );
- ber_bvarray_free( ref );
- rc = 0;
+ if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
+ rs->sr_err = 0;
goto cleanup;
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
/* check for referrals */
- rc = backend_check_referrals( be, conn, op, &pdn, &ndn );
- if ( rc != LDAP_SUCCESS ) {
+ if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) {
goto cleanup;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"do_compare: dn (%s) attr(%s) value (%s)\n",
- pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
+ op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
#else
Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
- pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
+ op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val );
#endif
Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu CMP dn=\"%s\" attr=\"%s\"\n",
- op->o_connid, op->o_opid, pdn.bv_val,
+ op->o_connid, op->o_opid, op->o_req_dn.bv_val,
ava.aa_desc->ad_cname.bv_val, 0 );
#if defined( LDAP_SLAPI )
- slapi_x_backend_set_pb( pb, be );
- slapi_x_connection_set_pb( pb, conn );
+ slapi_x_backend_set_pb( pb, op->o_bd );
+ slapi_x_connection_set_pb( pb, op->o_conn );
slapi_x_operation_set_pb( pb, op );
slapi_pblock_set( pb, SLAPI_COMPARE_TARGET, (void *)dn.bv_val );
slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit );
slapi_pblock_set( pb, SLAPI_COMPARE_TYPE, (void *)desc.bv_val );
slapi_pblock_set( pb, SLAPI_COMPARE_VALUE, (void *)&value );
- rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_COMPARE_FN, pb );
- if ( rc != 0 ) {
+ rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_COMPARE_FN, pb );
+ if ( rs->sr_err != 0 ) {
/*
* A preoperation plugin failure will abort the
* entire operation.
Debug(LDAP_DEBUG_TRACE, "do_compare: compare preoperation plugin "
"failed.\n", 0, 0, 0);
#endif
- if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0)
- rc = LDAP_OTHER;
+ if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0)
+ rs->sr_err = LDAP_OTHER;
goto cleanup;
}
#endif /* defined( LDAP_SLAPI ) */
- if ( be->be_compare ) {
- (*be->be_compare)( be, conn, op, &pdn, &ndn, &ava );
+ if ( op->o_bd->be_compare ) {
+ op->oq_compare.rs_ava = &ava;
+ op->o_bd->be_compare( op, rs );
} else {
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
#if defined( LDAP_SLAPI )
- if ( doPluginFNs( be, SLAPI_PLUGIN_POST_COMPARE_FN, pb ) != 0 ) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_COMPARE_FN, pb ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_compare: compare postoperation plugins "
"failed\n", 0, 0, 0 );
#endif /* defined( LDAP_SLAPI ) */
cleanup:
- free( pdn.bv_val );
- free( ndn.bv_val );
+ free( op->o_req_dn.bv_val );
+ free( op->o_req_ndn.bv_val );
if ( ava.aa_value.bv_val ) free( ava.aa_value.bv_val );
- return rc;
+ return rs->sr_err;
}
static int compare_entry(
- Connection *conn,
Operation *op,
Entry *e,
AttributeAssertion *ava )
int rc = LDAP_NO_SUCH_ATTRIBUTE;
Attribute *a;
- if ( ! access_allowed( NULL, conn, op, e,
+ if ( ! access_allowed( op, e,
ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
{
int rc;
Operation *op = arg_v;
+ SlapReply rs = {REP_RESULT};
ber_tag_t tag = op->o_tag;
#ifdef SLAPD_MONITOR
ber_tag_t oldtag = tag;
"error: SASL bind in progress (tag=%ld).\n",
(long) tag, 0, 0 );
#endif
- send_ldap_result( conn, op,
- rc = LDAP_OPERATIONS_ERROR,
- NULL, "SASL bind in progress", NULL, NULL );
+ send_ldap_error( op, &rs, LDAP_OPERATIONS_ERROR,
+ "SASL bind in progress" );
goto operations_error;
}
switch ( tag ) {
case LDAP_REQ_BIND:
INCR_OP(num_ops_initiated_, SLAP_OP_BIND);
- rc = do_bind( conn, op );
+ rc = do_bind( op, &rs );
break;
case LDAP_REQ_UNBIND:
INCR_OP(num_ops_initiated_, SLAP_OP_UNBIND);
- rc = do_unbind( conn, op );
+ rc = do_unbind( op, &rs );
break;
case LDAP_REQ_ADD:
INCR_OP(num_ops_initiated_, SLAP_OP_ADD);
- rc = do_add( conn, op );
+ rc = do_add( op, &rs );
break;
case LDAP_REQ_DELETE:
INCR_OP(num_ops_initiated_, SLAP_OP_DELETE);
- rc = do_delete( conn, op );
+ rc = do_delete( op, &rs );
break;
case LDAP_REQ_MODRDN:
INCR_OP(num_ops_initiated_, SLAP_OP_MODRDN);
- rc = do_modrdn( conn, op );
+ rc = do_modrdn( op, &rs );
break;
case LDAP_REQ_MODIFY:
INCR_OP(num_ops_initiated_, SLAP_OP_MODIFY);
- rc = do_modify( conn, op );
+ rc = do_modify( op, &rs );
break;
case LDAP_REQ_COMPARE:
INCR_OP(num_ops_initiated_, SLAP_OP_COMPARE);
- rc = do_compare( conn, op );
+ rc = do_compare( op, &rs );
break;
case LDAP_REQ_SEARCH:
INCR_OP(num_ops_initiated_, SLAP_OP_SEARCH);
- rc = do_search( conn, op );
+ rc = do_search( op, &rs );
break;
case LDAP_REQ_ABANDON:
INCR_OP(num_ops_initiated_, SLAP_OP_ABANDON);
- rc = do_abandon( conn, op );
+ rc = do_abandon( op, &rs );
break;
case LDAP_REQ_EXTENDED:
INCR_OP(num_ops_initiated_, SLAP_OP_EXTENDED);
- rc = do_extended( conn, op );
+ rc = do_extended( op, &rs );
break;
default:
tag, 0, 0 );
#endif
op->o_tag = LBER_ERROR;
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "unknown LDAP request" );
+ rs.sr_err = LDAP_PROTOCOL_ERROR;
+ rs.sr_text = "unknown LDAP request";
+ send_ldap_disconnect( op, &rs );
rc = -1;
break;
}
}
int get_ctrls(
- Connection *conn,
Operation *op,
+ SlapReply *rs,
int sendres )
{
int nctrls = 0;
char *opaque;
BerElement *ber = op->o_ber;
struct slap_control *sc;
- int rc = LDAP_SUCCESS;
- const char *errmsg = NULL;
len = ber_pvt_ber_remaining(ber);
if( len == 0) {
/* no controls */
- rc = LDAP_SUCCESS;
- return rc;
+ rs->sr_err = LDAP_SUCCESS;
+ return rs->sr_err;
}
if(( tag = ber_peek_tag( ber, &len )) != LDAP_TAG_CONTROLS ) {
if( tag == LBER_ERROR ) {
- rc = SLAPD_DISCONNECT;
- errmsg = "unexpected data in PDU";
+ rs->sr_err = SLAPD_DISCONNECT;
+ rs->sr_text = "unexpected data in PDU";
}
goto return_results;
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
- "get_ctrls: conn %lu\n", conn->c_connid, 0, 0 );
+ "get_ctrls: conn %lu\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"=> get_ctrls\n", 0, 0, 0 );
#endif
if( op->o_protocol < LDAP_VERSION3 ) {
- rc = SLAPD_DISCONNECT;
- errmsg = "controls require LDAPv3";
+ rs->sr_err = SLAPD_DISCONNECT;
+ rs->sr_text = "controls require LDAPv3";
goto return_results;
}
#if 0
if( op->ctrls == NULL ) {
- rc = LDAP_NO_MEMORY;
- errmsg = "no memory";
+ rs->sr_err = LDAP_NO_MEMORY;
+ rs->sr_text = "no memory";
goto return_results;
}
#endif
ldap_controls_free(op->o_ctrls);
op->o_ctrls = NULL;
- rc = LDAP_NO_MEMORY;
- errmsg = "no memory";
+ rs->sr_err = LDAP_NO_MEMORY;
+ rs->sr_text = "no memory";
goto return_results;
}
#endif
ldap_controls_free(op->o_ctrls);
op->o_ctrls = NULL;
- rc = LDAP_NO_MEMORY;
- errmsg = "no memory";
+ rs->sr_err = LDAP_NO_MEMORY;
+ rs->sr_text = "no memory";
goto return_results;
}
#endif
if( tag == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "get_ctrls: conn %lu get OID failed.\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "=> get_ctrls: get oid failed.\n",
0, 0, 0 );
ldap_controls_free( op->o_ctrls );
op->o_ctrls = NULL;
- rc = SLAPD_DISCONNECT;
- errmsg = "decoding controls error";
+ rs->sr_err = SLAPD_DISCONNECT;
+ rs->sr_text = "decoding controls error";
goto return_results;
} else if( c->ldctl_oid == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"get_ctrls: conn %lu got emtpy OID.\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"get_ctrls: conn %lu got emtpy OID.\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#endif
ldap_controls_free( op->o_ctrls );
op->o_ctrls = NULL;
- rc = LDAP_PROTOCOL_ERROR;
- errmsg = "OID field is empty";
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
+ rs->sr_text = "OID field is empty";
goto return_results;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"get_ctrls: conn %lu get crit failed.\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "=> get_ctrls: get crit failed.\n",
0, 0, 0 );
#endif
ldap_controls_free( op->o_ctrls );
op->o_ctrls = NULL;
- rc = SLAPD_DISCONNECT;
- errmsg = "decoding controls error";
+ rs->sr_err = SLAPD_DISCONNECT;
+ rs->sr_text = "decoding controls error";
goto return_results;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "get_ctrls: conn %lu: "
"%s (%scritical): get value failed.\n",
- conn->c_connid, c->ldctl_oid,
+ op->o_connid, c->ldctl_oid,
c->ldctl_iscritical ? "" : "non" );
#else
Debug( LDAP_DEBUG_TRACE, "=> get_ctrls: conn %lu: "
"%s (%scritical): get value failed.\n",
- conn->c_connid, c->ldctl_oid,
+ op->o_connid, c->ldctl_oid,
c->ldctl_iscritical ? "" : "non" );
#endif
ldap_controls_free( op->o_ctrls );
op->o_ctrls = NULL;
- rc = SLAPD_DISCONNECT;
- errmsg = "decoding controls error";
+ rs->sr_err = SLAPD_DISCONNECT;
+ rs->sr_text = "decoding controls error";
goto return_results;
}
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"get_ctrls: conn %lu oid=\"%s\" (%scritical)\n",
- conn->c_connid, c->ldctl_oid, c->ldctl_iscritical ? "" : "non" );
+ op->o_connid, c->ldctl_oid, c->ldctl_iscritical ? "" : "non" );
#else
Debug( LDAP_DEBUG_TRACE,
"=> get_ctrls: oid=\"%s\" (%scritical)\n",
break;
case LDAP_REQ_EXTENDED:
tagmask=~0L;
- assert( op->o_extendedop != NULL );
+ assert( op->oq_extended.rs_reqoid.bv_val != NULL );
if( sc->sc_extendedops != NULL ) {
int i;
for( i=0; sc->sc_extendedops[i] != NULL; i++ ) {
- if( strcmp( op->o_extendedop, sc->sc_extendedops[i] )
+ if( strcmp( op->oq_extended.rs_reqoid.bv_val, sc->sc_extendedops[i] )
== 0 )
{
tagmask=0L;
}
break;
default:
- rc = LDAP_OTHER;
- errmsg = "controls internal error";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "controls internal error";
goto return_results;
}
/* available extension */
if( !sc->sc_parse ) {
- rc = LDAP_OTHER;
- errmsg = "not yet implemented";
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "not yet implemented";
goto return_results;
}
- rc = sc->sc_parse( conn, op, c, &errmsg );
+ rs->sr_err = sc->sc_parse( op, rs, c );
- if( rc != LDAP_SUCCESS ) goto return_results;
+ if( rs->sr_err != LDAP_SUCCESS ) goto return_results;
if ( sc->sc_mask & SLAP_CTRL_FRONTEND ) {
/* kludge to disable backend_control() check */
} else if( c->ldctl_iscritical ) {
/* unavailable CRITICAL control */
- rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
- errmsg = "critical extension is unavailable";
+ rs->sr_err = LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
+ rs->sr_text = "critical extension is unavailable";
goto return_results;
}
} else if( c->ldctl_iscritical ) {
/* unrecognized CRITICAL control */
- rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
- errmsg = "critical extension is not recognized";
+ rs->sr_err = LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
+ rs->sr_text = "critical extension is not recognized";
goto return_results;
}
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, RESULTS,
"get_ctrls: n=%d rc=%d err=\"%s\"\n",
- nctrls, rc, errmsg ? errmsg : "" );
+ nctrls, rs->sr_err, rs->sr_text ? rs->sr_text : "" );
#else
Debug( LDAP_DEBUG_TRACE,
"<= get_ctrls: n=%d rc=%d err=\"%s\"\n",
- nctrls, rc, errmsg ? errmsg : "");
+ nctrls, rs->sr_err, rs->sr_text ? rs->sr_text : "");
#endif
- if( sendres && rc != LDAP_SUCCESS ) {
- if( rc == SLAPD_DISCONNECT ) {
- send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, errmsg );
+ if( sendres && rs->sr_err != LDAP_SUCCESS ) {
+ if( rs->sr_err == SLAPD_DISCONNECT ) {
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
+ send_ldap_disconnect( op, rs );
+ rs->sr_err = SLAPD_DISCONNECT;
} else {
- send_ldap_result( conn, op, rc,
- NULL, errmsg, NULL, NULL );
+ send_ldap_result( op, rs );
}
}
- return rc;
+ return rs->sr_err;
}
static int parseManageDSAit (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
if ( op->o_managedsait != SLAP_NO_CONTROL ) {
- *text = "manageDSAit control specified multiple times";
+ rs->sr_text = "manageDSAit control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
if ( ctrl->ldctl_value.bv_len ) {
- *text = "manageDSAit control value not empty";
+ rs->sr_text = "manageDSAit control value not empty";
return LDAP_PROTOCOL_ERROR;
}
}
static int parseProxyAuthz (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
int rc;
struct berval dn = { 0, NULL };
if ( op->o_proxy_authz != SLAP_NO_CONTROL ) {
- *text = "proxy authorization control specified multiple times";
+ rs->sr_text = "proxy authorization control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"parseProxyAuthz: conn %lu authzid=\"%s\"\n",
- conn->c_connid,
+ op->o_connid,
ctrl->ldctl_value.bv_len ? ctrl->ldctl_value.bv_val : "anonymous",
0 );
#else
Debug( LDAP_DEBUG_ARGS,
"parseProxyAuthz: conn %lu authzid=\"%s\"\n",
- conn->c_connid,
+ op->o_connid,
ctrl->ldctl_value.bv_len ? ctrl->ldctl_value.bv_val : "anonymous",
0 );
#endif
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, RESULTS,
"parseProxyAuthz: conn=%lu anonymous\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"parseProxyAuthz: conn=%lu anonymous\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#endif
/* anonymous */
return LDAP_SUCCESS;
}
- rc = slap_sasl_getdn( conn,
+ rc = slap_sasl_getdn( op->o_conn,
ctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_len,
NULL, &dn, SLAP_GETDN_AUTHZID );
if ( dn.bv_val ) {
ch_free( dn.bv_val );
}
- *text = "authzId mapping failed";
+ rs->sr_text = "authzId mapping failed";
return LDAP_PROXY_AUTHZ_FAILURE;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, RESULTS,
"parseProxyAuthz: conn=%lu \"%s\"\n",
- conn->c_connid,
+ op->o_connid,
dn.bv_len ? dn.bv_val : "(NULL)", 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"parseProxyAuthz: conn=%lu \"%s\"\n",
- conn->c_connid,
+ op->o_connid,
dn.bv_len ? dn.bv_val : "(NULL)", 0 );
#endif
- rc = slap_sasl_authorized( conn, &op->o_ndn, &dn );
+ rc = slap_sasl_authorized( op->o_conn, &op->o_ndn, &dn );
if( rc ) {
ch_free( dn.bv_val );
- *text = "not authorized to assume identity";
+ rs->sr_text = "not authorized to assume identity";
return LDAP_PROXY_AUTHZ_FAILURE;
}
}
static int parseNoOp (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
if ( op->o_noop != SLAP_NO_CONTROL ) {
- *text = "noop control specified multiple times";
+ rs->sr_text = "noop control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
if ( ctrl->ldctl_value.bv_len ) {
- *text = "noop control value not empty";
+ rs->sr_text = "noop control value not empty";
return LDAP_PROTOCOL_ERROR;
}
#ifdef LDAP_CONTROL_PAGEDRESULTS
static int parsePagedResults (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
ber_tag_t tag;
ber_int_t size;
struct berval cookie = { 0, NULL };
if ( op->o_pagedresults != SLAP_NO_CONTROL ) {
- *text = "paged results control specified multiple times";
+ rs->sr_text = "paged results control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
if ( ctrl->ldctl_value.bv_len == 0 ) {
- *text = "paged results control value is empty (or absent)";
+ rs->sr_text = "paged results control value is empty (or absent)";
return LDAP_PROTOCOL_ERROR;
}
*/
ber = ber_init( &ctrl->ldctl_value );
if( ber == NULL ) {
- *text = "internal error";
+ rs->sr_text = "internal error";
return LDAP_OTHER;
}
(void) ber_free( ber, 1 );
if( tag == LBER_ERROR ) {
- *text = "paged results control could not be decoded";
+ rs->sr_text = "paged results control could not be decoded";
return LDAP_PROTOCOL_ERROR;
}
if( size < 0 ) {
- *text = "paged results control size invalid";
+ rs->sr_text = "paged results control size invalid";
return LDAP_PROTOCOL_ERROR;
}
PagedResultsCookie reqcookie;
if( cookie.bv_len != sizeof( reqcookie ) ) {
/* bad cookie */
- *text = "paged results cookie is invalid";
+ rs->sr_text = "paged results cookie is invalid";
return LDAP_PROTOCOL_ERROR;
}
if( reqcookie > op->o_pagedresults_state.ps_cookie ) {
/* bad cookie */
- *text = "paged results cookie is invalid";
+ rs->sr_text = "paged results cookie is invalid";
return LDAP_PROTOCOL_ERROR;
} else if( reqcookie < op->o_pagedresults_state.ps_cookie ) {
- *text = "paged results cookie is invalid or old";
+ rs->sr_text = "paged results cookie is invalid or old";
return LDAP_UNWILLING_TO_PERFORM;
}
} else {
#endif
int parseValuesReturnFilter (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
- int rc;
BerElement *ber;
struct berval fstr = { 0, NULL };
const char *err_msg = "";
if ( op->o_valuesreturnfilter != SLAP_NO_CONTROL ) {
- *text = "valuesReturnFilter control specified multiple times";
+ rs->sr_text = "valuesReturnFilter control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
if ( ctrl->ldctl_value.bv_len == 0 ) {
- *text = "valuesReturnFilter control value is empty (or absent)";
+ rs->sr_text = "valuesReturnFilter control value is empty (or absent)";
return LDAP_PROTOCOL_ERROR;
}
ber = ber_init( &(ctrl->ldctl_value) );
if (ber == NULL) {
- *text = "internal error";
+ rs->sr_text = "internal error";
return LDAP_OTHER;
}
- rc = get_vrFilter( conn, ber, &(op->vrFilter), &err_msg);
+ rs->sr_err = get_vrFilter( op->o_conn, ber, &(op->vrFilter), &rs->sr_text);
- if( rc != LDAP_SUCCESS ) {
- text = &err_msg;
- if( rc == SLAPD_DISCONNECT ) {
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, *text );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ if( rs->sr_err == SLAPD_DISCONNECT ) {
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
+ send_ldap_disconnect( op, rs );
+ rs->sr_err = SLAPD_DISCONNECT;
} else {
- send_ldap_result( conn, op, rc,
- NULL, *text, NULL, NULL );
+ send_ldap_result( op, rs );
}
if( fstr.bv_val != NULL) free( fstr.bv_val );
if( op->vrFilter != NULL) vrFilter_free( op->vrFilter );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"parseValuesReturnFilter: conn %d vrFilter: %s\n",
- conn->c_connid, fstr.bv_len ? fstr.bv_val : "empty" , 0 );
+ op->o_connid, fstr.bv_len ? fstr.bv_val : "empty" , 0 );
#else
Debug( LDAP_DEBUG_ARGS, " vrFilter: %s\n",
fstr.bv_len ? fstr.bv_val : "empty", 0, 0 );
? SLAP_CRITICAL_CONTROL
: SLAP_NONCRITICAL_CONTROL;
+ rs->sr_err = LDAP_SUCCESS;
return LDAP_SUCCESS;
}
#ifdef LDAP_CONTROL_SUBENTRIES
static int parseSubentries (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
if ( op->o_subentries != SLAP_NO_CONTROL ) {
- *text = "subentries control specified multiple times";
+ rs->sr_text = "subentries control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
&& ( ctrl->ldctl_value.bv_val[0] != 0x01 )
&& ( ctrl->ldctl_value.bv_val[1] != 0x01 ))
{
- *text = "subentries control value encoding is bogus";
+ rs->sr_text = "subentries control value encoding is bogus";
return LDAP_PROTOCOL_ERROR;
}
#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
static int parsePermissiveModify (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
if ( op->o_permissive_modify != SLAP_NO_CONTROL ) {
- *text = "permissiveModify control specified multiple times";
+ rs->sr_text = "permissiveModify control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
if ( ctrl->ldctl_value.bv_len ) {
- *text = "permissiveModify control value not empty";
+ rs->sr_text = "permissiveModify control value not empty";
return LDAP_PROTOCOL_ERROR;
}
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
static int parseDomainScope (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
if ( op->o_domain_scope != SLAP_NO_CONTROL ) {
- *text = "domainScope control specified multiple times";
+ rs->sr_text = "domainScope control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
if ( ctrl->ldctl_value.bv_len ) {
- *text = "domainScope control value not empty";
+ rs->sr_text = "domainScope control value not empty";
return LDAP_PROTOCOL_ERROR;
}
#ifdef LDAP_CLIENT_UPDATE
static int parseClientUpdate (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
ber_tag_t tag;
BerElement *ber;
struct berval cookie = { 0, NULL };
if ( op->o_clientupdate != SLAP_NO_CONTROL ) {
- *text = "LCUP client update control specified multiple times";
+ rs->sr_text = "LCUP client update control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
#ifdef LDAP_SYNC
if ( op->o_sync != SLAP_NO_CONTROL ) {
- *text = "LDAP Client Update and Sync controls used together";
+ rs->sr_text = "LDAP Client Update and Sync controls used together";
return LDAP_PROTOCOL_ERROR;
}
#endif
if ( ctrl->ldctl_value.bv_len == 0 ) {
- *text = "LCUP client update control value is empty (or absent)";
+ rs->sr_text = "LCUP client update control value is empty (or absent)";
return LDAP_PROTOCOL_ERROR;
}
ber = ber_init( &ctrl->ldctl_value );
if( ber == NULL ) {
- *text = "internal error";
+ rs->sr_text = "internal error";
return LDAP_OTHER;
}
if ( (tag = ber_scanf( ber, "{i" /*}*/, &type )) == LBER_ERROR ) {
- *text = "LCUP client update control : decoding error";
+ rs->sr_text = "LCUP client update control : decoding error";
return LDAP_PROTOCOL_ERROR;
}
type = SLAP_LCUP_PERSIST;
break;
default:
- *text = "LCUP client update control : unknown update type";
+ rs->sr_text = "LCUP client update control : unknown update type";
return LDAP_PROTOCOL_ERROR;
}
if ( (tag = ber_peek_tag( ber, &len )) == LBER_DEFAULT ) {
- *text = "LCUP client update control : decoding error";
+ rs->sr_text = "LCUP client update control : decoding error";
return LDAP_PROTOCOL_ERROR;
}
if ( tag == LDAP_CUP_TAG_INTERVAL ) {
if ( (tag = ber_scanf( ber, "i", &interval )) == LBER_ERROR ) {
- *text = "LCUP client update control : decoding error";
+ rs->sr_text = "LCUP client update control : decoding error";
return LDAP_PROTOCOL_ERROR;
}
}
if ( (tag = ber_peek_tag( ber, &len )) == LBER_DEFAULT ) {
- *text = "LCUP client update control : decoding error";
+ rs->sr_text = "LCUP client update control : decoding error";
return LDAP_PROTOCOL_ERROR;
}
if ( (tag = ber_scanf( ber, /*{*/ "{mm}}",
&scheme, &cookie )) == LBER_ERROR )
{
- *text = "LCUP client update control : decoding error";
+ rs->sr_text = "LCUP client update control : decoding error";
return LDAP_PROTOCOL_ERROR;
}
}
/* TODO : Cookie Scheme Validation */
#if 0
if ( lcup_cookie_scheme_validate(scheme) != LDAP_SUCCESS ) {
- *text = "Unsupported LCUP cookie scheme";
+ rs->sr_text = "Unsupported LCUP cookie scheme";
return LCUP_UNSUPPORTED_SCHEME;
}
if ( lcup_cookie_validate(scheme, cookie) != LDAP_SUCCESS ) {
- *text = "Invalid LCUP cookie";
+ rs->sr_text = "Invalid LCUP cookie";
return LCUP_INVALID_COOKIE;
}
#endif
#ifdef LDAP_SYNC
static int parseLdupSync (
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text )
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
ber_tag_t tag;
BerElement *ber;
struct berval cookie = { 0, NULL };
if ( op->o_sync != SLAP_NO_CONTROL ) {
- *text = "LDAP Sync control specified multiple times";
+ rs->sr_text = "LDAP Sync control specified multiple times";
return LDAP_PROTOCOL_ERROR;
}
#ifdef LDAP_CLIENT_UPDATE
if ( op->o_clientupdate != SLAP_NO_CONTROL ) {
- *text = "LDAP Sync and LDAP Client Update controls used together";
+ rs->sr_text = "LDAP Sync and LDAP Client Update controls used together";
return LDAP_PROTOCOL_ERROR;
}
#endif
if ( ctrl->ldctl_value.bv_len == 0 ) {
- *text = "LDAP Sync control value is empty (or absent)";
+ rs->sr_text = "LDAP Sync control value is empty (or absent)";
return LDAP_PROTOCOL_ERROR;
}
ber = ber_init( &ctrl->ldctl_value );
if( ber == NULL ) {
- *text = "internal error";
+ rs->sr_text = "internal error";
return LDAP_OTHER;
}
if ( (tag = ber_scanf( ber, "{i" /*}*/, &mode )) == LBER_ERROR ) {
- *text = "LDAP Sync control : mode decoding error";
+ rs->sr_text = "LDAP Sync control : mode decoding error";
return LDAP_PROTOCOL_ERROR;
}
mode = SLAP_SYNC_REFRESH_AND_PERSIST;
break;
default:
- *text = "LDAP Sync control : unknown update mode";
+ rs->sr_text = "LDAP Sync control : unknown update mode";
return LDAP_PROTOCOL_ERROR;
}
if ( tag == LDAP_SYNC_TAG_COOKIE ) {
if (( ber_scanf( ber, /*{*/ "m}",
&cookie )) == LBER_ERROR ) {
- *text = "LDAP Sync control : cookie decoding error";
+ rs->sr_text = "LDAP Sync control : cookie decoding error";
return LDAP_PROTOCOL_ERROR;
}
} else {
if (( ber_scanf( ber, /*{*/ "}")) == LBER_ERROR ) {
- *text = "LDAP Sync control : decoding error";
+ rs->sr_text = "LDAP Sync control : decoding error";
return LDAP_PROTOCOL_ERROR;
}
cookie.bv_len = 0;
/* TODO : Cookie Scheme Validation */
#if 0
if ( lcup_cookie_scheme_validate(scheme) != LDAP_SUCCESS ) {
- *text = "Unsupported LCUP cookie scheme";
+ rs->sr_text = "Unsupported LCUP cookie scheme";
return LCUP_UNSUPPORTED_SCHEME;
}
if ( lcup_cookie_validate(scheme, cookie) != LDAP_SUCCESS ) {
- *text = "Invalid LCUP cookie";
+ rs->sr_text = "Invalid LCUP cookie";
return LCUP_INVALID_COOKIE;
}
#endif
int
do_delete(
- Connection *conn,
- Operation *op
+ Operation *op,
+ SlapReply *rs
)
{
struct berval dn = { 0, NULL };
- struct berval pdn = { 0, NULL };
- struct berval ndn = { 0, NULL };
- const char *text;
- Backend *be;
- int rc;
int manageDSAit;
#ifdef LDAP_SLAPI
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
- "do_delete: conn %d\n", conn->c_connid, 0, 0 );
+ "do_delete: conn %d\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_delete\n", 0, 0, 0 );
#endif
if ( ber_scanf( op->o_ber, "m", &dn ) == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_delete: conn: %d ber_scanf failed\n", conn->c_connid, 0, 0 );
+ "do_delete: conn: %d ber_scanf failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
return SLAPD_DISCONNECT;
}
- if( ( rc = get_ctrls( conn, op, 1 ) ) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_delete: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 );
+ "do_delete: conn %d get_ctrls failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_delete: get_ctrls failed\n", 0, 0, 0 );
#endif
goto cleanup;
}
- rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn );
- if( rc != LDAP_SUCCESS ) {
+ rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn );
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_delete: conn %d invalid dn (%s)\n",
- conn->c_connid, dn.bv_val, 0 );
+ op->o_connid, dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_delete: invalid dn (%s)\n", dn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
goto cleanup;
}
- if( ndn.bv_len == 0 ) {
+ if( op->o_req_ndn.bv_len == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_delete: conn %d: Attempt to delete root DSE.\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_delete: root dse!\n", 0, 0, 0 );
#endif
/* protocolError would likely be a more appropriate error */
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "cannot delete the root DSE", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "cannot delete the root DSE" );
goto cleanup;
- } else if ( bvmatch( &ndn, &global_schemandn ) ) {
+ } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_delete: conn %d: "
- "Attempt to delete subschema subentry.\n", conn->c_connid, 0, 0 );
+ "Attempt to delete subschema subentry.\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_delete: subschema subentry!\n", 0, 0, 0 );
#endif
/* protocolError would likely be a more appropriate error */
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "cannot delete the root DSE", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "cannot delete the root DSE" );
goto cleanup;
}
Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu DEL dn=\"%s\"\n",
- op->o_connid, op->o_opid, pdn.bv_val, 0, 0 );
+ op->o_connid, op->o_opid, op->o_req_dn.bv_val, 0, 0 );
manageDSAit = get_manageDSAit( op );
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
- if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) {
- BerVarray ref = referral_rewrite( default_referral,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
+ if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, ref ? ref : default_referral, NULL );
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
+ rs->sr_err = LDAP_REFERRAL;
- ber_bvarray_free( ref );
+ send_ldap_result( op, rs );
+
+ if (rs->sr_ref!= default_referral) ber_bvarray_free( rs->sr_ref );
goto cleanup;
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
/* check for referrals */
- rc = backend_check_referrals( be, conn, op, &pdn, &ndn );
- if ( rc != LDAP_SUCCESS ) {
+ if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) {
goto cleanup;
}
#if defined( LDAP_SLAPI )
- slapi_x_backend_set_pb( pb, be );
- slapi_x_connection_set_pb( pb, conn );
+ slapi_x_backend_set_pb( pb, op->o_bd );
+ slapi_x_connection_set_pb( pb, op->o_conn );
slapi_x_operation_set_pb( pb, op );
slapi_pblock_set( pb, SLAPI_DELETE_TARGET, (void *)dn.bv_val );
slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit );
- rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_DELETE_FN, pb );
- if ( rc != 0 ) {
+ rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_DELETE_FN, pb );
+ if ( rs->sr_err != 0 ) {
/*
* A preoperation plugin failure will abort the
* entire operation.
Debug (LDAP_DEBUG_TRACE, "do_delete: delete preoperation plugin failed.\n",
0, 0, 0);
#endif
- if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0 )
- rc = LDAP_OTHER;
+ if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0 )
+ rs->sr_err = LDAP_OTHER;
goto cleanup;
}
#endif /* defined( LDAP_SLAPI ) */
* 2) this backend is master for what it holds;
* 3) it's a replica and the dn supplied is the update_ndn.
*/
- if ( be->be_delete ) {
+ if ( op->o_bd->be_delete ) {
/* do the update here */
- int repl_user = be_isupdate( be, &op->o_ndn );
+ int repl_user = be_isupdate( op->o_bd, &op->o_ndn );
#ifndef SLAPD_MULTIMASTER
- if ( !be->be_update_ndn.bv_len || repl_user )
+ if ( !op->o_bd->be_update_ndn.bv_len || repl_user )
#endif
{
- if ( (*be->be_delete)( be, conn, op, &pdn, &ndn ) == 0 ) {
+ if ( (op->o_bd->be_delete)( op, rs ) == 0 ) {
#ifdef SLAPD_MULTIMASTER
- if ( !be->be_update_ndn.bv_len || !repl_user )
+ if ( !op->o_bd->be_update_ndn.bv_len || !repl_user )
#endif
{
- replog( be, op, &pdn, &ndn, NULL );
+ replog( op );
}
}
#ifndef SLAPD_MULTIMASTER
} else {
- BerVarray defref = be->be_update_refs
- ? be->be_update_refs : default_referral;
- BerVarray ref = referral_rewrite( default_referral,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
+ BerVarray defref = op->o_bd->be_update_refs
+ ? op->o_bd->be_update_refs : default_referral;
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
- send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL,
- ref ? ref : defref, NULL );
+ if (!rs->sr_ref) rs->sr_ref = defref;
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( ref );
+ if (rs->sr_ref != defref) ber_bvarray_free( rs->sr_ref );
#endif
}
} else {
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
#if defined( LDAP_SLAPI )
- if ( doPluginFNs( be, SLAPI_PLUGIN_POST_DELETE_FN, pb ) != 0) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_DELETE_FN, pb ) != 0) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_delete: delete postoperation plugins "
"failed\n", 0, 0, 0 );
#endif /* defined( LDAP_SLAPI ) */
cleanup:
- free( pdn.bv_val );
- free( ndn.bv_val );
- return rc;
+ free( op->o_req_dn.bv_val );
+ free( op->o_req_ndn.bv_val );
+ return rs->sr_err;
}
int
do_extended(
- Connection *conn,
- Operation *op
+ Operation *op,
+ SlapReply *rs
)
{
- int rc = LDAP_SUCCESS;
- struct berval reqoid = {0, NULL};
struct berval reqdata = {0, NULL};
ber_tag_t tag;
ber_len_t len;
struct extop_list *ext = NULL;
- const char *text;
- BerVarray refs;
- char *rspoid;
- struct berval *rspdata;
- LDAPControl **rspctrls;
#if defined(LDAP_SLAPI)
Slapi_PBlock *pb = op->o_pb;
SLAPI_FUNC funcAddr = NULL;
int extop_rc;
int msg_sent = FALSE;
- char *result_msg = "";
#endif /* defined(LDAP_SLAPI) */
#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, ENTRY, "do_extended: conn %d\n", conn->c_connid, 0, 0 );
+ LDAP_LOG( OPERATION, ENTRY, "do_extended: conn %d\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_extended\n", 0, 0, 0 );
#endif
"do_extended: protocol version (%d) too low\n",
op->o_protocol, 0 ,0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "requires LDAPv3" );
- rc = -1;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "requires LDAPv3" );
+ rs->sr_err = -1;
goto done;
}
- if ( ber_scanf( op->o_ber, "{m" /*}*/, &reqoid ) == LBER_ERROR ) {
+ if ( ber_scanf( op->o_ber, "{m" /*}*/, &op->oq_extended.rs_reqoid ) == LBER_ERROR ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR, "do_extended: conn %d ber_scanf failed\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_extended: ber_scanf failed\n", 0, 0 ,0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ rs->sr_err = -1;
goto done;
}
#ifdef LDAP_SLAPI
- getPluginFunc( &reqoid, &funcAddr ); /* NS-SLAPI extended operation */
- if( !funcAddr && !(ext = find_extop(supp_ext_list, &reqoid )))
+ getPluginFunc( &op->oq_extended.rs_reqoid, &funcAddr ); /* NS-SLAPI extended operation */
+ if( !funcAddr && !(ext = find_extop(supp_ext_list, &op->oq_extended.rs_reqoid )))
#else
- if( !(ext = find_extop(supp_ext_list, &reqoid )))
+ if( !(ext = find_extop(supp_ext_list, &op->oq_extended.rs_reqoid )))
#endif
{
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_extended: conn %d unsupported operation \"%s\"\n",
- conn->c_connid, reqoid.bv_val, 0 );
+ op->o_connid, op->oq_extended.rs_reqoid.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_extended: unsupported operation \"%s\"\n",
- reqoid.bv_val, 0 ,0 );
+ op->oq_extended.rs_reqoid.bv_val, 0 ,0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
- NULL, "unsupported extended operation", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR,
+ "unsupported extended operation" );
goto done;
}
- op->o_extendedop = reqoid.bv_val;
-
tag = ber_peek_tag( op->o_ber, &len );
if( ber_peek_tag( op->o_ber, &len ) == LDAP_TAG_EXOP_REQ_VALUE ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_extended: conn %d ber_scanf failed\n",
- conn->c_connid, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_extended: ber_scanf failed\n", 0, 0 ,0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = -1;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ rs->sr_err = -1;
goto done;
}
}
- if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_extended: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 );
+ "do_extended: conn %d get_ctrls failed\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_extended: get_ctrls failed\n", 0, 0 ,0 );
#endif
- return rc;
+ return rs->sr_err;
}
/* check for controls inappropriate for all extended operations */
if( get_manageDSAit( op ) == SLAP_CRITICAL_CONTROL ) {
- send_ldap_result( conn, op,
- rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
- NULL, "manageDSAit control inappropriate",
- NULL, NULL );
+ send_ldap_error( op, rs,
+ LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
+ "manageDSAit control inappropriate" );
goto done;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
- "do_extended: conn %d oid=%d\n.", conn->c_connid, reqoid.bv_val, 0 );
+ "do_extended: conn %d oid=%s\n.", op->o_connid, op->oq_extended.rs_reqoid.bv_val, 0 );
#else
- Debug( LDAP_DEBUG_ARGS, "do_extended: oid=%s\n", reqoid.bv_val, 0 ,0 );
+ Debug( LDAP_DEBUG_ARGS, "do_extended: oid=%s\n", op->oq_extended.rs_reqoid.bv_val, 0 ,0 );
#endif
- rspoid = NULL;
- rspdata = NULL;
- rspctrls = NULL;
- text = NULL;
- refs = NULL;
-
#if defined(LDAP_SLAPI)
if (ext != NULL) { /* OpenLDAP extended operation */
#endif /* defined(LDAP_SLAPI) */
- rc = (ext->ext_main)( conn, op,
- &reqoid, reqdata.bv_val ? &reqdata : NULL,
- &rspoid, &rspdata, &rspctrls, &text, &refs );
+ if (reqdata.bv_val) op->oq_extended.rs_reqdata = &reqdata;
+ rs->sr_err = (ext->ext_main)( op, rs );
- if( rc != SLAPD_ABANDON ) {
- if ( rc == LDAP_REFERRAL && refs == NULL ) {
- refs = referral_rewrite( default_referral,
+ if( rs->sr_err != SLAPD_ABANDON ) {
+ if ( rs->sr_err == LDAP_REFERRAL && rs->sr_ref == NULL ) {
+ rs->sr_ref = referral_rewrite( default_referral,
NULL, NULL, LDAP_SCOPE_DEFAULT );
}
- send_ldap_extended( conn, op, rc, NULL, text, refs,
- rspoid, rspdata, rspctrls );
+ send_ldap_extended( op, rs );
- ber_bvarray_free( refs );
+ ber_bvarray_free( rs->sr_ref );
}
- if ( rspoid != NULL ) {
- free( rspoid );
+ if ( rs->sr_rspoid != NULL ) {
+ free( (char *)rs->sr_rspoid );
}
- if ( rspdata != NULL ) {
- ber_bvfree( rspdata );
+ if ( rs->sr_rspdata != NULL ) {
+ ber_bvfree( rs->sr_rspdata );
}
#if defined( LDAP_SLAPI )
goto done; /* end of OpenLDAP extended operation */
} else { /* start of Netscape extended operation */
- rc = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_OID,
- (void *)reqoid.bv_val);
- if ( rc != LDAP_SUCCESS ) {
- rc = LDAP_OTHER;
+ rs->sr_err = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_OID,
+ (void *)op->oq_extended.rs_reqoid.bv_val);
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_OTHER;
goto done;
}
- rc = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_VALUE,
+ rs->sr_err = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_VALUE,
(void *)&reqdata);
- if ( rc != LDAP_SUCCESS ) {
- rc = LDAP_OTHER;
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_OTHER;
goto done;
}
- rc = slapi_x_connection_set_pb( pb, conn );
- if ( rc != LDAP_SUCCESS ) {
- rc = LDAP_OTHER;
+ rs->sr_err = slapi_x_connection_set_pb( pb, op->o_conn );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_OTHER;
goto done;
}
- rc = slapi_x_operation_set_pb( pb, op );
- if ( rc != LDAP_SUCCESS ) {
- rc = LDAP_OTHER;
+ rs->sr_err = slapi_x_operation_set_pb( pb, op );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_OTHER;
goto done;
}
msg_sent = TRUE;
} else if ( extop_rc == SLAPI_PLUGIN_EXTENDED_NOT_HANDLED ) {
- rc = LDAP_PROTOCOL_ERROR;
- result_msg = UNSUPPORTED_EXTENDEDOP;
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
+ rs->sr_text = UNSUPPORTED_EXTENDEDOP;
} else {
- rc = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID,
- &rspoid);
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID,
+ &rs->sr_resoid);
+ if ( rs->sr_err != LDAP_SUCCESS ) {
goto done2;
}
- rc = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE,
- &rspdata);
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE,
+ &rs->sr_resdata);
+ if ( rs->sr_err != LDAP_SUCCESS ) {
goto done2;
}
- send_ldap_extended( conn, op, extop_rc, NULL, text,
- refs, rspoid, rspdata, rspctrls );
+ rs->sr_err = extop_rc;
+ send_ldap_extended( op, rs );
msg_sent = TRUE;
}
done2:;
- if ( rc != LDAP_SUCCESS && msg_sent == FALSE ) {
- send_ldap_result( conn, op, rc, NULL, result_msg,
- NULL, NULL );
+ if ( rs->sr_err != LDAP_SUCCESS && msg_sent == FALSE ) {
+ send_ldap_result( op, rs );
}
- if ( rspoid != NULL ) {
- free( rspoid );
+ if ( op->oq_extended.rs_resoid != NULL ) {
+ free( op->oq_extended.rs_resoid );
}
- if ( rspdata != NULL ) {
- ber_bvfree( rspdata );
+ if ( op->oq_extended.rs_resdata != NULL ) {
+ ber_bvfree( op->oq_extended.rs_resdata );
}
} /* end of Netscape extended operation */
#endif /* defined( LDAP_SLAPI ) */
done:
- return rc;
+ return rs->sr_err;
}
int
static int
whoami_extop (
- Connection *conn,
Operation *op,
- struct berval * reqoid,
- struct berval * reqdata,
- char ** rspoid,
- struct berval ** rspdata,
- LDAPControl ***rspctrls,
- const char ** text,
- BerVarray * refs )
+ SlapReply *rs )
{
struct berval *bv;
- if ( reqdata != NULL ) {
+ if ( op->oq_extended.rs_reqdata != NULL ) {
/* no request data should be provided */
- *text = "no request data expected";
+ rs->sr_text = "no request data expected";
return LDAP_PROTOCOL_ERROR;
}
- {
- int rc = backend_check_restrictions( conn->c_authz_backend,
- conn, op, (struct berval *)&slap_EXOP_WHOAMI, text );
-
- if( rc != LDAP_SUCCESS ) return rc;
+ op->o_bd = op->o_conn->c_authz_backend;
+ if( backend_check_restrictions( op, rs,
+ (struct berval *)&slap_EXOP_WHOAMI ) != LDAP_SUCCESS ) {
+ return rs->sr_err;
}
bv = (struct berval *) ch_malloc( sizeof(struct berval) );
bv->bv_val = NULL;
}
- *rspdata = bv;
+ rs->sr_rspdata = bv;
return LDAP_SUCCESS;
}
f.f_choice = SLAPD_FILTER_COMPUTED;
f.f_result = LDAP_COMPARE_FALSE;
err = LDAP_SUCCESS;
+ *text = NULL;
break;
}
#include "slap.h"
-static int test_filter_and( Backend *be,
- Connection *conn, Operation *op,
- Entry *e, Filter *flist );
-static int test_filter_or( Backend *be,
- Connection *conn, Operation *op,
- Entry *e, Filter *flist );
-static int test_substrings_filter( Backend *be,
- Connection *conn, Operation *op,
- Entry *e, Filter *f);
-static int test_ava_filter( Backend *be,
- Connection *conn, Operation *op,
- Entry *e, AttributeAssertion *ava, int type );
-static int test_mra_filter( Backend *be,
- Connection *conn, Operation *op,
- Entry *e, MatchingRuleAssertion *mra );
-static int test_presence_filter( Backend *be,
- Connection *conn, Operation *op,
- Entry *e, AttributeDescription *desc );
+static int test_filter_and( Operation *op, Entry *e, Filter *flist );
+static int test_filter_or( Operation *op, Entry *e, Filter *flist );
+static int test_substrings_filter( Operation *op, Entry *e, Filter *f);
+static int test_ava_filter( Operation *op, Entry *e, AttributeAssertion *ava, int type );
+static int test_mra_filter( Operation *op, Entry *e, MatchingRuleAssertion *mra );
+static int test_presence_filter( Operation *op, Entry *e, AttributeDescription *desc );
/*
int
test_filter(
- Backend *be,
- Connection *conn,
Operation *op,
Entry *e,
Filter *f
)
{
int rc;
-
#ifdef NEW_LOGGING
LDAP_LOG( FILTER, ENTRY, "test_filter: begin\n", 0, 0, 0 );
#else
Debug( LDAP_DEBUG_FILTER, "=> test_filter\n", 0, 0, 0 );
#endif
-
switch ( f->f_choice ) {
case SLAPD_FILTER_COMPUTED:
#ifdef NEW_LOGGING
Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 );
#endif
- rc = test_ava_filter( be, conn, op, e, f->f_ava,
+ rc = test_ava_filter( op, e, f->f_ava,
LDAP_FILTER_EQUALITY );
break;
Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 );
#endif
- rc = test_substrings_filter( be, conn, op, e, f );
+ rc = test_substrings_filter( op, e, f );
break;
case LDAP_FILTER_GE:
- rc = test_ava_filter( be, conn, op, e, f->f_ava,
+ rc = test_ava_filter( op, e, f->f_ava,
LDAP_FILTER_GE );
break;
case LDAP_FILTER_LE:
- rc = test_ava_filter( be, conn, op, e, f->f_ava,
+ rc = test_ava_filter( op, e, f->f_ava,
LDAP_FILTER_LE );
break;
Debug( LDAP_DEBUG_FILTER, " PRESENT\n", 0, 0, 0 );
#endif
- rc = test_presence_filter( be, conn, op, e, f->f_desc );
+ rc = test_presence_filter( op, e, f->f_desc );
break;
case LDAP_FILTER_APPROX:
#else
Debug( LDAP_DEBUG_FILTER, " APPROX\n", 0, 0, 0 );
#endif
- rc = test_ava_filter( be, conn, op, e, f->f_ava,
+ rc = test_ava_filter( op, e, f->f_ava,
LDAP_FILTER_APPROX );
break;
Debug( LDAP_DEBUG_FILTER, " AND\n", 0, 0, 0 );
#endif
- rc = test_filter_and( be, conn, op, e, f->f_and );
+ rc = test_filter_and( op, e, f->f_and );
break;
case LDAP_FILTER_OR:
Debug( LDAP_DEBUG_FILTER, " OR\n", 0, 0, 0 );
#endif
- rc = test_filter_or( be, conn, op, e, f->f_or );
+ rc = test_filter_or( op, e, f->f_or );
break;
case LDAP_FILTER_NOT:
Debug( LDAP_DEBUG_FILTER, " NOT\n", 0, 0, 0 );
#endif
- rc = test_filter( be, conn, op, e, f->f_not );
+ rc = test_filter( op, e, f->f_not );
/* Flip true to false and false to true
* but leave Undefined alone.
Debug( LDAP_DEBUG_FILTER, " EXT\n", 0, 0, 0 );
#endif
- rc = test_mra_filter( be, conn, op, e, f->f_mra );
+ rc = test_mra_filter( op, e, f->f_mra );
break;
default:
}
static int test_mra_filter(
- Backend *be,
- Connection *conn,
Operation *op,
Entry *e,
MatchingRuleAssertion *mra )
* one attribute, and SEARCH permissions can be checked
* directly.
*/
- if( !access_allowed( be, conn, op, e,
+ if( !access_allowed( op, e,
mra->ma_desc, &mra->ma_value, ACL_SEARCH, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
}
/* check search access */
- if ( !access_allowed( be, conn, op, e,
+ if ( !access_allowed( op, e,
a->a_desc, &value, ACL_SEARCH, NULL ) ) {
continue;
}
}
/* check search access */
- if ( !access_allowed( be, conn, op, e,
+ if ( !access_allowed( op, e,
ad, &value, ACL_SEARCH, NULL ) ) {
continue;
}
static int
test_ava_filter(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
+ Operation *op,
+ Entry *e,
AttributeAssertion *ava,
- int type
+ int type
)
{
Attribute *a;
- if ( !access_allowed( be, conn, op, e,
+ if ( !access_allowed( op, e,
ava->aa_desc, &ava->aa_value, ACL_SEARCH, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
}
if ( ava->aa_desc == slap_schema.si_ad_hasSubordinates
- && be && be->be_has_subordinates ) {
+ && op->o_bd && op->o_bd->be_has_subordinates ) {
int hasSubordinates;
struct berval hs;
*/
assert( type == LDAP_FILTER_EQUALITY );
- if ( (*be->be_has_subordinates)( be, conn, op, e, &hasSubordinates ) ) {
+ if (op->o_bd->be_has_subordinates( op, e, &hasSubordinates ) != LDAP_SUCCESS) {
return LDAP_OTHER;
}
static int
test_presence_filter(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
+ Operation *op,
+ Entry *e,
AttributeDescription *desc
)
{
Attribute *a;
- if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_SEARCH, NULL ) )
+ if ( !access_allowed( op, e, desc, NULL, ACL_SEARCH, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
}
* is boolean-valued; I think we may live with this
* simplification by now
*/
- if ( be && be->be_has_subordinates ) {
+ if ( op->o_bd && op->o_bd->be_has_subordinates ) {
return LDAP_COMPARE_TRUE;
}
static int
test_filter_and(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- Filter *flist
+ Operation *op,
+ Entry *e,
+ Filter *flist
)
{
Filter *f;
for ( f = flist; f != NULL; f = f->f_next ) {
- int rc = test_filter( be, conn, op, e, f );
+ int rc = test_filter( op, e, f );
if ( rc == LDAP_COMPARE_FALSE ) {
/* filter is False */
static int
test_filter_or(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- Filter *flist
+ Operation *op,
+ Entry *e,
+ Filter *flist
)
{
Filter *f;
for ( f = flist; f != NULL; f = f->f_next ) {
- int rc = test_filter( be, conn, op, e, f );
+ int rc = test_filter( op, e, f );
if ( rc == LDAP_COMPARE_TRUE ) {
/* filter is True */
static int
test_substrings_filter(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- Filter *f
+ Operation *op,
+ Entry *e,
+ Filter *f
)
{
Attribute *a;
#endif
- if ( !access_allowed( be, conn, op, e,
+ if ( !access_allowed( op, e,
f->f_sub_desc, NULL, ACL_SEARCH, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
static int
test_mra_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
MatchingRuleAssertion *mra,
static int
test_substrings_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
ValuesReturnFilter *f,
static int
test_presence_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
AttributeDescription *desc,
static int
test_ava_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
AttributeAssertion *ava,
int
filter_matched_values(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
char ***e_flags
#else
Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 );
#endif
- rc = test_ava_vrFilter( be, conn, op, a, vrf->vrf_ava,
+ rc = test_ava_vrFilter( op, a, vrf->vrf_ava,
LDAP_FILTER_EQUALITY, e_flags );
if( rc == -1 ) {
return rc;
Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 );
#endif
- rc = test_substrings_vrFilter( be, conn, op, a,
+ rc = test_substrings_vrFilter( op, a,
vrf, e_flags );
if( rc == -1 ) {
return rc;
#else
Debug( LDAP_DEBUG_FILTER, " PRESENT\n", 0, 0, 0 );
#endif
- rc = test_presence_vrFilter( be, conn, op, a,
+ rc = test_presence_vrFilter( op, a,
vrf->vrf_desc, e_flags );
if( rc == -1 ) {
return rc;
break;
case LDAP_FILTER_GE:
- rc = test_ava_vrFilter( be, conn, op, a, vrf->vrf_ava,
+ rc = test_ava_vrFilter( op, a, vrf->vrf_ava,
LDAP_FILTER_GE, e_flags );
if( rc == -1 ) {
return rc;
break;
case LDAP_FILTER_LE:
- rc = test_ava_vrFilter( be, conn, op, a, vrf->vrf_ava,
+ rc = test_ava_vrFilter( op, a, vrf->vrf_ava,
LDAP_FILTER_LE, e_flags );
if( rc == -1 ) {
return rc;
#else
Debug( LDAP_DEBUG_FILTER, " EXT\n", 0, 0, 0 );
#endif
- rc = test_mra_vrFilter( be, conn, op, a,
+ rc = test_mra_vrFilter( op, a,
vrf->vrf_mra, e_flags );
if( rc == -1 ) {
return rc;
static int
test_ava_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
AttributeAssertion *ava,
static int
test_presence_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
AttributeDescription *desc,
static int
test_substrings_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
ValuesReturnFilter *vrf,
static int
test_mra_vrFilter(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
MatchingRuleAssertion *mra,
int
do_modify(
- Connection *conn,
- Operation *op )
+ Operation *op,
+ SlapReply *rs )
{
struct berval dn = { 0, NULL };
- struct berval pdn = { 0, NULL };
- struct berval ndn = { 0, NULL };
char *last;
ber_tag_t tag;
ber_len_t len;
LDAPMod **modv = NULL;
Slapi_PBlock *pb = op->o_pb;
#endif
- Backend *be;
- int rc;
- const char *text;
int manageDSAit;
#ifdef NEW_LOGGING
Debug( LDAP_DEBUG_ANY, "do_modify: ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
return SLAPD_DISCONNECT;
}
&tmp.sml_type, &tmp.sml_values )
== LBER_ERROR )
{
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding modlist error" );
- rc = SLAPD_DISCONNECT;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding modlist error" );
+ rs->sr_err = SLAPD_DISCONNECT;
goto cleanup;
}
(long) mop, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR,
- NULL, "modify/add operation requires values",
- NULL, NULL );
- rc = LDAP_PROTOCOL_ERROR;
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR,
+ "modify/add operation requires values" );
goto cleanup;
}
(long) mop, 0, 0 );
#endif
- send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR,
- NULL, "unrecognized modify operation", NULL, NULL );
- rc = LDAP_PROTOCOL_ERROR;
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR,
+ "unrecognized modify operation" );
goto cleanup;
}
}
}
*modtail = NULL;
- if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR, "do_modify: get_ctrls failed\n", 0, 0, 0 );
#else
goto cleanup;
}
- rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn );
- if( rc != LDAP_SUCCESS ) {
+ rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn );
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_modify: conn %d invalid dn (%s)\n",
- conn->c_connid, dn.bv_val, 0 );
+ op->o_connid, dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_modify: invalid dn (%s)\n", dn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
goto cleanup;
}
- if( ndn.bv_len == 0 ) {
+ if( op->o_req_ndn.bv_len == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_modify: attempt to modify root DSE.\n",0, 0, 0 );
Debug( LDAP_DEBUG_ANY, "do_modify: root dse!\n", 0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "modify upon the root DSE not supported", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "modify upon the root DSE not supported" );
goto cleanup;
- } else if ( bvmatch( &ndn, &global_schemandn ) ) {
+ } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_modify: attempt to modify subschema subentry.\n" , 0, 0, 0 );
Debug( LDAP_DEBUG_ANY, "do_modify: subschema subentry!\n", 0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "modification of subschema subentry not supported",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "modification of subschema subentry not supported" );
goto cleanup;
}
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
- if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) {
- BerVarray ref = referral_rewrite( default_referral,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
+ if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, ref ? ref : default_referral, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( ref );
+ if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
goto cleanup;
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
/* check for referrals */
- rc = backend_check_referrals( be, conn, op, &pdn, &ndn );
- if ( rc != LDAP_SUCCESS ) {
+ if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) {
goto cleanup;
}
modv = slapi_x_modifications2ldapmods( &modlist );
slapi_pblock_set( pb, SLAPI_MODIFY_MODS, (void *)modv );
- rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_MODIFY_FN, pb );
- if ( rc != 0 ) {
+ rs->sr_err = doPluginFNs( be, SLAPI_PLUGIN_PRE_MODIFY_FN, pb );
+ if ( rs->sr_err != 0 ) {
/*
* A preoperation plugin failure will abort the
* entire operation.
Debug(LDAP_DEBUG_TRACE, "do_modify: modify preoperation plugin failed.\n",
0, 0, 0);
#endif
- if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0) {
- rc = LDAP_OTHER;
+ if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0) {
+ rs->sr_err = LDAP_OTHER;
}
ldap_mods_free( modv, 1 );
modv = NULL;
* 2) this backend is master for what it holds;
* 3) it's a replica and the dn supplied is the update_ndn.
*/
- if ( be->be_modify ) {
+ if ( op->o_bd->be_modify ) {
/* do the update here */
- int repl_user = be_isupdate( be, &op->o_ndn );
+ int repl_user = be_isupdate( op->o_bd, &op->o_ndn );
#ifndef SLAPD_MULTIMASTER
/* Multimaster slapd does not have to check for replicator dn
* because it accepts each modify request
*/
- if ( !be->be_update_ndn.bv_len || repl_user )
+ if ( !op->o_bd->be_update_ndn.bv_len || repl_user )
#endif
{
- int update = be->be_update_ndn.bv_len;
- const char *text;
+ int update = op->o_bd->be_update_ndn.bv_len;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
- rc = slap_mods_check( modlist, update, &text,
+ rs->sr_err = slap_mods_check( modlist, update, &rs->sr_text,
textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
/* empty */
}
- rc = slap_mods_opattrs( be, op, modlist, modtail, &text,
- textbuf, textlen );
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text,
- NULL, NULL );
+ rs->sr_err = slap_mods_opattrs( op, modlist, modtail,
+ &rs->sr_text, textbuf, textlen );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
}
- if ( (*be->be_modify)( be, conn, op, &pdn, &ndn, modlist ) == 0
+ op->oq_modify.rs_modlist = modlist;
+ if ( (op->o_bd->be_modify)( op, rs ) == 0
#ifdef SLAPD_MULTIMASTER
&& !repl_user
#endif
) {
/* but we log only the ones not from a replicator user */
- replog( be, op, &pdn, &ndn, modlist );
+ replog( op );
}
#ifndef SLAPD_MULTIMASTER
/* send a referral */
} else {
- BerVarray defref = be->be_update_refs
- ? be->be_update_refs : default_referral;
- BerVarray ref = referral_rewrite( defref,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
-
- send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL,
- ref ? ref : defref, NULL );
+ BerVarray defref = op->o_bd->be_update_refs
+ ? op->o_bd->be_update_refs : default_referral;
+ rs->sr_ref = referral_rewrite( defref,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
- ber_bvarray_free( ref );
+ if (!rs->sr_ref) rs->sr_ref = defref;
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+ if (rs->sr_ref != defref) ber_bvarray_free( rs->sr_ref );
#endif
}
} else {
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
#if defined( LDAP_SLAPI )
- if ( doPluginFNs( be, SLAPI_PLUGIN_POST_MODIFY_FN, pb ) != 0 ) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_MODIFY_FN, pb ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_modify: modify postoperation plugins "
"failed\n", 0, 0, 0 );
#endif /* defined( LDAP_SLAPI ) */
cleanup:
- free( pdn.bv_val );
- free( ndn.bv_val );
+ free( op->o_req_dn.bv_val );
+ free( op->o_req_ndn.bv_val );
if ( modlist != NULL ) slap_mods_free( modlist );
#if defined( LDAP_SLAPI )
if ( modv != NULL ) slapi_x_free_ldapmods( modv );
#endif
- return rc;
+ return rs->sr_err;
}
/*
}
int slap_mods_opattrs(
- Backend *be,
Operation *op,
Modifications *mods,
Modifications **modtail,
assert( modtail != NULL );
assert( *modtail == NULL );
- if( SLAP_LASTMOD(be) ) {
+ if( SLAP_LASTMOD(op->o_bd) ) {
struct tm *ltm;
time_t now = slap_get_time();
modtail = &mod->sml_next;
}
- if( SLAP_LASTMOD(be) ) {
+ if( SLAP_LASTMOD(op->o_bd) ) {
char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
tmpval.bv_len = lutil_uuidstr( uuidbuf, sizeof( uuidbuf ) );
}
}
- if( SLAP_LASTMOD(be) ) {
+ if( SLAP_LASTMOD(op->o_bd) ) {
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_type.bv_val = NULL;
int
do_modrdn(
- Connection *conn,
- Operation *op
+ Operation *op,
+ SlapReply *rs
)
{
struct berval dn = { 0, NULL };
struct berval newSuperior = { 0, NULL };
ber_int_t deloldrdn;
- struct berval pdn = { 0, NULL };
- struct berval pnewrdn = { 0, NULL };
- struct berval pnewSuperior = { 0, NULL }, *pnewS = NULL;
+ struct berval pnewSuperior = { 0, NULL };
- struct berval ndn = { 0, NULL };
- struct berval nnewrdn = { 0, NULL };
- struct berval nnewSuperior = { 0, NULL }, *nnewS = NULL;
+ struct berval nnewSuperior = { 0, NULL };
- Backend *be;
Backend *newSuperior_be = NULL;
ber_len_t length;
- int rc;
- const char *text;
int manageDSAit;
#ifdef LDAP_SLAPI
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
return SLAPD_DISCONNECT;
}
0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
+ send_ldap_discon( op, rs,
LDAP_PROTOCOL_ERROR, "newSuperior requires LDAPv3" );
- rc = SLAPD_DISCONNECT;
+ rs->sr_err = SLAPD_DISCONNECT;
goto cleanup;
}
0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
+ send_ldap_discon( op, rs,
LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = SLAPD_DISCONNECT;
+ rs->sr_err = SLAPD_DISCONNECT;
goto cleanup;
}
- pnewS = &pnewSuperior;
- nnewS = &nnewSuperior;
+ op->oq_modrdn.rs_newSup = &pnewSuperior;
+ op->oq_modrdn.rs_nnewSup = &nnewSuperior;
}
#ifdef NEW_LOGGING
Debug( LDAP_DEBUG_ANY, "do_modrdn: ber_scanf failed\n", 0, 0, 0 );
#endif
- send_ldap_disconnect( conn, op,
+ send_ldap_discon( op, rs,
LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = SLAPD_DISCONNECT;
+ rs->sr_err = SLAPD_DISCONNECT;
goto cleanup;
}
- if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR, "do_modrdn: get_ctrls failed\n", 0, 0, 0 );
#else
goto cleanup;
}
- rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn );
- if( rc != LDAP_SUCCESS ) {
+ rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn );
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_modrdn: conn %d invalid dn (%s)\n",
- conn->c_connid, dn.bv_val, 0 );
+ op->o_connid, dn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_modrdn: invalid dn (%s)\n", dn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
goto cleanup;
}
- if( ndn.bv_len == 0 ) {
+ if( op->o_req_ndn.bv_len == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_modrdn: attempt to modify root DSE.\n", 0, 0, 0 );
Debug( LDAP_DEBUG_ANY, "do_modrdn: root dse!\n", 0, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "cannot rename the root DSE", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "cannot rename the root DSE" );
goto cleanup;
- } else if ( bvmatch( &ndn, &global_schemandn ) ) {
+ } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_modrdn: attempt to modify subschema subentry: %s (%ld)\n",
global_schemandn.bv_val, (long) global_schemandn.bv_len, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "cannot rename subschema subentry", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "cannot rename subschema subentry" );
goto cleanup;
}
/* FIXME: should have/use rdnPretty / rdnNormalize routines */
- rc = dnPrettyNormal( NULL, &newrdn, &pnewrdn, &nnewrdn );
- if( rc != LDAP_SUCCESS ) {
+ rs->sr_err = dnPrettyNormal( NULL, &newrdn, &op->oq_modrdn.rs_newrdn, &op->oq_modrdn.rs_nnewrdn );
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_modrdn: conn %d invalid newrdn (%s)\n",
- conn->c_connid, newrdn.bv_val, 0 );
+ op->o_connid, newrdn.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_modrdn: invalid newrdn (%s)\n", newrdn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid new RDN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid new RDN" );
goto cleanup;
}
- if( rdnValidate( &pnewrdn ) != LDAP_SUCCESS ) {
+ if( rdnValidate( &op->oq_modrdn.rs_newrdn ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
- "do_modrdn: invalid rdn (%s).\n", pnewrdn.bv_val, 0, 0 );
+ "do_modrdn: invalid rdn (%s).\n", op->oq_modrdn.rs_newrdn.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid rdn (%s)\n",
- pnewrdn.bv_val, 0, 0 );
+ op->oq_modrdn.rs_newrdn.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid new RDN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid new RDN" );
goto cleanup;
}
- if( pnewS ) {
- rc = dnPrettyNormal( NULL, &newSuperior, &pnewSuperior,
+ if( op->oq_modrdn.rs_newSup ) {
+ rs->sr_err = dnPrettyNormal( NULL, &newSuperior, &pnewSuperior,
&nnewSuperior );
- if( rc != LDAP_SUCCESS ) {
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_modrdn: conn %d invalid newSuperior (%s)\n",
- conn->c_connid, newSuperior.bv_val, 0 );
+ op->o_connid, newSuperior.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_modrdn: invalid newSuperior (%s)\n",
newSuperior.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid newSuperior", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid newSuperior" );
goto cleanup;
}
}
Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu MODRDN dn=\"%s\"\n",
- op->o_connid, op->o_opid, pdn.bv_val, 0, 0 );
+ op->o_connid, op->o_opid, op->o_req_dn.bv_val, 0, 0 );
manageDSAit = get_manageDSAit( op );
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
- if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) {
- BerVarray ref = referral_rewrite( default_referral,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
+ if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, ref ? ref : default_referral, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( ref );
+ if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
goto cleanup;
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
/* check for referrals */
- rc = backend_check_referrals( be, conn, op, &pdn, &ndn );
- if ( rc != LDAP_SUCCESS ) {
+ if ( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) {
goto cleanup;
}
/* Make sure that the entry being changed and the newSuperior are in
* the same backend, otherwise we return an error.
*/
- if( pnewS ) {
+ if( op->oq_modrdn.rs_newSup ) {
newSuperior_be = select_backend( &nnewSuperior, 0, 0 );
- if ( newSuperior_be != be ) {
- /* newSuperior is in same backend */
- rc = LDAP_AFFECTS_MULTIPLE_DSAS;
-
- send_ldap_result( conn, op, rc,
- NULL, "cannot rename between DSAa", NULL, NULL );
+ if ( newSuperior_be != op->o_bd ) {
+ /* newSuperior is in different backend */
+ send_ldap_error( op, rs, LDAP_AFFECTS_MULTIPLE_DSAS,
+ "cannot rename between DSAs" );
goto cleanup;
}
}
#if defined( LDAP_SLAPI )
- slapi_x_backend_set_pb( pb, be );
- slapi_x_connection_set_pb( pb, conn );
+ slapi_x_backend_set_pb( pb, op->o_bd );
+ slapi_x_connection_set_pb( pb, op->o_conn );
slapi_x_operation_set_pb( pb, op );
slapi_pblock_set( pb, SLAPI_MODRDN_TARGET, (void *)dn.bv_val );
slapi_pblock_set( pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn.bv_val );
slapi_pblock_set( pb, SLAPI_MODRDN_DELOLDRDN, (void *)deloldrdn );
slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit );
- rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_MODRDN_FN, pb );
- if ( rc != 0 ) {
+ rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_MODRDN_FN, pb );
+ if ( rs->sr_err != 0 ) {
/*
* A preoperation plugin failure will abort the
* entire operation.
Debug(LDAP_DEBUG_TRACE, "do_modrdn: modrdn preoperation plugin "
"failed.\n", 0, 0, 0);
#endif
- if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0)
- rc = LDAP_OTHER;
+ if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0)
+ rs->sr_err = LDAP_OTHER;
goto cleanup;
}
#endif /* defined( LDAP_SLAPI ) */
/*
- * do the add if 1 && (2 || 3)
- * 1) there is an add function implemented in this backend;
+ * do the modrdn if 1 && (2 || 3)
+ * 1) there is a modrdn function implemented in this backend;
* 2) this backend is master for what it holds;
* 3) it's a replica and the dn supplied is the update_ndn.
*/
- if ( be->be_modrdn ) {
+ if ( op->o_bd->be_modrdn ) {
/* do the update here */
- int repl_user = be_isupdate( be, &op->o_ndn );
+ int repl_user = be_isupdate( op->o_bd, &op->o_ndn );
#ifndef SLAPD_MULTIMASTER
- if ( !be->be_update_ndn.bv_len || repl_user )
+ if ( !op->o_bd->be_update_ndn.bv_len || repl_user )
#endif
{
- if ( (*be->be_modrdn)( be, conn, op, &pdn, &ndn,
- &pnewrdn, &nnewrdn, deloldrdn,
- pnewS, nnewS ) == 0
+ op->oq_modrdn.rs_deleteoldrdn = deloldrdn;
+ if ( (op->o_bd->be_modrdn)( op, rs ) == 0
#ifdef SLAPD_MULTIMASTER
- && ( !be->be_update_ndn.bv_len || !repl_user )
+ && ( !op->o_bd->be_update_ndn.bv_len || !repl_user )
#endif
) {
- struct slap_replog_moddn moddn;
- moddn.newrdn = &pnewrdn;
- moddn.deloldrdn = deloldrdn;
- moddn.newsup = &pnewSuperior;
-
- replog( be, op, &pdn, &ndn, &moddn );
+ replog( op );
}
#ifndef SLAPD_MULTIMASTER
} else {
- BerVarray defref = be->be_update_refs
- ? be->be_update_refs : default_referral;
- BerVarray ref = referral_rewrite( defref,
- NULL, &pdn, LDAP_SCOPE_DEFAULT );
+ BerVarray defref = op->o_bd->be_update_refs
+ ? op->o_bd->be_update_refs : default_referral;
+ rs->sr_ref = referral_rewrite( defref,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
+ if (!rs->sr_ref) rs->sr_ref = defref;
- send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL,
- ref ? ref : defref, NULL );
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( ref );
+ if (rs->sr_ref != defref) ber_bvarray_free( rs->sr_ref );
#endif
}
} else {
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
#if defined( LDAP_SLAPI )
- if ( doPluginFNs( be, SLAPI_PLUGIN_POST_MODRDN_FN, pb ) != 0 ) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_MODRDN_FN, pb ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_modrdn: modrdn postoperation plugins "
"failed\n", 0, 0, 0 );
#endif /* defined( LDAP_SLAPI ) */
cleanup:
- free( pdn.bv_val );
- free( ndn.bv_val );
+ free( op->o_req_dn.bv_val );
+ free( op->o_req_ndn.bv_val );
- free( pnewrdn.bv_val );
- free( nnewrdn.bv_val );
+ free( op->oq_modrdn.rs_newrdn.bv_val );
+ free( op->oq_modrdn.rs_nnewrdn.bv_val );
if ( pnewSuperior.bv_val ) free( pnewSuperior.bv_val );
if ( nnewSuperior.bv_val ) free( nnewSuperior.bv_val );
- return rc;
+ return rs->sr_err;
}
int
slap_modrdn2mods(
- Backend *be,
- Connection *conn,
Operation *op,
+ SlapReply *rs,
Entry *e,
LDAPRDN *old_rdn,
LDAPRDN *new_rdn,
- int deleteoldrdn,
Modifications **pmod )
{
- int rc = LDAP_SUCCESS;
- const char *text;
Modifications *mod = NULL;
int a_cnt, d_cnt;
assert( new_rdn != NULL );
- assert( !deleteoldrdn || old_rdn != NULL );
+ assert( !op->oq_modrdn.rs_deleteoldrdn || old_rdn != NULL );
/* Add new attribute values to the entry */
for ( a_cnt = 0; new_rdn[0][a_cnt]; a_cnt++ ) {
AttributeDescription *desc = NULL;
Modifications *mod_tmp;
- rc = slap_bv2ad( &new_rdn[0][a_cnt]->la_attr, &desc, &text );
+ rs->sr_err = slap_bv2ad( &new_rdn[0][a_cnt]->la_attr, &desc, &rs->sr_text );
- if ( rc != LDAP_SUCCESS ) {
+ if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"slap_modrdn2modlist: %s: %s (new)\n",
- text,
+ rs->sr_text,
new_rdn[ 0 ][ a_cnt ]->la_attr.bv_val, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"slap_modrdn2modlist: %s: %s (new)\n",
- text,
+ rs->sr_text,
new_rdn[ 0 ][ a_cnt ]->la_attr.bv_val, 0 );
#endif
goto done;
}
/* ACL check of newly added attrs */
- if ( be && !access_allowed( be, conn, op, e, desc,
+ if ( op->o_bd && !access_allowed( op, e, desc,
&new_rdn[0][a_cnt]->la_value, ACL_WRITE, NULL ) ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"(new) not allowed\n",
new_rdn[0][ a_cnt ]->la_attr.bv_val, 0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto done;
}
}
/* Remove old rdn value if required */
- if ( deleteoldrdn ) {
+ if ( op->oq_modrdn.rs_deleteoldrdn ) {
for ( d_cnt = 0; old_rdn[0][d_cnt]; d_cnt++ ) {
AttributeDescription *desc = NULL;
Modifications *mod_tmp;
- rc = slap_bv2ad( &old_rdn[0][d_cnt]->la_attr, &desc, &text );
- if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = slap_bv2ad( &old_rdn[0][d_cnt]->la_attr, &desc, &rs->sr_text );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"slap_modrdn2modlist: %s: %s (old)\n",
- text,
+ rs->sr_text,
old_rdn[0][d_cnt]->la_attr.bv_val,
0 );
#else
Debug( LDAP_DEBUG_TRACE,
"slap_modrdn2modlist: %s: %s (old)\n",
- text,
+ rs->sr_text,
old_rdn[0][d_cnt]->la_attr.bv_val,
0 );
#endif
}
/* ACL check of newly added attrs */
- if ( be && !access_allowed( be, conn, op, e, desc,
+ if ( op->o_bd && !access_allowed( op, e, desc,
&old_rdn[0][d_cnt]->la_value, ACL_WRITE,
NULL ) ) {
#ifdef NEW_LOGGING
old_rdn[ 0 ][ d_cnt ]->la_attr.bv_val,
0, 0 );
#endif
- rc = LDAP_INSUFFICIENT_ACCESS;
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto done;
}
done:
/* LDAP v2 supporting correct attribute handling. */
- if ( rc != LDAP_SUCCESS && mod != NULL ) {
+ if ( rs->sr_err != LDAP_SUCCESS && mod != NULL ) {
Modifications *tmp;
for ( ; mod; mod = tmp ) {
tmp = mod->sml_next;
*pmod = mod;
- return rc;
+ return rs->sr_err;
}
#include <lutil.h>
int passwd_extop(
- Connection *conn, Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl ***rspctrls,
- const char **text,
- BerVarray *refs )
+ Operation *op,
+ SlapReply *rs )
{
- Backend *be;
- int rc;
-
- assert( reqoid != NULL );
- assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 );
+ assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 );
if( op->o_dn.bv_len == 0 ) {
- *text = "only authenticated users may change passwords";
+ rs->sr_text = "only authenticated users may change passwords";
return LDAP_STRONG_AUTH_REQUIRED;
}
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- be = conn->c_authz_backend;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ op->o_bd = op->o_conn->c_authz_backend;
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
- if( be && !be->be_extended ) {
- *text = "operation not supported for current user";
+ if( op->o_bd && !op->o_bd->be_extended ) {
+ rs->sr_text = "operation not supported for current user";
return LDAP_UNWILLING_TO_PERFORM;
}
- {
- rc = backend_check_restrictions( be, conn, op,
- (struct berval *)&slap_EXOP_MODIFY_PASSWD, text );
+ if (backend_check_restrictions( op, rs,
+ (struct berval *)&slap_EXOP_MODIFY_PASSWD ) != LDAP_SUCCESS) {
+ return rs->sr_err;
}
- if( rc != LDAP_SUCCESS ) {
- return rc;
- }
-
- if( be == NULL ) {
+ if( op->o_bd == NULL ) {
#ifdef HAVE_CYRUS_SASL
- rc = slap_sasl_setpass( conn, op,
- reqoid, reqdata,
- rspoid, rspdata, rspctrls,
- text );
+ rs->sr_err = slap_sasl_setpass( op, rs );
#else
- *text = "no authz backend";
- rc = LDAP_OTHER;
+ rs->sr_text = "no authz backend";
+ rs->sr_err = LDAP_OTHER;
#endif
#ifndef SLAPD_MULTIMASTER
/* This does not apply to multi-master case */
- } else if( be->be_update_ndn.bv_len ) {
+ } else if( op->o_bd->be_update_ndn.bv_len ) {
/* we SHOULD return a referral in this case */
- *refs = referral_rewrite( be->be_update_refs,
+ rs->sr_ref = referral_rewrite( op->o_bd->be_update_refs,
NULL, NULL, LDAP_SCOPE_DEFAULT );
- rc = LDAP_REFERRAL;
+ rs->sr_err = LDAP_REFERRAL;
#endif /* !SLAPD_MULTIMASTER */
} else {
- rc = be->be_extended(
- be, conn, op,
- reqoid, reqdata,
- rspoid, rspdata, rspctrls,
- text, refs );
+ rs->sr_err = op->o_bd->be_extended( op, rs );
}
- return rc;
+ return rs->sr_err;
}
int slap_passwd_parse( struct berval *reqdata,
* acl.c
*/
LDAP_SLAPD_F (int) access_allowed LDAP_P((
- Backend *be, Connection *conn, Operation *op,
+ Operation *op,
Entry *e, AttributeDescription *desc, struct berval *val,
slap_access_t access,
AccessControlState *state ));
LDAP_SLAPD_F (int) acl_check_modlist LDAP_P((
- Backend *be, Connection *conn, Operation *op,
- Entry *e, Modifications *ml ));
+ Operation *op, Entry *e, Modifications *ml ));
LDAP_SLAPD_F (void) acl_append( AccessControl **l, AccessControl *a );
struct berval *suffix ));
LDAP_SLAPD_F (int) be_isroot LDAP_P(( Backend *be,
struct berval *ndn ));
-LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Backend *be,
- Connection *conn, struct berval *ndn, struct berval *cred ));
+LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Operation *op ));
LDAP_SLAPD_F (int) be_isupdate LDAP_P(( Backend *be, struct berval *ndn ));
LDAP_SLAPD_F (struct berval *) be_root_dn LDAP_P(( Backend *be ));
-LDAP_SLAPD_F (int) be_entry_get_rw LDAP_P(( BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
+LDAP_SLAPD_F (int) be_entry_get_rw LDAP_P(( struct slap_op *o,
struct berval *ndn, ObjectClass *oc,
AttributeDescription *at, int rw, Entry **e ));
LDAP_SLAPD_F (int) be_entry_release_rw LDAP_P((
- BackendDB *be, Connection *c, Operation *o, Entry *e, int rw ));
-#define be_entry_release_r( be, c, o, e ) be_entry_release_rw( be, c, o, e, 0 )
-#define be_entry_release_w( be, c, o, e ) be_entry_release_rw( be, c, o, e, 1 )
+ Operation *o, Entry *e, int rw ));
+#define be_entry_release_r( o, e ) be_entry_release_rw( o, e, 0 )
+#define be_entry_release_w( o, e ) be_entry_release_rw( o, e, 1 )
-LDAP_SLAPD_F (int) backend_unbind LDAP_P((Connection *conn, Operation *op));
+LDAP_SLAPD_F (int) backend_unbind LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) backend_connection_init LDAP_P((Connection *conn));
+LDAP_SLAPD_F (int) backend_connection_destroy LDAP_P((Connection *conn));
LDAP_SLAPD_F( int ) backend_check_restrictions LDAP_P((
- BackendDB *be,
- Connection *conn,
Operation *op,
- struct berval *opdata,
- const char **text ));
+ SlapReply *rs,
+ struct berval *opdata ));
LDAP_SLAPD_F( int ) backend_check_referrals LDAP_P((
- BackendDB *be,
- Connection *conn,
Operation *op,
- struct berval *dn,
- struct berval *ndn ));
-
-LDAP_SLAPD_F (int) backend_connection_init LDAP_P((Connection *conn));
-LDAP_SLAPD_F (int) backend_connection_destroy LDAP_P((Connection *conn));
+ SlapReply *rs ));
-LDAP_SLAPD_F (int) backend_group LDAP_P((BackendDB *be,
- Connection *conn,
+LDAP_SLAPD_F (int) backend_group LDAP_P((
Operation *op,
Entry *target,
struct berval *gr_ndn,
AttributeDescription *group_at
));
-LDAP_SLAPD_F (int) backend_attribute LDAP_P((BackendDB *be,
- Connection *conn,
+LDAP_SLAPD_F (int) backend_attribute LDAP_P((
Operation *op,
Entry *target,
struct berval *entry_ndn,
));
LDAP_SLAPD_F (Attribute *) backend_operational(
- BackendDB *,
- Connection *conn,
Operation *op,
- Entry *e,
- AttributeName *attrs,
+ SlapReply *rs,
int opattrs );
/*
* controls.c
*/
LDAP_SLAPD_F (int) get_ctrls LDAP_P((
- Connection *co,
Operation *op,
+ SlapReply *rs,
int senderrors ));
LDAP_SLAPD_F (int) register_supported_control LDAP_P((
const char *controloid,
const struct berval slap_EXOP_MODIFY_PASSWD;
const struct berval slap_EXOP_START_TLS;
-typedef int (SLAP_EXTOP_MAIN_FN) LDAP_P((
- Connection *conn, Operation *op,
- struct berval * reqoid,
- struct berval * reqdata,
- char ** rspoid,
- struct berval ** rspdata,
- LDAPControl *** rspctrls,
- const char ** text,
- BerVarray *refs ));
+typedef int (SLAP_EXTOP_MAIN_FN) LDAP_P(( Operation *op, SlapReply *rs ));
typedef int (SLAP_EXTOP_GETOID_FN) LDAP_P((
int index, struct berval *oid, int blen ));
* filterentry.c
*/
-LDAP_SLAPD_F (int) test_filter LDAP_P((
- Backend *be, Connection *conn, Operation *op,
- Entry *e, Filter *f ));
+LDAP_SLAPD_F (int) test_filter LDAP_P(( Operation *op, Entry *e, Filter *f ));
/*
* globals.c
* matchedValues.c
*/
LDAP_SLAPD_F (int) filter_matched_values(
- Backend *be,
- Connection *conn,
Operation *op,
Attribute *a,
char ***e_flags );
* modrdn.c
*/
LDAP_SLAPD_F (int) slap_modrdn2mods(
- Backend *be,
- Connection *conn,
Operation *op,
+ SlapReply *rs,
Entry *e,
LDAPRDN *oldrdn,
LDAPRDN *newrdn,
- int deleteoldrdn,
Modifications **pmod );
/*
char *textbuf, size_t textlen );
LDAP_SLAPD_F( int ) slap_mods_opattrs(
- Backend *be,
Operation *op,
Modifications *mods,
Modifications **modlist,
const char *url ));
LDAP_SLAPD_F (BerVarray) get_entry_referrals LDAP_P((
- Backend *be, Connection *conn, Operation *op, Entry *e ));
+ Operation *op, Entry *e ));
LDAP_SLAPD_F (BerVarray) referral_rewrite LDAP_P((
BerVarray refs,
int nr, const char *suffix ));
LDAP_SLAPD_F (int) add_replica_attrs LDAP_P(( Backend *be,
int nr, char *attrs, int exclude ));
-LDAP_SLAPD_F (void) replog LDAP_P(( Backend *be, Operation *op,
- struct berval *dn, struct berval *ndn, void *change ));
+LDAP_SLAPD_F (void) replog LDAP_P(( Operation *op ));
/*
* result.c
*/
-LDAP_SLAPD_F (void) slap_send_ldap_result LDAP_P((
- Connection *conn, Operation *op,
- ber_int_t err, const char *matched, const char *text,
- BerVarray refs,
- LDAPControl **ctrls ));
-
-LDAP_SLAPD_F (void) send_ldap_sasl LDAP_P((
- Connection *conn, Operation *op,
- ber_int_t err, const char *matched,
- const char *text,
- BerVarray refs,
- LDAPControl **ctrls,
- struct berval *cred ));
-
-LDAP_SLAPD_F (void) send_ldap_disconnect LDAP_P((
- Connection *conn, Operation *op,
- ber_int_t err, const char *text ));
-
-LDAP_SLAPD_F (void) slap_send_ldap_extended LDAP_P((
- Connection *conn, Operation *op,
- ber_int_t err, const char *matched,
- const char *text, BerVarray refs,
- const char *rspoid, struct berval *rspdata,
- LDAPControl **ctrls ));
-
-LDAP_SLAPD_F (void) slap_send_ldap_intermediate_resp LDAP_P((
- Connection *conn, Operation *op,
- ber_int_t err, const char *matched,
- const char *text, BerVarray refs,
- const char *rspoid, struct berval *rspdata,
- LDAPControl **ctrls ));
-
-LDAP_SLAPD_F (void) send_ldap_partial LDAP_P((
- Connection *conn, Operation *op,
- const char *rspoid, struct berval *rspdata,
- LDAPControl **ctrls ));
-
-LDAP_SLAPD_F (void) slap_send_search_result LDAP_P((
- Connection *conn, Operation *op,
- ber_int_t err, const char *matched, const char *text,
- BerVarray refs,
- LDAPControl **ctrls,
- int nentries ));
-
-LDAP_SLAPD_F (int) slap_send_search_reference LDAP_P((
- Backend *be, Connection *conn, Operation *op,
- Entry *e, BerVarray refs,
- LDAPControl **ctrls,
- BerVarray *v2refs ));
-
-LDAP_SLAPD_F (int) slap_send_search_entry LDAP_P((
- Backend *be, Connection *conn, Operation *op,
- Entry *e, AttributeName *attrs, int attrsonly,
- LDAPControl **ctrls ));
+LDAP_SLAPD_F (void) slap_send_ldap_result LDAP_P(( Operation *op, SlapReply *rs ));
+LDAP_SLAPD_F (void) send_ldap_sasl LDAP_P(( Operation *op, SlapReply *rs ));
+LDAP_SLAPD_F (void) send_ldap_disconnect LDAP_P(( Operation *op, SlapReply *rs ));
+LDAP_SLAPD_F (void) slap_send_ldap_extended LDAP_P(( Operation *op, SlapReply *rs ));
+LDAP_SLAPD_F (void) slap_send_ldap_intermediate_resp LDAP_P(( Operation *op, SlapReply *rs ));
+LDAP_SLAPD_F (void) slap_send_search_result LDAP_P(( Operation *op, SlapReply *rs ));
+LDAP_SLAPD_F (int) slap_send_search_reference LDAP_P(( Operation *op, SlapReply *rs ));
+LDAP_SLAPD_F (int) slap_send_search_entry LDAP_P(( Operation *op, SlapReply *rs ));
LDAP_SLAPD_F (int) str2result LDAP_P(( char *s,
int *code, char **matched, char **info ));
LDAP_SLAPD_F (int) slap_sasl_reset( Connection *c );
LDAP_SLAPD_F (int) slap_sasl_close( Connection *c );
-LDAP_SLAPD_F (int) slap_sasl_bind LDAP_P((
- Connection *conn, Operation *op,
- struct berval *dn, struct berval *ndn,
- struct berval *cred,
- struct berval *edn, slap_ssf_t *ssf ));
+LDAP_SLAPD_F (int) slap_sasl_bind LDAP_P(( Operation *op, SlapReply *rs ));
LDAP_SLAPD_F (int) slap_sasl_setpass(
- Connection *conn,
Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char **text );
+ SlapReply *rs );
LDAP_SLAPD_F (int) slap_sasl_config(
int cargc,
/*
* operations
*/
-LDAP_SLAPD_F (int) do_abandon LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_add LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_bind LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_compare LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_delete LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_modify LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_modrdn LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_search LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_unbind LDAP_P((Connection *conn, Operation *op));
-LDAP_SLAPD_F (int) do_extended LDAP_P((Connection *conn, Operation *op));
+LDAP_SLAPD_F (int) do_abandon LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_add LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_bind LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_compare LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_delete LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_modify LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_modrdn LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_search LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_unbind LDAP_P((Operation *op, SlapReply *rs));
+LDAP_SLAPD_F (int) do_extended LDAP_P((Operation *op, SlapReply *rs));
LDAP_END_DECL
BerVarray get_entry_referrals(
- Backend *be,
- Connection *conn,
Operation *op,
Entry *e )
{
static void
print_vals( FILE *fp, struct berval *type, struct berval *bv );
static void
-replog1( struct slap_replica_info *ri, Operation *op, void *change, FILE *fp, void *first);
+replog1( struct slap_replica_info *ri, Operation *op, FILE *fp, void *first);
void
-replog(
- Backend *be,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- void *change
-)
+replog( Operation *op )
{
Modifications *ml = NULL;
Attribute *a = NULL;
- Entry *e;
FILE *fp, *lfp;
int i;
/* undef NO_LOG_WHEN_NO_REPLICAS */
int subsets = 0;
long now = slap_get_time();
- if ( be->be_replogfile == NULL && replogfile == NULL ) {
+ if ( op->o_bd->be_replogfile == NULL && replogfile == NULL ) {
return;
}
ldap_pvt_thread_mutex_lock( &replog_mutex );
- if ( (fp = lock_fopen( be->be_replogfile ? be->be_replogfile :
+ if ( (fp = lock_fopen( op->o_bd->be_replogfile ? op->o_bd->be_replogfile :
replogfile, "a", &lfp )) == NULL ) {
ldap_pvt_thread_mutex_unlock( &replog_mutex );
return;
}
- for ( i = 0; be->be_replica != NULL && be->be_replica[i] != NULL; i++ ) {
+ for ( i = 0; op->o_bd->be_replica != NULL && op->o_bd->be_replica[i] != NULL; i++ ) {
/* check if dn's suffix matches legal suffixes, if any */
- if ( be->be_replica[i]->ri_nsuffix != NULL ) {
+ if ( op->o_bd->be_replica[i]->ri_nsuffix != NULL ) {
int j;
- for ( j = 0; be->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) {
- if ( dnIsSuffix( ndn, &be->be_replica[i]->ri_nsuffix[j] ) ) {
+ for ( j = 0; op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) {
+ if ( dnIsSuffix( &op->o_req_ndn, &op->o_bd->be_replica[i]->ri_nsuffix[j] ) ) {
break;
}
}
- if ( !be->be_replica[i]->ri_nsuffix[j].bv_val ) {
+ if ( !op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val ) {
/* do not add "replica:" line */
continue;
}
}
/* See if we only want a subset of attributes */
- if ( be->be_replica[i]->ri_attrs != NULL &&
+ if ( op->o_bd->be_replica[i]->ri_attrs != NULL &&
( op->o_tag == LDAP_REQ_MODIFY || op->o_tag == LDAP_REQ_ADD || op->o_tag == LDAP_REQ_EXTENDED ) ) {
if ( !subsets ) {
subsets = i + 1;
continue;
}
- fprintf( fp, "replica: %s\n", be->be_replica[i]->ri_host );
+ fprintf( fp, "replica: %s\n", op->o_bd->be_replica[i]->ri_host );
#ifdef NO_LOG_WHEN_NO_REPLICAS
++count;
#endif
#endif
fprintf( fp, "time: %ld\n", now );
- fprintf( fp, "dn: %s\n", dn->bv_val );
+ fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val );
- replog1( NULL, op, change, fp, NULL );
+ replog1( NULL, op, fp, NULL );
if ( subsets > 0 ) {
void *first;
- for ( i = subsets - 1; be->be_replica != NULL && be->be_replica[i] != NULL; i++ ) {
+ for ( i = subsets - 1; op->o_bd->be_replica != NULL && op->o_bd->be_replica[i] != NULL; i++ ) {
/* If no attrs, we already did this above */
- if ( be->be_replica[i]->ri_attrs == NULL ) {
+ if ( op->o_bd->be_replica[i]->ri_attrs == NULL ) {
continue;
}
/* check if dn's suffix matches legal suffixes, if any */
- if ( be->be_replica[i]->ri_nsuffix != NULL ) {
+ if ( op->o_bd->be_replica[i]->ri_nsuffix != NULL ) {
int j;
- for ( j = 0; be->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) {
- if ( dnIsSuffix( ndn, &be->be_replica[i]->ri_nsuffix[j] ) ) {
+ for ( j = 0; op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) {
+ if ( dnIsSuffix( &op->o_req_ndn, &op->o_bd->be_replica[i]->ri_nsuffix[j] ) ) {
break;
}
}
- if ( !be->be_replica[i]->ri_nsuffix[j].bv_val ) {
+ if ( !op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val ) {
/* do not add "replica:" line */
continue;
}
/* assume change parameter is a Modfications* */
/* fall thru */
case LDAP_REQ_MODIFY:
- for ( ml = change; ml != NULL; ml = ml->sml_next ) {
+ for ( ml = op->oq_modify.rs_modlist; ml != NULL; ml = ml->sml_next ) {
int is_in, exclude;
- is_in = ad_inlist( ml->sml_desc, be->be_replica[i]->ri_attrs );
- exclude = be->be_replica[i]->ri_exclude;
+ is_in = ad_inlist( ml->sml_desc, op->o_bd->be_replica[i]->ri_attrs );
+ exclude = op->o_bd->be_replica[i]->ri_exclude;
/*
* there might be a more clever way to do this test,
}
break;
case LDAP_REQ_ADD:
- e = change;
- for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
+ for ( a = op->oq_add.rs_e->e_attrs; a != NULL; a = a->a_next ) {
int is_in, exclude;
- is_in = ad_inlist( a->a_desc, be->be_replica[i]->ri_attrs );
- exclude = be->be_replica[i]->ri_exclude;
+ is_in = ad_inlist( a->a_desc, op->o_bd->be_replica[i]->ri_attrs );
+ exclude = op->o_bd->be_replica[i]->ri_exclude;
if ( ( is_in && !exclude ) || ( !is_in && exclude ) ) {
subsets = 1;
/* Other operations were logged in the first pass */
continue;
}
- fprintf( fp, "replica: %s\n", be->be_replica[i]->ri_host );
+ fprintf( fp, "replica: %s\n", op->o_bd->be_replica[i]->ri_host );
fprintf( fp, "time: %ld\n", now );
- fprintf( fp, "dn: %s\n", dn->bv_val );
- replog1( be->be_replica[i], op, change, fp, first );
+ fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val );
+ replog1( op->o_bd->be_replica[i], op, fp, first );
}
}
replog1(
struct slap_replica_info *ri,
Operation *op,
- void *change,
FILE *fp,
void *first
)
{
Modifications *ml;
Attribute *a;
- Entry *e;
- struct slap_replog_moddn *moddn;
switch ( op->o_tag ) {
case LDAP_REQ_EXTENDED:
case LDAP_REQ_MODIFY:
fprintf( fp, "changetype: modify\n" );
- ml = first ? first : change;
+ ml = first ? first : op->oq_modify.rs_modlist;
for ( ; ml != NULL; ml = ml->sml_next ) {
char *type;
if ( ri && ri->ri_attrs ) {
break;
case LDAP_REQ_ADD:
- e = change;
fprintf( fp, "changetype: add\n" );
- a = first ? first : e->e_attrs;
+ a = first ? first : op->oq_add.rs_e->e_attrs;
for ( ; a != NULL; a=a->a_next ) {
if ( ri && ri->ri_attrs ) {
int is_in = ad_inlist( a->a_desc, ri->ri_attrs );
break;
case LDAP_REQ_MODRDN:
- moddn = change;
fprintf( fp, "changetype: modrdn\n" );
- fprintf( fp, "newrdn: %s\n", moddn->newrdn->bv_val );
- fprintf( fp, "deleteoldrdn: %d\n", moddn->deloldrdn ? 1 : 0 );
- /* moddn->newsup is never NULL, see modrdn.c */
- if( moddn->newsup->bv_val != NULL ) {
- fprintf( fp, "newsuperior: %s\n", moddn->newsup->bv_val );
+ fprintf( fp, "newrdn: %s\n", op->oq_modrdn.rs_newrdn.bv_val );
+ fprintf( fp, "deleteoldrdn: %d\n", op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 );
+ if( op->oq_modrdn.rs_newSup != NULL ) {
+ fprintf( fp, "newsuperior: %s\n", op->oq_modrdn.rs_newSup->bv_val );
}
}
fprintf( fp, "\n" );
static void
send_ldap_response(
- Connection *conn,
- Operation *op,
- ber_tag_t tag,
- ber_int_t msgid,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray ref,
- const char *resoid,
- struct berval *resdata,
- struct berval *sasldata,
- LDAPControl **ctrls
-)
+ Operation *op,
+ SlapReply *rs )
{
char berbuf[LBER_ELEMENT_SIZEOF];
BerElement *ber = (BerElement *)berbuf;
long bytes;
if (op->o_callback && op->o_callback->sc_response) {
- op->o_callback->sc_response( conn, op, tag, msgid, err, matched,
- text, ref, resoid, resdata, sasldata, ctrls );
+ op->o_callback->sc_response( op, rs );
return;
}
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp)
+ if (op->o_conn && op->o_conn->c_is_udp)
ber = op->o_res_ber;
else
#endif
-
ber_init_w_nullc( ber, LBER_USE_DER );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"send_ldap_response: msgid=%d tag=%lu err=%d\n",
- msgid, tag, err );
+ rs->sr_msgid, rs->sr_tag, rs->sr_err );
#else
Debug( LDAP_DEBUG_TRACE,
"send_ldap_response: msgid=%d tag=%lu err=%d\n",
- msgid, tag, err );
+ rs->sr_msgid, rs->sr_tag, rs->sr_err );
#endif
- if( ref ) {
+ if( rs->sr_ref ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"send_ldap_response: conn %lu ref=\"%s\"\n",
- conn ? conn->c_connid : 0,
- ref[0].bv_val ? ref[0].bv_val : "NULL" , 0 );
+ op->o_connid,
+ rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL" , 0 );
#else
Debug( LDAP_DEBUG_ARGS, "send_ldap_response: ref=\"%s\"\n",
- ref[0].bv_val ? ref[0].bv_val : "NULL",
+ rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL",
NULL, NULL );
#endif
}
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp && op->o_protocol == LDAP_VERSION2) {
+ if (op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2) {
rc = ber_printf( ber, "t{ess" /*"}}"*/,
- tag, err,
- matched == NULL ? "" : matched,
- text == NULL ? "" : text );
+ rs->sr_tag, rs->sr_err,
+ rs->sr_matched == NULL ? "" : rs->sr_matched,
+ rs->sr_text == NULL ? "" : rs->sr_text );
} else
#endif
{
rc = ber_printf( ber, "{it{ess" /*"}}"*/,
- msgid, tag, err,
- matched == NULL ? "" : matched,
- text == NULL ? "" : text );
+ rs->sr_msgid, rs->sr_tag, rs->sr_err,
+ rs->sr_matched == NULL ? "" : rs->sr_matched,
+ rs->sr_text == NULL ? "" : rs->sr_text );
}
if( rc != -1 ) {
- if ( ref != NULL ) {
- assert( err == LDAP_REFERRAL );
+ if ( rs->sr_ref != NULL ) {
+ assert( rs->sr_err == LDAP_REFERRAL );
rc = ber_printf( ber, "t{W}",
- LDAP_TAG_REFERRAL, ref );
+ LDAP_TAG_REFERRAL, rs->sr_ref );
} else {
- assert( err != LDAP_REFERRAL );
+ assert( rs->sr_err != LDAP_REFERRAL );
}
}
- if( rc != -1 && sasldata != NULL ) {
+ if( rc != -1 && rs->sr_type == REP_SASL && rs->sr_sasldata != NULL ) {
rc = ber_printf( ber, "tO",
- LDAP_TAG_SASL_RES_CREDS, sasldata );
- }
-
- if( rc != -1 && resoid != NULL ) {
- rc = ber_printf( ber, "ts",
- LDAP_TAG_EXOP_RES_OID, resoid );
+ LDAP_TAG_SASL_RES_CREDS, rs->sr_sasldata );
}
- if( rc != -1 && resdata != NULL ) {
- rc = ber_printf( ber, "tO",
- LDAP_TAG_EXOP_RES_VALUE, resdata );
+ if( rc != -1 && rs->sr_type == REP_EXTENDED ) {
+ if ( rs->sr_rspoid != NULL ) {
+ rc = ber_printf( ber, "ts",
+ LDAP_TAG_EXOP_RES_OID, rs->sr_rspoid );
+ }
+ if( rc != -1 && rs->sr_rspdata != NULL ) {
+ rc = ber_printf( ber, "tO",
+ LDAP_TAG_EXOP_RES_VALUE, rs->sr_rspdata );
+ }
}
if( rc != -1 ) {
rc = ber_printf( ber, /*"{"*/ "N}" );
}
- if( rc != -1 && ctrls != NULL ) {
- rc = send_ldap_controls( ber, ctrls );
+ if( rc != -1 && rs->sr_ctrls != NULL ) {
+ rc = send_ldap_controls( ber, rs->sr_ctrls );
}
if( rc != -1 ) {
}
#ifdef LDAP_CONNECTIONLESS
- if( conn->c_is_udp && op->o_protocol == LDAP_VERSION2 && rc != -1 ) {
+ if( op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2 && rc != -1 ) {
rc = ber_printf( ber, /*"{"*/ "N}" );
}
#endif
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"send_ldap_response: conn %lu ber_printf failed\n",
- conn ? conn->c_connid : 0, 0, 0 );
+ op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
return;
}
/* send BER */
- bytes = send_ldap_ber( conn, ber );
+ bytes = send_ldap_ber( op->o_conn, ber );
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"send_ldap_response: conn %lu ber write failed\n",
- conn ? conn->c_connid : 0, 0, 0 );
+ op->o_connid : 0, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"send_ldap_response: ber write failed\n",
}
#ifdef LDAP_SLAPI
- slapi_pblock_set( op->o_pb, SLAPI_RESULT_CODE, (void *)err );
- slapi_pblock_set( op->o_pb, SLAPI_RESULT_MATCHED, ( matched != NULL ) ? (void *)ch_strdup( matched ) : NULL );
- slapi_pblock_set( op->o_pb, SLAPI_RESULT_TEXT, ( text != NULL ) ? (void *)ch_strdup( text ) : NULL );
+ slapi_pblock_set( op->o_pb, SLAPI_RESULT_CODE, (void *)rs->sr_err );
+ slapi_pblock_set( op->o_pb, SLAPI_RESULT_MATCHED, ( rs->sr_matched != NULL ) ? (void *)ch_strdup( rs->sr_matched ) : NULL );
+ slapi_pblock_set( op->o_pb, SLAPI_RESULT_TEXT, ( rs->sr_text != NULL ) ? (void *)ch_strdup( rs->sr_text ) : NULL );
#endif /* LDAP_SLAPI */
ldap_pvt_thread_mutex_lock( &num_sent_mutex );
void
-send_ldap_disconnect(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *text
-)
+send_ldap_disconnect( Operation *op, SlapReply *rs )
{
- ber_tag_t tag;
- ber_int_t msgid;
- char *reqoid;
-
#define LDAP_UNSOLICITED_ERROR(e) \
( (e) == LDAP_PROTOCOL_ERROR \
|| (e) == LDAP_STRONG_AUTH_REQUIRED \
|| (e) == LDAP_UNAVAILABLE )
- assert( LDAP_UNSOLICITED_ERROR( err ) );
+ assert( LDAP_UNSOLICITED_ERROR( rs->sr_err ) );
+
+ rs->sr_type = REP_EXTENDED;
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"send_ldap_disconnect: conn %lu %d:%s\n",
- conn ? conn->c_connid : 0, err, text ? text : "" );
+ op->o_connid, rs->sr_err, rs->sr_text ? rs->sr_text : "" );
#else
Debug( LDAP_DEBUG_TRACE,
"send_ldap_disconnect %d:%s\n",
- err, text ? text : "", NULL );
+ rs->sr_err, rs->sr_text ? rs->sr_text : "", NULL );
#endif
if ( op->o_protocol < LDAP_VERSION3 ) {
- reqoid = NULL;
- tag = req2res( op->o_tag );
- msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0;
+ rs->sr_rspoid = NULL;
+ rs->sr_tag = req2res( op->o_tag );
+ rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
} else {
- reqoid = LDAP_NOTICE_DISCONNECT;
- tag = LDAP_RES_EXTENDED;
- msgid = 0;
+ rs->sr_rspoid = LDAP_NOTICE_DISCONNECT;
+ rs->sr_tag = LDAP_RES_EXTENDED;
+ rs->sr_msgid = 0;
}
- send_ldap_response( conn, op, tag, msgid,
- err, NULL, text, NULL,
- reqoid, NULL, NULL, NULL );
+ send_ldap_response( op, rs );
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu DISCONNECT tag=%lu err=%d text=%s\n",
- op->o_connid, op->o_opid, tag, err, text ? text : "" );
+ op->o_connid, op->o_opid, rs->sr_tag, rs->sr_err, rs->sr_text ? rs->sr_text : "" );
}
void
-slap_send_ldap_result(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray ref,
- LDAPControl **ctrls
-)
+slap_send_ldap_result( Operation *op, SlapReply *rs )
{
- ber_tag_t tag;
- ber_int_t msgid;
char *tmp = NULL;
+ const char *otext = rs->sr_text;
+ BerVarray oref = rs->sr_ref;
- assert( !LDAP_API_ERROR( err ) );
+ assert( !LDAP_API_ERROR( rs->sr_err ) );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n",
- err, matched ? matched : "", text ? text : "" );
+ rs->sr_err, rs->sr_matched ? rs->sr_matched : "", rs->sr_text ? rs->sr_text : "" );
#else
Debug( LDAP_DEBUG_ARGS,
"send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n",
- err, matched ? matched : "", text ? text : "" );
+ rs->sr_err, rs->sr_matched ? rs->sr_matched : "", rs->sr_text ? rs->sr_text : "" );
#endif
- if( ref ) {
+ if( rs->sr_ref ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"send_ldap_result: referral=\"%s\"\n",
- ref[0].bv_val ? ref[0].bv_val : "NULL", 0, 0 );
+ rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL", 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS,
"send_ldap_result: referral=\"%s\"\n",
- ref[0].bv_val ? ref[0].bv_val : "NULL",
+ rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL",
NULL, NULL );
#endif
}
- assert( err != LDAP_PARTIAL_RESULTS );
+ assert( rs->sr_err != LDAP_PARTIAL_RESULTS );
- if ( err == LDAP_REFERRAL ) {
+ if ( rs->sr_err == LDAP_REFERRAL ) {
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
if( op->o_domain_scope ) {
- ref = NULL;
+ rs->sr_ref = NULL;
}
#endif
- if( ref == NULL ) {
- err = LDAP_NO_SUCH_OBJECT;
+ if( rs->sr_ref == NULL ) {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else if ( op->o_protocol < LDAP_VERSION3 ) {
- err = LDAP_PARTIAL_RESULTS;
+ rs->sr_err = LDAP_PARTIAL_RESULTS;
}
}
if ( op->o_protocol < LDAP_VERSION3 ) {
- tmp = v2ref( ref, text );
- text = tmp;
- ref = NULL;
+ tmp = v2ref( rs->sr_ref, rs->sr_text );
+ rs->sr_text = tmp;
+ rs->sr_ref = NULL;
}
- tag = req2res( op->o_tag );
- msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0;
+ rs->sr_tag = req2res( op->o_tag );
+ rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
- send_ldap_response( conn, op, tag, msgid,
- err, matched, text, ref,
- NULL, NULL, NULL, ctrls );
+ send_ldap_response( op, rs );
- Statslog( LDAP_DEBUG_STATS,
- "conn=%lu op=%lu RESULT tag=%lu err=%d text=%s\n",
- op->o_connid, op->o_opid, tag, err, text ? text : "" );
+ if ( rs->sr_type == REP_SRESULT ) {
+ char nbuf[64];
+ snprintf( nbuf, sizeof nbuf, "%d nentries=%d", rs->sr_err, rs->sr_nentries );
+
+ Statslog( LDAP_DEBUG_STATS,
+ "conn=%lu op=%lu SEARCH RESULT tag=%lu err=%s text=%s\n",
+ op->o_connid, op->o_opid, rs->sr_tag, nbuf, rs->sr_text ? rs->sr_text : "" );
+ } else {
+ Statslog( LDAP_DEBUG_STATS,
+ "conn=%lu op=%lu RESULT tag=%lu err=%d text=%s\n",
+ op->o_connid, op->o_opid, rs->sr_tag, rs->sr_err, rs->sr_text ? rs->sr_text : "" );
+ }
if( tmp != NULL ) {
ch_free(tmp);
}
+ rs->sr_text = otext;
+ rs->sr_ref = oref;
}
void
-send_ldap_sasl(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray ref,
- LDAPControl **ctrls,
- struct berval *cred
-)
+send_ldap_sasl( Operation *op, SlapReply *rs )
{
- ber_tag_t tag;
- ber_int_t msgid;
-
+ rs->sr_type = REP_SASL;
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"send_ldap_sasl: conn %lu err=%d len=%lu\n",
- op->o_connid, err, cred ? cred->bv_len : -1 );
+ op->o_connid, rs->sr_err, rs->sr_sasldata ? rs->sr_sasldata->bv_len : -1 );
#else
Debug( LDAP_DEBUG_TRACE, "send_ldap_sasl: err=%d len=%ld\n",
- err, cred ? (long) cred->bv_len : -1, NULL );
+ rs->sr_err, rs->sr_sasldata ? (long) rs->sr_sasldata->bv_len : -1, NULL );
#endif
+ rs->sr_tag = req2res( op->o_tag );
+ rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
- tag = req2res( op->o_tag );
- msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0;
-
- send_ldap_response( conn, op, tag, msgid,
- err, matched, text, ref,
- NULL, NULL, cred, ctrls );
+ send_ldap_response( op, rs );
}
void
-slap_send_ldap_extended(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
- struct berval *rspdata,
- LDAPControl **ctrls
-)
+slap_send_ldap_extended( Operation *op, SlapReply *rs )
{
- ber_tag_t tag;
- ber_int_t msgid;
+ rs->sr_type = REP_EXTENDED;
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"send_ldap_extended: err=%d oid=%s len=%ld\n",
- err, rspoid ? rspoid : "",
- rspdata != NULL ? rspdata->bv_len : 0 );
+ rs->sr_err, rs->sr_rspoid ? rs->sr_rspoid : "",
+ rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"send_ldap_extended: err=%d oid=%s len=%ld\n",
- err,
- rspoid ? rspoid : "",
- rspdata != NULL ? rspdata->bv_len : 0 );
+ rs->sr_err,
+ rs->sr_rspoid ? rs->sr_rspoid : "",
+ rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 );
#endif
- tag = req2res( op->o_tag );
- msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0;
+ rs->sr_tag = req2res( op->o_tag );
+ rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
- send_ldap_response( conn, op, tag, msgid,
- err, matched, text, refs,
- rspoid, rspdata, NULL, ctrls );
+ send_ldap_response( op, rs );
}
#ifdef LDAP_RES_INTERMEDIATE_RESP
void
-slap_send_ldap_intermediate_resp(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
- struct berval *rspdata,
- LDAPControl **ctrls )
+slap_send_ldap_intermediate_resp( Operation *op, SlapReply *rs )
{
- ber_tag_t tag;
- ber_int_t msgid;
+ rs->sr_type = REP_EXTENDED;
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"send_ldap_intermediate: err=%d oid=%s len=%ld\n",
- err, rspoid ? rspoid : "",
- rspdata != NULL ? rspdata->bv_len : 0 );
+ rs->sr_err, rs->sr_rspoid ? rs->sr_rspoid : "",
+ rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"send_ldap_intermediate: err=%d oid=%s len=%ld\n",
- err,
- rspoid ? rspoid : "",
- rspdata != NULL ? rspdata->bv_len : 0 );
-#endif
- tag = LDAP_RES_INTERMEDIATE_RESP;
- msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0;
- send_ldap_response( conn, op, tag, msgid,
- err, matched, text, refs,
- rspoid, rspdata, NULL, ctrls );
+ rs->sr_err,
+ rs->sr_rspoid ? rs->sr_rspoid : "",
+ rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 );
+#endif
+ rs->sr_tag = LDAP_RES_INTERMEDIATE_RESP;
+ rs->sr_msgid = op->o_msgid;
+ send_ldap_response( op, rs );
}
#endif
void
-slap_send_search_result(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- LDAPControl **ctrls,
- int nentries
-)
+slap_send_search_result( Operation *op, SlapReply *rs )
{
- ber_tag_t tag;
- ber_int_t msgid;
- char *tmp = NULL;
-
- assert( !LDAP_API_ERROR( err ) );
-
- if (op->o_callback && op->o_callback->sc_sresult) {
- op->o_callback->sc_sresult(conn, op, err, matched, text, refs,
- ctrls, nentries);
- return;
- }
-
-#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, ENTRY,
- "send_search_result: err=%d matched=\"%s\" text=\"%s\"\n",
- err, matched ? matched : "", text ? text : "" );
-#else
- Debug( LDAP_DEBUG_TRACE,
- "send_search_result: err=%d matched=\"%s\" text=\"%s\"\n",
- err, matched ? matched : "", text ? text : "" );
-#endif
-
-
- assert( err != LDAP_PARTIAL_RESULTS );
-
- if( op->o_protocol < LDAP_VERSION3 ) {
- /* send references in search results */
- if( err == LDAP_REFERRAL ) {
- err = LDAP_PARTIAL_RESULTS;
- }
-
- tmp = v2ref( refs, text );
- text = tmp;
- refs = NULL;
-
- } else {
- /* don't send references in search results */
- assert( refs == NULL );
- refs = NULL;
-
- if( err == LDAP_REFERRAL ) {
- err = LDAP_SUCCESS;
- }
- }
-
- tag = req2res( op->o_tag );
- msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0;
-
- send_ldap_response( conn, op, tag, msgid,
- err, matched, text, refs,
- NULL, NULL, NULL, ctrls );
-
- {
- char nbuf[64];
- snprintf( nbuf, sizeof nbuf, "%d nentries=%d", err, nentries );
-
- Statslog( LDAP_DEBUG_STATS,
- "conn=%lu op=%lu SEARCH RESULT tag=%lu err=%s text=%s\n",
- op->o_connid, op->o_opid, tag, nbuf, text ? text : "" );
- }
-
- if (tmp != NULL) {
- ch_free(tmp);
- }
+ rs->sr_type = REP_SRESULT;
+ slap_send_ldap_result( op, rs );
}
int
-slap_send_search_entry(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- AttributeName *attrs,
- int attrsonly,
- LDAPControl **ctrls
-)
+slap_send_search_entry( Operation *op, SlapReply *rs )
{
char berbuf[LBER_ELEMENT_SIZEOF];
BerElement *ber = (BerElement *)berbuf;
*/
char **e_flags = NULL;
+ rs->sr_type = REP_SEARCH;
if (op->o_callback && op->o_callback->sc_sendentry) {
- return op->o_callback->sc_sendentry( be, conn, op, e, attrs,
- attrsonly, ctrls );
+ return op->o_callback->sc_sendentry( op, rs );
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"send_search_entry: conn %lu dn=\"%s\"%s\n",
- op->o_connid, e->e_dn, attrsonly ? " (attrsOnly)" : "" );
+ op->o_connid, rs->sr_entry->e_name.bv_val, op->oq_search.rs_attrsonly ? " (attrsOnly)" : "" );
#else
Debug( LDAP_DEBUG_TRACE,
"=> send_search_entry: dn=\"%s\"%s\n",
- e->e_dn, attrsonly ? " (attrsOnly)" : "", 0 );
+ rs->sr_entry->e_name.bv_val, op->oq_search.rs_attrsonly ? " (attrsOnly)" : "", 0 );
#endif
- if ( ! access_allowed( be, conn, op, e,
- ad_entry, NULL, ACL_READ, NULL ) )
+ if ( ! access_allowed( op, rs->sr_entry, ad_entry, NULL, ACL_READ, NULL ) )
{
#ifdef NEW_LOGGING
LDAP_LOG( ACL, INFO,
"send_search_entry: conn %lu access to entry (%s) not allowed\n",
- op->o_connid, e->e_dn, 0 );
+ op->o_connid, rs->sr_entry->e_name.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ACL,
"send_search_entry: access to entry not allowed\n",
return( 1 );
}
- edn = e->e_ndn;
+ edn = rs->sr_entry->e_nname.bv_val;
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp)
+ if (op->o_conn && op->o_conn->c_is_udp)
ber = op->o_res_ber;
else
#endif
ber_init_w_nullc( ber, LBER_USE_DER );
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp && op->o_protocol == LDAP_VERSION2) {
+ if (op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2) {
rc = ber_printf(ber, "t{O{" /*}}*/,
- LDAP_RES_SEARCH_ENTRY, &e->e_name);
+ LDAP_RES_SEARCH_ENTRY, &rs->sr_entry->e_name);
} else
#endif
{
rc = ber_printf( ber, "{it{O{" /*}}}*/, op->o_msgid,
- LDAP_RES_SEARCH_ENTRY, &e->e_name );
+ LDAP_RES_SEARCH_ENTRY, &rs->sr_entry->e_name );
}
if ( rc == -1 ) {
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encoding DN error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encoding DN error" );
goto error_return;
}
/* check for special all user attributes ("*") type */
- userattrs = ( attrs == NULL ) ? 1
- : an_find( attrs, &AllUser );
+ userattrs = ( rs->sr_attrs == NULL ) ? 1
+ : an_find( rs->sr_attrs, &AllUser );
/* check for special all operational attributes ("+") type */
- opattrs = ( attrs == NULL ) ? 0
- : an_find( attrs, &AllOper );
+ opattrs = ( rs->sr_attrs == NULL ) ? 0
+ : an_find( rs->sr_attrs, &AllOper );
/* create an array of arrays of flags. Each flag corresponds
* to particular value of attribute and equals 1 if value matches
int k = 0;
size_t size;
- for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ for ( a = rs->sr_entry->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ) k++;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"send_search_entry: conn %lu SLAP_CALLOC failed\n",
- conn ? conn->c_connid : 0, 0, 0 );
+ op->o_connid : 0, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"send_search_entry: SLAP_CALLOC failed\n", 0, 0, 0 );
#endif
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "memory error",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "out of memory" );
goto error_return;
}
a_flags = (char *)(e_flags + i);
memset( a_flags, 0, k );
- for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ for ( a = rs->sr_entry->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
for ( j = 0; a->a_vals[j].bv_val != NULL; j++ );
e_flags[i] = a_flags;
a_flags += j;
}
- rc = filter_matched_values(be, conn, op, e->e_attrs, &e_flags) ;
+ rc = filter_matched_values(op, rs->sr_entry->e_attrs, &e_flags) ;
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"send_search_entry: conn %lu matched values filtering failed\n",
- conn ? conn->c_connid : 0, 0, 0 );
+ op->o_connid : 0, 0, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"matched values filtering failed\n", 0, 0, 0 );
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free( ber, 1 );
-
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "matched values filtering error",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "matched values filtering error" );
goto error_return;
}
}
}
- for ( a = e->e_attrs, j = 0; a != NULL; a = a->a_next, j++ ) {
+ for ( a = rs->sr_entry->e_attrs, j = 0; a != NULL; a = a->a_next, j++ ) {
AttributeDescription *desc = a->a_desc;
- if ( attrs == NULL ) {
+ if ( rs->sr_attrs == NULL ) {
/* all attrs request, skip operational attributes */
if( is_at_operational( desc->ad_type ) ) {
continue;
} else {
/* specific attrs requested */
if ( is_at_operational( desc->ad_type ) ) {
- if( !opattrs && !ad_inlist( desc, attrs ) ) {
+ if( !opattrs && !ad_inlist( desc, rs->sr_attrs ) ) {
continue;
}
} else {
- if (!userattrs && !ad_inlist( desc, attrs ) ) {
+ if (!userattrs && !ad_inlist( desc, rs->sr_attrs ) ) {
continue;
}
}
}
- if ( ! access_allowed( be, conn, op, e, desc, NULL,
+ if ( ! access_allowed( op, rs->sr_entry, desc, NULL,
ACL_READ, &acl_state ) )
{
#ifdef NEW_LOGGING
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encoding description error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encoding description error");
goto error_return;
}
- if ( ! attrsonly ) {
+ if ( ! op->oq_search.rs_attrsonly ) {
for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, rs->sr_entry,
desc, &a->a_vals[i], ACL_READ, &acl_state ) )
{
#ifdef NEW_LOGGING
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encoding values error",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encoding values error" );
goto error_return;
}
}
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encode end error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encode end error" );
goto error_return;
}
}
/* eventually will loop through generated operational attributes */
/* only have subschemaSubentry implemented */
- aa = backend_operational( be, conn, op, e, attrs, opattrs );
+ aa = backend_operational( op, rs, opattrs );
if ( aa != NULL && op->vrFilter != NULL ) {
int k = 0;
"send_search_entry: conn %lu "
"not enough memory "
"for matched values filtering\n",
- conn ? conn->c_connid : 0, 0, 0);
+ op->o_connid, 0, 0);
#else
Debug( LDAP_DEBUG_ANY,
"send_search_entry: conn %lu "
"not enough memory "
"for matched values filtering\n",
- conn ? conn->c_connid : 0, 0, 0 );
+ op->o_connid, 0, 0 );
#endif
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_NO_MEMORY,
- NULL, NULL, NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "not enough memory for matched values filtering" );
goto error_return;
}
e_flags = tmp;
e_flags[i] = a_flags;
a_flags += j;
}
- rc = filter_matched_values(be, conn, op, aa, &e_flags) ;
+ rc = filter_matched_values(op, aa, &e_flags) ;
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"send_search_entry: conn %lu "
"matched values filtering failed\n",
- conn ? conn->c_connid : 0, 0, 0);
+ op->o_connid : 0, 0, 0);
#else
Debug( LDAP_DEBUG_ANY,
"matched values filtering failed\n", 0, 0, 0 );
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free( ber, 1 );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "matched values filtering error",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "matched values filtering error" );
goto error_return;
}
}
for (a = aa, j=0; a != NULL; a = a->a_next, j++ ) {
AttributeDescription *desc = a->a_desc;
- if ( attrs == NULL ) {
+ if ( rs->sr_attrs == NULL ) {
/* all attrs request, skip operational attributes */
if( is_at_operational( desc->ad_type ) ) {
continue;
} else {
/* specific attrs requested */
if( is_at_operational( desc->ad_type ) ) {
- if( !opattrs && !ad_inlist( desc, attrs ) ) {
+ if( !opattrs && !ad_inlist( desc, rs->sr_attrs ) ) {
continue;
}
} else {
- if (!userattrs && !ad_inlist( desc, attrs ) )
+ if (!userattrs && !ad_inlist( desc, rs->sr_attrs ) )
{
continue;
}
}
}
- if ( ! access_allowed( be, conn, op, e, desc, NULL,
+ if ( ! access_allowed( op, rs->sr_entry, desc, NULL,
ACL_READ, &acl_state ) )
{
#ifdef NEW_LOGGING
"access to attribute %s not allowed\n",
op->o_connid, desc->ad_cname.bv_val, 0 );
#else
- Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s "
+ Debug( LDAP_DEBUG_ACL, "send_search_entry: access to attribute %s "
"not allowed\n",
desc->ad_cname.bv_val, 0, 0 );
#endif
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encoding description error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encoding description error" );
attrs_free( aa );
goto error_return;
}
- if ( ! attrsonly ) {
+ if ( ! op->oq_search.rs_attrsonly ) {
for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
- if ( ! access_allowed( be, conn, op, e,
+ if ( ! access_allowed( op, rs->sr_entry,
desc, &a->a_vals[i], ACL_READ, &acl_state ) )
{
#ifdef NEW_LOGGING
op->o_connid, desc->ad_cname.bv_val, i );
#else
Debug( LDAP_DEBUG_ACL,
- "acl: access to attribute %s, "
+ "send_search_entry: access to attribute %s, "
"value %d not allowed\n",
desc->ad_cname.bv_val, i, 0 );
#endif
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encoding values error",
- NULL, NULL );
-
+ send_ldap_error( op, rs, LDAP_OTHER, "encoding values error" );
attrs_free( aa );
goto error_return;
}
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encode end error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encode end error" );
attrs_free( aa );
goto error_return;
* passed to all plugins.
*/
ctx.cac_pb = op->o_pb;
- ctx.cac_attrs = attrs;
- ctx.cac_attrsonly = attrsonly;
+ ctx.cac_attrs = rs->sr_attrs;
+ ctx.cac_attrsonly = op->oq_search.rs_attrsonly;
ctx.cac_userattrs = userattrs;
ctx.cac_opattrs = opattrs;
ctx.cac_acl_state = acl_state;
/*
* For each client requested attribute, call the plugins.
*/
- if ( attrs != NULL ) {
- for ( anp = attrs; anp->an_name.bv_val != NULL; anp++ ) {
- rc = compute_evaluator( &ctx, anp->an_name.bv_val, e, slapi_x_compute_output_ber );
+ if ( rs->sr_attrs != NULL ) {
+ for ( anp = rs->sr_attrs; anp->an_name.bv_val != NULL; anp++ ) {
+ rc = compute_evaluator( &ctx, anp->an_name.bv_val, rs->sr_entry, slapi_x_compute_output_ber );
if ( rc == 1 ) {
break;
}
* when the user requested only user attributes. We'll let the
* plugin decide whether to be naughty or not.
*/
- rc = compute_evaluator( &ctx, "*", e, slapi_x_compute_output_ber );
+ rc = compute_evaluator( &ctx, "*", rs->sr_entry, slapi_x_compute_output_ber );
}
if ( rc == 1 ) {
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "computed attribute error", NULL, NULL );
+ send_ldap_error( op, LDAP_OTHER, "computed attribute error" );
goto error_return;
}
#endif /* LDAP_SLAPI */
attrs_free( aa );
rc = ber_printf( ber, /*{{*/ "}N}" );
- if( rc != -1 && ctrls != NULL ) {
- rc = send_ldap_controls( ber, ctrls );
+ if( rc != -1 && rs->sr_ctrls != NULL ) {
+ rc = send_ldap_controls( ber, rs->sr_ctrls );
}
#ifdef LDAP_CONNECTIONLESS
- if( conn->c_is_udp && op->o_protocol == LDAP_VERSION2 ) {
+ if( op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2 ) {
; /* empty, skip following if */
} else
#endif
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encode entry end error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encode entry end error" );
return( 1 );
}
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0) {
+ if (!op->o_conn || op->o_conn->c_is_udp == 0) {
#endif
- bytes = op->o_noop ? 0 : send_ldap_ber( conn, ber );
+ bytes = op->o_noop ? 0 : send_ldap_ber( op->o_conn, ber );
ber_free_buf( ber );
if ( bytes < 0 ) {
#endif
Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu ENTRY dn=\"%s\"\n",
- conn->c_connid, op->o_opid, e->e_dn, 0, 0 );
+ op->o_connid, op->o_opid, rs->sr_entry->e_dn, 0, 0 );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
}
int
-slap_send_search_reference(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- BerVarray refs,
- LDAPControl **ctrls,
- BerVarray *v2refs
-)
+slap_send_search_reference( Operation *op, SlapReply *rs )
{
char berbuf[LBER_ELEMENT_SIZEOF];
BerElement *ber = (BerElement *)berbuf;
AttributeDescription *ad_ref = slap_schema.si_ad_ref;
AttributeDescription *ad_entry = slap_schema.si_ad_entry;
+ rs->sr_type = REP_SEARCHREF;
if (op->o_callback && op->o_callback->sc_sendreference) {
- return op->o_callback->sc_sendreference( be, conn, op, e, refs, ctrls, v2refs );
+ return op->o_callback->sc_sendreference( op, rs );
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
"send_search_reference: conn %lu dn=\"%s\"\n",
- op->o_connid, e ? e->e_dn : "(null)", 0 );
+ op->o_connid, rs->sr_entry ? rs->sr_entry->e_name.bv_val : "(null)", 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"=> send_search_reference: dn=\"%s\"\n",
- e ? e->e_dn : "(null)", 0, 0 );
+ rs->sr_entry ? rs->sr_entry->e_name.bv_val : "(null)", 0, 0 );
#endif
- if ( e && ! access_allowed( be, conn, op, e,
+ if ( rs->sr_entry && ! access_allowed( op, rs->sr_entry,
ad_entry, NULL, ACL_READ, NULL ) )
{
#ifdef NEW_LOGGING
LDAP_LOG( ACL, INFO,
"send_search_reference: conn %lu "
"access to entry %s not allowed\n",
- op->o_connid, e->e_dn, 0 );
+ op->o_connid, rs->sr_entry->e_dn, 0 );
#else
Debug( LDAP_DEBUG_ACL,
"send_search_reference: access to entry not allowed\n",
return( 1 );
}
- if ( e && ! access_allowed( be, conn, op, e,
+ if ( rs->sr_entry && ! access_allowed( op, rs->sr_entry,
ad_ref, NULL, ACL_READ, NULL ) )
{
#ifdef NEW_LOGGING
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"send_search_reference: conn %lu domainScope control in (%s).\n",
- op->o_connid, e->e_dn, 0 );
+ op->o_connid, rs->sr_entry->e_dn, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"send_search_reference: domainScope control in (%s)\n",
- e->e_dn, 0, 0 );
+ rs->sr_entry->e_dn, 0, 0 );
#endif
return( 0 );
}
#endif
- if( refs == NULL ) {
+ if( rs->sr_ref == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"send_search_reference: conn %lu null ref in (%s).\n",
- op->o_connid, e ? e->e_dn : "(null)", 0 );
+ op->o_connid, rs->sr_entry ? rs->sr_entry->e_dn : "(null)", 0 );
#else
Debug( LDAP_DEBUG_ANY,
"send_search_reference: null ref in (%s)\n",
- e ? e->e_dn : "(null)", 0, 0 );
+ rs->sr_entry ? rs->sr_entry->e_dn : "(null)", 0, 0 );
#endif
return( 1 );
if( op->o_protocol < LDAP_VERSION3 ) {
/* save the references for the result */
- if( refs[0].bv_val != NULL ) {
- if( value_add( v2refs, refs ) )
+ if( rs->sr_ref[0].bv_val != NULL ) {
+ if( value_add( &rs->sr_v2ref, rs->sr_ref ) )
return LDAP_OTHER;
}
return 0;
}
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp)
+ if (op->o_conn && op->o_conn->c_is_udp)
ber = op->o_res_ber;
else
#endif
ber_init_w_nullc( ber, LBER_USE_DER );
rc = ber_printf( ber, "{it{W}" /*"}"*/ , op->o_msgid,
- LDAP_RES_SEARCH_REFERENCE, refs );
+ LDAP_RES_SEARCH_REFERENCE, rs->sr_ref );
- if( rc != -1 && ctrls != NULL ) {
- rc = send_ldap_controls( ber, ctrls );
+ if( rc != -1 && rs->sr_ctrls != NULL ) {
+ rc = send_ldap_controls( ber, rs->sr_ctrls );
}
if( rc != -1 ) {
- rc = ber_printf( ber, /*"{"*/ "N}", op->o_msgid,
- LDAP_RES_SEARCH_REFERENCE, refs );
+ rc = ber_printf( ber, /*"{"*/ "N}" );
}
if ( rc == -1 ) {
#endif
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0)
+ if (!op->o_conn || op->o_conn->c_is_udp == 0)
#endif
ber_free_buf( ber );
- send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encode DN error", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_OTHER, "encode DN error" );
return -1;
}
#ifdef LDAP_CONNECTIONLESS
- if (conn->c_is_udp == 0) {
+ if (!op->o_conn || op->o_conn->c_is_udp == 0) {
#endif
- bytes = op->o_noop ? 0 : send_ldap_ber( conn, ber );
+ bytes = op->o_noop ? 0 : send_ldap_ber( op->o_conn, ber );
ber_free_buf( ber );
ldap_pvt_thread_mutex_lock( &num_sent_mutex );
#endif
Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu REF dn=\"%s\"\n",
- conn->c_connid, op->o_opid, e ? e->e_dn : "(null)", 0, 0 );
+ op->o_connid, op->o_opid, rs->sr_entry ? rs->sr_entry->e_dn : "(null)", 0, 0 );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
return 0;
}
-
int
str2result(
char *s,
sasl_server_params_t *sparams;
} lookup_info;
+static slap_sendentry sasl_ap_lookup, sasl_cb_checkpass;
+
static int
-sasl_ap_lookup(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- AttributeName *an,
- int attrsonly,
- LDAPControl **ctrls )
+sasl_ap_lookup( Operation *op, SlapReply *rs )
{
BerVarray bv;
AttributeDescription *ad;
#endif
continue;
}
- a = attr_find( e->e_attrs, ad );
+ a = attr_find( rs->sr_entry->e_attrs, ad );
if ( !a ) continue;
- if ( ! access_allowed( be, conn, op, e, ad, NULL, ACL_AUTH, NULL ) ) {
+ if ( ! access_allowed( op, rs->sr_entry, ad, NULL, ACL_AUTH, NULL ) ) {
continue;
}
if ( sl->list[i].values && ( sl->flags & SASL_AUXPROP_OVERRIDE ) ) {
const char *user,
unsigned ulen)
{
+ Operation op = {0};
int rc, i, doit=0;
- struct berval dn;
Connection *conn = NULL;
lookup_info sl;
!strcmp( sl.list[i].name, slap_propnames[PROP_AUTHZ] ) ) {
if ( sl.list[i].values && sl.list[i].values[0] )
- AC_MEMCPY( &dn, sl.list[i].values[0], sizeof( dn ) );
+ AC_MEMCPY( &op.o_req_ndn, sl.list[i].values[0], sizeof( struct berval ) );
if ( !sl.last ) sl.last = i;
break;
}
if ( !strcmp( sl.list[i].name, slap_propnames[PROP_AUTHC] ) ) {
if ( !sl.last ) sl.last = i;
if ( sl.list[i].values && sl.list[i].values[0] ) {
- AC_MEMCPY( &dn, sl.list[i].values[0], sizeof( dn ) );
+ AC_MEMCPY( &op.o_req_ndn, sl.list[i].values[0], sizeof( struct berval ) );
if ( !(flags & SASL_AUXPROP_AUTHZID) )
break;
}
}
if (doit) {
- Backend *be;
- Operation op = {0};
slap_callback cb = { slap_cb_null_response,
slap_cb_null_sresult, sasl_ap_lookup, slap_cb_null_sreference, NULL };
cb.sc_private = &sl;
- be = select_backend( &dn, 0, 1 );
+ op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
- if ( be && be->be_search ) {
+ if ( op.o_bd && op.o_bd->be_search ) {
+ SlapReply rs = {REP_RESULT};
op.o_tag = LDAP_REQ_SEARCH;
op.o_protocol = LDAP_VERSION3;
op.o_ndn = conn->c_ndn;
op.o_do_not_cache = 1;
op.o_is_auth_check = 1;
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
-
- (*be->be_search)( be, conn, &op, NULL, &dn,
- LDAP_SCOPE_BASE, LDAP_DEREF_NEVER, 1, 0,
- generic_filter, NULL, NULL, 0 );
+ op.o_conn = conn;
+ op.o_connid = conn->c_connid;
+ op.oq_search.rs_scope = LDAP_SCOPE_BASE;
+ op.oq_search.rs_deref = LDAP_DEREF_NEVER;
+ op.oq_search.rs_slimit = 1;
+ op.oq_search.rs_filter = generic_filter;
+
+ op.o_bd->be_search( &op, &rs );
}
}
}
} checkpass_info;
static int
-sasl_cb_checkpass(
- BackendDB *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- AttributeName *an,
- int attrsonly,
- LDAPControl **ctrls )
+sasl_cb_checkpass( Operation *op, SlapReply *rs )
{
slap_callback *tmp = op->o_callback;
checkpass_info *ci = tmp->sc_private;
ci->rc = SASL_NOVERIFY;
- a = attr_find( e->e_attrs, slap_schema.si_ad_userPassword );
+ a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_userPassword );
if ( !a ) return 0;
- if ( ! access_allowed( be, conn, op, e, slap_schema.si_ad_userPassword,
+ if ( ! access_allowed( op, rs->sr_entry, slap_schema.si_ad_userPassword,
NULL, ACL_AUTH, NULL ) ) return 0;
for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) {
struct propctx *propctx)
{
Connection *conn = (Connection *)context;
- struct berval dn;
+ Operation op = {0};
int rc;
- Backend *be;
checkpass_info ci;
ci.rc = SASL_NOUSER;
* find an answer here.
*/
- rc = slap_sasl_getdn( conn, (char *)username, 0, NULL, &dn,
+ rc = slap_sasl_getdn( conn, (char *)username, 0, NULL, &op.o_req_ndn,
SLAP_GETDN_AUTHCID );
if ( rc != LDAP_SUCCESS ) {
sasl_seterror( sconn, 0, ldap_err2string( rc ) );
return SASL_NOUSER;
}
- if ( dn.bv_len == 0 ) {
+ if ( op.o_req_ndn.bv_len == 0 ) {
sasl_seterror( sconn, 0,
"No password is associated with the Root DSE" );
- if ( dn.bv_val != NULL ) {
- ch_free( dn.bv_val );
+ if ( op.o_req_ndn.bv_val != NULL ) {
+ ch_free( op.o_req_ndn.bv_val );
}
return SASL_NOUSER;
}
- be = select_backend( &dn, 0, 1 );
- if ( be && be->be_search ) {
- Operation op = {0};
+ op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
+ if ( op.o_bd && op.o_bd->be_search ) {
slap_callback cb = { slap_cb_null_response,
slap_cb_null_sresult, sasl_cb_checkpass, slap_cb_null_sreference, NULL };
+ SlapReply rs = {REP_RESULT};
ci.cred.bv_val = (char *)pass;
ci.cred.bv_len = passlen;
op.o_do_not_cache = 1;
op.o_is_auth_check = 1;
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
-
- (*be->be_search)( be, conn, &op, NULL, &dn,
- LDAP_SCOPE_BASE, LDAP_DEREF_NEVER, 1, 0,
- generic_filter, NULL, NULL, 0 );
+ op.o_conn = conn;
+ op.o_connid = conn->c_connid;
+ op.oq_search.rs_scope = LDAP_SCOPE_BASE;
+ op.oq_search.rs_deref = LDAP_DEREF_NEVER;
+ op.oq_search.rs_slimit = 1;
+ op.oq_search.rs_filter = generic_filter;
+
+ op.o_bd->be_search( &op, &rs );
}
if ( ci.rc != SASL_OK ) {
sasl_seterror( sconn, 0,
ldap_err2string( LDAP_INVALID_CREDENTIALS ) );
}
- ch_free( dn.bv_val );
+ ch_free( op.o_req_ndn.bv_val );
return ci.rc;
}
return LDAP_SUCCESS;
}
-int slap_sasl_bind(
- Connection *conn,
- Operation *op,
- struct berval *dn,
- struct berval *ndn,
- struct berval *cred,
- struct berval *edn,
- slap_ssf_t *ssfp )
+int slap_sasl_bind( Operation *op, SlapReply *rs )
{
- int rc = 1;
-
#ifdef HAVE_CYRUS_SASL
- sasl_conn_t *ctx = conn->c_sasl_context;
+ sasl_conn_t *ctx = op->o_conn->c_sasl_context;
struct berval response;
unsigned reslen = 0;
- const char *errstr = NULL;
int sc;
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,
"sasl_bind: dn=\"%s\" mech=%s datalen=%ld\n",
- dn->bv_len ? dn->bv_val : "",
- conn->c_sasl_bind_in_progress ? "<continuing>" :
- conn->c_sasl_bind_mech.bv_val,
- cred ? cred->bv_len : 0 );
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "",
+ op->o_conn->c_sasl_bind_in_progress ? "<continuing>" :
+ op->o_conn->c_sasl_bind_mech.bv_val,
+ op->oq_bind.rb_cred.bv_len );
#else
Debug(LDAP_DEBUG_ARGS,
"==> sasl_bind: dn=\"%s\" mech=%s datalen=%ld\n",
- dn->bv_len ? dn->bv_val : "",
- conn->c_sasl_bind_in_progress ? "<continuing>":conn->c_sasl_bind_mech.bv_val,
- cred ? cred->bv_len : 0 );
+ op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "",
+ op->o_conn->c_sasl_bind_in_progress ? "<continuing>" :
+ op->o_conn->c_sasl_bind_mech.bv_val,
+ op->oq_bind.rb_cred.bv_len );
#endif
if( ctx == NULL ) {
- send_ldap_result( conn, op, LDAP_UNAVAILABLE,
- NULL, "SASL unavailable on this session", NULL, NULL );
- return rc;
+ send_ldap_error( op, rs, LDAP_UNAVAILABLE,
+ "SASL unavailable on this session" );
+ return rs->sr_err;
}
#if SASL_VERSION_MAJOR >= 2
sasl_server_step( ctx, cred, clen, resp, rlen, err )
#endif
- if ( !conn->c_sasl_bind_in_progress ) {
+ if ( !op->o_conn->c_sasl_bind_in_progress ) {
sc = START( ctx,
- conn->c_sasl_bind_mech.bv_val,
- cred->bv_val, cred->bv_len,
- (SASL_CONST char **)&response.bv_val, &reslen, &errstr );
+ op->o_conn->c_sasl_bind_mech.bv_val,
+ op->oq_bind.rb_cred.bv_val, op->oq_bind.rb_cred.bv_len,
+ (SASL_CONST char **)&response.bv_val, &reslen, &rs->sr_text );
} else {
sc = STEP( ctx,
- cred->bv_val, cred->bv_len,
- (SASL_CONST char **)&response.bv_val, &reslen, &errstr );
+ op->oq_bind.rb_cred.bv_val, op->oq_bind.rb_cred.bv_len,
+ (SASL_CONST char **)&response.bv_val, &reslen, &rs->sr_text );
}
response.bv_len = reslen;
if ( sc == SASL_OK ) {
sasl_ssf_t *ssf = NULL;
- *edn = conn->c_sasl_dn;
- conn->c_sasl_dn.bv_val = NULL;
- conn->c_sasl_dn.bv_len = 0;
+ op->oq_bind.rb_edn = op->o_conn->c_sasl_dn;
+ op->o_conn->c_sasl_dn.bv_val = NULL;
+ op->o_conn->c_sasl_dn.bv_len = 0;
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
(void) sasl_getprop( ctx, SASL_SSF, (void *)&ssf );
- *ssfp = ssf ? *ssf : 0;
+ op->oq_bind.rb_ssf = ssf ? *ssf : 0;
- if( *ssfp ) {
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
- conn->c_sasl_layers++;
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ if( op->oq_bind.rb_ssf ) {
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
+ op->o_conn->c_sasl_layers++;
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
}
- send_ldap_sasl( conn, op, rc,
- NULL, NULL, NULL, NULL,
- response.bv_len ? &response : NULL );
+ if (response.bv_len) rs->sr_sasldata = &response;
+ send_ldap_sasl( op, rs );
} else if ( sc == SASL_CONTINUE ) {
- send_ldap_sasl( conn, op, rc = LDAP_SASL_BIND_IN_PROGRESS,
- NULL, NULL, NULL, NULL, &response );
+ rs->sr_err = LDAP_SASL_BIND_IN_PROGRESS,
+ rs->sr_sasldata = &response;
+ send_ldap_sasl( op, rs );
} else {
#if SASL_VERSION_MAJOR >= 2
- errstr = sasl_errdetail( ctx );
+ rs->sr_text = sasl_errdetail( ctx );
#endif
- send_ldap_result( conn, op, rc = slap_sasl_err2ldap( sc ),
- NULL, errstr, NULL, NULL );
+ rs->sr_err = slap_sasl_err2ldap( sc ),
+ send_ldap_result( op, rs );
}
#if SASL_VERSION_MAJOR < 2
#endif
#ifdef NEW_LOGGING
- LDAP_LOG( TRANSPORT, RESULTS, "slap_sasl_bind: rc=%d\n", rc, 0, 0 );
+ LDAP_LOG( TRANSPORT, RESULTS, "slap_sasl_bind: rc=%d\n", rs->sr_err, 0, 0 );
#else
- Debug(LDAP_DEBUG_TRACE, "<== slap_sasl_bind: rc=%d\n", rc, 0, 0);
+ Debug(LDAP_DEBUG_TRACE, "<== slap_sasl_bind: rc=%d\n", rs->sr_err, 0, 0);
#endif
#else
- send_ldap_result( conn, op, rc = LDAP_UNAVAILABLE,
- NULL, "SASL not supported", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNAVAILABLE,
+ "SASL not supported" );
#endif
- return rc;
+ return rs->sr_err;
}
char* slap_sasl_secprops( const char *in )
#ifdef HAVE_CYRUS_SASL
int
-slap_sasl_setpass(
- Connection *conn,
- Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char **text )
+slap_sasl_setpass( Operation *op, SlapReply *rs )
{
- int rc;
struct berval id = { 0, NULL }; /* needs to come from connection */
struct berval new = { 0, NULL };
struct berval old = { 0, NULL };
- assert( reqoid != NULL );
- assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 );
+ assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 );
- rc = sasl_getprop( conn->c_sasl_context, SASL_USERNAME,
+ rs->sr_err = sasl_getprop( op->o_conn->c_sasl_context, SASL_USERNAME,
(SASL_CONST void **)&id.bv_val );
- if( rc != SASL_OK ) {
- *text = "unable to retrieve SASL username";
- rc = LDAP_OTHER;
+ if( rs->sr_err != SASL_OK ) {
+ rs->sr_text = "unable to retrieve SASL username";
+ rs->sr_err = LDAP_OTHER;
goto done;
}
id.bv_val ? id.bv_val : "", 0, 0 );
#endif
- rc = slap_passwd_parse( reqdata,
- NULL, &old, &new, text );
+ rs->sr_err = slap_passwd_parse( op->oq_extended.rs_reqdata,
+ NULL, &old, &new, &rs->sr_text );
- if( rc != LDAP_SUCCESS ) {
+ if( rs->sr_err != LDAP_SUCCESS ) {
goto done;
}
slap_passwd_generate(&new);
if( new.bv_len == 0 ) {
- *text = "password generation failed.";
- rc = LDAP_OTHER;
+ rs->sr_text = "password generation failed.";
+ rs->sr_err = LDAP_OTHER;
goto done;
}
- *rspdata = slap_passwd_return( &new );
+ rs->sr_rspdata = slap_passwd_return( &new );
}
#if SASL_VERSION_MAJOR < 2
- rc = sasl_setpass( conn->c_sasl_context,
- id.bv_val, new.bv_val, new.bv_len, 0, text );
+ rs->sr_err = sasl_setpass( op->o_conn->c_sasl_context,
+ id.bv_val, new.bv_val, new.bv_len, 0, &rs->sr_text );
#else
- rc = sasl_setpass( conn->c_sasl_context, id.bv_val,
+ rs->sr_err = sasl_setpass( op->o_conn->c_sasl_context, id.bv_val,
new.bv_val, new.bv_len, old.bv_val, old.bv_len, 0 );
- if( rc != SASL_OK ) {
- *text = sasl_errdetail( conn->c_sasl_context );
+ if( rs->sr_err != SASL_OK ) {
+ rs->sr_text = sasl_errdetail( op->o_conn->c_sasl_context );
}
#endif
- switch(rc) {
+ switch(rs->sr_err) {
case SASL_OK:
- rc = LDAP_SUCCESS;
+ rs->sr_err = LDAP_SUCCESS;
break;
case SASL_NOCHANGE:
case SASL_FAIL:
case SASL_BADPARAM:
default:
- rc = LDAP_OTHER;
+ rs->sr_err = LDAP_OTHER;
}
done:
- return rc;
+ return rs->sr_err;
}
#endif /* HAVE_CYRUS_SASL */
}
/* Two empty callback functions to avoid sending results */
-void slap_cb_null_response( Connection *conn, Operation *o, ber_tag_t tag,
- ber_int_t msgid, ber_int_t err, const char *matched,
- const char *text, BerVarray ref, const char *resoid,
- struct berval *resdata, struct berval *sasldata, LDAPControl **c)
+void slap_cb_null_response( Operation *o, SlapReply *rs )
{
}
-void slap_cb_null_sresult( Connection *conn, Operation *o, ber_int_t err,
- const char *matched, const char *text, BerVarray refs, LDAPControl **c,
- int nentries)
+void slap_cb_null_sresult( Operation *o, SlapReply *rs )
{
}
-int slap_cb_null_sreference( BackendDB *db, Connection *conn, Operation *o,
- Entry *e, BerVarray r, LDAPControl **c, BerVarray *v2)
+int slap_cb_null_sreference( Operation *o, SlapReply *rs )
{
return 0;
}
/* This callback actually does some work...*/
-static int sasl_sc_sasl2dn( BackendDB *be, Connection *conn, Operation *o,
- Entry *e, AttributeName *an, int ao, LDAPControl **c)
+static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs )
{
struct berval *ndn = o->o_callback->sc_private;
return -1;
}
- ber_dupbv(ndn, &e->e_nname);
+ ber_dupbv(ndn, &rs->sr_entry->e_nname);
return 0;
}
int match;
} smatch_info;
-static int sasl_sc_smatch( BackendDB *be, Connection *conn, Operation *o,
- Entry *e, AttributeName *an, int ao, LDAPControl **c)
+static int sasl_sc_smatch( Operation *o, SlapReply *rs )
{
smatch_info *sm = o->o_callback->sc_private;
- if (dn_match(sm->dn, &e->e_nname)) {
+ if (dn_match(sm->dn, &rs->sr_entry->e_nname)) {
sm->match = 1;
return -1; /* short-circuit the search */
}
static
int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assertDN, struct berval *authc )
{
- struct berval searchbase = {0, NULL};
- int rc, scope;
- Backend *be;
- Filter *filter=NULL;
+ int rc;
regex_t reg;
smatch_info sm;
slap_callback cb = {
slap_cb_null_response,
slap_cb_null_sresult,
sasl_sc_smatch,
- NULL
+ slap_cb_null_sreference
};
Operation op = {0};
+ SlapReply rs = {REP_RESULT};
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,
assertDN->bv_val, rule->bv_val, 0 );
#endif
- rc = slap_parseURI( rule, &searchbase, &scope, &filter );
+ rc = slap_parseURI( rule, &op.o_req_ndn, &op.oq_search.rs_scope, &op.oq_search.rs_filter );
if( rc != LDAP_SUCCESS ) goto CONCLUDED;
/* Massive shortcut: search scope == base */
- if( scope == LDAP_SCOPE_BASE ) {
- rc = regcomp(®, searchbase.bv_val,
+ if( op.oq_search.rs_scope == LDAP_SCOPE_BASE ) {
+ rc = regcomp(®, op.o_req_ndn.bv_val,
REG_EXTENDED|REG_ICASE|REG_NOSUB);
if ( rc == 0 ) {
rc = regexec(®, assertDN->bv_val, 0, NULL, 0);
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, DETAIL1,
"slap_sasl_match: performing internal search (base=%s, scope=%d)\n",
- searchbase.bv_val, scope,0 );
+ op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"slap_sasl_match: performing internal search (base=%s, scope=%d)\n",
- searchbase.bv_val, scope, 0 );
+ op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 );
#endif
- be = select_backend( &searchbase, 0, 1 );
- if(( be == NULL ) || ( be->be_search == NULL)) {
+ op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
+ if(( op.o_bd == NULL ) || ( op.o_bd->be_search == NULL)) {
rc = LDAP_INAPPROPRIATE_AUTH;
goto CONCLUDED;
}
op.o_do_not_cache = 1;
op.o_is_auth_check = 1;
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
+ op.o_conn = conn;
+ op.o_connid = conn->c_connid;
- (*be->be_search)( be, conn, &op, /*base=*/NULL, &searchbase,
- scope, /*deref=*/1, /*sizelimit=*/0, /*time=*/0, filter, /*fstr=*/NULL,
- /*attrs=*/NULL, /*attrsonly=*/0 );
+ op.o_bd->be_search( &op, &rs );
if (sm.match) {
rc = LDAP_SUCCESS;
}
CONCLUDED:
- if( searchbase.bv_len ) ch_free( searchbase.bv_val );
- if( filter ) filter_free( filter );
+ if( op.o_req_ndn.bv_len ) ch_free( op.o_req_ndn.bv_val );
+ if( op.oq_search.rs_filter ) filter_free( op.oq_search.rs_filter );
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,
assertDN->bv_val, ad->ad_cname.bv_val, searchDN->bv_val);
#endif
- rc = backend_attribute( NULL, NULL, conn->c_sasl_bindop, NULL,
+ rc = backend_attribute( conn->c_sasl_bindop, NULL,
searchDN, ad, &vals );
if( rc != LDAP_SUCCESS ) goto COMPLETE;
struct berval *saslname, struct berval *sasldn )
{
int rc;
- Backend *be = NULL;
- struct berval dn = { 0, NULL };
- int scope = LDAP_SCOPE_BASE;
- Filter *filter = NULL;
slap_callback cb = { slap_cb_null_response,
slap_cb_null_sresult, sasl_sc_sasl2dn, slap_cb_null_sreference, NULL};
Operation op = {0};
+ SlapReply rs = {REP_RESULT};
struct berval regout = { 0, NULL };
#ifdef NEW_LOGGING
goto FINISHED;
}
- rc = slap_parseURI( ®out, &dn, &scope, &filter );
+ rc = slap_parseURI( ®out, &op.o_req_ndn, &op.oq_search.rs_scope, &op.oq_search.rs_filter );
if( regout.bv_val ) ch_free( regout.bv_val );
if( rc != LDAP_SUCCESS ) {
goto FINISHED;
}
/* Must do an internal search */
- be = select_backend( &dn, 0, 1 );
+ op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
/* Massive shortcut: search scope == base */
- if( scope == LDAP_SCOPE_BASE ) {
- *sasldn = dn;
- dn.bv_len = 0;
- dn.bv_val = NULL;
+ if( op.oq_search.rs_scope == LDAP_SCOPE_BASE ) {
+ *sasldn = op.o_req_ndn;
+ op.o_req_ndn.bv_len = 0;
+ op.o_req_ndn.bv_val = NULL;
goto FINISHED;
}
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, DETAIL1,
"slap_sasl2dn: performing internal search (base=%s, scope=%d)\n",
- dn.bv_val, scope, 0 );
+ op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"slap_sasl2dn: performing internal search (base=%s, scope=%d)\n",
- dn.bv_val, scope, 0 );
+ op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 );
#endif
- if(( be == NULL ) || ( be->be_search == NULL)) {
+ if(( op.o_bd == NULL ) || ( op.o_bd->be_search == NULL)) {
goto FINISHED;
}
+ op.o_conn = conn;
+ op.o_connid = conn->c_connid;
op.o_tag = LDAP_REQ_SEARCH;
op.o_protocol = LDAP_VERSION3;
op.o_ndn = conn->c_ndn;
op.o_is_auth_check = 1;
op.o_threadctx = conn->c_sasl_bindop ? conn->c_sasl_bindop->o_threadctx:
ldap_pvt_thread_pool_context( &connection_pool );
+ op.oq_search.rs_deref = LDAP_DEREF_NEVER;
+ op.oq_search.rs_slimit = 1;
+ op.oq_search.rs_attrsonly = 1;
- (*be->be_search)( be, conn, &op, NULL, &dn,
- scope, LDAP_DEREF_NEVER, 1, 0,
- filter, NULL, NULL, 1 );
+ op.o_bd->be_search( &op, &rs );
FINISHED:
if( sasldn->bv_len ) {
- conn->c_authz_backend = be;
+ conn->c_authz_backend = op.o_bd;
}
- if( dn.bv_len ) ch_free( dn.bv_val );
- if( filter ) filter_free( filter );
+ if( op.o_req_ndn.bv_len ) ch_free( op.o_req_ndn.bv_val );
+ if( op.oq_search.rs_filter ) filter_free( op.oq_search.rs_filter );
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,
#ifdef LDAP_SLAPI
#include "slapi.h"
static char **anlist2charray( AttributeName *an );
-static Slapi_PBlock *initSearchPlugin( Backend *be, Connection *conn, Operation *op,
- struct berval *base, int scope, int deref, int sizelimit, int timelimit,
- Filter *filter, struct berval *fstr, char **attrs,
- int attrsonly, int managedsait );
+static Slapi_PBlock *initSearchPlugin( Operation *op, char **attrs, int managedsait );
static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb );
static int doSearchRewriteFNs( Backend *be, Slapi_PBlock *pb, Filter **filter, struct berval *fstr );
static void doPostSearchPluginFNs( Backend *be, Slapi_PBlock *pb );
int
do_search(
- Connection *conn, /* where to send results */
- Operation *op /* info about the op to which we're responding */
+ Operation *op, /* info about the op to which we're responding */
+ SlapReply *rs /* all the response data we'll send */
) {
- ber_int_t scope, deref, attrsonly;
- ber_int_t sizelimit, timelimit;
struct berval base = { 0, NULL };
- struct berval pbase = { 0, NULL };
- struct berval nbase = { 0, NULL };
- struct berval fstr = { 0, NULL };
- Filter *filter = NULL;
- AttributeName *an = NULL;
ber_len_t siz, off, i;
- Backend *be;
- int rc;
- const char *text;
int manageDSAit;
#ifdef LDAP_SLAPI
- Slapi_PBlock *pb = NULL;
char **attrs = NULL;
#endif
#ifdef NEW_LOGGING
- LDAP_LOG( OPERATION, ENTRY, "do_search: conn %d\n", conn->c_connid, 0, 0 );
+ LDAP_LOG( OPERATION, ENTRY, "do_search: conn %d\n", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_search\n", 0, 0, 0 );
#endif
/* baseObject, scope, derefAliases, sizelimit, timelimit, attrsOnly */
if ( ber_scanf( op->o_ber, "{miiiib" /*}*/,
- &base, &scope, &deref, &sizelimit,
- &timelimit, &attrsonly ) == LBER_ERROR )
+ &base, &op->oq_search.rs_scope, &op->oq_search.rs_deref, &op->oq_search.rs_slimit,
+ &op->oq_search.rs_tlimit, &op->oq_search.rs_attrsonly ) == LBER_ERROR )
{
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
- rc = SLAPD_DISCONNECT;
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
+ rs->sr_err = SLAPD_DISCONNECT;
goto return_results;
}
- switch( scope ) {
+ switch( op->oq_search.rs_scope ) {
case LDAP_SCOPE_BASE:
case LDAP_SCOPE_ONELEVEL:
case LDAP_SCOPE_SUBTREE:
break;
default:
- send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
- NULL, "invalid scope", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "invalid scope" );
goto return_results;
}
- switch( deref ) {
+ switch( op->oq_search.rs_deref ) {
case LDAP_DEREF_NEVER:
case LDAP_DEREF_FINDING:
case LDAP_DEREF_SEARCHING:
case LDAP_DEREF_ALWAYS:
break;
default:
- send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
- NULL, "invalid deref", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "invalid deref" );
goto return_results;
}
- rc = dnPrettyNormal( NULL, &base, &pbase, &nbase );
- if( rc != LDAP_SUCCESS ) {
+ rs->sr_err = dnPrettyNormal( NULL, &base, &op->o_req_dn, &op->o_req_ndn );
+ if( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,
"do_search: conn %d invalid dn (%s)\n",
- conn->c_connid, base.bv_val, 0 );
+ op->o_connid, base.bv_val, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"do_search: invalid dn (%s)\n", base.bv_val, 0, 0 );
#endif
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
goto return_results;
}
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS, "SRCH \"%s\" %d %d",
- base.bv_val, scope, deref );
+ base.bv_val, op->oq_search.rs_scope, op->oq_search.rs_deref );
LDAP_LOG( OPERATION, ARGS, " %d %d %d\n",
- sizelimit, timelimit, attrsonly);
+ op->oq_search.rs_slimit, op->oq_search.rs_tlimit, op->oq_search.rs_attrsonly);
#else
Debug( LDAP_DEBUG_ARGS, "SRCH \"%s\" %d %d",
- base.bv_val, scope, deref );
+ base.bv_val, op->oq_search.rs_scope, op->oq_search.rs_deref );
Debug( LDAP_DEBUG_ARGS, " %d %d %d\n",
- sizelimit, timelimit, attrsonly);
+ op->oq_search.rs_slimit, op->oq_search.rs_tlimit, op->oq_search.rs_attrsonly);
#endif
/* filter - returns a "normalized" version */
- rc = get_filter( conn, op->o_ber, &filter, &text );
- if( rc != LDAP_SUCCESS ) {
- if( rc == SLAPD_DISCONNECT ) {
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, text );
+ rs->sr_err = get_filter( op->o_conn, op->o_ber, &op->oq_search.rs_filter, &rs->sr_text );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ if( rs->sr_err == SLAPD_DISCONNECT ) {
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
+ send_ldap_disconnect( op, rs );
} else {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ send_ldap_result( op, rs );
}
goto return_results;
}
- filter2bv( filter, &fstr );
+ filter2bv( op->oq_search.rs_filter, &op->oq_search.rs_filterstr );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"do_search: conn %d filter: %s\n",
- conn->c_connid, fstr.bv_len ? fstr.bv_val : "empty", 0 );
+ op->o_connid, op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0 );
#else
Debug( LDAP_DEBUG_ARGS, " filter: %s\n",
- fstr.bv_len ? fstr.bv_val : "empty", 0, 0 );
+ op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0, 0 );
#endif
/* attributes */
siz = sizeof(AttributeName);
off = 0;
- if ( ber_scanf( op->o_ber, "{M}}", &an, &siz, off ) == LBER_ERROR ) {
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding attrs error" );
- rc = SLAPD_DISCONNECT;
+ if ( ber_scanf( op->o_ber, "{M}}", &op->oq_search.rs_attrs, &siz, off ) == LBER_ERROR ) {
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding attrs error" );
+ rs->sr_err = SLAPD_DISCONNECT;
goto return_results;
}
for ( i=0; i<siz; i++ ) {
- an[i].an_desc = NULL;
- an[i].an_oc = NULL;
- slap_bv2ad(&an[i].an_name, &an[i].an_desc, &text);
+ const char *dummy; /* ignore msgs from bv2ad */
+ op->oq_search.rs_attrs[i].an_desc = NULL;
+ op->oq_search.rs_attrs[i].an_oc = NULL;
+ slap_bv2ad(&op->oq_search.rs_attrs[i].an_name, &op->oq_search.rs_attrs[i].an_desc, &dummy);
}
- if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_search: conn %d get_ctrls failed (%d)\n",
- conn->c_connid, rc, 0 );
+ op->o_connid, rs->sr_err, 0 );
#else
Debug( LDAP_DEBUG_ANY, "do_search: get_ctrls failed\n", 0, 0, 0 );
#endif
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
- "do_search: conn %d attrs:", conn->c_connid, 0, 0 );
+ "do_search: conn %d attrs:", op->o_connid, 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS, " attrs:", 0, 0, 0 );
#endif
for ( i = 0; i<siz; i++ ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
- "do_search: %s", an[i].an_name.bv_val, 0, 0 );
+ "do_search: %s", op->oq_search.rs_attrs[i].an_name.bv_val, 0, 0 );
#else
- Debug( LDAP_DEBUG_ARGS, " %s", an[i].an_name.bv_val, 0, 0 );
+ Debug( LDAP_DEBUG_ARGS, " %s", op->oq_search.rs_attrs[i].an_name.bv_val, 0, 0 );
#endif
}
}
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu SRCH base=\"%s\" scope=%d filter=\"%s\"\n",
- op->o_connid, op->o_opid, pbase.bv_val, scope, fstr.bv_val );
+ op->o_connid, op->o_opid, op->o_req_dn.bv_val, op->oq_search.rs_scope, op->oq_search.rs_filterstr.bv_val );
for ( i = 0; i<siz; i++ ) {
- alen = an[i].an_name.bv_len;
+ alen = op->oq_search.rs_attrs[i].an_name.bv_len;
if (alen >= sizeof(abuf)) {
alen = sizeof(abuf)-1;
}
*ptr++ = ' ';
len++;
}
- ptr = lutil_strncopy(ptr, an[i].an_name.bv_val, alen);
+ ptr = lutil_strncopy(ptr, op->oq_search.rs_attrs[i].an_name.bv_val, alen);
len += alen;
*ptr = '\0';
}
manageDSAit = get_manageDSAit( op );
- if ( scope == LDAP_SCOPE_BASE ) {
+ if ( op->oq_search.rs_scope == LDAP_SCOPE_BASE ) {
Entry *entry = NULL;
- if ( nbase.bv_len == 0 ) {
+ if ( op->o_req_ndn.bv_len == 0 ) {
#ifdef LDAP_CONNECTIONLESS
/* Ignore LDAPv2 CLDAP Root DSE queries */
- if (op->o_protocol == LDAP_VERSION2 && conn->c_is_udp) {
+ if (op->o_protocol == LDAP_VERSION2 && op->o_conn->c_is_udp) {
goto return_results;
}
#endif
/* check restrictions */
- rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto return_results;
}
#ifdef LDAP_SLAPI
- attrs = anlist2charray( an );
- pb = initSearchPlugin( NULL, conn, op, &nbase, scope,
- deref, sizelimit, timelimit, filter, &fstr,
- attrs, attrsonly, manageDSAit );
- rc = doPreSearchPluginFNs( NULL, pb );
- if ( rc == LDAP_SUCCESS ) {
- doSearchRewriteFNs( NULL, pb, &filter, &fstr );
+ attrs = anlist2charray( op->oq_search.rs_attrs );
+ initSearchPlugin( op, attrs, manageDSAit );
+ rs->sr_err = doPreSearchPluginFNs( op );
+ if ( rs->sr_err == LDAP_SUCCESS ) {
+ doSearchRewriteFNs( op );
#endif /* LDAP_SLAPI */
- rc = root_dse_info( conn, &entry, &text );
+ rs->sr_err = root_dse_info( op->o_conn, &entry, &rs->sr_text );
#ifdef LDAP_SLAPI
}
#endif /* LDAP_SLAPI */
- } else if ( bvmatch( &nbase, &global_schemandn ) ) {
+ } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) {
/* check restrictions */
- rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto return_results;
}
#ifdef LDAP_SLAPI
- attrs = anlist2charray( an );
- pb = initSearchPlugin( NULL, conn, op, &nbase, scope,
- deref, sizelimit, timelimit, filter, &fstr,
- attrs, attrsonly, manageDSAit );
- rc = doPreSearchPluginFNs( NULL, pb );
- if ( rc == LDAP_SUCCESS ) {
- doSearchRewriteFNs( NULL, pb, &filter, &fstr );
+ attrs = anlist2charray( op->oq_search.rs_attrs );
+ initSearchPlugin( op, attrs, manageDSAit );
+ rs->sr_err = doPreSearchPluginFNs( op );
+ if ( rs->sr_err == LDAP_SUCCESS ) {
+ doSearchRewriteFNs( op );
#endif /* LDAP_SLAPI */
- rc = schema_info( &entry, &text );
+ rs->sr_err = schema_info( &entry, &rs->sr_text );
#ifdef LDAP_SLAPI
}
#endif /* LDAP_SLAPI */
}
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
#ifdef LDAP_SLAPI
- doPostSearchPluginFNs( NULL, pb );
+ doPostSearchPluginFNs( op );
#endif /* LDAP_SLAPI */
goto return_results;
} else if ( entry != NULL ) {
- rc = test_filter( NULL, conn, op,
- entry, filter );
+ rs->sr_err = test_filter( op, entry, op->oq_search.rs_filter );
- if( rc == LDAP_COMPARE_TRUE ) {
- send_search_entry( NULL, conn, op,
- entry, an, attrsonly, NULL );
+ if( rs->sr_err == LDAP_COMPARE_TRUE ) {
+ rs->sr_entry = entry;
+ rs->sr_attrs = op->oq_search.rs_attrs;
+ send_search_entry( op, rs );
+ rs->sr_entry = NULL;
}
entry_free( entry );
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_nentries = 1;
+ send_search_result( op, rs );
#ifdef LDAP_SLAPI
- doPostSearchPluginFNs( NULL, pb );
+ doPostSearchPluginFNs( op );
#endif /* LDAP_SLAPI */
goto return_results;
}
}
- if( !nbase.bv_len && default_search_nbase.bv_len ) {
- ch_free( pbase.bv_val );
- ch_free( nbase.bv_val );
+ if( !op->o_req_ndn.bv_len && default_search_nbase.bv_len ) {
+ ch_free( op->o_req_dn.bv_val );
+ ch_free( op->o_req_ndn.bv_val );
- ber_dupbv( &pbase, &default_search_base );
- ber_dupbv( &nbase, &default_search_nbase );
+ ber_dupbv( &op->o_req_dn, &default_search_base );
+ ber_dupbv( &op->o_req_ndn, &default_search_nbase );
}
/*
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
- if ( (be = select_backend( &nbase, manageDSAit, 1 )) == NULL ) {
- BerVarray ref = referral_rewrite( default_referral,
- NULL, &pbase, scope );
+ if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 1 )) == NULL ) {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, op->oq_search.rs_scope );
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, ref ? ref : default_referral, NULL );
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- ber_bvarray_free( ref );
+ if (rs->sr_ref != default_referral)
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
goto return_results;
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto return_results;
}
/* check for referrals */
- rc = backend_check_referrals( be, conn, op, &pbase, &nbase );
- if ( rc != LDAP_SUCCESS ) {
+ if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) {
goto return_results;
}
#ifdef LDAP_SLAPI
- attrs = anlist2charray( an );
- pb = initSearchPlugin( be, conn, op, &pbase,
- scope, deref, sizelimit,
- timelimit, filter, &fstr, attrs, attrsonly,
- manageDSAit );
- rc = doPreSearchPluginFNs( be, pb );
- if ( rc != LDAP_SUCCESS ) {
+ attrs = anlist2charray( op->oq_search.rs_attrs );
+ initSearchPlugin( op, attrs, manageDSAit );
+ rs->sr_err = doPreSearchPluginFNs( op );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
goto return_results;
}
- doSearchRewriteFNs( be, pb, &filter, &fstr );
+ doSearchRewriteFNs( op );
#endif /* LDAP_SLAPI */
/* actually do the search and send the result(s) */
- if ( be->be_search ) {
- (*be->be_search)( be, conn, op, &pbase, &nbase,
- scope, deref, sizelimit,
- timelimit, filter, &fstr, an, attrsonly );
+ if ( op->o_bd->be_search ) {
+ (op->o_bd->be_search)( op, rs );
} else {
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext",
- NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
#ifdef LDAP_SLAPI
- doPostSearchPluginFNs( be, pb );
+ doPostSearchPluginFNs( op );
#endif /* LDAP_SLAPI */
return_results:;
#ifdef LDAP_CLIENT_UPDATE
if ( ( op->o_clientupdate_type & SLAP_LCUP_PERSIST ) )
- return rc;
+ return rs->sr_err;
#endif
#if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC)
else
#endif
#ifdef LDAP_SYNC
if ( ( op->o_sync_mode & SLAP_SYNC_PERSIST ) )
- return rc;
+ return rs->sr_err;
#endif
- if( pbase.bv_val != NULL) free( pbase.bv_val );
- if( nbase.bv_val != NULL) free( nbase.bv_val );
+ if( op->o_req_dn.bv_val != NULL) free( op->o_req_dn.bv_val );
+ if( op->o_req_ndn.bv_val != NULL) free( op->o_req_ndn.bv_val );
- if( fstr.bv_val != NULL) free( fstr.bv_val );
- if( filter != NULL) filter_free( filter );
- if( an != NULL ) free( an );
+ if( op->oq_search.rs_filterstr.bv_val != NULL) free( op->oq_search.rs_filterstr.bv_val );
+ if( op->oq_search.rs_filter != NULL) filter_free( op->oq_search.rs_filter );
+ if( op->oq_search.rs_attrs != NULL ) free( op->oq_search.rs_attrs );
#ifdef LDAP_SLAPI
if( attrs != NULL) ch_free( attrs );
#endif /* LDAP_SLAPI */
- return rc;
+ return rs->sr_err;
}
#ifdef LDAP_SLAPI
return attrs;
}
-static Slapi_PBlock *initSearchPlugin( Backend *be, Connection *conn, Operation *op,
- struct berval *base, int scope, int deref, int sizelimit,
- int timelimit, Filter *filter, struct berval *fstr,
- char **attrs, int attrsonly, int managedsait )
+static void Slapi_PBlock *initSearchPlugin( Operation *op,
+ char **attrs, int managedsait )
{
- Slapi_PBlock *pb;
-
- pb = op->o_pb;
-
- slapi_x_backend_set_pb( pb, be );
- slapi_x_connection_set_pb( pb, conn );
- slapi_x_operation_set_pb( pb, op );
- slapi_pblock_set( pb, SLAPI_SEARCH_TARGET, (void *)base->bv_val );
- slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, (void *)scope );
- slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, (void *)deref );
- slapi_pblock_set( pb, SLAPI_SEARCH_SIZELIMIT, (void *)sizelimit );
- slapi_pblock_set( pb, SLAPI_SEARCH_TIMELIMIT, (void *)timelimit );
- slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, (void *)filter );
- slapi_pblock_set( pb, SLAPI_SEARCH_STRFILTER, (void *)fstr->bv_val );
- slapi_pblock_set( pb, SLAPI_SEARCH_ATTRS, (void *)attrs );
- slapi_pblock_set( pb, SLAPI_SEARCH_ATTRSONLY, (void *)attrsonly );
- slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)managedsait );
-
- return pb;
+ slapi_x_backend_set_pb( op->o_pb, op->o_bd );
+ slapi_x_connection_set_pb( op->o_pb, op->o_conn );
+ slapi_x_operation_set_pb( op->o_pb, op );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_TARGET, (void *)op->o_req_dn.bv_val );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_SCOPE, (void *)op->oq_search.rs_scope );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_DEREF, (void *)op->oq_search.rs_deref );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_SIZELIMIT, (void *)op->oq_search.rs_slimit );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_TIMELIMIT, (void *)op->oq_search.rs_tlimit );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_FILTER, (void *)op->oq_search.rs_filter );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_STRFILTER, (void *)op->oq_search.rs_filterstr.bv_val );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_ATTRS, (void *)attrs );
+ slapi_pblock_set( op->o_pb, SLAPI_SEARCH_ATTRSONLY, (void *)op->oq_search.rs_attrsonly );
+ slapi_pblock_set( op->o_pb, SLAPI_MANAGEDSAIT, (void *)managedsait );
}
-static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb )
+static int doPreSearchPluginFNs( Operation *op )
{
int rc;
- rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_SEARCH_FN, pb );
+ rc = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_SEARCH_FN, op->o_pb );
if ( rc != 0 ) {
/*
* A preoperation plugin failure will abort the
Debug(LDAP_DEBUG_TRACE, "doPreSearchPluginFNs: search preoperation plugin "
"returned %d.\n", rc, 0, 0);
#endif
- if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0)
+ if ( slapi_pblock_get( op->o_pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0)
rc = LDAP_OTHER;
} else {
rc = LDAP_SUCCESS;
return rc;
}
-static int doSearchRewriteFNs( Backend *be, Slapi_PBlock *pb, Filter **filter, struct berval *fstr )
+static int doSearchRewriteFNs( Operation *op )
{
- if ( doPluginFNs( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb ) == 0 ) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, op->o_pb ) == 0 ) {
/*
* The plugin can set the SLAPI_SEARCH_FILTER.
* SLAPI_SEARCH_STRFILER is not normative.
*/
- slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, (void *)filter);
- ch_free( fstr->bv_val );
- filter2bv( *filter, fstr );
+ slapi_pblock_get( op->o_pb, SLAPI_SEARCH_FILTER, (void *)&op->oq_search.rs_filter);
+ ch_free( op->oq_search.rs_filterstr.bv_val );
+ filter2bv( op->oq_search.rs_filter, &op->oq_search.rs_filterstr );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ARGS,
"doSearchRewriteFNs: after compute_rewrite_search filter: %s\n",
- fstr->bv_len ? fstr->bv_val : "empty", 0, 0 );
+ op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS, " after compute_rewrite_search filter: %s\n",
- fstr->bv_len ? fstr->bv_val : "empty", 0, 0 );
+ op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0, 0 );
#endif
}
return LDAP_SUCCESS;
}
-static void doPostSearchPluginFNs( Backend *be, Slapi_PBlock *pb )
+static void doPostSearchPluginFNs( Operation *op )
{
- if ( doPluginFNs( be, SLAPI_PLUGIN_POST_SEARCH_FN, pb ) != 0 ) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_SEARCH_FN, op->o_pb ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "doPostSearchPluginFNs: search postoperation plugins "
"failed\n", 0, 0, 0 );
#define ACL_STATE_INIT { ACL_STATE_NOT_RECORDED, NULL, NULL, 0UL, \
{ { 0, 0 } }, 0, NULL, 0, 0, NULL }
-/*
- * replog moddn param structure
- */
-struct slap_replog_moddn {
- struct berval *newrdn;
- int deloldrdn;
- struct berval *newsup;
-};
-
/*
* Backend-info
* represents a backend
typedef int (BI_db_close) LDAP_P((Backend *bd));
typedef int (BI_db_destroy) LDAP_P((Backend *bd));
-#ifdef SLAP_OP_BLOCKS
typedef struct req_bind_s {
int rb_method;
struct berval rb_cred;
struct berval rb_edn;
+ slap_ssf_t rb_ssf;
} req_bind_s;
typedef struct req_search_s {
int rs_tlimit;
int rs_attrsonly;
AttributeName *rs_attrs;
- Filter *rs_f;
+ Filter *rs_filter;
struct berval rs_filterstr;
} req_search_s;
AttributeAssertion *rs_ava;
} req_compare_s;
+typedef struct req_modify_s {
+ Modifications *rs_modlist;
+} req_modify_s;
+
typedef struct req_modrdn_s {
struct berval rs_newrdn;
struct berval rs_nnewrdn;
- struct berval rs_newSup;
- struct berval rs_nnewSup;
+ struct berval *rs_newSup;
+ struct berval *rs_nnewSup;
int rs_deleteoldrdn;
} req_modrdn_s;
typedef struct req_extended_s {
struct berval rs_reqoid;
- char *rs_rspoid;
- struct berval *rs_rspdata;
- LDAPControl **rs_rspctrls;
- const char *rs_text;
- BerVarray rs_refs;
+ struct berval *rs_reqdata;
} req_extended_s;
-#endif /* SLAP_OP_BLOCKS */
-
-typedef int (BI_op_bind) LDAP_P(( BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *dn, struct berval *ndn, int method,
- struct berval *cred, struct berval *edn ));
-typedef int (BI_op_unbind) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o ));
-typedef int (BI_op_search) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *base, struct berval *nbase,
- int scope, int deref,
- int slimit, int tlimit,
- Filter *f, struct berval *filterstr,
- AttributeName *attrs, int attrsonly));
-typedef int (BI_op_compare)LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *dn, struct berval *ndn,
- AttributeAssertion *ava));
-typedef int (BI_op_modify) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *dn, struct berval *ndn,
- Modifications *m));
-typedef int (BI_op_modrdn) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *dn, struct berval *ndn,
- struct berval *newrdn, struct berval *nnewrdn,
- int deleteoldrdn,
- struct berval *newSup, struct berval *nnewSup ));
-typedef int (BI_op_add) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- Entry *e));
-typedef int (BI_op_delete) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *dn, struct berval *ndn));
-typedef int (BI_op_abandon) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- ber_int_t msgid));
-typedef int (BI_op_cancel) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- ber_int_t msgid));
-
-typedef int (BI_op_extended) LDAP_P((
- BackendDB *be,
- struct slap_conn *conn,
- struct slap_op *op,
- struct berval *reqoid,
- struct berval * reqdata,
- char **rspoid,
- struct berval ** rspdata,
- LDAPControl *** rspctrls,
- const char ** text,
- BerVarray *refs ));
-
-typedef int (BI_entry_get_rw) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *ndn, ObjectClass *oc,
- AttributeDescription *at, int rw,
- Entry **e ));
-
-typedef int (BI_entry_release_rw) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- Entry *e, int rw));
-
-typedef int (BI_chk_referrals) LDAP_P((BackendDB *bd,
- struct slap_conn *c, struct slap_op *o,
- struct berval *dn, struct berval *ndn,
- const char **text ));
-
-typedef int (BI_operational) LDAP_P((Backend *bd,
- struct slap_conn *c, struct slap_op *o,
- Entry *e, AttributeName *attrs, int opattrs, Attribute **a ));
-
-typedef int (BI_has_subordinates) LDAP_P((Backend *bd,
- struct slap_conn *c, struct slap_op *o,
- Entry *e, int *has_subordinates ));
+
+typedef enum slap_reply_e {
+ REP_RESULT,
+ REP_SASL,
+ REP_SRESULT,
+ REP_EXTENDED,
+ REP_SEARCH,
+ REP_SEARCHREF
+} slap_reply_t;
+
+typedef struct rep_sasl_s {
+ struct berval *r_sasldata;
+} rep_sasl_s;
+
+typedef struct rep_sresult_s {
+ int r_nentries;
+} rep_sresult_s;
+
+typedef struct rep_extended_s {
+ const char *r_rspoid;
+ struct berval *r_rspdata;
+} rep_extended_s;
+
+typedef struct rep_search_s {
+ AttributeName *r_attrs;
+ Entry *r_entry;
+ BerVarray r_v2ref;
+} rep_search_s;
+
+typedef struct slap_rep {
+ slap_reply_t sr_type;
+ ber_tag_t sr_tag;
+ ber_int_t sr_msgid;
+ ber_int_t sr_err;
+ const char *sr_matched;
+ const char *sr_text;
+ BerVarray sr_ref;
+ LDAPControl **sr_ctrls;
+ union sr_u {
+ rep_sasl_s sru_sasl;
+ rep_sresult_s sru_sresult;
+ rep_extended_s sru_extended;
+ rep_search_s sru_search;
+ } sr_un;
+} SlapReply;
+
+/* short hands for response members */
+#define sr_attrs sr_un.sru_search.r_attrs
+#define sr_entry sr_un.sru_search.r_entry
+#define sr_v2ref sr_un.sru_search.r_v2ref
+#define sr_rspoid sr_un.sru_extended.r_rspoid
+#define sr_rspdata sr_un.sru_extended.r_rspdata
+#define sr_sasldata sr_un.sru_sasl.r_sasldata
+#define sr_nentries sr_un.sru_sresult.r_nentries
+
+typedef int (BI_op_bind) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_unbind) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_search) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_compare) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_modify) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_modrdn) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_add) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_delete) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_abandon) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_cancel) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_extended) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_entry_release_rw) LDAP_P(( struct slap_op *op, Entry *e, int rw ));
+typedef int (BI_entry_get_rw) LDAP_P(( struct slap_op *op, struct berval *ndn,
+ ObjectClass *oc, AttributeDescription *at, int rw, Entry **e ));
+typedef int (BI_chk_referrals) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs, int opattrs, Attribute **ap ));
+typedef int (BI_has_subordinates) LDAP_P(( struct slap_op *op, Entry *e, int *hasSubs ));
typedef int (BI_connection_init) LDAP_P((BackendDB *bd,
struct slap_conn *c));
#define o_tls_ssf o_authz.sai_tls_ssf
#define o_sasl_ssf o_authz.sai_sasl_ssf
-typedef void (slap_response)( struct slap_conn *, struct slap_op *,
- ber_tag_t, ber_int_t, ber_int_t, const char *, const char *,
- BerVarray, const char *, struct berval *,
- struct berval *, LDAPControl ** );
-
-typedef void (slap_sresult)( struct slap_conn *, struct slap_op *,
- ber_int_t, const char *, const char *, BerVarray,
- LDAPControl **, int nentries);
-
-typedef int (slap_sendentry)( BackendDB *, struct slap_conn *,
- struct slap_op *, Entry *, AttributeName *, int, LDAPControl **);
-
-typedef int (slap_sendreference)( BackendDB *, struct slap_conn *,
- struct slap_op *, Entry *, BerVarray, LDAPControl **, BerVarray * );
+typedef void (slap_response)( struct slap_op *, struct slap_rep * );
+typedef void (slap_sresult)( struct slap_op *, struct slap_rep * );
+typedef int (slap_sendentry)( struct slap_op *, struct slap_rep * );
+typedef int (slap_sendreference)( struct slap_op *, struct slap_rep * );
typedef struct slap_callback {
slap_response *sc_response;
#define LDAP_PSEARCH_BY_MODIFY 0x04
#define LDAP_PSEARCH_BY_SCOPEOUT 0x05
-struct ldap_psearch_spec {
- struct slap_op *op;
- struct berval *base;
- struct berval *nbase;
- int scope;
- int deref;
- int slimit;
- int tlimit;
- Filter *filter;
- struct berval *filterstr;
- AttributeName *attrs;
- int attrsonly;
- int protocol;
- int entry_count;
- LDAP_LIST_ENTRY(ldap_psearch_spec) link;
-};
-
struct psid_entry {
- struct ldap_psearch_spec* ps;
- LDAP_LIST_ENTRY(psid_entry) link;
+ struct slap_op *ps_op;
+ LDAP_LIST_ENTRY(psid_entry) ps_link;
};
#endif
unsigned long o_opid; /* id of this operation */
unsigned long o_connid; /* id of conn initiating this op */
struct slap_conn *o_conn; /* connection spawning this op */
-#ifdef SLAP_OP_BLOCKS
BackendDB *o_bd; /* backend DB processing this op */
-#endif
ber_int_t o_msgid; /* msgid of the request */
ber_int_t o_protocol; /* version of the LDAP protocol used by client */
ber_tag_t o_tag; /* tag of the request */
time_t o_time; /* time op was initiated */
-#ifdef SLAP_OP_BLOCKS
struct berval o_req_dn; /* DN of target of request */
struct berval o_req_ndn;
union o_req_u {
+ req_add_s oq_add;
req_bind_s oq_bind;
- req_search_s oq_search;
req_compare_s oq_compare;
+ req_modify_s oq_modify;
req_modrdn_s oq_modrdn;
- req_add_s oq_add;
+ req_search_s oq_search;
req_abandon_s oq_abandon;
req_abandon_s oq_cancel;
req_extended_s oq_extended;
} o_request;
/* short hands for union members */
-#define o_bind o_request.oq_bind
+#define oq_add o_request.oq_add
+#define oq_bind o_request.oq_bind
+#define oq_compare o_request.oq_compare
+#define oq_modify o_request.oq_modify
+#define oq_modrdn o_request.oq_modrdn
+#define oq_search o_request.oq_search
+#define oq_abandon o_request.oq_abandon
+#define oq_cancel o_request.oq_cancel
+#define oq_extended o_request.oq_extended
/* ... */
/* short hands for inner request members */
-#define o_bind_edn o_bind.rb_edn
+#define o_bind_edn oq_bind.rb_edn
/* ... */
- struct o_rep_s {
- ber_tag_t or_tag;
- ber_int_t or_err;
- const char *or_matched;
- const char *or_text;
- BerVarray or_ref;
- const char *or_resoid;
- struct berval *or_resdata;
- struct berval *or_sasldata;
- LDAPControl **or_ctrls;
- } o_response;
-#else
- char * o_extendedop; /* extended operation OID */
-#endif
-
ldap_pvt_thread_t o_tid; /* thread handling this op */
volatile sig_atomic_t o_abandon; /* abandon flag */
#endif
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
- LDAP_LIST_HEAD(lss, ldap_psearch_spec) psearch_spec;
- LDAP_LIST_HEAD(pe, psid_entry) premodify_list;
- LDAP_LIST_ENTRY(slap_op) link;
+ int o_ps_protocol;
+ int o_ps_entries;
+ LDAP_LIST_ENTRY(slap_op) o_ps_link;
+ LDAP_LIST_HEAD(pe, psid_entry) o_pm_list;
#endif
AuthorizationInformation o_authz;
#endif
} Operation;
-typedef void (*SEND_LDAP_RESULT)(
- struct slap_conn *conn,
- struct slap_op *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray ref,
- LDAPControl **ctrls
- );
-
-#define send_ldap_result( conn, op, err, matched, text, ref, ctrls ) \
-(*conn->c_send_ldap_result)( conn, op, err, matched, text, ref, ctrls )
-
-
-typedef int (*SEND_SEARCH_ENTRY)(
- struct slap_backend_db *be,
- struct slap_conn *conn,
- struct slap_op *op,
- struct slap_entry *e,
- AttributeName *attrs,
- int attrsonly,
- LDAPControl **ctrls
- );
-
-#define send_search_entry( be, conn, op, e, attrs, attrsonly, ctrls) \
-(*conn->c_send_search_entry)( be, conn, op, e, attrs, attrsonly, ctrls)
-
-
-typedef void (*SEND_SEARCH_RESULT)(
- struct slap_conn *conn,
- struct slap_op *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- LDAPControl **ctrls,
- int nentries
- );
-
-#define send_search_result( conn, op, err, matched, text, refs, ctrls, nentries ) \
-(*conn->c_send_search_result)( conn, op, err, matched, text, refs, ctrls, nentries )
-
-
-typedef int (*SEND_SEARCH_REFERENCE)(
- struct slap_backend_db *be,
- struct slap_conn *conn,
- struct slap_op *op,
- struct slap_entry *e,
- BerVarray refs,
- LDAPControl **ctrls,
- BerVarray *v2refs
- );
-
-#define send_search_reference( be, conn, op, e, refs, ctrls, v2refs ) \
-(*conn->c_send_search_reference)( be, conn, op, e, refs, ctrls, v2refs )
-
-
-typedef void (*SEND_LDAP_EXTENDED)(
- struct slap_conn *conn,
- struct slap_op *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
- struct berval *rspdata,
- LDAPControl **ctrls
- );
-
-#define send_ldap_extended( conn, op, err, matched, text, refs, rspoid, rspdata, ctrls) \
-(*conn->c_send_ldap_extended)( conn, op, err, matched, text, refs, rspoid, rspdata, ctrls )
-
-typedef void (*SEND_LDAP_INTERMEDIATE_RESP)(
- struct slap_conn *conn,
- struct slap_op *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
- struct berval *rspdata,
- LDAPControl **ctrls
- );
-
-#define send_ldap_intermediate_resp( conn, op, err, matched, text, refs, \
- rspoid, rspdata, ctrls) \
- (*conn->c_send_ldap_intermediate_resp)( conn, op, err, matched, text, \
- refs, rspoid, rspdata, ctrls )
+#define send_ldap_error( op, rs, err, text ) \
+do { (rs)->sr_err = err; (rs)->sr_text = text; \
+(op->o_conn->c_send_ldap_result)( op, rs ); } while (0)
+#define send_ldap_discon( op, rs, err, text ) \
+do { (rs)->sr_err = err; (rs)->sr_text = text; \
+send_ldap_disconnect( op, rs ); } while (0)
+typedef void (SEND_LDAP_RESULT)(struct slap_op *op, struct slap_rep *rs);
+typedef int (SEND_SEARCH_ENTRY)(struct slap_op *op, struct slap_rep *rs);
+typedef void (SEND_SEARCH_RESULT)(struct slap_op *op, struct slap_rep *rs);
+typedef int (SEND_SEARCH_REFERENCE)(struct slap_op *op, struct slap_rep *rs);
+typedef void (SEND_LDAP_EXTENDED)(struct slap_op *op, struct slap_rep *rs);
+typedef void (SEND_LDAP_INTERMEDIATE_RESP)(struct slap_op *op, struct slap_rep *rs);
+#define send_ldap_result( op, rs ) \
+(op->o_conn->c_send_ldap_result)( op, rs )
+#define send_search_entry( op, rs ) \
+(op->o_conn->c_send_search_entry)( op, rs )
+#define send_search_result( op, rs ) \
+(op->o_conn->c_send_search_result)( op, rs )
+#define send_search_reference( op, rs ) \
+(op->o_conn->c_send_search_reference)( op, rs )
+#define send_ldap_extended( op, rs ) \
+(op->o_conn->c_send_ldap_extended)( op, rs )
+#define send_ldap_intermediate_resp( op, rs ) \
+(op->o_conn->c_send_ldap_intermediate_resp)( op, rs )
/*
* Caches the result of a backend_group check for ACL evaluation
* supply data back to connected clients that are connected
* through the "front-end".
*/
- SEND_LDAP_RESULT c_send_ldap_result;
- SEND_SEARCH_ENTRY c_send_search_entry;
- SEND_SEARCH_RESULT c_send_search_result;
- SEND_SEARCH_REFERENCE c_send_search_reference;
- SEND_LDAP_EXTENDED c_send_ldap_extended;
+ SEND_LDAP_RESULT *c_send_ldap_result;
+ SEND_SEARCH_ENTRY *c_send_search_entry;
+ SEND_SEARCH_RESULT *c_send_search_result;
+ SEND_SEARCH_REFERENCE *c_send_search_reference;
+ SEND_LDAP_EXTENDED *c_send_ldap_extended;
#ifdef LDAP_RES_INTERMEDIATE_RESP
- SEND_LDAP_INTERMEDIATE_RESP c_send_ldap_intermediate_resp;
+ SEND_LDAP_INTERMEDIATE_RESP *c_send_ldap_intermediate_resp;
#endif
} Connection;
#define SLAP_CTRL_ACCESS (SLAP_CTRL_INTROGATE|SLAP_CTRL_UPDATE)
typedef int (SLAP_CTRL_PARSE_FN) LDAP_P((
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text ));
+ SlapReply *rs,
+ LDAPControl *ctrl ));
LDAP_END_DECL
#ifdef HAVE_TLS
int
-starttls_extop (
- Connection *conn,
- Operation *op,
- struct berval * reqoid,
- struct berval * reqdata,
- char ** rspoid,
- struct berval ** rspdata,
- LDAPControl ***rspctrls,
- const char ** text,
- BerVarray * refs )
+starttls_extop ( Operation *op, SlapReply *rs )
{
void *ctx;
int rc;
- if ( reqdata != NULL ) {
+ if ( op->oq_extended.rs_reqdata != NULL ) {
/* no request data should be provided */
- *text = "no request data expected";
+ rs->sr_text = "no request data expected";
return LDAP_PROTOCOL_ERROR;
}
/* acquire connection lock */
- ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
/* can't start TLS if it is already started */
- if (conn->c_is_tls != 0) {
- *text = "TLS already started";
+ if (op->o_conn->c_is_tls != 0) {
+ rs->sr_text = "TLS already started";
rc = LDAP_OPERATIONS_ERROR;
goto done;
}
/* can't start TLS if there are other op's around */
- if (( !LDAP_STAILQ_EMPTY(&conn->c_ops) &&
- (LDAP_STAILQ_FIRST(&conn->c_ops) != op ||
+ if (( !LDAP_STAILQ_EMPTY(&op->o_conn->c_ops) &&
+ (LDAP_STAILQ_FIRST(&op->o_conn->c_ops) != op ||
LDAP_STAILQ_NEXT(op, o_next) != NULL)) ||
- ( !LDAP_STAILQ_EMPTY(&conn->c_pending_ops) ))
+ ( !LDAP_STAILQ_EMPTY(&op->o_conn->c_pending_ops) ))
{
- *text = "cannot start TLS when operations are outstanding";
+ rs->sr_text = "cannot start TLS when operations are outstanding";
rc = LDAP_OPERATIONS_ERROR;
goto done;
}
if ( !( global_disallows & SLAP_DISALLOW_TLS_2_ANON ) &&
- ( conn->c_dn.bv_len != 0 ) )
+ ( op->o_conn->c_dn.bv_len != 0 ) )
{
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu AUTHZ anonymous mech=starttls ssf=0",
op->o_connid, op->o_opid, 0, 0, 0 );
/* force to anonymous */
- connection2anonymous( conn );
+ connection2anonymous( op->o_conn );
}
if ( ( global_disallows & SLAP_DISALLOW_TLS_AUTHC ) &&
- ( conn->c_dn.bv_len != 0 ) )
+ ( op->o_conn->c_dn.bv_len != 0 ) )
{
- *text = "cannot start TLS after authentication";
+ rs->sr_text = "cannot start TLS after authentication";
rc = LDAP_OPERATIONS_ERROR;
goto done;
}
goto done;
}
- *text = "Could not initialize TLS";
+ rs->sr_text = "Could not initialize TLS";
rc = LDAP_UNAVAILABLE;
goto done;
}
- conn->c_is_tls = 1;
- conn->c_needs_tls_accept = 1;
+ op->o_conn->c_is_tls = 1;
+ op->o_conn->c_needs_tls_accept = 1;
rc = LDAP_SUCCESS;
done:
/* give up connection lock */
- ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
/*
* RACE CONDITION: we give up lock before sending result
/* bogus ../results.c */
int str2result(
char* s,
- int *code,
+ int *code,
char **matched,
char **info )
{
}
void
-send_ldap_disconnect(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *text
-)
+send_ldap_disconnect( Operation *op, SlapReply *rs )
{
assert(0);
}
void
slap_send_ldap_extended(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
- struct berval *rspdata,
- LDAPControl **ctrls
+ Operation *op, SlapReply *rs
)
{
assert(0);
void
slap_send_ldap_intermediate_resp(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- const char *rspoid,
- struct berval *rspdata,
- LDAPControl **ctrls
+ Operation *op, SlapReply *rs
)
{
assert(0);
}
void
-send_ldap_sasl(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- LDAPControl **ctrls,
- struct berval *cred
-)
+send_ldap_sasl( Operation *op, SlapReply *rs )
{
assert(0);
}
void
-slap_send_ldap_result(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- LDAPControl **ctrls
-)
+slap_send_ldap_result( Operation *op, SlapReply *rs )
{
assert(0);
}
void
-slap_send_search_result(
- Connection *conn,
- Operation *op,
- ber_int_t err,
- const char *matched,
- const char *text,
- BerVarray refs,
- LDAPControl **ctrls,
- int nentries
-)
+slap_send_search_result( Operation *op, SlapReply *rs )
{
assert(0);
}
int
-slap_send_search_entry(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- AttributeName *attrs,
- int attrsonly,
- LDAPControl **ctrls
-)
+slap_send_search_entry( Operation *op, SlapReply *rs )
{
assert(0);
return -1;
}
int
-slap_send_search_reference(
- Backend *be,
- Connection *conn,
- Operation *op,
- Entry *e,
- BerVarray refs,
- LDAPControl **ctrls,
- BerVarray *v2refs
-)
+slap_send_search_reference( Operation *op, SlapReply *rs )
{
assert(0);
return -1;
return LDAP_SUCCESS;
}
-int slap_sasl_setpass(
- Connection *conn,
- Operation *op,
- struct berval *reqoid,
- struct berval *reqdata,
- char **rspoid,
- struct berval **rspdata,
- LDAPControl *** rspctrls,
- const char **text )
+int slap_sasl_setpass( Operation *op, SlapReply *rs )
{
return LDAP_SUCCESS;
}
return NULL;
}
-void replog( Backend *be, Operation *op,
- struct berval *dn, struct berval *ndn, void *change)
+void replog( Operation *op )
{
assert(0);
}
int
slap_modrdn2mods(
- Backend *be,
- Connection *conn,
- Operation *op,
+ Operation *op, SlapReply *rs,
Entry *e,
LDAPRDN *oldrdn,
LDAPRDN *newrdn,
- int deleteoldrdn,
Modifications **pmod )
{
return 0;
{
ID id;
int rc = EXIT_SUCCESS;
+ Operation op = {0};
slap_tool_init( "slapcat", SLAPCAT, argc, argv );
}
data = entry2str( e, &len );
- be_entry_release_r( be, 0L, 0L, e );
+ op.o_bd = be;
+ be_entry_release_r( &op, e );
if ( data == NULL ) {
printf("# bad data for entry id=%08lx\n\n", (long) id );
#include "slap.h"
int
-do_unbind(
- Connection *conn,
- Operation *op
-)
+do_unbind( Operation *op, SlapReply *rs )
{
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ENTRY,
- "do_unbind: conn %d\n", conn ? conn->c_connid : -1, 0, 0 );
+ "do_unbind: conn %d\n", op->o_connid : -1, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_unbind\n", 0, 0, 0 );
#endif
-
/*
* Parse the unbind request. It looks like this:
*
op->o_opid, 0, 0, 0 );
/* pass the unbind to all backends */
- backend_unbind( conn, op );
+ backend_unbind( op, rs );
return 0;
}
projects / openldap / commitdiff