From: Howard Chu Date: Sun, 30 Mar 2003 09:03:54 +0000 (+0000) Subject: Major API change - (SLAP_OP_BLOCKS) All request parameters are X-Git-Tag: AUTOCONF_2_57~152 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=e8c58b4e7f21caa6c0b6006e3528cbad9b8aed45;p=openldap Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. --- diff --git a/servers/slapd/abandon.c b/servers/slapd/abandon.c index 447a4e7f61..5a40f94dc5 100644 --- a/servers/slapd/abandon.c +++ b/servers/slapd/abandon.c @@ -25,18 +25,14 @@ #include "slap.h" int -do_abandon( - Connection *conn, - Operation *op -) +do_abandon( Operation *op, SlapReply *rs ) { ber_int_t id; Operation *o; - int rc; int i; #ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ENTRY, "conn: %d do_abandon\n", conn->c_connid, 0, 0); + LDAP_LOG( OPERATION, ENTRY, "conn: %d do_abandon\n", op->o_connid, 0, 0); #else Debug( LDAP_DEBUG_TRACE, "do_abandon\n", 0, 0, 0 ); #endif @@ -54,19 +50,19 @@ do_abandon( #else Debug( LDAP_DEBUG_ANY, "do_abandon: ber_scanf failed\n", 0, 0 ,0 ); #endif - send_ldap_disconnect( conn, op, + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); return -1; } - if( (rc = get_ctrls( conn, op, 0 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 0 ) != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "do_abandon: get_ctrls failed\n", 0, 0 ,0 ); - return rc; + return rs->sr_err; } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "do_abandon: conn: %d id=%ld\n", - conn->c_connid, (long) id, 0 ); + op->o_connid, (long) id, 0 ); #else Debug( LDAP_DEBUG_ARGS, "do_abandon: id=%ld\n", (long) id, 0 ,0 ); #endif @@ -75,7 +71,7 @@ do_abandon( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_abandon: conn: %d bad msgid %ld\n", - conn->c_connid, (long) id, 0 ); + op->o_connid, (long) id, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_abandon: bad msgid %ld\n", (long) id, 0, 0 ); @@ -83,23 +79,23 @@ do_abandon( return LDAP_SUCCESS; } - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); /* * find the operation being abandoned and set the o_abandon * flag. It's up to the backend to periodically check this * flag and abort the operation at a convenient time. */ - LDAP_STAILQ_FOREACH( o, &conn->c_ops, o_next ) { + LDAP_STAILQ_FOREACH( o, &op->o_conn->c_ops, o_next ) { if ( o->o_msgid == id ) { o->o_abandon = 1; goto done; } } - LDAP_STAILQ_FOREACH( o, &conn->c_pending_ops, o_next ) { + LDAP_STAILQ_FOREACH( o, &op->o_conn->c_pending_ops, o_next ) { if ( o->o_msgid == id ) { - LDAP_STAILQ_REMOVE( &conn->c_pending_ops, o, slap_op, o_next ); + LDAP_STAILQ_REMOVE( &op->o_conn->c_pending_ops, o, slap_op, o_next ); slap_op_free( o ); goto done; } @@ -107,18 +103,19 @@ do_abandon( done: + op->oq_abandon.rs_msgid = id; for ( i = 0; i < nbackends; i++ ) { - Backend *be = &backends[i]; + op->o_bd = &backends[i]; - if( be->be_abandon ) be->be_abandon( be, conn, op, id ); + if( op->o_bd->be_abandon ) op->o_bd->be_abandon( op, rs ); } - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "do_abandon: conn: %d op=%ld %sfound\n", - conn->c_connid, (long)id, o ? "" : "not " ); + op->o_connid, (long)id, o ? "" : "not " ); #else Debug( LDAP_DEBUG_TRACE, "do_abandon: op=%ld %sfound\n", (long) id, o ? "" : "not ", 0 ); diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index a7d3fb4738..887e4d0ee0 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -47,15 +47,13 @@ static struct berval static AccessControl * acl_get( AccessControl *ac, int *count, - Backend *be, Operation *op, - Entry *e, + Operation *op, Entry *e, AttributeDescription *desc, int nmatches, regmatch_t *matches ); static slap_control_t acl_mask( AccessControl *ac, slap_mask_t *mask, - Backend *be, Connection *conn, Operation *op, - Entry *e, + Operation *op, Entry *e, AttributeDescription *desc, struct berval *val, regmatch_t *matches, @@ -64,10 +62,7 @@ static slap_control_t acl_mask( #ifdef SLAPD_ACI_ENABLED static int aci_mask( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, + Operation *op, Entry *e, AttributeDescription *desc, struct berval *val, struct berval *aci, @@ -83,15 +78,13 @@ static void string_expand( char *match, regmatch_t *matches); typedef struct AciSetCookie { - Backend *be; - Entry *e; - Connection *conn; Operation *op; + Entry *e; } AciSetCookie; SLAP_SET_GATHER aci_set_gather; -static int aci_match_set ( struct berval *subj, Backend *be, - Entry *e, Connection *conn, Operation *op, int setref ); +static int aci_match_set ( struct berval *subj, Operation *op, + Entry *e, int setref ); /* * access_allowed - check whether op->o_ndn is allowed the requested access @@ -110,18 +103,18 @@ static int aci_match_set ( struct berval *subj, Backend *be, int access_allowed( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, + Operation *op, + Entry *e, AttributeDescription *desc, - struct berval *val, - slap_access_t access, + struct berval *val, + slap_access_t access, AccessControlState *state ) { int ret = 1; int count; AccessControl *a = NULL; + Backend *be; + int be_null = 0; #ifdef LDAP_DEBUG char accessmaskbuf[ACCESSMASK_MAXLEN]; @@ -176,7 +169,12 @@ access_allowed( goto done; } - if ( be == NULL ) be = &backends[0]; + be = op->o_bd; + if ( be == NULL ) { + be = &backends[0]; + be_null = 1; + op->o_bd = be; + } assert( be != NULL ); /* grant database root access */ @@ -184,7 +182,7 @@ access_allowed( #ifdef NEW_LOGGING LDAP_LOG( ACL, INFO, "access_allowed: conn %lu root access granted\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ACL, "<= root access granted\n", @@ -205,7 +203,7 @@ access_allowed( #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "access_allowed: conn %lu NoUserMod Operational attribute: %s " - "access granted\n", conn->c_connid, attr , 0 ); + "access granted\n", op->o_connid, attr , 0 ); #else Debug( LDAP_DEBUG_ACL, "NoUserMod Operational attribute:" " %s access granted\n", @@ -272,7 +270,7 @@ access_allowed( memset(matches, '\0', sizeof(matches)); } - while((a = acl_get( a, &count, be, op, e, desc, + while((a = acl_get( a, &count, op, e, desc, MAXREMATCHES, matches )) != NULL) { int i; @@ -312,7 +310,7 @@ access_allowed( } vd_access: - control = acl_mask( a, &mask, be, conn, op, + control = acl_mask( a, &mask, op, e, desc, val, matches, count, state ); if ( control != ACL_BREAK ) { @@ -326,7 +324,7 @@ vd_access: #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "access_allowed: conn %lu \"%s\" (%s) invalid!\n", - conn->c_connid, e->e_dn, attr ); + op->o_connid, e->e_dn, attr ); #else Debug( LDAP_DEBUG_ACL, "=> access_allowed: \"%s\" (%s) invalid!\n", @@ -337,7 +335,7 @@ vd_access: } else if ( control == ACL_BREAK ) { #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, - "access_allowed: conn %lu no more rules\n", conn->c_connid, 0,0 ); + "access_allowed: conn %lu no more rules\n", op->o_connid, 0,0 ); #else Debug( LDAP_DEBUG_ACL, "=> access_allowed: no more rules\n", 0, 0, 0); @@ -369,6 +367,7 @@ done: state->as_recorded |= ACL_STATE_RECORDED; state->as_result = ret; } + if (be_null) op->o_bd = NULL; return ret; } @@ -382,12 +381,11 @@ static AccessControl * acl_get( AccessControl *a, int *count, - Backend *be, - Operation *op, - Entry *e, + Operation *op, + Entry *e, AttributeDescription *desc, - int nmatch, - regmatch_t *matches ) + int nmatch, + regmatch_t *matches ) { const char *attr; int dnlen, patlen; @@ -401,10 +399,10 @@ acl_get( assert( attr != NULL ); if( a == NULL ) { - if( be == NULL ) { + if( op->o_bd == NULL ) { a = global_acl; } else { - a = be->be_acl; + a = op->o_bd->be_acl; } assert( a != NULL ); @@ -487,7 +485,7 @@ acl_get( } if ( a->acl_filter != NULL ) { - ber_int_t rc = test_filter( NULL, NULL, NULL, e, a->acl_filter ); + ber_int_t rc = test_filter( NULL, e, a->acl_filter ); if ( rc != LDAP_COMPARE_TRUE ) { continue; } @@ -550,14 +548,12 @@ acl_get( static slap_control_t acl_mask( - AccessControl *a, + AccessControl *a, slap_mask_t *mask, - Backend *be, - Connection *conn, - Operation *op, - Entry *e, + Operation *op, + Entry *e, AttributeDescription *desc, - struct berval *val, + struct berval *val, regmatch_t *matches, int count, AccessControlState *state ) @@ -580,7 +576,7 @@ acl_mask( #ifdef NEW_LOGGING LDAP_LOG( ACL, ENTRY, "acl_mask: conn %lu access to entry \"%s\", attr \"%s\" requested\n", - conn->c_connid, e->e_dn, attr ); + op->o_connid, e->e_dn, attr ); LDAP_LOG( ACL, ARGS, " to %s by \"%s\", (%s) \n", val ? "value" : "all values", @@ -619,7 +615,7 @@ acl_mask( #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_dn_pat: %s\n", - conn->c_connid, b->a_dn_pat.bv_val ,0 ); + op->o_connid, b->a_dn_pat.bv_val ,0 ); #else Debug( LDAP_DEBUG_ACL, "<= check a_dn_pat: %s\n", b->a_dn_pat.bv_val, 0, 0); @@ -740,13 +736,13 @@ dn_match_cleanup:; } if ( b->a_sockurl_pat.bv_len ) { - if ( ! conn->c_listener ) { + if ( ! op->o_conn->c_listener ) { continue; } #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_sockurl_pat: %s\n", - conn->c_connid, b->a_sockurl_pat.bv_val , 0 ); + op->o_connid, b->a_sockurl_pat.bv_val , 0 ); #else Debug( LDAP_DEBUG_ACL, "<= check a_sockurl_pat: %s\n", b->a_sockurl_pat.bv_val, 0, 0 ); @@ -754,33 +750,33 @@ dn_match_cleanup:; if ( !ber_bvccmp( &b->a_sockurl_pat, '*' ) ) { if ( b->a_sockurl_style == ACL_STYLE_REGEX) { - if (!regex_matches( &b->a_sockurl_pat, conn->c_listener_url.bv_val, + if (!regex_matches( &b->a_sockurl_pat, op->o_conn->c_listener_url.bv_val, e->e_ndn, matches ) ) { continue; } } else { - if ( ber_bvstrcasecmp( &b->a_sockurl_pat, &conn->c_listener_url ) != 0 ) + if ( ber_bvstrcasecmp( &b->a_sockurl_pat, &op->o_conn->c_listener_url ) != 0 ) continue; } } } if ( b->a_domain_pat.bv_len ) { - if ( !conn->c_peer_domain.bv_val ) { + if ( !op->o_conn->c_peer_domain.bv_val ) { continue; } #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_domain_pat: %s\n", - conn->c_connid, b->a_domain_pat.bv_val , 0 ); + op->o_connid, b->a_domain_pat.bv_val , 0 ); #else Debug( LDAP_DEBUG_ACL, "<= check a_domain_pat: %s\n", b->a_domain_pat.bv_val, 0, 0 ); #endif if ( !ber_bvccmp( &b->a_domain_pat, '*' ) ) { if ( b->a_domain_style == ACL_STYLE_REGEX) { - if (!regex_matches( &b->a_domain_pat, conn->c_peer_domain.bv_val, + if (!regex_matches( &b->a_domain_pat, op->o_conn->c_peer_domain.bv_val, e->e_ndn, matches ) ) { continue; @@ -788,7 +784,7 @@ dn_match_cleanup:; } else { char buf[ACL_BUF_SIZE]; - struct berval cmp = conn->c_peer_domain; + struct berval cmp = op->o_conn->c_peer_domain; struct berval pat = b->a_domain_pat; if ( b->a_domain_expand ) { @@ -824,52 +820,52 @@ dn_match_cleanup:; } if ( b->a_peername_pat.bv_len ) { - if ( !conn->c_peer_name.bv_val ) { + if ( !op->o_conn->c_peer_name.bv_val ) { continue; } #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_peername_path: %s\n", - conn->c_connid, b->a_peername_pat.bv_val , 0 ); + op->o_connid, b->a_peername_pat.bv_val , 0 ); #else Debug( LDAP_DEBUG_ACL, "<= check a_peername_path: %s\n", b->a_peername_pat.bv_val, 0, 0 ); #endif if ( !ber_bvccmp( &b->a_peername_pat, '*' ) ) { if ( b->a_peername_style == ACL_STYLE_REGEX) { - if (!regex_matches( &b->a_peername_pat, conn->c_peer_name.bv_val, + if (!regex_matches( &b->a_peername_pat, op->o_conn->c_peer_name.bv_val, e->e_ndn, matches ) ) { continue; } } else { - if ( ber_bvstrcasecmp( &b->a_peername_pat, &conn->c_peer_name ) != 0 ) + if ( ber_bvstrcasecmp( &b->a_peername_pat, &op->o_conn->c_peer_name ) != 0 ) continue; } } } if ( b->a_sockname_pat.bv_len ) { - if ( !conn->c_sock_name.bv_val ) { + if ( !op->o_conn->c_sock_name.bv_val ) { continue; } #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_sockname_path: %s\n", - conn->c_connid, b->a_sockname_pat.bv_val , 0 ); + op->o_connid, b->a_sockname_pat.bv_val , 0 ); #else Debug( LDAP_DEBUG_ACL, "<= check a_sockname_path: %s\n", b->a_sockname_pat.bv_val, 0, 0 ); #endif if ( !ber_bvccmp( &b->a_sockname_pat, '*' ) ) { if ( b->a_sockname_style == ACL_STYLE_REGEX) { - if (!regex_matches( &b->a_sockname_pat, conn->c_sock_name.bv_val, + if (!regex_matches( &b->a_sockname_pat, op->o_conn->c_sock_name.bv_val, e->e_ndn, matches ) ) { continue; } } else { - if ( ber_bvstrcasecmp( &b->a_sockname_pat, &conn->c_sock_name ) != 0 ) + if ( ber_bvstrcasecmp( &b->a_sockname_pat, &op->o_conn->c_sock_name ) != 0 ) continue; } } @@ -891,7 +887,7 @@ dn_match_cleanup:; #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_dn_pat: %s\n", - conn->c_connid, attr , 0 ); + op->o_connid, attr , 0 ); #else Debug( LDAP_DEBUG_ACL, "<= check a_dn_at: %s\n", attr, 0, 0); @@ -995,7 +991,7 @@ dn_match_cleanup:; bv = b->a_group_pat; } - rc = backend_group( be, conn, op, e, &bv, &op->o_ndn, + rc = backend_group( op, e, &bv, &op->o_ndn, b->a_group_oc, b->a_group_at ); if ( ndn.bv_val ) free( ndn.bv_val ); @@ -1015,7 +1011,7 @@ dn_match_cleanup:; }else{ bv = b->a_set_pat; } - if (aci_match_set( &bv, be, e, conn, op, 0 ) == 0) { + if (aci_match_set( &bv, op, e, 0 ) == 0) { continue; } } @@ -1024,7 +1020,7 @@ dn_match_cleanup:; #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_authz.sai_ssf: ACL %u > OP %u\n", - conn->c_connid, b->a_authz.sai_ssf, op->o_ssf ); + op->o_connid, b->a_authz.sai_ssf, op->o_ssf ); #else Debug( LDAP_DEBUG_ACL, "<= check a_authz.sai_ssf: ACL %u > OP %u\n", b->a_authz.sai_ssf, op->o_ssf, 0 ); @@ -1039,7 +1035,7 @@ dn_match_cleanup:; LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_authz.sai_transport_ssf: " "ACL %u > OP %u\n", - conn->c_connid, b->a_authz.sai_transport_ssf, + op->o_connid, b->a_authz.sai_transport_ssf, op->o_transport_ssf ); #else Debug( LDAP_DEBUG_ACL, @@ -1056,7 +1052,7 @@ dn_match_cleanup:; LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_authz.sai_tls_ssf: ACL %u > " "OP %u\n", - conn->c_connid, b->a_authz.sai_tls_ssf, op->o_tls_ssf ); + op->o_connid, b->a_authz.sai_tls_ssf, op->o_tls_ssf ); #else Debug( LDAP_DEBUG_ACL, "<= check a_authz.sai_tls_ssf: ACL %u > OP %u\n", @@ -1072,7 +1068,7 @@ dn_match_cleanup:; LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu check a_authz.sai_sasl_ssf: " "ACL %u > OP %u\n", - conn->c_connid, b->a_authz.sai_sasl_ssf, op->o_sasl_ssf ); + op->o_connid, b->a_authz.sai_sasl_ssf, op->o_sasl_ssf ); #else Debug( LDAP_DEBUG_ACL, "<= check a_authz.sai_sasl_ssf: ACL %u > OP %u\n", @@ -1210,7 +1206,7 @@ dn_match_cleanup:; #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_mask: conn %lu [%d] mask: %s\n", - conn->c_connid, i, accessmask2str( *mask, accessmaskbuf) ); + op->o_connid, i, accessmask2str( *mask, accessmaskbuf) ); #else Debug( LDAP_DEBUG_ACL, "<= acl_mask: [%d] mask: %s\n", @@ -1234,7 +1230,7 @@ dn_match_cleanup:; #ifdef NEW_LOGGING LDAP_LOG( ACL, RESULTS, "acl_mask: conn %lu no more clauses, returning %d (stop)\n", - conn->c_connid, accessmask2str( *mask, accessmaskbuf) , 0 ); + op->o_connid, accessmask2str( *mask, accessmaskbuf) , 0 ); #else Debug( LDAP_DEBUG_ACL, "<= acl_mask: no more clauses, returning %s (stop)\n", @@ -1252,24 +1248,22 @@ dn_match_cleanup:; int acl_check_modlist( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - Modifications *mlist + Operation *op, + Entry *e, + Modifications *mlist ) { struct berval *bv; AccessControlState state = ACL_STATE_INIT; - assert( be != NULL ); + assert( op->o_bd != NULL ); /* short circuit root database access */ - if ( be_isroot( be, &op->o_ndn ) ) { + if ( be_isroot( op->o_bd, &op->o_ndn ) ) { #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_check_modlist: conn %lu access granted to root user\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ACL, "<= acl_access_allowed: granted to database root\n", @@ -1279,25 +1273,25 @@ acl_check_modlist( } /* use backend default access if no backend acls */ - if( be != NULL && be->be_acl == NULL ) { + if( op->o_bd != NULL && op->o_bd->be_acl == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_check_modlist: backend default %s access %s to \"%s\"\n", access2str( ACL_WRITE ), - be->be_dfltaccess >= ACL_WRITE ? "granted" : "denied", + op->o_bd->be_dfltaccess >= ACL_WRITE ? "granted" : "denied", op->o_dn.bv_val ); #else Debug( LDAP_DEBUG_ACL, "=> access_allowed: backend default %s access %s to \"%s\"\n", access2str( ACL_WRITE ), - be->be_dfltaccess >= ACL_WRITE ? "granted" : "denied", op->o_dn.bv_val ); + op->o_bd->be_dfltaccess >= ACL_WRITE ? "granted" : "denied", op->o_dn.bv_val ); #endif - return be->be_dfltaccess >= ACL_WRITE; + return op->o_bd->be_dfltaccess >= ACL_WRITE; #ifdef notdef - /* be is always non-NULL */ + /* op->o_bd is always non-NULL */ /* use global default access if no global acls */ - } else if ( be == NULL && global_acl == NULL ) { + } else if ( op->o_bd == NULL && global_acl == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_check_modlist: global default %s access %s to \"%s\"\n", @@ -1324,7 +1318,7 @@ acl_check_modlist( #ifdef NEW_LOGGING LDAP_LOG( ACL, DETAIL1, "acl_check_modlist: conn %lu no-user-mod %s: modify access granted\n", - conn->c_connid, mlist->sml_desc->ad_cname.bv_val , 0 ); + op->o_connid, mlist->sml_desc->ad_cname.bv_val , 0 ); #else Debug( LDAP_DEBUG_ACL, "acl: no-user-mod %s:" " modify access granted\n", @@ -1340,7 +1334,7 @@ acl_check_modlist( * attribute and permission to add the specific attributes. * This prevents abuse from selfwriters. */ - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, mlist->sml_desc, NULL, ACL_WRITE, &state ) ) { return( 0 ); @@ -1361,7 +1355,7 @@ acl_check_modlist( for ( bv = mlist->sml_bvalues; bv->bv_val != NULL; bv++ ) #endif { - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, mlist->sml_desc, bv, ACL_WRITE, &state ) ) { return( 0 ); @@ -1371,7 +1365,7 @@ acl_check_modlist( case LDAP_MOD_DELETE: if ( mlist->sml_bvalues == NULL ) { - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, mlist->sml_desc, NULL, ACL_WRITE, NULL ) ) { return( 0 ); @@ -1386,7 +1380,7 @@ acl_check_modlist( for ( bv = mlist->sml_bvalues; bv->bv_val != NULL; bv++ ) #endif { - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, mlist->sml_desc, bv, ACL_WRITE, &state ) ) { return( 0 ); @@ -1462,7 +1456,7 @@ aci_set_gather (void *cookie, struct berval *name, struct berval *attr) const char *text; AttributeDescription *desc = NULL; if (slap_bv2ad(attr, &desc, &text) == LDAP_SUCCESS) { - backend_attribute(cp->be, NULL, cp->op, + backend_attribute(cp->op, cp->e, &ndn, desc, &bvals); } free(ndn.bv_val); @@ -1473,11 +1467,9 @@ aci_set_gather (void *cookie, struct berval *name, struct berval *attr) static int aci_match_set ( struct berval *subj, - Backend *be, - Entry *e, - Connection *conn, - Operation *op, - int setref + Operation *op, + Entry *e, + int setref ) { struct berval set = { 0, NULL }; @@ -1511,7 +1503,7 @@ aci_match_set ( if ( dnNormalize2(NULL, &subjdn, &ndn) == LDAP_SUCCESS && slap_bv2ad(&setat, &desc, &text) == LDAP_SUCCESS ) { - backend_attribute(be, NULL, op, e, + backend_attribute(op, e, &ndn, desc, &bvals); if ( bvals != NULL ) { if ( bvals[0].bv_val != NULL ) { @@ -1531,10 +1523,8 @@ aci_match_set ( } if (set.bv_val != NULL) { - cookie.be = be; - cookie.e = e; - cookie.conn = conn; cookie.op = op; + cookie.e = e; rc = (slap_set_filter(aci_set_gather, &cookie, &set, &op->o_ndn, &e->e_nname, NULL) > 0); ch_free(set.bv_val); @@ -1703,10 +1693,8 @@ aci_group_member ( struct berval *subj, struct berval *defgrpoc, struct berval *defgrpat, - Backend *be, - Entry *e, - Connection *conn, - Operation *op, + Operation *op, + Entry *e, regmatch_t *matches ) { @@ -1747,7 +1735,7 @@ aci_group_member ( bv.bv_val = (char *)&buf; string_expand(&bv, &subjdn, e->e_ndn, matches); if ( dnNormalize2(NULL, &bv, &ndn) == LDAP_SUCCESS ) { - rc = (backend_group(be, conn, op, e, &ndn, &op->o_ndn, + rc = (backend_group(op, e, &ndn, &op->o_ndn, grp_oc, grp_ad) == 0); free( ndn.bv_val ); } @@ -1759,8 +1747,6 @@ done: static int aci_mask( - Backend *be, - Connection *conn, Operation *op, Entry *e, AttributeDescription *desc, @@ -1874,19 +1860,19 @@ aci_mask( } else if (ber_bvstrcasecmp( &aci_bv_group, &bv ) == 0) { - if (aci_group_member(&sdn, &aci_bv_group_class, &aci_bv_group_attr, be, e, conn, op, matches)) + if (aci_group_member(&sdn, &aci_bv_group_class, &aci_bv_group_attr, op, e, matches)) return(1); } else if (ber_bvstrcasecmp( &aci_bv_role, &bv ) == 0) { - if (aci_group_member(&sdn, &aci_bv_role_class, &aci_bv_role_attr, be, e, conn, op, matches)) + if (aci_group_member(&sdn, &aci_bv_role_class, &aci_bv_role_attr, op, e, matches)) return(1); } else if (ber_bvstrcasecmp( &aci_bv_set, &bv ) == 0) { - if (aci_match_set(&sdn, be, e, conn, op, 0)) + if (aci_match_set(&sdn, op, e, 0)) return(1); } else if (ber_bvstrcasecmp( &aci_bv_set_ref, &bv ) == 0) { - if (aci_match_set(&sdn, be, e, conn, op, 1)) + if (aci_match_set(&sdn, op, e, 1)) return(1); } diff --git a/servers/slapd/add.c b/servers/slapd/add.c index 28b26779da..b4c5e19369 100644 --- a/servers/slapd/add.c +++ b/servers/slapd/add.c @@ -27,14 +27,14 @@ #ifdef LDAP_SLAPI #include "slapi.h" -static Slapi_PBlock *initAddPlugin( Backend *be, Connection *conn, Operation *op, +static void initAddPlugin( Operation *op, struct berval *dn, Entry *e, int manageDSAit ); -static int doPreAddPluginFNs( Backend *be, Slapi_PBlock *pb ); -static void doPostAddPluginFNs( Backend *be, Slapi_PBlock *pb ); +static int doPreAddPluginFNs( Operation *op ); +static void doPostAddPluginFNs( Operation *op ); #endif /* LDAP_SLAPI */ int -do_add( Connection *conn, Operation *op ) +do_add( Operation *op, SlapReply *rs ) { BerElement *ber = op->o_ber; char *last; @@ -42,19 +42,13 @@ do_add( Connection *conn, Operation *op ) ber_len_t len; ber_tag_t tag; Entry *e; - Backend *be; Modifications *modlist = NULL; Modifications **modtail = &modlist; Modifications tmp; - const char *text; - int rc = LDAP_SUCCESS; int manageDSAit; -#ifdef LDAP_SLAPI - Slapi_PBlock *pb = NULL; -#endif /* LDAP_SLAPI */ #ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ENTRY, "do_add: conn %d enter\n", conn->c_connid,0,0 ); + LDAP_LOG( OPERATION, ENTRY, "do_add: conn %d enter\n", op->o_connid,0,0 ); #else Debug( LDAP_DEBUG_TRACE, "do_add\n", 0, 0, 0 ); #endif @@ -74,38 +68,39 @@ do_add( Connection *conn, Operation *op ) if ( ber_scanf( ber, "{m", /*}*/ &dn ) == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_add: conn %d ber_scanf failed\n", conn->c_connid,0,0 ); + "do_add: conn %d ber_scanf failed\n", op->o_connid,0,0 ); #else Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); return -1; } e = (Entry *) ch_calloc( 1, sizeof(Entry) ); - rc = dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname ); + rs->sr_err = dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname ); - if( rc != LDAP_SUCCESS ) { + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_add: conn %d invalid dn (%s)\n", conn->c_connid, dn.bv_val, 0 ); + "do_add: conn %d invalid dn (%s)\n", op->o_connid, dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" ); goto done; } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, - "do_add: conn %d dn (%s)\n", conn->c_connid, e->e_dn, 0 ); + "do_add: conn %d dn (%s)\n", op->o_connid, e->e_dn, 0 ); #else Debug( LDAP_DEBUG_ARGS, "do_add: dn (%s)\n", e->e_dn, 0, 0 ); #endif + op->o_req_dn = e->e_name; + op->o_req_ndn = e->e_nname; + /* get the attrs */ for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT; tag = ber_next_element( ber, &len, last ) ) @@ -122,13 +117,12 @@ do_add( Connection *conn, Operation *op ) if ( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_add: conn %d decoding error \n", conn->c_connid, 0, 0 ); + "do_add: conn %d decoding error \n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_add: decoding error\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = -1; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + rs->sr_err = -1; goto done; } @@ -136,13 +130,12 @@ do_add( Connection *conn, Operation *op ) #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_add: conn %d no values for type %s\n", - conn->c_connid, tmp.sml_type.bv_val, 0 ); + op->o_connid, tmp.sml_type.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "no values for type %s\n", tmp.sml_type.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, - NULL, "no values for attribute type", NULL, NULL ); + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "no values for attribute type" ); goto done; } @@ -163,20 +156,19 @@ do_add( Connection *conn, Operation *op ) if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_add: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 ); + "do_add: conn %d ber_scanf failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = -1; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + rs->sr_err = -1; goto done; } - if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, - "do_add: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 ); + "do_add: conn %d get_ctrls failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_add: get_ctrls failed\n", 0, 0, 0 ); #endif @@ -184,25 +176,20 @@ do_add( Connection *conn, Operation *op ) } if ( modlist == NULL ) { - send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, - NULL, "no attributes provided", NULL, NULL ); + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "no attributes provided" ); goto done; } Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu ADD dn=\"%s\"\n", - op->o_connid, op->o_opid, e->e_dn, 0, 0 ); + op->o_connid, op->o_opid, e->e_name.bv_val, 0, 0 ); if( e->e_nname.bv_len == 0 ) { /* protocolError may be a more appropriate error */ - send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS, - NULL, "root DSE already exists", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_ALREADY_EXISTS, "root DSE already exists" ); goto done; } else if ( bvmatch( &e->e_nname, &global_schemandn ) ) { - send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS, - NULL, "subschema subentry already exists", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_ALREADY_EXISTS, "subschema subentry already exists" ); goto done; } @@ -213,34 +200,32 @@ do_add( Connection *conn, Operation *op ) * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - be = select_backend( &e->e_nname, manageDSAit, 0 ); - if ( be == NULL ) { - BerVarray ref = referral_rewrite( default_referral, + op->o_bd = select_backend( &e->e_nname, manageDSAit, 0 ); + if ( op->o_bd == NULL ) { + rs->sr_ref = referral_rewrite( default_referral, NULL, &e->e_name, LDAP_SCOPE_DEFAULT ); - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, ref ? ref : default_referral, NULL ); + rs->sr_err = LDAP_REFERRAL; + if (!rs->sr_ref) rs->sr_ref = default_referral; + send_ldap_result( op, rs ); - if ( ref ) ber_bvarray_free( ref ); + if ( rs->sr_ref != default_referral ) ber_bvarray_free( rs->sr_ref ); goto done; } /* check restrictions */ - rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto done; } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, &e->e_name, &e->e_nname ); - if ( rc != LDAP_SUCCESS ) { + if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) { goto done; } #ifdef LDAP_SLAPI - pb = initAddPlugin( be, conn, op, &dn, e, manageDSAit ); + initAddPlugin( op, &dn, e, manageDSAit ); #endif /* LDAP_SLAPI */ /* @@ -249,23 +234,22 @@ do_add( Connection *conn, Operation *op ) * 2) this backend is master for what it holds; * 3) it's a replica and the dn supplied is the updatedn. */ - if ( be->be_add ) { + if ( op->o_bd->be_add ) { /* do the update here */ - int repl_user = be_isupdate(be, &op->o_ndn ); + int repl_user = be_isupdate(op->o_bd, &op->o_ndn ); #ifndef SLAPD_MULTIMASTER - if ( !be->be_update_ndn.bv_len || repl_user ) + if ( !op->o_bd->be_update_ndn.bv_len || repl_user ) #endif { - int update = be->be_update_ndn.bv_len; + int update = op->o_bd->be_update_ndn.bv_len; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; - rc = slap_mods_check( modlist, update, &text, + rs->sr_err = slap_mods_check( modlist, update, &rs->sr_text, textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto done; } @@ -277,20 +261,18 @@ do_add( Connection *conn, Operation *op ) assert( (*modtail)->sml_op == LDAP_MOD_ADD ); assert( (*modtail)->sml_desc != NULL ); } - rc = slap_mods_opattrs( be, op, modlist, modtail, &text, - textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + rs->sr_err = slap_mods_opattrs( op, modlist, modtail, + &rs->sr_text, textbuf, textlen ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto done; } } - rc = slap_mods2entry( modlist, &e, repl_user, &text, + rs->sr_err = slap_mods2entry( modlist, &e, repl_user, &rs->sr_text, textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto done; } @@ -299,21 +281,22 @@ do_add( Connection *conn, Operation *op ) * Call the preoperation plugin here, because the entry * will actually contain something. */ - rc = doPreAddPluginFNs( be, pb ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = doPreAddPluginFNs( op ); + if ( rs->sr_err != LDAP_SUCCESS ) { /* plugin will have sent result */ goto done; } #endif /* LDAP_SLAPI */ - if ( (*be->be_add)( be, conn, op, e ) == 0 ) { + op->oq_add.rs_e = e; + if ( (op->o_bd->be_add)( op, rs ) == 0 ) { #ifdef SLAPD_MULTIMASTER if ( !repl_user ) #endif { - replog( be, op, &e->e_name, &e->e_nname, e ); + replog( op ); } - be_entry_release_w( be, conn, op, e ); + be_entry_release_w( op, e ); e = NULL; } @@ -326,44 +309,45 @@ do_add( Connection *conn, Operation *op ) * SLAPI_ADD_ENTRY will be empty, but this may be acceptable * on replicas (for now, it involves the minimum code intrusion). */ - rc = doPreAddPluginFNs( be, pb ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = doPreAddPluginFNs( op ); + if ( rs->sr_err != LDAP_SUCCESS ) { /* plugin will have sent result */ goto done; } #endif /* LDAP_SLAPI */ - defref = be->be_update_refs - ? be->be_update_refs : default_referral; - ref = referral_rewrite( defref, + defref = op->o_bd->be_update_refs + ? op->o_bd->be_update_refs : default_referral; + rs->sr_ref = referral_rewrite( defref, NULL, &e->e_name, LDAP_SCOPE_DEFAULT ); - send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, - ref ? ref : defref, NULL ); + rs->sr_err = LDAP_REFERRAL; + if (!rs->sr_ref) rs->sr_ref = default_referral; + send_ldap_result( op, rs ); - if ( ref ) ber_bvarray_free( ref ); + if ( rs->sr_ref != default_referral ) ber_bvarray_free( rs->sr_ref ); #endif /* SLAPD_MULTIMASTER */ } } else { #ifdef LDAP_SLAPI - rc = doPreAddPluginFNs( be, pb ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = doPreAddPluginFNs( op ); + if ( rs->sr_err != LDAP_SUCCESS ) { /* plugin will have sent result */ goto done; } #endif #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, - "do_add: conn %d no backend support\n", conn->c_connid, 0, 0 ); + "do_add: conn %d no backend support\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ARGS, " do_add: no backend support\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "operation not supported within namingContext" ); } #ifdef LDAP_SLAPI - doPostAddPluginFNs( be, pb ); + doPostAddPluginFNs( op ); #endif /* LDAP_SLAPI */ done: @@ -374,7 +358,7 @@ done: entry_free( e ); } - return rc; + return rs->sr_err; } int @@ -537,29 +521,23 @@ slap_mods2entry( } #ifdef LDAP_SLAPI -static Slapi_PBlock *initAddPlugin( Backend *be, Connection *conn, Operation *op, +static void Slapi_PBlock *initAddPlugin( Operation *op, struct berval *dn, Entry *e, int manageDSAit ) { - Slapi_PBlock *pb; - - pb = op->o_pb; - - slapi_x_backend_set_pb( pb, be ); - slapi_x_connection_set_pb( pb, conn ); + slapi_x_backend_set_pb( pb, op->o_bd ); + slapi_x_connection_set_pb( pb, op->o_conn ); slapi_x_operation_set_pb( pb, op ); - slapi_pblock_set( pb, SLAPI_ADD_TARGET, (void *)dn->bv_val ); - slapi_pblock_set( pb, SLAPI_ADD_ENTRY, (void *)e ); - slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit ); - - return pb; + slapi_pblock_set( op->o_pb, SLAPI_ADD_TARGET, (void *)dn->bv_val ); + slapi_pblock_set( op->o_pb, SLAPI_ADD_ENTRY, (void *)e ); + slapi_pblock_set( op->o_pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit ); } -static int doPreAddPluginFNs( Backend *be, Slapi_PBlock *pb ) +static int doPreAddPluginFNs( Operation *op ) { int rc; - rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_ADD_FN, pb ); + rc = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_ADD_FN, op->o_pb ); if ( rc != 0 ) { /* * A preoperation plugin failure will abort the @@ -571,7 +549,7 @@ static int doPreAddPluginFNs( Backend *be, Slapi_PBlock *pb ) #else Debug(LDAP_DEBUG_TRACE, "do_add: add preoperation plugin failed.\n", 0, 0, 0); - if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0 ) + if ( slapi_pblock_get( op->o_pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0 ) rc = LDAP_OTHER; #endif } else { @@ -581,11 +559,11 @@ static int doPreAddPluginFNs( Backend *be, Slapi_PBlock *pb ) return rc; } -static void doPostAddPluginFNs( Backend *be, Slapi_PBlock *pb ) +static void doPostAddPluginFNs( Operation *op ); { int rc; - rc = doPluginFNs( be, SLAPI_PLUGIN_POST_ADD_FN, pb ); + rc = doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_ADD_FN, op->o_pb ); if ( rc != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_add: add postoperation plugin failed\n", diff --git a/servers/slapd/back-bdb/add.c b/servers/slapd/back-bdb/add.c index b7c47dadb4..2def78482c 100644 --- a/servers/slapd/back-bdb/add.c +++ b/servers/slapd/back-bdb/add.c @@ -14,16 +14,11 @@ #include "external.h" int -bdb_add( - BackendDB *be, - Connection *conn, - Operation *op, - Entry *e ) +bdb_add(Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; struct berval pdn; Entry *p = NULL; - int rc; const char *text; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; @@ -36,10 +31,6 @@ bdb_add( #endif u_int32_t locker = 0; DB_LOCK lock; -#if 0 - u_int32_t lockid; - DB_LOCK lock; -#endif int noop = 0; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) @@ -47,45 +38,45 @@ bdb_add( #endif #ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ARGS, "==> bdb_add: %s\n", e->e_dn, 0, 0 ); + LDAP_LOG ( OPERATION, ARGS, "==> bdb_add: %s\n", op->oq_add.rs_e->e_name.bv_val, 0, 0 ); #else - Debug(LDAP_DEBUG_ARGS, "==> bdb_add: %s\n", e->e_dn, 0, 0); + Debug(LDAP_DEBUG_ARGS, "==> bdb_add: %s\n", op->oq_add.rs_e->e_name.bv_val, 0, 0); #endif /* check entry's schema */ - rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL, &rs->sr_text, textbuf, textlen ); + if ( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_add: entry failed schema check: %s (%d)\n", text, rc, 0 ); + "bdb_add: entry failed schema check: %s (%d)\n", rs->sr_text, rs->sr_err, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_add: entry failed schema check: %s (%d)\n", - text, rc, 0 ); + rs->sr_text, rs->sr_err, 0 ); #endif goto return_results; } #ifdef BDB_SUBENTRIES - subentry = is_entry_subentry( e ); + subentry = is_entry_subentry( op->oq_add.rs_e ); #endif /* * acquire an ID outside of the operation transaction * to avoid serializing adds. */ - rc = bdb_next_id( be, NULL, &e->e_id ); - if( rc != 0 ) { + rs->sr_err = bdb_next_id( op->o_bd, NULL, &op->oq_add.rs_e->e_id ); + if( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_add: next_id failed (%d)\n", rc, 0, 0 ); + "bdb_add: next_id failed (%d)\n", rs->sr_err, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_add: next_id failed (%d)\n", - rc, 0, 0 ); + rs->sr_err, 0, 0 ); #endif - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } @@ -96,42 +87,39 @@ retry: /* transaction retry */ bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p ); p = NULL; } - rc = TXN_ABORT( ltid ); + rs->sr_err = TXN_ABORT( ltid ); ltid = NULL; op->o_private = NULL; op->o_do_not_cache = opinfo.boi_acl_cache; - if( rc != 0 ) { - rc = LDAP_OTHER; - text = "internal error"; + if( rs->sr_err != 0 ) { + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } ldap_pvt_thread_yield(); } /* begin transaction */ - rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, + rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, bdb->bi_db_opflags ); - text = NULL; - if( rc != 0 ) { + rs->sr_text = NULL; + if( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_add: txn_begin failed: %s (%d)\n", db_strerror(rc), rc, 0 ); + "bdb_add: txn_begin failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_add: txn_begin failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } locker = TXN_ID ( ltid ); -#if 0 - lockid = TXN_ID( ltid ); -#endif - opinfo.boi_bdb = be; + opinfo.boi_bdb = op->o_bd; opinfo.boi_txn = ltid; opinfo.boi_locker = locker; opinfo.boi_err = 0; @@ -143,29 +131,19 @@ retry: /* transaction retry */ * If the parent does not exist, only allow the "root" user to * add the entry. */ - if ( be_issuffix( be, &e->e_nname ) ) { + if ( be_issuffix( op->o_bd, &op->oq_add.rs_e->e_nname ) ) { pdn = slap_empty_bv; } else { - dnParent( &e->e_nname, &pdn ); + dnParent( &op->oq_add.rs_e->e_nname, &pdn ); } if( pdn.bv_len != 0 ) { Entry *matched = NULL; -#if 0 - if ( ltid ) { - DBT obj; - obj.data = pdn.bv_val-1; - obj.size = pdn.bv_len+1; - rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj, - DB_LOCK_WRITE, &lock); - } -#endif - /* get parent */ - rc = bdb_dn2entry_r( be, ltid, &pdn, &p, &matched, 0, locker, &lock ); + rs->sr_err = bdb_dn2entry_r( op->o_bd, ltid, &pdn, &p, &matched, 0, locker, &lock ); - switch( rc ) { + switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; @@ -173,29 +151,26 @@ retry: /* transaction retry */ case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } if ( p == NULL ) { - char *matched_dn = NULL; - BerVarray refs; - if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, matched ); matched = NULL; } else { - refs = referral_rewrite( default_referral, - NULL, &e->e_name, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->oq_add.rs_e->e_name, LDAP_SCOPE_DEFAULT ); } #ifdef NEW_LOGGING @@ -206,19 +181,21 @@ retry: /* transaction retry */ 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); - ch_free( matched_dn ); + ber_bvarray_free( rs->sr_ref ); + ch_free( (char *)rs->sr_matched ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; goto done; } - rc = access_allowed( be, conn, op, p, + rs->sr_err = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); - if ( ! rc ) { + if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -232,8 +209,8 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_add: no write access to parent\n", 0, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - text = "no write access to parent"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to parent"; goto return_results;; } @@ -247,8 +224,8 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n", 0, 0, 0 ); #endif - rc = LDAP_OBJECT_CLASS_VIOLATION; - text = "parent is a subentry"; + rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION; + rs->sr_text = "parent is a subentry"; goto return_results;; } #endif @@ -262,16 +239,16 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is alias\n", 0, 0, 0 ); #endif - rc = LDAP_ALIAS_PROBLEM; - text = "parent is an alias"; + rs->sr_err = LDAP_ALIAS_PROBLEM; + rs->sr_text = "parent is an alias"; goto return_results;; } #endif if ( is_entry_referral( p ) ) { /* parent is a referral, don't allow add */ - char *matched_dn = p->e_dn; - BerVarray refs = get_entry_referrals( be, conn, op, p ); + rs->sr_matched = p->e_name.bv_val; + rs->sr_ref = get_entry_referrals( op, p ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, @@ -281,11 +258,13 @@ retry: /* transaction retry */ 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; p = NULL; goto done; } @@ -306,19 +285,19 @@ retry: /* transaction retry */ * no parent! * must be adding entry at suffix or with parent "" */ - if ( !be_isroot( be, &op->o_ndn )) { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) - || be_isupdate( be, &op->o_ndn ) ) + if ( !be_isroot( op->o_bd, &op->o_ndn )) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) + || be_isupdate( op->o_bd, &op->o_ndn ) ) { p = (Entry *)&slap_entry_root; /* check parent for "children" acl */ - rc = access_allowed( be, conn, op, p, + rs->sr_err = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); p = NULL; - if ( ! rc ) { + if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -333,8 +312,8 @@ retry: /* transaction retry */ "bdb_add: no write access to parent\n", 0, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - text = "no write access to parent"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to parent"; goto return_results;; } @@ -347,7 +326,7 @@ retry: /* transaction retry */ pdn.bv_len == 0 ? "suffix" : "entry at root", 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } } @@ -362,26 +341,17 @@ retry: /* transaction retry */ "bdb_add: no parent, cannot add subentry\n", 0, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - text = "no parent, cannot add subentry"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no parent, cannot add subentry"; goto return_results;; } -#endif -#if 0 - if ( ltid ) { - DBT obj; - obj.data = ","; - obj.size = 1; - rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj, - DB_LOCK_WRITE, &lock); - } #endif } - rc = access_allowed( be, conn, op, e, + rs->sr_err = access_allowed( op, op->oq_add.rs_e, entry, NULL, ACL_WRITE, NULL ); - if ( ! rc ) { + if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -395,58 +365,58 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_add: no write access to entry\n", 0, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - text = "no write access to entry"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to entry"; goto return_results;; } /* dn2id index */ - rc = bdb_dn2id_add( be, ltid, &pdn, e ); - if ( rc != 0 ) { + rs->sr_err = bdb_dn2id_add( op->o_bd, ltid, &pdn, op->oq_add.rs_e ); + if ( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_add: dn2id_add failed: %s (%d)\n", db_strerror(rc), rc, 0 ); + "bdb_add: dn2id_add failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_add: dn2id_add failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - switch( rc ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case DB_KEYEXIST: - rc = LDAP_ALREADY_EXISTS; + rs->sr_err = LDAP_ALREADY_EXISTS; break; default: - rc = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; } goto return_results; } /* id2entry index */ - rc = bdb_id2entry_add( be, ltid, e ); - if ( rc != 0 ) { + rs->sr_err = bdb_id2entry_add( op->o_bd, ltid, op->oq_add.rs_e ); + if ( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "bdb_add: id2entry_add failed\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_add: id2entry_add failed\n", 0, 0, 0 ); #endif - switch( rc ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; default: - rc = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; } - text = "entry store failed"; + rs->sr_text = "entry store failed"; goto return_results; } /* attribute indexes */ - rc = bdb_index_entry_add( be, ltid, e, e->e_attrs ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = bdb_index_entry_add( op->o_bd, ltid, op->oq_add.rs_e ); + if ( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "bdb_add: index_entry_add failed\n", 0, 0, 0 ); @@ -454,24 +424,24 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_add: index_entry_add failed\n", 0, 0, 0 ); #endif - switch( rc ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; default: - rc = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; } - text = "index generation failed"; + rs->sr_text = "index generation failed"; goto return_results; } if( op->o_noop ) { - if (( rc=TXN_ABORT( ltid )) != 0 ) { - text = "txn_abort (no-op) failed"; + if (( rs->sr_err=TXN_ABORT( ltid )) != 0 ) { + rs->sr_text = "txn_abort (no-op) failed"; } else { noop = 1; - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; } } else { @@ -480,17 +450,13 @@ retry: /* transaction retry */ snprintf( gid, sizeof( gid ), "%s-%08lx-%08lx", bdb_uuid.bv_val, (long) op->o_connid, (long) op->o_opid ); - if (( rc=TXN_PREPARE( ltid, gid )) != 0 ) { - text = "txn_prepare failed"; + if (( rs->sr_err=TXN_PREPARE( ltid, gid )) != 0 ) { + rs->sr_text = "txn_prepare failed"; } else { int ret = bdb_cache_add_entry_rw(bdb->bi_dbenv, - &bdb->bi_cache, e, CACHE_WRITE_LOCK, + &bdb->bi_cache, op->oq_add.rs_e, CACHE_WRITE_LOCK, locker, &lock); -#if 0 - if ( bdb_cache_add_entry_rw(&bdb->bi_cache, - e, CACHE_WRITE_LOCK) != 0 ) -#endif switch ( ret ) { case 0: break; @@ -502,17 +468,17 @@ retry: /* transaction retry */ } if ( ret ) { - if(( rc=TXN_ABORT( ltid )) != 0 ) { - text = "cache add & txn_abort failed"; + if(( rs->sr_err=TXN_ABORT( ltid )) != 0 ) { + rs->sr_text = "cache add & txn_abort failed"; } else { - rc = LDAP_OTHER; - text = "cache add failed"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "cache add failed"; } } else { - if(( rc=TXN_COMMIT( ltid, 0 )) != 0 ) { - text = "txn_commit failed"; + if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) { + rs->sr_text = "txn_commit failed"; } else { - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; } } } @@ -521,44 +487,43 @@ retry: /* transaction retry */ ltid = NULL; op->o_private = NULL; - if (rc == LDAP_SUCCESS) { + if (rs->sr_err == LDAP_SUCCESS) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, RESULTS, "bdb_add: added%s id=%08lx dn=\"%s\"\n", - op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn ); + op->o_noop ? " (no-op)" : "", op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn ); #else Debug(LDAP_DEBUG_TRACE, "bdb_add: added%s id=%08lx dn=\"%s\"\n", - op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn ); + op->o_noop ? " (no-op)" : "", op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn ); #endif - text = NULL; + rs->sr_text = NULL; if ( !noop ) { - bdb_cache_entry_commit( e ); + bdb_cache_entry_commit( op->oq_add.rs_e ); } } else { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_add: %s : %s (%d)\n", text, db_strerror(rc), rc ); + "bdb_add: %s : %s (%d)\n", rs->sr_text, db_strerror(rs->sr_err), rs->sr_err ); #else Debug( LDAP_DEBUG_TRACE, "bdb_add: %s : %s (%d)\n", - text, db_strerror(rc), rc ); + rs->sr_text, db_strerror(rs->sr_err), rs->sr_err ); #endif - rc = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; } return_results: - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - if ( rc == LDAP_SUCCESS && !noop ) { - LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { - bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_ADD ); + if ( rs->sr_err == LDAP_SUCCESS && !noop ) { + LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + bdb_psearch( op, rs, ps_list, op->oq_add.rs_e, LDAP_PSEARCH_BY_ADD ); } } #endif /* LDAP_CLIENT_UPDATE */ - if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) { + if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) { ldap_pvt_thread_yield(); TXN_CHECKPOINT( bdb->bi_dbenv, bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 ); @@ -571,6 +536,6 @@ done: op->o_private = NULL; } - return ( ( rc == LDAP_SUCCESS ) ? noop : rc ); + return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err ); } diff --git a/servers/slapd/back-bdb/back-bdb.h b/servers/slapd/back-bdb/back-bdb.h index e3d0c7e032..6913f65dab 100644 --- a/servers/slapd/back-bdb/back-bdb.h +++ b/servers/slapd/back-bdb/back-bdb.h @@ -132,7 +132,7 @@ struct bdb_info { ID bi_lastid; ldap_pvt_thread_mutex_t bi_lastid_mutex; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - LDAP_LIST_HEAD(pl, slap_op) psearch_list; + LDAP_LIST_HEAD(pl, slap_op) bi_psearch_list; #endif #ifdef SLAP_IDL_CACHE int bi_idl_cache_max_size; diff --git a/servers/slapd/back-bdb/bind.c b/servers/slapd/back-bdb/bind.c index f03ea7487d..3e8fd537b5 100644 --- a/servers/slapd/back-bdb/bind.c +++ b/servers/slapd/back-bdb/bind.c @@ -16,25 +16,16 @@ #include "external.h" int -bdb_bind( - Backend *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - int method, - struct berval *cred, - struct berval *edn -) +bdb_bind( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *e; Attribute *a; - int rc; Entry *matched; #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND char krbname[MAX_K_NAME_SZ + 1]; AttributeDescription *krbattr = slap_schema.si_ad_krbName; + struct berval krbval; AUTH_DAT ad; #endif @@ -44,98 +35,83 @@ bdb_bind( DB_LOCK lock; #ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ARGS, "==> bdb_bind: dn: %s\n", dn->bv_val, 0, 0 ); + LDAP_LOG ( OPERATION, ARGS, "==> bdb_bind: dn: %s\n", op->o_req_dn.bv_val, 0, 0 ); #else - Debug( LDAP_DEBUG_ARGS, "==> bdb_bind: dn: %s\n", dn->bv_val, 0, 0); + Debug( LDAP_DEBUG_ARGS, "==> bdb_bind: dn: %s\n", op->o_req_dn.bv_val, 0, 0); #endif - rc = LOCK_ID(bdb->bi_dbenv, &locker); - switch(rc) { + /* allow noauth binds */ + if ( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op )) { + ber_dupbv( &op->oq_bind.rb_edn, be_root_dn( op->o_bd ) ); + /* front end will send result */ + return LDAP_SUCCESS; + } + + rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker); + switch(rs->sr_err) { case 0: break; default: - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); - return rc; + rs->sr_text = "internal error"; + send_ldap_result( op, rs ); + return rs->sr_err; } dn2entry_retry: - /* get entry */ - rc = bdb_dn2entry_r( be, NULL, ndn, &e, &matched, 0, locker, &lock ); + /* get entry with reader lock */ + rs->sr_err = bdb_dn2entry_r( op->o_bd, NULL, &op->o_req_ndn, &e, &matched, 0, locker, &lock ); - switch(rc) { + switch(rs->sr_err) { case DB_NOTFOUND: case 0: break; case LDAP_BUSY: - send_ldap_result( conn, op, LDAP_BUSY, - NULL, "ldap server busy", NULL, NULL ); + send_ldap_error( op, rs, LDAP_BUSY, "ldap_server_busy" ); LOCK_ID_FREE(bdb->bi_dbenv, locker); return LDAP_BUSY; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto dn2entry_retry; default: - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); LOCK_ID_FREE(bdb->bi_dbenv, locker); - return rc; + return rs->sr_err; } - /* get entry with reader lock */ if ( e == NULL ) { - char *matched_dn = NULL; - BerVarray refs; - if( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; + if (rs->sr_ref) + rs->sr_matched = ch_strdup( matched->e_name.bv_val ); bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, matched, &lock ); matched = NULL; } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } - /* allow noauth binds */ - rc = 1; - if ( method == LDAP_AUTH_SIMPLE ) { - if ( be_isroot_pw( be, conn, ndn, cred ) ) { - ber_dupbv( edn, be_root_dn( be ) ); - rc = LDAP_SUCCESS; /* front end will send result */ - - } else if ( refs != NULL ) { - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); - - } else { - send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); - } - - } else if ( refs != NULL ) { - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); - + if ( rs->sr_ref != NULL ) { + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + free( (char *)rs->sr_matched ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; } else { - send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INVALID_CREDENTIALS; + send_ldap_result( op, rs ); } LOCK_ID_FREE(bdb->bi_dbenv, locker); - ber_bvarray_free( refs ); - free( matched_dn ); - - return rc; + return rs->sr_err; } - ber_dupbv( edn, &e->e_name ); + ber_dupbv( &op->oq_bind.rb_edn, &e->e_name ); /* check for deleted */ #ifdef BDB_SUBENTRIES @@ -149,8 +125,8 @@ dn2entry_retry: 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INVALID_CREDENTIALS; + send_ldap_result( op ); goto done; } @@ -166,8 +142,7 @@ dn2entry_retry: 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_ALIAS_PROBLEM, - NULL, "entry is alias", NULL, NULL ); + send_ldap_error( op, LDAP_ALIAS_PROBLEM, "entry is alias"); goto done; } @@ -175,8 +150,7 @@ dn2entry_retry: if ( is_entry_referral( e ) ) { /* entry is a referral, don't allow bind */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, @@ -186,111 +160,98 @@ dn2entry_retry: 0, 0 ); #endif - if( refs != NULL ) { - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); - + if( rs->sr_ref != NULL ) { + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; } else { - send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INVALID_CREDENTIALS; + send_ldap_result( op, rs ); } - ber_bvarray_free( refs ); - goto done; } - switch ( method ) { + switch ( op->oq_bind.rb_method ) { case LDAP_AUTH_SIMPLE: - /* check for root dn/passwd */ - if ( be_isroot_pw( be, conn, ndn, cred ) ) { - /* front end will send result */ - if(edn->bv_val != NULL) free( edn->bv_val ); - ber_dupbv( edn, be_root_dn( be ) ); - rc = LDAP_SUCCESS; - goto done; - } - - rc = access_allowed( be, conn, op, e, + rs->sr_err = access_allowed( op, e, password, NULL, ACL_AUTH, NULL ); - if ( ! rc ) { - send_ldap_result( conn, op, rc = LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + if ( ! rs->sr_err ) { + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + send_ldap_result( op, rs ); goto done; } if ( (a = attr_find( e->e_attrs, password )) == NULL ) { - send_ldap_result( conn, op, rc = LDAP_INAPPROPRIATE_AUTH, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INAPPROPRIATE_AUTH; + send_ldap_result( op, rs ); goto done; } - if ( slap_passwd_check( conn, a, cred ) != 0 ) { - send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred ) != 0 ) { + rs->sr_err = LDAP_INVALID_CREDENTIALS; + send_ldap_result( op, rs ); goto done; } - rc = 0; + rs->sr_err = 0; break; #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND case LDAP_AUTH_KRBV41: - if ( krbv4_ldap_auth( be, cred, &ad ) != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + if ( krbv4_ldap_auth( op->o_bd, &op->oq_bind.rb_cred, &ad ) != LDAP_SUCCESS ) { + rs->sr_err = LDAP_INVALID_CREDENTIALS, + send_ldap_result( op ); goto done; } - rc = access_allowed( be, conn, op, e, + rs->sr_err = access_allowed( op, e, krbattr, NULL, ACL_AUTH, NULL ); - if ( ! rc ) { - send_ldap_result( conn, op, rc = LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + if ( ! rs->sr_err ) { + rs->sr_err = LDAP_INSUFFICIENT_ACCESS, + send_ldap_result( op ); goto done; } - sprintf( krbname, "%s%s%s@%s", ad.pname, *ad.pinst ? "." + krbval.bv_len = sprintf( krbname, "%s%s%s@%s", ad.pname, *ad.pinst ? "." : "", ad.pinst, ad.prealm ); if ( (a = attr_find( e->e_attrs, krbattr )) == NULL ) { /* * no krbname values present: check against DN */ - if ( strcasecmp( dn, krbname ) == 0 ) { - rc = 0; + if ( strcasecmp( op->o_req_dn.bv_val, krbname ) == 0 ) { + rs->sr_err = 0; break; } - send_ldap_result( conn, op, rc = LDAP_INAPPROPRIATE_AUTH, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INAPPROPRIATE_AUTH, + send_ldap_result( op ); goto done; } else { /* look for krbname match */ - struct berval krbval; - krbval.bv_val = krbname; - krbval.bv_len = strlen( krbname ); if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) { - send_ldap_result( conn, op, - rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INVALID_CREDENTIALS; + send_ldap_result( op ); goto done; } } - rc = 0; + rs->sr_err = 0; break; case LDAP_AUTH_KRBV42: - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "Kerberos bind step 2 not supported", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Kerberos bind step 2 not supported" ); goto done; #endif default: - send_ldap_result( conn, op, rc = LDAP_STRONG_AUTH_NOT_SUPPORTED, - NULL, "authentication method not supported", NULL, NULL ); + send_ldap_error( op, rs, LDAP_STRONG_AUTH_NOT_SUPPORTED, + "authentication method not supported" ); goto done; } @@ -302,6 +263,6 @@ done: LOCK_ID_FREE(bdb->bi_dbenv, locker); - /* front end will send result on success (rc==0) */ - return rc; + /* front end will send result on success (rs->sr_err==0) */ + return rs->sr_err; } diff --git a/servers/slapd/back-bdb/compare.c b/servers/slapd/back-bdb/compare.c index c52d37a911..a49ff61e17 100644 --- a/servers/slapd/back-bdb/compare.c +++ b/servers/slapd/back-bdb/compare.c @@ -14,86 +14,74 @@ #include "external.h" int -bdb_compare( - BackendDB *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - AttributeAssertion *ava -) +bdb_compare( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *matched; Entry *e; Attribute *a; - int rc; - const char *text = NULL; int manageDSAit = get_manageDSAit( op ); u_int32_t locker; DB_LOCK lock; - rc = LOCK_ID(bdb->bi_dbenv, &locker); - switch(rc) { + rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker); + switch(rs->sr_err) { case 0: break; default: - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); - return rc; + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); + return rs->sr_err; } dn2entry_retry: /* get entry */ - rc = bdb_dn2entry_r( be, NULL, ndn, &e, &matched, 0, locker, &lock ); + rs->sr_err = bdb_dn2entry_r( op->o_bd, NULL, &op->o_req_ndn, &e, &matched, 0, locker, &lock ); - switch( rc ) { + switch( rs->sr_err ) { case DB_NOTFOUND: case 0: break; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto dn2entry_retry; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } if ( e == NULL ) { - char *matched_dn = NULL; - BerVarray refs; - if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, matched, &lock ); matched = NULL; } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); - free( matched_dn ); + ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; goto done; } if (!manageDSAit && is_entry_referral( e ) ) { /* entry is a referral, don't allow add */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, @@ -103,48 +91,50 @@ dn2entry_retry: 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; goto done; } - rc = access_allowed( be, conn, op, e, - ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ); - if ( ! rc ) { - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = access_allowed( op, e, + op->oq_compare.rs_ava->aa_desc, &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL ); + if ( ! rs->sr_err ) { + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } - rc = LDAP_NO_SUCH_ATTRIBUTE; + rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE; - for(a = attrs_find( e->e_attrs, ava->aa_desc ); + for(a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc ); a != NULL; - a = attrs_find( a->a_next, ava->aa_desc )) + a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc )) { - rc = LDAP_COMPARE_FALSE; + rs->sr_err = LDAP_COMPARE_FALSE; #ifdef SLAP_NVALUES - if ( value_find_ex( ava->aa_desc, + if ( value_find_ex( op->oq_compare.rs_ava->aa_desc, SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH | SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH, - a->a_nvals, &ava->aa_value ) == 0 ) + a->a_nvals, &op->oq_compare.rs_ava->aa_value ) == 0 ) #else - if ( value_find( ava->aa_desc, a->a_vals, &ava->aa_value ) == 0 ) + if ( value_find( op->oq_compare.rs_ava->aa_desc, a->a_vals, &op->oq_compare.rs_ava->aa_value ) == 0 ) #endif { - rc = LDAP_COMPARE_TRUE; + rs->sr_err = LDAP_COMPARE_TRUE; break; } } return_results: - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); - if( rc == LDAP_COMPARE_FALSE || rc == LDAP_COMPARE_TRUE ) { - rc = LDAP_SUCCESS; + if( rs->sr_err == LDAP_COMPARE_FALSE || rs->sr_err == LDAP_COMPARE_TRUE ) { + rs->sr_err = LDAP_SUCCESS; } done: @@ -155,5 +145,5 @@ done: LOCK_ID_FREE ( bdb->bi_dbenv, locker ); - return rc; + return rs->sr_err; } diff --git a/servers/slapd/back-bdb/delete.c b/servers/slapd/back-bdb/delete.c index c97bd6bb42..4d59452d7d 100644 --- a/servers/slapd/back-bdb/delete.c +++ b/servers/slapd/back-bdb/delete.c @@ -14,21 +14,13 @@ #include "external.h" int -bdb_delete( - BackendDB *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn -) +bdb_delete( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *matched; struct berval pdn = {0, NULL}; Entry *e = NULL; Entry *p = NULL; - int rc; - const char *text; int manageDSAit = get_manageDSAit( op ); AttributeDescription *children = slap_schema.si_ad_children; AttributeDescription *entry = slap_schema.si_ad_entry; @@ -37,10 +29,6 @@ bdb_delete( u_int32_t locker = 0; DB_LOCK lock; -#if 0 - u_int32_t lockid; - DB_LOCK lock; -#endif int noop = 0; @@ -49,10 +37,10 @@ bdb_delete( #endif #ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ARGS, "==> bdb_delete: %s\n", dn->bv_val, 0, 0 ); + LDAP_LOG ( OPERATION, ARGS, "==> bdb_delete: %s\n", op->o_req_dn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_ARGS, "==> bdb_delete: %s\n", - dn->bv_val, 0, 0 ); + op->o_req_dn.bv_val, 0, 0 ); #endif if( 0 ) { @@ -67,67 +55,55 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "==> bdb_delete: retrying...\n", 0, 0, 0 ); #endif - rc = TXN_ABORT( ltid ); + rs->sr_err = TXN_ABORT( ltid ); ltid = NULL; op->o_private = NULL; op->o_do_not_cache = opinfo.boi_acl_cache; - if( rc != 0 ) { - rc = LDAP_OTHER; - text = "internal error"; + if( rs->sr_err != 0 ) { + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } ldap_pvt_thread_yield(); } /* begin transaction */ - rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, + rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, bdb->bi_db_opflags ); - text = NULL; - if( rc != 0 ) { + rs->sr_text = NULL; + if( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==> bdb_delete: txn_begin failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_delete: txn_begin failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } locker = TXN_ID ( ltid ); -#if 0 - lockid = TXN_ID( ltid ); -#endif - opinfo.boi_bdb = be; + opinfo.boi_bdb = op->o_bd; opinfo.boi_txn = ltid; opinfo.boi_locker = locker; opinfo.boi_err = 0; opinfo.boi_acl_cache = op->o_do_not_cache; op->o_private = &opinfo; - if ( !be_issuffix( be, ndn ) ) { - dnParent( ndn, &pdn ); + if ( !be_issuffix( op->o_bd, &op->o_req_ndn ) ) { + dnParent( &op->o_req_ndn, &pdn ); } if( pdn.bv_len != 0 ) { -#if 0 - if ( ltid ) { - DBT obj; - obj.data = pdn.bv_val-1; - obj.size = pdn.bv_len+1; - rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj, - DB_LOCK_WRITE, &lock); - } -#endif /* get parent */ - rc = bdb_dn2entry_r( be, ltid, &pdn, &p, NULL, 0, locker, &lock ); + rs->sr_err = bdb_dn2entry_r( op->o_bd, ltid, &pdn, &p, NULL, 0, locker, &lock ); - switch( rc ) { + switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; @@ -135,11 +111,11 @@ retry: /* transaction retry */ case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } @@ -152,19 +128,19 @@ retry: /* transaction retry */ "<=- bdb_delete: parent does not exist\n", 0, 0, 0); #endif - rc = LDAP_OTHER; - text = "could not locate parent of entry"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "could not locate parent of entry"; goto return_results; } /* check parent for "children" acl */ - rc = access_allowed( be, conn, op, p, + rs->sr_err = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, p); p = NULL; - if ( !rc ) { + if ( !rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -179,25 +155,25 @@ retry: /* transaction retry */ "<=- bdb_delete: no write access to parent\n", 0, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - text = "no write access to parent"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to parent"; goto return_results; } } else { /* no parent, must be root to delete */ - if( ! be_isroot( be, &op->o_ndn ) ) { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) - || be_isupdate( be, &op->o_ndn ) ) { + if( ! be_isroot( op->o_bd, &op->o_ndn ) ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) + || be_isupdate( op->o_bd, &op->o_ndn ) ) { p = (Entry *)&slap_entry_root; /* check parent for "children" acl */ - rc = access_allowed( be, conn, op, p, + rs->sr_err = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); p = NULL; - if ( !rc ) { + if ( !rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -212,8 +188,8 @@ retry: /* transaction retry */ "<=- bdb_delete: no access " "to parent\n", 0, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - text = "no write access to parent"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to parent"; goto return_results; } @@ -226,26 +202,16 @@ retry: /* transaction retry */ "<=- bdb_delete: no parent " "and not root\n", 0, 0, 0); #endif - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } } - -#if 0 - if ( ltid ) { - DBT obj; - obj.data = ","; - obj.size = 1; - rc = LOCK_GET( bdb->bi_dbenv, lockid, 0, &obj, - DB_LOCK_WRITE, &lock); - } -#endif } /* get entry for read/modify/write */ - rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, DB_RMW, locker, &lock ); + rs->sr_err = bdb_dn2entry_w( op->o_bd, ltid, &op->o_req_ndn, &e, &matched, DB_RMW, locker, &lock ); - switch( rc ) { + switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; @@ -253,54 +219,53 @@ retry: /* transaction retry */ case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } if ( e == NULL ) { - char *matched_dn = NULL; - BerVarray refs; - #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ARGS, - "<=- bdb_delete: no such object %s\n", dn->bv_val, 0, 0); + "<=- bdb_delete: no such object %s\n", op->o_req_dn.bv_val, 0, 0); #else Debug( LDAP_DEBUG_ARGS, "<=- bdb_delete: no such object %s\n", - dn->bv_val, 0, 0); + op->o_req_dn.bv_val, 0, 0); #endif if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, matched); matched = NULL; } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); - free( matched_dn ); + ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; - rc = -1; + rs->sr_err = -1; goto done; } - rc = access_allowed( be, conn, op, e, + rs->sr_err = access_allowed( op, e, entry, NULL, ACL_WRITE, NULL ); - if ( !rc ) { + if ( !rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -315,15 +280,14 @@ retry: /* transaction retry */ "<=- bdb_delete: no write access to entry\n", 0, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - text = "no write access to entry"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to entry"; goto return_results; } if ( !manageDSAit && is_entry_referral( e ) ) { /* entry is a referral, don't allow delete */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, @@ -334,74 +298,77 @@ retry: /* transaction retry */ 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; - rc = 1; + rs->sr_err = 1; goto done; } - rc = bdb_dn2id_children( be, ltid, &e->e_nname, 0 ); - if( rc != DB_NOTFOUND ) { - switch( rc ) { + rs->sr_err = bdb_dn2id_children( op->o_bd, ltid, &e->e_nname, 0 ); + if( rs->sr_err != DB_NOTFOUND ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case 0: #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, - "<=- bdb_delete: non-leaf %s\n", dn->bv_val, 0, 0 ); + "<=- bdb_delete: non-leaf %s\n", op->o_req_dn.bv_val, 0, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- bdb_delete: non-leaf %s\n", - dn->bv_val, 0, 0); + op->o_req_dn.bv_val, 0, 0); #endif - rc = LDAP_NOT_ALLOWED_ON_NONLEAF; - text = "subtree delete not supported"; + rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF; + rs->sr_text = "subtree delete not supported"; break; default: #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "<=- bdb_delete: has_children failed %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- bdb_delete: has_children failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; } goto return_results; } /* delete from dn2id */ - rc = bdb_dn2id_delete( be, ltid, pdn.bv_val, e ); - if ( rc != 0 ) { - switch( rc ) { + rs->sr_err = bdb_dn2id_delete( op->o_bd, ltid, pdn.bv_val, e ); + if ( rs->sr_err != 0 ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "<=- bdb_delete: dn2id failed %s (%d)\n", db_strerror(rc), rc, 0 ); + "<=- bdb_delete: dn2id failed %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- bdb_delete: dn2id failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - text = "DN index delete failed"; - rc = LDAP_OTHER; + rs->sr_text = "DN index delete failed"; + rs->sr_err = LDAP_OTHER; goto return_results; } /* delete from id2entry */ - rc = bdb_id2entry_delete( be, ltid, e ); - if ( rc != 0 ) { - switch( rc ) { + rs->sr_err = bdb_id2entry_delete( op->o_bd, ltid, e ); + if ( rs->sr_err != 0 ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; @@ -409,21 +376,21 @@ retry: /* transaction retry */ #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "<=- bdb_delete: id2entry failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- bdb_delete: id2entry failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - text = "entry delete failed"; - rc = LDAP_OTHER; + rs->sr_text = "entry delete failed"; + rs->sr_err = LDAP_OTHER; goto return_results; } /* delete indices for old attributes */ - rc = bdb_index_entry_del( be, ltid, e, e->e_attrs ); - if ( rc != LDAP_SUCCESS ) { - switch( rc ) { + rs->sr_err = bdb_index_entry_del( op->o_bd, ltid, e ); + if ( rs->sr_err != LDAP_SUCCESS ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; @@ -435,45 +402,45 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_ANY, "entry index delete failed!\n", 0, 0, 0 ); #endif - text = "entry index delete failed"; - rc = LDAP_OTHER; + rs->sr_text = "entry index delete failed"; + rs->sr_err = LDAP_OTHER; goto return_results; } #if 0 /* Do we want to reclaim deleted IDs? */ ldap_pvt_thread_mutex_lock( &bdb->bi_lastid_mutex ); if ( e->e_id == bdb->bi_lastid ) { - bdb_last_id( be, ltid ); + bdb_last_id( op->o_bd, ltid ); } ldap_pvt_thread_mutex_unlock( &bdb->bi_lastid_mutex ); #endif if( op->o_noop ) { - if ( ( rc = TXN_ABORT( ltid ) ) != 0 ) { - text = "txn_abort (no-op) failed"; + if ( ( rs->sr_err = TXN_ABORT( ltid ) ) != 0 ) { + rs->sr_text = "txn_abort (no-op) failed"; } else { noop = 1; - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; } } else { - rc = TXN_COMMIT( ltid, 0 ); + rs->sr_err = TXN_COMMIT( ltid, 0 ); } ltid = NULL; op->o_private = NULL; - if( rc != 0 ) { + if( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "bdb_delete: txn_%s failed: %s (%d)\n", - op->o_noop ? "abort (no-op)" : "commit", db_strerror(rc), rc ); + op->o_noop ? "abort (no-op)" : "commit", db_strerror(rs->sr_err), rs->sr_err ); #else Debug( LDAP_DEBUG_TRACE, "bdb_delete: txn_%s failed: %s (%d)\n", op->o_noop ? "abort (no-op)" : "commit", - db_strerror(rc), rc ); + db_strerror(rs->sr_err), rs->sr_err ); #endif - rc = LDAP_OTHER; - text = "commit failed"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "commit failed"; } else { #ifdef NEW_LOGGING @@ -486,22 +453,22 @@ retry: /* transaction retry */ op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn ); #endif - rc = LDAP_SUCCESS; - text = NULL; + rs->sr_err = LDAP_SUCCESS; + rs->sr_text = NULL; } return_results: - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - if ( rc == LDAP_SUCCESS && !noop ) { - LDAP_LIST_FOREACH( ps_list, &bdb->psearch_list, link ) { - bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_DELETE ); + if ( rs->sr_err == LDAP_SUCCESS && !noop ) { + LDAP_LIST_FOREACH( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_DELETE ); } } #endif - if(rc == LDAP_SUCCESS && bdb->bi_txn_cp ) { + if(rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) { ldap_pvt_thread_yield(); TXN_CHECKPOINT( bdb->bi_dbenv, bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 ); @@ -518,5 +485,5 @@ done: op->o_private = NULL; } - return ( ( rc == LDAP_SUCCESS ) ? noop : rc ); + return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err ); } diff --git a/servers/slapd/back-bdb/extended.c b/servers/slapd/back-bdb/extended.c index 9fa49df46b..89f5fbc29d 100644 --- a/servers/slapd/back-bdb/extended.c +++ b/servers/slapd/back-bdb/extended.c @@ -23,32 +23,25 @@ static struct exop { }; int -bdb_extended( - Backend *be, - Connection *conn, - Operation *op, - struct berval *reqoid, +bdb_extended( Operation *op, SlapReply *rs ) +/* struct berval *reqoid, struct berval *reqdata, char **rspoid, struct berval **rspdata, LDAPControl *** rspctrls, const char** text, BerVarray *refs -) +) */ { int i; for( i=0; exop_table[i].extended != NULL; i++ ) { - if( ber_bvcmp( exop_table[i].oid, reqoid ) == 0 ) { - return (exop_table[i].extended)( - be, conn, op, - reqoid, reqdata, - rspoid, rspdata, rspctrls, - text, refs ); + if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) { + return (exop_table[i].extended)( op, rs ); } } - *text = "not supported within naming context"; + rs->sr_text = "not supported within naming context"; return LDAP_UNWILLING_TO_PERFORM; } diff --git a/servers/slapd/back-bdb/id2entry.c b/servers/slapd/back-bdb/id2entry.c index dbfe6102f3..151fbb0ebe 100644 --- a/servers/slapd/back-bdb/id2entry.c +++ b/servers/slapd/back-bdb/id2entry.c @@ -244,13 +244,11 @@ int bdb_entry_return( } int bdb_entry_release( - BackendDB *be, - Connection *c, Operation *o, Entry *e, int rw ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) o->o_bd->be_private; struct bdb_op_info *boi = NULL; /* slapMode : SLAP_SERVER_MODE, SLAP_TOOL_MODE, @@ -282,8 +280,6 @@ int bdb_entry_release( /* return LDAP_SUCCESS IFF we can retrieve the specified entry. */ int bdb_entry_get( - BackendDB *be, - Connection *c, Operation *op, struct berval *ndn, ObjectClass *oc, @@ -291,7 +287,7 @@ int bdb_entry_get( int rw, Entry **ent ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; struct bdb_op_info *boi = NULL; DB_TXN *txn = NULL; Entry *e; @@ -317,7 +313,7 @@ int bdb_entry_get( #endif if( op ) boi = (struct bdb_op_info *) op->o_private; - if( boi != NULL && be == boi->boi_bdb ) { + if( boi != NULL && op->o_bd == boi->boi_bdb ) { txn = boi->boi_txn; locker = boi->boi_locker; } @@ -337,7 +333,7 @@ int bdb_entry_get( dn2entry_retry: /* can we find entry */ - rc = bdb_dn2entry_rw( be, txn, ndn, &e, NULL, 0, rw, locker, &lock ); + rc = bdb_dn2entry_rw( op->o_bd, txn, ndn, &e, NULL, 0, rw, locker, &lock ); switch( rc ) { case DB_NOTFOUND: case 0: diff --git a/servers/slapd/back-bdb/index.c b/servers/slapd/back-bdb/index.c index b7dd1b1bbf..fecf8525e3 100644 --- a/servers/slapd/back-bdb/index.c +++ b/servers/slapd/back-bdb/index.c @@ -332,10 +332,10 @@ bdb_index_entry( Backend *be, DB_TXN *txn, int op, - Entry *e, - Attribute *ap ) + Entry *e ) { int rc; + Attribute *ap = e->e_attrs; #ifdef NEW_LOGGING LDAP_LOG( INDEX, ENTRY, "index_entry: %s (%s) %ld\n", diff --git a/servers/slapd/back-bdb/init.c b/servers/slapd/back-bdb/init.c index 0619f92cc8..48feeee95f 100644 --- a/servers/slapd/back-bdb/init.c +++ b/servers/slapd/back-bdb/init.c @@ -95,7 +95,7 @@ bdb_db_init( BackendDB *be ) bdb->bi_search_stack = NULL; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - LDAP_LIST_INIT (&bdb->psearch_list); + LDAP_LIST_INIT (&bdb->bi_psearch_list); #endif ldap_pvt_thread_mutex_init( &bdb->bi_lastid_mutex ); diff --git a/servers/slapd/back-bdb/modify.c b/servers/slapd/back-bdb/modify.c index b24d90e90e..1d60bfe8f7 100644 --- a/servers/slapd/back-bdb/modify.c +++ b/servers/slapd/back-bdb/modify.c @@ -15,8 +15,6 @@ #include "external.h" int bdb_modify_internal( - BackendDB *be, - Connection *conn, Operation *op, DB_TXN *tid, Modifications *modlist, @@ -39,7 +37,7 @@ int bdb_modify_internal( e->e_id, e->e_dn, 0); #endif - if ( !acl_check_modlist( be, conn, op, e, modlist )) { + if ( !acl_check_modlist( op, e, modlist )) { return LDAP_INSUFFICIENT_ACCESS; } @@ -172,7 +170,7 @@ int bdb_modify_internal( /* check if modified attribute was indexed * but not in case of NOOP... */ - err = bdb_index_is_indexed( be, mod->sm_desc ); + err = bdb_index_is_indexed( op->o_bd, mod->sm_desc ); if ( err == LDAP_SUCCESS && !op->o_noop ) { ap = attr_find( save_attrs, mod->sm_desc ); if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL; @@ -183,7 +181,7 @@ int bdb_modify_internal( } /* check that the entry still obeys the schema */ - rc = entry_schema_check( be, e, save_attrs, text, textbuf, textlen ); + rc = entry_schema_check( op->o_bd, e, save_attrs, text, textbuf, textlen ); if ( rc != LDAP_SUCCESS || op->o_noop ) { attrs_free( e->e_attrs ); e->e_attrs = save_attrs; @@ -209,7 +207,7 @@ int bdb_modify_internal( /* start with deleting the old index entries */ for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) { if ( ap->a_flags & SLAP_ATTR_IXDEL ) { - rc = bdb_index_values( be, tid, ap->a_desc, + rc = bdb_index_values( op->o_bd, tid, ap->a_desc, #ifdef SLAP_NVALUES ap->a_nvals, #else @@ -237,7 +235,7 @@ int bdb_modify_internal( /* add the new index entries */ for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) { if (ap->a_flags & SLAP_ATTR_IXADD) { - rc = bdb_index_values( be, tid, ap->a_desc, + rc = bdb_index_values( op->o_bd, tid, ap->a_desc, #ifdef SLAP_NVALUES ap->a_nvals, #else @@ -274,20 +272,12 @@ int bdb_modify_internal( int -bdb_modify( - BackendDB *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - Modifications *modlist ) +bdb_modify( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; - int rc; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *matched = NULL; Entry *e = NULL; int manageDSAit = get_manageDSAit( op ); - const char *text = NULL; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; DB_TXN *ltid = NULL; @@ -300,14 +290,13 @@ bdb_modify( #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) Operation* ps_list; - struct psid_entry* pm_list; - struct psid_entry* pm_prev; + struct psid_entry *pm_list, *pm_prev; #endif #ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ENTRY, "bdb_modify: %s\n", dn->bv_val, 0, 0 ); + LDAP_LOG ( OPERATION, ENTRY, "bdb_modify: %s\n", op->o_req_dn.bv_val, 0, 0 ); #else - Debug( LDAP_DEBUG_ARGS, "bdb_modify: %s\n", dn->bv_val, 0, 0 ); + Debug( LDAP_DEBUG_ARGS, "bdb_modify: %s\n", op->o_req_dn.bv_val, 0, 0 ); #endif if( 0 ) { @@ -324,48 +313,48 @@ retry: /* transaction retry */ #endif #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - pm_list = LDAP_LIST_FIRST(&op->premodify_list); + pm_list = LDAP_LIST_FIRST(&op->o_pm_list); while ( pm_list != NULL ) { - LDAP_LIST_REMOVE ( pm_list, link ); + LDAP_LIST_REMOVE ( pm_list, ps_link ); pm_prev = pm_list; - pm_list = LDAP_LIST_NEXT ( pm_list, link ); - free (pm_prev); + pm_list = LDAP_LIST_NEXT ( pm_list, ps_link ); + ch_free( pm_prev ); } #endif - rc = TXN_ABORT( ltid ); + rs->sr_err = TXN_ABORT( ltid ); ltid = NULL; op->o_private = NULL; op->o_do_not_cache = opinfo.boi_acl_cache; - if( rc != 0 ) { - rc = LDAP_OTHER; - text = "internal error"; + if( rs->sr_err != 0 ) { + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } ldap_pvt_thread_yield(); } /* begin transaction */ - rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, + rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, bdb->bi_db_opflags ); - text = NULL; - if( rc != 0 ) { + rs->sr_text = NULL; + if( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, - "bdb_modify: txn_begin failed: %s (%d)\n", db_strerror(rc), rc, 0 ); + "bdb_modify: txn_begin failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_modify: txn_begin failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } locker = TXN_ID ( ltid ); - opinfo.boi_bdb = be; + opinfo.boi_bdb = op->o_bd; opinfo.boi_txn = ltid; opinfo.boi_locker = locker; opinfo.boi_err = 0; @@ -373,64 +362,62 @@ retry: /* transaction retry */ op->o_private = &opinfo; /* get entry */ - rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, 0, locker, &lock ); + rs->sr_err = bdb_dn2entry_w( op->o_bd, ltid, &op->o_req_ndn, &e, &matched, 0, locker, &lock ); - if ( rc != 0 ) { + if ( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, - "bdb_modify: dn2entry failed: (%d)\n", rc, 0, 0 ); + "bdb_modify: dn2entry failed: (%d)\n", rs->sr_err, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_modify: dn2entry failed (%d)\n", - rc, 0, 0 ); + rs->sr_err, 0, 0 ); #endif - switch( rc ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case DB_NOTFOUND: break; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; default: - rc = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; } - text = "internal error"; + rs->sr_text = "internal error"; goto return_results; } /* acquire and lock entry */ if ( e == NULL ) { - char* matched_dn = NULL; - BerVarray refs; - if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; bdb_unlocked_cache_return_entry_r (&bdb->bi_cache, matched); matched = NULL; } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); - free( matched_dn ); + ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; goto done; } if ( !manageDSAit && is_entry_referral( e ) ) { /* entry is a referral, don't allow modify */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "bdb_modify: entry is referral\n", 0, 0, 0 ); @@ -440,38 +427,41 @@ retry: /* transaction retry */ 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; goto done; } #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - if ( rc == LDAP_SUCCESS && !op->o_noop ) { - LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { - bdb_psearch(be, conn, op, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY ); + if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) { + LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + bdb_psearch(op, rs, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY ); } } #endif /* Modify the entry */ - rc = bdb_modify_internal( be, conn, op, ltid, modlist, e, - &text, textbuf, textlen ); + rs->sr_err = bdb_modify_internal( op, ltid, op->oq_modify.rs_modlist, e, + &rs->sr_text, textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_modify: modify failed (%d)\n", rc, 0, 0 ); + "bdb_modify: modify failed (%d)\n", rs->sr_err, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_modify: modify failed (%d)\n", - rc, 0, 0 ); + rs->sr_err, 0, 0 ); #endif - if ( (rc == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) { - rc = opinfo.boi_err; + if ( (rs->sr_err == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) { + rs->sr_err = opinfo.boi_err; } - switch( rc ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; @@ -480,51 +470,51 @@ retry: /* transaction retry */ } /* change the entry itself */ - rc = bdb_id2entry_update( be, ltid, e ); - if ( rc != 0 ) { + rs->sr_err = bdb_id2entry_update( op->o_bd, ltid, e ); + if ( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_modify: id2entry update failed (%d)\n", rc, 0, 0 ); + "bdb_modify: id2entry update failed (%d)\n", rs->sr_err, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_modify: id2entry update failed (%d)\n", - rc, 0, 0 ); + rs->sr_err, 0, 0 ); #endif - switch( rc ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - text = "entry update failed"; + rs->sr_text = "entry update failed"; goto return_results; } if( op->o_noop ) { - if ( ( rc = TXN_ABORT( ltid ) ) != 0 ) { - text = "txn_abort (no-op) failed"; + if ( ( rs->sr_err = TXN_ABORT( ltid ) ) != 0 ) { + rs->sr_text = "txn_abort (no-op) failed"; } else { noop = 1; - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; } } else { - rc = TXN_COMMIT( ltid, 0 ); + rs->sr_err = TXN_COMMIT( ltid, 0 ); } ltid = NULL; op->o_private = NULL; - if( rc != 0 ) { + if( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "bdb_modify: txn_%s failed %s (%d)\n", - op->o_noop ? "abort (no_op)" : "commit", db_strerror(rc), rc ); + op->o_noop ? "abort (no_op)" : "commit", db_strerror(rs->sr_err), rs->sr_err ); #else Debug( LDAP_DEBUG_TRACE, "bdb_modify: txn_%s failed: %s (%d)\n", op->o_noop ? "abort (no-op)" : "commit", - db_strerror(rc), rc ); + db_strerror(rs->sr_err), rs->sr_err ); #endif - rc = LDAP_OTHER; - text = "commit failed"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "commit failed"; } else { #ifdef NEW_LOGGING @@ -537,33 +527,32 @@ retry: /* transaction retry */ op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn ); #endif - rc = LDAP_SUCCESS; - text = NULL; + rs->sr_err = LDAP_SUCCESS; + rs->sr_text = NULL; } return_results: - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - if ( rc == LDAP_SUCCESS && !op->o_noop ) { + if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) { /* Loop through in-scope entries for each psearch spec */ - LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { - bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_MODIFY ); + LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_MODIFY ); } - pm_list = LDAP_LIST_FIRST(&op->premodify_list); + pm_list = LDAP_LIST_FIRST(&op->o_pm_list); while ( pm_list != NULL ) { - bdb_psearch(be, conn, op, pm_list->ps->op, + bdb_psearch(op, rs, pm_list->ps_op, e, LDAP_PSEARCH_BY_SCOPEOUT); - LDAP_LIST_REMOVE ( pm_list, link ); + LDAP_LIST_REMOVE ( pm_list, ps_link ); pm_prev = pm_list; - pm_list = LDAP_LIST_NEXT ( pm_list, link ); - free (pm_prev); + pm_list = LDAP_LIST_NEXT ( pm_list, ps_link ); + ch_free( pm_prev ); } } #endif - if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) { + if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) { ldap_pvt_thread_yield(); TXN_CHECKPOINT( bdb->bi_dbenv, bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 ); @@ -572,12 +561,12 @@ return_results: done: if( ltid != NULL ) { #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - pm_list = LDAP_LIST_FIRST(&op->premodify_list); + pm_list = LDAP_LIST_FIRST(&op->o_pm_list); while ( pm_list != NULL ) { - LDAP_LIST_REMOVE ( pm_list, link ); + LDAP_LIST_REMOVE ( pm_list, ps_link ); pm_prev = pm_list; - pm_list = LDAP_LIST_NEXT ( pm_list, link ); - free (pm_prev); + pm_list = LDAP_LIST_NEXT ( pm_list, ps_link ); + ch_free( pm_prev ); } #endif TXN_ABORT( ltid ); @@ -587,5 +576,5 @@ done: if( e != NULL ) { bdb_unlocked_cache_return_entry_w (&bdb->bi_cache, e); } - return ( ( rc == LDAP_SUCCESS ) ? noop : rc ); + return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err ); } diff --git a/servers/slapd/back-bdb/modrdn.c b/servers/slapd/back-bdb/modrdn.c index f2f2b8c851..3753ab25b1 100644 --- a/servers/slapd/back-bdb/modrdn.c +++ b/servers/slapd/back-bdb/modrdn.c @@ -14,19 +14,9 @@ #include "external.h" int -bdb_modrdn( - Backend *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - struct berval *newrdn, - struct berval *nnewrdn, - int deleteoldrdn, - struct berval *newSuperior, - struct berval *nnewSuperior ) +bdb_modrdn( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; AttributeDescription *children = slap_schema.si_ad_children; AttributeDescription *entry = slap_schema.si_ad_entry; struct berval p_dn, p_ndn; @@ -38,8 +28,6 @@ bdb_modrdn( /* LDAP v2 supporting correct attribute handling. */ LDAPRDN *new_rdn = NULL; LDAPRDN *old_rdn = NULL; - int rc; - const char *text; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; DB_TXN * ltid = NULL; @@ -63,18 +51,18 @@ bdb_modrdn( int noop = 0; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - Operation* ps_list; - struct psid_entry* pm_list; - struct psid_entry* pm_prev; + Operation *ps_list; + struct psid_entry *pm_list, *pm_prev; #endif #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ENTRY, "==>bdb_modrdn(%s,%s,%s)\n", - dn->bv_val,newrdn->bv_val, newSuperior ? newSuperior->bv_val : "NULL" ); + op->o_req_dn.bv_val,op->oq_modrdn.rs_newrdn.bv_val, + op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_val : "NULL" ); #else Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn(%s,%s,%s)\n", - dn->bv_val, newrdn->bv_val, - newSuperior ? newSuperior->bv_val : "NULL" ); + op->o_req_dn.bv_val,op->oq_modrdn.rs_newrdn.bv_val, + op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_val : "NULL" ); #endif if( 0 ) { @@ -99,49 +87,49 @@ retry: /* transaction retry */ #endif #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - pm_list = LDAP_LIST_FIRST(&op->premodify_list); + pm_list = LDAP_LIST_FIRST(&op->o_pm_list); while ( pm_list != NULL ) { - LDAP_LIST_REMOVE ( pm_list, link ); - pm_prev = pm_list; - pm_list = LDAP_LIST_NEXT ( pm_list, link ); - free (pm_prev); + LDAP_LIST_REMOVE ( pm_list, ps_link ); + pm_prev = pm_list; + pm_list = LDAP_LIST_NEXT ( pm_list, ps_link ); + ch_free( pm_prev ); } #endif - rc = TXN_ABORT( ltid ); + rs->sr_err = TXN_ABORT( ltid ); ltid = NULL; op->o_private = NULL; op->o_do_not_cache = opinfo.boi_acl_cache; - if( rc != 0 ) { - rc = LDAP_OTHER; - text = "internal error"; + if( rs->sr_err != 0 ) { + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } ldap_pvt_thread_yield(); } /* begin transaction */ - rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, + rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, bdb->bi_db_opflags ); - text = NULL; - if( rc != 0 ) { + rs->sr_text = NULL; + if( rs->sr_err != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: txn_begin failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_delete: txn_begin failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } locker = TXN_ID ( ltid ); - opinfo.boi_bdb = be; + opinfo.boi_bdb = op->o_bd; opinfo.boi_txn = ltid; opinfo.boi_locker = locker; opinfo.boi_err = 0; @@ -149,9 +137,9 @@ retry: /* transaction retry */ op->o_private = &opinfo; /* get entry */ - rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, DB_RMW, locker, &lock ); + rs->sr_err = bdb_dn2entry_w( op->o_bd, ltid, &op->o_req_ndn, &e, &matched, DB_RMW, locker, &lock ); - switch( rc ) { + switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; @@ -159,44 +147,43 @@ retry: /* transaction retry */ case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } if ( e == NULL ) { - char* matched_dn = NULL; - BerVarray refs; - if( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, matched); matched = NULL; } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); - free( matched_dn ); + ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; goto done; } /* check write on old entry */ - rc = access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE, NULL ); + rs->sr_err = access_allowed( op, e, entry, NULL, ACL_WRITE, NULL ); - if ( ! rc ) { + if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -210,51 +197,49 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0, 0, 0 ); #endif - text = "no write access to old entry"; - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to old entry"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } #ifndef BDB_HIER - rc = bdb_dn2id_children( be, ltid, &e->e_nname, 0 ); - if ( rc != DB_NOTFOUND ) { - switch( rc ) { + rs->sr_err = bdb_dn2id_children( op->o_bd, ltid, &e->e_nname, 0 ); + if ( rs->sr_err != DB_NOTFOUND ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case 0: #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, - "<=- bdb_modrdn: non-leaf %s\n", dn->bv_val, 0, 0 ); + "<=- bdb_modrdn: non-leaf %s\n", op->o_req_dn.bv_val, 0, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- bdb_modrdn: non-leaf %s\n", - dn->bv_val, 0, 0); + op->o_req_dn.bv_val, 0, 0); #endif - rc = LDAP_NOT_ALLOWED_ON_NONLEAF; - text = "subtree rename not supported"; + rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF; + rs->sr_text = "subtree rename not supported"; break; default: #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "<=- bdb_modrdn: has_children failed %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- bdb_modrdn: has_children failed: %s (%d)\n", - db_strerror(rc), rc, 0 ); + db_strerror(rs->sr_err), rs->sr_err, 0 ); #endif - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; } goto return_results; } #endif if (!manageDSAit && is_entry_referral( e ) ) { /* parent is a referral, don't allow add */ - /* parent is an alias, don't allow add */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, @@ -264,14 +249,17 @@ retry: /* transaction retry */ e->e_dn, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL, + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; + rs->sr_matched = NULL; goto done; } - if ( be_issuffix( be, &e->e_nname ) ) { + if ( be_issuffix( op->o_bd, &e->e_nname ) ) { p_ndn = slap_empty_bv; } else { dnParent( &e->e_nname, &p_ndn ); @@ -281,9 +269,9 @@ retry: /* transaction retry */ /* Make sure parent entry exist and we can write its * children. */ - rc = bdb_dn2entry_r( be, ltid, &p_ndn, &p, NULL, 0, locker, &lock ); + rs->sr_err = bdb_dn2entry_r( op->o_bd, ltid, &p_ndn, &p, NULL, 0, locker, &lock ); - switch( rc ) { + switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; @@ -291,11 +279,11 @@ retry: /* transaction retry */ case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } @@ -307,23 +295,23 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: parent does not exist\n", 0, 0, 0); #endif - rc = LDAP_OTHER; - text = "old entry's parent does not exist"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "old entry's parent does not exist"; goto return_results; } /* check parent for "children" acl */ - rc = access_allowed( be, conn, op, p, + rs->sr_err = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); - if ( ! rc ) { + if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: no access to parent\n", 0, 0, 0 ); @@ -331,7 +319,7 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0, 0, 0 ); #endif - text = "no write access to old parent's children"; + rs->sr_text = "no write access to old parent's children"; goto return_results; } @@ -361,27 +349,27 @@ retry: /* transaction retry */ } else { /* no parent, modrdn entry directly under root */ - isroot = be_isroot( be, &op->o_ndn ); + isroot = be_isroot( op->o_bd, &op->o_ndn ); if ( ! isroot ) { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) - || be_isupdate( be, &op->o_ndn ) ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) + || be_isupdate( op->o_bd, &op->o_ndn ) ) { p = (Entry *)&slap_entry_root; /* check parent for "children" acl */ - rc = access_allowed( be, conn, op, p, + rs->sr_err = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); p = NULL; - if ( ! rc ) { + if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: no access to parent\n", 0, 0, 0 ); @@ -390,7 +378,7 @@ retry: /* transaction retry */ "no access to parent\n", 0, 0, 0 ); #endif - text = "no write access to old parent"; + rs->sr_text = "no write access to old parent"; goto return_results; } @@ -427,8 +415,8 @@ retry: /* transaction retry */ "& \"\" is not suffix\n", 0, 0, 0); #endif - text = "no write access to old parent"; - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to old parent"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } } @@ -436,45 +424,45 @@ retry: /* transaction retry */ new_parent_dn = &p_dn; /* New Parent unless newSuperior given */ - if ( newSuperior != NULL ) { + if ( op->oq_modrdn.rs_newSup != NULL ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "==>bdb_modrdn: new parent \"%s\" requested...\n", - newSuperior->bv_val, 0, 0 ); + op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: new parent \"%s\" requested...\n", - newSuperior->bv_val, 0, 0 ); + op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); #endif /* newSuperior == oldParent? */ - if( dn_match( &p_ndn, nnewSuperior ) ) { + if( dn_match( &p_ndn, op->oq_modrdn.rs_nnewSup ) ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_BDB, INFO, "bdb_back_modrdn: " "new parent \"%s\" same as the old parent \"%s\"\n", - newSuperior->bv_val, p_dn.bv_val, 0 ); + op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_TRACE, "bdb_back_modrdn: " "new parent \"%s\" same as the old parent \"%s\"\n", - newSuperior->bv_val, p_dn.bv_val, 0 ); + op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 ); #endif - newSuperior = NULL; /* ignore newSuperior */ + op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */ } } - if ( newSuperior != NULL ) { - if ( newSuperior->bv_len ) { - np_dn = newSuperior; - np_ndn = nnewSuperior; + if ( op->oq_modrdn.rs_newSup != NULL ) { + if ( op->oq_modrdn.rs_newSup->bv_len ) { + np_dn = op->oq_modrdn.rs_newSup; + np_ndn = op->oq_modrdn.rs_nnewSup; /* newSuperior == oldParent?, if so ==> ERROR */ /* newSuperior == entry being moved?, if so ==> ERROR */ /* Get Entry with dn=newSuperior. Does newSuperior exist? */ - rc = bdb_dn2entry_r( be, - ltid, nnewSuperior, &np, NULL, 0, locker, &lock ); + rs->sr_err = bdb_dn2entry_r( op->o_bd, + ltid, np_ndn, &np, NULL, 0, locker, &lock ); - switch( rc ) { + switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; @@ -482,11 +470,11 @@ retry: /* transaction retry */ case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: - text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto return_results; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } @@ -500,8 +488,8 @@ retry: /* transaction retry */ "bdb_modrdn: newSup(ndn=%s) not here!\n", np_ndn->bv_val, 0, 0); #endif - text = "new superior not found"; - rc = LDAP_OTHER; + rs->sr_text = "new superior not found"; + rs->sr_err = LDAP_OTHER; goto return_results; } @@ -516,10 +504,10 @@ retry: /* transaction retry */ #endif /* check newSuperior for "children" acl */ - rc = access_allowed( be, conn, op, np, children, + rs->sr_err = access_allowed( op, np, children, NULL, ACL_WRITE, NULL ); - if( ! rc ) { + if( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: @@ -534,8 +522,8 @@ retry: /* transaction retry */ "bdb_modrdn: no wr to newSup children\n", 0, 0, 0 ); #endif - text = "no write access to new superior's children"; - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to new superior's children"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } @@ -549,8 +537,8 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n", 0, 0, 0 ); #endif - text = "new superior is an alias"; - rc = LDAP_ALIAS_PROBLEM; + rs->sr_text = "new superior is an alias"; + rs->sr_err = LDAP_ALIAS_PROBLEM; goto return_results; } #endif @@ -564,38 +552,38 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n", 0, 0, 0 ); #endif - text = "new superior is a referral"; - rc = LDAP_OTHER; + rs->sr_text = "new superior is a referral"; + rs->sr_err = LDAP_OTHER; goto return_results; } } else { if ( isroot == -1 ) { - isroot = be_isroot( be, &op->o_ndn ); + isroot = be_isroot( op->o_bd, &op->o_ndn ); } np_dn = NULL; /* no parent, modrdn entry directly under root */ if ( ! isroot ) { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) - || be_isupdate( be, &op->o_ndn ) ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) + || be_isupdate( op->o_bd, &op->o_ndn ) ) { np = (Entry *)&slap_entry_root; /* check parent for "children" acl */ - rc = access_allowed( be, conn, op, np, + rs->sr_err = access_allowed( op, np, children, NULL, ACL_WRITE, NULL ); np = NULL; - if ( ! rc ) { + if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: no access to superior\n", 0, 0, 0 ); @@ -604,7 +592,7 @@ retry: /* transaction retry */ "no access to new superior\n", 0, 0, 0 ); #endif - text = "no write access to new superior's children"; + rs->sr_text = "no write access to new superior's children"; goto return_results; } @@ -628,8 +616,8 @@ retry: /* transaction retry */ "& \"\" is not suffix\n", 0, 0, 0); #endif - text = "no write access to new superior's children"; - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_text = "no write access to new superior's children"; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } } @@ -657,7 +645,7 @@ retry: /* transaction retry */ } /* Build target dn and make sure target entry doesn't exist already. */ - if (!new_dn.bv_val) build_new_dn( &new_dn, new_parent_dn, newrdn ); + if (!new_dn.bv_val) build_new_dn( &new_dn, new_parent_dn, &op->oq_modrdn.rs_newrdn ); if (!new_ndn.bv_val) dnNormalize2( NULL, &new_dn, &new_ndn ); @@ -669,26 +657,26 @@ retry: /* transaction retry */ new_ndn.bv_val, 0, 0 ); #endif - rc = bdb_dn2id ( be, ltid, &new_ndn, &id, 0 ); - switch( rc ) { + rs->sr_err = bdb_dn2id ( op->o_bd, ltid, &new_ndn, &id, 0 ); + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case DB_NOTFOUND: break; case 0: - rc = LDAP_ALREADY_EXISTS; + rs->sr_err = LDAP_ALREADY_EXISTS; goto return_results; default: - rc = LDAP_OTHER; - text = "internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "internal error"; goto return_results; } /* Get attribute type and attribute value of our new rdn, we will * need to add that to our new entry */ - if ( !new_rdn && ldap_bv2rdn( newrdn, &new_rdn, (char **)&text, + if ( !new_rdn && ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn, (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP ) ) { #ifdef NEW_LOGGING @@ -702,8 +690,8 @@ retry: /* transaction retry */ "type(s)/values(s) of newrdn\n", 0, 0, 0 ); #endif - rc = LDAP_INVALID_DN_SYNTAX; - text = "unknown type(s) used in RDN"; + rs->sr_err = LDAP_INVALID_DN_SYNTAX; + rs->sr_text = "unknown type(s) used in RDN"; goto return_results; } @@ -721,8 +709,8 @@ retry: /* transaction retry */ new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); #endif - if ( deleteoldrdn ) { - if ( !old_rdn && ldap_bv2rdn( dn, &old_rdn, (char **)&text, + if ( op->oq_modrdn.rs_deleteoldrdn ) { + if ( !old_rdn && ldap_bv2rdn( &op->o_req_dn, &old_rdn, (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP ) ) { #ifdef NEW_LOGGING @@ -736,31 +724,30 @@ retry: /* transaction retry */ "the old_rdn type(s)/value(s)\n", 0, 0, 0 ); #endif - rc = LDAP_OTHER; - text = "cannot parse RDN from old DN"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "cannot parse RDN from old DN"; goto return_results; } } /* prepare modlist of modifications from old/new rdn */ if (!mod) { - rc = slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn, - deleteoldrdn, &mod ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = slap_modrdn2mods( op, rs, e, old_rdn, new_rdn, &mod ); + if ( rs->sr_err != LDAP_SUCCESS ) { goto return_results; } } /* delete old one */ - rc = bdb_dn2id_delete( be, ltid, p_ndn.bv_val, e ); - if ( rc != 0 ) { - switch( rc ) { + rs->sr_err = bdb_dn2id_delete( op->o_bd, ltid, p_ndn.bv_val, e ); + if ( rs->sr_err != 0 ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - rc = LDAP_OTHER; - text = "DN index delete fail"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "DN index delete fail"; goto return_results; } @@ -770,6 +757,15 @@ retry: /* transaction retry */ * free individual fields. But if a previous modrdn has * already happened, must free the names. */ +#ifdef BDB_HIER + ch_free(e->e_name.bv_val); + e->e_name.bv_val = ch_malloc(new_dn.bv_len + new_ndn.bv_len + 2); + e->e_name.bv_len = new_dn.bv_len; + e->e_nname.bv_val = e->e_name.bv_val + new_dn.bv_len + 1; + e->e_nname.bv_len = new_ndn.bv_len; + strcpy(e->e_name.bv_val, new_dn.bv_val); + strcpy(e->e_nname.bv_val, new_ndn.bv_val); +#else if( e->e_nname.bv_val < e->e_bv.bv_val || e->e_nname.bv_val > e->e_bv.bv_val + e->e_bv.bv_len ) { ch_free(e->e_name.bv_val); @@ -779,40 +775,39 @@ retry: /* transaction retry */ } e->e_name = new_dn; e->e_nname = new_ndn; - new_dn.bv_val = NULL; new_ndn.bv_val = NULL; - +#endif /* add new one */ - rc = bdb_dn2id_add( be, ltid, np_ndn, e ); - if ( rc != 0 ) { - switch( rc ) { + rs->sr_err = bdb_dn2id_add( op->o_bd, ltid, np_ndn, e ); + if ( rs->sr_err != 0 ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - rc = LDAP_OTHER; - text = "DN index add failed"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "DN index add failed"; goto return_results; } #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - if ( rc == LDAP_SUCCESS && !op->o_noop ) { - LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { - bdb_psearch(be, conn, op, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY ); + if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) { + LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_PREMODIFY ); } } #endif /* modify entry */ - rc = bdb_modify_internal( be, conn, op, ltid, &mod[0], e, - &text, textbuf, textlen ); + rs->sr_err = bdb_modify_internal( op, ltid, &mod[0], e, + &rs->sr_text, textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { - if ( ( rc == LDAP_INSUFFICIENT_ACCESS ) && opinfo.boi_err ) { - rc = opinfo.boi_err; + if( rs->sr_err != LDAP_SUCCESS ) { + if ( ( rs->sr_err == LDAP_INSUFFICIENT_ACCESS ) && opinfo.boi_err ) { + rs->sr_err = opinfo.boi_err; } - switch( rc ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; @@ -821,24 +816,24 @@ retry: /* transaction retry */ } /* id2entry index */ - rc = bdb_id2entry_update( be, ltid, e ); - if ( rc != 0 ) { - switch( rc ) { + rs->sr_err = bdb_id2entry_update( op->o_bd, ltid, e ); + if ( rs->sr_err != 0 ) { + switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - rc = LDAP_OTHER; - text = "entry update failed"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "entry update failed"; goto return_results; } if( op->o_noop ) { - if(( rc=TXN_ABORT( ltid )) != 0 ) { - text = "txn_abort (no-op) failed"; + if(( rs->sr_err=TXN_ABORT( ltid )) != 0 ) { + rs->sr_text = "txn_abort (no-op) failed"; } else { noop = 1; - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; } } else { @@ -847,23 +842,23 @@ retry: /* transaction retry */ snprintf( gid, sizeof( gid ), "%s-%08lx-%08lx", bdb_uuid.bv_val, (long) op->o_connid, (long) op->o_opid ); - if(( rc=TXN_PREPARE( ltid, gid )) != 0 ) { - text = "txn_prepare failed"; + if(( rs->sr_err=TXN_PREPARE( ltid, gid )) != 0 ) { + rs->sr_text = "txn_prepare failed"; } else { if( bdb_cache_update_entry(&bdb->bi_cache, e) == -1 ) { - if(( rc=TXN_ABORT( ltid )) != 0 ) { - text ="cache update & txn_abort failed"; + if(( rs->sr_err=TXN_ABORT( ltid )) != 0 ) { + rs->sr_text ="cache update & txn_abort failed"; } else { - rc = LDAP_OTHER; - text = "cache update failed"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "cache update failed"; } } else { bdb_cache_entry_commit( e ); - if(( rc=TXN_COMMIT( ltid, 0 )) != 0 ) { - text = "txn_commit failed"; + if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) { + rs->sr_text = "txn_commit failed"; } else { - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; } } } @@ -872,7 +867,7 @@ retry: /* transaction retry */ ltid = NULL; op->o_private = NULL; - if( rc == LDAP_SUCCESS ) { + if( rs->sr_err == LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, RESULTS, "bdb_modrdn: rdn modified%s id=%08lx dn=\"%s\"\n", @@ -882,41 +877,40 @@ retry: /* transaction retry */ "bdb_modrdn: rdn modified%s id=%08lx dn=\"%s\"\n", op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn ); #endif - text = NULL; + rs->sr_text = NULL; } else { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, RESULTS, "bdb_modrdn: %s : %s (%d)\n", - text, db_strerror(rc), rc ); + rs->sr_text, db_strerror(rs->sr_err), rs->sr_err ); #else Debug( LDAP_DEBUG_TRACE, "bdb_add: %s : %s (%d)\n", - text, db_strerror(rc), rc ); + rs->sr_text, db_strerror(rs->sr_err), rs->sr_err ); #endif - rc = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; } return_results: - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - if ( rc == LDAP_SUCCESS && !op->o_noop ) { + if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) { /* Loop through in-scope entries for each psearch spec */ - LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { - bdb_psearch( be, conn, op, ps_list, e, LDAP_PSEARCH_BY_MODIFY ); + LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + bdb_psearch( op, rs, ps_list, e, LDAP_PSEARCH_BY_MODIFY ); } - pm_list = LDAP_LIST_FIRST(&op->premodify_list); + pm_list = LDAP_LIST_FIRST(&op->o_pm_list); while ( pm_list != NULL ) { - bdb_psearch(be, conn, op, pm_list->ps->op, + bdb_psearch(op, rs, pm_list->ps_op, e, LDAP_PSEARCH_BY_SCOPEOUT); - LDAP_LIST_REMOVE ( pm_list, link ); pm_prev = pm_list; - pm_list = LDAP_LIST_NEXT ( pm_list, link ); - free (pm_prev); + LDAP_LIST_REMOVE ( pm_list, ps_link ); + pm_list = LDAP_LIST_NEXT ( pm_list, ps_link ); + ch_free( pm_prev ); } } #endif - if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) { + if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) { ldap_pvt_thread_yield(); TXN_CHECKPOINT( bdb->bi_dbenv, bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 ); @@ -962,17 +956,17 @@ done: if( ltid != NULL ) { #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - pm_list = LDAP_LIST_FIRST(&op->premodify_list); + pm_list = LDAP_LIST_FIRST(&op->o_pm_list); while ( pm_list != NULL ) { - LDAP_LIST_REMOVE ( pm_list, link ); - pm_prev = pm_list; - pm_list = LDAP_LIST_NEXT ( pm_list, link ); - free (pm_prev); + LDAP_LIST_REMOVE ( pm_list, ps_link ); + pm_prev = pm_list; + pm_list = LDAP_LIST_NEXT ( pm_list, ps_link ); + ch_free( pm_prev ); } #endif TXN_ABORT( ltid ); op->o_private = NULL; } - return ( ( rc == LDAP_SUCCESS ) ? noop : rc ); + return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err ); } diff --git a/servers/slapd/back-bdb/operational.c b/servers/slapd/back-bdb/operational.c index 60249c610b..53f7acf23e 100644 --- a/servers/slapd/back-bdb/operational.c +++ b/servers/slapd/back-bdb/operational.c @@ -14,6 +14,7 @@ #include "slap.h" #include "back-bdb.h" #include "proto-bdb.h" +#include "external.h" /* * sets *hasSubordinates to LDAP_COMPARE_TRUE/LDAP_COMPARE_FALSE @@ -21,8 +22,6 @@ */ int bdb_hasSubordinates( - BackendDB *be, - Connection *conn, Operation *op, Entry *e, int *hasSubordinates ) @@ -30,10 +29,9 @@ bdb_hasSubordinates( int rc; assert( e ); - assert( hasSubordinates ); retry: - rc = bdb_dn2id_children( be, NULL, &e->e_nname, 0 ); + rc = bdb_dn2id_children( op->o_bd, NULL, &e->e_nname, 0 ); switch( rc ) { case DB_LOCK_DEADLOCK: @@ -71,24 +69,20 @@ retry: */ int bdb_operational( - BackendDB *be, - Connection *conn, Operation *op, - Entry *e, - AttributeName *attrs, + SlapReply *rs, int opattrs, Attribute **a ) { Attribute **aa = a; - int rc = 0; - assert( e ); + assert( rs->sr_entry ); - if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, attrs ) ) { + if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, rs->sr_attrs ) ) { int hasSubordinates; - rc = bdb_hasSubordinates( be, conn, op, e, &hasSubordinates ); - if ( rc == LDAP_SUCCESS ) { + rs->sr_err = bdb_hasSubordinates( op, rs->sr_entry, &hasSubordinates ); + if ( rs->sr_err == LDAP_SUCCESS ) { *aa = slap_operational_hasSubordinate( hasSubordinates == LDAP_COMPARE_TRUE ); if ( *aa != NULL ) { aa = &(*aa)->a_next; @@ -96,6 +90,6 @@ bdb_operational( } } - return rc; + return rs->sr_err; } diff --git a/servers/slapd/back-bdb/passwd.c b/servers/slapd/back-bdb/passwd.c index 8dff5ef09e..461d755755 100644 --- a/servers/slapd/back-bdb/passwd.c +++ b/servers/slapd/back-bdb/passwd.c @@ -15,19 +15,9 @@ #include "lber_pvt.h" int -bdb_exop_passwd( - Backend *be, - Connection *conn, - Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char **text, - BerVarray *refs ) +bdb_exop_passwd( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; int rc; Entry *e = NULL; struct berval hash = { 0, NULL }; @@ -45,11 +35,10 @@ bdb_exop_passwd( u_int32_t locker = 0; DB_LOCK lock; - assert( reqoid != NULL ); - assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 ); + assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 ); - rc = slap_passwd_parse( reqdata, - &id, NULL, &new, text ); + rc = slap_passwd_parse( op->oq_extended.rs_reqdata, + &id, NULL, &new, &rs->sr_text ); #ifdef NEW_LOGGING LDAP_LOG ( ACL, ENTRY, @@ -67,18 +56,18 @@ bdb_exop_passwd( slap_passwd_generate(&new); if( new.bv_len == 0 ) { - *text = "password generation failed."; + rs->sr_text = "password generation failed."; rc = LDAP_OTHER; goto done; } - *rspdata = slap_passwd_return( &new ); + rs->sr_rspdata = slap_passwd_return( &new ); } slap_passwd_hash( &new, &hash ); if( hash.bv_len == 0 ) { - *text = "password hash failed"; + rs->sr_text = "password hash failed"; rc = LDAP_OTHER; goto done; } @@ -98,14 +87,14 @@ bdb_exop_passwd( #endif if( dn.bv_len == 0 ) { - *text = "No password is associated with the Root DSE"; + rs->sr_text = "No password is associated with the Root DSE"; rc = LDAP_UNWILLING_TO_PERFORM; goto done; } rc = dnNormalize2( NULL, &dn, &ndn ); if( rc != LDAP_SUCCESS ) { - *text = "Invalid DN"; + rs->sr_text = "Invalid DN"; goto done; } @@ -126,7 +115,7 @@ retry: /* transaction retry */ op->o_do_not_cache = opinfo.boi_acl_cache; if( rc != 0 ) { rc = LDAP_OTHER; - *text = "internal error"; + rs->sr_text = "internal error"; goto done; } ldap_pvt_thread_yield(); @@ -135,7 +124,7 @@ retry: /* transaction retry */ /* begin transaction */ rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, bdb->bi_db_opflags ); - *text = NULL; + rs->sr_text = NULL; if( rc != 0 ) { #ifdef NEW_LOGGING LDAP_LOG ( ACL, ERR, @@ -147,13 +136,13 @@ retry: /* transaction retry */ db_strerror(rc), rc, 0 ); #endif rc = LDAP_OTHER; - *text = "internal error"; + rs->sr_text = "internal error"; goto done; } locker = TXN_ID ( ltid ); - opinfo.boi_bdb = be; + opinfo.boi_bdb = op->o_bd; opinfo.boi_txn = ltid; opinfo.boi_locker = locker; opinfo.boi_err = 0; @@ -161,7 +150,7 @@ retry: /* transaction retry */ op->o_private = &opinfo; /* get entry */ - rc = bdb_dn2entry_w( be, ltid, &ndn, &e, NULL, 0 , locker, &lock); + rc = bdb_dn2entry_w( op->o_bd, ltid, &ndn, &e, NULL, 0 , locker, &lock); switch(rc) { case DB_LOCK_DEADLOCK: @@ -171,16 +160,16 @@ retry: /* transaction retry */ case 0: break; case LDAP_BUSY: - *text = "ldap server busy"; + rs->sr_text = "ldap server busy"; goto done; default: rc = LDAP_OTHER; - *text = "internal error"; + rs->sr_text = "internal error"; goto done; } if( e == NULL ) { - *text = "could not locate authorization entry"; + rs->sr_text = "could not locate authorization entry"; rc = LDAP_NO_SUCH_OBJECT; goto done; } @@ -188,7 +177,7 @@ retry: /* transaction retry */ #ifdef BDB_SUBENTRIES if( is_entry_subentry( e ) ) { /* entry is an alias, don't allow operation */ - *text = "authorization entry is subentry"; + rs->sr_text = "authorization entry is subentry"; rc = LDAP_OTHER; goto done; } @@ -196,7 +185,7 @@ retry: /* transaction retry */ #ifdef BDB_ALIASES if( is_entry_alias( e ) ) { /* entry is an alias, don't allow operation */ - *text = "authorization entry is alias"; + rs->sr_text = "authorization entry is alias"; rc = LDAP_ALIAS_PROBLEM; goto done; } @@ -204,7 +193,7 @@ retry: /* transaction retry */ if( is_entry_referral( e ) ) { /* entry is an referral, don't allow operation */ - *text = "authorization entry is referral"; + rs->sr_text = "authorization entry is referral"; rc = LDAP_OTHER; goto done; } @@ -224,8 +213,8 @@ retry: /* transaction retry */ ml.sml_op = LDAP_MOD_REPLACE; ml.sml_next = NULL; - rc = bdb_modify_internal( be, conn, op, ltid, - &ml, e, text, textbuf, textlen ); + rc = bdb_modify_internal( op, ltid, + &ml, e, &rs->sr_text, textbuf, textlen ); if ( (rc == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) { rc = opinfo.boi_err; @@ -233,26 +222,26 @@ retry: /* transaction retry */ switch(rc) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: - *text = NULL; + rs->sr_text = NULL; goto retry; case 0: - *text = NULL; + rs->sr_text = NULL; break; default: rc = LDAP_OTHER; - *text = "entry modify failed"; + rs->sr_text = "entry modify failed"; goto done; } /* change the entry itself */ - rc = bdb_id2entry_update( be, ltid, e ); + rc = bdb_id2entry_update( op->o_bd, ltid, e ); if( rc != 0 ) { switch(rc) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } - *text = "entry update failed"; + rs->sr_text = "entry update failed"; rc = LDAP_OTHER; } @@ -267,7 +256,11 @@ retry: /* transaction retry */ op->o_private = NULL; if( rc == LDAP_SUCCESS ) { - replog( be, op, &e->e_name, &e->e_nname, &ml ); + op->o_req_dn = e->e_name; + op->o_req_ndn = e->e_nname; + op->oq_modify.rs_modlist = &ml; + replog( op ); + op->oq_extended.rs_reqoid = slap_EXOP_MODIFY_PASSWD; } } diff --git a/servers/slapd/back-bdb/proto-bdb.h b/servers/slapd/back-bdb/proto-bdb.h index 87e6d414b8..0844f0934b 100644 --- a/servers/slapd/back-bdb/proto-bdb.h +++ b/servers/slapd/back-bdb/proto-bdb.h @@ -241,13 +241,12 @@ bdb_index_values LDAP_P(( ID id, int op )); -int bdb_index_entry LDAP_P(( Backend *be, DB_TXN *t, - int r, Entry *e, Attribute *ap )); +int bdb_index_entry LDAP_P(( Backend *be, DB_TXN *t, int r, Entry *e )); -#define bdb_index_entry_add(be,t,e,ap) \ - bdb_index_entry((be),(t),SLAP_INDEX_ADD_OP,(e),(ap)) -#define bdb_index_entry_del(be,t,e,ap) \ - bdb_index_entry((be),(t),SLAP_INDEX_DELETE_OP,(e),(ap)) +#define bdb_index_entry_add(be,t,e) \ + bdb_index_entry((be),(t),SLAP_INDEX_ADD_OP,(e)) +#define bdb_index_entry_del(be,t,e) \ + bdb_index_entry((be),(t),SLAP_INDEX_DELETE_OP,(e)) /* * init.c @@ -284,8 +283,6 @@ int bdb_last_id( BackendDB *be, DB_TXN *tid ); * modify.c */ int bdb_modify_internal( - BackendDB *be, - Connection *conn, Operation *op, DB_TXN *tid, Modifications *modlist, @@ -294,17 +291,6 @@ int bdb_modify_internal( char *textbuf, size_t textlen ); -/* - * operational.c - */ -int -bdb_hasSubordinates( - BackendDB *be, - Connection *conn, - Operation *op, - Entry *e, - int *hasSubordinates ); - /* * passwd.c */ @@ -362,46 +348,19 @@ void bdb_cache_release_all( Cache *cache ); * lcup.c */ -int bdb_abandon( - BackendDB *be, - Connection *conn, - Operation *op, - ber_int_t id -); +BI_op_abandon bdb_abandon; -int bdb_cancel( - BackendDB *be, - Connection *conn, - Operation *op, - ber_int_t id -); +BI_op_cancel bdb_cancel; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) -int bdb_add_psearch_spec( - BackendDB *be, - Connection *conn, - Operation *op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int slimit, - int tlimit, - Filter *filter, - struct berval *fstr, - AttributeName *attrs, - int attrsonly, - int protocol -); - -int bdb_psearch( - BackendDB *be, - Connection *conn, +int bdb_do_search( Operation *op, + SlapReply *rs, Operation *ps_op, Entry *entry, int psearch_type ); +#define bdb_psearch(op, rs, sop, e, ps_type) bdb_do_search(op, rs, sop, e, ps_type) #endif /* @@ -411,8 +370,8 @@ int bdb_psearch( #ifdef LDAP_CLIENT_UPDATE int bdb_build_lcup_update_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, Entry *e, int entry_count, LDAPControl **ctrls, @@ -422,8 +381,8 @@ bdb_build_lcup_update_ctrl( int bdb_build_lcup_done_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, LDAPControl **ctrls, int num_ctrls, struct berval *latest_entrycsn_bv ); @@ -432,8 +391,8 @@ bdb_build_lcup_done_ctrl( #ifdef LDAP_SYNC int bdb_build_sync_state_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, Entry *e, int entry_sync_state, LDAPControl **ctrls, @@ -443,8 +402,8 @@ bdb_build_sync_state_ctrl( int bdb_build_sync_done_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, LDAPControl **ctrls, int num_ctrls, int send_cookie, @@ -452,16 +411,10 @@ bdb_build_sync_done_ctrl( int bdb_send_ldap_intermediate( - Connection *conn, Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, + SlapReply *rs, int state, - struct berval *cookie, - LDAPControl **ctrls ); + struct berval *cookie ); #endif #ifdef BDB_REUSE_LOCKERS diff --git a/servers/slapd/back-bdb/psearch.c b/servers/slapd/back-bdb/psearch.c deleted file mode 100644 index e62c8ec18b..0000000000 --- a/servers/slapd/back-bdb/psearch.c +++ /dev/null @@ -1,1082 +0,0 @@ -/* psearch.c - psearch operations */ -/* $OpenLDAP$ */ -/* - * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. - * COPYING RESTRICTIONS APPLY, see COPYRIGHT file - */ - -#include "portable.h" - -#include - -#include "back-bdb.h" -#include "idl.h" -#include "external.h" - -#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - -#define IS_BDB_REPLACE (( psearch_type == LDAP_PSEARCH_BY_DELETE ) || \ - ( psearch_type == LDAP_PSEARCH_BY_SCOPEOUT )) -#define IS_BDB_LCUP_REPLACE (( protocol == LDAP_CLIENT_UPDATE ) && IS_BDB_REPLACE ) - -static int psearch_base_candidate( - BackendDB *be, - Entry *e, - ID *ids ); - -static int psearch_candidates( - BackendDB *be, - Operation *op, - Entry *e, - Filter *filter, - int scope, - int deref, - ID *ids ); - -int -bdb_abandon( - BackendDB *be, - Connection *conn, - Operation *op, - ber_int_t id ) -{ - Operation *ps_list; - struct bdb_info *bdb = (struct bdb_info *) be->be_private; - - LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { - if ( ps_list->o_connid == conn->c_connid ) { - if ( ps_list->o_msgid == id ) { - ps_list->o_abandon = 1; - LDAP_LIST_REMOVE( ps_list, link ); - slap_op_free ( ps_list ); - return LDAP_SUCCESS; - } - } - } - return LDAP_UNAVAILABLE; -} - -int -bdb_cancel( - BackendDB *be, - Connection *conn, - Operation *op, - ber_int_t id ) -{ - Operation *ps_list; - struct bdb_info *bdb = (struct bdb_info *) be->be_private; - - LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { - if ( ps_list->o_connid == conn->c_connid ) { - if ( ps_list->o_msgid == id ) { - ps_list->o_cancel = SLAP_CANCEL_DONE; - LDAP_LIST_REMOVE( ps_list, link ); - -#if 0 - bdb_build_sync_done_ctrl( conn, ps_list, ps_list->ctrls, 1, &latest_entrycsn_bv ); - send_search_result( conn, ps_list, LDAP_CANCELLED, - NULL, NULL, NULL, ps_list->ctrls, ps_list->nentries); -#endif - send_search_result( conn, ps_list, LDAP_CANCELLED, - NULL, NULL, NULL, NULL, 0); - - - - slap_op_free ( ps_list ); - return LDAP_SUCCESS; - } - } - } - return LDAP_UNAVAILABLE; -} - -int -bdb_add_psearch_spec( - BackendDB *be, - Connection *conn, - Operation *op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int slimit, - int tlimit, - Filter *filter, - struct berval *fstr, - AttributeName *attrs, - int attrsonly, - int protocol ) -{ - struct bdb_info *bdb = (struct bdb_info *) be->be_private; - - LDAP_LIST_FIRST( &op->psearch_spec ) = (struct ldap_psearch_spec *) - calloc ( 1, sizeof ( struct ldap_psearch_spec ) ); - - LDAP_LIST_FIRST( &op->psearch_spec )->op = op; - - LDAP_LIST_FIRST( &op->psearch_spec )->base = ber_dupbv(NULL, base); - LDAP_LIST_FIRST( &op->psearch_spec )->nbase = ber_dupbv(NULL, nbase); - - LDAP_LIST_FIRST( &op->psearch_spec )->scope = scope; - LDAP_LIST_FIRST( &op->psearch_spec )->deref = deref; - LDAP_LIST_FIRST( &op->psearch_spec )->slimit = slimit; - LDAP_LIST_FIRST( &op->psearch_spec )->tlimit = tlimit; - - LDAP_LIST_FIRST( &op->psearch_spec )->filter = filter; - LDAP_LIST_FIRST( &op->psearch_spec )->filterstr = ber_dupbv(NULL, fstr); - LDAP_LIST_FIRST( &op->psearch_spec )->attrs = attrs; - - LDAP_LIST_FIRST( &op->psearch_spec )->attrsonly = attrsonly; - - LDAP_LIST_FIRST( &op->psearch_spec )->entry_count = 0; - - LDAP_LIST_FIRST( &op->psearch_spec )->protocol = protocol; - - LDAP_LIST_INSERT_HEAD( &bdb->psearch_list, op, link ); -} - -int -bdb_psearch( - BackendDB *be, - Connection *conn, - Operation *op, - Operation *ps_op, - Entry *entry, - int psearch_type ) -{ - struct bdb_info *bdb = (struct bdb_info *) be->be_private; - int rc; - const char *text = NULL; - time_t stoptime; - unsigned cursor; - ID id; - ID candidates[BDB_IDL_UM_SIZE]; - Entry *e = NULL; - BerVarray v2refs = NULL; - Entry *matched = NULL; - struct berval realbase = { 0, NULL }; - int nentries = 0; - int manageDSAit; - - Filter cookief, csnfnot, csnfeq, csnfand, csnfge; - AttributeAssertion aa_ge, aa_eq; - struct berval entrycsn_bv = { 0, NULL }; - struct berval latest_entrycsn_bv = { 0, NULL }; - - LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS]; - int num_ctrls = 0; - - struct slap_limits_set *limit = NULL; - int isroot = 0; - int scopeok = 0; - - u_int32_t locker; - DB_LOCK lock; - - Connection *ps_conn = ps_op->o_conn; - struct berval *base = LDAP_LIST_FIRST( &ps_op->psearch_spec )->base; - struct berval *nbase = LDAP_LIST_FIRST( &ps_op->psearch_spec )->nbase; - int scope = LDAP_LIST_FIRST( &ps_op->psearch_spec )->scope; - int deref = LDAP_LIST_FIRST( &ps_op->psearch_spec )->deref; - int slimit = LDAP_LIST_FIRST( &ps_op->psearch_spec )->slimit; - int tlimit = LDAP_LIST_FIRST( &ps_op->psearch_spec )->tlimit; - Filter *filter = LDAP_LIST_FIRST( &ps_op->psearch_spec )->filter; - struct berval *filterstr = LDAP_LIST_FIRST( &ps_op->psearch_spec )->filterstr; - int attrsonly = LDAP_LIST_FIRST( &ps_op->psearch_spec )->attrsonly; - int protocol = LDAP_LIST_FIRST( &ps_op->psearch_spec )->protocol; - AttributeName uuid_attr[2]; - AttributeName *attrs; - -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ENTRY, "bdb_back_search\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n", - 0, 0, 0); -#endif - - manageDSAit = get_manageDSAit( ps_op ); - - rc = LOCK_ID (bdb->bi_dbenv, &locker ); - switch(rc) { - case 0: - break; - default: - send_ldap_result( ps_conn, ps_op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); - return rc; - } - - for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ ) - ctrls[num_ctrls] = NULL; - num_ctrls = 0; - - if ( !IS_BDB_REPLACE ) { - attrs = LDAP_LIST_FIRST(&ps_op->psearch_spec)->attrs; - } else { -#ifdef LDAP_CLIENT_UPDATE - if ( protocol == LDAP_CLIENT_UPDATE ) { - attrs = uuid_attr; - attrs[0].an_desc = slap_schema.si_ad_entryUUID; - attrs[0].an_oc = NULL; - ber_dupbv( &attrs[0].an_name, &attrs[0].an_desc->ad_cname ); - attrs[1].an_desc = NULL; - attrs[1].an_oc = NULL; - attrs[1].an_name.bv_len = 0; - attrs[1].an_name.bv_val = NULL; - } else -#endif -#ifdef LDAP_SYNC - if (protocol == LDAP_SYNC ) { - attrs = uuid_attr; - attrs[0].an_desc = NULL; - attrs[0].an_oc = NULL; - attrs[0].an_name.bv_len = 0; - attrs[0].an_name.bv_val = NULL; - } else -#endif - { - rc = 1; - goto done; - } - } - - if ( nbase->bv_len == 0 ) { - /* DIT root special case */ - e = (Entry *) &slap_entry_root; - rc = 0; - } else -#ifdef BDB_ALIASES - /* get entry with reader lock */ - if ( deref & LDAP_DEREF_FINDING ) { - e = deref_dn_r( be, nbase-, &err, &matched, &text ); - - } else -#endif - { -dn2entry_retry: - rc = bdb_dn2entry_r( be, NULL, nbase, &e, &matched, 0, locker, &lock ); - } - - switch(rc) { - case DB_NOTFOUND: - case 0: - break; - case LDAP_BUSY: - if (e != NULL) { - bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, - e, &lock); - } - if (matched != NULL) { - bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, - matched, &lock); - } - send_ldap_result( ps_conn, ps_op, LDAP_BUSY, - NULL, "ldap server busy", NULL, NULL ); - LOCK_ID_FREE( bdb->bi_dbenv, locker ); -#ifdef LDAP_CLIENT_UPDATE - if ( IS_BDB_LCUP_REPLACE ) - ch_free( attrs[0].an_name.bv_val ); -#endif - return LDAP_BUSY; - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto dn2entry_retry; - default: - if (e != NULL) { - bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, - e, &lock); - } - if (matched != NULL) { - bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, - matched, &lock); - } - send_ldap_result( ps_conn, ps_op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); - LOCK_ID_FREE( bdb->bi_dbenv, locker ); -#ifdef LDAP_CLIENT_UPDATE - if ( IS_BDB_LCUP_REPLACE ) - ch_free( attrs[0].an_name.bv_val ); -#endif - return rc; - } - - if ( e == NULL ) { - struct berval matched_dn = { 0, NULL }; - BerVarray refs = NULL; - - if ( matched != NULL ) { - BerVarray erefs; - ber_dupbv( &matched_dn, &matched->e_name ); - - erefs = is_entry_referral( matched ) - ? get_entry_referrals( be, ps_conn, ps_op, matched ) - : NULL; - - bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, - matched, &lock); - matched = NULL; - - if( erefs ) { - refs = referral_rewrite( erefs, &matched_dn, - base, scope ); - ber_bvarray_free( erefs ); - } - - } else { - refs = referral_rewrite( default_referral, - NULL, base, scope ); - } - - send_ldap_result( ps_conn, ps_op, rc=LDAP_REFERRAL , - matched_dn.bv_val, text, refs, NULL ); - - LOCK_ID_FREE( bdb->bi_dbenv, locker ); - if ( refs ) ber_bvarray_free( refs ); - if ( matched_dn.bv_val ) ber_memfree( matched_dn.bv_val ); -#ifdef LDAP_CLIENT_UPDATE - if ( IS_BDB_LCUP_REPLACE ) - ch_free( attrs[0].an_name.bv_val ); -#endif - return rc; - } - - if (!manageDSAit && e != &slap_entry_root && is_entry_referral( e ) ) { - /* entry is a referral, don't allow add */ - struct berval matched_dn; - BerVarray erefs, refs; - - ber_dupbv( &matched_dn, &e->e_name ); - erefs = get_entry_referrals( be, ps_conn, ps_op, e ); - refs = NULL; - - bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock ); - e = NULL; - - if( erefs ) { - refs = referral_rewrite( erefs, &matched_dn, - base, scope ); - ber_bvarray_free( erefs ); - } - -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, RESULTS, - "bdb_search: entry is referral\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, "bdb_search: entry is referral\n", - 0, 0, 0 ); -#endif - - send_ldap_result( ps_conn, ps_op, LDAP_REFERRAL, - matched_dn.bv_val, - refs ? NULL : "bad referral object", - refs, NULL ); - - LOCK_ID_FREE( bdb->bi_dbenv, locker ); - ber_bvarray_free( refs ); - ber_memfree( matched_dn.bv_val ); -#ifdef LDAP_CLIENT_UPDATE - if ( IS_BDB_LCUP_REPLACE ) - ch_free( attrs[0].an_name.bv_val ); -#endif - return 1; - } - - /* if not root, get appropriate limits */ - if ( be_isroot( be, &ps_op->o_ndn ) ) { - isroot = 1; - } else { - ( void ) get_limits( be, &ps_op->o_ndn, &limit ); - } - - /* The time/size limits come first because they require very little - * effort, so there's no chance the candidates are selected and then - * the request is not honored only because of time/size constraints */ - - /* if no time limit requested, use soft limit (unless root!) */ - if ( isroot ) { - if ( tlimit == 0 ) { - tlimit = -1; /* allow root to set no limit */ - } - - if ( slimit == 0 ) { - slimit = -1; - } - - } else { - /* if no limit is required, use soft limit */ - if ( tlimit <= 0 ) { - tlimit = limit->lms_t_soft; - - /* if requested limit higher than hard limit, abort */ - } else if ( tlimit > limit->lms_t_hard ) { - /* no hard limit means use soft instead */ - if ( limit->lms_t_hard == 0 && tlimit > limit->lms_t_soft ) { - tlimit = limit->lms_t_soft; - - /* positive hard limit means abort */ - } else if ( limit->lms_t_hard > 0 ) { - send_search_result( ps_conn, ps_op, - LDAP_UNWILLING_TO_PERFORM, - NULL, NULL, NULL, NULL, 0 ); - rc = 0; - goto done; - } - - /* negative hard limit means no limit */ - } - - /* if no limit is required, use soft limit */ - if ( slimit <= 0 ) { - slimit = limit->lms_s_soft; - - /* if requested limit higher than hard limit, abort */ - } else if ( slimit > limit->lms_s_hard ) { - /* no hard limit means use soft instead */ - if ( limit->lms_s_hard == 0 && slimit > limit->lms_s_soft ) { - slimit = limit->lms_s_soft; - - /* positive hard limit means abort */ - } else if ( limit->lms_s_hard > 0 ) { - send_search_result( ps_conn, ps_op, - LDAP_UNWILLING_TO_PERFORM, - NULL, NULL, NULL, NULL, 0 ); - rc = 0; - goto done; - } - - /* negative hard limit means no limit */ - } - } - - /* compute it anyway; root does not use it */ - stoptime = ps_op->o_time + tlimit; - - /* select candidates */ - if ( scope == LDAP_SCOPE_BASE ) { - rc = psearch_base_candidate( be, e, candidates ); - } else { - BDB_IDL_ALL( bdb, candidates ); - rc = psearch_candidates( be, op, e, filter, - scope, deref, candidates ); - } - - if ( !BDB_IDL_IS_RANGE( candidates ) ) { - cursor = bdb_idl_search( candidates, entry->e_id ); - if ( candidates[cursor] != entry->e_id ) { - goto test_done; - } - } else { - if ( entry->e_id < BDB_IDL_RANGE_FIRST(candidates) && - entry->e_id > BDB_IDL_RANGE_LAST(candidates) ) - { - goto test_done; - } - } - - /* candidates = { e } */ - candidates[0] = 1; - candidates[1] = entry->e_id; - - /* need normalized dn below */ - ber_dupbv( &realbase, &e->e_nname ); - - if ( e != &slap_entry_root ) { - bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, e, &lock); - } - e = NULL; - - if ( candidates[0] == 0 ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, RESULTS, - "bdb_search: no candidates\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, "bdb_search: no candidates\n", - 0, 0, 0 ); -#endif - - send_search_result( ps_conn, ps_op, - LDAP_SUCCESS, - NULL, NULL, NULL, NULL, 0 ); - - rc = 1; - goto done; - } - - /* if not root and candidates exceed to-be-checked entries, abort */ - if ( !isroot && limit->lms_s_unchecked != -1 ) { - if ( BDB_IDL_N(candidates) > (unsigned) limit->lms_s_unchecked ) { - send_search_result( ps_conn, ps_op, LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL, 0 ); - rc = 1; - goto done; - } - } - -#ifdef LDAP_CLIENT_UPDATE - if ( protocol == LDAP_CLIENT_UPDATE ) { - cookief.f_choice = LDAP_FILTER_AND; - cookief.f_and = &csnfnot; - cookief.f_next = NULL; - - csnfnot.f_choice = LDAP_FILTER_NOT; - csnfnot.f_not = &csnfeq; - csnfnot.f_next = &csnfand; - - csnfeq.f_choice = LDAP_FILTER_EQUALITY; - csnfeq.f_ava = &aa_eq; - csnfeq.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfeq.f_av_value, &ps_op->o_clientupdate_state ); - - csnfand.f_choice = LDAP_FILTER_AND; - csnfand.f_and = &csnfge; - csnfand.f_next = NULL; - - csnfge.f_choice = LDAP_FILTER_GE; - csnfge.f_ava = &aa_ge; - csnfge.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfge.f_av_value, &ps_op->o_clientupdate_state ); - csnfge.f_next = filter; - } -#endif -#if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC) - else -#endif -#ifdef LDAP_SYNC - if ( protocol == LDAP_SYNC ) { - cookief.f_choice = LDAP_FILTER_AND; - cookief.f_and = &csnfnot; - cookief.f_next = NULL; - - csnfnot.f_choice = LDAP_FILTER_NOT; - csnfnot.f_not = &csnfeq; - csnfnot.f_next = &csnfand; - - csnfeq.f_choice = LDAP_FILTER_EQUALITY; - csnfeq.f_ava = &aa_eq; - csnfeq.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfeq.f_av_value, &ps_op->o_sync_state ); - - csnfand.f_choice = LDAP_FILTER_AND; - csnfand.f_and = &csnfge; - csnfand.f_next = NULL; - - csnfge.f_choice = LDAP_FILTER_GE; - csnfge.f_ava = &aa_ge; - csnfge.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfge.f_av_value, &ps_op->o_sync_state ); - csnfge.f_next = filter; - } -#endif - - id = entry->e_id; - - /* check for abandon */ - if ( ps_op->o_abandon ) { - rc = 0; - goto done; - } - - /* check time limit */ - if ( tlimit != -1 && slap_get_time() > stoptime ) { - send_search_result( ps_conn, ps_op, rc = LDAP_TIMELIMIT_EXCEEDED, - NULL, NULL, v2refs, NULL, nentries ); - goto done; - } - - e = entry; - -#ifdef BDB_SUBENTRIES - if ( is_entry_subentry( e ) ) { - if( scope != LDAP_SCOPE_BASE ) { - if(!get_subentries_visibility( ps_op )) { - /* only subentries are visible */ - goto test_done; - } - - } else if ( get_subentries( ps_op ) && - !get_subentries_visibility( ps_op )) - { - /* only subentries are visible */ - goto test_done; - } - - } else if ( get_subentries_visibility( ps_op )) { - /* only subentries are visible */ - goto test_done; - } -#endif - -#ifdef BDB_ALIASES - if ( deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) { - Entry *matched; - int err; - const char *text; - - e = deref_entry_r( be, e, &err, &matched, &text ); - - if( e == NULL ) { - e = matched; - goto test_done; - } - - if( e->e_id == id ) { - /* circular loop */ - goto test_done; - } - - /* need to skip alias which deref into scope */ - if( scope & LDAP_SCOPE_ONELEVEL ) { - struct berval pdn; - - dnParent( &e->e_nname, &pdn ): - if ( ber_bvcmp( pdn, &realbase ) ) { - goto test_done; - } - - } else if ( dnIsSuffix( &e->e_nname, &realbase ) ) { - /* alias is within scope */ -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, RESULTS, - "bdb_search: \"%s\" in subtree\n", e->edn, 0, 0); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_search: \"%s\" in subtree\n", - e->e_dn, 0, 0 ); -#endif - goto test_done; - } - - scopeok = 1; - } -#endif - - /* - * if it's a referral, add it to the list of referrals. only do - * this for non-base searches, and don't check the filter - * explicitly here since it's only a candidate anyway. - */ - if ( !manageDSAit && scope != LDAP_SCOPE_BASE && - is_entry_referral( e ) ) - { - struct berval dn; - - /* check scope */ - if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) { - if ( !be_issuffix( be, &e->e_nname ) ) { - dnParent( &e->e_nname, &dn ); - scopeok = dn_match( &dn, &realbase ); - } else { - scopeok = (realbase.bv_len == 0); - } - - } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) { - scopeok = dnIsSuffix( &e->e_nname, &realbase ); - - } else { - scopeok = 1; - } - - if( scopeok ) { - BerVarray erefs = get_entry_referrals( - be, ps_conn, ps_op, e ); - BerVarray refs = referral_rewrite( erefs, - &e->e_name, NULL, - scope == LDAP_SCOPE_SUBTREE - ? LDAP_SCOPE_SUBTREE - : LDAP_SCOPE_BASE ); - - send_search_reference( be, ps_conn, ps_op, - e, refs, NULL, &v2refs ); - - ber_bvarray_free( refs ); - - } else { -#ifdef NEW_LOGGING - LDAP_LOG(OPERATION, DETAIL2, - "bdb_search: candidate referral %ld scope not okay\n", - id, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_search: candidate referral %ld scope not okay\n", - id, 0, 0 ); -#endif - } - - goto test_done; - } - - if ( psearch_type != LDAP_PSEARCH_BY_SCOPEOUT ) { - rc = test_filter( be, ps_conn, ps_op, e, &cookief ); - } else { - rc = LDAP_COMPARE_TRUE; - } - - if ( rc == LDAP_COMPARE_TRUE ) { - struct berval dn; - - /* check scope */ - if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) { - if ( be_issuffix( be, &e->e_nname ) ) { - scopeok = (realbase.bv_len == 0); - } else { - dnParent( &e->e_nname, &dn ); - scopeok = dn_match( &dn, &realbase ); - } - - } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) { - scopeok = dnIsSuffix( &e->e_nname, &realbase ); - - } else { - scopeok = 1; - } - - if ( scopeok ) { - /* check size limit */ - if ( --slimit == -1 ) { - send_search_result( ps_conn, ps_op, - rc = LDAP_SIZELIMIT_EXCEEDED, NULL, NULL, - v2refs, NULL, nentries ); - goto done; - } - - if (e) { - int result; - -#if 0 /* noop is masked SLAP_CTRL_UPDATE */ - if( ps_op->o_noop ) { - result = 0; - } else -#endif - { -#ifdef LDAP_SYNC - int premodify_found = 0; - int entry_sync_state; -#endif - - if ( psearch_type == LDAP_PSEARCH_BY_ADD || - psearch_type == LDAP_PSEARCH_BY_DELETE || - psearch_type == LDAP_PSEARCH_BY_MODIFY || - psearch_type == LDAP_PSEARCH_BY_SCOPEOUT ) - { - if ( psearch_type == LDAP_PSEARCH_BY_MODIFY ) { - struct psid_entry* psid_e; - LDAP_LIST_FOREACH( psid_e, &op->premodify_list, link) - { - if( psid_e->ps == LDAP_LIST_FIRST(&ps_op->psearch_spec)) - { -#ifdef LDAP_SYNC - premodify_found = 1; -#endif - LDAP_LIST_REMOVE(psid_e, link); - break; - } - } - if (psid_e != NULL) free (psid_e); - } -#ifdef LDAP_SYNC - if ( psearch_type == LDAP_PSEARCH_BY_ADD ) - entry_sync_state = LDAP_SYNC_ADD; - else if ( psearch_type == LDAP_PSEARCH_BY_DELETE ) - entry_sync_state = LDAP_SYNC_DELETE; - else if ( psearch_type == LDAP_PSEARCH_BY_MODIFY ) { - if ( premodify_found ) - entry_sync_state = LDAP_SYNC_MODIFY; - else - entry_sync_state = LDAP_SYNC_ADD; - } else if ( psearch_type == LDAP_PSEARCH_BY_SCOPEOUT ) - entry_sync_state = LDAP_SYNC_DELETE; - else { - rc = 1; - goto done; - } -#endif - -#ifdef LDAP_CLIENT_UPDATE - if ( protocol == LDAP_CLIENT_UPDATE ) { - int entry_count = ++(LDAP_LIST_FIRST(&ps_op->psearch_spec)->entry_count); - if ( IS_BDB_REPLACE ) { - rc = bdb_build_lcup_update_ctrl( ps_conn, ps_op, e, entry_count, ctrls, - num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_TRUE ); - } else { - rc = bdb_build_lcup_update_ctrl( ps_conn, ps_op, e, entry_count, ctrls, - num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_FALSE ); - } - if ( rc != LDAP_SUCCESS ) - goto done; - result = send_search_entry( be, ps_conn, ps_op, e, attrs, attrsonly, ctrls ); - if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) - ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val ); - ch_free( ctrls[--num_ctrls] ); - ctrls[num_ctrls] = NULL; - } else -#endif -#ifdef LDAP_SYNC - if ( protocol == LDAP_SYNC ) { - rc = bdb_build_sync_state_ctrl( ps_conn, ps_op, e, entry_sync_state, ctrls, - num_ctrls++, 1, &latest_entrycsn_bv ); - if ( rc != LDAP_SUCCESS ) - goto done; - result = send_search_entry( be, ps_conn, ps_op, e, attrs, attrsonly, ctrls ); - if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) - ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val ); - ch_free( ctrls[--num_ctrls] ); - ctrls[num_ctrls] = NULL; - } else -#endif - { - rc = 1; - goto done; - } - - } else if ( psearch_type == LDAP_PSEARCH_BY_PREMODIFY ) { - struct psid_entry* psid_e; - psid_e = (struct psid_entry *) calloc (1, - sizeof(struct psid_entry)); - psid_e->ps = LDAP_LIST_FIRST(&ps_op->psearch_spec); - LDAP_LIST_INSERT_HEAD( &op->premodify_list, - psid_e, link ); - - } else { - printf("Error !\n"); - } - } - - switch (result) { - case 0: /* entry sent ok */ - nentries++; - break; - case 1: /* entry not sent */ - break; - case -1: /* connection closed */ - rc = LDAP_OTHER; - goto done; - } - } - } else { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, RESULTS, - "bdb_search: %ld scope not okay\n", (long) id, 0, 0); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_search: %ld scope not okay\n", (long) id, 0, 0 ); -#endif - } - } else { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, RESULTS, - "bdb_search: %ld does match filter\n", (long) id, 0, 0); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_search: %ld does match filter\n", - (long) id, 0, 0 ); -#endif - } - -test_done: - rc = LDAP_SUCCESS; - -done: - if ( csnfeq.f_ava != NULL && csnfeq.f_av_value.bv_val != NULL ) { - ch_free( csnfeq.f_av_value.bv_val ); - } - - if ( csnfge.f_ava != NULL && csnfge.f_av_value.bv_val != NULL ) { - ch_free( csnfge.f_av_value.bv_val ); - } - - LOCK_ID_FREE( bdb->bi_dbenv, locker ); - - if( v2refs ) ber_bvarray_free( v2refs ); - if( realbase.bv_val ) ch_free( realbase.bv_val ); -#ifdef LDAP_CLIENT_UPDATE - if ( IS_BDB_LCUP_REPLACE ) - ch_free( attrs[0].an_name.bv_val ); -#endif - - return rc; -} - -static int psearch_base_candidate( - BackendDB *be, - Entry *e, - ID *ids ) -{ -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ENTRY, - "psearch_base_candidate: base: \"%s\" (0x%08lx)\n", e->e_dn, (long) e->e_id, 0); -#else - Debug(LDAP_DEBUG_ARGS, "psearch_base_candidates: base: \"%s\" (0x%08lx)\n", - e->e_dn, (long) e->e_id, 0); -#endif - - ids[0] = 1; - ids[1] = e->e_id; - return 0; -} - -/* Look for "objectClass Present" in this filter. - * Also count depth of filter tree while we're at it. - */ -static int psearch_oc_filter( - Filter *f, - int cur, - int *max -) -{ - int rc = 0; - - if( cur > *max ) *max = cur; - - switch(f->f_choice) { - case LDAP_FILTER_PRESENT: - if (f->f_desc == slap_schema.si_ad_objectClass) { - rc = 1; - } - break; - - case LDAP_FILTER_AND: - case LDAP_FILTER_OR: - cur++; - for (f=f->f_and; f; f=f->f_next) { - (void) psearch_oc_filter(f, cur, max); - } - break; - - default: - break; - } - return rc; -} - -static int psearch_candidates( - BackendDB *be, - Operation *op, - Entry *e, - Filter *filter, - int scope, - int deref, - ID *ids ) -{ - int rc, depth = 1; - Filter f, scopef, rf, xf; - ID *stack; - AttributeAssertion aa_ref; -#ifdef BDB_SUBENTRIES - Filter sf; - AttributeAssertion aa_subentry; -#endif -#ifdef BDB_ALIASES - Filter af; - AttributeAssertion aa_alias; -#endif - - /* - * This routine takes as input a filter (user-filter) - * and rewrites it as follows: - * (&(scope=DN)[(objectClass=subentry)] - * (|[(objectClass=referral)(objectClass=alias)](user-filter)) - */ - -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ENTRY, - "psearch_candidates: base=\"%s\" (0x%08lx) scope=%d\n", - e->e_dn, (long) e->e_id, scope); -#else - Debug(LDAP_DEBUG_TRACE, - "psearch_candidates: base=\"%s\" (0x%08lx) scope=%d\n", - e->e_dn, (long) e->e_id, scope ); -#endif - - xf.f_or = filter; - xf.f_choice = LDAP_FILTER_OR; - xf.f_next = NULL; - - /* If the user's filter uses objectClass=*, - * these clauses are redundant. - */ - if (!psearch_oc_filter(filter, 1, &depth) && !get_subentries_visibility(op) ) { - if( !get_manageDSAit(op) ) { /* match referrals */ - struct berval bv_ref = { sizeof("REFERRAL")-1, "REFERRAL" }; - rf.f_choice = LDAP_FILTER_EQUALITY; - rf.f_ava = &aa_ref; - rf.f_av_desc = slap_schema.si_ad_objectClass; - rf.f_av_value = bv_ref; - rf.f_next = xf.f_or; - xf.f_or = &rf; - } - -#ifdef BDB_ALIASES - if( deref & LDAP_DEREF_SEARCHING ) { /* match aliases */ - struct berval bv_alias = { sizeof("ALIAS")-1, "ALIAS" }; - af.f_choice = LDAP_FILTER_EQUALITY; - af.f_ava = &aa_alias; - af.f_av_desc = slap_schema.si_ad_objectClass; - af.f_av_value = bv_alias; - af.f_next = xf.f_or; - xf.f_or = ⁡ - } -#endif - /* We added one of these clauses, filter depth increased */ - if( xf.f_or != filter ) depth++; - } - - f.f_next = NULL; - f.f_choice = LDAP_FILTER_AND; - f.f_and = &scopef; - scopef.f_choice = scope == LDAP_SCOPE_SUBTREE - ? SLAPD_FILTER_DN_SUBTREE - : SLAPD_FILTER_DN_ONE; - scopef.f_dn = &e->e_nname; - scopef.f_next = xf.f_or == filter ? filter : &xf ; - /* Filter depth increased again, adding scope clause */ - depth++; - -#ifdef BDB_SUBENTRIES - if( get_subentries_visibility( op ) ) { - struct berval bv_subentry = { sizeof("SUBENTRY")-1, "SUBENTRY" }; - sf.f_choice = LDAP_FILTER_EQUALITY; - sf.f_ava = &aa_subentry; - sf.f_av_desc = slap_schema.si_ad_objectClass; - sf.f_av_value = bv_subentry; - sf.f_next = scopef.f_next; - scopef.f_next = &sf; - } -#endif - - /* Allocate IDL stack, plus 1 more for former tmp */ - stack = ch_malloc( (depth + 1) * BDB_IDL_UM_SIZE * sizeof( ID ) ); - - rc = bdb_filter_candidates( be, &f, ids, stack, stack+BDB_IDL_UM_SIZE ); - - ch_free( stack ); - - if( rc ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, DETAIL1, - "bdb_psearch_candidates: failed (rc=%d)\n", rc, 0, 0 ); -#else - Debug(LDAP_DEBUG_TRACE, - "bdb_psearch_candidates: failed (rc=%d)\n", - rc, NULL, NULL ); -#endif - - } else { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, DETAIL1, - "bdb_psearch_candidates: id=%ld first=%ld last=%ld\n", - (long) ids[0], (long) BDB_IDL_FIRST(ids), - (long) BDB_IDL_LAST(ids)); -#else - Debug(LDAP_DEBUG_TRACE, - "bdb_psearch_candidates: id=%ld first=%ld last=%ld\n", - (long) ids[0], - (long) BDB_IDL_FIRST(ids), - (long) BDB_IDL_LAST(ids) ); -#endif - } - - return rc; -} - - -#endif diff --git a/servers/slapd/back-bdb/referral.c b/servers/slapd/back-bdb/referral.c index 2552248bb7..73b441d67c 100644 --- a/servers/slapd/back-bdb/referral.c +++ b/servers/slapd/back-bdb/referral.c @@ -13,18 +13,12 @@ #include "external.h" int -bdb_referrals( - BackendDB *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - const char **text ) +bdb_referrals( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; - int rc = LDAP_SUCCESS; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *e = NULL; Entry *matched = NULL; + int rc = LDAP_SUCCESS; u_int32_t locker; DB_LOCK lock; @@ -49,7 +43,7 @@ bdb_referrals( dn2entry_retry: /* get entry */ - rc = bdb_dn2entry_r( be, NULL, ndn, &e, &matched, 0, locker, &lock ); + rc = bdb_dn2entry_r( op->o_bd, NULL, &op->o_req_ndn, &e, &matched, 0, locker, &lock ); switch(rc) { case DB_NOTFOUND: @@ -63,8 +57,7 @@ dn2entry_retry: if (matched != NULL) { bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock); } - send_ldap_result( conn, op, LDAP_BUSY, - NULL, "ldap server busy", NULL, NULL ); + send_ldap_error( op, rs, LDAP_BUSY, "ldap server busy" ); LOCK_ID_FREE ( bdb->bi_dbenv, locker ); return LDAP_BUSY; case DB_LOCK_DEADLOCK: @@ -86,83 +79,84 @@ dn2entry_retry: if (matched != NULL) { bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock); } - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); LOCK_ID_FREE ( bdb->bi_dbenv, locker ); - return rc; + return rs->sr_err; } if ( e == NULL ) { - char *matched_dn = NULL; - BerVarray refs = NULL; - if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); + rs->sr_matched = ch_strdup( matched->e_name.bv_val ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - (long) op->o_tag, dn->bv_val, matched_dn ); + (long) op->o_tag, op->o_req_dn.bv_val, rs->sr_matched ); #else Debug( LDAP_DEBUG_TRACE, "bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - (long) op->o_tag, dn->bv_val, matched_dn ); + (long) op->o_tag, op->o_req_dn.bv_val, rs->sr_matched ); #endif if( is_entry_referral( matched ) ) { rc = LDAP_OTHER; - refs = get_entry_referrals( be, conn, op, matched ); + rs->sr_ref = get_entry_referrals( op, matched ); } bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache, matched, &lock); matched = NULL; } else if ( default_referral != NULL ) { rc = LDAP_OTHER; - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } - if( refs != NULL ) { + if( rs->sr_ref != NULL ) { /* send referrals */ - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); - ber_bvarray_free( refs ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; } else if ( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, matched_dn, - matched_dn ? "bad referral object" : NULL, - NULL, NULL ); + rs->sr_err = rc; + rs->sr_text = rs->sr_matched ? "bad referral object" : NULL; + send_ldap_result( op, rs ); } LOCK_ID_FREE ( bdb->bi_dbenv, locker ); - free( matched_dn ); + free( (char *)rs->sr_matched ); + rs->sr_matched = NULL; return rc; } if ( is_entry_referral( e ) ) { /* entry is a referral */ - BerVarray refs = get_entry_referrals( be, conn, op, e ); - BerVarray rrefs = referral_rewrite( - refs, &e->e_name, dn, LDAP_SCOPE_DEFAULT ); + BerVarray refs = get_entry_referrals( op, e ); + rs->sr_ref = referral_rewrite( + refs, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - (long) op->o_tag, dn->bv_val, e->e_dn ); + (long) op->o_tag, op->o_req_dn.bv_val, e->e_dn ); #else Debug( LDAP_DEBUG_TRACE, "bdb_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - (long) op->o_tag, dn->bv_val, e->e_dn ); + (long) op->o_tag, op->o_req_dn.bv_val, e->e_dn ); #endif - if( rrefs != NULL ) { - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - e->e_dn, NULL, rrefs, NULL ); - ber_bvarray_free( rrefs ); + rs->sr_matched = e->e_name.bv_val; + if( rs->sr_ref != NULL ) { + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; } else { - send_ldap_result( conn, op, rc = LDAP_OTHER, e->e_dn, - "bad referral object", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "bad referral object" ); + rc = rs->sr_err; } + rs->sr_matched = NULL; ber_bvarray_free( refs ); } diff --git a/servers/slapd/back-bdb/search.c b/servers/slapd/back-bdb/search.c index bbd63bd3d3..5e547ea791 100644 --- a/servers/slapd/back-bdb/search.c +++ b/servers/slapd/back-bdb/search.c @@ -19,66 +19,114 @@ static int base_candidate( Entry *e, ID *ids ); static int search_candidates( - BackendDB *be, Operation *op, + Operation *stackop, /* op with the current threadctx/slab cache */ Entry *e, - Filter *filter, - int scope, - int deref, ID *ids ); static void send_pagerequest_response( - Connection *conn, Operation *op, + SlapReply *rs, ID lastid, - int nentries, int tentries ); +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) +#define IS_BDB_REPLACE(type) (( type == LDAP_PSEARCH_BY_DELETE ) || \ + ( type == LDAP_PSEARCH_BY_SCOPEOUT )) +#define IS_BDB_LCUP_REPLACE(proto,type) (( proto == LDAP_CLIENT_UPDATE ) && IS_BDB_REPLACE(type) ) + +#define IS_PSEARCH (op != sop) + int -bdb_search( - BackendDB *be, - Connection *conn, - Operation *op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int slimit, - int tlimit, - Filter *filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly ) +bdb_abandon( Operation *op, SlapReply *rs ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; - int rc; - const char *text = NULL; + Operation *ps_list; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; + + LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + if ( ps_list->o_connid == op->o_connid ) { + if ( ps_list->o_msgid == op->oq_abandon.rs_msgid ) { + ps_list->o_abandon = 1; + LDAP_LIST_REMOVE( ps_list, o_ps_link ); + slap_op_free ( ps_list ); + return LDAP_SUCCESS; + } + } + } + return LDAP_UNAVAILABLE; +} + +int +bdb_cancel( Operation *op, SlapReply *rs ) +{ + Operation *ps_list; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; + + LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) { + if ( ps_list->o_connid == op->o_connid ) { + if ( ps_list->o_msgid == op->oq_cancel.rs_msgid ) { + ps_list->o_cancel = SLAP_CANCEL_DONE; + LDAP_LIST_REMOVE( ps_list, o_ps_link ); + +#if 0 + bdb_build_sync_done_ctrl( conn, ps_list, ps_list->ctrls, 1, &latest_entrycsn_bv ); + send_search_result( conn, ps_list, LDAP_CANCELLED, + NULL, NULL, NULL, ps_list->ctrls, ps_list->nentries); +#endif + rs->sr_err = LDAP_CANCELLED; + rs->sr_nentries = 0; + send_search_result( ps_list, rs ); + + slap_op_free ( ps_list ); + return LDAP_SUCCESS; + } + } + } + return LDAP_UNAVAILABLE; +} + +int bdb_search( Operation *op, SlapReply *rs ) +{ + return bdb_do_search( op, rs, op, NULL, 0 ); +} + +/* For persistent searches, op is the currently executing operation, + * sop is the persistent search. For regular searches, sop = op. + */ +int +bdb_do_search( Operation *op, SlapReply *rs, Operation *sop, Entry *ps_e, int ps_type ) +#else +int bdb_search( Operation *op, SlapReply *rs ) +#define sop op +#define IS_PSEARCH 0 +#endif +{ + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; time_t stoptime; ID id, cursor; ID candidates[BDB_IDL_UM_SIZE]; Entry *e = NULL; - BerVarray v2refs = NULL; Entry *matched = NULL; struct berval realbase = { 0, NULL }; - int nentries = 0; int manageDSAit; - int tentries = 0; + int nentries = 0, tentries = 0; ID lastid = NOID; + AttributeName *attrs; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) Filter cookief, csnfnot, csnfeq, csnfand, csnfge; AttributeAssertion aa_ge, aa_eq; int entry_count = 0; + struct berval entrycsn_bv = { 0, NULL }; struct berval latest_entrycsn_bv = { 0, NULL }; LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS]; int num_ctrls = 0; -#endif - + AttributeName uuid_attr[2]; #ifdef LDAP_SYNC int rc_sync = 0; int entry_sync_state = -1; AttributeName null_attr; #endif - +#endif struct slap_limits_set *limit = NULL; int isroot = 0; @@ -91,23 +139,22 @@ bdb_search( Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n", 0, 0, 0); #endif + attrs = sop->oq_search.rs_attrs; +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) #ifdef LDAP_CLIENT_UPDATE - if ( op->o_clientupdate_type & SLAP_LCUP_PERSIST ) { - bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit, - tlimit, filter, filterstr, attrs, attrsonly, LDAP_CLIENT_UPDATE ); + if ( !IS_PSEARCH && sop->o_clientupdate_type & SLAP_LCUP_PERSIST ) { + sop->o_ps_protocol = LDAP_CLIENT_UPDATE; + LDAP_LIST_INSERT_HEAD( &bdb->bi_psearch_list, sop, o_ps_link ); return LDAP_SUCCESS; } #endif -#if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC) - else -#endif #ifdef LDAP_SYNC /* psearch needs to be registered before refresh begins */ /* psearch and refresh transmission is serialized in send_ldap_ber() */ - if ( op->o_sync_mode & SLAP_SYNC_PERSIST ) { - bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit, - tlimit, filter, filterstr, attrs, attrsonly, LDAP_SYNC ); + if ( !IS_PSEARCH && sop->o_sync_mode & SLAP_SYNC_PERSIST ) { + sop->o_ps_protocol = LDAP_SYNC; + LDAP_LIST_INSERT_HEAD( &bdb->bi_psearch_list, sop, o_ps_link ); } null_attr.an_desc = NULL; null_attr.an_oc = NULL; @@ -115,44 +162,68 @@ bdb_search( null_attr.an_name.bv_val = NULL; #endif -#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ ) ctrls[num_ctrls] = NULL; num_ctrls = 0; -#endif + if ( IS_PSEARCH && IS_BDB_REPLACE(ps_type)) { +#ifdef LDAP_CLIENT_UPDATE + if ( sop->o_ps_protocol == LDAP_CLIENT_UPDATE ) { + attrs = uuid_attr; + attrs[0].an_desc = slap_schema.si_ad_entryUUID; + attrs[0].an_oc = NULL; + attrs[0].an_name = attrs[0].an_desc->ad_cname; + attrs[1].an_desc = NULL; + attrs[1].an_oc = NULL; + attrs[1].an_name.bv_len = 0; + attrs[1].an_name.bv_val = NULL; + } else +#endif +#ifdef LDAP_SYNC + if (sop->o_ps_protocol == LDAP_SYNC ) { + attrs = uuid_attr; + attrs[0].an_desc = NULL; + attrs[0].an_oc = NULL; + attrs[0].an_name.bv_len = 0; + attrs[0].an_name.bv_val = NULL; + } else +#endif + { + rs->sr_err = 1; + goto done; + } + } +#endif + manageDSAit = get_manageDSAit( sop ); - manageDSAit = get_manageDSAit( op ); - - rc = LOCK_ID (bdb->bi_dbenv, &locker ); + rs->sr_err = LOCK_ID (bdb->bi_dbenv, &locker ); - switch(rc) { + switch(rs->sr_err) { case 0: break; default: - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); - return rc; + send_ldap_error( sop, rs, LDAP_OTHER, "internal error" ); + return rs->sr_err; } - if ( nbase->bv_len == 0 ) { + if ( sop->o_req_ndn.bv_len == 0 ) { /* DIT root special case */ e = (Entry *) &slap_entry_root; - rc = 0; + rs->sr_err = 0; } else #ifdef BDB_ALIASES /* get entry with reader lock */ if ( deref & LDAP_DEREF_FINDING ) { - e = deref_dn_r( be, nbase-, &err, &matched, &text ); + e = deref_dn_r( op->o_bd, &sop->o_req_ndn, &rs->sr_err, &matched, &rs->sr_text ); } else #endif { dn2entry_retry: - rc = bdb_dn2entry_r( be, NULL, nbase, &e, &matched, 0, locker, &lock ); + rs->sr_err = bdb_dn2entry_r( op->o_bd, NULL, &sop->o_req_ndn, &e, &matched, 0, locker, &lock ); } - switch(rc) { + switch(rs->sr_err) { case DB_NOTFOUND: case 0: break; @@ -163,8 +234,7 @@ dn2entry_retry: if (matched != NULL) { bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock); } - send_ldap_result( conn, op, LDAP_BUSY, - NULL, "ldap server busy", NULL, NULL ); + send_ldap_error( sop, rs, LDAP_BUSY, "ldap server busy" ); LOCK_ID_FREE (bdb->bi_dbenv, locker ); return LDAP_BUSY; case DB_LOCK_DEADLOCK: @@ -177,62 +247,66 @@ dn2entry_retry: if (matched != NULL) { bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, matched, &lock); } - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( sop, rs, LDAP_OTHER, "internal error" ); LOCK_ID_FREE (bdb->bi_dbenv, locker ); - return rc; + return rs->sr_err; } if ( e == NULL ) { struct berval matched_dn = { 0, NULL }; - BerVarray refs = NULL; if ( matched != NULL ) { BerVarray erefs; ber_dupbv( &matched_dn, &matched->e_name ); erefs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + ? get_entry_referrals( op, matched ) : NULL; bdb_cache_return_entry_r (bdb->bi_dbenv, &bdb->bi_cache, matched, &lock); matched = NULL; if( erefs ) { - refs = referral_rewrite( erefs, &matched_dn, - base, scope ); + rs->sr_ref = referral_rewrite( erefs, &matched_dn, + &sop->o_req_dn, sop->oq_search.rs_scope ); ber_bvarray_free( erefs ); } } else { - refs = referral_rewrite( default_referral, - NULL, base, scope ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &sop->o_req_dn, sop->oq_search.rs_scope ); } - send_ldap_result( conn, op, rc=LDAP_REFERRAL , - matched_dn.bv_val, text, refs, NULL ); + rs->sr_err=LDAP_REFERRAL; + rs->sr_matched = matched_dn.bv_val; + send_ldap_result( sop, rs ); LOCK_ID_FREE (bdb->bi_dbenv, locker ); - if ( refs ) ber_bvarray_free( refs ); - if ( matched_dn.bv_val ) ber_memfree( matched_dn.bv_val ); - return rc; + if ( rs->sr_ref ) { + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; + } + if ( matched_dn.bv_val ) { + ber_memfree( matched_dn.bv_val ); + rs->sr_matched = NULL; + } + return rs->sr_err; } if (!manageDSAit && e != &slap_entry_root && is_entry_referral( e ) ) { /* entry is a referral, don't allow add */ struct berval matched_dn; - BerVarray erefs, refs; + BerVarray erefs; ber_dupbv( &matched_dn, &e->e_name ); - erefs = get_entry_referrals( be, conn, op, e ); - refs = NULL; + erefs = get_entry_referrals( op, e ); bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock ); e = NULL; if( erefs ) { - refs = referral_rewrite( erefs, &matched_dn, - base, scope ); + rs->sr_ref = referral_rewrite( erefs, &matched_dn, + &sop->o_req_dn, sop->oq_search.rs_scope ); ber_bvarray_free( erefs ); } @@ -244,22 +318,24 @@ dn2entry_retry: 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn.bv_val, - refs ? NULL : "bad referral object", - refs, NULL ); + if (!rs->sr_ref) rs->sr_text = "bad_referral object"; + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = matched_dn.bv_val; + send_ldap_result( sop, rs ); LOCK_ID_FREE (bdb->bi_dbenv, locker ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; ber_memfree( matched_dn.bv_val ); + rs->sr_matched = NULL; return 1; } /* if not root, get appropriate limits */ - if ( be_isroot( be, &op->o_ndn ) ) { + if ( be_isroot( op->o_bd, &sop->o_ndn ) ) { isroot = 1; } else { - ( void ) get_limits( be, &op->o_ndn, &limit ); + ( void ) get_limits( op->o_bd, &sop->o_ndn, &limit ); } /* The time/size limits come first because they require very little @@ -268,33 +344,32 @@ dn2entry_retry: /* if no time limit requested, use soft limit (unless root!) */ if ( isroot ) { - if ( tlimit == 0 ) { - tlimit = -1; /* allow root to set no limit */ + if ( sop->oq_search.rs_tlimit == 0 ) { + sop->oq_search.rs_tlimit = -1; /* allow root to set no limit */ } - if ( slimit == 0 ) { - slimit = -1; + if ( sop->oq_search.rs_slimit == 0 ) { + sop->oq_search.rs_slimit = -1; } } else { /* if no limit is required, use soft limit */ - if ( tlimit <= 0 ) { - tlimit = limit->lms_t_soft; + if ( sop->oq_search.rs_tlimit <= 0 ) { + sop->oq_search.rs_tlimit = limit->lms_t_soft; /* if requested limit higher than hard limit, abort */ - } else if ( tlimit > limit->lms_t_hard ) { + } else if ( sop->oq_search.rs_tlimit > limit->lms_t_hard ) { /* no hard limit means use soft instead */ if ( limit->lms_t_hard == 0 && limit->lms_t_soft > -1 - && tlimit > limit->lms_t_soft ) { - tlimit = limit->lms_t_soft; + && sop->oq_search.rs_tlimit > limit->lms_t_soft ) { + sop->oq_search.rs_tlimit = limit->lms_t_soft; /* positive hard limit means abort */ } else if ( limit->lms_t_hard > 0 ) { - send_search_result( conn, op, - LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL, 0 ); - rc = 0; + rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; + send_search_result( sop, rs ); + rs->sr_err = 0; goto done; } @@ -302,27 +377,26 @@ dn2entry_retry: } /* if no limit is required, use soft limit */ - if ( slimit <= 0 ) { - if ( get_pagedresults(op) && limit->lms_s_pr != 0 ) { - slimit = limit->lms_s_pr; + if ( sop->oq_search.rs_slimit <= 0 ) { + if ( get_pagedresults(sop) && limit->lms_s_pr != 0 ) { + sop->oq_search.rs_slimit = limit->lms_s_pr; } else { - slimit = limit->lms_s_soft; + sop->oq_search.rs_slimit = limit->lms_s_soft; } /* if requested limit higher than hard limit, abort */ - } else if ( slimit > limit->lms_s_hard ) { + } else if ( sop->oq_search.rs_slimit > limit->lms_s_hard ) { /* no hard limit means use soft instead */ if ( limit->lms_s_hard == 0 && limit->lms_s_soft > -1 - && slimit > limit->lms_s_soft ) { - slimit = limit->lms_s_soft; + && sop->oq_search.rs_slimit > limit->lms_s_soft ) { + sop->oq_search.rs_slimit = limit->lms_s_soft; /* positive hard limit means abort */ } else if ( limit->lms_s_hard > 0 ) { - send_search_result( conn, op, - LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL, 0 ); - rc = 0; + rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; + send_search_result( sop, rs ); + rs->sr_err = 0; goto done; } @@ -331,21 +405,39 @@ dn2entry_retry: } /* compute it anyway; root does not use it */ - stoptime = op->o_time + tlimit; + stoptime = op->o_time + sop->oq_search.rs_tlimit; /* select candidates */ - if ( scope == LDAP_SCOPE_BASE ) { - rc = base_candidate( be, e, candidates ); + if ( sop->oq_search.rs_scope == LDAP_SCOPE_BASE ) { + rs->sr_err = base_candidate( op->o_bd, e, candidates ); } else { BDB_IDL_ALL( bdb, candidates ); - rc = search_candidates( be, op, e, filter, - scope, deref, candidates ); + rs->sr_err = search_candidates( sop, op, e, candidates ); } /* start cursor at beginning of candidates. */ cursor = 0; +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) + if (IS_PSEARCH) { + if ( !BDB_IDL_IS_RANGE( candidates ) ) { + cursor = bdb_idl_search( candidates, ps_e->e_id ); + if ( candidates[cursor] != ps_e->e_id ) { + rs->sr_err = LDAP_SUCCESS; + goto done; + } + } else { + if ( ps_e->e_id < BDB_IDL_RANGE_FIRST(candidates) + || ps_e->e_id > BDB_IDL_RANGE_LAST(candidates)){ + rs->sr_err = LDAP_SUCCESS; + goto done; + } + } + candidates[0] = 1; + candidates[1] = ps_e->e_id; + } +#endif /* need normalized dn below */ ber_dupbv( &realbase, &e->e_nname ); @@ -364,21 +456,18 @@ dn2entry_retry: 0, 0, 0 ); #endif - send_search_result( conn, op, - LDAP_SUCCESS, - NULL, NULL, NULL, NULL, 0 ); - - rc = 1; + rs->sr_err = LDAP_SUCCESS; + send_search_result( sop, rs ); + rs->sr_err = 1; goto done; } /* if not root and candidates exceed to-be-checked entries, abort */ if ( !isroot && limit->lms_s_unchecked != -1 ) { if ( BDB_IDL_N(candidates) > (unsigned) limit->lms_s_unchecked ) { - send_search_result( conn, op, - LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL, 0 ); - rc = 1; + rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; + send_search_result( sop, rs ); + rs->sr_err = 1; goto done; } } @@ -388,18 +477,18 @@ dn2entry_retry: } #ifdef LDAP_CONTROL_PAGEDRESULTS - if ( get_pagedresults(op) ) { - if ( op->o_pagedresults_state.ps_cookie == 0 ) { + if ( get_pagedresults(sop) ) { + if ( sop->o_pagedresults_state.ps_cookie == 0 ) { id = 0; } else { - if ( op->o_pagedresults_size == 0 ) { - send_search_result( conn, op, LDAP_SUCCESS, - NULL, "search abandoned by pagedResult size=0", - NULL, NULL, 0); + if ( sop->o_pagedresults_size == 0 ) { + rs->sr_err = LDAP_SUCCESS; + rs->sr_text = "search abandoned by pagedResult size=0"; + send_search_result( sop, rs ); goto done; } for ( id = bdb_idl_first( candidates, &cursor ); - id != NOID && id <= (ID)( op->o_pagedresults_state.ps_cookie ); + id != NOID && id <= (ID)( sop->o_pagedresults_state.ps_cookie ); id = bdb_idl_next( candidates, &cursor ) ); } if ( cursor == NOID ) { @@ -412,9 +501,10 @@ dn2entry_retry: "bdb_search: no paged results candidates\n", 0, 0, 0 ); #endif - send_pagerequest_response( conn, op, lastid, 0, 0 ); + rs->sr_nentries = nentries; + send_pagerequest_response( sop, rs, lastid, 0 ); - rc = 1; + rs->sr_err = 1; goto done; } goto loop_begin; @@ -422,7 +512,8 @@ dn2entry_retry: #endif #ifdef LDAP_CLIENT_UPDATE - if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) { + if ( (sop->o_clientupdate_type & SLAP_LCUP_SYNC) || + (IS_PSEARCH && sop->o_ps_protocol == LDAP_CLIENT_UPDATE )) { cookief.f_choice = LDAP_FILTER_AND; cookief.f_and = &csnfnot; cookief.f_next = NULL; @@ -434,7 +525,7 @@ dn2entry_retry: csnfeq.f_choice = LDAP_FILTER_EQUALITY; csnfeq.f_ava = &aa_eq; csnfeq.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfeq.f_av_value, &op->o_clientupdate_state ); + csnfeq.f_av_value = sop->o_clientupdate_state; csnfand.f_choice = LDAP_FILTER_AND; csnfand.f_and = &csnfge; @@ -443,15 +534,16 @@ dn2entry_retry: csnfge.f_choice = LDAP_FILTER_GE; csnfge.f_ava = &aa_ge; csnfge.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfge.f_av_value, &op->o_clientupdate_state ); - csnfge.f_next = filter; + csnfge.f_av_value = sop->o_clientupdate_state; + csnfge.f_next = sop->oq_search.rs_filter; } #endif #if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC) else #endif #ifdef LDAP_SYNC - if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) { + if ( (sop->o_sync_mode & SLAP_SYNC_REFRESH) || + ( IS_PSEARCH && sop->o_ps_protocol == LDAP_SYNC )) { cookief.f_choice = LDAP_FILTER_AND; cookief.f_and = &csnfnot; cookief.f_next = NULL; @@ -463,7 +555,7 @@ dn2entry_retry: csnfeq.f_choice = LDAP_FILTER_EQUALITY; csnfeq.f_ava = &aa_eq; csnfeq.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfeq.f_av_value, &op->o_sync_state ); + csnfeq.f_av_value = sop->o_sync_state; csnfand.f_choice = LDAP_FILTER_AND; csnfand.f_and = &csnfge; @@ -472,8 +564,8 @@ dn2entry_retry: csnfge.f_choice = LDAP_FILTER_GE; csnfge.f_ava = &aa_ge; csnfge.f_av_desc = slap_schema.si_ad_entryCSN; - ber_dupbv( &csnfge.f_av_value, &op->o_sync_state ); - csnfge.f_next = filter; + csnfge.f_av_value = sop->o_sync_state; + csnfge.f_next = op->oq_search.rs_filter; } #endif @@ -486,86 +578,99 @@ dn2entry_retry: loop_begin: /* check for abandon */ - if ( op->o_abandon ) { - rc = 0; + if ( sop->o_abandon ) { + rs->sr_err = 0; goto done; } #ifdef LDAP_EXOP_X_CANCEL - if ( op->o_cancel ) { - assert( op->o_cancel == SLAP_CANCEL_REQ ); - rc = 0; - send_search_result( conn, op, LDAP_CANCELLED, - NULL, NULL, NULL, NULL, 0 ); - op->o_cancel = SLAP_CANCEL_ACK; + if ( sop->o_cancel ) { + assert( sop->o_cancel == SLAP_CANCEL_REQ ); + rs->sr_err = LDAP_CANCELLED; + rs->sr_nentries = nentries; + send_search_result( sop, rs ); + sop->o_cancel = SLAP_CANCEL_ACK; + rs->sr_err = 0; goto done; } #endif /* check time limit */ - if ( tlimit != -1 && slap_get_time() > stoptime ) { - send_search_result( conn, op, rc = LDAP_TIMELIMIT_EXCEEDED, - NULL, NULL, v2refs, NULL, nentries ); + if ( sop->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) { + rs->sr_err = LDAP_TIMELIMIT_EXCEEDED; + rs->sr_ref = rs->sr_v2ref; + rs->sr_nentries = nentries; + send_search_result( sop, rs ); goto done; } + +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) + if (!IS_PSEARCH) { +#endif id2entry_retry: - /* get the entry with reader lock */ - rc = bdb_id2entry_r( be, NULL, id, &e, locker, &lock ); + /* get the entry with reader lock */ + rs->sr_err = bdb_id2entry_r( op->o_bd, NULL, id, &e, locker, &lock ); - if (rc == LDAP_BUSY) { - send_ldap_result( conn, op, rc=LDAP_BUSY, - NULL, "ldap server busy", NULL, NULL ); - goto done; + if (rs->sr_err == LDAP_BUSY) { + rs->sr_text = "ldap server busy"; + send_ldap_result( sop, rs ); + goto done; - } else if ( rc == DB_LOCK_DEADLOCK || rc == DB_LOCK_NOTGRANTED ) { - goto id2entry_retry; - } + } else if ( rs->sr_err == DB_LOCK_DEADLOCK || rs->sr_err == DB_LOCK_NOTGRANTED ) { + goto id2entry_retry; + } - if ( e == NULL ) { - if( !BDB_IDL_IS_RANGE(candidates) ) { - /* only complain for non-range IDLs */ + if ( e == NULL ) { + if( !BDB_IDL_IS_RANGE(candidates) ) { + /* only complain for non-range IDLs */ #ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, RESULTS, - "bdb_search: candidate %ld not found\n", (long) id, 0, 0); + LDAP_LOG ( OPERATION, RESULTS, + "bdb_search: candidate %ld not found\n", (long) id, 0, 0); #else - Debug( LDAP_DEBUG_TRACE, - "bdb_search: candidate %ld not found\n", - (long) id, 0, 0 ); + Debug( LDAP_DEBUG_TRACE, + "bdb_search: candidate %ld not found\n", + (long) id, 0, 0 ); #endif - } + } - goto loop_continue; + goto loop_continue; + } +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) + } else { + e = ps_e; } +#endif + rs->sr_entry = e; #ifdef BDB_SUBENTRIES if ( is_entry_subentry( e ) ) { - if( scope != LDAP_SCOPE_BASE ) { - if(!get_subentries_visibility( op )) { + if( sop->oq_search.rs_scope != LDAP_SCOPE_BASE ) { + if(!get_subentries_visibility( sop )) { /* only subentries are visible */ goto loop_continue; } - } else if ( get_subentries( op ) && - !get_subentries_visibility( op )) + } else if ( get_subentries( sop ) && + !get_subentries_visibility( sop )) { /* only subentries are visible */ goto loop_continue; } - } else if ( get_subentries_visibility( op )) { + } else if ( get_subentries_visibility( sop )) { /* only subentries are visible */ goto loop_continue; } #endif #ifdef BDB_ALIASES - if ( deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) { + if ( sop->oq_search.rs_deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) { Entry *matched; int err; const char *text; - e = deref_entry_r( be, e, &err, &matched, &text ); + e = deref_entry_r( op->o_bd, e, &rs->sr_err, &matched, &rs->sr_text ); if( e == NULL ) { e = matched; @@ -578,7 +683,7 @@ id2entry_retry: } /* need to skip alias which deref into scope */ - if( scope & LDAP_SCOPE_ONELEVEL ) { + if( sop->oq_search.rs_scope & LDAP_SCOPE_ONELEVEL ) { struct berval pdn; dnParent( &e->e_nname, &pdn ): @@ -608,21 +713,21 @@ id2entry_retry: * this for non-base searches, and don't check the filter * explicitly here since it's only a candidate anyway. */ - if ( !manageDSAit && scope != LDAP_SCOPE_BASE && + if ( !manageDSAit && sop->oq_search.rs_scope != LDAP_SCOPE_BASE && is_entry_referral( e ) ) { struct berval dn; /* check scope */ - if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) { - if ( !be_issuffix( be, &e->e_nname ) ) { + if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) { + if ( !be_issuffix( op->o_bd, &e->e_nname ) ) { dnParent( &e->e_nname, &dn ); scopeok = dn_match( &dn, &realbase ); } else { scopeok = (realbase.bv_len == 0); } - } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) { + } else if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) { scopeok = dnIsSuffix( &e->e_nname, &realbase ); } else { @@ -630,18 +735,18 @@ id2entry_retry: } if( scopeok ) { - BerVarray erefs = get_entry_referrals( - be, conn, op, e ); - BerVarray refs = referral_rewrite( erefs, + BerVarray erefs = get_entry_referrals( sop, e ); + rs->sr_ref = referral_rewrite( erefs, &e->e_name, NULL, - scope == LDAP_SCOPE_SUBTREE + sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE ); - send_search_reference( be, conn, op, - e, refs, NULL, &v2refs ); + send_search_reference( sop, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); + ber_bvarray_free( erefs ); + rs->sr_ref = NULL; } else { #ifdef NEW_LOGGING @@ -659,41 +764,53 @@ id2entry_retry: } /* if it matches the filter and scope, send it */ +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) + if (IS_PSEARCH) { + if (ps_type != LDAP_PSEARCH_BY_SCOPEOUT) { + rs->sr_err = test_filter( sop, rs->sr_entry, &cookief ); + } else { + rs->sr_err = LDAP_COMPARE_TRUE; + } + } else { #ifdef LDAP_CLIENT_UPDATE - if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) { - rc = test_filter( be, conn, op, e, &cookief ); - } else + if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) { + rs->sr_err = test_filter( sop, rs->sr_entry, &cookief ); + } else #endif #ifdef LDAP_SYNC - if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) { - rc_sync = test_filter( be, conn, op, e, &cookief ); - rc = test_filter( be, conn, op, e, filter ); - if ( rc == LDAP_COMPARE_TRUE ) { - if ( rc_sync == LDAP_COMPARE_TRUE ) { - entry_sync_state = LDAP_SYNC_ADD; - } else { - entry_sync_state = LDAP_SYNC_PRESENT; + if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) { + rc_sync = test_filter( sop, rs->sr_entry, &cookief ); + rs->sr_err = test_filter( sop, rs->sr_entry, sop->oq_search.rs_filter ); + if ( rs->sr_err == LDAP_COMPARE_TRUE ) { + if ( rc_sync == LDAP_COMPARE_TRUE ) { + entry_sync_state = LDAP_SYNC_ADD; + } else { + entry_sync_state = LDAP_SYNC_PRESENT; + } } - } - } else + } else #endif - { - rc = test_filter( be, conn, op, e, filter ); +#endif + { + rs->sr_err = test_filter( sop, rs->sr_entry, sop->oq_search.rs_filter ); + } +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) } +#endif - if ( rc == LDAP_COMPARE_TRUE ) { + if ( rs->sr_err == LDAP_COMPARE_TRUE ) { struct berval dn; /* check scope */ - if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) { - if ( be_issuffix( be, &e->e_nname ) ) { + if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) { + if ( be_issuffix( op->o_bd, &e->e_nname ) ) { scopeok = (realbase.bv_len == 0); } else { dnParent( &e->e_nname, &dn ); scopeok = dn_match( &dn, &realbase ); } - } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) { + } else if ( !scopeok && sop->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) { scopeok = dnIsSuffix( &e->e_nname, &realbase ); } else { @@ -702,21 +819,27 @@ id2entry_retry: if ( scopeok ) { /* check size limit */ - if ( --slimit == -1 ) { + if ( --sop->oq_search.rs_slimit == -1 ) { +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) + if (!IS_PSEARCH) +#endif bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock ); e = NULL; - send_search_result( conn, op, - rc = LDAP_SIZELIMIT_EXCEEDED, NULL, NULL, - v2refs, NULL, nentries ); + rs->sr_entry = NULL; + rs->sr_err = LDAP_SIZELIMIT_EXCEEDED; + rs->sr_ref = rs->sr_v2ref; + rs->sr_nentries = nentries; + send_search_result( sop, rs ); goto done; } #ifdef LDAP_CONTROL_PAGEDRESULTS - if ( get_pagedresults(op) ) { - if ( nentries >= op->o_pagedresults_size ) { - send_pagerequest_response( conn, op, - lastid, nentries, tentries ); + if ( get_pagedresults(sop) ) { + if ( nentries >= sop->o_pagedresults_size ) { + rs->sr_nentries = nentries; + send_pagerequest_response( sop, rs, + lastid, tentries ); goto done; } lastid = id; @@ -731,47 +854,149 @@ id2entry_retry: result = 0; } else #endif - { +#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) + if (IS_PSEARCH) { +#ifdef LDAP_SYNC + int premodify_found = 0; + int entry_sync_state; +#endif + + if ( ps_type == LDAP_PSEARCH_BY_ADD || + ps_type == LDAP_PSEARCH_BY_DELETE || + ps_type == LDAP_PSEARCH_BY_MODIFY || + ps_type == LDAP_PSEARCH_BY_SCOPEOUT ) + { + if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) { + struct psid_entry* psid_e; + LDAP_LIST_FOREACH( psid_e, &op->o_pm_list, ps_link) + { + if( psid_e->ps_op == sop ) + { +#ifdef LDAP_SYNC + premodify_found = 1; +#endif + LDAP_LIST_REMOVE(psid_e, ps_link); + break; + } + } + if (psid_e != NULL) free (psid_e); + } +#ifdef LDAP_SYNC + if ( ps_type == LDAP_PSEARCH_BY_ADD ) + entry_sync_state = LDAP_SYNC_ADD; + else if ( ps_type == LDAP_PSEARCH_BY_DELETE ) + entry_sync_state = LDAP_SYNC_DELETE; + else if ( ps_type == LDAP_PSEARCH_BY_MODIFY ) { + if ( premodify_found ) + entry_sync_state = LDAP_SYNC_MODIFY; + else + entry_sync_state = LDAP_SYNC_ADD; + } else if ( ps_type == LDAP_PSEARCH_BY_SCOPEOUT ) + entry_sync_state = LDAP_SYNC_DELETE; + else { + rs->sr_err = 1; + goto done; + } +#endif + +#ifdef LDAP_CLIENT_UPDATE + if ( sop->o_ps_protocol == LDAP_CLIENT_UPDATE ) { + int entry_count = ++sop->o_ps_entries; + if ( IS_BDB_REPLACE(ps_type) ) { + rs->sr_err = bdb_build_lcup_update_ctrl( sop, rs, e, entry_count, ctrls, + num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_TRUE ); + } else { + rs->sr_err = bdb_build_lcup_update_ctrl( sop, rs, e, entry_count, ctrls, + num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_FALSE ); + } + if ( rs->sr_err != LDAP_SUCCESS ) + goto done; + rs->sr_attrs = attrs; + rs->sr_ctrls = ctrls; + result = send_search_entry( sop, rs ); + if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) + ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val ); + ch_free( ctrls[--num_ctrls] ); + ctrls[num_ctrls] = NULL; + rs->sr_ctrls = NULL; + } else +#endif +#ifdef LDAP_SYNC + if ( sop->o_ps_protocol == LDAP_SYNC ) { + rs->sr_err = bdb_build_sync_state_ctrl( sop, rs, e, entry_sync_state, ctrls, + num_ctrls++, 1, &latest_entrycsn_bv ); + if ( rs->sr_err != LDAP_SUCCESS ) + goto done; + rs->sr_attrs = attrs; + rs->sr_ctrls = ctrls; + result = send_search_entry( sop, rs ); + if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) + ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val ); + ch_free( ctrls[--num_ctrls] ); + ctrls[num_ctrls] = NULL; + rs->sr_ctrls = NULL; + } else +#endif + { + rs->sr_err = 1; + goto done; + } + + } else if ( ps_type == LDAP_PSEARCH_BY_PREMODIFY ) { + struct psid_entry* psid_e; + psid_e = (struct psid_entry *) calloc (1, + sizeof(struct psid_entry)); + psid_e->ps_op = sop; + LDAP_LIST_INSERT_HEAD( &op->o_pm_list, psid_e, ps_link ); + + } else { + printf("Error !\n"); + } + } else { #ifdef LDAP_CLIENT_UPDATE - if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) { - rc = bdb_build_lcup_update_ctrl( conn, op, e, ++entry_count, ctrls, + if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) { + rs->sr_err = bdb_build_lcup_update_ctrl( sop, rs, e, ++entry_count, ctrls, num_ctrls++, &latest_entrycsn_bv, SLAP_LCUP_ENTRY_DELETED_FALSE ); - if ( rc != LDAP_SUCCESS ) + if ( rs->sr_err != LDAP_SUCCESS ) goto done; - result = send_search_entry( be, conn, op, - e, attrs, attrsonly, ctrls); + rs->sr_ctrls = ctrls; + rs->sr_attrs = sop->oq_search.rs_attrs; + result = send_search_entry( sop, rs ); if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val ); ch_free( ctrls[--num_ctrls] ); ctrls[num_ctrls] = NULL; + rs->sr_ctrls = NULL; } else #endif #ifdef LDAP_SYNC - if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) { - rc = bdb_build_sync_state_ctrl( conn, op, e, entry_sync_state, ctrls, + if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) { + rs->sr_err = bdb_build_sync_state_ctrl( sop, rs, e, entry_sync_state, ctrls, num_ctrls++, 0, &latest_entrycsn_bv ); - if ( rc != LDAP_SUCCESS ) + if ( rs->sr_err != LDAP_SUCCESS ) goto done; + rs->sr_ctrls = ctrls; if ( rc_sync == LDAP_COMPARE_TRUE ) { /* ADD */ - result = send_search_entry( be, conn, op, - e, attrs, attrsonly, ctrls); + rs->sr_attrs = sop->oq_search.rs_attrs; } else { /* PRESENT */ - result = send_search_entry( be, conn, op, - e, &null_attr, attrsonly, ctrls); + rs->sr_attrs = &null_attr; } + result = send_search_entry( sop, rs ); if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val ); ch_free( ctrls[--num_ctrls] ); ctrls[num_ctrls] = NULL; + rs->sr_ctrls = NULL; } else #endif - +#endif { - result = send_search_entry( be, conn, op, - e, attrs, attrsonly, NULL); + rs->sr_attrs = sop->oq_search.rs_attrs; + rs->sr_ctrls = NULL; + result = send_search_entry( sop, rs ); } } @@ -782,10 +1007,12 @@ id2entry_retry: case 1: /* entry not sent */ break; case -1: /* connection closed */ + if (!IS_PSEARCH) bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, e, &lock); e = NULL; - rc = LDAP_OTHER; + rs->sr_entry = NULL; + rs->sr_err = LDAP_OTHER; goto done; } } @@ -813,21 +1040,26 @@ id2entry_retry: loop_continue: if( e != NULL ) { /* free reader lock */ + if (!IS_PSEARCH) bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e , &lock); e = NULL; + rs->sr_entry = NULL; } ldap_pvt_thread_yield(); } + if (!IS_PSEARCH) { #ifdef LDAP_CLIENT_UPDATE - if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) { - bdb_build_lcup_done_ctrl( conn, op, ctrls, num_ctrls++, &latest_entrycsn_bv ); + if ( sop->o_clientupdate_type & SLAP_LCUP_SYNC ) { + bdb_build_lcup_done_ctrl( sop, rs, ctrls, num_ctrls++, &latest_entrycsn_bv ); - send_search_result( conn, op, - v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL, - NULL, NULL, v2refs, ctrls, nentries ); + rs->sr_ctrls = ctrls; + rs->sr_ref = rs->sr_v2ref; + rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL; + rs->sr_nentries = nentries; + send_search_result( sop, rs ); ch_free( latest_entrycsn_bv.bv_val ); latest_entrycsn_bv.bv_val = NULL; @@ -839,18 +1071,22 @@ loop_continue: } else #endif #ifdef LDAP_SYNC - if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) { - if ( op->o_sync_mode & SLAP_SYNC_PERSIST ) { + if ( sop->o_sync_mode & SLAP_SYNC_REFRESH ) { + if ( sop->o_sync_mode & SLAP_SYNC_PERSIST ) { /* refreshAndPersist mode */ - bdb_send_ldap_intermediate( conn, op, - LDAP_SUCCESS, NULL, NULL, NULL, LDAP_SYNC_INFO, - LDAP_SYNC_REFRESH_DONE, &latest_entrycsn_bv, NULL ); + rs->sr_err = LDAP_SUCCESS; + rs->sr_rspoid = LDAP_SYNC_INFO; + rs->sr_ctrls = NULL; + bdb_send_ldap_intermediate( sop, rs, + LDAP_SYNC_REFRESH_DONE, &latest_entrycsn_bv ); } else { /* refreshOnly mode */ - bdb_build_sync_done_ctrl( conn, op, ctrls, num_ctrls++, 1, &latest_entrycsn_bv ); - send_search_result( conn, op, - v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL, - NULL, NULL, v2refs, ctrls, nentries ); + bdb_build_sync_done_ctrl( sop, rs, ctrls, num_ctrls++, 1, &latest_entrycsn_bv ); + rs->sr_ctrls = ctrls; + rs->sr_ref = rs->sr_v2ref; + rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL; + rs->sr_nentries = nentries; + send_search_result( sop, rs ); if ( ctrls[num_ctrls-1]->ldctl_value.bv_val != NULL ) ch_free( ctrls[num_ctrls-1]->ldctl_value.bv_val ); ch_free( ctrls[--num_ctrls] ); @@ -862,51 +1098,31 @@ loop_continue: } else #endif { - send_search_result( conn, op, - v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL, - NULL, NULL, v2refs, NULL, nentries ); + rs->sr_ctrls = NULL; + rs->sr_ref = rs->sr_v2ref; + rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL; + rs->sr_nentries = nentries; + send_search_result( sop, rs ); + } } - rc = 0; + rs->sr_err = LDAP_SUCCESS; done: - if( e != NULL ) { + if( !IS_PSEARCH && e != NULL ) { /* free reader lock */ bdb_cache_return_entry_r ( bdb->bi_dbenv, &bdb->bi_cache, e, &lock ); } -#ifdef LDAP_CLIENT_UPDATE - if ( op->o_clientupdate_type & SLAP_LCUP_SYNC ) { - if ( csnfeq.f_ava != NULL && csnfeq.f_av_value.bv_val != NULL ) { - ch_free( csnfeq.f_av_value.bv_val ); - } - - if ( csnfge.f_ava != NULL && csnfge.f_av_value.bv_val != NULL ) { - ch_free( csnfge.f_av_value.bv_val ); - } - } -#endif -#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - else -#endif -#ifdef LDAP_SYNC - if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) { - if ( csnfeq.f_ava != NULL && csnfeq.f_av_value.bv_val != NULL ) { - ch_free( csnfeq.f_av_value.bv_val ); - } - - if ( csnfge.f_ava != NULL && csnfge.f_av_value.bv_val != NULL ) { - ch_free( csnfge.f_av_value.bv_val ); - } - } -#endif - LOCK_ID_FREE (bdb->bi_dbenv, locker ); - if( v2refs ) ber_bvarray_free( v2refs ); + if( rs->sr_v2ref ) { + ber_bvarray_free( rs->sr_v2ref ); + rs->sr_v2ref = NULL; + } if( realbase.bv_val ) ch_free( realbase.bv_val ); - return rc; + return rs->sr_err; } @@ -968,11 +1184,10 @@ static void search_stack_free( void *key, void *data) } static void *search_stack( - BackendDB *be, Operation *op ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; void *ret = NULL; if ( op->o_threadctx ) { @@ -995,15 +1210,12 @@ static void *search_stack( } static int search_candidates( - BackendDB *be, Operation *op, + Operation *stackop, Entry *e, - Filter *filter, - int scope, - int deref, ID *ids ) { - struct bdb_info *bdb = (struct bdb_info *) be->be_private; + struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; int rc, depth = 1; Filter f, scopef, rf, xf; ID *stack; @@ -1027,21 +1239,21 @@ static int search_candidates( #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ENTRY, "search_candidates: base=\"%s\" (0x%08lx) scope=%d\n", - e->e_dn, (long) e->e_id, scope); + e->e_dn, (long) e->e_id, op->oq_search.rs_scope); #else Debug(LDAP_DEBUG_TRACE, "search_candidates: base=\"%s\" (0x%08lx) scope=%d\n", - e->e_dn, (long) e->e_id, scope ); + e->e_dn, (long) e->e_id, op->oq_search.rs_scope ); #endif - xf.f_or = filter; + xf.f_or = op->oq_search.rs_filter; xf.f_choice = LDAP_FILTER_OR; xf.f_next = NULL; /* If the user's filter uses objectClass=*, * these clauses are redundant. */ - if (!oc_filter(filter, 1, &depth) && !get_subentries_visibility(op) ) { + if (!oc_filter(op->oq_search.rs_filter, 1, &depth) && !get_subentries_visibility(op) ) { if( !get_manageDSAit(op) && !get_domainScope(op) ) { /* match referral objects */ struct berval bv_ref = { sizeof("referral")-1, "referral" }; @@ -1054,7 +1266,7 @@ static int search_candidates( } #ifdef BDB_ALIASES - if( deref & LDAP_DEREF_SEARCHING ) { + if( op->oq_search.rs_deref & LDAP_DEREF_SEARCHING ) { /* match alias objects */ struct berval bv_alias = { sizeof("alias")-1, "alias" }; af.f_choice = LDAP_FILTER_EQUALITY; @@ -1066,17 +1278,17 @@ static int search_candidates( } #endif /* We added one of these clauses, filter depth increased */ - if( xf.f_or != filter ) depth++; + if( xf.f_or != op->oq_search.rs_filter ) depth++; } f.f_next = NULL; f.f_choice = LDAP_FILTER_AND; f.f_and = &scopef; - scopef.f_choice = scope == LDAP_SCOPE_SUBTREE + scopef.f_choice = op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ? SLAPD_FILTER_DN_SUBTREE : SLAPD_FILTER_DN_ONE; scopef.f_dn = &e->e_nname; - scopef.f_next = xf.f_or == filter ? filter : &xf ; + scopef.f_next = xf.f_or == op->oq_search.rs_filter ? op->oq_search.rs_filter : &xf ; /* Filter depth increased again, adding scope clause */ depth++; @@ -1096,10 +1308,10 @@ static int search_candidates( if ( depth+1 > bdb->bi_search_stack_depth ) { stack = ch_malloc( (depth + 1) * BDB_IDL_UM_SIZE * sizeof( ID ) ); } else { - stack = search_stack( be, op ); + stack = search_stack( stackop ); } - rc = bdb_filter_candidates( be, &f, ids, stack, stack+BDB_IDL_UM_SIZE ); + rc = bdb_filter_candidates( op->o_bd, &f, ids, stack, stack+BDB_IDL_UM_SIZE ); if ( depth+1 > bdb->bi_search_stack_depth ) { ch_free( stack ); @@ -1136,10 +1348,9 @@ static int search_candidates( #ifdef LDAP_CONTROL_PAGEDRESULTS static void send_pagerequest_response( - Connection *conn, Operation *op, + SlapReply *rs, ID lastid, - int nentries, int tentries ) { LDAPControl ctrl, *ctrls[2]; @@ -1152,10 +1363,10 @@ send_pagerequest_response( LDAP_LOG ( OPERATION, ENTRY, "send_pagerequest_response: lastid: (0x%08lx) " "nentries: (0x%081x)\n", - lastid, nentries, NULL ); + lastid, rs->sr_nentries, NULL ); #else Debug(LDAP_DEBUG_ARGS, "send_pagerequest_response: lastid: (0x%08lx) " - "nentries: (0x%081x)\n", lastid, nentries, NULL ); + "nentries: (0x%081x)\n", lastid, rs->sr_nentries, NULL ); #endif ctrl.ldctl_value.bv_val = NULL; @@ -1165,7 +1376,7 @@ send_pagerequest_response( ber_init2( ber, NULL, LBER_USE_DER ); respcookie = ( PagedResultsCookie )lastid; - conn->c_pagedresults_state.ps_cookie = respcookie; + op->o_conn->c_pagedresults_state.ps_cookie = respcookie; cookie.bv_len = sizeof( respcookie ); cookie.bv_val = (char *)&respcookie; @@ -1182,9 +1393,9 @@ send_pagerequest_response( ctrls[0]->ldctl_oid = LDAP_CONTROL_PAGEDRESULTS; ctrls[0]->ldctl_iscritical = 0; - send_search_result( conn, op, - LDAP_SUCCESS, - NULL, NULL, NULL, ctrls, nentries ); + rs->sr_ctrls = ctrls; + rs->sr_err = LDAP_SUCCESS; + send_search_result( op, rs ); done: (void) ber_free_buf( ber ); @@ -1194,8 +1405,8 @@ done: #ifdef LDAP_CLIENT_UPDATE int bdb_build_lcup_update_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, Entry *e, int entry_count, LDAPControl **ctrls, @@ -1281,8 +1492,7 @@ bdb_build_lcup_update_ctrl( "bdb_build_lcup_ctrl: ber_flatten2 failed\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); return ret; } @@ -1291,8 +1501,8 @@ bdb_build_lcup_update_ctrl( int bdb_build_lcup_done_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, LDAPControl **ctrls, int num_ctrls, struct berval *latest_entrycsn_bv ) @@ -1322,8 +1532,7 @@ bdb_build_lcup_done_ctrl( Debug( LDAP_DEBUG_TRACE, "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); return ret; } @@ -1334,8 +1543,8 @@ bdb_build_lcup_done_ctrl( #ifdef LDAP_SYNC int bdb_build_sync_state_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, Entry *e, int entry_sync_state, LDAPControl **ctrls, @@ -1418,8 +1627,7 @@ bdb_build_sync_state_ctrl( "bdb_build_sync_ctrl: ber_flatten2 failed\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); return ret; } @@ -1428,8 +1636,8 @@ bdb_build_sync_state_ctrl( int bdb_build_sync_done_ctrl( - Connection *conn, Operation *op, + SlapReply *rs, LDAPControl **ctrls, int num_ctrls, int send_cookie, @@ -1463,8 +1671,7 @@ bdb_build_sync_done_ctrl( Debug( LDAP_DEBUG_TRACE, "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); return ret; } @@ -1473,16 +1680,10 @@ bdb_build_sync_done_ctrl( int bdb_send_ldap_intermediate( - Connection *conn, Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, + SlapReply *rs, int state, - struct berval *cookie, - LDAPControl **ctrls ) + struct berval *cookie ) { char berbuf[LBER_ELEMENT_SIZEOF]; BerElement *ber = (BerElement *)berbuf; @@ -1507,13 +1708,13 @@ bdb_send_ldap_intermediate( Debug( LDAP_DEBUG_TRACE, "bdb_build_lcup_done_ctrl: ber_flatten2 failed\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc=LDAP_OTHER, - NULL, "internal error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); return ret; } - send_ldap_intermediate_resp( conn, op, err, matched, text, refs, rspoid, &rspdata, ctrls ); - + rs->sr_rspdata = &rspdata; + send_ldap_intermediate_resp( op, rs ); + rs->sr_rspdata = NULL; ber_free_buf( ber ); return LDAP_SUCCESS; diff --git a/servers/slapd/back-bdb/tools.c b/servers/slapd/back-bdb/tools.c index 446b9712ba..d95ca4640c 100644 --- a/servers/slapd/back-bdb/tools.c +++ b/servers/slapd/back-bdb/tools.c @@ -274,7 +274,7 @@ ID bdb_tool_entry_put( goto done; } - rc = bdb_index_entry_add( be, tid, e, e->e_attrs ); + rc = bdb_index_entry_add( be, tid, e ); if( rc != 0 ) { snprintf( text->bv_val, text->bv_len, "index_entry_add failed: %s (%d)", @@ -408,7 +408,7 @@ int bdb_tool_entry_reindex( goto done; } - rc = bdb_index_entry_add( be, tid, e, e->e_attrs ); + rc = bdb_index_entry_add( be, tid, e ); done: if( rc == 0 ) { diff --git a/servers/slapd/back-dnssrv/bind.c b/servers/slapd/back-dnssrv/bind.c index 0ead2caa19..76362d2b14 100644 --- a/servers/slapd/back-dnssrv/bind.c +++ b/servers/slapd/back-dnssrv/bind.c @@ -18,40 +18,32 @@ int dnssrv_back_bind( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - int method, - struct berval *cred, - struct berval *edn ) + SlapReply *rs ) { Debug( LDAP_DEBUG_TRACE, "DNSSRV: bind %s (%d)\n", - dn->bv_val == NULL ? "" : dn->bv_val, - method, NULL ); + op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, + op->oq_bind.rb_method, NULL ); - if( method == LDAP_AUTH_SIMPLE && cred != NULL && cred->bv_len ) { + if( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && op->oq_bind.rb_cred.bv_val != NULL && op->oq_bind.rb_cred.bv_len ) { Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu DNSSRV BIND dn=\"%s\" provided passwd\n", op->o_connid, op->o_opid, - dn->bv_val == NULL ? "" : dn->bv_val , 0, 0 ); + op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val , 0, 0 ); Debug( LDAP_DEBUG_TRACE, "DNSSRV: BIND dn=\"%s\" provided cleartext password\n", - dn->bv_val == NULL ? "" : dn->bv_val, 0, 0 ); + op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 ); - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "you shouldn\'t send strangers your password", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "you shouldn\'t send strangers your password" ); } else { Debug( LDAP_DEBUG_TRACE, "DNSSRV: BIND dn=\"%s\"\n", - dn->bv_val == NULL ? "" : dn->bv_val, 0, 0 ); + op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 ); - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "anonymous bind expected", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "anonymous bind expected" ); } return 1; diff --git a/servers/slapd/back-dnssrv/referral.c b/servers/slapd/back-dnssrv/referral.c index aa78cf0bed..b8453f37e8 100644 --- a/servers/slapd/back-dnssrv/referral.c +++ b/servers/slapd/back-dnssrv/referral.c @@ -17,12 +17,8 @@ int dnssrv_back_referrals( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - const char **text ) + SlapReply *rs ) { int i; int rc = LDAP_OTHER; @@ -31,8 +27,8 @@ dnssrv_back_referrals( char **hosts = NULL; BerVarray urls = NULL; - if( ndn->bv_len == 0 ) { - *text = "DNS SRV operation upon null (empty) DN disallowed"; + if( op->o_req_dn.bv_len == 0 ) { + rs->sr_text = "DNS SRV operation upon null (empty) DN disallowed"; return LDAP_UNWILLING_TO_PERFORM; } @@ -41,24 +37,25 @@ dnssrv_back_referrals( return LDAP_SUCCESS; } - *text = "DNS SRV problem processing manageDSAit control"; + rs->sr_text = "DNS SRV problem processing manageDSAit control"; return LDAP_OTHER; } - if( ldap_dn2domain( dn->bv_val, &domain ) || domain == NULL ) { - send_ldap_result( conn, op, LDAP_REFERRAL, - NULL, NULL, default_referral, NULL ); + if( ldap_dn2domain( op->o_req_dn.bv_val, &domain ) || domain == NULL ) { + rs->sr_err = LDAP_REFERRAL; + rs->sr_ref = default_referral; + send_ldap_result( op, rs ); return LDAP_REFERRAL; } Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" -> domain=\"%s\"\n", - dn->bv_val, domain, 0 ); + op->o_req_dn.bv_val, domain, 0 ); if( ( rc = ldap_domain2hostlist( domain, &hostlist ) ) ) { Debug( LDAP_DEBUG_TRACE, "DNSSRV: domain2hostlist(%s) returned %d\n", domain, rc, 0 ); - *text = "no DNS SRV RR available for DN"; + rs->sr_text = "no DNS SRV RR available for DN"; rc = LDAP_NO_SUCH_OBJECT; goto done; } @@ -67,7 +64,7 @@ dnssrv_back_referrals( if( hosts == NULL ) { Debug( LDAP_DEBUG_TRACE, "DNSSRV: str2charrary error\n", 0, 0, 0 ); - *text = "problem processing DNS SRV records for DN"; + rs->sr_text = "problem processing DNS SRV records for DN"; goto done; } @@ -82,7 +79,7 @@ dnssrv_back_referrals( if ( ber_bvarray_add( &urls, &url ) < 0 ) { free( url.bv_val ); - *text = "problem processing DNS SRV records for DN"; + rs->sr_text = "problem processing DNS SRV records for DN"; goto done; } } @@ -90,13 +87,14 @@ dnssrv_back_referrals( Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu DNSSRV p=%d dn=\"%s\" url=\"%s\"\n", op->o_connid, op->o_opid, op->o_protocol, - dn->bv_val, urls[0].bv_val ); + op->o_req_dn.bv_val, urls[0].bv_val ); Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" -> url=\"%s\"\n", - dn->bv_val, urls[0].bv_val, 0 ); + op->o_req_dn.bv_val, urls[0].bv_val, 0 ); - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, "DNS SRV generated referrals", urls, NULL ); + rs->sr_ref = urls; + send_ldap_error( op, rs, LDAP_REFERRAL, + "DNS SRV generated referrals" ); done: if( domain != NULL ) ch_free( domain ); diff --git a/servers/slapd/back-dnssrv/search.c b/servers/slapd/back-dnssrv/search.c index 88f3a0baab..aa6123a994 100644 --- a/servers/slapd/back-dnssrv/search.c +++ b/servers/slapd/back-dnssrv/search.c @@ -19,19 +19,8 @@ int dnssrv_back_search( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - int scope, - int deref, - int size, - int time, - Filter *filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly ) + SlapReply *rs ) { int i; int rc; @@ -44,20 +33,21 @@ dnssrv_back_search( assert( get_manageDSAit( op ) ); - if( ldap_dn2domain( dn->bv_val, &domain ) || domain == NULL ) { - send_ldap_result( conn, op, LDAP_REFERRAL, - NULL, NULL, default_referral, NULL ); + if( ldap_dn2domain( op->o_req_dn.bv_val, &domain ) || domain == NULL ) { + rs->sr_err = LDAP_REFERRAL; + rs->sr_ref = default_referral; + send_ldap_result( op, rs ); goto done; } Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" -> domain=\"%s\"\n", - dn->bv_len ? dn->bv_val : "", domain, 0 ); + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", domain, 0 ); if( ( rc = ldap_domain2hostlist( domain, &hostlist ) ) ) { Debug( LDAP_DEBUG_TRACE, "DNSSRV: domain2hostlist returned %d\n", rc, 0, 0 ); - send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, - NULL, "no DNS SRV RR available for DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, + "no DNS SRV RR available for DN" ); goto done; } @@ -65,8 +55,8 @@ dnssrv_back_search( if( hosts == NULL ) { Debug( LDAP_DEBUG_TRACE, "DNSSRV: str2charrary error\n", 0, 0, 0 ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "problem processing DNS SRV records for DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "problem processing DNS SRV records for DN" ); goto done; } @@ -81,9 +71,8 @@ dnssrv_back_search( if( ber_bvarray_add( &urls, &url ) < 0 ) { free( url.bv_val ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "problem processing DNS SRV records for DN", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "problem processing DNS SRV records for DN" ); goto done; } } @@ -91,20 +80,19 @@ dnssrv_back_search( Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu DNSSRV p=%d dn=\"%s\" url=\"%s\"\n", op->o_connid, op->o_opid, op->o_protocol, - dn->bv_len ? dn->bv_val : "", urls[0].bv_val ); + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", urls[0].bv_val ); Debug( LDAP_DEBUG_TRACE, "DNSSRV: ManageDSAit scope=%d dn=\"%s\" -> url=\"%s\"\n", - scope, - dn->bv_len ? dn->bv_val : "", + op->oq_search.rs_scope, + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", urls[0].bv_val ); rc = ldap_domain2dn(domain, &refdn); if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "DNS SRV problem processing manageDSAit control", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "DNS SRV problem processing manageDSAit control" ); goto done; } else { @@ -114,29 +102,27 @@ dnssrv_back_search( rc = dnNormalize2( NULL, &bv, &nrefdn ); if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "DNS SRV problem processing manageDSAit control", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "DNS SRV problem processing manageDSAit control" ); goto done; } } - if( !dn_match( &nrefdn, ndn ) ) { + if( !dn_match( &nrefdn, &op->o_req_ndn ) ) { /* requested dn is subordinate */ Debug( LDAP_DEBUG_TRACE, - "DNSSRV: dn=\"%s\" subordindate to refdn=\"%s\"\n", - dn->bv_len ? dn->bv_val : "", + "DNSSRV: dn=\"%s\" subordinate to refdn=\"%s\"\n", + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", refdn == NULL ? "" : refdn, NULL ); - send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, - refdn, NULL, - NULL, NULL ); + rs->sr_matched = refdn; + rs->sr_err = LDAP_NO_SUCH_OBJECT; + send_ldap_result( op, rs ); - } else if ( scope == LDAP_SCOPE_ONELEVEL ) { - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + } else if ( op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) { + send_ldap_error( op, rs, LDAP_SUCCESS, NULL ); } else { struct berval vals[2]; @@ -144,10 +130,10 @@ dnssrv_back_search( AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass; AttributeDescription *ad_ref = slap_schema.si_ad_ref; - e->e_dn = strdup( dn->bv_val ); - e->e_name.bv_len = dn->bv_len; - e->e_ndn = strdup( ndn->bv_val ); - e->e_nname.bv_len = ndn->bv_len; + e->e_name.bv_val = strdup( op->o_req_dn.bv_val ); + e->e_name.bv_len = op->o_req_dn.bv_len; + e->e_nname.bv_val = strdup( op->o_req_ndn.bv_val ); + e->e_nname.bv_len = op->o_req_ndn.bv_len; e->e_attrs = NULL; e->e_private = NULL; @@ -204,17 +190,18 @@ dnssrv_back_search( attr_mergeit( e, ad_ref, urls ); - rc = test_filter( be, conn, op, e, filter ); + rc = test_filter( op, e, op->oq_search.rs_filter ); if( rc == LDAP_COMPARE_TRUE ) { - send_search_entry( be, conn, op, - e, attrs, attrsonly, NULL ); + rs->sr_entry = e; + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry( op, rs ); } entry_free( e ); - - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + + rs->sr_err = LDAP_SUCCESS; + send_ldap_result( op, rs ); } if ( refdn ) free( refdn ); diff --git a/servers/slapd/back-ldap/add.c b/servers/slapd/back-ldap/add.c index 4b03b68d58..2f54cef58f 100644 --- a/servers/slapd/back-ldap/add.c +++ b/servers/slapd/back-ldap/add.c @@ -47,13 +47,10 @@ int ldap_back_add( - Backend *be, - Connection *conn, Operation *op, - Entry *e -) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; int i, j; Attribute *a; @@ -63,13 +60,13 @@ ldap_back_add( ber_int_t msgid; #ifdef NEW_LOGGING - LDAP_LOG( BACK_LDAP, ENTRY, "ldap_back_add: %s\n", e->e_dn, 0, 0 ); + LDAP_LOG( BACK_LDAP, ENTRY, "ldap_back_add: %s\n", op->o_req_dn.bv_val, 0, 0 ); #else /* !NEW_LOGGING */ - Debug(LDAP_DEBUG_ARGS, "==> ldap_back_add: %s\n", e->e_dn, 0, 0); + Debug(LDAP_DEBUG_ARGS, "==> ldap_back_add: %s\n", op->o_req_dn.bv_val, 0, 0); #endif /* !NEW_LOGGING */ - lc = ldap_back_getconn(li, conn, op); - if ( !lc || !ldap_back_dobind( li, lc, conn, op ) ) { + lc = ldap_back_getconn(li, op, rs); + if ( !lc || !ldap_back_dobind( li, lc, op, rs ) ) { return( -1 ); } @@ -77,45 +74,45 @@ ldap_back_add( * Rewrite the add dn, if needed */ #ifdef ENABLE_REWRITE - switch (rewrite_session( li->rwinfo, "addDn", e->e_dn, conn, + switch (rewrite_session( li->rwinfo, "addDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val )) { case REWRITE_REGEXEC_OK: if ( mdn.bv_val != NULL && mdn.bv_val[ 0 ] != '\0' ) { mdn.bv_len = strlen( mdn.bv_val ); } else { - mdn = e->e_name; + mdn = op->o_req_ndn; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, - "[rw] addDn: \"%s\" -> \"%s\"\n", e->e_dn, mdn.bv_val, 0 ); + "[rw] addDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> addDn: \"%s\" -> \"%s\"\n%s", - e->e_dn, mdn.bv_val, "" ); + op->o_req_dn.bv_val, mdn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, &e->e_name, &mdn, 0, 1 ); + ldap_back_dn_massage( li, &op->o_req_ndn, &mdn, 0, 1 ); #endif /* !ENABLE_REWRITE */ /* Count number of attributes in entry */ - for (i = 1, a = e->e_attrs; a; i++, a = a->a_next) + for (i = 1, a = op->oq_add.rs_e->e_attrs; a; i++, a = a->a_next) ; /* Create array of LDAPMods for ldap_add() */ attrs = (LDAPMod **)ch_malloc(sizeof(LDAPMod *)*i); - for (i=0, a=e->e_attrs; a; a=a->a_next) { + for (i=0, a=op->oq_add.rs_e->e_attrs; a; a=a->a_next) { /* * lastmod should always be , so that * creation/modification operational attrs @@ -164,7 +161,7 @@ ldap_back_add( * FIXME: rewrite could fail; in this case * the operation should give up, right? */ - (void)ldap_dnattr_rewrite( li->rwinfo, a->a_vals, conn ); + (void)ldap_dnattr_rewrite( li->rwinfo, a->a_vals, op->o_conn ); } #endif /* ENABLE_REWRITE */ @@ -183,11 +180,11 @@ ldap_back_add( ch_free(attrs[i]); } ch_free(attrs); - if ( mdn.bv_val != e->e_dn ) { + if ( mdn.bv_val != op->o_req_dn.bv_val ) { free( mdn.bv_val ); } - return( ldap_back_op_result( li, lc, conn, op, msgid, j, 1 ) ); + return( ldap_back_op_result( li, lc, op, rs, msgid, j, 1 ) ); } #ifdef ENABLE_REWRITE diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h index 68c4e2eeec..7a21585ef8 100644 --- a/servers/slapd/back-ldap/back-ldap.h +++ b/servers/slapd/back-ldap/back-ldap.h @@ -91,12 +91,11 @@ struct ldapinfo { struct ldapmap at_map; }; -struct ldapconn *ldap_back_getconn(struct ldapinfo *li, struct slap_conn *conn, - struct slap_op *op); -int ldap_back_dobind(struct ldapinfo *li, struct ldapconn *lc, Connection *conn, Operation *op); +struct ldapconn *ldap_back_getconn(struct ldapinfo *li, struct slap_op *op, struct slap_rep *rs); +int ldap_back_dobind(struct ldapinfo *li, struct ldapconn *lc, Operation *op, SlapReply *rs); int ldap_back_map_result(int err); int ldap_back_op_result(struct ldapinfo *li, struct ldapconn *lc, - Connection *conn, Operation *op, ber_int_t msgid, int rc, int sendok); + Operation *op, SlapReply *rs, ber_int_t msgid, int rc, int sendok); int back_ldap_LTX_init_module(int argc, char *argv[]); void ldap_back_dn_massage(struct ldapinfo *li, struct berval *dn, diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c index 1e4ad1b770..bc79a96667 100644 --- a/servers/slapd/back-ldap/bind.c +++ b/servers/slapd/back-ldap/bind.c @@ -53,24 +53,17 @@ static LDAP_REBIND_PROC ldap_back_rebind; int ldap_back_bind( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - int method, - struct berval *cred, - struct berval *edn -) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; struct berval mdn = { 0, NULL }; int rc = 0; ber_int_t msgid; - lc = ldap_back_getconn(li, conn, op); + lc = ldap_back_getconn(li, op, rs); if ( !lc ) { return( -1 ); } @@ -79,32 +72,32 @@ ldap_back_bind( * Rewrite the bind dn if needed */ #ifdef ENABLE_REWRITE - switch ( rewrite_session( li->rwinfo, "bindDn", dn->bv_val, conn, &mdn.bv_val ) ) { + switch ( rewrite_session( li->rwinfo, "bindDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mdn.bv_val == NULL ) { - mdn.bv_val = ( char * )dn->bv_val; + mdn.bv_val = ( char * )op->o_req_dn.bv_val; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, - "[rw] bindDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 ); + "[rw] bindDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> bindDn: \"%s\" -> \"%s\"\n%s", - dn->bv_val, mdn.bv_val, "" ); + op->o_req_dn.bv_val, mdn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, dn, &mdn, 0, 1 ); + ldap_back_dn_massage( li, &op->o_req_dn &mdn, 0, 1 ); #endif /* !ENABLE_REWRITE */ if ( lc->bound_dn.bv_val ) { @@ -115,31 +108,31 @@ ldap_back_bind( lc->bound = 0; /* method is always LDAP_AUTH_SIMPLE if we got here */ rc = ldap_sasl_bind(lc->ld, mdn.bv_val, LDAP_SASL_SIMPLE, - cred, op->o_ctrls, NULL, &msgid); - rc = ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ); + &op->oq_bind.rb_cred, op->o_ctrls, NULL, &msgid); + rc = ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ); if (rc == LDAP_SUCCESS) { lc->bound = 1; - if ( mdn.bv_val != dn->bv_val ) { + if ( mdn.bv_val != op->o_req_dn.bv_val ) { lc->bound_dn = mdn; } else { - ber_dupbv( &lc->bound_dn, dn ); + ber_dupbv( &lc->bound_dn, &op->o_req_dn ); } if ( li->savecred ) { if ( lc->cred.bv_val ) ch_free( lc->cred.bv_val ); - ber_dupbv( &lc->cred, cred ); + ber_dupbv( &lc->cred, &op->oq_bind.rb_cred ); ldap_set_rebind_proc( lc->ld, ldap_back_rebind, lc ); } } /* must re-insert if local DN changed as result of bind */ - if ( lc->bound && ber_bvcmp(ndn, &lc->local_dn ) ) { + if ( lc->bound && ber_bvcmp(&op->o_req_ndn, &lc->local_dn ) ) { int err; ldap_pvt_thread_mutex_lock( &li->conn_mutex ); lc = avl_delete( &li->conntree, (caddr_t)lc, ldap_back_conn_cmp ); if ( lc->local_dn.bv_val ) ch_free( lc->local_dn.bv_val ); - ber_dupbv( &lc->local_dn, ndn ); + ber_dupbv( &lc->local_dn, &op->o_req_ndn ); err = avl_insert( &li->conntree, (caddr_t)lc, ldap_back_conn_cmp, ldap_back_conn_dup ); ldap_pvt_thread_mutex_unlock( &li->conn_mutex ); @@ -234,7 +227,7 @@ static void myprint( Avlnode *root ) #endif /* PRINT_CONNTREE */ struct ldapconn * -ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) +ldap_back_getconn(struct ldapinfo *li, Operation *op, SlapReply *rs) { struct ldapconn *lc, lc_curr; LDAP *ld; @@ -244,7 +237,7 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) /* Explicit binds must not be shared */ if ( op->o_tag == LDAP_REQ_BIND ) { - lc_curr.conn = conn; + lc_curr.conn = op->o_conn; } else { lc_curr.conn = NULL; } @@ -263,13 +256,13 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) /* Looks like we didn't get a bind. Open a new session... */ if (!lc) { - int vers = conn->c_protocol; - int err = ldap_initialize(&ld, li->url); + int vers = op->o_conn->c_protocol; + rs->sr_err = ldap_initialize(&ld, li->url); - if (err != LDAP_SUCCESS) { - err = ldap_back_map_result(err); - send_ldap_result( conn, op, err, - NULL, "ldap_initialize() failed", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_err = ldap_back_map_result(rs->sr_err); + rs->sr_text = "ldap_initialize() failed"; + send_ldap_result( op, rs ); return( NULL ); } /* Set LDAP version. This will always succeed: If the client @@ -295,10 +288,10 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) /* * Sets a cookie for the rewrite session */ - ( void )rewrite_session_init( li->rwinfo, conn ); + ( void )rewrite_session_init( li->rwinfo, op->o_conn ); #endif /* ENABLE_REWRITE */ - if ( conn->c_dn.bv_len != 0 ) { + if ( op->o_conn->c_dn.bv_len != 0 ) { /* * Rewrite the bind dn if needed @@ -307,47 +300,45 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) lc->bound_dn.bv_val = NULL; lc->bound_dn.bv_len = 0; switch ( rewrite_session( li->rwinfo, "bindDn", - conn->c_dn.bv_val, conn, + op->o_conn->c_dn.bv_val, op->o_conn, &lc->bound_dn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( lc->bound_dn.bv_val == NULL ) { ber_dupbv( &lc->bound_dn, - &conn->c_dn ); + &op->o_conn->c_dn ); } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, "[rw] bindDn: \"%s\" ->" " \"%s\"\n%s", - conn->c_dn.bv_val, + op->o_conn->c_dn.bv_val, lc->bound_dn.bv_val, "" ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> bindDn: \"%s\" ->" " \"%s\"\n%s", - conn->c_dn.bv_val, + op->o_conn->c_dn.bv_val, lc->bound_dn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", - NULL, NULL ); + "Operation not allowed" ); return( NULL ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_OTHER, - NULL, "Rewrite error", - NULL, NULL ); + "Rewrite error" ); return( NULL ); } #else /* !ENABLE_REWRITE */ struct berval bv; - ldap_back_dn_massage( li, &conn->c_dn, &bv, 0, 1 ); - if ( bv.bv_val == conn->c_dn.bv_val ) { + ldap_back_dn_massage( li, &op->o_conn->c_dn, &bv, 0, 1 ); + if ( bv.bv_val == op->o_conn->c_dn.bv_val ) { ber_dupbv( &lc->bound_dn, &bv ); } else { lc->bound_dn = bv; @@ -362,7 +353,7 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) /* Inserts the newly created ldapconn in the avl tree */ ldap_pvt_thread_mutex_lock( &li->conn_mutex ); - err = avl_insert( &li->conntree, (caddr_t)lc, + rs->sr_err = avl_insert( &li->conntree, (caddr_t)lc, ldap_back_conn_cmp, ldap_back_conn_dup ); #if PRINT_CONNTREE > 0 @@ -381,10 +372,10 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) #endif /* !NEW_LOGGING */ /* Err could be -1 in case a duplicate ldapconn is inserted */ - if ( err != 0 ) { + if ( rs->sr_err != 0 ) { ldap_back_conn_free( lc ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "internal server error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "internal server error" ); return( NULL ); } } else { @@ -410,7 +401,7 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) * it can be used to simplify the check. */ int -ldap_back_dobind( struct ldapinfo *li, struct ldapconn *lc, Connection *conn, Operation *op ) +ldap_back_dobind( struct ldapinfo *li, struct ldapconn *lc, Operation *op, SlapReply *rs ) { int rc; ber_int_t msgid; @@ -419,7 +410,7 @@ ldap_back_dobind( struct ldapinfo *li, struct ldapconn *lc, Connection *conn, Op if ( !lc->bound ) { rc = ldap_sasl_bind(lc->ld, lc->bound_dn.bv_val, LDAP_SASL_SIMPLE, &lc->cred, NULL, NULL, &msgid); - rc = ldap_back_op_result( li, lc, conn, op, msgid, rc, 0 ); + rc = ldap_back_op_result( li, lc, op, rs, msgid, rc, 0 ); if (rc == LDAP_SUCCESS) { lc->bound = 1; } @@ -493,20 +484,21 @@ ldap_back_map_result(int err) int ldap_back_op_result(struct ldapinfo *li, struct ldapconn *lc, - Connection *conn, Operation *op, ber_int_t msgid, int err, int sendok) + Operation *op, SlapReply *rs, ber_int_t msgid, int err, int sendok) { - char *msg = NULL; char *match = NULL; - char *mmatch = NULL; LDAPMessage *res; int rc; + rs->sr_text = NULL; + rs->sr_matched = NULL; + if (err == LDAP_SUCCESS) { if (ldap_result(lc->ld, msgid, 1, NULL, &res) == -1) { ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER, &err); } else { rc = ldap_parse_result(lc->ld, res, &err, &match, - &msg, NULL, NULL, 1); + (char **)&rs->sr_text, NULL, NULL, 1); if (rc != LDAP_SUCCESS) err = rc; } } @@ -514,14 +506,14 @@ ldap_back_op_result(struct ldapinfo *li, struct ldapconn *lc, err = ldap_back_map_result(err); /* internal ops must not reply to client */ - if ( conn && !op->o_do_not_cache ) { + if ( op->o_conn && !op->o_do_not_cache ) { #ifdef ENABLE_REWRITE if (match) { - switch(rewrite_session(li->rwinfo, "matchedDn", match, conn, - &mmatch)) { + switch(rewrite_session(li->rwinfo, "matchedDn", match, op->o_conn, + (char **)&rs->sr_matched)) { case REWRITE_REGEXEC_OK: - if (!mmatch) mmatch = match; break; + if (!rs->sr_matched) rs->sr_matched = match; break; case REWRITE_REGEXEC_UNWILLING: case REWRITE_REGEXEC_ERR: break; @@ -532,17 +524,22 @@ ldap_back_op_result(struct ldapinfo *li, struct ldapconn *lc, if (match) { ber_str2bv(match, 0, 0, &dn); ldap_back_dn_massage(li, &dn, &mdn, 0, 0); - mmatch = mdn.bv_val; + rs->sr_matched = mdn.bv_val; } #endif } } if (sendok || err != LDAP_SUCCESS) { - send_ldap_result( conn, op, err, mmatch, msg, NULL, NULL ); + rs->sr_err = err; + send_ldap_result( op, rs ); } - if (mmatch != match) free(mmatch); + if (rs->sr_matched != match) free((char *)rs->sr_matched); + rs->sr_matched = NULL; if ( match ) free( match ); - if ( msg ) free( msg ); + if ( rs->sr_text ) { + free( (char *)rs->sr_text ); + rs->sr_text = NULL; + } return( (err==LDAP_SUCCESS) ? 0 : -1 ); } diff --git a/servers/slapd/back-ldap/compare.c b/servers/slapd/back-ldap/compare.c index e16253057e..0e1cc87227 100644 --- a/servers/slapd/back-ldap/compare.c +++ b/servers/slapd/back-ldap/compare.c @@ -47,23 +47,18 @@ int ldap_back_compare( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - AttributeAssertion *ava -) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; struct berval mapped_oc, mapped_at; struct berval mdn = { 0, NULL }; int rc; ber_int_t msgid; - lc = ldap_back_getconn(li, conn, op); - if (!lc || !ldap_back_dobind( li, lc, conn, op ) ) { + lc = ldap_back_getconn(li, op, rs); + if (!lc || !ldap_back_dobind( li, lc, op, rs ) ) { return( -1 ); } @@ -71,46 +66,46 @@ ldap_back_compare( * Rewrite the compare dn, if needed */ #ifdef ENABLE_REWRITE - switch ( rewrite_session( li->rwinfo, "compareDn", dn->bv_val, conn, &mdn.bv_val ) ) { + switch ( rewrite_session( li->rwinfo, "compareDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mdn.bv_val == NULL ) { - mdn.bv_val = ( char * )dn->bv_val; + mdn.bv_val = ( char * )op->o_req_dn.bv_val; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, - "[rw] compareDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 ); + "[rw] compareDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> compareDn: \"%s\" -> \"%s\"\n%s", - dn->bv_val, mdn.bv_val, "" ); + op->o_req_dn.bv_val, mdn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, dn, &mdn, 0, 1 ); + ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 ); if ( mdn.bv_val == NULL ) { return -1; } #endif /* !ENABLE_REWRITE */ - if ( ava->aa_desc == slap_schema.si_ad_objectClass ) { - ldap_back_map(&li->oc_map, &ava->aa_desc->ad_cname, &mapped_oc, + if ( op->oq_compare.rs_ava->aa_desc == slap_schema.si_ad_objectClass ) { + ldap_back_map(&li->oc_map, &op->oq_compare.rs_ava->aa_desc->ad_cname, &mapped_oc, BACKLDAP_MAP); if (mapped_oc.bv_val == NULL || mapped_oc.bv_val[0] == '\0') { return( -1 ); } } else { - ldap_back_map(&li->at_map, &ava->aa_value, &mapped_at, + ldap_back_map(&li->at_map, &op->oq_compare.rs_ava->aa_value, &mapped_at, BACKLDAP_MAP); if (mapped_at.bv_val == NULL || mapped_at.bv_val[0] == '\0') { return( -1 ); @@ -120,9 +115,9 @@ ldap_back_compare( rc = ldap_compare_ext( lc->ld, mdn.bv_val, mapped_oc.bv_val, &mapped_at, op->o_ctrls, NULL, &msgid ); - if ( mdn.bv_val != dn->bv_val ) { + if ( mdn.bv_val != op->o_req_dn.bv_val ) { free( mdn.bv_val ); } - return( ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ) ); + return( ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ) ); } diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c index bba917a4cc..2cdbeb21d3 100644 --- a/servers/slapd/back-ldap/config.c +++ b/servers/slapd/back-ldap/config.c @@ -409,36 +409,28 @@ error_return:; static int ldap_back_exop_whoami( - Connection *conn, Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl ***rspctrls, - const char **text, - BerVarray *refs ) + SlapReply *rs ) { struct berval *bv = NULL; - int rc = LDAP_SUCCESS; - if ( reqdata != NULL ) { + if ( op->oq_extended.rs_reqdata != NULL ) { /* no request data should be provided */ - *text = "no request data expected"; + rs->sr_text = "no request data expected"; return LDAP_PROTOCOL_ERROR; } { - rc = backend_check_restrictions( conn->c_authz_backend, - conn, op, (struct berval *)&slap_EXOP_WHOAMI, text ); + rs->sr_err = backend_check_restrictions( op, rs, + (struct berval *)&slap_EXOP_WHOAMI ); - if( rc != LDAP_SUCCESS ) return rc; + if( rs->sr_err != LDAP_SUCCESS ) return rs->sr_err; } /* if auth'd by back-ldap and request is proxied, forward it */ - if ( conn->c_authz_backend && !strcmp(conn->c_authz_backend->be_type, "ldap" ) && !dn_match(&op->o_ndn, &conn->c_ndn)) { + if ( op->o_conn->c_authz_backend && !strcmp(op->o_conn->c_authz_backend->be_type, "ldap" ) && !dn_match(&op->o_ndn, &op->o_conn->c_ndn)) { struct ldapinfo *li = - (struct ldapinfo *)conn->c_authz_backend->be_private; + (struct ldapinfo *)op->o_conn->c_authz_backend->be_private; struct ldapconn *lc; LDAPControl c, *ctrls[2] = {&c, NULL}; @@ -446,9 +438,9 @@ ldap_back_exop_whoami( Operation op2 = *op; ber_int_t msgid; - op2.o_ndn = conn->c_ndn; - lc = ldap_back_getconn(li, conn, &op2); - if (!lc || !ldap_back_dobind( li, lc, conn, op )) { + op2.o_ndn = op->o_conn->c_ndn; + lc = ldap_back_getconn(li, &op2, rs); + if (!lc || !ldap_back_dobind( li, lc, op, rs )) { return -1; } c.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ; @@ -458,19 +450,19 @@ ldap_back_exop_whoami( strcpy(c.ldctl_value.bv_val, "dn:"); strcpy(c.ldctl_value.bv_val+3, op->o_ndn.bv_val); - rc = ldap_whoami(lc->ld, ctrls, NULL, &msgid); - if (rc == LDAP_SUCCESS) { + rs->sr_err = ldap_whoami(lc->ld, ctrls, NULL, &msgid); + if (rs->sr_err == LDAP_SUCCESS) { if (ldap_result(lc->ld, msgid, 1, NULL, &res) == -1) { ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER, - &rc); + &rs->sr_err); } else { - rc = ldap_parse_whoami(lc->ld, res, &bv); + rs->sr_err = ldap_parse_whoami(lc->ld, res, &bv); ldap_msgfree(res); } } ch_free(c.ldctl_value.bv_val); - if (rc != LDAP_SUCCESS) { - rc = ldap_back_map_result(rc); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_err = ldap_back_map_result(rs->sr_err); } } else { /* else just do the same as before */ @@ -488,8 +480,8 @@ ldap_back_exop_whoami( } } - *rspdata = bv; - return rc; + rs->sr_rspdata = bv; + return rs->sr_err; } diff --git a/servers/slapd/back-ldap/delete.c b/servers/slapd/back-ldap/delete.c index fb642b7817..f6a88c5d8e 100644 --- a/servers/slapd/back-ldap/delete.c +++ b/servers/slapd/back-ldap/delete.c @@ -47,63 +47,59 @@ int ldap_back_delete( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn -) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; int rc; ber_int_t msgid; struct berval mdn = { 0, NULL }; - lc = ldap_back_getconn( li, conn, op ); + lc = ldap_back_getconn( li, op, rs ); - if ( !lc || !ldap_back_dobind( li, lc, conn, op ) ) { + if ( !lc || !ldap_back_dobind( li, lc, op, rs ) ) { return( -1 ); } /* - * Rewrite the compare dn, if needed + * Rewrite the request dn, if needed */ #ifdef ENABLE_REWRITE - switch ( rewrite_session( li->rwinfo, "deleteDn", dn->bv_val, conn, &mdn.bv_val ) ) { + switch ( rewrite_session( li->rwinfo, "deleteDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mdn.bv_val == NULL ) { - mdn.bv_val = ( char * )dn->bv_val; + mdn.bv_val = ( char * )op->o_req_dn.bv_val; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, - "[rw] deleteDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 ); + "[rw] deleteDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> deleteDn: \"%s\" -> \"%s\"\n%s", - dn->bv_val, mdn.bv_val, "" ); + op->o_req_dn.bv_val, mdn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, dn, &mdn, 0, 1 ); + ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 ); #endif /* !ENABLE_REWRITE */ rc = ldap_delete_ext( lc->ld, mdn.bv_val, op->o_ctrls, NULL, &msgid ); - if ( mdn.bv_val != dn->bv_val ) { + if ( mdn.bv_val != op->o_req_dn.bv_val ) { free( mdn.bv_val ); } - return( ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ) ); + return( ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ) ); } diff --git a/servers/slapd/back-ldap/extended.c b/servers/slapd/back-ldap/extended.c index a2697296fc..5b839bee01 100644 --- a/servers/slapd/back-ldap/extended.c +++ b/servers/slapd/back-ldap/extended.c @@ -26,48 +26,27 @@ static struct exop { int ldap_back_extended( - Backend *be, - Connection *conn, Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char** text, - BerVarray *refs -) + SlapReply *rs ) { int i; for( i=0; exop_table[i].extended != NULL; i++ ) { - if( ber_bvcmp( exop_table[i].oid, reqoid ) == 0 ) { - return (exop_table[i].extended)( - be, conn, op, - reqoid, reqdata, - rspoid, rspdata, rspctrls, - text, refs ); + if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) { + return (exop_table[i].extended)( op, rs ); } } - *text = "not supported within naming context"; + rs->sr_text = "not supported within naming context"; return LDAP_UNWILLING_TO_PERFORM; } int ldap_back_exop_passwd( - Backend *be, - Connection *conn, Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char **text, - BerVarray *refs ) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; struct berval id = { 0, NULL }; struct berval old = { 0, NULL }; @@ -75,15 +54,14 @@ ldap_back_exop_passwd( struct berval dn, mdn = { 0, NULL }, newpw; LDAPMessage *res; ber_int_t msgid; - char *msg = NULL, *match = NULL; int rc; - lc = ldap_back_getconn(li, conn, op); - if (!lc || !ldap_back_dobind(li, lc, conn, op) ) { + lc = ldap_back_getconn(li, op, rs); + if (!lc || !ldap_back_dobind(li, lc, op, rs) ) { return -1; } - rc = slap_passwd_parse( reqdata, &id, &old, &new, text ); + rc = slap_passwd_parse( op->oq_extended.rs_reqdata, &id, &old, &new, &rs->sr_text ); if (rc != LDAP_SUCCESS) return rc; @@ -102,12 +80,12 @@ ldap_back_exop_passwd( #endif if (dn.bv_len == 0) { - *text = "No password is associated with the Root DSE"; + rs->sr_text = "No password is associated with the Root DSE"; return LDAP_UNWILLING_TO_PERFORM; } if (id.bv_len) { #ifdef ENABLE_REWRITE - switch ( rewrite_session( li->rwinfo, "modifyPwd", dn.bv_val, conn, &mdn.bv_val ) ) { + switch ( rewrite_session( li->rwinfo, "modifyPwd", dn.bv_val, op->o_conn, &mdn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mdn.bv_val == NULL ) { mdn.bv_val = dn.bv_val; @@ -123,13 +101,13 @@ ldap_back_exop_passwd( break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ @@ -151,28 +129,30 @@ ldap_back_exop_passwd( /* sigh. parse twice, because parse_passwd doesn't give * us the err / match / msg info. */ - int err; - rc = ldap_parse_result(lc->ld, res, &err, &match, &msg, + rc = ldap_parse_result(lc->ld, res, &rs->sr_err, (char **)&rs->sr_matched, (char **)&rs->sr_text, NULL, NULL, 0); if (rc == LDAP_SUCCESS) { - if (err == LDAP_SUCCESS) { + if (rs->sr_err == LDAP_SUCCESS) { rc = ldap_parse_passwd(lc->ld, res, &newpw); if (rc == LDAP_SUCCESS && newpw.bv_val) { - *rspdata = slap_passwd_return(&newpw); + rs->sr_type = REP_EXTENDED; + rs->sr_rspdata = slap_passwd_return(&newpw); free(newpw.bv_val); } } else { - rc = err; + rc = rs->sr_err; } } ldap_msgfree(res); } } if (rc != LDAP_SUCCESS) { - rc = ldap_back_map_result(rc); - send_ldap_result(conn, op, rc, match, msg, NULL, NULL); - if (match) free(match); - if (msg) free(msg); + rs->sr_err = ldap_back_map_result(rc); + send_ldap_result(op, rs); + if (rs->sr_matched) free((char *)rs->sr_matched); + if (rs->sr_text) free((char *)rs->sr_text); + rs->sr_matched = NULL; + rs->sr_text = NULL; rc = -1; } return rc; diff --git a/servers/slapd/back-ldap/modify.c b/servers/slapd/back-ldap/modify.c index 4e947bfbd7..3890fdbad6 100644 --- a/servers/slapd/back-ldap/modify.c +++ b/servers/slapd/back-ldap/modify.c @@ -47,15 +47,10 @@ int ldap_back_modify( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - Modifications *modlist -) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; LDAPMod **modv = NULL; LDAPMod *mods; @@ -65,8 +60,8 @@ ldap_back_modify( struct berval mdn = { 0, NULL }; ber_int_t msgid; - lc = ldap_back_getconn(li, conn, op); - if ( !lc || !ldap_back_dobind( li, lc, conn, op ) ) { + lc = ldap_back_getconn(li, op, rs); + if ( !lc || !ldap_back_dobind( li, lc, op, rs ) ) { return( -1 ); } @@ -74,35 +69,35 @@ ldap_back_modify( * Rewrite the modify dn, if needed */ #ifdef ENABLE_REWRITE - switch ( rewrite_session( li->rwinfo, "modifyDn", dn->bv_val, conn, &mdn.bv_val ) ) { + switch ( rewrite_session( li->rwinfo, "modifyDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mdn.bv_val == NULL ) { - mdn.bv_val = ( char * )dn->bv_val; + mdn.bv_val = ( char * )op->o_req_dn.bv_val; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, - "[rw] modifyDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 ); + "[rw] modifyDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> modifyDn: \"%s\" -> \"%s\"\n%s", - dn->bv_val, mdn.bv_val, "" ); + op->o_req_dn.bv_val, mdn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, dn, &mdn, 0, 1 ); + ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 ); #endif /* !ENABLE_REWRITE */ - for (i=0, ml=modlist; ml; i++,ml=ml->sml_next) + for (i=0, ml=op->oq_modify.rs_modlist; ml; i++,ml=ml->sml_next) ; mods = (LDAPMod *)ch_malloc(i*sizeof(LDAPMod)); @@ -116,7 +111,7 @@ ldap_back_modify( goto cleanup; } - for (i=0, ml=modlist; ml; ml=ml->sml_next) { + for (i=0, ml=op->oq_modify.rs_modlist; ml; ml=ml->sml_next) { if ( ml->sml_desc->ad_type->sat_no_user_mod ) { continue; } @@ -140,7 +135,7 @@ ldap_back_modify( if ( strcmp( ml->sml_desc->ad_type->sat_syntax->ssyn_oid, SLAPD_DN_SYNTAX ) == 0 ) { ldap_dnattr_rewrite( li->rwinfo, - ml->sml_bvalues, conn ); + ml->sml_bvalues, op->o_conn ); } #endif /* ENABLE_REWRITE */ @@ -162,7 +157,7 @@ ldap_back_modify( rc = ldap_modify_ext( lc->ld, mdn.bv_val, modv, op->o_ctrls, NULL, &msgid ); cleanup:; - if ( mdn.bv_val != dn->bv_val ) { + if ( mdn.bv_val != op->o_req_dn.bv_val ) { free( mdn.bv_val ); } for (i=0; modv[i]; i++) { @@ -171,6 +166,6 @@ cleanup:; ch_free( mods ); ch_free( modv ); - return ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ); + return ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ); } diff --git a/servers/slapd/back-ldap/modrdn.c b/servers/slapd/back-ldap/modrdn.c index 31739cec7a..b44b7c0c55 100644 --- a/servers/slapd/back-ldap/modrdn.c +++ b/servers/slapd/back-ldap/modrdn.c @@ -47,31 +47,22 @@ int ldap_back_modrdn( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - struct berval *newrdn, - struct berval *nnewrdn, - int deleteoldrdn, - struct berval *newSuperior, - struct berval *nnewSuperior -) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; int rc; ber_int_t msgid; struct berval mdn = { 0, NULL }, mnewSuperior = { 0, NULL }; - lc = ldap_back_getconn( li, conn, op ); - if ( !lc || !ldap_back_dobind(li, lc, conn, op) ) { + lc = ldap_back_getconn( li, op, rs ); + if ( !lc || !ldap_back_dobind(li, lc, op, rs) ) { return( -1 ); } - if (newSuperior) { + if (op->oq_modrdn.rs_newSup) { int version = LDAP_VERSION3; ldap_set_option( lc->ld, LDAP_OPT_PROTOCOL_VERSION, &version); @@ -80,36 +71,34 @@ ldap_back_modrdn( */ #ifdef ENABLE_REWRITE switch ( rewrite_session( li->rwinfo, "newSuperiorDn", - newSuperior->bv_val, conn, &mnewSuperior.bv_val ) ) { + op->oq_modrdn.rs_newSup->bv_val, op->o_conn, &mnewSuperior.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mnewSuperior.bv_val == NULL ) { - mnewSuperior.bv_val = ( char * )newSuperior; + mnewSuperior.bv_val = ( char * )op->oq_modrdn.rs_newSup->bv_val; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, "[rw] newSuperiorDn:" " \"%s\" -> \"%s\"\n", - newSuperior, mnewSuperior.bv_val, 0 ); + op->oq_modrdn.rs_newSup->bv_val, mnewSuperior.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> newSuperiorDn:" " \"%s\" -> \"%s\"\n%s", - newSuperior->bv_val, mnewSuperior.bv_val, "" ); + op->oq_modrdn.rs_newSup->bv_val, mnewSuperior.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, newSuperior, &mnewSuperior, 0, 1 ); + ldap_back_dn_massage( li, op->oq_modrdn.rs_newSup, &mnewSuperior, 0, 1 ); if ( mnewSuperior.bv_val == NULL ) { return( -1 ); } @@ -120,44 +109,44 @@ ldap_back_modrdn( /* * Rewrite the modrdn dn, if required */ - switch ( rewrite_session( li->rwinfo, "modrDn", dn->bv_val, conn, &mdn.bv_val ) ) { + switch ( rewrite_session( li->rwinfo, "modrDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mdn.bv_val == NULL ) { - mdn.bv_val = ( char * )dn->bv_val; + mdn.bv_val = ( char * )op->o_req_dn.bv_val; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, - "[rw] modrDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn.bv_val, 0 ); + "[rw] modrDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> modrDn: \"%s\" -> \"%s\"\n%s", - dn->bv_val, mdn.bv_val, "" ); + op->o_req_dn.bv_val, mdn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); return( -1 ); case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); return( -1 ); } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, dn, &mdn, 0, 1 ); + ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 ); #endif /* !ENABLE_REWRITE */ - rc = ldap_rename( lc->ld, mdn.bv_val, newrdn->bv_val, mnewSuperior.bv_val, - deleteoldrdn, op->o_ctrls, NULL, &msgid ); + rc = ldap_rename( lc->ld, mdn.bv_val, op->oq_modrdn.rs_newrdn.bv_val, mnewSuperior.bv_val, + op->oq_modrdn.rs_deleteoldrdn, op->o_ctrls, NULL, &msgid ); - if ( mdn.bv_val != dn->bv_val ) { + if ( mdn.bv_val != op->o_req_dn.bv_val ) { free( mdn.bv_val ); } if ( mnewSuperior.bv_val != NULL - && mnewSuperior.bv_val != newSuperior->bv_val ) { + && mnewSuperior.bv_val != op->oq_modrdn.rs_newSup->bv_val ) { free( mnewSuperior.bv_val ); } - return( ldap_back_op_result( li, lc, conn, op, msgid, rc, 1 ) ); + return( ldap_back_op_result( li, lc, op, rs, msgid, rc, 1 ) ); } diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c index c68cb2469c..1ce5335e6e 100644 --- a/servers/slapd/back-ldap/search.c +++ b/servers/slapd/back-ldap/search.c @@ -54,36 +54,23 @@ static struct berval dummy = { 0, NULL }; int ldap_back_search( - Backend *be, - Connection *conn, Operation *op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int slimit, - int tlimit, - Filter *filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly -) + SlapReply *rs ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; struct timeval tv; LDAPMessage *res, *e; int count, rc = 0, msgid, sres = LDAP_SUCCESS; - char *match = NULL, *err = NULL; + char *match = NULL; char **mapped_attrs = NULL; struct berval mbase; - char *mmatch = NULL; struct berval mfilter = { 0, NULL }; struct slap_limits_set *limit = NULL; int isroot = 0; BerVarray v2refs = NULL; - lc = ldap_back_getconn(li, conn, op); + lc = ldap_back_getconn(li, op, rs); if ( !lc ) { return( -1 ); } @@ -92,30 +79,30 @@ ldap_back_search( * FIXME: in case of values return filter, we might want * to map attrs and maybe rewrite value */ - if ( !ldap_back_dobind( li, lc, conn, op ) ) { + if ( !ldap_back_dobind( li, lc, op, rs ) ) { return( -1 ); } /* if not root, get appropriate limits */ - if ( be_isroot( be, &op->o_ndn ) ) { + if ( be_isroot( op->o_bd, &op->o_ndn ) ) { isroot = 1; } else { - ( void ) get_limits( be, &op->o_ndn, &limit ); + ( void ) get_limits( op->o_bd, &op->o_ndn, &limit ); } /* if no time limit requested, rely on remote server limits */ /* if requested limit higher than hard limit, abort */ - if ( !isroot && tlimit > limit->lms_t_hard ) { + if ( !isroot && op->oq_search.rs_tlimit > limit->lms_t_hard ) { /* no hard limit means use soft instead */ if ( limit->lms_t_hard == 0 && limit->lms_t_soft > -1 - && tlimit > limit->lms_t_soft ) { - tlimit = limit->lms_t_soft; + && op->oq_search.rs_tlimit > limit->lms_t_soft ) { + op->oq_search.rs_tlimit = limit->lms_t_soft; /* positive hard limit means abort */ } else if ( limit->lms_t_hard > 0 ) { - send_ldap_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; + send_ldap_result( op, rs ); rc = 0; goto finish; } @@ -125,17 +112,17 @@ ldap_back_search( /* if no size limit requested, rely on remote server limits */ /* if requested limit higher than hard limit, abort */ - if ( !isroot && slimit > limit->lms_s_hard ) { + if ( !isroot && op->oq_search.rs_slimit > limit->lms_s_hard ) { /* no hard limit means use soft instead */ if ( limit->lms_s_hard == 0 && limit->lms_s_soft > -1 - && slimit > limit->lms_s_soft ) { - slimit = limit->lms_s_soft; + && op->oq_search.rs_slimit > limit->lms_s_soft ) { + op->oq_search.rs_slimit = limit->lms_s_soft; /* positive hard limit means abort */ } else if ( limit->lms_s_hard > 0 ) { - send_ldap_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; + send_ldap_result( op, rs ); rc = 0; goto finish; } @@ -144,10 +131,10 @@ ldap_back_search( } /* should we check return values? */ - if (deref != -1) - ldap_set_option( lc->ld, LDAP_OPT_DEREF, (void *)&deref); - if (tlimit != -1) { - tv.tv_sec = tlimit; + if (op->oq_search.rs_deref != -1) + ldap_set_option( lc->ld, LDAP_OPT_DEREF, (void *)&op->oq_search.rs_deref); + if (op->oq_search.rs_tlimit != -1) { + tv.tv_sec = op->oq_search.rs_tlimit; tv.tv_usec = 0; } else { tv.tv_sec = 0; @@ -158,45 +145,45 @@ ldap_back_search( */ #ifdef ENABLE_REWRITE switch ( rewrite_session( li->rwinfo, "searchBase", - base->bv_val, conn, &mbase.bv_val ) ) { + op->o_req_dn.bv_val, op->o_conn, &mbase.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( mbase.bv_val == NULL ) { - mbase = *base; + mbase = op->o_req_dn; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, "[rw] searchBase: \"%s\" -> \"%s\"\n", - base->bv_val, mbase.bv_val, 0 ); + op->o_req_dn.bv_val, mbase.bv_val, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> searchBase: \"%s\" -> \"%s\"\n%s", - base->bv_val, mbase.bv_val, "" ); + op->o_req_dn.bv_val, mbase.bv_val, "" ); #endif /* !NEW_LOGGING */ break; case REWRITE_REGEXEC_UNWILLING: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Operation not allowed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Operation not allowed" ); rc = -1; goto finish; case REWRITE_REGEXEC_ERR: - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "Rewrite error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "Rewrite error" ); rc = -1; goto finish; } #else /* !ENABLE_REWRITE */ - ldap_back_dn_massage( li, base, &mbase, 0, 1 ); + ldap_back_dn_massage( li, &op->oq_req_dn &mbase, 0, 1 ); #endif /* !ENABLE_REWRITE */ #ifdef ENABLE_REWRITE - rc = ldap_back_filter_map_rewrite_( li->rwinfo, conn, - &li->at_map, &li->oc_map, filter, &mfilter, + rc = ldap_back_filter_map_rewrite_( li->rwinfo, op->o_conn, + &li->at_map, &li->oc_map, op->oq_search.rs_filter, &mfilter, BACKLDAP_MAP ); #else /* ! ENABLE_REWRITE */ rc = ldap_back_filter_map_rewrite_( &li->at_map, &li->oc_map, - filter, &mfilter, BACKLDAP_MAP ); + op->oq_search.rs_filter, &mfilter, BACKLDAP_MAP ); #endif /* ! ENABLE_REWRITE */ if ( rc ) { @@ -204,22 +191,22 @@ ldap_back_search( goto finish; } - mapped_attrs = ldap_back_map_attrs(&li->at_map, attrs, BACKLDAP_MAP); - if ( mapped_attrs == NULL && attrs) { - for (count=0; attrs[count].an_name.bv_val; count++); + mapped_attrs = ldap_back_map_attrs(&li->at_map, op->oq_search.rs_attrs, BACKLDAP_MAP); + if ( mapped_attrs == NULL && op->oq_search.rs_attrs) { + for (count=0; op->oq_search.rs_attrs[count].an_name.bv_val; count++); mapped_attrs = ch_malloc( (count+1) * sizeof(char *)); - for (count=0; attrs[count].an_name.bv_val; count++) { - mapped_attrs[count] = attrs[count].an_name.bv_val; + for (count=0; op->oq_search.rs_attrs[count].an_name.bv_val; count++) { + mapped_attrs[count] = op->oq_search.rs_attrs[count].an_name.bv_val; } mapped_attrs[count] = NULL; } - rc = ldap_search_ext(lc->ld, mbase.bv_val, scope, mfilter.bv_val, - mapped_attrs, attrsonly, op->o_ctrls, NULL, tv.tv_sec ? &tv - : NULL, slimit, &msgid); + rc = ldap_search_ext(lc->ld, mbase.bv_val, op->oq_search.rs_scope, mfilter.bv_val, + mapped_attrs, op->oq_search.rs_attrsonly, op->o_ctrls, NULL, tv.tv_sec ? &tv + : NULL, op->oq_search.rs_slimit, &msgid); if ( rc != LDAP_SUCCESS ) { fail:; - rc = ldap_back_op_result(li, lc, conn, op, msgid, rc, 0); + rc = ldap_back_op_result(li, lc, op, rs, msgid, rc, 0); goto finish; } @@ -228,7 +215,7 @@ fail:; * but this is necessary for version matching, and for ACL processing. */ - for ( count=0, rc=0; + for ( rs->sr_nentries=0, rc=0; rc != -1; rc = ldap_result(lc->ld, msgid, 0, &tv, &res)) { @@ -248,11 +235,12 @@ fail:; Entry ent; struct berval bdn; e = ldap_first_entry(lc->ld,res); - if ( ldap_build_entry(be, conn, e, &ent, &bdn, 1) == LDAP_SUCCESS ) { + if ( ldap_build_entry(op->o_bd, op->o_conn, e, &ent, &bdn, 1) == LDAP_SUCCESS ) { Attribute *a; - count++; - send_search_entry( be, conn, op, &ent, attrs, - attrsonly, NULL ); + rs->sr_nentries++; + rs->sr_entry = &ent; + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry( op, rs ); while (ent.e_attrs) { a = ent.e_attrs; ent.e_attrs = a->a_next; @@ -270,12 +258,10 @@ fail:; } else if ( rc == LDAP_RES_SEARCH_REFERENCE ) { char **references = NULL; - LDAPControl **ctrls = NULL; - BerVarray refs; int cnt; rc = ldap_parse_reference( lc->ld, res, - &references, &ctrls, 1 ); + &references, &rs->sr_ctrls, 1 ); if ( rc != LDAP_SUCCESS ) { continue; @@ -288,32 +274,33 @@ fail:; for ( cnt = 0; references[ cnt ]; cnt++ ) /* NO OP */ ; - refs = ch_calloc( cnt + 1, sizeof( struct berval ) ); + rs->sr_ref = ch_calloc( cnt + 1, sizeof( struct berval ) ); for ( cnt = 0; references[ cnt ]; cnt++ ) { - refs[ cnt ].bv_val = references[ cnt ]; - refs[ cnt ].bv_len = strlen( references[ cnt ] ); + rs->sr_ref[ cnt ].bv_val = references[ cnt ]; + rs->sr_ref[ cnt ].bv_len = strlen( references[ cnt ] ); } /* ignore return value by now */ - ( void )send_search_reference( be, conn, op, - NULL, refs, ctrls, &v2refs ); + ( void )send_search_reference( op, rs ); /* cleanup */ if ( references ) { ldap_value_free( references ); - ch_free( refs ); + ch_free( rs->sr_ref ); + rs->sr_ref = NULL; } - if ( ctrls ) { - ldap_controls_free( ctrls ); + if ( rs->sr_ctrls ) { + ldap_controls_free( rs->sr_ctrls ); + rs->sr_ctrls = NULL; } } else { - rc = ldap_parse_result(lc->ld, res, &sres, &match, - &err, NULL, NULL, 1); - if (rc != LDAP_SUCCESS ) sres = rc; - sres = ldap_back_map_result(sres); + rc = ldap_parse_result(lc->ld, res, &rs->sr_err, &match, + (char **)&rs->sr_text, NULL, NULL, 1); + if (rc != LDAP_SUCCESS ) rs->sr_err = rc; + rs->sr_err = ldap_back_map_result(rs->sr_err); rc = 0; break; } @@ -328,18 +315,18 @@ fail:; */ if ( match != NULL ) { switch ( rewrite_session( li->rwinfo, "matchedDn", - match, conn, &mmatch ) ) { + match, op->o_conn, (char **)&rs->sr_matched ) ) { case REWRITE_REGEXEC_OK: - if ( mmatch == NULL ) { - mmatch = ( char * )match; + if ( rs->sr_matched == NULL ) { + rs->sr_matched = ( char * )match; } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, - "[rw] matchedDn:" " \"%s\" -> \"%s\"\n", match, mmatch, 0 ); + "[rw] matchedDn:" " \"%s\" -> \"%s\"\n", match, rs->sr_matched, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> matchedDn:" " \"%s\" -> \"%s\"\n%s", - match, mmatch, "" ); + match, rs->sr_matched, "" ); #endif /* !NEW_LOGGING */ break; @@ -347,51 +334,43 @@ fail:; case REWRITE_REGEXEC_ERR: /* FIXME: no error, but no matched ... */ - mmatch = NULL; + rs->sr_matched = NULL; break; } } - - if ( v2refs ) { - sres = LDAP_REFERRAL; - } - - send_search_result( conn, op, sres, - mmatch, err, v2refs, NULL, count ); - #else /* !ENABLE_REWRITE */ if ( match != NULL ) { struct berval dn, mdn; ber_str2bv(match, 0, 0, &dn); ldap_back_dn_massage(li, &dn, &mdn, 0, 0); - mmatch = mdn.bv_val; + rs->sr_matched = mdn.bv_val; } - - if ( v2refs ) { - sres = LDAP_REFERRAL; - } - send_search_result( conn, op, sres, - mmatch, err, v2refs, NULL, count ); #endif /* !ENABLE_REWRITE */ + if ( rs->sr_v2ref ) { + rs->sr_err = LDAP_REFERRAL; + } + send_search_result( op, rs ); finish:; if ( match ) { - if ( mmatch != match ) { - free( mmatch ); + if ( rs->sr_matched != match ) { + free( (char *)rs->sr_matched ); } + rs->sr_matched = NULL; LDAP_FREE(match); } - if ( err ) { - LDAP_FREE( err ); + if ( rs->sr_text ) { + LDAP_FREE( (char *)rs->sr_text ); + rs->sr_text = NULL; } if ( mapped_attrs ) { ch_free( mapped_attrs ); } - if ( mfilter.bv_val != filterstr->bv_val ) { + if ( mfilter.bv_val != op->oq_search.rs_filterstr.bv_val ) { ch_free( mfilter.bv_val ); } - if ( mbase.bv_val != base->bv_val ) { + if ( mbase.bv_val != op->o_req_dn.bv_val ) { free( mbase.bv_val ); } @@ -632,8 +611,6 @@ next_attr:; */ int ldap_back_entry_get( - Backend *be, - Connection *conn, Operation *op, struct berval *ndn, ObjectClass *oc, @@ -642,13 +619,15 @@ ldap_back_entry_get( Entry **ent ) { - struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private; struct ldapconn *lc; int rc = 1, is_oc; struct berval mapped = { 0, NULL }, bdn; LDAPMessage *result = NULL, *e = NULL; char *gattr[3]; char *filter; + Connection *oconn; + SlapReply rs; ldap_back_map(&li->at_map, &at->ad_cname, &mapped, BACKLDAP_MAP); if (mapped.bv_val == NULL || mapped.bv_val[0] == '\0') { @@ -658,12 +637,16 @@ ldap_back_entry_get( /* Tell getconn this is a privileged op */ is_oc = op->o_do_not_cache; op->o_do_not_cache = 1; - lc = ldap_back_getconn(li, conn, op); - if ( !lc || !ldap_back_dobind(li, lc, NULL, op) ) { + lc = ldap_back_getconn(li, op, &rs); + oconn = op->o_conn; + op->o_conn = NULL; + if ( !lc || !ldap_back_dobind(li, lc, op, &rs) ) { op->o_do_not_cache = is_oc; + op->o_conn = oconn; return 1; } op->o_do_not_cache = is_oc; + op->o_conn = oconn; is_oc = (strcasecmp("objectclass", mapped.bv_val) == 0); if (oc && !is_oc) { @@ -698,7 +681,7 @@ ldap_back_entry_get( *ent = ch_malloc(sizeof(Entry)); - rc = ldap_build_entry(be, conn, e, *ent, &bdn, 0); + rc = ldap_build_entry(op->o_bd, op->o_conn, e, *ent, &bdn, 0); if (rc != LDAP_SUCCESS) { ch_free(*ent); diff --git a/servers/slapd/back-ldbm/add.c b/servers/slapd/back-ldbm/add.c index ff115aa711..a5cbdcb451 100644 --- a/servers/slapd/back-ldbm/add.c +++ b/servers/slapd/back-ldbm/add.c @@ -18,70 +18,64 @@ int ldbm_back_add( - Backend *be, - Connection *conn, Operation *op, - Entry *e -) + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; struct berval pdn; Entry *p = NULL; - int rc; ID id = NOID; - const char *text = NULL; AttributeDescription *children = slap_schema.si_ad_children; AttributeDescription *entry = slap_schema.si_ad_entry; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; #ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_add: %s\n", e->e_dn, 0, 0 ); + LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_add: %s\n", op->o_req_dn.bv_val, 0, 0 ); #else - Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", e->e_dn, 0, 0); + Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", op->o_req_dn.bv_val, 0, 0); #endif #ifndef LDAP_CACHING - rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen ); + rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL, &rs->sr_text, textbuf, textlen ); #else /* LDAP_CACHING */ if ( !op->o_caching_on ) { - rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen ); + rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL, &rs->sr_text, textbuf, textlen ); } else { - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; } #endif /* LDAP_CACHING */ - if ( rc != LDAP_SUCCESS ) { + if ( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, - "ldbm_back_add: entry (%s) failed schema check.\n", e->e_dn, 0, 0 ); + "ldbm_back_add: entry (%s) failed schema check.\n", op->o_req_dn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n", - text, 0, 0 ); + rs->sr_text, 0, 0 ); #endif - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); return( -1 ); } #ifdef LDAP_CACHING if ( !op->o_caching_on ) { #endif /* LDAP_CACHING */ - if ( !access_allowed( be, conn, op, e, + if ( !access_allowed( op, op->oq_add.rs_e, entry, NULL, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_add: No write access to entry (%s).\n", - e->e_dn, 0, 0 ); + op->o_req_dn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "no write access to entry\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, "no write access to entry", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + "no write access to entry" ); return -1; } @@ -92,12 +86,11 @@ ldbm_back_add( /* grab giant lock for writing */ ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); - if ( ( rc = dn2id( be, &e->e_nname, &id ) ) || id != NOID ) { - /* if (rc) something bad happened to ldbm cache */ + if ( ( rs->sr_err = dn2id( op->o_bd, &op->o_req_ndn, &id ) ) || id != NOID ) { + /* if (rs->sr_err) something bad happened to ldbm cache */ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); - send_ldap_result( conn, op, - rc ? LDAP_OTHER : LDAP_ALREADY_EXISTS, - NULL, NULL, NULL, NULL ); + rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS; + send_ldap_result( op, rs ); return( -1 ); } @@ -107,10 +100,10 @@ ldbm_back_add( * add the entry. */ - if ( be_issuffix( be, &e->e_nname ) ) { + if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) { pdn = slap_empty_bv; } else { - dnParent( &e->e_nname, &pdn ); + dnParent( &op->o_req_ndn, &pdn ); } #ifndef LDAP_CACHING @@ -122,20 +115,17 @@ ldbm_back_add( Entry *matched = NULL; /* get parent with writer lock */ - if ( (p = dn2entry_w( be, &pdn, &matched )) == NULL ) { - char *matched_dn = NULL; - BerVarray refs; - + if ( (p = dn2entry_w( op->o_bd, &pdn, &matched )) == NULL ) { if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); } else { - refs = referral_rewrite( default_referral, - NULL, &e->e_name, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); @@ -143,23 +133,23 @@ ldbm_back_add( #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_add: Parent of (%s) does not exist.\n", - e->e_dn, 0, 0 ); + op->o_req_dn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "parent does not exist\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_REFERRAL, matched_dn, - refs == NULL ? "parent does not exist" : "parent is referral", - refs, NULL ); + rs->sr_text = rs->sr_ref ? "parent is referral" : "parent does not exist"; + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); - free( matched_dn ); + ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); return -1; } - if ( ! access_allowed( be, conn, op, p, + if ( ! access_allowed( op, p, children, NULL, ACL_WRITE, NULL ) ) { /* free parent and writer lock */ @@ -169,14 +159,14 @@ ldbm_back_add( #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_add: No write access to parent (%s).\n", - e->e_dn, 0, 0 ); + op->o_req_dn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "no write access to parent\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, "no write access to parent", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + "no write access to parent" ); return -1; } @@ -197,17 +187,17 @@ ldbm_back_add( #endif - send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, - NULL, "parent is an alias", NULL, NULL ); + send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM, + "parent is an alias" ); return -1; } if ( is_entry_referral( p ) ) { /* parent is a referral, don't allow add */ - char *matched_dn = ch_strdup( p->e_dn ); - BerVarray refs = is_entry_referral( p ) - ? get_entry_referrals( be, conn, op, p ) + rs->sr_matched = ch_strdup( p->e_dn ); + rs->sr_ref = is_entry_referral( p ) + ? get_entry_referrals( op, p ) : NULL; /* free parent and writer lock */ @@ -221,12 +211,11 @@ ldbm_back_add( Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0, 0, 0 ); #endif + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); - - ber_bvarray_free( refs ); - free( matched_dn ); + ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); return -1; } @@ -242,19 +231,19 @@ ldbm_back_add( /* no parent, must be adding entry to root */ #ifndef LDAP_CACHING - if ( !be_isroot( be, &op->o_ndn ) ) + if ( !be_isroot( op->o_bd, &op->o_ndn ) ) #else /* LDAP_CACHING */ - if ( !be_isroot( be, &op->o_ndn ) && !op->o_caching_on ) + if ( !be_isroot( op->o_bd, &op->o_ndn ) && !op->o_caching_on ) #endif /* LDAP_CACHING */ { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) { p = (Entry *)&slap_entry_root; - rc = access_allowed( be, conn, op, p, + rs->sr_err = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); p = NULL; - if ( ! rc ) { + if ( ! rs->sr_err ) { ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); #ifdef NEW_LOGGING @@ -267,11 +256,9 @@ ldbm_back_add( 0, 0, 0 ); #endif - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, - NULL, - "no write access to parent", - NULL, NULL ); + "no write access to parent" ); return -1; } @@ -290,16 +277,15 @@ ldbm_back_add( : "entry at root", 0, 0 ); #endif - send_ldap_result( conn, op, - LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, + LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } } } - if ( next_id( be, &e->e_id ) ) { + if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) { if( p != NULL) { /* free parent and writer lock */ cache_return_entry_w( &li->li_cache, p ); @@ -315,8 +301,8 @@ ldbm_back_add( 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "next_id add failed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "next_id add failed" ); return( -1 ); } @@ -324,9 +310,9 @@ ldbm_back_add( /* * Try to add the entry to the cache, assign it a new dnid. */ - rc = cache_add_entry_rw(&li->li_cache, e, CACHE_WRITE_LOCK); + rs->sr_err = cache_add_entry_rw(&li->li_cache, op->oq_add.rs_e, CACHE_WRITE_LOCK); - if ( rc != 0 ) { + if ( rs->sr_err != 0 ) { if( p != NULL) { /* free parent and writer lock */ cache_return_entry_w( &li->li_cache, p ); @@ -342,17 +328,17 @@ ldbm_back_add( 0 ); #endif - send_ldap_result( conn, op, - rc > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER, - NULL, rc > 0 ? NULL : "cache add failed", NULL, NULL ); + rs->sr_text = rs->sr_err > 0 ? NULL : "cache add failed"; + rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER; + send_ldap_result( op, rs ); return( -1 ); } - rc = -1; + rs->sr_err = -1; /* attribute indexes */ - if ( index_entry_add( be, e, e->e_attrs ) != LDAP_SUCCESS ) { + if ( index_entry_add( op->o_bd, op->oq_add.rs_e ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_add: index_entry_add failed.\n", 0, 0, 0 ); @@ -361,14 +347,14 @@ ldbm_back_add( 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "index generation failed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "index generation failed" ); goto return_results; } /* dn2id index */ - if ( dn2id_add( be, &e->e_nname, e->e_id ) != 0 ) { + if ( dn2id_add( op->o_bd, &op->oq_add.rs_e->e_nname, op->oq_add.rs_e->e_id ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_add: dn2id_add failed.\n", 0, 0, 0 ); @@ -378,14 +364,14 @@ ldbm_back_add( #endif /* FIXME: delete attr indices? */ - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "DN index generation failed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "DN index generation failed" ); goto return_results; } /* id2entry index */ - if ( id2entry_add( be, e ) != 0 ) { + if ( id2entry_add( op->o_bd, op->oq_add.rs_e ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_add: id2entry_add failed.\n", 0, 0, 0 ); @@ -395,22 +381,21 @@ ldbm_back_add( #endif /* FIXME: delete attr indices? */ - (void) dn2id_delete( be, &e->e_nname, e->e_id ); + (void) dn2id_delete( op->o_bd, &op->oq_add.rs_e->e_nname, op->oq_add.rs_e->e_id ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "entry store failed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "entry store failed" ); goto return_results; } - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_SUCCESS; + send_ldap_result( op, rs ); /* marks the entry as committed, so it is added to the cache; * otherwise it is removed from the cache, but not destroyed; * it will be destroyed by the caller */ - rc = 0; - cache_entry_commit( e ); + cache_entry_commit( op->oq_add.rs_e ); return_results:; if (p != NULL) { @@ -418,15 +403,15 @@ return_results:; cache_return_entry_w( &li->li_cache, p ); } - if ( rc ) { + if ( rs->sr_err ) { /* * in case of error, writer lock is freed * and entry's private data is destroyed. * otherwise, this is done when entry is released */ - cache_return_entry_w( &li->li_cache, e ); + cache_return_entry_w( &li->li_cache, op->oq_add.rs_e ); ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); } - return( rc ); + return( rs->sr_err ); } diff --git a/servers/slapd/back-ldbm/bind.c b/servers/slapd/back-ldbm/bind.c index e95124f4b1..c7a57001ac 100644 --- a/servers/slapd/back-ldbm/bind.c +++ b/servers/slapd/back-ldbm/bind.c @@ -20,17 +20,10 @@ int ldbm_back_bind( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - int method, - struct berval *cred, - struct berval *edn -) + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; Entry *e; Attribute *a; int rc; @@ -45,68 +38,53 @@ ldbm_back_bind( #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ENTRY, - "ldbm_back_bind: dn: %s.\n", dn->bv_val, 0, 0 ); + "ldbm_back_bind: dn: %s.\n", op->o_req_dn.bv_val, 0, 0 ); #else - Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", dn->bv_val, 0, 0); + Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", op->o_req_dn.bv_val, 0, 0); #endif - dn = ndn; + if ( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op ) ) { + ber_dupbv( &op->oq_bind.rb_edn, be_root_dn( op->o_bd ) ); + /* front end will send result */ + return LDAP_SUCCESS; + } /* grab giant lock for reading */ ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock); /* get entry with reader lock */ - if ( (e = dn2entry_r( be, dn, &matched )) == NULL ) { - char *matched_dn = NULL; - BerVarray refs = NULL; - + if ( (e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) { if( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); + rs->sr_matched = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); /* allow noauth binds */ rc = 1; - if ( method == LDAP_AUTH_SIMPLE ) { - if ( be_isroot_pw( be, conn, dn, cred ) ) { - ber_dupbv( edn, be_root_dn( be ) ); - rc = 0; /* front end will send result */ - - } else if ( refs != NULL ) { - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); - - } else { - send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); - } - - } else if ( refs != NULL ) { - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); - + if ( rs->sr_ref != NULL ) { + rs->sr_err = LDAP_REFERRAL; } else { - send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INVALID_CREDENTIALS; } + send_ldap_result( op, rs ); - if ( refs ) ber_bvarray_free( refs ); - if ( matched_dn ) free( matched_dn ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + if ( rs->sr_matched ) free( (char *)rs->sr_matched ); return( rc ); } - ber_dupbv( edn, &e->e_name ); + ber_dupbv( &op->oq_bind.rb_edn, &e->e_name ); /* check for deleted */ @@ -114,15 +92,15 @@ ldbm_back_bind( /* entry is an alias, don't allow bind */ #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_bind: entry (%s) is an alias.\n", e->e_dn, 0, 0 ); + "ldbm_back_bind: entry (%s) is an alias.\n", e->e_name.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "entry is alias\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, - NULL, "entry is alias", NULL, NULL ); + send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM, + "entry is alias" ); rc = 1; goto return_results; @@ -130,8 +108,7 @@ ldbm_back_bind( if ( is_entry_referral( e ) ) { /* entry is a referral, don't allow bind */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, @@ -142,53 +119,41 @@ ldbm_back_bind( #endif - if( refs != NULL ) { - send_ldap_result( conn, op, LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + if( rs->sr_ref != NULL ) { + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; } else { - send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INVALID_CREDENTIALS; } + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); rc = 1; goto return_results; } - switch ( method ) { + switch ( op->oq_bind.rb_method ) { case LDAP_AUTH_SIMPLE: - /* check for root dn/passwd */ - if ( be_isroot_pw( be, conn, dn, cred ) ) { - /* front end will send result */ - if(edn->bv_val != NULL) free( edn->bv_val ); - ber_dupbv( edn, be_root_dn( be ) ); - rc = 0; - goto return_results; - } - - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, password, NULL, ACL_AUTH, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); rc = 1; goto return_results; } if ( (a = attr_find( e->e_attrs, password )) == NULL ) { - send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL ); /* stop front end from sending result */ rc = 1; goto return_results; } - if ( slap_passwd_check( conn, a, cred ) != 0 ) { - send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred ) != 0 ) { + send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL ); /* stop front end from sending result */ rc = 1; goto return_results; @@ -199,18 +164,17 @@ ldbm_back_bind( #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND case LDAP_AUTH_KRBV41: - if ( krbv4_ldap_auth( be, cred, &ad ) != LDAP_SUCCESS ) { - send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + if ( krbv4_ldap_auth( op->o_bd, &op->oq_bind.rb_cred, &ad ) != LDAP_SUCCESS ) { + send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL ); rc = 1; goto return_results; } - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, krbattr, NULL, ACL_AUTH, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + NULL ); rc = 1; goto return_results; } @@ -222,12 +186,11 @@ ldbm_back_bind( /* * no krbname values present: check against DN */ - if ( strcasecmp( dn->bv_val, krbname ) == 0 ) { + if ( strcasecmp( op->o_req_dn.bv_val, krbname ) == 0 ) { rc = 0; break; } - send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL ); rc = 1; goto return_results; @@ -238,9 +201,8 @@ ldbm_back_bind( krbval.bv_len = strlen( krbname ); if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) { - send_ldap_result( conn, op, - LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, + LDAP_INVALID_CREDENTIALS, NULL ); rc = 1; goto return_results; } @@ -249,17 +211,16 @@ ldbm_back_bind( break; case LDAP_AUTH_KRBV42: - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, - NULL, "Kerberos bind step 2 not supported", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "Kerberos bind step 2 not supported" ); /* stop front end from sending result */ rc = LDAP_UNWILLING_TO_PERFORM; goto return_results; #endif default: - send_ldap_result( conn, op, LDAP_STRONG_AUTH_NOT_SUPPORTED, - NULL, "authentication method not supported", NULL, NULL ); + send_ldap_error( op, rs, LDAP_STRONG_AUTH_NOT_SUPPORTED, + "authentication method not supported" ); rc = 1; goto return_results; } diff --git a/servers/slapd/back-ldbm/compare.c b/servers/slapd/back-ldbm/compare.c index 5814845420..0adf7028b1 100644 --- a/servers/slapd/back-ldbm/compare.c +++ b/servers/slapd/back-ldbm/compare.c @@ -18,55 +18,45 @@ int ldbm_back_compare( - Backend *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - AttributeAssertion *ava -) + Operation *op, + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; Entry *matched; Entry *e; Attribute *a; - int rc; int manageDSAit = get_manageDSAit( op ); /* grab giant lock for reading */ ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock); /* get entry with reader lock */ - if ( (e = dn2entry_r( be, ndn, &matched )) == NULL ) { - char *matched_dn = NULL; - BerVarray refs = NULL; - + if ( (e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) { if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - if ( refs ) ber_bvarray_free( refs ); - free( matched_dn ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); return( 1 ); } if (!manageDSAit && is_entry_referral( e ) ) { /* entry is a referral, don't allow add */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, @@ -77,56 +67,56 @@ ldbm_back_compare( #endif - send_ldap_result( conn, op, LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - if (refs ) ber_bvarray_free( refs ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); - rc = 1; + rs->sr_err = 1; goto return_results; } - if ( ! access_allowed( be, conn, op, e, - ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ) ) + if ( ! access_allowed( op, e, + op->oq_compare.rs_ava->aa_desc, &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); - rc = 1; + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + NULL ); + rs->sr_err = 1; goto return_results; } - rc = LDAP_NO_SUCH_ATTRIBUTE; + rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE; - for(a = attrs_find( e->e_attrs, ava->aa_desc ); + for(a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc ); a != NULL; - a = attrs_find( a->a_next, ava->aa_desc )) + a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc )) { - rc = LDAP_COMPARE_FALSE; + rs->sr_err = LDAP_COMPARE_FALSE; #ifdef SLAP_NVALUES - if ( value_find_ex( ava->aa_desc, + if ( value_find_ex( op->oq_compare.rs_ava->aa_desc, SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH | SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH, - a->a_nvals, &ava->aa_value ) == 0 ) + a->a_nvals, &op->oq_compare.rs_ava->aa_value ) == 0 ) #else - if ( value_find( ava->aa_desc, a->a_vals, &ava->aa_value ) == 0 ) + if ( value_find( op->oq_compare.rs_ava->aa_desc, a->a_vals, &op->oq_compare.rs_ava->aa_value ) == 0 ) #endif { - rc = LDAP_COMPARE_TRUE; + rs->sr_err = LDAP_COMPARE_TRUE; break; } } - send_ldap_result( conn, op, rc, - NULL, NULL, NULL, NULL ); + send_ldap_result( op, rs ); - if( rc != LDAP_NO_SUCH_ATTRIBUTE ) { - rc = 0; + if( rs->sr_err != LDAP_NO_SUCH_ATTRIBUTE ) { + rs->sr_err = 0; } return_results:; cache_return_entry_r( &li->li_cache, e ); ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); - return( rc ); + return( rs->sr_err ); } diff --git a/servers/slapd/back-ldbm/delete.c b/servers/slapd/back-ldbm/delete.c index 9f746fb2a7..0ab46b74d7 100644 --- a/servers/slapd/back-ldbm/delete.c +++ b/servers/slapd/back-ldbm/delete.c @@ -18,14 +18,10 @@ int ldbm_back_delete( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn -) + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; Entry *matched; struct berval pdn; Entry *e, *p = NULL; @@ -35,46 +31,43 @@ ldbm_back_delete( AttributeDescription *entry = slap_schema.si_ad_entry; #ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_delete: %s\n", dn->bv_val, 0, 0 ); + LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_delete: %s\n", op->o_req_dn.bv_val, 0, 0 ); #else - Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", dn->bv_val, 0, 0); + Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", op->o_req_dn.bv_val, 0, 0); #endif /* grab giant lock for writing */ ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); /* get entry with writer lock */ - if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) { - char *matched_dn = NULL; - BerVarray refs; - + if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_delete: no such object %s\n", dn->bv_val, 0, 0 ); + "ldbm_back_delete: no such object %s\n", op->o_req_dn.bv_val, 0, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: no such object %s\n", - dn->bv_val, 0, 0); + op->o_req_dn.bv_val, 0, 0); #endif if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - if ( refs ) ber_bvarray_free( refs ); - free( matched_dn ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); return( -1 ); } @@ -83,21 +76,21 @@ ldbm_back_delete( #ifdef LDAP_CACHING if( !op->o_caching_on ) { #endif /* LDAP_CACHING */ - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, entry, NULL, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_delete: no write access to entry of (%s)\n", - dn->bv_val, 0, 0 ); + op->o_req_dn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "<=- ldbm_back_delete: no write access to entry\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, "no write access to entry", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + "no write access to entry" ); rc = 1; goto return_results; @@ -106,8 +99,7 @@ ldbm_back_delete( if ( !manageDSAit && is_entry_referral( e ) ) { /* parent is a referral, don't allow add */ /* parent is an alias, don't allow add */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, @@ -117,73 +109,74 @@ ldbm_back_delete( 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - if ( refs ) ber_bvarray_free( refs ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); rc = 1; goto return_results; } - if ( has_children( be, e ) ) { + if ( has_children( op->o_bd, e ) ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, - "ldbm_back_delete: (%s) is a non-leaf node.\n", dn->bv_val, 0,0); + "ldbm_back_delete: (%s) is a non-leaf node.\n", op->o_req_dn.bv_val, 0,0); #else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: non leaf %s\n", - dn->bv_val, 0, 0); + op->o_req_dn.bv_val, 0, 0); #endif - send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF, - NULL, "subtree delete not supported", NULL, NULL ); + send_ldap_error( op, rs, LDAP_NOT_ALLOWED_ON_NONLEAF, + "subtree delete not supported" ); goto return_results; } /* delete from parent's id2children entry */ - if( !be_issuffix( be, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ), + if( !be_issuffix( op->o_bd, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ), pdn.bv_len) ) { - if( (p = dn2entry_w( be, &pdn, NULL )) == NULL) { + if( (p = dn2entry_w( op->o_bd, &pdn, NULL )) == NULL) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, - "ldbm_back_delete: parent of (%s) does not exist\n", dn, 0, 0 ); + "ldbm_back_delete: parent of (%s) does not exist\n", op->o_req_dn. 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "<=- ldbm_back_delete: parent does not exist\n", 0, 0, 0); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "could not locate parent of entry", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not locate parent of entry" ); goto return_results; } /* check parent for "children" acl */ - if ( ! access_allowed( be, conn, op, p, + if ( ! access_allowed( op, p, children, NULL, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_delete: no access to parent of (%s)\n", - dn->bv_val, 0, 0 ); + op->o_req_dn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "<=- ldbm_back_delete: no access to parent\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, "no write access to parent", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + "no write access to parent" ); goto return_results; } } else { /* no parent, must be root to delete */ - if( ! be_isroot( be, &op->o_ndn ) ) { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) { + if( ! be_isroot( op->o_bd, &op->o_ndn ) ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) { p = (Entry *)&slap_entry_root; - rc = access_allowed( be, conn, op, p, + rc = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); p = NULL; @@ -199,8 +192,8 @@ ldbm_back_delete( "access to parent\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, "no write access to parent", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + "no write access to parent" ); goto return_results; } @@ -215,9 +208,9 @@ ldbm_back_delete( "not root\n", 0, 0, 0); #endif - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + NULL ); goto return_results; } } @@ -227,42 +220,42 @@ ldbm_back_delete( #endif /* LDAP_CACHING */ /* delete from dn2id mapping */ - if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) { + if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, - "ldbm_back_delete: (%s) operations error\n", dn->bv_val, 0, 0 ); + "ldbm_back_delete: (%s) operations error\n", op->o_req_dn.bv_val, 0, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: operations error %s\n", - dn->bv_val, 0, 0); + op->o_req_dn.bv_val, 0, 0); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "DN index delete failed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "DN index delete failed" ); goto return_results; } /* delete from disk and cache */ - if ( id2entry_delete( be, e ) != 0 ) { + if ( id2entry_delete( op->o_bd, e ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, - "ldbm_back_delete: (%s) operations error\n", dn->bv_val, 0, 0 ); + "ldbm_back_delete: (%s) operations error\n", op->o_req_dn.bv_val, 0, 0 ); #else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: operations error %s\n", - dn->bv_val, 0, 0); + op->o_req_dn.bv_val, 0, 0); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "entry delete failed", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "entry delete failed" ); goto return_results; } /* delete attribute indices */ - (void) index_entry_del( be, e, e->e_attrs ); + (void) index_entry_del( op->o_bd, e ); - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_SUCCESS; + send_ldap_result( op, rs ); rc = 0; return_results:; diff --git a/servers/slapd/back-ldbm/entry.c b/servers/slapd/back-ldbm/entry.c index cda24c9155..acb3b763f3 100644 --- a/servers/slapd/back-ldbm/entry.c +++ b/servers/slapd/back-ldbm/entry.c @@ -19,14 +19,12 @@ int ldbm_back_entry_release_rw( - Backend *be, - Connection *conn, Operation *op, Entry *e, int rw ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; if ( slapMode == SLAP_SERVER_MODE ) { /* free entry and reader or writer lock */ @@ -54,8 +52,6 @@ ldbm_back_entry_release_rw( /* return LDAP_SUCCESS IFF we can retrieve the specified entry. */ int ldbm_back_entry_get( - BackendDB *be, - Connection *c, Operation *op, struct berval *ndn, ObjectClass *oc, @@ -63,7 +59,7 @@ int ldbm_back_entry_get( int rw, Entry **ent ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; Entry *e; int rc; const char *at_name = at->ad_cname.bv_val; @@ -85,7 +81,7 @@ int ldbm_back_entry_get( /* don't grab the giant lock - our caller has already gotten it. */ /* can we find entry */ - e = dn2entry_rw( be, ndn, NULL, rw ); + e = dn2entry_rw( op->o_bd, ndn, NULL, rw ); if (e == NULL) { #ifdef NEW_LOGGING LDAP_LOG( BACK_BDB, INFO, diff --git a/servers/slapd/back-ldbm/extended.c b/servers/slapd/back-ldbm/extended.c index c6e092aaa7..b2cdb9e535 100644 --- a/servers/slapd/back-ldbm/extended.c +++ b/servers/slapd/back-ldbm/extended.c @@ -27,31 +27,18 @@ struct exop { int ldbm_back_extended( - Backend *be, - Connection *conn, - Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char** text, - BerVarray *refs -) + Operation *op, + SlapReply *rs ) { int i; for( i=0; exop_table[i].extended != NULL; i++ ) { - if( ber_bvcmp( exop_table[i].oid, reqoid ) == 0 ) { - return (exop_table[i].extended)( - be, conn, op, - reqoid, reqdata, - rspoid, rspdata, rspctrls, - text, refs ); + if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) { + return exop_table[i].extended( op, rs ); } } - *text = "not supported within naming context"; + rs->sr_text = "not supported within naming context"; return LDAP_UNWILLING_TO_PERFORM; } diff --git a/servers/slapd/back-ldbm/index.c b/servers/slapd/back-ldbm/index.c index 74b4a36f2e..2f38768a8c 100644 --- a/servers/slapd/back-ldbm/index.c +++ b/servers/slapd/back-ldbm/index.c @@ -292,11 +292,11 @@ int index_values( int index_entry( - Backend *be, + Backend *be, int op, - Entry *e, - Attribute *ap ) + Entry *e ) { + Attribute *ap = e->e_attrs; #ifdef NEW_LOGGING LDAP_LOG( INDEX, ENTRY, "index_entry: %s (%s)%ld\n", op == SLAP_INDEX_ADD_OP ? "add" : "del", diff --git a/servers/slapd/back-ldbm/modify.c b/servers/slapd/back-ldbm/modify.c index 7d4bb818a3..98dc91bb23 100644 --- a/servers/slapd/back-ldbm/modify.c +++ b/servers/slapd/back-ldbm/modify.c @@ -23,10 +23,7 @@ * Juan C. Gomez (gomez@engr.sgi.com) 05/18/99 */ int ldbm_modify_internal( - Backend *be, - Connection *conn, Operation *op, - const char *dn, Modifications *modlist, Entry *e, const char **text, @@ -41,13 +38,13 @@ int ldbm_modify_internal( Attribute *ap; #ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_modify_internal: %s\n", dn, 0, 0 ); + LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0 ); #else - Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal: %s\n", dn, 0, 0); + Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0); #endif - if ( !acl_check_modlist( be, conn, op, e, modlist )) { + if ( !acl_check_modlist( op, e, modlist )) { return LDAP_INSUFFICIENT_ACCESS; } @@ -179,7 +176,7 @@ int ldbm_modify_internal( } /* check if modified attribute was indexed */ - rc = index_is_indexed( be, mod->sm_desc ); + rc = index_is_indexed( op->o_bd, mod->sm_desc ); if ( rc == LDAP_SUCCESS ) { ap = attr_find( save_attrs, mod->sm_desc ); if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL; @@ -191,10 +188,10 @@ int ldbm_modify_internal( /* check that the entry still obeys the schema */ #ifndef LDAP_CACHING - rc = entry_schema_check( be, e, save_attrs, text, textbuf, textlen ); + rc = entry_schema_check( op->o_bd, e, save_attrs, text, textbuf, textlen ); #else /* LDAP_CACHING */ if ( !op->o_caching_on ) { - rc = entry_schema_check( be, e, save_attrs, + rc = entry_schema_check( op->o_bd, e, save_attrs, text, textbuf, textlen ); } else { rc = LDAP_SUCCESS; @@ -225,7 +222,7 @@ int ldbm_modify_internal( /* start with deleting the old index entries */ for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) { if ( ap->a_flags & SLAP_ATTR_IXDEL ) { - rc = index_values( be, ap->a_desc, + rc = index_values( op->o_bd, ap->a_desc, #ifdef SLAP_NVALUES ap->a_nvals, #else @@ -251,7 +248,7 @@ int ldbm_modify_internal( /* add the new index entries */ for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) { if ( ap->a_flags & SLAP_ATTR_IXADD ) { - rc = index_values( be, ap->a_desc, + rc = index_values( op->o_bd, ap->a_desc, #ifdef SLAP_NVALUES ap->a_nvals, #else @@ -290,20 +287,13 @@ exit: int ldbm_back_modify( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - Modifications *modlist -) + SlapReply *rs ) { - int rc; - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; Entry *matched; Entry *e; int manageDSAit = get_manageDSAit( op ); - const char *text = NULL; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; @@ -317,27 +307,24 @@ ldbm_back_modify( ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); /* acquire and lock entry */ - if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) { - char* matched_dn = NULL; - BerVarray refs; - + if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) { if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - if ( refs ) ber_bvarray_free( refs ); - free( matched_dn ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); return( -1 ); } @@ -350,48 +337,46 @@ ldbm_back_modify( { /* parent is a referral, don't allow add */ /* parent is an alias, don't allow add */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modify: entry (%s) is referral\n", ndn->bv_val, 0, 0 ); + "ldbm_back_modify: entry (%s) is referral\n", op->o_req_ndn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0, 0, 0 ); #endif + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - send_ldap_result( conn, op, LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); - - if ( refs ) ber_bvarray_free( refs ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); goto error_return; } /* Modify the entry */ - rc = ldbm_modify_internal( be, conn, op, ndn->bv_val, modlist, e, - &text, textbuf, textlen ); + rs->sr_err = ldbm_modify_internal( op, op->oq_modify.rs_modlist, e, + &rs->sr_text, textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { - if( rc != SLAPD_ABANDON ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( rs->sr_err != LDAP_SUCCESS ) { + if( rs->sr_err != SLAPD_ABANDON ) { + send_ldap_result( op, rs ); } goto error_return; } /* change the entry itself */ - if ( id2entry_add( be, e ) != 0 ) { - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "id2entry failure", NULL, NULL ); + if ( id2entry_add( op->o_bd, e ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "id2entry failure" ); goto error_return; } - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_SUCCESS, + NULL ); cache_return_entry_w( &li->li_cache, e ); ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); diff --git a/servers/slapd/back-ldbm/modrdn.c b/servers/slapd/back-ldbm/modrdn.c index 3995cc5178..8d8fb9818d 100644 --- a/servers/slapd/back-ldbm/modrdn.c +++ b/servers/slapd/back-ldbm/modrdn.c @@ -34,21 +34,12 @@ int ldbm_back_modrdn( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - struct berval *newrdn, - struct berval *nnewrdn, - int deleteoldrdn, - struct berval *newSuperior, - struct berval *nnewSuperior -) + SlapReply *rs ) { AttributeDescription *children = slap_schema.si_ad_children; AttributeDescription *entry = slap_schema.si_ad_entry; - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; struct berval p_dn, p_ndn; struct berval new_dn = { 0, NULL}, new_ndn = { 0, NULL }; Entry *e, *p = NULL; @@ -76,48 +67,45 @@ ldbm_back_modrdn( #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_modrdn: dn: %s newSuperior=%s\n", - dn->bv_len ? dn->bv_val : "NULL", - ( newSuperior && newSuperior->bv_len ) ? newSuperior->bv_val : "NULL",0 ); + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "NULL", + ( op->oq_modrdn.rs_newSup && op->oq_modrdn.rs_newSup->bv_len ) ? op->oq_modrdn.rs_newSup->bv_val : "NULL",0 ); #else Debug( LDAP_DEBUG_TRACE, "==>ldbm_back_modrdn: dn: %s newSuperior=%s\n", - dn->bv_len ? dn->bv_val : "NULL", - ( newSuperior && newSuperior->bv_len ) - ? newSuperior->bv_val : "NULL", 0 ); + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "NULL", + ( op->oq_modrdn.rs_newSup && op->oq_modrdn.rs_newSup->bv_len ) + ? op->oq_modrdn.rs_newSup->bv_val : "NULL", 0 ); #endif /* grab giant lock for writing */ ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); /* get entry with writer lock */ - if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) { - char* matched_dn = NULL; - BerVarray refs; - + if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) { if( matched != NULL ) { - matched_dn = strdup( matched->e_dn ); - refs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + rs->sr_matched = strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); } else { - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - if ( refs ) ber_bvarray_free( refs ); - free( matched_dn ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); return( -1 ); } /* check entry for "entry" acl */ - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, e, entry, NULL, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING @@ -130,8 +118,8 @@ ldbm_back_modrdn( 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, "no write access to entry", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + "no write access to entry" ); goto return_results; } @@ -139,8 +127,7 @@ ldbm_back_modrdn( if (!manageDSAit && is_entry_referral( e ) ) { /* parent is a referral, don't allow add */ /* parent is an alias, don't allow add */ - BerVarray refs = get_entry_referrals( be, - conn, op, e ); + rs->sr_ref = get_entry_referrals( op, e ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, @@ -150,14 +137,15 @@ ldbm_back_modrdn( 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_REFERRAL, - e->e_dn, NULL, refs, NULL ); + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); - if ( refs ) ber_bvarray_free( refs ); + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); goto return_results; } - if ( has_children( be, e ) ) { + if ( has_children( op->o_bd, e ) ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, "ldbm_back_modrdn: entry %s has children\n", e->e_dn, 0, 0 ); @@ -166,12 +154,12 @@ ldbm_back_modrdn( 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF, - NULL, "subtree rename not supported", NULL, NULL ); + send_ldap_error( op, rs, LDAP_NOT_ALLOWED_ON_NONLEAF, + "subtree rename not supported" ); goto return_results; } - if ( be_issuffix( be, &e->e_nname ) ) { + if ( be_issuffix( op->o_bd, &e->e_nname ) ) { p_ndn = slap_empty_bv ; } else { dnParent( &e->e_nname, &p_ndn ); @@ -182,7 +170,7 @@ ldbm_back_modrdn( * children. */ - if( (p = dn2entry_w( be, &p_ndn, NULL )) == NULL) { + if( (p = dn2entry_w( op->o_bd, &p_ndn, NULL )) == NULL) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, "ldbm_back_modrdn: parent of %s does not exist\n", @@ -192,14 +180,14 @@ ldbm_back_modrdn( 0, 0, 0); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "parent entry does not exist", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "parent entry does not exist" ); goto return_results; } /* check parent for "children" acl */ - if ( ! access_allowed( be, conn, op, p, + if ( ! access_allowed( op, p, children, NULL, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING @@ -211,8 +199,8 @@ ldbm_back_modrdn( 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + NULL ); goto return_results; } @@ -242,13 +230,13 @@ ldbm_back_modrdn( } else { /* no parent, must be root to modify rdn */ - isroot = be_isroot( be, &op->o_ndn ); + isroot = be_isroot( op->o_bd, &op->o_ndn ); if ( ! isroot ) { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) { int can_access; p = (Entry *)&slap_entry_root; - can_access = access_allowed( be, conn, op, p, + can_access = access_allowed( op, p, children, NULL, ACL_WRITE, NULL ); p = NULL; @@ -263,9 +251,9 @@ ldbm_back_modrdn( "access to parent\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + NULL ); goto return_results; } @@ -280,9 +268,9 @@ ldbm_back_modrdn( "not root\n", 0, 0, 0); #endif - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + NULL ); goto return_results; } } @@ -299,42 +287,42 @@ ldbm_back_modrdn( new_parent_dn = &p_dn; /* New Parent unless newSuperior given */ - if ( newSuperior != NULL ) { + if ( op->oq_modrdn.rs_newSup != NULL ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_back_modrdn: new parent \"%s\" requested\n", - newSuperior->bv_val, 0, 0 ); + op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: new parent \"%s\" requested...\n", - newSuperior->bv_val, 0, 0 ); + op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); #endif - np_ndn = nnewSuperior; + np_ndn = op->oq_modrdn.rs_nnewSup; /* newSuperior == oldParent? */ if ( dn_match( &p_ndn, np_ndn ) ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, "ldbm_back_modrdn: " "new parent\"%s\" seems to be the same as the " - "old parent \"%s\"\n", newSuperior->bv_val, p_dn.bv_val, 0 ); + "old parent \"%s\"\n", op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: " "new parent\"%s\" seems to be the same as the " "old parent \"%s\"\n", - newSuperior->bv_val, p_dn.bv_val, 0 ); + op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 ); #endif - newSuperior = NULL; /* ignore newSuperior */ + op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */ } } - if ( newSuperior != NULL ) { + if ( op->oq_modrdn.rs_newSup != NULL ) { /* newSuperior == entry being moved?, if so ==> ERROR */ /* Get Entry with dn=newSuperior. Does newSuperior exist? */ - if ( nnewSuperior->bv_len ) { - if( (np = dn2entry_w( be, np_ndn, NULL )) == NULL) { + if ( op->oq_modrdn.rs_nnewSup->bv_len ) { + if( (np = dn2entry_w( op->o_bd, np_ndn, NULL )) == NULL) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_modrdn: newSup(ndn=%s) not found.\n", @@ -345,8 +333,8 @@ ldbm_back_modrdn( np_ndn->bv_val, 0, 0); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "newSuperior not found", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "newSuperior not found" ); goto return_results; } @@ -361,7 +349,7 @@ ldbm_back_modrdn( #endif /* check newSuperior for "children" acl */ - if ( !access_allowed( be, conn, op, np, children, NULL, + if ( !access_allowed( op, np, children, NULL, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING @@ -373,8 +361,7 @@ ldbm_back_modrdn( 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); goto return_results; } @@ -388,8 +375,8 @@ ldbm_back_modrdn( #endif - send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, - NULL, "newSuperior is an alias", NULL, NULL ); + send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM, + "newSuperior is an alias" ); goto return_results; } @@ -405,8 +392,8 @@ ldbm_back_modrdn( np->e_dn, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "newSuperior is a referral", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "newSuperior is a referral" ); goto return_results; } @@ -415,15 +402,15 @@ ldbm_back_modrdn( /* no parent, must be root to modify newSuperior */ if ( isroot == -1 ) { - isroot = be_isroot( be, &op->o_ndn ); + isroot = be_isroot( op->o_bd, &op->o_ndn ); } if ( ! isroot ) { - if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) { int can_access; np = (Entry *)&slap_entry_root; - can_access = access_allowed( be, conn, op, np, + can_access = access_allowed( op, np, children, NULL, ACL_WRITE, NULL ); np = NULL; @@ -439,9 +426,9 @@ ldbm_back_modrdn( "access to new superior\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + NULL ); goto return_results; } @@ -457,9 +444,9 @@ ldbm_back_modrdn( 0, 0, 0); #endif - send_ldap_result( conn, op, + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + NULL ); goto return_results; } } @@ -474,11 +461,11 @@ ldbm_back_modrdn( 0, 0, 0 ); #endif - new_parent_dn = newSuperior; + new_parent_dn = op->oq_modrdn.rs_newSup; } /* Build target dn and make sure target entry doesn't exist already. */ - build_new_dn( &new_dn, new_parent_dn, newrdn ); + build_new_dn( &new_dn, new_parent_dn, &op->oq_modrdn.rs_newrdn ); dnNormalize2( NULL, &new_dn, &new_ndn ); #ifdef NEW_LOGGING @@ -494,11 +481,10 @@ ldbm_back_modrdn( goto return_results; } - if ( ( rc_id = dn2id ( be, &new_ndn, &id ) ) || id != NOID ) { + if ( ( rc_id = dn2id ( op->o_bd, &new_ndn, &id ) ) || id != NOID ) { /* if (rc_id) something bad happened to ldbm cache */ - send_ldap_result( conn, op, - rc_id ? LDAP_OTHER : LDAP_ALREADY_EXISTS, - NULL, NULL, NULL, NULL ); + rs->sr_err = rc_id ? LDAP_OTHER : LDAP_ALREADY_EXISTS; + send_ldap_result( op, rs ); goto return_results; } @@ -514,7 +500,7 @@ ldbm_back_modrdn( /* Get attribute type and attribute value of our new rdn, we will * need to add that to our new entry */ - if ( ldap_bv2rdn( newrdn, &new_rdn, (char **)&text, + if ( ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn, (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP ) ) { #ifdef NEW_LOGGING @@ -545,8 +531,8 @@ ldbm_back_modrdn( new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); #endif - if ( deleteoldrdn ) { - if ( ldap_bv2rdn( dn, &old_rdn, (char **)&text, + if ( op->oq_modrdn.rs_deleteoldrdn ) { + if ( ldap_bv2rdn( &op->o_req_dn, &old_rdn, (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP ) ) { #ifdef NEW_LOGGING @@ -571,8 +557,7 @@ ldbm_back_modrdn( 0, 0, 0 ); #endif - if ( slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn, - deleteoldrdn, &mod ) != LDAP_SUCCESS ) { + if ( slap_modrdn2mods( op, rs, e, old_rdn, new_rdn, &mod ) != LDAP_SUCCESS ) { goto return_results; } @@ -583,9 +568,9 @@ ldbm_back_modrdn( } /* delete old one */ - if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) { - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "DN index delete fail", NULL, NULL ); + if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "DN index delete fail" ); goto return_results; } @@ -606,27 +591,28 @@ ldbm_back_modrdn( */ /* add new one */ - if ( dn2id_add( be, &e->e_nname, e->e_id ) != 0 ) { - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "DN index add failed", NULL, NULL ); + if ( dn2id_add( op->o_bd, &e->e_nname, e->e_id ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "DN index add failed" ); goto return_results; } /* modify memory copy of entry */ - rc_id = ldbm_modify_internal( be, conn, op, dn->bv_val, &mod[0], e, - &text, textbuf, textlen ); + rc_id = ldbm_modify_internal( op, &mod[0], e, + &rs->sr_text, textbuf, textlen ); switch ( rc_id ) { case LDAP_SUCCESS: break; case SLAPD_ABANDON: /* too late ... */ - send_ldap_result( conn, op, rc_id, NULL, text, NULL, NULL ); + rs->sr_err = rc_id; + send_ldap_result( op, rs ); goto return_results; default: /* here we may try to delete the newly added dn */ - if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) { + if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) { /* we already are in trouble ... */ ; } @@ -636,14 +622,14 @@ ldbm_back_modrdn( (void) cache_update_entry( &li->li_cache, e ); /* id2entry index */ - if ( id2entry_add( be, e ) != 0 ) { - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "entry update failed", NULL, NULL ); + if ( id2entry_add( op->o_bd, e ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "entry update failed" ); goto return_results; } - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_SUCCESS; + send_ldap_result( op, rs ); rc = 0; cache_entry_commit( e ); diff --git a/servers/slapd/back-ldbm/operational.c b/servers/slapd/back-ldbm/operational.c index 1671e9c8c9..4bd743be5a 100644 --- a/servers/slapd/back-ldbm/operational.c +++ b/servers/slapd/back-ldbm/operational.c @@ -21,13 +21,11 @@ */ int ldbm_back_hasSubordinates( - BackendDB *be, - Connection *conn, Operation *op, Entry *e, int *hasSubordinates ) { - if ( has_children( be, e ) ) { + if ( has_children( op->o_bd, e ) ) { *hasSubordinates = LDAP_COMPARE_TRUE; } else { @@ -42,22 +40,19 @@ ldbm_back_hasSubordinates( */ int ldbm_back_operational( - BackendDB *be, - Connection *conn, Operation *op, - Entry *e, - AttributeName *attrs, + SlapReply *rs, int opattrs, Attribute **a ) { Attribute **aa = a; - assert( e ); + assert( rs->sr_entry ); - if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, attrs ) ) { + if ( opattrs || ad_inlist( slap_schema.si_ad_hasSubordinates, rs->sr_attrs ) ) { int hs; - hs = has_children( be, e ); + hs = has_children( op->o_bd, rs->sr_entry ); *aa = slap_operational_hasSubordinate( hs ); if ( *aa != NULL ) { aa = &(*aa)->a_next; diff --git a/servers/slapd/back-ldbm/passwd.c b/servers/slapd/back-ldbm/passwd.c index 05fc2abec8..ef5d4406e5 100644 --- a/servers/slapd/back-ldbm/passwd.c +++ b/servers/slapd/back-ldbm/passwd.c @@ -19,19 +19,10 @@ int ldbm_back_exop_passwd( - Backend *be, - Connection *conn, - Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char **text, - BerVarray *refs -) + Operation *op, + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; int rc; Entry *e = NULL; struct berval hash = { 0, NULL }; @@ -42,11 +33,10 @@ ldbm_back_exop_passwd( struct berval dn = { 0, NULL }; struct berval ndn = { 0, NULL }; - assert( reqoid != NULL ); - assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 ); + assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 ); - rc = slap_passwd_parse( reqdata, - &id, NULL, &new, text ); + rc = slap_passwd_parse( op->oq_extended.rs_reqdata, + &id, NULL, &new, &rs->sr_text ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ENTRY, @@ -65,18 +55,18 @@ ldbm_back_exop_passwd( slap_passwd_generate(&new); if( new.bv_len == 0 ) { - *text = "password generation failed."; + rs->sr_text = "password generation failed."; rc = LDAP_OTHER; goto done; } - *rspdata = slap_passwd_return( &new ); + rs->sr_rspdata = slap_passwd_return( &new ); } slap_passwd_hash( &new, &hash ); if( hash.bv_len == 0 ) { - *text = "password hash failed"; + rs->sr_text = "password hash failed"; rc = LDAP_OTHER; goto done; } @@ -97,31 +87,31 @@ ldbm_back_exop_passwd( #endif if( dn.bv_len == 0 ) { - *text = "No password is associated with the Root DSE"; + rs->sr_text = "No password is associated with the Root DSE"; rc = LDAP_UNWILLING_TO_PERFORM; goto done; } rc = dnNormalize2( NULL, &dn, &ndn ); if( rc != LDAP_SUCCESS ) { - *text = "Invalid DN"; + rs->sr_text = "Invalid DN"; goto done; } /* grab giant lock for writing */ ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); - e = dn2entry_w( be, &ndn, NULL ); + e = dn2entry_w( op->o_bd, &ndn, NULL ); if( e == NULL ) { ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); - *text = "could not locate authorization entry"; + rs->sr_text = "could not locate authorization entry"; rc = LDAP_NO_SUCH_OBJECT; goto done; } if( is_entry_alias( e ) ) { /* entry is an alias, don't allow operation */ - *text = "authorization entry is alias"; + rs->sr_text = "authorization entry is alias"; rc = LDAP_ALIAS_PROBLEM; goto done; } @@ -130,7 +120,7 @@ ldbm_back_exop_passwd( if( is_entry_referral( e ) ) { /* entry is an referral, don't allow operation */ - *text = "authorization entry is referral"; + rs->sr_text = "authorization entry is referral"; goto done; } @@ -150,30 +140,30 @@ ldbm_back_exop_passwd( ml.sml_op = LDAP_MOD_REPLACE; ml.sml_next = NULL; - rc = ldbm_modify_internal( be, - conn, op, op->o_ndn.bv_val, &ml, e, text, textbuf, + rc = ldbm_modify_internal( op, + &ml, e, &rs->sr_text, textbuf, sizeof( textbuf ) ); /* FIXME: ldbm_modify_internal may set *text = textbuf, * which is BAD */ - if ( *text == textbuf ) { - *text = NULL; + if ( rs->sr_text == textbuf ) { + rs->sr_text = NULL; } if( rc ) { /* cannot return textbuf */ - *text = "entry modify failed"; + rs->sr_text = "entry modify failed"; goto done; } /* change the entry itself */ - if( id2entry_add( be, e ) != 0 ) { - *text = "entry update failed"; + if( id2entry_add( op->o_bd, e ) != 0 ) { + rs->sr_text = "entry update failed"; rc = LDAP_OTHER; } if( rc == LDAP_SUCCESS ) { - replog( be, op, &e->e_name, &e->e_nname, &ml ); + replog( op ); } } diff --git a/servers/slapd/back-ldbm/proto-back-ldbm.h b/servers/slapd/back-ldbm/proto-back-ldbm.h index de1709ad36..1057130810 100644 --- a/servers/slapd/back-ldbm/proto-back-ldbm.h +++ b/servers/slapd/back-ldbm/proto-back-ldbm.h @@ -93,10 +93,7 @@ Entry * dn2entry_rw LDAP_P(( Backend *be, struct berval *dn, Entry **matched, in /* * entry.c */ -int ldbm_back_entry_release_rw LDAP_P(( Backend *be, - Connection *conn, Operation *op, - Entry *e, int rw )); - +BI_entry_release_rw ldbm_back_entry_release_rw; BI_entry_get_rw ldbm_back_entry_get; /* @@ -166,9 +163,9 @@ index_values LDAP_P(( ID id, int op )); -int index_entry LDAP_P(( Backend *be, int r, Entry *e, Attribute *ap )); -#define index_entry_add(be,e,ap) index_entry((be),SLAP_INDEX_ADD_OP,(e),(ap)) -#define index_entry_del(be,e,ap) index_entry((be),SLAP_INDEX_DELETE_OP,(e),(ap)) +int index_entry LDAP_P(( Backend *be, int r, Entry *e )); +#define index_entry_add(be,e) index_entry((be),SLAP_INDEX_ADD_OP,(e)) +#define index_entry_del(be,e) index_entry((be),SLAP_INDEX_DELETE_OP,(e)) /* @@ -206,9 +203,8 @@ extern BI_op_extended ldbm_back_exop_passwd; */ /* returns LDAP error code indicating error OR SLAPD_ABANDON */ -int ldbm_modify_internal LDAP_P((Backend *be, - Connection *conn, Operation *op, - const char *dn, Modifications *mods, Entry *e, +int ldbm_modify_internal LDAP_P(( Operation *op, + Modifications *mods, Entry *e, const char **text, char *textbuf, size_t textlen )); /* diff --git a/servers/slapd/back-ldbm/referral.c b/servers/slapd/back-ldbm/referral.c index 8c988814c2..6aedb91e5f 100644 --- a/servers/slapd/back-ldbm/referral.c +++ b/servers/slapd/back-ldbm/referral.c @@ -17,105 +17,97 @@ int ldbm_back_referrals( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - const char **text ) + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; - int rc = LDAP_SUCCESS; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; Entry *e, *matched; if( op->o_tag == LDAP_REQ_SEARCH ) { /* let search take care of itself */ - return rc; + return LDAP_SUCCESS; } if( get_manageDSAit( op ) ) { /* let op take care of DSA management */ - return rc; + return LDAP_SUCCESS; } /* grab giant lock for reading */ ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock); /* get entry with reader lock */ - e = dn2entry_r( be, ndn, &matched ); + e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched ); if ( e == NULL ) { - char *matched_dn = NULL; - BerVarray refs = NULL; - if ( matched != NULL ) { - matched_dn = ch_strdup( matched->e_dn ); + rs->sr_matched = ch_strdup( matched->e_dn ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_back_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - op->o_tag, dn->bv_val, matched_dn ); + op->o_tag, op->o_req_dn.bv_val, rs->sr_matched ); #else Debug( LDAP_DEBUG_TRACE, "ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - op->o_tag, dn->bv_val, matched_dn ); + op->o_tag, op->o_req_dn.bv_val, rs->sr_matched ); #endif if( is_entry_referral( matched ) ) { - rc = LDAP_OTHER; - refs = get_entry_referrals( be, conn, op, matched ); + rs->sr_err = LDAP_OTHER; + rs->sr_ref = get_entry_referrals( op, matched ); } cache_return_entry_r( &li->li_cache, matched ); } else if ( default_referral != NULL ) { - rc = LDAP_OTHER; - refs = referral_rewrite( default_referral, - NULL, dn, LDAP_SCOPE_DEFAULT ); + rs->sr_err = LDAP_OTHER; + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); - if( refs != NULL ) { + if( rs->sr_ref != NULL ) { /* send referrals */ - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - matched_dn, NULL, refs, NULL ); - ber_bvarray_free( refs ); - - } else if ( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, matched_dn, - matched_dn ? "bad referral object" : "bad default referral", - NULL, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + ber_bvarray_free( rs->sr_ref ); + + } else if ( rs->sr_err != LDAP_SUCCESS ) { + rs->sr_text = rs->sr_matched ? "bad referral object" : "bad default referral"; + send_ldap_result( op, rs ); } - if ( matched_dn ) free( matched_dn ); - return rc; + if ( rs->sr_matched ) free( (char *)rs->sr_matched ); + return rs->sr_err; } if ( is_entry_referral( e ) ) { /* entry is a referral */ - BerVarray refs = get_entry_referrals( be, conn, op, e ); - BerVarray rrefs = referral_rewrite( - refs, &e->e_name, dn, LDAP_SCOPE_DEFAULT ); + BerVarray refs = get_entry_referrals( op, e ); + rs->sr_ref = referral_rewrite( + refs, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - op->o_tag, dn->bv_val, e->e_dn ); + op->o_tag, op->o_req_dn.bv_val, e->e_dn ); #else Debug( LDAP_DEBUG_TRACE, "ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", - op->o_tag, dn->bv_val, e->e_dn ); + op->o_tag, op->o_req_dn.bv_val, e->e_dn ); #endif - if( rrefs != NULL ) { - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - e->e_dn, NULL, rrefs, NULL ); + rs->sr_matched = e->e_name.bv_val; + if( rs->sr_ref != NULL ) { + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( rrefs ); + ber_bvarray_free( rs->sr_ref ); } else { - send_ldap_result( conn, op, rc = LDAP_OTHER, e->e_dn, - "bad referral object", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "bad referral object" ); } if( refs != NULL ) ber_bvarray_free( refs ); @@ -124,5 +116,5 @@ ldbm_back_referrals( cache_return_entry_r( &li->li_cache, e ); ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); - return rc; + return rs->sr_err; } diff --git a/servers/slapd/back-ldbm/search.c b/servers/slapd/back-ldbm/search.c index 8a1a2604ae..83f2a53257 100644 --- a/servers/slapd/back-ldbm/search.c +++ b/servers/slapd/back-ldbm/search.c @@ -26,33 +26,21 @@ static ID_BLOCK *search_candidates( int ldbm_back_search( - Backend *be, - Connection *conn, Operation *op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int slimit, - int tlimit, - Filter *filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly ) + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; int rc, err; const char *text = NULL; time_t stoptime; ID_BLOCK *candidates; ID id, cursor; Entry *e; - BerVarray v2refs = NULL; Entry *matched = NULL; struct berval realbase = { 0, NULL }; - int nentries = 0; int manageDSAit = get_manageDSAit( op ); int cscope = LDAP_SCOPE_DEFAULT; + int nentries = 0; #ifdef LDAP_CACHING Entry cache_base_entry; @@ -71,7 +59,7 @@ ldbm_back_search( ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock); #ifndef LDAP_CACHING - if ( nbase->bv_len == 0 ) { + if ( op->o_req_ndn.bv_len == 0 ) { /* DIT root special case */ e = (Entry *) &slap_entry_root; @@ -79,16 +67,16 @@ ldbm_back_search( ber_dupbv( &realbase, &e->e_nname ); #else /* LDAP_CACHING */ - if ( op->o_caching_on || nbase->bv_len == 0 ) { - if (nbase->bv_len == 0) { + if ( op->o_caching_on || op->o_req_ndn.bv_len == 0 ) { + if (op->o_req_ndn.bv_len == 0) { e = (Entry *) &slap_entry_root; /* need normalized dn below */ ber_dupbv( &realbase, &e->e_nname ); } else { if ((scope == LDAP_SCOPE_BASE) - && (e = dn2entry_r( be, nbase, &matched ))) + && (e = dn2entry_r( op->o_bd, &op->o_req_ndn &matched ))) { - candidates = base_candidate(be,e); + candidates = base_candidate(op->o_bd,e); cache_return_entry_r( &li->li_cache, e ); goto searchit; } @@ -97,57 +85,56 @@ ldbm_back_search( } #endif /* LDAP_CACHING */ - candidates = search_candidates( be, e, filter, - scope, deref, + candidates = search_candidates( op->o_bd, e, op->oq_search.rs_filter, + op->oq_search.rs_scope, op->oq_search.rs_deref, manageDSAit || get_domainScope(op) ); goto searchit; - } else if ( deref & LDAP_DEREF_FINDING ) { + } else if ( op->oq_search.rs_deref & LDAP_DEREF_FINDING ) { /* deref dn and get entry with reader lock */ - e = deref_dn_r( be, nbase, &err, &matched, &text ); + e = deref_dn_r( op->o_bd, &op->o_req_ndn, &rs->sr_err, &matched, &rs->sr_text ); - if( err == LDAP_NO_SUCH_OBJECT ) err = LDAP_REFERRAL; + if( rs->sr_err == LDAP_NO_SUCH_OBJECT ) rs->sr_err = LDAP_REFERRAL; } else { /* get entry with reader lock */ - e = dn2entry_r( be, nbase, &matched ); - err = e != NULL ? LDAP_SUCCESS : LDAP_REFERRAL; - text = NULL; + e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched ); + rs->sr_err = e != NULL ? LDAP_SUCCESS : LDAP_REFERRAL; + rs->sr_text = NULL; } if ( e == NULL ) { struct berval matched_dn = { 0, NULL }; - BerVarray refs = NULL; if ( matched != NULL ) { BerVarray erefs; ber_dupbv( &matched_dn, &matched->e_name ); erefs = is_entry_referral( matched ) - ? get_entry_referrals( be, conn, op, matched ) + ? get_entry_referrals( op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); if( erefs ) { - refs = referral_rewrite( erefs, &matched_dn, - base, scope ); + rs->sr_ref = referral_rewrite( erefs, &matched_dn, + &op->o_req_dn, op->oq_search.rs_scope ); ber_bvarray_free( erefs ); } } else { - refs = referral_rewrite( default_referral, - NULL, base, scope ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, op->oq_search.rs_scope ); } ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); - send_ldap_result( conn, op, err, matched_dn.bv_val, - text, refs, NULL ); + rs->sr_matched = matched_dn.bv_val; + send_ldap_result( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); ber_memfree( matched_dn.bv_val ); return 1; } @@ -156,11 +143,10 @@ ldbm_back_search( /* entry is a referral, don't allow add */ struct berval matched_dn; BerVarray erefs; - BerVarray refs; ber_dupbv( &matched_dn, &e->e_name ); - erefs = get_entry_referrals( be, conn, op, e ); - refs = NULL; + erefs = get_entry_referrals( op, e ); + rs->sr_ref = NULL; cache_return_entry_r( &li->li_cache, e ); ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); @@ -176,21 +162,21 @@ ldbm_back_search( #endif if( erefs ) { - refs = referral_rewrite( erefs, &matched_dn, - base, scope ); + rs->sr_ref = referral_rewrite( erefs, &matched_dn, + &op->o_req_dn, op->oq_search.rs_scope ); ber_bvarray_free( erefs ); } - if( refs ) { - send_ldap_result( conn, op, LDAP_REFERRAL, - matched_dn.bv_val, NULL, refs, NULL ); - ber_bvarray_free( refs ); + rs->sr_matched = matched_dn.bv_val; + if( rs->sr_ref ) { + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + ber_bvarray_free( rs->sr_ref ); } else { - send_ldap_result( conn, op, LDAP_OTHER, - matched_dn.bv_val, - "bad referral object", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "bad referral object" ); } ber_memfree( matched_dn.bv_val ); @@ -199,18 +185,18 @@ ldbm_back_search( if ( is_entry_alias( e ) ) { /* don't deref */ - deref = LDAP_DEREF_NEVER; + op->oq_search.rs_deref = LDAP_DEREF_NEVER; } - if ( scope == LDAP_SCOPE_BASE ) { + if ( op->oq_search.rs_scope == LDAP_SCOPE_BASE ) { cscope = LDAP_SCOPE_BASE; - candidates = base_candidate( be, e ); + candidates = base_candidate( op->o_bd, e ); } else { - cscope = ( scope != LDAP_SCOPE_SUBTREE ) + cscope = ( op->oq_search.rs_scope != LDAP_SCOPE_SUBTREE ) ? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE; - candidates = search_candidates( be, e, filter, - scope, deref, manageDSAit ); + candidates = search_candidates( op->o_bd, e, op->oq_search.rs_filter, + op->oq_search.rs_scope, op->oq_search.rs_deref, manageDSAit ); } /* need normalized dn below */ @@ -234,9 +220,8 @@ searchit: } #endif /* LDAP_CACHING */ - send_search_result( conn, op, - LDAP_SUCCESS, - NULL, NULL, NULL, NULL, 0 ); + rs->sr_err = LDAP_SUCCESS; + send_search_result( op, rs ); #ifdef LDAP_CACHING if ( op->o_caching_on ) { @@ -250,9 +235,9 @@ searchit: /* if not root, get appropriate limits */ #ifndef LDAP_CACHING - if ( be_isroot( be, &op->o_ndn ) ) + if ( be_isroot( op->o_bd, &op->o_ndn ) ) #else /* LDAP_CACHING */ - if ( op->o_caching_on || be_isroot( be, &op->o_ndn ) ) + if ( op->o_caching_on || be_isroot( op->o_bd, &op->o_ndn ) ) #endif /* LDAP_CACHING */ { /* @@ -261,14 +246,14 @@ searchit: */ isroot = 1; } else { - ( void ) get_limits( be, &op->o_ndn, &limit ); + ( void ) get_limits( op->o_bd, &op->o_ndn, &limit ); } /* if candidates exceed to-be-checked entries, abort */ if ( !isroot && limit->lms_s_unchecked != -1 ) { if ( ID_BLOCK_NIDS( candidates ) > (unsigned) limit->lms_s_unchecked ) { - send_search_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL, 0 ); + send_ldap_error( op, rs, LDAP_ADMINLIMIT_EXCEEDED, + NULL ); rc = 0; goto done; } @@ -276,32 +261,32 @@ searchit: /* if root an no specific limit is required, allow unlimited search */ if ( isroot ) { - if ( tlimit == 0 ) { - tlimit = -1; + if ( op->oq_search.rs_tlimit == 0 ) { + op->oq_search.rs_tlimit = -1; } - if ( slimit == 0 ) { - slimit = -1; + if ( op->oq_search.rs_slimit == 0 ) { + op->oq_search.rs_slimit = -1; } } else { /* if no limit is required, use soft limit */ - if ( tlimit <= 0 ) { - tlimit = limit->lms_t_soft; + if ( op->oq_search.rs_tlimit <= 0 ) { + op->oq_search.rs_tlimit = limit->lms_t_soft; /* if requested limit higher than hard limit, abort */ - } else if ( tlimit > limit->lms_t_hard ) { + } else if ( op->oq_search.rs_tlimit > limit->lms_t_hard ) { /* no hard limit means use soft instead */ if ( limit->lms_t_hard == 0 && limit->lms_t_soft > -1 - && tlimit > limit->lms_t_soft ) { - tlimit = limit->lms_t_soft; + && op->oq_search.rs_tlimit > limit->lms_t_soft ) { + op->oq_search.rs_tlimit = limit->lms_t_soft; /* positive hard limit means abort */ } else if ( limit->lms_t_hard > 0 ) { - send_search_result( conn, op, + send_ldap_error( op, rs, LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL, 0 ); + NULL ); rc = 0; goto done; } @@ -310,22 +295,22 @@ searchit: } /* if no limit is required, use soft limit */ - if ( slimit <= 0 ) { - slimit = limit->lms_s_soft; + if ( op->oq_search.rs_slimit <= 0 ) { + op->oq_search.rs_slimit = limit->lms_s_soft; /* if requested limit higher than hard limit, abort */ - } else if ( slimit > limit->lms_s_hard ) { + } else if ( op->oq_search.rs_slimit > limit->lms_s_hard ) { /* no hard limit means use soft instead */ if ( limit->lms_s_hard == 0 && limit->lms_s_soft > -1 - && slimit > limit->lms_s_soft ) { - slimit = limit->lms_s_soft; + && op->oq_search.rs_slimit > limit->lms_s_soft ) { + op->oq_search.rs_slimit = limit->lms_s_soft; /* positive hard limit means abort */ } else if ( limit->lms_s_hard > 0 ) { - send_search_result( conn, op, + send_ldap_error( op, rs, LDAP_ADMINLIMIT_EXCEEDED, - NULL, NULL, NULL, NULL, 0 ); + NULL ); rc = 0; goto done; } @@ -335,7 +320,8 @@ searchit: } /* compute it anyway; root does not use it */ - stoptime = op->o_time + tlimit; + stoptime = op->o_time + op->oq_search.rs_tlimit; + rs->sr_attrs = op->oq_search.rs_attrs; for ( id = idl_firstid( candidates, &cursor ); id != NOID; id = idl_nextid( candidates, &cursor ) ) @@ -350,15 +336,16 @@ searchit: } /* check time limit */ - if ( tlimit != -1 && slap_get_time() > stoptime ) { - send_search_result( conn, op, LDAP_TIMELIMIT_EXCEEDED, - NULL, NULL, v2refs, NULL, nentries ); + if ( op->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) { + rs->sr_err = LDAP_TIMELIMIT_EXCEEDED; + rs->sr_nentries = nentries; + send_search_result( op, rs ); rc = 0; goto done; } /* get the entry with reader lock */ - e = id2entry_r( be, id ); + e = id2entry_r( op->o_bd, id ); if ( e == NULL ) { #ifdef NEW_LOGGING @@ -373,16 +360,17 @@ searchit: goto loop_continue; } + rs->sr_entry = e; #ifdef LDAP_CACHING if ( !op->o_caching_on ) { #endif /* LDAP_CACHING */ - if ( deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) { + if ( op->oq_search.rs_deref & LDAP_DEREF_SEARCHING && is_entry_alias( e ) ) { Entry *matched; int err; const char *text; - e = deref_entry_r( be, e, &err, &matched, &text ); + e = deref_entry_r( op->o_bd, e, &err, &matched, &text ); if( e == NULL ) { e = matched; @@ -395,7 +383,7 @@ searchit: } /* need to skip alias which deref into scope */ - if( scope & LDAP_SCOPE_ONELEVEL ) { + if( op->oq_search.rs_scope & LDAP_SCOPE_ONELEVEL ) { struct berval pdn; dnParent( &e->e_nname, &pdn ); if ( ber_bvcmp( &pdn, &realbase ) ) { @@ -416,6 +404,8 @@ searchit: goto loop_continue; } + rs->sr_entry = e; + scopeok = 1; } @@ -424,21 +414,21 @@ searchit: * this for non-base searches, and don't check the filter * explicitly here since it's only a candidate anyway. */ - if ( !manageDSAit && scope != LDAP_SCOPE_BASE && + if ( !manageDSAit && op->oq_search.rs_scope != LDAP_SCOPE_BASE && is_entry_referral( e ) ) { struct berval dn; /* check scope */ - if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) { - if ( !be_issuffix( be, &e->e_nname ) ) { + if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) { + if ( !be_issuffix( op->o_bd, &e->e_nname ) ) { dnParent( &e->e_nname, &dn ); scopeok = dn_match( &dn, &realbase ); } else { scopeok = (realbase.bv_len == 0); } - } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) { + } else if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) { scopeok = dnIsSuffix( &e->e_nname, &realbase ); } else { @@ -446,18 +436,17 @@ searchit: } if( scopeok ) { - BerVarray erefs = get_entry_referrals( - be, conn, op, e ); - BerVarray refs = referral_rewrite( erefs, + BerVarray erefs = get_entry_referrals( op, e ); + rs->sr_ref = referral_rewrite( erefs, &e->e_name, NULL, - scope == LDAP_SCOPE_SUBTREE + op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE ); - send_search_reference( be, conn, op, - e, refs, NULL, &v2refs ); + send_search_reference( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; } else { #ifdef NEW_LOGGING @@ -479,21 +468,21 @@ searchit: #endif /* LDAP_CACHING */ /* if it matches the filter and scope, send it */ - result = test_filter( be, conn, op, e, filter ); + result = test_filter( op, e, op->oq_search.rs_filter ); if ( result == LDAP_COMPARE_TRUE ) { struct berval dn; /* check scope */ - if ( !scopeok && scope == LDAP_SCOPE_ONELEVEL ) { - if ( !be_issuffix( be, &e->e_nname ) ) { + if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) { + if ( !be_issuffix( op->o_bd, &e->e_nname ) ) { dnParent( &e->e_nname, &dn ); scopeok = dn_match( &dn, &realbase ); } else { scopeok = (realbase.bv_len == 0); } - } else if ( !scopeok && scope == LDAP_SCOPE_SUBTREE ) { + } else if ( !scopeok && op->oq_search.rs_scope == LDAP_SCOPE_SUBTREE ) { scopeok = dnIsSuffix( &e->e_nname, &realbase ); } else { @@ -502,11 +491,11 @@ searchit: if ( scopeok ) { /* check size limit */ - if ( --slimit == -1 ) { + if ( --op->oq_search.rs_slimit == -1 ) { cache_return_entry_r( &li->li_cache, e ); - send_search_result( conn, op, - LDAP_SIZELIMIT_EXCEEDED, NULL, NULL, - v2refs, NULL, nentries ); + rs->sr_err = LDAP_SIZELIMIT_EXCEEDED; + rs->sr_nentries = nentries; + send_search_result( op, rs ); rc = 0; goto done; } @@ -520,8 +509,7 @@ searchit: } #endif /* LDAP_CACHING */ - result = send_search_entry(be, conn, op, - e, attrs, attrsonly, NULL); + result = send_search_entry( op, rs ); #ifdef LDAP_CACHING if ( op->o_caching_on ) { @@ -581,9 +569,10 @@ loop_continue: ldap_pvt_thread_yield(); } - send_search_result( conn, op, - v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL, - NULL, NULL, v2refs, NULL, nentries ); + rs->sr_err = rs->sr_v2ref ? LDAP_REFERRAL : LDAP_SUCCESS; + rs->sr_ref = rs->sr_v2ref; + rs->sr_nentries = nentries; + send_search_result( op, rs ); rc = 0; @@ -593,7 +582,7 @@ done: if( candidates != NULL ) idl_free( candidates ); - if( v2refs ) ber_bvarray_free( v2refs ); + if( rs->sr_v2ref ) ber_bvarray_free( rs->sr_v2ref ); if( realbase.bv_val ) free( realbase.bv_val ); return rc; diff --git a/servers/slapd/back-ldbm/tools.c b/servers/slapd/back-ldbm/tools.c index e8a2967e84..3b253abee6 100644 --- a/servers/slapd/back-ldbm/tools.c +++ b/servers/slapd/back-ldbm/tools.c @@ -216,7 +216,7 @@ ID ldbm_tool_entry_put( return NOID; } - rc = index_entry_add( be, e, e->e_attrs ); + rc = index_entry_add( be, e ); if( rc != 0 ) { strncpy( text->bv_val, "index add failed", text->bv_len ); return NOID; @@ -302,7 +302,7 @@ int ldbm_tool_entry_reindex( #endif dn2id_add( be, &e->e_nname, e->e_id ); - rc = index_entry_add( be, e, e->e_attrs ); + rc = index_entry_add( be, e ); entry_free( e ); diff --git a/servers/slapd/back-passwd/search.c b/servers/slapd/back-passwd/search.c index e9b6cd7546..2f3266378e 100644 --- a/servers/slapd/back-passwd/search.c +++ b/servers/slapd/back-passwd/search.c @@ -25,20 +25,8 @@ static Entry *pw2entry( int passwd_back_search( - Backend *be, - Connection *conn, Operation *op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int slimit, - int tlimit, - Filter *filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly -) + SlapReply *rs ) { struct passwd *pw; Entry *e; @@ -46,53 +34,50 @@ passwd_back_search( time_t stoptime; int sent = 0; - int err = LDAP_SUCCESS; LDAPRDN *rdn = NULL; struct berval parent = { 0, NULL }; - char *matched = NULL; - const char *text = NULL; AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass; - tlimit = (tlimit > be->be_timelimit || tlimit < 1) ? be->be_timelimit - : tlimit; - stoptime = op->o_time + tlimit; - slimit = (slimit > be->be_sizelimit || slimit < 1) ? be->be_sizelimit - : slimit; + op->oq_search.rs_tlimit = (op->oq_search.rs_tlimit > op->o_bd->be_timelimit || op->oq_search.rs_tlimit < 1) ? op->o_bd->be_timelimit + : op->oq_search.rs_tlimit; + stoptime = op->o_time + op->oq_search.rs_tlimit; + op->oq_search.rs_slimit = (op->oq_search.rs_slimit > op->o_bd->be_sizelimit || op->oq_search.rs_slimit < 1) ? op->o_bd->be_sizelimit + : op->oq_search.rs_slimit; /* Handle a query for the base of this backend */ - if ( be_issuffix( be, nbase ) ) { + if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) { struct berval vals[2]; vals[1].bv_val = NULL; - matched = (char *) base; + rs->sr_matched = op->o_req_dn.bv_val; - if( scope != LDAP_SCOPE_ONELEVEL ) { + if( op->oq_search.rs_scope != LDAP_SCOPE_ONELEVEL ) { AttributeDescription *desc = NULL; /* Create an entry corresponding to the base DN */ e = (Entry *) ch_calloc(1, sizeof(Entry)); - e->e_name.bv_val = ch_strdup( base->bv_val ); - e->e_name.bv_len = base->bv_len; - e->e_nname.bv_val = ch_strdup( nbase->bv_val ); - e->e_nname.bv_len = nbase->bv_len; + e->e_name.bv_val = ch_strdup( op->o_req_dn.bv_val ); + e->e_name.bv_len = op->o_req_dn.bv_len; + e->e_nname.bv_val = ch_strdup( op->o_req_ndn.bv_val ); + e->e_nname.bv_len = op->o_req_ndn.bv_len; e->e_attrs = NULL; e->e_private = NULL; /* Use the first attribute of the DN * as an attribute within the entry itself. */ - if( ldap_bv2rdn( base, &rdn, (char **)&text, + if( ldap_bv2rdn( &op->o_req_dn, &rdn, (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP ) ) { - err = LDAP_INVALID_DN_SYNTAX; + rs->sr_err = LDAP_INVALID_DN_SYNTAX; goto done; } - if( slap_bv2ad( &rdn[0][0]->la_attr, &desc, &text )) { - err = LDAP_NO_SUCH_OBJECT; + if( slap_bv2ad( &rdn[0][0]->la_attr, &desc, &rs->sr_text )) { + rs->sr_err = LDAP_NO_SUCH_OBJECT; ldap_rdnfree(rdn); goto done; } @@ -114,18 +99,19 @@ passwd_back_search( vals[0].bv_len = sizeof("organizationalUnit")-1; attr_mergeit( e, ad_objectClass, vals ); - if ( test_filter( be, conn, op, e, filter ) == LDAP_COMPARE_TRUE ) { - send_search_entry( be, conn, op, - e, attrs, attrsonly, NULL ); + if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) { + rs->sr_entry = e; + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry( op, rs ); sent++; } } - if ( scope != LDAP_SCOPE_BASE ) { + if ( op->oq_search.rs_scope != LDAP_SCOPE_BASE ) { /* check all our "children" */ ldap_pvt_thread_mutex_lock( &passwd_mutex ); - pw_start( be ); + pw_start( op->o_bd ); for ( pw = getpwent(); pw != NULL; pw = getpwent() ) { /* check for abandon */ if ( op->o_abandon ) { @@ -136,32 +122,31 @@ passwd_back_search( /* check time limit */ if ( slap_get_time() > stoptime ) { - send_ldap_result( conn, op, LDAP_TIMELIMIT_EXCEEDED, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_TIMELIMIT_EXCEEDED, NULL ); endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); return( 0 ); } - if ( !(e = pw2entry( be, pw, &text )) ) { - err = LDAP_OTHER; + if ( !(e = pw2entry( op->o_bd, pw, &rs->sr_text )) ) { + rs->sr_err = LDAP_OTHER; endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); goto done; } - if ( test_filter( be, conn, op, e, filter ) == LDAP_COMPARE_TRUE ) { + if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) { /* check size limit */ - if ( --slimit == -1 ) { - send_ldap_result( conn, op, LDAP_SIZELIMIT_EXCEEDED, - NULL, NULL, NULL, NULL ); + if ( --op->oq_search.rs_slimit == -1 ) { + send_ldap_error( op, rs, LDAP_SIZELIMIT_EXCEEDED, NULL ); endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); return( 0 ); } - send_search_entry( be, conn, op, - e, attrs, attrsonly, NULL ); + rs->sr_entry = e; + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry( op, rs ); sent++; } @@ -172,55 +157,56 @@ passwd_back_search( } } else { - if (! be_issuffix( be, nbase ) ) { - dnParent( nbase, &parent ); + if (! be_issuffix( op->o_bd, &op->o_req_ndn ) ) { + dnParent( &op->o_req_ndn, &parent ); } /* This backend is only one layer deep. Don't answer requests for * anything deeper than that. */ - if( !be_issuffix( be, &parent ) ) { + if( !be_issuffix( op->o_bd, &parent ) ) { int i; - for( i=0; be->be_nsuffix[i].bv_val != NULL; i++ ) { - if( dnIsSuffix( nbase, &be->be_nsuffix[i] ) ) { - matched = be->be_suffix[i].bv_val; + for( i=0; op->o_bd->be_nsuffix[i].bv_val != NULL; i++ ) { + if( dnIsSuffix( &op->o_req_ndn, &op->o_bd->be_nsuffix[i] ) ) { + rs->sr_matched = op->o_bd->be_suffix[i].bv_val; break; } } - err = LDAP_NO_SUCH_OBJECT; + rs->sr_err = LDAP_NO_SUCH_OBJECT; goto done; } - if( scope == LDAP_SCOPE_ONELEVEL ) { + if( op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) { goto done; } - if ( ldap_bv2rdn( base, &rdn, (char **)&text, + if ( ldap_bv2rdn( &op->o_req_dn, &rdn, (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP )) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; goto done; } ldap_pvt_thread_mutex_lock( &passwd_mutex ); - pw_start( be ); + pw_start( op->o_bd ); if ( (pw = getpwnam( rdn[0][0]->la_value.bv_val )) == NULL ) { - matched = parent.bv_val; - err = LDAP_NO_SUCH_OBJECT; + rs->sr_matched = parent.bv_val; + rs->sr_err = LDAP_NO_SUCH_OBJECT; ldap_pvt_thread_mutex_unlock( &passwd_mutex ); goto done; } - e = pw2entry( be, pw, &text ); + e = pw2entry( op->o_bd, pw, &rs->sr_text ); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); if ( !e ) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; goto done; } - if ( test_filter( be, conn, op, e, filter ) == LDAP_COMPARE_TRUE ) { - send_search_entry( be, conn, op, - e, attrs, attrsonly, NULL ); + if ( test_filter( op, e, op->oq_search.rs_filter ) == LDAP_COMPARE_TRUE ) { + rs->sr_entry = e; + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry( op, rs ); sent++; } @@ -228,9 +214,9 @@ passwd_back_search( } done: - send_ldap_result( conn, op, - err, err == LDAP_NO_SUCH_OBJECT ? matched : NULL, text, - NULL, NULL ); + if( rs->sr_err != LDAP_NO_SUCH_OBJECT ) rs->sr_matched = NULL; + rs->sr_nentries = sent; + send_search_result( op, rs ); if( rdn != NULL ) ldap_rdnfree( rdn ); diff --git a/servers/slapd/back-shell/abandon.c b/servers/slapd/back-shell/abandon.c index 801b16c6f1..12f7a74eae 100644 --- a/servers/slapd/back-shell/abandon.c +++ b/servers/slapd/back-shell/abandon.c @@ -17,32 +17,29 @@ int shell_back_abandon( - Backend *be, - Connection *conn, Operation *op, - int msgid -) + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; FILE *rfp, *wfp; pid_t pid; Operation *o; /* no abandon command defined - just kill the process handling it */ if ( si->si_abandon == NULL ) { - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); pid = -1; - LDAP_STAILQ_FOREACH( o, &conn->c_ops, o_next ) { - if ( o->o_msgid == msgid ) { + LDAP_STAILQ_FOREACH( o, &op->o_conn->c_ops, o_next ) { + if ( o->o_msgid == op->oq_abandon.rs_msgid ) { pid = (pid_t) o->o_private; break; } } - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); } if ( pid == -1 ) { - Debug( LDAP_DEBUG_ARGS, "shell could not find op %d\n", msgid, 0, 0 ); + Debug( LDAP_DEBUG_ARGS, "shell could not find op %d\n", op->oq_abandon.rs_msgid, 0, 0 ); return 0; } @@ -52,8 +49,8 @@ shell_back_abandon( /* write out the request to the abandon process */ fprintf( wfp, "ABANDON\n" ); - fprintf( wfp, "msgid: %d\n", msgid ); - print_suffixes( wfp, be ); + fprintf( wfp, "msgid: %d\n", op->oq_abandon.rs_msgid ); + print_suffixes( wfp, op->o_bd ); fprintf( wfp, "pid: %ld\n", (long) pid ); fclose( wfp ); diff --git a/servers/slapd/back-shell/add.c b/servers/slapd/back-shell/add.c index 818ef92672..31c83e487b 100644 --- a/servers/slapd/back-shell/add.c +++ b/servers/slapd/back-shell/add.c @@ -17,48 +17,44 @@ int shell_back_add( - Backend *be, - Connection *conn, Operation *op, - Entry *e -) + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; FILE *rfp, *wfp; int len; if ( si->si_add == NULL ) { - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "add not implemented", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "add not implemented" ); return( -1 ); } - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, op->oq_add.rs_e, entry, NULL, ACL_WRITE, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( (op->o_private = (void *) forkandexec( si->si_add, &rfp, &wfp )) == (void *) -1 ) { - send_ldap_result( conn, op, LDAP_OTHER, NULL, - "could not fork/exec", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not fork/exec" ); return( -1 ); } /* write out the request to the add process */ fprintf( wfp, "ADD\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); + print_suffixes( wfp, op->o_bd ); ldap_pvt_thread_mutex_lock( &entry2str_mutex ); - fprintf( wfp, "%s", entry2str( e, &len ) ); + fprintf( wfp, "%s", entry2str( op->oq_add.rs_e, &len ) ); ldap_pvt_thread_mutex_unlock( &entry2str_mutex ); fclose( wfp ); /* read in the result and send it along */ - read_and_send_results( be, conn, op, rfp, NULL, 0 ); + read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); diff --git a/servers/slapd/back-shell/bind.c b/servers/slapd/back-shell/bind.c index cb21ff338b..0acca761ce 100644 --- a/servers/slapd/back-shell/bind.c +++ b/servers/slapd/back-shell/bind.c @@ -17,64 +17,56 @@ int shell_back_bind( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - int method, - struct berval *cred, - struct berval *edn -) + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; int rc; if ( si->si_bind == NULL ) { - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "bind not implemented", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "bind not implemented" ); return( -1 ); } e.e_id = NOID; - e.e_name = *dn; - e.e_nname = *ndn; + e.e_name = op->o_req_dn; + e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; - if ( ! access_allowed( be, conn, op, &e, + if ( ! access_allowed( op, &e, entry, NULL, ACL_AUTH, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( (op->o_private = (void *) forkandexec( si->si_bind, &rfp, &wfp )) == (void *) -1 ) { - send_ldap_result( conn, op, LDAP_OTHER, NULL, - "could not fork/exec", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not fork/exec" ); return( -1 ); } /* write out the request to the bind process */ fprintf( wfp, "BIND\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); - fprintf( wfp, "dn: %s\n", dn->bv_val ); - fprintf( wfp, "method: %d\n", method ); - fprintf( wfp, "credlen: %lu\n", cred->bv_len ); - fprintf( wfp, "cred: %s\n", cred->bv_val ); /* XXX */ + print_suffixes( wfp, op->o_bd ); + fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); + fprintf( wfp, "method: %d\n", op->oq_bind.rb_method ); + fprintf( wfp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len ); + fprintf( wfp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */ fclose( wfp ); /* read in the results and send them along */ - rc = read_and_send_results( be, conn, op, rfp, NULL, 0 ); + rc = read_and_send_results( op, rs, rfp ); fclose( rfp ); return( rc ); diff --git a/servers/slapd/back-shell/compare.c b/servers/slapd/back-shell/compare.c index f6037de2e7..09ffb4d4aa 100644 --- a/servers/slapd/back-shell/compare.c +++ b/servers/slapd/back-shell/compare.c @@ -17,46 +17,40 @@ int shell_back_compare( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - AttributeAssertion *ava -) + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; if ( si->si_compare == NULL ) { - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "compare not implemented", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "compare not implemented" ); return( -1 ); } e.e_id = NOID; - e.e_name = *dn; - e.e_nname = *ndn; + e.e_name = op->o_req_dn; + e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; - if ( ! access_allowed( be, conn, op, &e, + if ( ! access_allowed( op, &e, entry, NULL, ACL_READ, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( (op->o_private = (void *) forkandexec( si->si_compare, &rfp, &wfp )) == (void *) -1 ) { - send_ldap_result( conn, op, LDAP_OTHER, NULL, - "could not fork/exec", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not fork/exec" ); return( -1 ); } @@ -68,15 +62,15 @@ shell_back_compare( /* write out the request to the compare process */ fprintf( wfp, "COMPARE\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); - fprintf( wfp, "dn: %s\n", dn->bv_val ); + print_suffixes( wfp, op->o_bd ); + fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); fprintf( wfp, "%s: %s\n", - ava->aa_desc->ad_cname.bv_val, - ava->aa_value.bv_val /* could be binary! */ ); + op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val, + op->oq_compare.rs_ava->aa_value.bv_val /* could be binary! */ ); fclose( wfp ); /* read in the result and send it along */ - read_and_send_results( be, conn, op, rfp, NULL, 0 ); + read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); diff --git a/servers/slapd/back-shell/delete.c b/servers/slapd/back-shell/delete.c index ba56a5779c..3daec4c898 100644 --- a/servers/slapd/back-shell/delete.c +++ b/servers/slapd/back-shell/delete.c @@ -17,57 +17,52 @@ int shell_back_delete( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn -) + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; if ( si->si_delete == NULL ) { - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "delete not implemented", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "delete not implemented" ); return( -1 ); } e.e_id = NOID; - e.e_name = *dn; - e.e_nname = *ndn; + e.e_name = op->o_req_dn; + e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; - if ( ! access_allowed( be, conn, op, &e, + if ( ! access_allowed( op, &e, entry, NULL, ACL_WRITE, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( (op->o_private = (void *) forkandexec( si->si_delete, &rfp, &wfp )) == (void *) -1 ) { - send_ldap_result( conn, op, LDAP_OTHER, NULL, - "could not fork/exec", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not fork/exec" ); return( -1 ); } /* write out the request to the delete process */ fprintf( wfp, "DELETE\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); - fprintf( wfp, "dn: %s\n", dn->bv_val ); + print_suffixes( wfp, op->o_bd ); + fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); fclose( wfp ); /* read in the results and send them along */ - read_and_send_results( be, conn, op, rfp, NULL, 0 ); + read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); } diff --git a/servers/slapd/back-shell/modify.c b/servers/slapd/back-shell/modify.c index 8696a44dc8..248a64dc45 100644 --- a/servers/slapd/back-shell/modify.c +++ b/servers/slapd/back-shell/modify.c @@ -17,56 +17,51 @@ int shell_back_modify( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - Modifications *ml -) + SlapReply *rs ) { Modification *mod; - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; + Modifications *ml = op->oq_modify.rs_modlist; Entry e; FILE *rfp, *wfp; int i; if ( si->si_modify == NULL ) { - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "modify not implemented", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "modify not implemented" ); return( -1 ); } e.e_id = NOID; - e.e_name = *dn; - e.e_nname = *ndn; + e.e_name = op->o_req_dn; + e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; - if ( ! access_allowed( be, conn, op, &e, + if ( ! access_allowed( op, &e, entry, NULL, ACL_WRITE, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( (op->o_private = (void *) forkandexec( si->si_modify, &rfp, &wfp )) == (void *) -1 ) { - send_ldap_result( conn, op, LDAP_OTHER, NULL, - "could not fork/exec", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not fork/exec" ); return( -1 ); } /* write out the request to the modify process */ fprintf( wfp, "MODIFY\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); - fprintf( wfp, "dn: %s\n", dn->bv_val ); + print_suffixes( wfp, op->o_bd ); + fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); for ( ; ml != NULL; ml = ml->sml_next ) { mod = &ml->sml_mod; @@ -98,7 +93,7 @@ shell_back_modify( fclose( wfp ); /* read in the results and send them along */ - read_and_send_results( be, conn, op, rfp, NULL, 0 ); + read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); } diff --git a/servers/slapd/back-shell/modrdn.c b/servers/slapd/back-shell/modrdn.c index 993ba557ec..f24831e3ac 100644 --- a/servers/slapd/back-shell/modrdn.c +++ b/servers/slapd/back-shell/modrdn.c @@ -30,67 +30,57 @@ int shell_back_modrdn( - Backend *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn, - struct berval *newrdn, - struct berval *nnewrdn, - int deleteoldrdn, - struct berval *newSuperior, - struct berval *nnewSuperior -) + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; if ( si->si_modrdn == NULL ) { - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "modrdn not implemented", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "modrdn not implemented" ); return( -1 ); } e.e_id = NOID; - e.e_name = *dn; - e.e_nname = *ndn; + e.e_name = op->o_req_dn; + e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; - if ( ! access_allowed( be, conn, op, &e, + if ( ! access_allowed( op, &e, entry, NULL, ACL_WRITE, NULL ) ) { - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( (op->o_private = (void *) forkandexec( si->si_modrdn, &rfp, &wfp )) == (void *) -1 ) { - send_ldap_result( conn, op, LDAP_OTHER, NULL, - "could not fork/exec", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not fork/exec" ); return( -1 ); } /* write out the request to the modrdn process */ fprintf( wfp, "MODRDN\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); - fprintf( wfp, "dn: %s\n", dn->bv_val ); - fprintf( wfp, "newrdn: %s\n", newrdn->bv_val ); - fprintf( wfp, "deleteoldrdn: %d\n", deleteoldrdn ? 1 : 0 ); - if (newSuperior != NULL) { - fprintf( wfp, "newSuperior: %s\n", newSuperior->bv_val ); + print_suffixes( wfp, op->o_bd ); + fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); + fprintf( wfp, "newrdn: %s\n", op->oq_modrdn.rs_newrdn.bv_val ); + fprintf( wfp, "deleteoldrdn: %d\n", op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 ); + if (op->oq_modrdn.rs_newSup != NULL) { + fprintf( wfp, "newSuperior: %s\n", op->oq_modrdn.rs_newSup->bv_val ); } fclose( wfp ); /* read in the results and send them along */ - read_and_send_results( be, conn, op, rfp, NULL, 0 ); + read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); } diff --git a/servers/slapd/back-shell/result.c b/servers/slapd/back-shell/result.c index 4fc7d6dc2a..27cddfd622 100644 --- a/servers/slapd/back-shell/result.c +++ b/servers/slapd/back-shell/result.c @@ -19,20 +19,13 @@ int read_and_send_results( - Backend *be, - Connection *conn, Operation *op, - FILE *fp, - AttributeName *attrs, - int attrsonly -) + SlapReply *rs, + FILE *fp ) { int bsize, len; char *buf, *bp; char line[BUFSIZ]; - Entry *e; - int err; - char *matched, *info; /* read in the result and send it along */ buf = (char *) ch_malloc( BUFSIZ ); @@ -78,28 +71,28 @@ read_and_send_results( break; } - if ( (e = str2entry( buf )) == NULL ) { + if ( (rs->sr_entry = str2entry( buf )) == NULL ) { Debug( LDAP_DEBUG_ANY, "str2entry(%s) failed\n", buf, 0, 0 ); } else { - send_search_entry( be, conn, op, e, - attrs, attrsonly, NULL ); - entry_free( e ); + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry( op, rs ); + entry_free( rs->sr_entry ); } bp = buf; } } - (void) str2result( buf, &err, &matched, &info ); + (void) str2result( buf, &rs->sr_err, (char **)&rs->sr_matched, (char **)&rs->sr_text ); /* otherwise, front end will send this result */ - if ( err != 0 || op->o_tag != LDAP_REQ_BIND ) { - send_ldap_result( conn, op, err, matched, info, NULL, NULL ); + if ( rs->sr_err != 0 || op->o_tag != LDAP_REQ_BIND ) { + send_ldap_result( op, rs ); } free( buf ); - return( err ); + return( rs->sr_err ); } void diff --git a/servers/slapd/back-shell/search.c b/servers/slapd/back-shell/search.c index a0661066fd..a80d9502cf 100644 --- a/servers/slapd/back-shell/search.c +++ b/servers/slapd/back-shell/search.c @@ -17,58 +17,47 @@ int shell_back_search( - Backend *be, - Connection *conn, Operation *op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int size, - int time, - Filter *filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly -) + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; FILE *rfp, *wfp; AttributeName *an; if ( si->si_search == NULL ) { - send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "search not implemented", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "search not implemented" ); return( -1 ); } if ( (op->o_private = (void *) forkandexec( si->si_search, &rfp, &wfp )) == (void *) -1 ) { - send_ldap_result( conn, op, LDAP_OTHER, NULL, - "could not fork/exec", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, + "could not fork/exec" ); return( -1 ); } /* write out the request to the search process */ fprintf( wfp, "SEARCH\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); - fprintf( wfp, "base: %s\n", base->bv_val ); - fprintf( wfp, "scope: %d\n", scope ); - fprintf( wfp, "deref: %d\n", deref ); - fprintf( wfp, "sizelimit: %d\n", size ); - fprintf( wfp, "timelimit: %d\n", time ); - fprintf( wfp, "filter: %s\n", filterstr->bv_val ); - fprintf( wfp, "attrsonly: %d\n", attrsonly ? 1 : 0 ); - fprintf( wfp, "attrs:%s", attrs == NULL ? " all" : "" ); - for ( an = attrs; an && an->an_name.bv_val; an++ ) { + print_suffixes( wfp, op->o_bd ); + fprintf( wfp, "base: %s\n", op->o_req_dn.bv_val ); + fprintf( wfp, "scope: %d\n", op->oq_search.rs_scope ); + fprintf( wfp, "deref: %d\n", op->oq_search.rs_deref ); + fprintf( wfp, "sizelimit: %d\n", op->oq_search.rs_slimit ); + fprintf( wfp, "timelimit: %d\n", op->oq_search.rs_tlimit ); + fprintf( wfp, "filter: %s\n", op->oq_search.rs_filterstr.bv_val ); + fprintf( wfp, "attrsonly: %d\n", op->oq_search.rs_attrsonly ? 1 : 0 ); + fprintf( wfp, "attrs:%s", op->oq_search.rs_attrs == NULL ? " all" : "" ); + for ( an = op->oq_search.rs_attrs; an && an->an_name.bv_val; an++ ) { fprintf( wfp, " %s", an->an_name.bv_val ); } fprintf( wfp, "\n" ); fclose( wfp ); /* read in the results and send them along */ - read_and_send_results( be, conn, op, rfp, attrs, attrsonly ); + rs->sr_attrs = op->oq_search.rs_attrs; + read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); diff --git a/servers/slapd/back-shell/shell.h b/servers/slapd/back-shell/shell.h index af4609d3f0..86b9a0bb8c 100644 --- a/servers/slapd/back-shell/shell.h +++ b/servers/slapd/back-shell/shell.h @@ -38,12 +38,9 @@ extern void print_suffixes LDAP_P(( struct slap_backend_db *bd)); extern int read_and_send_results LDAP_P(( - struct slap_backend_db *bd, - struct slap_conn *conn, struct slap_op *op, - FILE *fp, - AttributeName *attrs, - int attrsonly)); + struct slap_rep *rs, + FILE *fp)); LDAP_END_DECL diff --git a/servers/slapd/back-shell/unbind.c b/servers/slapd/back-shell/unbind.c index 8326a588d9..221b0f83a3 100644 --- a/servers/slapd/back-shell/unbind.c +++ b/servers/slapd/back-shell/unbind.c @@ -17,12 +17,11 @@ int shell_back_unbind( - Backend *be, - Connection *conn, - Operation *op + Operation *op, + SlapReply *rs ) { - struct shellinfo *si = (struct shellinfo *) be->be_private; + struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; FILE *rfp, *wfp; if ( si->si_unbind == NULL ) { @@ -37,8 +36,8 @@ shell_back_unbind( /* write out the request to the unbind process */ fprintf( wfp, "UNBIND\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); - print_suffixes( wfp, be ); - fprintf( wfp, "dn: %s\n", (conn->c_dn.bv_len ? conn->c_dn.bv_val : "") ); + print_suffixes( wfp, op->o_bd ); + fprintf( wfp, "dn: %s\n", (op->o_conn->c_dn.bv_len ? op->o_conn->c_dn.bv_val : "") ); fclose( wfp ); /* no response to unbind */ diff --git a/servers/slapd/back-tcl/tcl_abandon.c b/servers/slapd/back-tcl/tcl_abandon.c index 953df66029..1be1ccbd9c 100644 --- a/servers/slapd/back-tcl/tcl_abandon.c +++ b/servers/slapd/back-tcl/tcl_abandon.c @@ -18,22 +18,20 @@ int tcl_back_abandon ( - Backend * be, - Connection * conn, Operation * op, - int msgid + SlapReply * rs ) { char *results, *command; struct berval suf_tcl; int code, err = 0; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; if (ti->ti_abandon.bv_len == 0) { return (-1); } - if (tcl_merge_bvlist(be->be_suffix, &suf_tcl) == NULL) { + if (tcl_merge_bvlist(op->o_bd->be_suffix, &suf_tcl) == NULL) { return (-1); } @@ -41,7 +39,7 @@ tcl_back_abandon ( + 80); sprintf (command, "%s ABANDON {%ld/%ld} {%s} {%ld/%d}", ti->ti_abandon.bv_val, op->o_connid, (long) op->o_msgid, - suf_tcl.bv_val, op->o_connid, msgid); + suf_tcl.bv_val, op->o_connid, op->oq_abandon.rs_msgid); Tcl_Free (suf_tcl.bv_val); ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex); diff --git a/servers/slapd/back-tcl/tcl_add.c b/servers/slapd/back-tcl/tcl_add.c index 16321bdcb8..fdc3f4619e 100644 --- a/servers/slapd/back-tcl/tcl_add.c +++ b/servers/slapd/back-tcl/tcl_add.c @@ -18,30 +18,27 @@ int tcl_back_add ( - Backend * be, - Connection * conn, Operation * op, - Entry * e + SlapReply * rs ) { char *command, *entrystr, *results; struct berval suf_tcl; - int code, err = 0; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + int code; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; if (ti->ti_add.bv_len == 0) { - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "add not implemented", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "add not implemented" ); return (-1); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { - send_ldap_result (conn, op, LDAP_OTHER, NULL, - NULL, NULL, NULL ); + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { + send_ldap_error (op, rs, LDAP_OTHER, NULL); return (-1); } - entrystr = tcl_clean_entry(e); + entrystr = tcl_clean_entry(op->oq_add.rs_e); command = (char *) ch_malloc (ti->ti_add.bv_len + suf_tcl.bv_len + strlen(entrystr) + 52); @@ -58,16 +55,17 @@ tcl_back_add ( free (command); if (code != TCL_OK) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; Debug (LDAP_DEBUG_SHELL, "tcl_add_error: %s\n", results, 0, 0); } else { - interp_send_results (be, conn, op, results, NULL, 0); + interp_send_results (op, rs, results); } - if (err != LDAP_SUCCESS) - send_ldap_result (conn, op, err, NULL, - "internal backend error", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_text = "internal backend error"; + send_ldap_result (op, rs); + } free (results); - return (err); + return (rs->sr_err); } diff --git a/servers/slapd/back-tcl/tcl_back.h b/servers/slapd/back-tcl/tcl_back.h index aa56a2611f..9406f27f5c 100644 --- a/servers/slapd/back-tcl/tcl_back.h +++ b/servers/slapd/back-tcl/tcl_back.h @@ -54,12 +54,9 @@ int tcl_ldap_debug ( ); int interp_send_results ( - Backend * be, - Connection * conn, Operation * op, - char *result, - AttributeName *attrs, - int attrsonly + SlapReply * rs, + char *result ); #endif diff --git a/servers/slapd/back-tcl/tcl_bind.c b/servers/slapd/back-tcl/tcl_bind.c index 0a8a632cd5..b4510cd626 100644 --- a/servers/slapd/back-tcl/tcl_bind.c +++ b/servers/slapd/back-tcl/tcl_bind.c @@ -18,39 +18,31 @@ int tcl_back_bind ( - Backend * be, - Connection * conn, Operation * op, - struct berval *dn, - struct berval *ndn, - int method, - struct berval *cred, - struct berval *edn -) + SlapReply * rs ) { char *command, *results; struct berval suf_tcl; - int code, err = 0; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + int code; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; if (ti->ti_bind.bv_len == 0) { - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "bind not implemented", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "bind not implemented" ); return (-1); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { - send_ldap_result (conn, op, LDAP_OTHER, NULL, - NULL, NULL, NULL ); + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { + send_ldap_error (op, rs, LDAP_OTHER, NULL ); return (-1); } command = (char *) ch_malloc (ti->ti_bind.bv_len + suf_tcl.bv_len + - dn->bv_len + cred->bv_len + 84); + op->o_req_dn.bv_len + op->oq_bind.rb_cred.bv_len + 84); sprintf (command, "%s BIND {%ld/%ld} {%s} {%s} {%d} {%lu} {%s}", ti->ti_bind.bv_val, op->o_connid, (long) op->o_msgid, suf_tcl.bv_val, - dn->bv_val, method, cred->bv_len, cred->bv_val); + op->o_req_dn.bv_val, op->oq_bind.rb_method, op->oq_bind.rb_cred.bv_len, op->oq_bind.rb_cred.bv_val); Tcl_Free (suf_tcl.bv_val); ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex); @@ -60,16 +52,17 @@ tcl_back_bind ( free (command); if (code != TCL_OK) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; Debug (LDAP_DEBUG_SHELL, "tcl_bind_error: %s\n", results, 0, 0); } else { - err = interp_send_results (be, conn, op, results, NULL, 0); + rs->sr_err = interp_send_results (op, rs, results); } - if (err != LDAP_SUCCESS) - send_ldap_result (conn, op, err, NULL, - "internal backend error", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_text = "internal backend error"; + send_ldap_result (op, rs); + } free (results); - return (err); + return (rs->sr_err); } diff --git a/servers/slapd/back-tcl/tcl_compare.c b/servers/slapd/back-tcl/tcl_compare.c index 60a947dab2..739a6080c8 100644 --- a/servers/slapd/back-tcl/tcl_compare.c +++ b/servers/slapd/back-tcl/tcl_compare.c @@ -18,38 +18,33 @@ int tcl_back_compare ( - Backend * be, - Connection * conn, Operation * op, - struct berval *dn, - struct berval *ndn, - AttributeAssertion * ava + SlapReply * rs ) { char *command, *results; struct berval suf_tcl; - int code, err = 0; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + int code; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; if (ti->ti_compare.bv_len == 0) { - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "compare not implemented", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "compare not implemented" ); return (-1); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { - send_ldap_result (conn, op, LDAP_OTHER, NULL, - NULL, NULL, NULL ); + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { + send_ldap_error (op, rs, LDAP_OTHER, NULL ); return (-1); } command = (char *) ch_malloc (ti->ti_compare.bv_len + - suf_tcl.bv_len + dn->bv_len + ava->aa_desc->ad_cname.bv_len + - ava->aa_value.bv_len + 84); + suf_tcl.bv_len + op->o_req_dn.bv_len + op->oq_compare.rs_ava->aa_desc->ad_cname.bv_len + + op->oq_compare.rs_ava->aa_value.bv_len + 84); sprintf (command, "%s COMPARE {%ld/%ld} {%s} {%s} {%s: %s}", ti->ti_compare.bv_val, op->o_connid, (long) op->o_msgid, - suf_tcl.bv_val, dn->bv_val, - ava->aa_desc->ad_cname.bv_val, ava->aa_value.bv_val); + suf_tcl.bv_val, op->o_req_dn.bv_val, + op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val, op->oq_compare.rs_ava->aa_value.bv_val); Tcl_Free (suf_tcl.bv_val); ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex); @@ -59,17 +54,18 @@ tcl_back_compare ( free (command); if (code != TCL_OK) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; Debug (LDAP_DEBUG_SHELL, "tcl_compare_error: %s\n", results, 0, 0); } else { - interp_send_results (be, conn, op, results, NULL, 0); + interp_send_results (op, rs, results); } - if (err != LDAP_SUCCESS) - send_ldap_result (conn, op, err, NULL, - "internal backend error", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_text = "internal backend error"; + send_ldap_result (op, rs); + } free (results); - return (err); + return (rs->sr_err); } diff --git a/servers/slapd/back-tcl/tcl_delete.c b/servers/slapd/back-tcl/tcl_delete.c index 41454bee28..c2569e823a 100644 --- a/servers/slapd/back-tcl/tcl_delete.c +++ b/servers/slapd/back-tcl/tcl_delete.c @@ -18,35 +18,31 @@ int tcl_back_delete ( - Backend * be, - Connection * conn, Operation * op, - struct berval *dn, - struct berval *ndn + SlapReply * rs ) { char *command, *results; struct berval suf_tcl; int code, err = 0; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; if (ti->ti_delete.bv_len == 0) { - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "delete not implemented", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "delete not implemented" ); return (-1); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { - send_ldap_result (conn, op, LDAP_OTHER, NULL, - NULL, NULL, NULL ); + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { + send_ldap_error (op, rs, LDAP_OTHER, NULL); return (-1); } command = (char *) ch_malloc (ti->ti_delete.bv_len + suf_tcl.bv_len - + dn->bv_len + 84); + + op->o_req_dn.bv_len + 84); sprintf (command, "%s DELETE {%ld/%ld} {%s} {%s}", ti->ti_delete.bv_val, op->o_connid, (long) op->o_msgid, - suf_tcl.bv_val, dn->bv_val); + suf_tcl.bv_val, op->o_req_dn.bv_val); Tcl_Free (suf_tcl.bv_val); ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex); @@ -56,17 +52,18 @@ tcl_back_delete ( free (command); if (code != TCL_OK) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; Debug (LDAP_DEBUG_SHELL, "tcl_delete_error: %s\n", results, 0, 0); } else { - interp_send_results (be, conn, op, results, NULL, 0); + interp_send_results (op, rs, results); } - if (err != LDAP_SUCCESS) - send_ldap_result (conn, op, err, NULL, - "internal backend error", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_text = "internal backend error"; + send_ldap_result (op, rs); + } free (results); - return (err); + return (rs->sr_err); } diff --git a/servers/slapd/back-tcl/tcl_modify.c b/servers/slapd/back-tcl/tcl_modify.c index 43c452decd..3a7462263b 100644 --- a/servers/slapd/back-tcl/tcl_modify.c +++ b/servers/slapd/back-tcl/tcl_modify.c @@ -18,28 +18,24 @@ int tcl_back_modify ( - Backend * be, - Connection * conn, Operation * op, - struct berval *dn, - struct berval *ndn, - Modifications * modlist + SlapReply * rs ) { char *command, *bp, *tcl_mods, *results; struct berval suf_tcl; - int i, code, err = 0, len, bsize; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + int i, code, len, bsize; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; + Modifications *modlist = op->oq_modify.rs_modlist; if (ti->ti_modify.bv_len == 0) { - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "modify not implemented", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "modify not implemented" ); return (-1); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { - send_ldap_result (conn, op, LDAP_OTHER, NULL, - NULL, NULL, NULL ); + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { + send_ldap_error (op, rs, LDAP_OTHER, NULL); return (-1); } @@ -97,11 +93,11 @@ tcl_back_modify ( } command = (char *) ch_malloc (ti->ti_modify.bv_len + suf_tcl.bv_len - + dn->bv_len + strlen (tcl_mods) + 84); + + op->o_req_dn.bv_len + strlen (tcl_mods) + 84); /* This space is simply for aesthetics--\ */ sprintf (command, "%s MODIFY {%ld/%ld} {%s} {%s} { %s}", ti->ti_modify.bv_val, op->o_connid, (long) op->o_msgid, - suf_tcl.bv_val, dn->bv_val, tcl_mods); + suf_tcl.bv_val, op->o_req_dn.bv_val, tcl_mods); Tcl_Free (suf_tcl.bv_val); free (tcl_mods); @@ -112,17 +108,18 @@ tcl_back_modify ( free (command); if (code != TCL_OK) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; Debug (LDAP_DEBUG_SHELL, "tcl_modify_error: %s\n", results, 0, 0); } else { - interp_send_results (be, conn, op, results, NULL, 0); + interp_send_results (op, rs, results); } - if (err != LDAP_SUCCESS) - send_ldap_result (conn, op, err, NULL, - "internal backend error", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_text = "internal backend error"; + send_ldap_result (op, rs); + } free (results); - return (err); + return (rs->sr_err); } diff --git a/servers/slapd/back-tcl/tcl_modrdn.c b/servers/slapd/back-tcl/tcl_modrdn.c index 2e74e0aa8d..af13d2232c 100644 --- a/servers/slapd/back-tcl/tcl_modrdn.c +++ b/servers/slapd/back-tcl/tcl_modrdn.c @@ -31,50 +31,41 @@ int tcl_back_modrdn ( - Backend * be, - Connection * conn, Operation * op, - struct berval *dn, - struct berval *ndn, - struct berval *newrdn, - struct berval *nnewrdn, - int deleteoldrdn, - struct berval *newSuperior, - struct berval *nnewSuperior + SlapReply * rs ) { char *command, *results; struct berval suf_tcl; - int code, err = 0; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + int code; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; if (ti->ti_modrdn.bv_len == 0) { - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "modrdn not implemented", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "modrdn not implemented" ); return (-1); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { - send_ldap_result (conn, op, LDAP_OTHER, NULL, - NULL, NULL, NULL ); + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { + send_ldap_error (op, rs, LDAP_OTHER, NULL); return (-1); } command = (char *) ch_malloc (ti->ti_modrdn.bv_len + suf_tcl.bv_len - + dn->bv_len + newrdn->bv_len - + (newSuperior ? newSuperior->bv_len : 0) + 84); - if ( newSuperior ) { + + op->o_req_dn.bv_len + op->oq_modrdn.rs_newrdn.bv_len + + (op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_len : 0) + 84); + if ( op->oq_modrdn.rs_newSup ) { sprintf (command, "%s MODRDN {%ld/%ld} {%s} {%s} {%s} %d {%s}", ti->ti_modrdn.bv_val, op->o_connid, (long) op->o_msgid, - suf_tcl.bv_val, dn->bv_val, - newrdn->bv_val, deleteoldrdn ? 1 : 0, - newSuperior->bv_val ); + suf_tcl.bv_val, op->o_req_dn.bv_val, + op->oq_modrdn.rs_newrdn.bv_val, op->oq_modrdn.rs_deleteoldrdn ? 1 : 0, + op->oq_modrdn.rs_newSup->bv_val ); } else { sprintf (command, "%s MODRDN {%ld} {%s} {%s} {%s} %d", ti->ti_modrdn.bv_val, (long) op->o_msgid, - suf_tcl.bv_val, dn->bv_val, - newrdn->bv_val, deleteoldrdn ? 1 : 0 ); + suf_tcl.bv_val, op->o_req_dn.bv_val, + op->oq_modrdn.rs_newrdn.bv_val, op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 ); } Tcl_Free (suf_tcl.bv_val); @@ -85,17 +76,18 @@ tcl_back_modrdn ( free (command); if (code != TCL_OK) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; Debug (LDAP_DEBUG_SHELL, "tcl_modrdn_error: %s\n", results, 0, 0); } else { - interp_send_results (be, conn, op, results, NULL, 0); + interp_send_results (op, rs, results); } - if (err != LDAP_SUCCESS) - send_ldap_result (conn, op, err, NULL, - "internal backend error", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_text = "internal backend error"; + send_ldap_result (op, rs); + } free (results); - return (err); + return (rs->sr_err); } diff --git a/servers/slapd/back-tcl/tcl_search.c b/servers/slapd/back-tcl/tcl_search.c index 8600a96b4f..9a06214bc3 100644 --- a/servers/slapd/back-tcl/tcl_search.c +++ b/servers/slapd/back-tcl/tcl_search.c @@ -18,59 +18,46 @@ int tcl_back_search ( - Backend * be, - Connection * conn, Operation * op, - struct berval *base, - struct berval *nbase, - int scope, - int deref, - int sizelimit, - int timelimit, - Filter * filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly -) + SlapReply * rs ) { char *attrs_tcl = NULL, *results, *command; struct berval suf_tcl; - int i, err = 0, code; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + int i, code; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; AttributeName *an; if (ti->ti_search.bv_len == 0) { - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "search not implemented", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "search not implemented" ); return (-1); } - for (i = 0, an = attrs; an && an->an_name.bv_val; an++, i++); + for (i = 0, an = op->oq_search.rs_attrs; an && an->an_name.bv_val; an++, i++); if (i > 0) { char **sattrs = ch_malloc( (i+1) * sizeof(char *)); - for (i = 0, an = attrs; an->an_name.bv_val; an++, i++) + for (i = 0, an = op->oq_search.rs_attrs; an->an_name.bv_val; an++, i++) sattrs[i] = an->an_name.bv_val; sattrs[i] = NULL; attrs_tcl = Tcl_Merge (i, sattrs); ch_free(sattrs); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { Tcl_Free (attrs_tcl); - send_ldap_result (conn, op, LDAP_OTHER, NULL, - NULL, NULL, NULL ); + send_ldap_error (op, rs, LDAP_OTHER, NULL); return (-1); } command = (char *) ch_malloc (ti->ti_search.bv_len + suf_tcl.bv_len - + base->bv_len + 60 + filterstr->bv_len + + + op->o_req_dn.bv_len + 60 + op->oq_search.rs_filterstr.bv_len + (attrs_tcl == NULL ? 5 : strlen (attrs_tcl)) + 72); sprintf (command, "%s SEARCH {%ld/%ld} {%s} {%s} {%d} {%d} {%d} {%d} {%s} {%d} {%s}", ti->ti_search.bv_val, op->o_connid, (long) op->o_msgid, - suf_tcl.bv_val, base->bv_val, scope, deref, - sizelimit, timelimit, filterstr->bv_val, attrsonly ? 1 : 0, - attrs_tcl == NULL ? "{all}" : attrs_tcl); + suf_tcl.bv_val, op->o_req_dn.bv_val, op->oq_search.rs_scope, op->oq_search.rs_deref, + op->oq_search.rs_slimit, op->oq_search.rs_tlimit, op->oq_search.rs_filterstr.bv_val, + op->oq_search.rs_attrsonly ? 1 : 0, attrs_tcl == NULL ? "{all}" : attrs_tcl); Tcl_Free (attrs_tcl); Tcl_Free (suf_tcl.bv_val); @@ -81,17 +68,18 @@ tcl_back_search ( free (command); if (code != TCL_OK) { - err = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; Debug (LDAP_DEBUG_SHELL, "tcl_search_error: %s\n", results, 0, 0); } else { - interp_send_results (be, conn, op, results, attrs, 0); + interp_send_results (op, rs, results ); } - if (err != LDAP_SUCCESS) - send_ldap_result (conn, op, err, NULL, - "internal backend error", NULL, NULL ); + if (rs->sr_err != LDAP_SUCCESS) { + rs->sr_text = "internal backend error"; + send_ldap_result (op, rs ); + } free (results); - return (err); + return (rs->sr_err); } diff --git a/servers/slapd/back-tcl/tcl_unbind.c b/servers/slapd/back-tcl/tcl_unbind.c index abb0beff94..8ad6128456 100644 --- a/servers/slapd/back-tcl/tcl_unbind.c +++ b/servers/slapd/back-tcl/tcl_unbind.c @@ -18,29 +18,28 @@ int tcl_back_unbind ( - Backend * be, - Connection * conn, - Operation * op + Operation * op, + SlapReply * rs ) { char *command, *results; struct berval suf_tcl; int code, err = 0; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; if (ti->ti_unbind.bv_len == 0) { return (-1); } - if (tcl_merge_bvlist (be->be_suffix, &suf_tcl) == NULL) { + if (tcl_merge_bvlist (op->o_bd->be_suffix, &suf_tcl) == NULL) { return (-1); } command = (char *) ch_malloc (ti->ti_unbind.bv_len + suf_tcl.bv_len - + conn->c_dn.bv_len + 84); + + op->o_conn->c_dn.bv_len + 84); sprintf (command, "%s UNBIND {%ld/%ld} {%s} {%s}", ti->ti_unbind.bv_val, op->o_connid, (long) op->o_msgid, - suf_tcl.bv_val, conn->c_dn.bv_val ? conn->c_dn.bv_val : ""); + suf_tcl.bv_val, op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : ""); Tcl_Free (suf_tcl.bv_val); ldap_pvt_thread_mutex_lock (&tcl_interpreter_mutex); diff --git a/servers/slapd/back-tcl/tcl_util.c b/servers/slapd/back-tcl/tcl_util.c index e23b86d115..6fff035276 100644 --- a/servers/slapd/back-tcl/tcl_util.c +++ b/servers/slapd/back-tcl/tcl_util.c @@ -22,18 +22,14 @@ int interp_send_results ( - Backend * be, - Connection * conn, Operation * op, - char *result, - AttributeName *attrs, - int attrsonly + SlapReply * rs, + char *result ) { - int bsize, len, argcPtr, i, err, code; - char *buf, *bp, **argvPtr, *line, *matched, *info; - Entry *e; - struct tclinfo *ti = (struct tclinfo *) be->be_private; + int bsize, len, argcPtr, i, code; + char *buf, *bp, **argvPtr, *line; + struct tclinfo *ti = (struct tclinfo *) op->o_bd->be_private; /* * read in the result and send it along @@ -45,8 +41,8 @@ interp_send_results ( code = Tcl_SplitList (ti->ti_ii->interp, result, &argcPtr, &argvPtr); if (code != TCL_OK) { argcPtr = 0; - send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, - "internal backend error", NULL, NULL ); + send_ldap_error (op, rs, LDAP_UNWILLING_TO_PERFORM, + "internal backend error" ); return -1; } for (i = 0; i < argcPtr; i++) { @@ -73,32 +69,32 @@ interp_send_results ( if (strncasecmp (buf, "RESULT", 6) == 0) { break; } - if ((e = str2entry (buf)) == NULL) { + if ((rs->sr_entry = str2entry (buf)) == NULL) { Debug (LDAP_DEBUG_SHELL, "str2entry(%s) failed\n", buf, 0, 0); } else { - send_search_entry (be, conn, op, e, attrs, - attrsonly, NULL ); - entry_free (e); + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry (op, rs); + entry_free (rs->sr_entry); } bp = buf; } } - (void) str2result (buf, &err, &matched, &info); + (void) str2result (buf, &rs->sr_err, (char **)&rs->sr_matched, (char **)&rs->sr_text); /* * otherwise, front end will send this result */ - if (err != 0 || op->o_tag != LDAP_REQ_BIND) { - send_ldap_result (conn, op, err, matched, info, NULL, NULL ); + if (rs->sr_err != 0 || op->o_tag != LDAP_REQ_BIND) { + send_ldap_result (op, rs); } free (buf); Tcl_Free ((char *) argvPtr); - return (err); + return (rs->sr_err); } char * diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index c187574072..8ffe0998c1 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -631,29 +631,26 @@ be_root_dn( Backend *be ) } int -be_isroot_pw( Backend *be, - Connection *conn, - struct berval *ndn, - struct berval *cred ) +be_isroot_pw( Operation *op ) { int result; - if ( ! be_isroot( be, ndn ) ) { + if ( ! be_isroot( op->o_bd, &op->o_req_ndn ) ) { return 0; } - if( be->be_rootpw.bv_len == 0 ) { + if( op->o_bd->be_rootpw.bv_len == 0 ) { return 0; } #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD ) ldap_pvt_thread_mutex_lock( &passwd_mutex ); #ifdef SLAPD_SPASSWD - lutil_passwd_sasl_conn = conn->c_sasl_context; + lutil_passwd_sasl_conn = op->o_conn->c_sasl_context; #endif #endif - result = lutil_passwd( &be->be_rootpw, cred, NULL ); + result = lutil_passwd( &op->o_bd->be_rootpw, &op->oq_bind.rb_cred, NULL ); #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD ) #ifdef SLAPD_SPASSWD @@ -667,15 +664,13 @@ be_isroot_pw( Backend *be, int be_entry_release_rw( - BackendDB *be, - Connection *conn, Operation *op, Entry *e, int rw ) { - if ( be->be_release ) { + if ( op->o_bd->be_release ) { /* free and release entry from backend */ - return be->be_release( be, conn, op, e, rw ); + return op->o_bd->be_release( op, e, rw ); } else { /* free entry */ entry_free( e ); @@ -684,17 +679,14 @@ be_entry_release_rw( } int -backend_unbind( - Connection *conn, - Operation *op -) +backend_unbind( Operation *op, SlapReply *rs ) { int i; #if defined( LDAP_SLAPI ) Slapi_PBlock *pb = op->o_pb; int rc; - slapi_x_connection_set_pb( pb, conn ); + slapi_x_connection_set_pb( pb, op->o_conn ); slapi_x_operation_set_pb( pb, op ); #endif /* defined( LDAP_SLAPI ) */ @@ -720,7 +712,8 @@ backend_unbind( #endif /* defined( LDAP_SLAPI ) */ if ( backends[i].be_unbind ) { - (*backends[i].be_unbind)( &backends[i], conn, op ); + op->o_bd = &backends[i]; + (*backends[i].be_unbind)( op, rs ); } #if defined( LDAP_SLAPI ) @@ -774,36 +767,33 @@ backend_connection_destroy( static int backend_check_controls( - Backend *be, - Connection *conn, Operation *op, - const char **text ) + SlapReply *rs ) { LDAPControl **ctrls = op->o_ctrls; + rs->sr_err = LDAP_SUCCESS; - if( ctrls == NULL ) return LDAP_SUCCESS; - - for( ; *ctrls != NULL ; ctrls++ ) { - if( (*ctrls)->ldctl_iscritical && - !ldap_charray_inlist( be->be_controls, (*ctrls)->ldctl_oid ) ) - { - *text = "control unavailable in context"; - return LDAP_UNAVAILABLE_CRITICAL_EXTENSION; + if( ctrls ) { + for( ; *ctrls != NULL ; ctrls++ ) { + if( (*ctrls)->ldctl_iscritical && + !ldap_charray_inlist( op->o_bd->be_controls, (*ctrls)->ldctl_oid ) ) + { + rs->sr_text = "control unavailable in context"; + rs->sr_err = LDAP_UNAVAILABLE_CRITICAL_EXTENSION; + break; + } } } - return LDAP_SUCCESS; + return rs->sr_err; } int backend_check_restrictions( - Backend *be, - Connection *conn, Operation *op, - struct berval *opdata, - const char **text ) + SlapReply *rs, + struct berval *opdata ) { - int rc; slap_mask_t restrictops; slap_mask_t requires; slap_mask_t opflag; @@ -812,16 +802,14 @@ backend_check_restrictions( int starttls = 0; int session = 0; - if( be ) { - rc = backend_check_controls( be, conn, op, text ); - - if( rc != LDAP_SUCCESS ) { - return rc; + if( op->o_bd ) { + if ( backend_check_controls( op, rs ) != LDAP_SUCCESS ) { + return rs->sr_err; } - restrictops = be->be_restrictops; - requires = be->be_requires; - ssf = &be->be_ssf_set; + restrictops = op->o_bd->be_restrictops; + requires = op->o_bd->be_requires; + ssf = &op->o_bd->be_ssf_set; } else { restrictops = global_restrictops; @@ -898,29 +886,31 @@ backend_check_restrictions( opflag = 0; break; default: - *text = "restrict operations internal error"; - return LDAP_OTHER; + rs->sr_text = "restrict operations internal error"; + rs->sr_err = LDAP_OTHER; + return rs->sr_err; } if ( !starttls ) { /* these checks don't apply to StartTLS */ + rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED; if( op->o_transport_ssf < ssf->sss_transport ) { - *text = "transport confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "transport confidentiality required"; + return rs->sr_err; } if( op->o_tls_ssf < ssf->sss_tls ) { - *text = "TLS confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "TLS confidentiality required"; + return rs->sr_err; } if( op->o_tag == LDAP_REQ_BIND && opdata == NULL ) { /* simple bind specific check */ if( op->o_ssf < ssf->sss_simple_bind ) { - *text = "confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "confidentiality required"; + return rs->sr_err; } } @@ -928,49 +918,51 @@ backend_check_restrictions( /* these checks don't apply to SASL bind */ if( op->o_sasl_ssf < ssf->sss_sasl ) { - *text = "SASL confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "SASL confidentiality required"; + return rs->sr_err; } if( op->o_ssf < ssf->sss_ssf ) { - *text = "confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "confidentiality required"; + return rs->sr_err; } } if( updateop ) { if( op->o_transport_ssf < ssf->sss_update_transport ) { - *text = "transport update confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "transport update confidentiality required"; + return rs->sr_err; } if( op->o_tls_ssf < ssf->sss_update_tls ) { - *text = "TLS update confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "TLS update confidentiality required"; + return rs->sr_err; } if( op->o_sasl_ssf < ssf->sss_update_sasl ) { - *text = "SASL update confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "SASL update confidentiality required"; + return rs->sr_err; } if( op->o_ssf < ssf->sss_update_ssf ) { - *text = "update confidentiality required"; - return LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "update confidentiality required"; + return rs->sr_err; } if( !( global_allows & SLAP_ALLOW_UPDATE_ANON ) && op->o_ndn.bv_len == 0 ) { - *text = "modifications require authentication"; - return LDAP_STRONG_AUTH_REQUIRED; + rs->sr_text = "modifications require authentication"; + rs->sr_err = LDAP_STRONG_AUTH_REQUIRED; + return rs->sr_err; } #ifdef SLAP_X_LISTENER_MOD - if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IWUSR ) ) { + if ( op->o_conn->c_listener && ! ( op->o_conn->c_listener->sl_perms & S_IWUSR ) ) { /* no "w" mode means readonly */ - *text = "modifications not allowed on this listener"; - return LDAP_UNWILLING_TO_PERFORM; + rs->sr_text = "modifications not allowed on this listener"; + rs->sr_err = LDAP_UNWILLING_TO_PERFORM; + return rs->sr_err; } #endif /* SLAP_X_LISTENER_MOD */ } @@ -984,60 +976,67 @@ backend_check_restrictions( if( ( op->o_transport_ssf < ssf->sss_transport && op->o_authmech.bv_len == 0 ) || op->o_dn.bv_len == 0 ) { - *text = "strong authentication required"; - return LDAP_STRONG_AUTH_REQUIRED; + rs->sr_text = "strong authentication required"; + rs->sr_err = LDAP_STRONG_AUTH_REQUIRED; + return rs->sr_err; } } if( requires & SLAP_REQUIRE_SASL ) { if( op->o_authmech.bv_len == 0 || op->o_dn.bv_len == 0 ) { - *text = "SASL authentication required"; - return LDAP_STRONG_AUTH_REQUIRED; + rs->sr_text = "SASL authentication required"; + rs->sr_err = LDAP_STRONG_AUTH_REQUIRED; + return rs->sr_err; } } if( requires & SLAP_REQUIRE_AUTHC ) { if( op->o_dn.bv_len == 0 ) { - *text = "authentication required"; - return LDAP_UNWILLING_TO_PERFORM; + rs->sr_text = "authentication required"; + rs->sr_err = LDAP_UNWILLING_TO_PERFORM; + return rs->sr_err; } } if( requires & SLAP_REQUIRE_BIND ) { int version; - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - version = conn->c_protocol; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + version = op->o_conn->c_protocol; + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); if( !version ) { /* no bind has occurred */ - *text = "BIND required"; - return LDAP_OPERATIONS_ERROR; + rs->sr_text = "BIND required"; + rs->sr_err = LDAP_OPERATIONS_ERROR; + return rs->sr_err; } } if( requires & SLAP_REQUIRE_LDAP_V3 ) { if( op->o_protocol < LDAP_VERSION3 ) { /* no bind has occurred */ - *text = "operation restricted to LDAPv3 clients"; - return LDAP_OPERATIONS_ERROR; + rs->sr_text = "operation restricted to LDAPv3 clients"; + rs->sr_err = LDAP_OPERATIONS_ERROR; + return rs->sr_err; } } #ifdef SLAP_X_LISTENER_MOD if ( !starttls && op->o_dn.bv_len == 0 ) { - if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IXUSR ) ) { + if ( op->o_conn->c_listener && ! ( op->o_conn->c_listener->sl_perms & S_IXUSR ) ) { /* no "x" mode means bind required */ - *text = "bind required on this listener"; - return LDAP_STRONG_AUTH_REQUIRED; + rs->sr_text = "bind required on this listener"; + rs->sr_err = LDAP_STRONG_AUTH_REQUIRED; + return rs->sr_err; } } if ( !starttls && !updateop ) { - if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IRUSR ) ) { + if ( op->o_conn->c_listener && ! ( op->o_conn->c_listener->sl_perms & S_IRUSR ) ) { /* no "r" mode means no read */ - *text = "read not allowed on this listener"; - return LDAP_UNWILLING_TO_PERFORM; + rs->sr_text = "read not allowed on this listener"; + rs->sr_err = LDAP_UNWILLING_TO_PERFORM; + return rs->sr_err; } } #endif /* SLAP_X_LISTENER_MOD */ @@ -1046,44 +1045,35 @@ backend_check_restrictions( if( restrictops & opflag ) { if( restrictops == SLAP_RESTRICT_OP_READS ) { - *text = "read operations restricted"; + rs->sr_text = "read operations restricted"; } else { - *text = "operation restricted"; + rs->sr_text = "operation restricted"; } - return LDAP_UNWILLING_TO_PERFORM; + rs->sr_err = LDAP_UNWILLING_TO_PERFORM; + return rs->sr_err; } - return LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; + return rs->sr_err; } -int backend_check_referrals( - Backend *be, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn ) +int backend_check_referrals( Operation *op, SlapReply *rs ) { - int rc = LDAP_SUCCESS; - - if( be->be_chk_referrals ) { - const char *text; + rs->sr_err = LDAP_SUCCESS; - rc = be->be_chk_referrals( be, - conn, op, dn, ndn, &text ); + if( op->o_bd->be_chk_referrals ) { + rs->sr_err = op->o_bd->be_chk_referrals( op, rs ); - if( rc != LDAP_SUCCESS && rc != LDAP_REFERRAL ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( rs->sr_err != LDAP_SUCCESS && rs->sr_err != LDAP_REFERRAL ) { + send_ldap_result( op, rs ); } } - return rc; + return rs->sr_err; } int be_entry_get_rw( - Backend *be, - Connection *conn, Operation *op, struct berval *ndn, ObjectClass *oc, @@ -1091,24 +1081,26 @@ be_entry_get_rw( int rw, Entry **e ) { - be = select_backend( ndn, 0, 0 ); + Backend *be = op->o_bd; + int rc; - if (be == NULL) { - return LDAP_NO_SUCH_OBJECT; - } + op->o_bd = select_backend( ndn, 0, 0 ); - if ( be->be_fetch ) { - return be->be_fetch( be, conn, op, ndn, + if (op->o_bd == NULL) { + op->o_bd = be; + rc = LDAP_NO_SUCH_OBJECT; + } else if ( op->o_bd->be_fetch ) { + rc = op->o_bd->be_fetch( op, ndn, oc, at, rw, e ); + } else { + rc = LDAP_UNWILLING_TO_PERFORM; } - - return LDAP_UNWILLING_TO_PERFORM; + op->o_bd = be; + return rc; } int backend_group( - Backend *be, - Connection *conn, Operation *op, Entry *target, struct berval *gr_ndn, @@ -1124,17 +1116,17 @@ backend_group( if ( op->o_abandon ) return SLAPD_ABANDON; - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); - for (g = conn->c_groups; g; g=g->ga_next) { - if (g->ga_be != be || g->ga_oc != group_oc || + for (g = op->o_conn->c_groups; g; g=g->ga_next) { + if (g->ga_be != op->o_bd || g->ga_oc != group_oc || g->ga_at != group_at || g->ga_len != gr_ndn->bv_len) continue; if (strcmp( g->ga_ndn, gr_ndn->bv_val ) == 0) break; } - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); if (g) { return g->ga_res; @@ -1143,8 +1135,7 @@ backend_group( if ( target && dn_match( &target->e_nname, gr_ndn ) ) { e = target; } else { - rc = be_entry_get_rw(be, conn, op, gr_ndn, group_oc, group_at, - 0, &e ); + rc = be_entry_get_rw(op, gr_ndn, group_oc, group_at, 0, &e ); } if ( e ) { a = attr_find( e->e_attrs, group_at ); @@ -1161,7 +1152,7 @@ backend_group( rc = LDAP_NO_SUCH_ATTRIBUTE; } if (e != target ) { - be_entry_release_r( be, conn, op, e ); + be_entry_release_r( op, e ); } } else { rc = LDAP_NO_SUCH_OBJECT; @@ -1169,16 +1160,16 @@ backend_group( if ( op->o_tag != LDAP_REQ_BIND && !op->o_do_not_cache ) { g = ch_malloc(sizeof(GroupAssertion) + gr_ndn->bv_len); - g->ga_be = be; + g->ga_be = op->o_bd; g->ga_oc = group_oc; g->ga_at = group_at; g->ga_res = rc; g->ga_len = gr_ndn->bv_len; strcpy(g->ga_ndn, gr_ndn->bv_val); - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - g->ga_next = conn->c_groups; - conn->c_groups = g; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + g->ga_next = op->o_conn->c_groups; + op->o_conn->c_groups = g; + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); } return rc; @@ -1186,8 +1177,6 @@ backend_group( int backend_attribute( - Backend *be, - Connection *conn, Operation *op, Entry *target, struct berval *edn, @@ -1203,8 +1192,7 @@ backend_attribute( if ( target && dn_match( &target->e_nname, edn ) ) { e = target; } else { - rc = be_entry_get_rw(be, conn, op, edn, NULL, entry_at, - 0, &e ); + rc = be_entry_get_rw(op, edn, NULL, entry_at, 0, &e ); if ( rc != LDAP_SUCCESS ) return rc; } @@ -1213,8 +1201,8 @@ backend_attribute( if ( a ) { BerVarray v; - if ( conn && op && access_allowed( be, - conn, op, e, entry_at, NULL, ACL_AUTH, + if ( op->o_conn && access_allowed( op, + e, entry_at, NULL, ACL_AUTH, &acl_state ) == 0 ) { rc = LDAP_INSUFFICIENT_ACCESS; goto freeit; @@ -1224,8 +1212,8 @@ backend_attribute( v = ch_malloc( sizeof(struct berval) * (i+1) ); for ( i=0,j=0; a->a_vals[i].bv_val; i++ ) { - if ( conn && op && access_allowed( be, - conn, op, e, entry_at, + if ( op->o_conn && access_allowed( op, + e, entry_at, #ifdef SLAP_NVALUES &a->a_nvals[i], #else @@ -1255,7 +1243,7 @@ backend_attribute( } } freeit: if (e != target ) { - be_entry_release_r( be, conn, op, e ); + be_entry_release_r( op, e ); } } @@ -1263,11 +1251,8 @@ freeit: if (e != target ) { } Attribute *backend_operational( - Backend *be, - Connection *conn, Operation *op, - Entry *e, - AttributeName *attrs, + SlapReply *rs, int opattrs ) { Attribute *a = NULL, **ap = &a; @@ -1277,14 +1262,14 @@ Attribute *backend_operational( * and the backend supports specific operational attributes, * add them to the attribute list */ - if ( opattrs || ( attrs && - ad_inlist( slap_schema.si_ad_subschemaSubentry, attrs )) ) { - *ap = slap_operational_subschemaSubentry( be ); + if ( opattrs || ( op->oq_search.rs_attrs && + ad_inlist( slap_schema.si_ad_subschemaSubentry, op->oq_search.rs_attrs )) ) { + *ap = slap_operational_subschemaSubentry( op->o_bd ); ap = &(*ap)->a_next; } - if ( ( opattrs || attrs ) && be && be->be_operational != NULL ) { - ( void )be->be_operational( be, conn, op, e, attrs, opattrs, ap ); + if ( ( opattrs || op->oq_search.rs_attrs ) && op->o_bd && op->o_bd->be_operational != NULL ) { + ( void )op->o_bd->be_operational( op, rs, opattrs, ap ); } return a; diff --git a/servers/slapd/backglue.c b/servers/slapd/backglue.c index 4db1e9f40a..1b07693010 100644 --- a/servers/slapd/backglue.c +++ b/servers/slapd/backglue.c @@ -50,6 +50,11 @@ typedef struct glueinfo { static int glueMode; static BackendDB *glueBack; +static slap_response glue_back_response; +static slap_sresult glue_back_sresult; +static slap_sendentry glue_back_sendentry; +static slap_sendreference glue_back_sendreference; + /* Just like select_backend, but only for our backends */ static BackendDB * glue_back_select ( @@ -175,45 +180,32 @@ typedef struct glue_state { } glue_state; static void -glue_back_response ( - Connection *conn, - Operation *op, - ber_tag_t tag, - ber_int_t msgid, - ber_int_t err, - const char *matched, - const char *text, - BerVarray ref, - const char *resoid, - struct berval *resdata, - struct berval *sasldata, - LDAPControl **ctrls -) +glue_back_response ( Operation *op, SlapReply *rs ) { glue_state *gs = op->o_callback->sc_private; - if (err == LDAP_SUCCESS || gs->err != LDAP_SUCCESS) - gs->err = err; + if (rs->sr_err == LDAP_SUCCESS || gs->err != LDAP_SUCCESS) + gs->err = rs->sr_err; if (gs->err == LDAP_SUCCESS && gs->matched) { - free (gs->matched); + ch_free (gs->matched); gs->matched = NULL; gs->matchlen = 0; } - if (gs->err != LDAP_SUCCESS && matched) { + if (gs->err != LDAP_SUCCESS && rs->sr_matched) { int len; - len = strlen (matched); + len = strlen (rs->sr_matched); if (len > gs->matchlen) { if (gs->matched) - free (gs->matched); - gs->matched = ch_strdup (matched); + ch_free (gs->matched); + gs->matched = ch_strdup (rs->sr_matched); gs->matchlen = len; } } - if (ref) { + if (rs->sr_ref) { int i, j, k; BerVarray new; - for (i=0; ref[i].bv_val; i++); + for (i=0; rs->sr_ref[i].bv_val; i++); j = gs->nrefs; if (!j) { @@ -223,7 +215,7 @@ glue_back_response ( (j+i+1)*sizeof(struct berval)); } for (k=0; ksr_ref[k] ); } new[j].bv_val = NULL; gs->nrefs = j; @@ -232,128 +224,91 @@ glue_back_response ( } static void -glue_back_sresult ( - Connection *c, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - LDAPControl **ctrls, - int nentries -) +glue_back_sresult ( Operation *op, SlapReply *rs ) { glue_state *gs = op->o_callback->sc_private; - gs->nentries += nentries; - glue_back_response (c, op, 0, 0, err, matched, text, refs, - NULL, NULL, NULL, ctrls); + gs->nentries += rs->sr_nentries; + glue_back_response( op, rs ); } static int -glue_back_sendentry ( - BackendDB *be, - Connection *c, - Operation *op, - Entry *e, - AttributeName *an, - int ao, - LDAPControl **ctrls -) +glue_back_sendentry ( Operation *op, SlapReply *rs ) { slap_callback *tmp = op->o_callback; glue_state *gs = tmp->sc_private; - int rc; op->o_callback = gs->prevcb; if (op->o_callback && op->o_callback->sc_sendentry) { - rc = op->o_callback->sc_sendentry(be, c, op, e, an, ao, ctrls); + rs->sr_err = op->o_callback->sc_sendentry(op, rs); } else { - rc = send_search_entry(be, c, op, e, an, ao, ctrls); + rs->sr_err = send_search_entry(op, rs); } op->o_callback = tmp; - return rc; + return rs->sr_err; } static int -glue_back_sendreference ( - BackendDB *be, - Connection *c, - Operation *op, - Entry *e, - BerVarray bv, - LDAPControl **ctrls, - BerVarray *v2 -) +glue_back_sendreference ( Operation *op, SlapReply *rs ) { slap_callback *tmp = op->o_callback; glue_state *gs = tmp->sc_private; - int rc; op->o_callback = gs->prevcb; if (op->o_callback && op->o_callback->sc_sendreference) { - rc = op->o_callback->sc_sendreference( be, c, op, e, bv, ctrls, v2 ); + rs->sr_err = op->o_callback->sc_sendreference( op, rs ); } else { - rc = send_search_reference( be, c, op, e, bv, ctrls, v2 ); + rs->sr_err = send_search_reference( op, rs ); } op->o_callback = tmp; - return rc; + return rs->sr_err; } static int -glue_back_search ( - BackendDB *b0, - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - int scope, - int deref, - int slimit, - int tlimit, - Filter *filter, - struct berval *filterstr, - AttributeName *attrs, - int attrsonly -) +glue_back_search ( Operation *op, SlapReply *rs ) { + BackendDB *b0 = op->o_bd; glueinfo *gi = (glueinfo *) b0->bd_info; - BackendDB *be; - int i, rc = 0, t2limit = 0, s2limit = 0; + int i; long stoptime = 0; glue_state gs = {0, 0, 0, NULL, 0, NULL, NULL}; slap_callback cb; + int scope0, slimit0, tlimit0; + struct berval dn, ndn; cb.sc_response = glue_back_response; cb.sc_sresult = glue_back_sresult; cb.sc_sendentry = glue_back_sendentry; + cb.sc_sendreference = glue_back_sendreference; cb.sc_private = &gs; gs.prevcb = op->o_callback; - if (tlimit) { - stoptime = slap_get_time () + tlimit; + if (op->oq_search.rs_tlimit) { + stoptime = slap_get_time () + op->oq_search.rs_tlimit; } - switch (scope) { + switch (op->oq_search.rs_scope) { case LDAP_SCOPE_BASE: - be = glue_back_select (b0, ndn->bv_val); + op->o_bd = glue_back_select (b0, op->o_req_ndn.bv_val); - if (be && be->be_search) { - rc = be->be_search (be, conn, op, dn, ndn, scope, - deref, slimit, tlimit, filter, filterstr, - attrs, attrsonly); + if (op->o_bd && op->o_bd->be_search) { + rs->sr_err = op->o_bd->be_search( op, rs ); } else { - rc = LDAP_UNWILLING_TO_PERFORM; - send_ldap_result (conn, op, rc, NULL, - "No search target found", NULL, NULL); + send_ldap_error(op, rs, LDAP_UNWILLING_TO_PERFORM, + "No search target found"); } - return rc; + return rs->sr_err; case LDAP_SCOPE_ONELEVEL: case LDAP_SCOPE_SUBTREE: op->o_callback = &cb; - rc = gs.err = LDAP_UNWILLING_TO_PERFORM; + rs->sr_err = gs.err = LDAP_UNWILLING_TO_PERFORM; + scope0 = op->oq_search.rs_scope; + slimit0 = op->oq_search.rs_slimit; + tlimit0 = op->oq_search.rs_tlimit; + dn = op->o_req_dn; + ndn = op->o_req_ndn; /* * Execute in reverse order, most general first @@ -361,49 +316,43 @@ glue_back_search ( for (i = gi->nodes-1; i >= 0; i--) { if (!gi->n[i].be || !gi->n[i].be->be_search) continue; - if (tlimit) { - t2limit = stoptime - slap_get_time (); - if (t2limit <= 0) { - rc = gs.err = LDAP_TIMELIMIT_EXCEEDED; + if (tlimit0) { + op->oq_search.rs_tlimit = stoptime - slap_get_time (); + if (op->oq_search.rs_tlimit <= 0) { + rs->sr_err = gs.err = LDAP_TIMELIMIT_EXCEEDED; break; } } - if (slimit) { - s2limit = slimit - gs.nentries; - if (s2limit <= 0) { - rc = gs.err = LDAP_SIZELIMIT_EXCEEDED; + if (slimit0) { + op->oq_search.rs_slimit = slimit0 - gs.nentries; + if (op->oq_search.rs_slimit <= 0) { + rs->sr_err = gs.err = LDAP_SIZELIMIT_EXCEEDED; break; } } - rc = 0; + rs->sr_err = 0; /* * check for abandon */ if (op->o_abandon) { goto done; } - be = gi->n[i].be; - if (scope == LDAP_SCOPE_ONELEVEL && - dn_match(&gi->n[i].pdn, ndn)) { - rc = be->be_search (be, conn, op, - &be->be_suffix[0], &be->be_nsuffix[0], - LDAP_SCOPE_BASE, deref, - s2limit, t2limit, filter, filterstr, - attrs, attrsonly); - - } else if (scope == LDAP_SCOPE_SUBTREE && - dnIsSuffix(&be->be_nsuffix[0], ndn)) { - rc = be->be_search (be, conn, op, - &be->be_suffix[0], &be->be_nsuffix[0], - scope, deref, - s2limit, t2limit, filter, filterstr, - attrs, attrsonly); - - } else if (dnIsSuffix(ndn, &be->be_nsuffix[0])) { - rc = be->be_search (be, conn, op, dn, ndn, - scope, deref, - s2limit, t2limit, filter, filterstr, - attrs, attrsonly); + op->o_bd = gi->n[i].be; + if (scope0 == LDAP_SCOPE_ONELEVEL && + dn_match(&gi->n[i].pdn, &ndn)) { + op->oq_search.rs_scope = LDAP_SCOPE_BASE; + op->o_req_dn = op->o_bd->be_suffix[0]; + op->o_req_ndn = op->o_bd->be_nsuffix[0]; + rs->sr_err = op->o_bd->be_search(op, rs); + + } else if (scope0 == LDAP_SCOPE_SUBTREE && + dnIsSuffix(&op->o_bd->be_nsuffix[0], &ndn)) { + op->o_req_dn = op->o_bd->be_suffix[0]; + op->o_req_ndn = op->o_bd->be_nsuffix[0]; + rs->sr_err = op->o_bd->be_search( op, rs ); + + } else if (dnIsSuffix(&ndn, &op->o_bd->be_nsuffix[0])) { + rs->sr_err = op->o_bd->be_search( op, rs ); } switch ( gs.err ) { @@ -422,19 +371,29 @@ glue_back_search ( } } end_of_loop:; + op->oq_search.rs_scope = scope0; + op->oq_search.rs_slimit = slimit0; + op->oq_search.rs_tlimit = tlimit0; + op->o_req_dn = dn; + op->o_req_ndn = ndn; + break; } op->o_callback = gs.prevcb; + rs->sr_err = gs.err; + rs->sr_matched = gs.matched; + rs->sr_ref = gs.refs; + rs->sr_nentries = gs.nentries; - send_search_result (conn, op, gs.err, gs.matched, NULL, - gs.refs, NULL, gs.nentries); + send_search_result( op, rs ); done: + op->o_bd = b0; if (gs.matched) free (gs.matched); if (gs.refs) ber_bvarray_free(gs.refs); - return rc; + return rs->sr_err; } diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c index b8553f7b6f..b21354e05c 100644 --- a/servers/slapd/bind.c +++ b/servers/slapd/bind.c @@ -33,8 +33,8 @@ int do_bind( - Connection *conn, - Operation *op + Operation *op, + SlapReply *rs ) { BerElement *ber = op->o_ber; @@ -42,21 +42,15 @@ do_bind( ber_tag_t method; struct berval mech = { 0, NULL }; struct berval dn = { 0, NULL }; - struct berval pdn = { 0, NULL }; - struct berval ndn = { 0, NULL }; - struct berval edn = { 0, NULL }; ber_tag_t tag; - int rc = LDAP_SUCCESS; - const char *text; - struct berval cred = { 0, NULL }; - Backend *be = NULL; + Backend *be; #ifdef LDAP_SLAPI Slapi_PBlock *pb = op->o_pb; #endif #ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ENTRY, "do_bind: conn %d\n", conn->c_connid, 0, 0 ); + LDAP_LOG( OPERATION, ENTRY, "do_bind: conn %d\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_bind\n", 0, 0, 0 ); #endif @@ -64,19 +58,19 @@ do_bind( /* * Force to connection to "anonymous" until bind succeeds. */ - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - if ( conn->c_sasl_bind_in_progress ) be = conn->c_authz_backend; + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + if ( op->o_conn->c_sasl_bind_in_progress ) be = op->o_conn->c_authz_backend; /* log authorization identity demotion */ - if ( conn->c_dn.bv_len ) { + if ( op->o_conn->c_dn.bv_len ) { Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu BIND anonymous mech=implicit ssf=0", op->o_connid, op->o_opid, 0, 0, 0 ); } - connection2anonymous( conn ); - if ( conn->c_sasl_bind_in_progress ) conn->c_authz_backend = be; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + connection2anonymous( op->o_conn ); + if ( op->o_conn->c_sasl_bind_in_progress ) op->o_conn->c_authz_backend = be; + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); if ( op->o_dn.bv_val != NULL ) { free( op->o_dn.bv_val ); @@ -115,34 +109,33 @@ do_bind( if ( tag == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_bind: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 ); + "do_bind: conn %d ber_scanf failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "bind: ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = -1; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + rs->sr_err = -1; goto cleanup; } op->o_protocol = version; if( method != LDAP_AUTH_SASL ) { - tag = ber_scanf( ber, /*{*/ "m}", &cred ); + tag = ber_scanf( ber, /*{*/ "m}", &op->oq_bind.rb_cred ); } else { - tag = ber_scanf( ber, "{o" /*}*/, &mech ); + tag = ber_scanf( ber, "{m" /*}*/, &mech ); if ( tag != LBER_ERROR ) { ber_len_t len; tag = ber_peek_tag( ber, &len ); if ( tag == LDAP_TAG_LDAPCRED ) { - tag = ber_scanf( ber, "m", &cred ); + tag = ber_scanf( ber, "m", &op->oq_bind.rb_cred ); } else { tag = LDAP_TAG_LDAPCRED; - cred.bv_val = NULL; - cred.bv_len = 0; + op->oq_bind.rb_cred.bv_val = NULL; + op->oq_bind.rb_cred.bv_len = 0; } if ( tag != LBER_ERROR ) { @@ -152,35 +145,33 @@ do_bind( } if ( tag == LBER_ERROR ) { - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = SLAPD_DISCONNECT; + rs->sr_err = SLAPD_DISCONNECT; goto cleanup; } - if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, - "do_bind: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 ); + "do_bind: conn %d get_ctrls failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_bind: get_ctrls failed\n", 0, 0, 0 ); #endif goto cleanup; } - rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn ); + if ( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: conn %d invalid dn (%s)\n", - conn->c_connid, dn.bv_val, 0 ); + op->o_connid, dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "bind: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" ); goto cleanup; } @@ -188,84 +179,80 @@ do_bind( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, DETAIL1, "do_sasl_bind: conn %d dn (%s) mech %s\n", - conn->c_connid, pdn.bv_val, mech.bv_val ); + op->o_connid, op->o_req_dn.bv_val, mech.bv_val ); #else Debug( LDAP_DEBUG_TRACE, "do_sasl_bind: dn (%s) mech %s\n", - pdn.bv_val, mech.bv_val, NULL ); + op->o_req_dn.bv_val, mech.bv_val, NULL ); #endif } else { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, DETAIL1, "do_bind: version=%ld dn=\"%s\" method=%ld\n", - (unsigned long) version, pdn.bv_val, (unsigned long)method ); + (unsigned long) version, op->o_req_dn.bv_val, (unsigned long)method ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: version=%ld dn=\"%s\" method=%ld\n", (unsigned long) version, - pdn.bv_val, (unsigned long) method ); + op->o_req_dn.bv_val, (unsigned long) method ); #endif } Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu BIND dn=\"%s\" method=%ld\n", - op->o_connid, op->o_opid, pdn.bv_val, (unsigned long) method, 0 ); + op->o_connid, op->o_opid, op->o_req_dn.bv_val, (unsigned long) method, 0 ); if ( version < LDAP_VERSION_MIN || version > LDAP_VERSION_MAX ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: conn %d unknown version = %ld\n", - conn->c_connid, (unsigned long)version, 0 ); + op->o_connid, (unsigned long)version, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_bind: unknown version=%ld\n", (unsigned long) version, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, - NULL, "requested protocol version not supported", NULL, NULL ); + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, + "requested protocol version not supported" ); goto cleanup; } else if (!( global_allows & SLAP_ALLOW_BIND_V2 ) && version < LDAP_VERSION3 ) { - send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, - NULL, "historical protocol version requested, use LDAPv3 instead", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, + "historical protocol version requested, use LDAPv3 instead" ); goto cleanup; } /* we set connection version regardless of whether bind succeeds * or not. */ - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - conn->c_protocol = version; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + op->o_conn->c_protocol = version; + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); /* check for inappropriate controls */ if( get_manageDSAit( op ) == SLAP_CRITICAL_CONTROL ) { - send_ldap_result( conn, op, - rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION, - NULL, "manageDSAit control inappropriate", - NULL, NULL ); + send_ldap_error( op, rs, + LDAP_UNAVAILABLE_CRITICAL_EXTENSION, + "manageDSAit control inappropriate" ); goto cleanup; } /* Set the bindop for the benefit of in-directory SASL lookups */ - conn->c_sasl_bindop = op; + op->o_conn->c_sasl_bindop = op; if ( method == LDAP_AUTH_SASL ) { - slap_ssf_t ssf = 0; - if ( version < LDAP_VERSION3 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: conn %d sasl with LDAPv%ld\n", - conn->c_connid, (unsigned long)version , 0 ); + op->o_connid, (unsigned long)version , 0 ); #else Debug( LDAP_DEBUG_ANY, "do_bind: sasl with LDAPv%ld\n", (unsigned long) version, 0, 0 ); #endif - send_ldap_disconnect( conn, op, + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "SASL bind requires LDAPv3" ); - rc = SLAPD_DISCONNECT; + rs->sr_err = SLAPD_DISCONNECT; goto cleanup; } @@ -273,62 +260,56 @@ do_bind( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: conn %d no SASL mechanism provided\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_bind: no sasl mechanism provided\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_AUTH_METHOD_NOT_SUPPORTED, - NULL, "no SASL mechanism provided", NULL, NULL ); + send_ldap_error( op, rs, LDAP_AUTH_METHOD_NOT_SUPPORTED, + "no SASL mechanism provided" ); goto cleanup; } /* check restrictions */ - rc = backend_check_restrictions( NULL, conn, op, &mech, &text ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, &mech ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - if ( conn->c_sasl_bind_in_progress ) { - if( !bvmatch( &conn->c_sasl_bind_mech, &mech ) ) { + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + if ( op->o_conn->c_sasl_bind_in_progress ) { + if( !bvmatch( &op->o_conn->c_sasl_bind_mech, &mech ) ) { /* mechanism changed between bind steps */ - slap_sasl_reset(conn); + slap_sasl_reset(op->o_conn); } } else { - conn->c_sasl_bind_mech = mech; - mech.bv_val = NULL; - mech.bv_len = 0; + ber_dupbv(&op->o_conn->c_sasl_bind_mech, &mech); } - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); - rc = slap_sasl_bind( conn, op, - &pdn, &ndn, - &cred, &edn, &ssf ); + rs->sr_err = slap_sasl_bind( op, rs ); - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - if( rc == LDAP_SUCCESS ) { - conn->c_dn = edn; - if( edn.bv_len != 0 ) { + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + if( rs->sr_err == LDAP_SUCCESS ) { + op->o_conn->c_dn = op->oq_bind.rb_edn; + if( op->oq_bind.rb_edn.bv_len != 0 ) { /* edn is always normalized already */ - ber_dupbv( &conn->c_ndn, &conn->c_dn ); + ber_dupbv( &op->o_conn->c_ndn, &op->o_conn->c_dn ); } - conn->c_authmech = conn->c_sasl_bind_mech; - conn->c_sasl_bind_mech.bv_val = NULL; - conn->c_sasl_bind_mech.bv_len = 0; - conn->c_sasl_bind_in_progress = 0; - - conn->c_sasl_ssf = ssf; - if( ssf > conn->c_ssf ) { - conn->c_ssf = ssf; + op->o_conn->c_authmech = op->o_conn->c_sasl_bind_mech; + op->o_conn->c_sasl_bind_mech.bv_val = NULL; + op->o_conn->c_sasl_bind_mech.bv_len = 0; + op->o_conn->c_sasl_bind_in_progress = 0; + + op->o_conn->c_sasl_ssf = op->oq_bind.rb_ssf; + if( op->oq_bind.rb_ssf > op->o_conn->c_ssf ) { + op->o_conn->c_ssf = op->oq_bind.rb_ssf; } - if( conn->c_dn.bv_len != 0 ) { + if( op->o_conn->c_dn.bv_len != 0 ) { ber_len_t max = sockbuf_max_incoming_auth; - ber_sockbuf_ctrl( conn->c_sb, + ber_sockbuf_ctrl( op->o_conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); } @@ -336,92 +317,89 @@ do_bind( Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu BIND dn=\"%s\" mech=%s ssf=%d\n", op->o_connid, op->o_opid, - conn->c_dn.bv_val ? conn->c_dn.bv_val : "", - conn->c_authmech.bv_val, ssf ); + op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : "", + op->o_conn->c_authmech.bv_val, op->oq_bind.rb_ssf ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, DETAIL1, "do_bind: SASL/%s bind: dn=\"%s\" ssf=%d\n", - conn->c_authmech.bv_val, - conn->c_dn.bv_val ? conn->c_dn.bv_val : "", - ssf ); + op->o_conn->c_authmech.bv_val, + op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : "", + op->oq_bind.rb_ssf ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: SASL/%s bind: dn=\"%s\" ssf=%d\n", - conn->c_authmech.bv_val, - conn->c_dn.bv_val ? conn->c_dn.bv_val : "", - ssf ); + op->o_conn->c_authmech.bv_val, + op->o_conn->c_dn.bv_val ? op->o_conn->c_dn.bv_val : "", + op->oq_bind.rb_ssf ); #endif - } else if ( rc == LDAP_SASL_BIND_IN_PROGRESS ) { - conn->c_sasl_bind_in_progress = 1; + } else if ( rs->sr_err == LDAP_SASL_BIND_IN_PROGRESS ) { + op->o_conn->c_sasl_bind_in_progress = 1; } else { - if ( conn->c_sasl_bind_mech.bv_val ) { - free( conn->c_sasl_bind_mech.bv_val ); - conn->c_sasl_bind_mech.bv_val = NULL; - conn->c_sasl_bind_mech.bv_len = 0; + if ( op->o_conn->c_sasl_bind_mech.bv_val ) { + free( op->o_conn->c_sasl_bind_mech.bv_val ); + op->o_conn->c_sasl_bind_mech.bv_val = NULL; + op->o_conn->c_sasl_bind_mech.bv_len = 0; } - conn->c_sasl_bind_in_progress = 0; + op->o_conn->c_sasl_bind_in_progress = 0; } - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); goto cleanup; } else { /* Not SASL, cancel any in-progress bind */ - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); - if ( conn->c_sasl_bind_mech.bv_val != NULL ) { - free(conn->c_sasl_bind_mech.bv_val); - conn->c_sasl_bind_mech.bv_val = NULL; - conn->c_sasl_bind_mech.bv_len = 0; + if ( op->o_conn->c_sasl_bind_mech.bv_val != NULL ) { + free(op->o_conn->c_sasl_bind_mech.bv_val); + op->o_conn->c_sasl_bind_mech.bv_val = NULL; + op->o_conn->c_sasl_bind_mech.bv_len = 0; } - conn->c_sasl_bind_in_progress = 0; + op->o_conn->c_sasl_bind_in_progress = 0; - slap_sasl_reset( conn ); - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + slap_sasl_reset( op->o_conn ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); } if ( method == LDAP_AUTH_SIMPLE ) { /* accept "anonymous" binds */ - if ( cred.bv_len == 0 || ndn.bv_len == 0 ) { - rc = LDAP_SUCCESS; - text = NULL; + if ( op->oq_bind.rb_cred.bv_len == 0 || op->o_req_ndn.bv_len == 0 ) { + rs->sr_err = LDAP_SUCCESS; - if( cred.bv_len && + if( op->oq_bind.rb_cred.bv_len && !( global_allows & SLAP_ALLOW_BIND_ANON_CRED )) { /* cred is not empty, disallow */ - rc = LDAP_INVALID_CREDENTIALS; + rs->sr_err = LDAP_INVALID_CREDENTIALS; - } else if ( ndn.bv_len && + } else if ( op->o_req_ndn.bv_len && !( global_allows & SLAP_ALLOW_BIND_ANON_DN )) { /* DN is not empty, disallow */ - rc = LDAP_UNWILLING_TO_PERFORM; - text = "unauthenticated bind (DN with no password) disallowed"; + rs->sr_err = LDAP_UNWILLING_TO_PERFORM; + rs->sr_text = "unauthenticated bind (DN with no password) disallowed"; } else if ( global_disallows & SLAP_DISALLOW_BIND_ANON ) { /* disallow */ - rc = LDAP_INAPPROPRIATE_AUTH; - text = "anonymous bind disallowed"; + rs->sr_err = LDAP_INAPPROPRIATE_AUTH; + rs->sr_text = "anonymous bind disallowed"; } else { - rc = backend_check_restrictions( NULL, conn, op, - &mech, &text ); + backend_check_restrictions( op, rs, &mech ); } /* * we already forced connection to "anonymous", * just need to send success */ - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, DETAIL1, "do_bind: conn %d v%d anonymous bind\n", - conn->c_connid, version , 0 ); + op->o_connid, version , 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: v%d anonymous bind\n", version, 0, 0 ); @@ -430,40 +408,38 @@ do_bind( } else if ( global_disallows & SLAP_DISALLOW_BIND_SIMPLE ) { /* disallow simple authentication */ - rc = LDAP_UNWILLING_TO_PERFORM; - text = "unwilling to perform simple authentication"; + rs->sr_err = LDAP_UNWILLING_TO_PERFORM; + rs->sr_text = "unwilling to perform simple authentication"; - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: conn %d v%d simple bind(%s) disallowed\n", - conn->c_connid, version, ndn.bv_val ); + op->o_connid, version, op->o_req_ndn.bv_val ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: v%d simple bind(%s) disallowed\n", - version, ndn.bv_val, 0 ); + version, op->o_req_ndn.bv_val, 0 ); #endif goto cleanup; } else if (( global_disallows & SLAP_DISALLOW_BIND_SIMPLE_UNPROTECTED ) && ( op->o_ssf <= 1 )) { - rc = LDAP_CONFIDENTIALITY_REQUIRED; - text = "unwilling to perform simple authentication " + rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED; + rs->sr_text = "unwilling to perform simple authentication " "without confidentilty protection"; - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: conn %d " "v%d unprotected simple bind(%s) disallowed\n", - conn->c_connid, version, ndn.bv_val ); + op->o_connid, version, op->o_req_ndn.bv_val ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: v%d unprotected simple bind(%s) disallowed\n", - version, ndn.bv_val, 0 ); + version, op->o_req_ndn.bv_val, 0 ); #endif goto cleanup; } @@ -472,15 +448,14 @@ do_bind( } else if ( method == LDAP_AUTH_KRBV41 || method == LDAP_AUTH_KRBV42 ) { if ( global_disallows & SLAP_DISALLOW_BIND_KRBV4 ) { /* disallow simple authentication */ - rc = LDAP_UNWILLING_TO_PERFORM; - text = "unwilling to perform Kerberos V4 bind"; + rs->sr_err = LDAP_UNWILLING_TO_PERFORM; + rs->sr_text = "unwilling to perform Kerberos V4 bind"; - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, DETAIL1, "do_bind: conn %d v%d Kerberos V4 bind\n", - conn->c_connid, version , 0 ); + op->o_connid, version , 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: v%d Kerberos V4 bind\n", version, 0, 0 ); @@ -490,15 +465,14 @@ do_bind( #endif } else { - rc = LDAP_AUTH_METHOD_NOT_SUPPORTED; - text = "unknown authentication method"; + rs->sr_err = LDAP_AUTH_METHOD_NOT_SUPPORTED; + rs->sr_text = "unknown authentication method"; - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: conn %ld v%d unknown authentication method (%ld)\n", - conn->c_connid, version, method ); + op->o_connid, version, method ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: v%d unknown authentication method (%ld)\n", @@ -513,44 +487,43 @@ do_bind( * if we don't hold it. */ - if ( (be = select_backend( &ndn, 0, 0 )) == NULL ) { + if ( (op->o_bd = select_backend( &op->o_req_ndn, 0, 0 )) == NULL ) { if ( default_referral ) { - BerVarray ref = referral_rewrite( default_referral, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); + if (!rs->sr_ref) rs->sr_ref = default_referral; - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, ref ? ref : default_referral, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( ref ); + if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref ); } else { /* noSuchObject is not allowed to be returned by bind */ - send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_INVALID_CREDENTIALS; + send_ldap_result( op, rs ); } goto cleanup; } /* check restrictions */ - rc = backend_check_restrictions( be, conn, op, NULL, &text ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } #if defined( LDAP_SLAPI ) - slapi_x_backend_set_pb( pb, be ); - slapi_x_connection_set_pb( pb, conn ); + slapi_x_backend_set_pb( pb, op->o_bd ); + slapi_x_connection_set_pb( pb, op->o_conn ); slapi_x_operation_set_pb( pb, op ); slapi_pblock_set( pb, SLAPI_BIND_TARGET, (void *)dn.bv_val ); slapi_pblock_set( pb, SLAPI_BIND_METHOD, (void *)method ); - slapi_pblock_set( pb, SLAPI_BIND_CREDENTIALS, (void *)&cred ); + slapi_pblock_set( pb, SLAPI_BIND_CREDENTIALS, (void *)&op->oq_bind.rb_cred ); slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)(0) ); - rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_BIND_FN, pb ); - if ( rc != SLAPI_BIND_SUCCESS ) { + rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_BIND_FN, pb ); + if ( rs->sr_err != SLAPI_BIND_SUCCESS ) { /* * Binding is a special case for SLAPI plugins. It is * possible for a bind plugin to be successful *and* @@ -565,72 +538,70 @@ do_bind( if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&ldapRc ) != 0 ) ldapRc = LDAP_OTHER; - edn.bv_val = NULL; - edn.bv_len = 0; - if ( rc != SLAPI_BIND_FAIL && ldapRc == LDAP_SUCCESS ) { + op->oq_bind.rb_edn.bv_val = NULL; + op->oq_bind.rb_edn.bv_len = 0; + if ( rs->sr_err != SLAPI_BIND_FAIL && ldapRc == LDAP_SUCCESS ) { /* Set the new connection DN. */ - if ( rc != SLAPI_BIND_ANONYMOUS ) { - slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&edn.bv_val ); + if ( rs->sr_err != SLAPI_BIND_ANONYMOUS ) { + slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&op->oq_bind.rb_edn.bv_val ); } - rc = dnPrettyNormal( NULL, &edn, &pdn, &ndn ); - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - conn->c_dn = pdn; - conn->c_ndn = ndn; - pdn.bv_val = NULL; - pdn.bv_len = 0; - ndn.bv_val = NULL; - ndn.bv_len = 0; - if ( conn->c_dn.bv_len != 0 ) { + rs->sr_err = dnPrettyNormal( NULL, &op->oq_bind.rb_edn, &op->o_req_dn, &op->o_req_ndn ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + op->o_conn->c_dn = op->o_req_dn; + op->o_conn->c_ndn = op->o_req_ndn; + op->o_req_dn.bv_val = NULL; + op->o_req_dn.bv_len = 0; + op->o_req_ndn.bv_val = NULL; + op->o_req_ndn.bv_len = 0; + if ( op->o_conn->c_dn.bv_len != 0 ) { ber_len_t max = sockbuf_max_incoming_auth; - ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); + ber_sockbuf_ctrl( op->o_conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); } /* log authorization identity */ Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu BIND dn=\"%s\" mech=simple (SLAPI) ssf=0\n", op->o_connid, op->o_opid, - conn->c_dn.bv_val, 0, 0 ); - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + op->o_conn->c_dn.bv_val, 0, 0 ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: Bind preoperation plugin returned %d\n", - rc, 0, 0); + rs->sr_err, 0, 0); #else Debug(LDAP_DEBUG_TRACE, "do_bind: Bind preoperation plugin returned %d.\n", - rc, 0, 0); + rs->sr_err, 0, 0); #endif - rc = ldapRc; + rs->sr_err = ldapRc; goto cleanup; } #endif /* defined( LDAP_SLAPI ) */ - if ( be->be_bind ) { - int ret; - - ret = (*be->be_bind)( be, conn, op, - &pdn, &ndn, method, &cred, &edn ); + if ( op->o_bd->be_bind ) { + op->oq_bind.rb_method = method; + rs->sr_err = (op->o_bd->be_bind)( op, rs ); - if ( ret == 0 ) { - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + if ( rs->sr_err == 0 ) { + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); - if( conn->c_authz_backend == NULL ) { - conn->c_authz_backend = be; + if( op->o_conn->c_authz_backend == NULL ) { + op->o_conn->c_authz_backend = op->o_bd; } - if(edn.bv_len) { - conn->c_dn = edn; + if(op->oq_bind.rb_edn.bv_len) { + op->o_conn->c_dn = op->oq_bind.rb_edn; } else { - conn->c_dn = pdn; - pdn.bv_val = NULL; - pdn.bv_len = 0; + op->o_conn->c_dn = op->o_req_dn; + op->o_req_dn.bv_val = NULL; + op->o_req_dn.bv_len = 0; } - conn->c_ndn = ndn; - ndn.bv_val = NULL; - ndn.bv_len = 0; + op->o_conn->c_ndn = op->o_req_ndn; + op->o_req_ndn.bv_val = NULL; + op->o_req_ndn.bv_len = 0; - if( conn->c_dn.bv_len != 0 ) { + if( op->o_conn->c_dn.bv_len != 0 ) { ber_len_t max = sockbuf_max_incoming_auth; - ber_sockbuf_ctrl( conn->c_sb, + ber_sockbuf_ctrl( op->o_conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); } @@ -638,36 +609,34 @@ do_bind( Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu BIND dn=\"%s\" mech=simple ssf=0\n", op->o_connid, op->o_opid, - conn->c_dn.bv_val, conn->c_authmech.bv_val, 0 ); + op->o_conn->c_dn.bv_val, 0, 0 ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, DETAIL1, "do_bind: v%d bind: \"%s\" to \"%s\" \n", - version, conn->c_dn.bv_val, conn->c_dn.bv_val ); + version, op->o_conn->c_dn.bv_val, op->o_conn->c_dn.bv_val ); #else Debug( LDAP_DEBUG_TRACE, "do_bind: v%d bind: \"%s\" to \"%s\"\n", - version, dn.bv_val, conn->c_dn.bv_val ); + version, dn.bv_val, op->o_conn->c_dn.bv_val ); #endif - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); /* send this here to avoid a race condition */ - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + send_ldap_result( op, rs ); - } else if (edn.bv_val != NULL) { - free( edn.bv_val ); + } else if (op->oq_bind.rb_edn.bv_val != NULL) { + free( op->oq_bind.rb_edn.bv_val ); } } else { - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "operation not supported within namingContext" ); } #if defined( LDAP_SLAPI ) - if ( doPluginFNs( be, SLAPI_PLUGIN_POST_BIND_FN, pb ) != 0 ) { + if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_BIND_FN, pb ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_bind: Bind postoperation plugins failed\n", 0, 0, 0); @@ -679,17 +648,14 @@ do_bind( #endif /* defined( LDAP_SLAPI ) */ cleanup: - conn->c_sasl_bindop = NULL; + op->o_conn->c_sasl_bindop = NULL; - if( pdn.bv_val != NULL ) { - free( pdn.bv_val ); - } - if( ndn.bv_val != NULL ) { - free( ndn.bv_val ); + if( op->o_req_dn.bv_val != NULL ) { + free( op->o_req_dn.bv_val ); } - if ( mech.bv_val != NULL ) { - free( mech.bv_val ); + if( op->o_req_ndn.bv_val != NULL ) { + free( op->o_req_ndn.bv_val ); } - return rc; + return rs->sr_err; } diff --git a/servers/slapd/cancel.c b/servers/slapd/cancel.c index 0fcce20d69..2e7ebfea9b 100644 --- a/servers/slapd/cancel.c +++ b/servers/slapd/cancel.c @@ -21,67 +21,57 @@ #include #include -int cancel_extop( - Connection *conn, - Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl ***rspctrls, - const char **text, - BerVarray *refs ) +int cancel_extop( Operation *op, SlapReply *rs ) { - Backend *be; + Operation *o; int rc; int found = 0; int opid; BerElement *ber; int i; - assert( reqoid != NULL ); - assert( ber_bvcmp( &slap_EXOP_CANCEL, reqoid ) == 0 ); + assert( ber_bvcmp( &slap_EXOP_CANCEL, &op->oq_extended.rs_reqoid ) == 0 ); - if ( reqdata == NULL ) { - *text = "no message ID supplied"; + if ( op->oq_extended.rs_reqdata == NULL ) { + rs->sr_text = "no message ID supplied"; return LDAP_PROTOCOL_ERROR; } - ber = ber_init( reqdata ); + ber = ber_init( op->oq_extended.rs_reqdata ); if ( ber == NULL ) { - *text = "internal error"; + rs->sr_text = "internal error"; return LDAP_OTHER; } if ( ber_scanf( ber, "{i}", &opid ) == LBER_ERROR ) { - *text = "message ID parse failed"; + rs->sr_text = "message ID parse failed"; return LDAP_PROTOCOL_ERROR; } (void) ber_free( ber, 1 ); if ( opid < 0 ) { - *text = "message ID invalid"; + rs->sr_text = "message ID invalid"; return LDAP_PROTOCOL_ERROR; } - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - LDAP_STAILQ_FOREACH( op, &conn->c_pending_ops, o_next ) { - if ( op->o_msgid == opid ) { - LDAP_STAILQ_REMOVE( &conn->c_pending_ops, op, slap_op, o_next ); - slap_op_free( op ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + LDAP_STAILQ_FOREACH( o, &op->o_conn->c_pending_ops, o_next ) { + if ( o->o_msgid == opid ) { + LDAP_STAILQ_REMOVE( &op->o_conn->c_pending_ops, o, slap_op, o_next ); + slap_op_free( o ); found = 1; break; } } - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); if ( found ) return LDAP_SUCCESS; found = 0; - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - LDAP_STAILQ_FOREACH( op, &conn->c_ops, o_next ) { - if ( op->o_msgid == opid ) { + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + LDAP_STAILQ_FOREACH( o, &op->o_conn->c_ops, o_next ) { + if ( o->o_msgid == opid ) { found = 1; break; } @@ -90,33 +80,31 @@ int cancel_extop( if ( !found ) { #ifdef LDAP_SYNC for ( i = 0; i < nbackends; i++ ) { - Backend *be = &backends[i]; - if( !be->be_cancel ) continue; + op->o_bd = &backends[i]; + if( !op->o_bd->be_cancel ) continue; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); - if ( be->be_cancel( be, conn, op, opid ) == LDAP_SUCCESS ) { + op->oq_cancel.rs_msgid = opid; + if ( op->o_bd->be_cancel( op, rs ) == LDAP_SUCCESS ) { return LDAP_SUCCESS; - } else { - *text = "message ID not found"; - return LDAP_NO_SUCH_OPERATION; } + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); } -#else - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); - *text = "message ID not found"; - return LDAP_NO_SUCH_OPERATION; #endif + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); + rs->sr_text = "message ID not found"; + return LDAP_NO_SUCH_OPERATION; } if ( op->o_cancel != SLAP_CANCEL_NONE ) { - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); - *text = "message ID already being cancelled"; + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); + rs->sr_text = "message ID already being cancelled"; return LDAP_PROTOCOL_ERROR; } op->o_cancel = SLAP_CANCEL_REQ; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); while ( op->o_cancel == SLAP_CANCEL_REQ ) { ldap_pvt_thread_yield(); diff --git a/servers/slapd/compare.c b/servers/slapd/compare.c index 17a080cc1b..09b977af3b 100644 --- a/servers/slapd/compare.c +++ b/servers/slapd/compare.c @@ -27,28 +27,23 @@ #endif static int compare_entry( - Connection *conn, Operation *op, Entry *e, AttributeAssertion *ava ); int do_compare( - Connection *conn, - Operation *op + Operation *op, + SlapReply *rs ) { Entry *entry = NULL; Entry *fentry = NULL; struct berval dn = { 0, NULL }; - struct berval pdn = { 0, NULL }; - struct berval ndn = { 0, NULL }; struct berval desc = { 0, NULL }; struct berval value = { 0, NULL }; AttributeAssertion ava = { NULL, { 0, NULL } }; Backend *be; - int rc = LDAP_SUCCESS; - const char *text = NULL; int manageDSAit; #ifdef LDAP_SLAPI @@ -58,7 +53,7 @@ do_compare( ava.aa_desc = NULL; #ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ENTRY, "do_compare: conn %d\n", conn->c_connid, 0, 0 ); + LDAP_LOG( OPERATION, ENTRY, "do_compare: conn %d\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_compare\n", 0, 0, 0 ); #endif @@ -77,155 +72,147 @@ do_compare( if ( ber_scanf( op->o_ber, "{m" /*}*/, &dn ) == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_compare: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 ); + "do_compare: conn %d ber_scanf failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); return SLAPD_DISCONNECT; } if ( ber_scanf( op->o_ber, "{mm}", &desc, &value ) == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_compare: conn %d get ava failed\n", conn->c_connid, 0, 0 ); + "do_compare: conn %d get ava failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_compare: get ava failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = SLAPD_DISCONNECT; - goto cleanup; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + return SLAPD_DISCONNECT; } if ( ber_scanf( op->o_ber, /*{*/ "}" ) == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_compare: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 ); + "do_compare: conn %d ber_scanf failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = SLAPD_DISCONNECT; - goto cleanup; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + return SLAPD_DISCONNECT; } - if( ( rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, - "do_compare: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 ); + "do_compare: conn %d get_ctrls failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_compare: get_ctrls failed\n", 0, 0, 0 ); #endif goto cleanup; } - rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn ); - if( rc != LDAP_SUCCESS ) { + rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn ); + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_compare: conn %d invalid dn (%s)\n", - conn->c_connid, dn.bv_val, 0 ); + op->o_connid, dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_compare: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" ); goto cleanup; } - rc = slap_bv2ad( &desc, &ava.aa_desc, &text ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); + rs->sr_err = slap_bv2ad( &desc, &ava.aa_desc, &rs->sr_text ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } #ifdef SLAP_NVALUES - rc = asserted_value_validate_normalize( ava.aa_desc, + rs->sr_err = asserted_value_validate_normalize( ava.aa_desc, ava.aa_desc->ad_type->sat_equality, SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX, - &value, &ava.aa_value, &text ); + &value, &ava.aa_value, &rs->sr_text ); #else - rc = value_validate_normalize( ava.aa_desc, SLAP_MR_EQUALITY, - &value, &ava.aa_value, &text ); + rs->sr_err = value_validate_normalize( ava.aa_desc, SLAP_MR_EQUALITY, + &value, &ava.aa_value, &rs->sr_text ); #endif - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } - if( strcasecmp( ndn.bv_val, LDAP_ROOT_DSE ) == 0 ) { + if( strcasecmp( op->o_req_ndn.bv_val, LDAP_ROOT_DSE ) == 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "do_compare: dn (%s) attr(%s) value (%s)\n", - pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); + op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); #else Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n", - pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); + op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); #endif Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu CMP dn=\"%s\" attr=\"%s\"\n", - op->o_connid, op->o_opid, pdn.bv_val, + op->o_connid, op->o_opid, op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, 0 ); - rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } - rc = root_dse_info( conn, &entry, &text ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); + rs->sr_err = root_dse_info( op->o_conn, &entry, &rs->sr_text ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } fentry = entry; - } else if ( bvmatch( &ndn, &global_schemandn ) ) { + } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "do_compare: dn (%s) attr(%s) value (%s)\n", - pdn.bv_val, ava.aa_desc->ad_cname.bv_val, + op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); #else Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n", - pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); + op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); #endif Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu CMP dn=\"%s\" attr=\"%s\"\n", - op->o_connid, op->o_opid, pdn.bv_val, + op->o_connid, op->o_opid, op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, 0 ); - rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); - rc = 0; + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); + rs->sr_err = 0; goto cleanup; } - rc = schema_info( &entry, &text ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); - rc = 0; + rs->sr_err = schema_info( &entry, &rs->sr_text ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); + rs->sr_err = 0; goto cleanup; } fentry = entry; } if( entry ) { - rc = compare_entry( conn, op, entry, &ava ); + rs->sr_err = compare_entry( op, entry, &ava ); if( fentry) entry_free( fentry ); - send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); - if( rc == LDAP_COMPARE_TRUE || rc == LDAP_COMPARE_FALSE ) { - rc = 0; + if( rs->sr_err == LDAP_COMPARE_TRUE || rs->sr_err == LDAP_COMPARE_FALSE ) { + rs->sr_err = 0; } goto cleanup; @@ -238,56 +225,54 @@ do_compare( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) { - BerVarray ref = referral_rewrite( default_referral, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); + if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) { + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, ref ? ref : default_referral, NULL ); + rs->sr_err = LDAP_REFERRAL; + if (!rs->sr_ref) rs->sr_ref = default_referral; + send_ldap_result( op, rs ); - ber_bvarray_free( ref ); - rc = 0; + if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref ); + rs->sr_err = 0; goto cleanup; } /* check restrictions */ - rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, &pdn, &ndn ); - if ( rc != LDAP_SUCCESS ) { + if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) { goto cleanup; } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "do_compare: dn (%s) attr(%s) value (%s)\n", - pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); + op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); #else Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n", - pdn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); + op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value.bv_val ); #endif Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu CMP dn=\"%s\" attr=\"%s\"\n", - op->o_connid, op->o_opid, pdn.bv_val, + op->o_connid, op->o_opid, op->o_req_dn.bv_val, ava.aa_desc->ad_cname.bv_val, 0 ); #if defined( LDAP_SLAPI ) - slapi_x_backend_set_pb( pb, be ); - slapi_x_connection_set_pb( pb, conn ); + slapi_x_backend_set_pb( pb, op->o_bd ); + slapi_x_connection_set_pb( pb, op->o_conn ); slapi_x_operation_set_pb( pb, op ); slapi_pblock_set( pb, SLAPI_COMPARE_TARGET, (void *)dn.bv_val ); slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit ); slapi_pblock_set( pb, SLAPI_COMPARE_TYPE, (void *)desc.bv_val ); slapi_pblock_set( pb, SLAPI_COMPARE_VALUE, (void *)&value ); - rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_COMPARE_FN, pb ); - if ( rc != 0 ) { + rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_COMPARE_FN, pb ); + if ( rs->sr_err != 0 ) { /* * A preoperation plugin failure will abort the * entire operation. @@ -299,22 +284,22 @@ do_compare( Debug(LDAP_DEBUG_TRACE, "do_compare: compare preoperation plugin " "failed.\n", 0, 0, 0); #endif - if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0) - rc = LDAP_OTHER; + if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0) + rs->sr_err = LDAP_OTHER; goto cleanup; } #endif /* defined( LDAP_SLAPI ) */ - if ( be->be_compare ) { - (*be->be_compare)( be, conn, op, &pdn, &ndn, &ava ); + if ( op->o_bd->be_compare ) { + op->oq_compare.rs_ava = &ava; + op->o_bd->be_compare( op, rs ); } else { - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "operation not supported within namingContext" ); } #if defined( LDAP_SLAPI ) - if ( doPluginFNs( be, SLAPI_PLUGIN_POST_COMPARE_FN, pb ) != 0 ) { + if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_COMPARE_FN, pb ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_compare: compare postoperation plugins " "failed\n", 0, 0, 0 ); @@ -326,15 +311,14 @@ do_compare( #endif /* defined( LDAP_SLAPI ) */ cleanup: - free( pdn.bv_val ); - free( ndn.bv_val ); + free( op->o_req_dn.bv_val ); + free( op->o_req_ndn.bv_val ); if ( ava.aa_value.bv_val ) free( ava.aa_value.bv_val ); - return rc; + return rs->sr_err; } static int compare_entry( - Connection *conn, Operation *op, Entry *e, AttributeAssertion *ava ) @@ -342,7 +326,7 @@ static int compare_entry( int rc = LDAP_NO_SUCH_ATTRIBUTE; Attribute *a; - if ( ! access_allowed( NULL, conn, op, e, + if ( ! access_allowed( op, e, ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index 538f3721ce..96c45a2ba8 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -883,6 +883,7 @@ connection_operation( void *ctx, void *arg_v ) { int rc; Operation *op = arg_v; + SlapReply rs = {REP_RESULT}; ber_tag_t tag = op->o_tag; #ifdef SLAPD_MONITOR ber_tag_t oldtag = tag; @@ -905,61 +906,60 @@ connection_operation( void *ctx, void *arg_v ) "error: SASL bind in progress (tag=%ld).\n", (long) tag, 0, 0 ); #endif - send_ldap_result( conn, op, - rc = LDAP_OPERATIONS_ERROR, - NULL, "SASL bind in progress", NULL, NULL ); + send_ldap_error( op, &rs, LDAP_OPERATIONS_ERROR, + "SASL bind in progress" ); goto operations_error; } switch ( tag ) { case LDAP_REQ_BIND: INCR_OP(num_ops_initiated_, SLAP_OP_BIND); - rc = do_bind( conn, op ); + rc = do_bind( op, &rs ); break; case LDAP_REQ_UNBIND: INCR_OP(num_ops_initiated_, SLAP_OP_UNBIND); - rc = do_unbind( conn, op ); + rc = do_unbind( op, &rs ); break; case LDAP_REQ_ADD: INCR_OP(num_ops_initiated_, SLAP_OP_ADD); - rc = do_add( conn, op ); + rc = do_add( op, &rs ); break; case LDAP_REQ_DELETE: INCR_OP(num_ops_initiated_, SLAP_OP_DELETE); - rc = do_delete( conn, op ); + rc = do_delete( op, &rs ); break; case LDAP_REQ_MODRDN: INCR_OP(num_ops_initiated_, SLAP_OP_MODRDN); - rc = do_modrdn( conn, op ); + rc = do_modrdn( op, &rs ); break; case LDAP_REQ_MODIFY: INCR_OP(num_ops_initiated_, SLAP_OP_MODIFY); - rc = do_modify( conn, op ); + rc = do_modify( op, &rs ); break; case LDAP_REQ_COMPARE: INCR_OP(num_ops_initiated_, SLAP_OP_COMPARE); - rc = do_compare( conn, op ); + rc = do_compare( op, &rs ); break; case LDAP_REQ_SEARCH: INCR_OP(num_ops_initiated_, SLAP_OP_SEARCH); - rc = do_search( conn, op ); + rc = do_search( op, &rs ); break; case LDAP_REQ_ABANDON: INCR_OP(num_ops_initiated_, SLAP_OP_ABANDON); - rc = do_abandon( conn, op ); + rc = do_abandon( op, &rs ); break; case LDAP_REQ_EXTENDED: INCR_OP(num_ops_initiated_, SLAP_OP_EXTENDED); - rc = do_extended( conn, op ); + rc = do_extended( op, &rs ); break; default: @@ -972,8 +972,9 @@ connection_operation( void *ctx, void *arg_v ) tag, 0, 0 ); #endif op->o_tag = LBER_ERROR; - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "unknown LDAP request" ); + rs.sr_err = LDAP_PROTOCOL_ERROR; + rs.sr_text = "unknown LDAP request"; + send_ldap_disconnect( op, &rs ); rc = -1; break; } diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c index 43c7f59f6a..6448d69f3b 100644 --- a/servers/slapd/controls.c +++ b/servers/slapd/controls.c @@ -331,8 +331,8 @@ find_ctrl( const char *oid ) } int get_ctrls( - Connection *conn, Operation *op, + SlapReply *rs, int sendres ) { int nctrls = 0; @@ -341,21 +341,19 @@ int get_ctrls( char *opaque; BerElement *ber = op->o_ber; struct slap_control *sc; - int rc = LDAP_SUCCESS; - const char *errmsg = NULL; len = ber_pvt_ber_remaining(ber); if( len == 0) { /* no controls */ - rc = LDAP_SUCCESS; - return rc; + rs->sr_err = LDAP_SUCCESS; + return rs->sr_err; } if(( tag = ber_peek_tag( ber, &len )) != LDAP_TAG_CONTROLS ) { if( tag == LBER_ERROR ) { - rc = SLAPD_DISCONNECT; - errmsg = "unexpected data in PDU"; + rs->sr_err = SLAPD_DISCONNECT; + rs->sr_text = "unexpected data in PDU"; } goto return_results; @@ -363,15 +361,15 @@ int get_ctrls( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, - "get_ctrls: conn %lu\n", conn->c_connid, 0, 0 ); + "get_ctrls: conn %lu\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "=> get_ctrls\n", 0, 0, 0 ); #endif if( op->o_protocol < LDAP_VERSION3 ) { - rc = SLAPD_DISCONNECT; - errmsg = "controls require LDAPv3"; + rs->sr_err = SLAPD_DISCONNECT; + rs->sr_text = "controls require LDAPv3"; goto return_results; } @@ -380,8 +378,8 @@ int get_ctrls( #if 0 if( op->ctrls == NULL ) { - rc = LDAP_NO_MEMORY; - errmsg = "no memory"; + rs->sr_err = LDAP_NO_MEMORY; + rs->sr_text = "no memory"; goto return_results; } #endif @@ -403,8 +401,8 @@ int get_ctrls( ldap_controls_free(op->o_ctrls); op->o_ctrls = NULL; - rc = LDAP_NO_MEMORY; - errmsg = "no memory"; + rs->sr_err = LDAP_NO_MEMORY; + rs->sr_text = "no memory"; goto return_results; } #endif @@ -421,8 +419,8 @@ int get_ctrls( ldap_controls_free(op->o_ctrls); op->o_ctrls = NULL; - rc = LDAP_NO_MEMORY; - errmsg = "no memory"; + rs->sr_err = LDAP_NO_MEMORY; + rs->sr_text = "no memory"; goto return_results; } #endif @@ -436,7 +434,7 @@ int get_ctrls( if( tag == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "get_ctrls: conn %lu get OID failed.\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "=> get_ctrls: get oid failed.\n", 0, 0, 0 ); @@ -444,25 +442,25 @@ int get_ctrls( ldap_controls_free( op->o_ctrls ); op->o_ctrls = NULL; - rc = SLAPD_DISCONNECT; - errmsg = "decoding controls error"; + rs->sr_err = SLAPD_DISCONNECT; + rs->sr_text = "decoding controls error"; goto return_results; } else if( c->ldctl_oid == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "get_ctrls: conn %lu got emtpy OID.\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "get_ctrls: conn %lu got emtpy OID.\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #endif ldap_controls_free( op->o_ctrls ); op->o_ctrls = NULL; - rc = LDAP_PROTOCOL_ERROR; - errmsg = "OID field is empty"; + rs->sr_err = LDAP_PROTOCOL_ERROR; + rs->sr_text = "OID field is empty"; goto return_results; } @@ -476,15 +474,15 @@ int get_ctrls( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "get_ctrls: conn %lu get crit failed.\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "=> get_ctrls: get crit failed.\n", 0, 0, 0 ); #endif ldap_controls_free( op->o_ctrls ); op->o_ctrls = NULL; - rc = SLAPD_DISCONNECT; - errmsg = "decoding controls error"; + rs->sr_err = SLAPD_DISCONNECT; + rs->sr_text = "decoding controls error"; goto return_results; } @@ -499,18 +497,18 @@ int get_ctrls( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "get_ctrls: conn %lu: " "%s (%scritical): get value failed.\n", - conn->c_connid, c->ldctl_oid, + op->o_connid, c->ldctl_oid, c->ldctl_iscritical ? "" : "non" ); #else Debug( LDAP_DEBUG_TRACE, "=> get_ctrls: conn %lu: " "%s (%scritical): get value failed.\n", - conn->c_connid, c->ldctl_oid, + op->o_connid, c->ldctl_oid, c->ldctl_iscritical ? "" : "non" ); #endif ldap_controls_free( op->o_ctrls ); op->o_ctrls = NULL; - rc = SLAPD_DISCONNECT; - errmsg = "decoding controls error"; + rs->sr_err = SLAPD_DISCONNECT; + rs->sr_text = "decoding controls error"; goto return_results; } } @@ -518,7 +516,7 @@ int get_ctrls( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "get_ctrls: conn %lu oid=\"%s\" (%scritical)\n", - conn->c_connid, c->ldctl_oid, c->ldctl_iscritical ? "" : "non" ); + op->o_connid, c->ldctl_oid, c->ldctl_iscritical ? "" : "non" ); #else Debug( LDAP_DEBUG_TRACE, "=> get_ctrls: oid=\"%s\" (%scritical)\n", @@ -559,11 +557,11 @@ int get_ctrls( break; case LDAP_REQ_EXTENDED: tagmask=~0L; - assert( op->o_extendedop != NULL ); + assert( op->oq_extended.rs_reqoid.bv_val != NULL ); if( sc->sc_extendedops != NULL ) { int i; for( i=0; sc->sc_extendedops[i] != NULL; i++ ) { - if( strcmp( op->o_extendedop, sc->sc_extendedops[i] ) + if( strcmp( op->oq_extended.rs_reqoid.bv_val, sc->sc_extendedops[i] ) == 0 ) { tagmask=0L; @@ -573,8 +571,8 @@ int get_ctrls( } break; default: - rc = LDAP_OTHER; - errmsg = "controls internal error"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "controls internal error"; goto return_results; } @@ -582,14 +580,14 @@ int get_ctrls( /* available extension */ if( !sc->sc_parse ) { - rc = LDAP_OTHER; - errmsg = "not yet implemented"; + rs->sr_err = LDAP_OTHER; + rs->sr_text = "not yet implemented"; goto return_results; } - rc = sc->sc_parse( conn, op, c, &errmsg ); + rs->sr_err = sc->sc_parse( op, rs, c ); - if( rc != LDAP_SUCCESS ) goto return_results; + if( rs->sr_err != LDAP_SUCCESS ) goto return_results; if ( sc->sc_mask & SLAP_CTRL_FRONTEND ) { /* kludge to disable backend_control() check */ @@ -604,15 +602,15 @@ int get_ctrls( } else if( c->ldctl_iscritical ) { /* unavailable CRITICAL control */ - rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION; - errmsg = "critical extension is unavailable"; + rs->sr_err = LDAP_UNAVAILABLE_CRITICAL_EXTENSION; + rs->sr_text = "critical extension is unavailable"; goto return_results; } } else if( c->ldctl_iscritical ) { /* unrecognized CRITICAL control */ - rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION; - errmsg = "critical extension is not recognized"; + rs->sr_err = LDAP_UNAVAILABLE_CRITICAL_EXTENSION; + rs->sr_text = "critical extension is not recognized"; goto return_results; } } @@ -621,38 +619,38 @@ return_results: #ifdef NEW_LOGGING LDAP_LOG( OPERATION, RESULTS, "get_ctrls: n=%d rc=%d err=\"%s\"\n", - nctrls, rc, errmsg ? errmsg : "" ); + nctrls, rs->sr_err, rs->sr_text ? rs->sr_text : "" ); #else Debug( LDAP_DEBUG_TRACE, "<= get_ctrls: n=%d rc=%d err=\"%s\"\n", - nctrls, rc, errmsg ? errmsg : ""); + nctrls, rs->sr_err, rs->sr_text ? rs->sr_text : ""); #endif - if( sendres && rc != LDAP_SUCCESS ) { - if( rc == SLAPD_DISCONNECT ) { - send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, errmsg ); + if( sendres && rs->sr_err != LDAP_SUCCESS ) { + if( rs->sr_err == SLAPD_DISCONNECT ) { + rs->sr_err = LDAP_PROTOCOL_ERROR; + send_ldap_disconnect( op, rs ); + rs->sr_err = SLAPD_DISCONNECT; } else { - send_ldap_result( conn, op, rc, - NULL, errmsg, NULL, NULL ); + send_ldap_result( op, rs ); } } - return rc; + return rs->sr_err; } static int parseManageDSAit ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { if ( op->o_managedsait != SLAP_NO_CONTROL ) { - *text = "manageDSAit control specified multiple times"; + rs->sr_text = "manageDSAit control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len ) { - *text = "manageDSAit control value not empty"; + rs->sr_text = "manageDSAit control value not empty"; return LDAP_PROTOCOL_ERROR; } @@ -664,16 +662,15 @@ static int parseManageDSAit ( } static int parseProxyAuthz ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { int rc; struct berval dn = { 0, NULL }; if ( op->o_proxy_authz != SLAP_NO_CONTROL ) { - *text = "proxy authorization control specified multiple times"; + rs->sr_text = "proxy authorization control specified multiple times"; return LDAP_PROTOCOL_ERROR; } @@ -684,13 +681,13 @@ static int parseProxyAuthz ( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "parseProxyAuthz: conn %lu authzid=\"%s\"\n", - conn->c_connid, + op->o_connid, ctrl->ldctl_value.bv_len ? ctrl->ldctl_value.bv_val : "anonymous", 0 ); #else Debug( LDAP_DEBUG_ARGS, "parseProxyAuthz: conn %lu authzid=\"%s\"\n", - conn->c_connid, + op->o_connid, ctrl->ldctl_value.bv_len ? ctrl->ldctl_value.bv_val : "anonymous", 0 ); #endif @@ -699,11 +696,11 @@ static int parseProxyAuthz ( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, RESULTS, "parseProxyAuthz: conn=%lu anonymous\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "parseProxyAuthz: conn=%lu anonymous\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #endif /* anonymous */ @@ -718,7 +715,7 @@ static int parseProxyAuthz ( return LDAP_SUCCESS; } - rc = slap_sasl_getdn( conn, + rc = slap_sasl_getdn( op->o_conn, ctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_len, NULL, &dn, SLAP_GETDN_AUTHZID ); @@ -726,27 +723,27 @@ static int parseProxyAuthz ( if ( dn.bv_val ) { ch_free( dn.bv_val ); } - *text = "authzId mapping failed"; + rs->sr_text = "authzId mapping failed"; return LDAP_PROXY_AUTHZ_FAILURE; } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, RESULTS, "parseProxyAuthz: conn=%lu \"%s\"\n", - conn->c_connid, + op->o_connid, dn.bv_len ? dn.bv_val : "(NULL)", 0 ); #else Debug( LDAP_DEBUG_TRACE, "parseProxyAuthz: conn=%lu \"%s\"\n", - conn->c_connid, + op->o_connid, dn.bv_len ? dn.bv_val : "(NULL)", 0 ); #endif - rc = slap_sasl_authorized( conn, &op->o_ndn, &dn ); + rc = slap_sasl_authorized( op->o_conn, &op->o_ndn, &dn ); if( rc ) { ch_free( dn.bv_val ); - *text = "not authorized to assume identity"; + rs->sr_text = "not authorized to assume identity"; return LDAP_PROXY_AUTHZ_FAILURE; } @@ -766,18 +763,17 @@ static int parseProxyAuthz ( } static int parseNoOp ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { if ( op->o_noop != SLAP_NO_CONTROL ) { - *text = "noop control specified multiple times"; + rs->sr_text = "noop control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len ) { - *text = "noop control value not empty"; + rs->sr_text = "noop control value not empty"; return LDAP_PROTOCOL_ERROR; } @@ -790,10 +786,9 @@ static int parseNoOp ( #ifdef LDAP_CONTROL_PAGEDRESULTS static int parsePagedResults ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { ber_tag_t tag; ber_int_t size; @@ -801,12 +796,12 @@ static int parsePagedResults ( struct berval cookie = { 0, NULL }; if ( op->o_pagedresults != SLAP_NO_CONTROL ) { - *text = "paged results control specified multiple times"; + rs->sr_text = "paged results control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len == 0 ) { - *text = "paged results control value is empty (or absent)"; + rs->sr_text = "paged results control value is empty (or absent)"; return LDAP_PROTOCOL_ERROR; } @@ -820,7 +815,7 @@ static int parsePagedResults ( */ ber = ber_init( &ctrl->ldctl_value ); if( ber == NULL ) { - *text = "internal error"; + rs->sr_text = "internal error"; return LDAP_OTHER; } @@ -828,12 +823,12 @@ static int parsePagedResults ( (void) ber_free( ber, 1 ); if( tag == LBER_ERROR ) { - *text = "paged results control could not be decoded"; + rs->sr_text = "paged results control could not be decoded"; return LDAP_PROTOCOL_ERROR; } if( size < 0 ) { - *text = "paged results control size invalid"; + rs->sr_text = "paged results control size invalid"; return LDAP_PROTOCOL_ERROR; } @@ -841,7 +836,7 @@ static int parsePagedResults ( PagedResultsCookie reqcookie; if( cookie.bv_len != sizeof( reqcookie ) ) { /* bad cookie */ - *text = "paged results cookie is invalid"; + rs->sr_text = "paged results cookie is invalid"; return LDAP_PROTOCOL_ERROR; } @@ -849,11 +844,11 @@ static int parsePagedResults ( if( reqcookie > op->o_pagedresults_state.ps_cookie ) { /* bad cookie */ - *text = "paged results cookie is invalid"; + rs->sr_text = "paged results cookie is invalid"; return LDAP_PROTOCOL_ERROR; } else if( reqcookie < op->o_pagedresults_state.ps_cookie ) { - *text = "paged results cookie is invalid or old"; + rs->sr_text = "paged results cookie is invalid or old"; return LDAP_UNWILLING_TO_PERFORM; } } else { @@ -873,42 +868,39 @@ static int parsePagedResults ( #endif int parseValuesReturnFilter ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { - int rc; BerElement *ber; struct berval fstr = { 0, NULL }; const char *err_msg = ""; if ( op->o_valuesreturnfilter != SLAP_NO_CONTROL ) { - *text = "valuesReturnFilter control specified multiple times"; + rs->sr_text = "valuesReturnFilter control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len == 0 ) { - *text = "valuesReturnFilter control value is empty (or absent)"; + rs->sr_text = "valuesReturnFilter control value is empty (or absent)"; return LDAP_PROTOCOL_ERROR; } ber = ber_init( &(ctrl->ldctl_value) ); if (ber == NULL) { - *text = "internal error"; + rs->sr_text = "internal error"; return LDAP_OTHER; } - rc = get_vrFilter( conn, ber, &(op->vrFilter), &err_msg); + rs->sr_err = get_vrFilter( op->o_conn, ber, &(op->vrFilter), &rs->sr_text); - if( rc != LDAP_SUCCESS ) { - text = &err_msg; - if( rc == SLAPD_DISCONNECT ) { - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, *text ); + if( rs->sr_err != LDAP_SUCCESS ) { + if( rs->sr_err == SLAPD_DISCONNECT ) { + rs->sr_err = LDAP_PROTOCOL_ERROR; + send_ldap_disconnect( op, rs ); + rs->sr_err = SLAPD_DISCONNECT; } else { - send_ldap_result( conn, op, rc, - NULL, *text, NULL, NULL ); + send_ldap_result( op, rs ); } if( fstr.bv_val != NULL) free( fstr.bv_val ); if( op->vrFilter != NULL) vrFilter_free( op->vrFilter ); @@ -920,7 +912,7 @@ int parseValuesReturnFilter ( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "parseValuesReturnFilter: conn %d vrFilter: %s\n", - conn->c_connid, fstr.bv_len ? fstr.bv_val : "empty" , 0 ); + op->o_connid, fstr.bv_len ? fstr.bv_val : "empty" , 0 ); #else Debug( LDAP_DEBUG_ARGS, " vrFilter: %s\n", fstr.bv_len ? fstr.bv_val : "empty", 0, 0 ); @@ -930,18 +922,18 @@ int parseValuesReturnFilter ( ? SLAP_CRITICAL_CONTROL : SLAP_NONCRITICAL_CONTROL; + rs->sr_err = LDAP_SUCCESS; return LDAP_SUCCESS; } #ifdef LDAP_CONTROL_SUBENTRIES static int parseSubentries ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { if ( op->o_subentries != SLAP_NO_CONTROL ) { - *text = "subentries control specified multiple times"; + rs->sr_text = "subentries control specified multiple times"; return LDAP_PROTOCOL_ERROR; } @@ -950,7 +942,7 @@ static int parseSubentries ( && ( ctrl->ldctl_value.bv_val[0] != 0x01 ) && ( ctrl->ldctl_value.bv_val[1] != 0x01 )) { - *text = "subentries control value encoding is bogus"; + rs->sr_text = "subentries control value encoding is bogus"; return LDAP_PROTOCOL_ERROR; } @@ -966,18 +958,17 @@ static int parseSubentries ( #ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY static int parsePermissiveModify ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { if ( op->o_permissive_modify != SLAP_NO_CONTROL ) { - *text = "permissiveModify control specified multiple times"; + rs->sr_text = "permissiveModify control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len ) { - *text = "permissiveModify control value not empty"; + rs->sr_text = "permissiveModify control value not empty"; return LDAP_PROTOCOL_ERROR; } @@ -991,18 +982,17 @@ static int parsePermissiveModify ( #ifdef LDAP_CONTROL_X_DOMAIN_SCOPE static int parseDomainScope ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { if ( op->o_domain_scope != SLAP_NO_CONTROL ) { - *text = "domainScope control specified multiple times"; + rs->sr_text = "domainScope control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len ) { - *text = "domainScope control value not empty"; + rs->sr_text = "domainScope control value not empty"; return LDAP_PROTOCOL_ERROR; } @@ -1016,10 +1006,9 @@ static int parseDomainScope ( #ifdef LDAP_CLIENT_UPDATE static int parseClientUpdate ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { ber_tag_t tag; BerElement *ber; @@ -1030,19 +1019,19 @@ static int parseClientUpdate ( struct berval cookie = { 0, NULL }; if ( op->o_clientupdate != SLAP_NO_CONTROL ) { - *text = "LCUP client update control specified multiple times"; + rs->sr_text = "LCUP client update control specified multiple times"; return LDAP_PROTOCOL_ERROR; } #ifdef LDAP_SYNC if ( op->o_sync != SLAP_NO_CONTROL ) { - *text = "LDAP Client Update and Sync controls used together"; + rs->sr_text = "LDAP Client Update and Sync controls used together"; return LDAP_PROTOCOL_ERROR; } #endif if ( ctrl->ldctl_value.bv_len == 0 ) { - *text = "LCUP client update control value is empty (or absent)"; + rs->sr_text = "LCUP client update control value is empty (or absent)"; return LDAP_PROTOCOL_ERROR; } @@ -1059,12 +1048,12 @@ static int parseClientUpdate ( ber = ber_init( &ctrl->ldctl_value ); if( ber == NULL ) { - *text = "internal error"; + rs->sr_text = "internal error"; return LDAP_OTHER; } if ( (tag = ber_scanf( ber, "{i" /*}*/, &type )) == LBER_ERROR ) { - *text = "LCUP client update control : decoding error"; + rs->sr_text = "LCUP client update control : decoding error"; return LDAP_PROTOCOL_ERROR; } @@ -1079,18 +1068,18 @@ static int parseClientUpdate ( type = SLAP_LCUP_PERSIST; break; default: - *text = "LCUP client update control : unknown update type"; + rs->sr_text = "LCUP client update control : unknown update type"; return LDAP_PROTOCOL_ERROR; } if ( (tag = ber_peek_tag( ber, &len )) == LBER_DEFAULT ) { - *text = "LCUP client update control : decoding error"; + rs->sr_text = "LCUP client update control : decoding error"; return LDAP_PROTOCOL_ERROR; } if ( tag == LDAP_CUP_TAG_INTERVAL ) { if ( (tag = ber_scanf( ber, "i", &interval )) == LBER_ERROR ) { - *text = "LCUP client update control : decoding error"; + rs->sr_text = "LCUP client update control : decoding error"; return LDAP_PROTOCOL_ERROR; } @@ -1105,7 +1094,7 @@ static int parseClientUpdate ( } if ( (tag = ber_peek_tag( ber, &len )) == LBER_DEFAULT ) { - *text = "LCUP client update control : decoding error"; + rs->sr_text = "LCUP client update control : decoding error"; return LDAP_PROTOCOL_ERROR; } @@ -1113,7 +1102,7 @@ static int parseClientUpdate ( if ( (tag = ber_scanf( ber, /*{*/ "{mm}}", &scheme, &cookie )) == LBER_ERROR ) { - *text = "LCUP client update control : decoding error"; + rs->sr_text = "LCUP client update control : decoding error"; return LDAP_PROTOCOL_ERROR; } } @@ -1121,12 +1110,12 @@ static int parseClientUpdate ( /* TODO : Cookie Scheme Validation */ #if 0 if ( lcup_cookie_scheme_validate(scheme) != LDAP_SUCCESS ) { - *text = "Unsupported LCUP cookie scheme"; + rs->sr_text = "Unsupported LCUP cookie scheme"; return LCUP_UNSUPPORTED_SCHEME; } if ( lcup_cookie_validate(scheme, cookie) != LDAP_SUCCESS ) { - *text = "Invalid LCUP cookie"; + rs->sr_text = "Invalid LCUP cookie"; return LCUP_INVALID_COOKIE; } #endif @@ -1148,10 +1137,9 @@ static int parseClientUpdate ( #ifdef LDAP_SYNC static int parseLdupSync ( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text ) + SlapReply *rs, + LDAPControl *ctrl ) { ber_tag_t tag; BerElement *ber; @@ -1160,19 +1148,19 @@ static int parseLdupSync ( struct berval cookie = { 0, NULL }; if ( op->o_sync != SLAP_NO_CONTROL ) { - *text = "LDAP Sync control specified multiple times"; + rs->sr_text = "LDAP Sync control specified multiple times"; return LDAP_PROTOCOL_ERROR; } #ifdef LDAP_CLIENT_UPDATE if ( op->o_clientupdate != SLAP_NO_CONTROL ) { - *text = "LDAP Sync and LDAP Client Update controls used together"; + rs->sr_text = "LDAP Sync and LDAP Client Update controls used together"; return LDAP_PROTOCOL_ERROR; } #endif if ( ctrl->ldctl_value.bv_len == 0 ) { - *text = "LDAP Sync control value is empty (or absent)"; + rs->sr_text = "LDAP Sync control value is empty (or absent)"; return LDAP_PROTOCOL_ERROR; } @@ -1190,12 +1178,12 @@ static int parseLdupSync ( ber = ber_init( &ctrl->ldctl_value ); if( ber == NULL ) { - *text = "internal error"; + rs->sr_text = "internal error"; return LDAP_OTHER; } if ( (tag = ber_scanf( ber, "{i" /*}*/, &mode )) == LBER_ERROR ) { - *text = "LDAP Sync control : mode decoding error"; + rs->sr_text = "LDAP Sync control : mode decoding error"; return LDAP_PROTOCOL_ERROR; } @@ -1207,7 +1195,7 @@ static int parseLdupSync ( mode = SLAP_SYNC_REFRESH_AND_PERSIST; break; default: - *text = "LDAP Sync control : unknown update mode"; + rs->sr_text = "LDAP Sync control : unknown update mode"; return LDAP_PROTOCOL_ERROR; } @@ -1216,12 +1204,12 @@ static int parseLdupSync ( if ( tag == LDAP_SYNC_TAG_COOKIE ) { if (( ber_scanf( ber, /*{*/ "m}", &cookie )) == LBER_ERROR ) { - *text = "LDAP Sync control : cookie decoding error"; + rs->sr_text = "LDAP Sync control : cookie decoding error"; return LDAP_PROTOCOL_ERROR; } } else { if (( ber_scanf( ber, /*{*/ "}")) == LBER_ERROR ) { - *text = "LDAP Sync control : decoding error"; + rs->sr_text = "LDAP Sync control : decoding error"; return LDAP_PROTOCOL_ERROR; } cookie.bv_len = 0; @@ -1231,12 +1219,12 @@ static int parseLdupSync ( /* TODO : Cookie Scheme Validation */ #if 0 if ( lcup_cookie_scheme_validate(scheme) != LDAP_SUCCESS ) { - *text = "Unsupported LCUP cookie scheme"; + rs->sr_text = "Unsupported LCUP cookie scheme"; return LCUP_UNSUPPORTED_SCHEME; } if ( lcup_cookie_validate(scheme, cookie) != LDAP_SUCCESS ) { - *text = "Invalid LCUP cookie"; + rs->sr_text = "Invalid LCUP cookie"; return LCUP_INVALID_COOKIE; } #endif diff --git a/servers/slapd/delete.c b/servers/slapd/delete.c index 89d3a8d49f..3773fc3609 100644 --- a/servers/slapd/delete.c +++ b/servers/slapd/delete.c @@ -31,16 +31,11 @@ int do_delete( - Connection *conn, - Operation *op + Operation *op, + SlapReply *rs ) { struct berval dn = { 0, NULL }; - struct berval pdn = { 0, NULL }; - struct berval ndn = { 0, NULL }; - const char *text; - Backend *be; - int rc; int manageDSAit; #ifdef LDAP_SLAPI @@ -49,7 +44,7 @@ do_delete( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, - "do_delete: conn %d\n", conn->c_connid, 0, 0 ); + "do_delete: conn %d\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_delete\n", 0, 0, 0 ); #endif @@ -63,68 +58,66 @@ do_delete( if ( ber_scanf( op->o_ber, "m", &dn ) == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_delete: conn: %d ber_scanf failed\n", conn->c_connid, 0, 0 ); + "do_delete: conn: %d ber_scanf failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); return SLAPD_DISCONNECT; } - if( ( rc = get_ctrls( conn, op, 1 ) ) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_delete: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 ); + "do_delete: conn %d get_ctrls failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_delete: get_ctrls failed\n", 0, 0, 0 ); #endif goto cleanup; } - rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn ); - if( rc != LDAP_SUCCESS ) { + rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn ); + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_delete: conn %d invalid dn (%s)\n", - conn->c_connid, dn.bv_val, 0 ); + op->o_connid, dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_delete: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" ); goto cleanup; } - if( ndn.bv_len == 0 ) { + if( op->o_req_ndn.bv_len == 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_delete: conn %d: Attempt to delete root DSE.\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_delete: root dse!\n", 0, 0, 0 ); #endif /* protocolError would likely be a more appropriate error */ - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "cannot delete the root DSE", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "cannot delete the root DSE" ); goto cleanup; - } else if ( bvmatch( &ndn, &global_schemandn ) ) { + } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_delete: conn %d: " - "Attempt to delete subschema subentry.\n", conn->c_connid, 0, 0 ); + "Attempt to delete subschema subentry.\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_delete: subschema subentry!\n", 0, 0, 0 ); #endif /* protocolError would likely be a more appropriate error */ - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "cannot delete the root DSE", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "cannot delete the root DSE" ); goto cleanup; } Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu DEL dn=\"%s\"\n", - op->o_connid, op->o_opid, pdn.bv_val, 0, 0 ); + op->o_connid, op->o_opid, op->o_req_dn.bv_val, 0, 0 ); manageDSAit = get_manageDSAit( op ); @@ -133,40 +126,39 @@ do_delete( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) { - BerVarray ref = referral_rewrite( default_referral, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); + if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) { + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, ref ? ref : default_referral, NULL ); + if (!rs->sr_ref) rs->sr_ref = default_referral; + rs->sr_err = LDAP_REFERRAL; - ber_bvarray_free( ref ); + send_ldap_result( op, rs ); + + if (rs->sr_ref!= default_referral) ber_bvarray_free( rs->sr_ref ); goto cleanup; } /* check restrictions */ - rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, &pdn, &ndn ); - if ( rc != LDAP_SUCCESS ) { + if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) { goto cleanup; } #if defined( LDAP_SLAPI ) - slapi_x_backend_set_pb( pb, be ); - slapi_x_connection_set_pb( pb, conn ); + slapi_x_backend_set_pb( pb, op->o_bd ); + slapi_x_connection_set_pb( pb, op->o_conn ); slapi_x_operation_set_pb( pb, op ); slapi_pblock_set( pb, SLAPI_DELETE_TARGET, (void *)dn.bv_val ); slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit ); - rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_DELETE_FN, pb ); - if ( rc != 0 ) { + rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_DELETE_FN, pb ); + if ( rs->sr_err != 0 ) { /* * A preoperation plugin failure will abort the * entire operation. @@ -178,8 +170,8 @@ do_delete( Debug (LDAP_DEBUG_TRACE, "do_delete: delete preoperation plugin failed.\n", 0, 0, 0); #endif - if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0 ) - rc = LDAP_OTHER; + if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0 ) + rs->sr_err = LDAP_OTHER; goto cleanup; } #endif /* defined( LDAP_SLAPI ) */ @@ -190,42 +182,43 @@ do_delete( * 2) this backend is master for what it holds; * 3) it's a replica and the dn supplied is the update_ndn. */ - if ( be->be_delete ) { + if ( op->o_bd->be_delete ) { /* do the update here */ - int repl_user = be_isupdate( be, &op->o_ndn ); + int repl_user = be_isupdate( op->o_bd, &op->o_ndn ); #ifndef SLAPD_MULTIMASTER - if ( !be->be_update_ndn.bv_len || repl_user ) + if ( !op->o_bd->be_update_ndn.bv_len || repl_user ) #endif { - if ( (*be->be_delete)( be, conn, op, &pdn, &ndn ) == 0 ) { + if ( (op->o_bd->be_delete)( op, rs ) == 0 ) { #ifdef SLAPD_MULTIMASTER - if ( !be->be_update_ndn.bv_len || !repl_user ) + if ( !op->o_bd->be_update_ndn.bv_len || !repl_user ) #endif { - replog( be, op, &pdn, &ndn, NULL ); + replog( op ); } } #ifndef SLAPD_MULTIMASTER } else { - BerVarray defref = be->be_update_refs - ? be->be_update_refs : default_referral; - BerVarray ref = referral_rewrite( default_referral, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); + BerVarray defref = op->o_bd->be_update_refs + ? op->o_bd->be_update_refs : default_referral; + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); - send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, - ref ? ref : defref, NULL ); + if (!rs->sr_ref) rs->sr_ref = defref; + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( ref ); + if (rs->sr_ref != defref) ber_bvarray_free( rs->sr_ref ); #endif } } else { - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "operation not supported within namingContext" ); } #if defined( LDAP_SLAPI ) - if ( doPluginFNs( be, SLAPI_PLUGIN_POST_DELETE_FN, pb ) != 0) { + if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_DELETE_FN, pb ) != 0) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_delete: delete postoperation plugins " "failed\n", 0, 0, 0 ); @@ -237,7 +230,7 @@ do_delete( #endif /* defined( LDAP_SLAPI ) */ cleanup: - free( pdn.bv_val ); - free( ndn.bv_val ); - return rc; + free( op->o_req_dn.bv_val ); + free( op->o_req_ndn.bv_val ); + return rs->sr_err; } diff --git a/servers/slapd/extended.c b/servers/slapd/extended.c index f15fadeec4..1a8ffe14c0 100644 --- a/servers/slapd/extended.c +++ b/servers/slapd/extended.c @@ -99,32 +99,24 @@ get_supported_extop (int index) int do_extended( - Connection *conn, - Operation *op + Operation *op, + SlapReply *rs ) { - int rc = LDAP_SUCCESS; - struct berval reqoid = {0, NULL}; struct berval reqdata = {0, NULL}; ber_tag_t tag; ber_len_t len; struct extop_list *ext = NULL; - const char *text; - BerVarray refs; - char *rspoid; - struct berval *rspdata; - LDAPControl **rspctrls; #if defined(LDAP_SLAPI) Slapi_PBlock *pb = op->o_pb; SLAPI_FUNC funcAddr = NULL; int extop_rc; int msg_sent = FALSE; - char *result_msg = ""; #endif /* defined(LDAP_SLAPI) */ #ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ENTRY, "do_extended: conn %d\n", conn->c_connid, 0, 0 ); + LDAP_LOG( OPERATION, ENTRY, "do_extended: conn %d\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_extended\n", 0, 0, 0 ); #endif @@ -138,47 +130,43 @@ do_extended( "do_extended: protocol version (%d) too low\n", op->o_protocol, 0 ,0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "requires LDAPv3" ); - rc = -1; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "requires LDAPv3" ); + rs->sr_err = -1; goto done; } - if ( ber_scanf( op->o_ber, "{m" /*}*/, &reqoid ) == LBER_ERROR ) { + if ( ber_scanf( op->o_ber, "{m" /*}*/, &op->oq_extended.rs_reqoid ) == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_extended: conn %d ber_scanf failed\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_extended: ber_scanf failed\n", 0, 0 ,0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = -1; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + rs->sr_err = -1; goto done; } #ifdef LDAP_SLAPI - getPluginFunc( &reqoid, &funcAddr ); /* NS-SLAPI extended operation */ - if( !funcAddr && !(ext = find_extop(supp_ext_list, &reqoid ))) + getPluginFunc( &op->oq_extended.rs_reqoid, &funcAddr ); /* NS-SLAPI extended operation */ + if( !funcAddr && !(ext = find_extop(supp_ext_list, &op->oq_extended.rs_reqoid ))) #else - if( !(ext = find_extop(supp_ext_list, &reqoid ))) + if( !(ext = find_extop(supp_ext_list, &op->oq_extended.rs_reqoid ))) #endif { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_extended: conn %d unsupported operation \"%s\"\n", - conn->c_connid, reqoid.bv_val, 0 ); + op->o_connid, op->oq_extended.rs_reqoid.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_extended: unsupported operation \"%s\"\n", - reqoid.bv_val, 0 ,0 ); + op->oq_extended.rs_reqoid.bv_val, 0 ,0 ); #endif - send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, - NULL, "unsupported extended operation", NULL, NULL ); + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, + "unsupported extended operation" ); goto done; } - op->o_extendedop = reqoid.bv_val; - tag = ber_peek_tag( op->o_ber, &len ); if( ber_peek_tag( op->o_ber, &len ) == LDAP_TAG_EXOP_REQ_VALUE ) { @@ -186,104 +174,94 @@ do_extended( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_extended: conn %d ber_scanf failed\n", - conn->c_connid, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_extended: ber_scanf failed\n", 0, 0 ,0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = -1; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + rs->sr_err = -1; goto done; } } - if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_extended: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 ); + "do_extended: conn %d get_ctrls failed\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_extended: get_ctrls failed\n", 0, 0 ,0 ); #endif - return rc; + return rs->sr_err; } /* check for controls inappropriate for all extended operations */ if( get_manageDSAit( op ) == SLAP_CRITICAL_CONTROL ) { - send_ldap_result( conn, op, - rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION, - NULL, "manageDSAit control inappropriate", - NULL, NULL ); + send_ldap_error( op, rs, + LDAP_UNAVAILABLE_CRITICAL_EXTENSION, + "manageDSAit control inappropriate" ); goto done; } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, DETAIL1, - "do_extended: conn %d oid=%d\n.", conn->c_connid, reqoid.bv_val, 0 ); + "do_extended: conn %d oid=%s\n.", op->o_connid, op->oq_extended.rs_reqoid.bv_val, 0 ); #else - Debug( LDAP_DEBUG_ARGS, "do_extended: oid=%s\n", reqoid.bv_val, 0 ,0 ); + Debug( LDAP_DEBUG_ARGS, "do_extended: oid=%s\n", op->oq_extended.rs_reqoid.bv_val, 0 ,0 ); #endif - rspoid = NULL; - rspdata = NULL; - rspctrls = NULL; - text = NULL; - refs = NULL; - #if defined(LDAP_SLAPI) if (ext != NULL) { /* OpenLDAP extended operation */ #endif /* defined(LDAP_SLAPI) */ - rc = (ext->ext_main)( conn, op, - &reqoid, reqdata.bv_val ? &reqdata : NULL, - &rspoid, &rspdata, &rspctrls, &text, &refs ); + if (reqdata.bv_val) op->oq_extended.rs_reqdata = &reqdata; + rs->sr_err = (ext->ext_main)( op, rs ); - if( rc != SLAPD_ABANDON ) { - if ( rc == LDAP_REFERRAL && refs == NULL ) { - refs = referral_rewrite( default_referral, + if( rs->sr_err != SLAPD_ABANDON ) { + if ( rs->sr_err == LDAP_REFERRAL && rs->sr_ref == NULL ) { + rs->sr_ref = referral_rewrite( default_referral, NULL, NULL, LDAP_SCOPE_DEFAULT ); } - send_ldap_extended( conn, op, rc, NULL, text, refs, - rspoid, rspdata, rspctrls ); + send_ldap_extended( op, rs ); - ber_bvarray_free( refs ); + ber_bvarray_free( rs->sr_ref ); } - if ( rspoid != NULL ) { - free( rspoid ); + if ( rs->sr_rspoid != NULL ) { + free( (char *)rs->sr_rspoid ); } - if ( rspdata != NULL ) { - ber_bvfree( rspdata ); + if ( rs->sr_rspdata != NULL ) { + ber_bvfree( rs->sr_rspdata ); } #if defined( LDAP_SLAPI ) goto done; /* end of OpenLDAP extended operation */ } else { /* start of Netscape extended operation */ - rc = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_OID, - (void *)reqoid.bv_val); - if ( rc != LDAP_SUCCESS ) { - rc = LDAP_OTHER; + rs->sr_err = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_OID, + (void *)op->oq_extended.rs_reqoid.bv_val); + if ( rs->sr_err != LDAP_SUCCESS ) { + rs->sr_err = LDAP_OTHER; goto done; } - rc = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_VALUE, + rs->sr_err = slapi_pblock_set( pb, SLAPI_EXT_OP_REQ_VALUE, (void *)&reqdata); - if ( rc != LDAP_SUCCESS ) { - rc = LDAP_OTHER; + if ( rs->sr_err != LDAP_SUCCESS ) { + rs->sr_err = LDAP_OTHER; goto done; } - rc = slapi_x_connection_set_pb( pb, conn ); - if ( rc != LDAP_SUCCESS ) { - rc = LDAP_OTHER; + rs->sr_err = slapi_x_connection_set_pb( pb, op->o_conn ); + if ( rs->sr_err != LDAP_SUCCESS ) { + rs->sr_err = LDAP_OTHER; goto done; } - rc = slapi_x_operation_set_pb( pb, op ); - if ( rc != LDAP_SUCCESS ) { - rc = LDAP_OTHER; + rs->sr_err = slapi_x_operation_set_pb( pb, op ); + if ( rs->sr_err != LDAP_SUCCESS ) { + rs->sr_err = LDAP_OTHER; goto done; } @@ -292,46 +270,45 @@ do_extended( msg_sent = TRUE; } else if ( extop_rc == SLAPI_PLUGIN_EXTENDED_NOT_HANDLED ) { - rc = LDAP_PROTOCOL_ERROR; - result_msg = UNSUPPORTED_EXTENDEDOP; + rs->sr_err = LDAP_PROTOCOL_ERROR; + rs->sr_text = UNSUPPORTED_EXTENDEDOP; } else { - rc = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID, - &rspoid); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID, + &rs->sr_resoid); + if ( rs->sr_err != LDAP_SUCCESS ) { goto done2; } - rc = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE, - &rspdata); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE, + &rs->sr_resdata); + if ( rs->sr_err != LDAP_SUCCESS ) { goto done2; } - send_ldap_extended( conn, op, extop_rc, NULL, text, - refs, rspoid, rspdata, rspctrls ); + rs->sr_err = extop_rc; + send_ldap_extended( op, rs ); msg_sent = TRUE; } done2:; - if ( rc != LDAP_SUCCESS && msg_sent == FALSE ) { - send_ldap_result( conn, op, rc, NULL, result_msg, - NULL, NULL ); + if ( rs->sr_err != LDAP_SUCCESS && msg_sent == FALSE ) { + send_ldap_result( op, rs ); } - if ( rspoid != NULL ) { - free( rspoid ); + if ( op->oq_extended.rs_resoid != NULL ) { + free( op->oq_extended.rs_resoid ); } - if ( rspdata != NULL ) { - ber_bvfree( rspdata ); + if ( op->oq_extended.rs_resdata != NULL ) { + ber_bvfree( op->oq_extended.rs_resdata ); } } /* end of Netscape extended operation */ #endif /* defined( LDAP_SLAPI ) */ done: - return rc; + return rs->sr_err; } int @@ -401,29 +378,21 @@ find_extop( struct extop_list *list, struct berval *oid ) static int whoami_extop ( - Connection *conn, Operation *op, - struct berval * reqoid, - struct berval * reqdata, - char ** rspoid, - struct berval ** rspdata, - LDAPControl ***rspctrls, - const char ** text, - BerVarray * refs ) + SlapReply *rs ) { struct berval *bv; - if ( reqdata != NULL ) { + if ( op->oq_extended.rs_reqdata != NULL ) { /* no request data should be provided */ - *text = "no request data expected"; + rs->sr_text = "no request data expected"; return LDAP_PROTOCOL_ERROR; } - { - int rc = backend_check_restrictions( conn->c_authz_backend, - conn, op, (struct berval *)&slap_EXOP_WHOAMI, text ); - - if( rc != LDAP_SUCCESS ) return rc; + op->o_bd = op->o_conn->c_authz_backend; + if( backend_check_restrictions( op, rs, + (struct berval *)&slap_EXOP_WHOAMI ) != LDAP_SUCCESS ) { + return rs->sr_err; } bv = (struct berval *) ch_malloc( sizeof(struct berval) ); @@ -440,6 +409,6 @@ whoami_extop ( bv->bv_val = NULL; } - *rspdata = bv; + rs->sr_rspdata = bv; return LDAP_SUCCESS; } diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c index ff9334639c..f36ddc3835 100644 --- a/servers/slapd/filter.c +++ b/servers/slapd/filter.c @@ -183,6 +183,7 @@ get_filter( f.f_choice = SLAPD_FILTER_COMPUTED; f.f_result = LDAP_COMPARE_FALSE; err = LDAP_SUCCESS; + *text = NULL; break; } diff --git a/servers/slapd/filterentry.c b/servers/slapd/filterentry.c index 4912d52dc9..abc0d0345f 100644 --- a/servers/slapd/filterentry.c +++ b/servers/slapd/filterentry.c @@ -15,24 +15,12 @@ #include "slap.h" -static int test_filter_and( Backend *be, - Connection *conn, Operation *op, - Entry *e, Filter *flist ); -static int test_filter_or( Backend *be, - Connection *conn, Operation *op, - Entry *e, Filter *flist ); -static int test_substrings_filter( Backend *be, - Connection *conn, Operation *op, - Entry *e, Filter *f); -static int test_ava_filter( Backend *be, - Connection *conn, Operation *op, - Entry *e, AttributeAssertion *ava, int type ); -static int test_mra_filter( Backend *be, - Connection *conn, Operation *op, - Entry *e, MatchingRuleAssertion *mra ); -static int test_presence_filter( Backend *be, - Connection *conn, Operation *op, - Entry *e, AttributeDescription *desc ); +static int test_filter_and( Operation *op, Entry *e, Filter *flist ); +static int test_filter_or( Operation *op, Entry *e, Filter *flist ); +static int test_substrings_filter( Operation *op, Entry *e, Filter *f); +static int test_ava_filter( Operation *op, Entry *e, AttributeAssertion *ava, int type ); +static int test_mra_filter( Operation *op, Entry *e, MatchingRuleAssertion *mra ); +static int test_presence_filter( Operation *op, Entry *e, AttributeDescription *desc ); /* @@ -46,22 +34,18 @@ static int test_presence_filter( Backend *be, int test_filter( - Backend *be, - Connection *conn, Operation *op, Entry *e, Filter *f ) { int rc; - #ifdef NEW_LOGGING LDAP_LOG( FILTER, ENTRY, "test_filter: begin\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_FILTER, "=> test_filter\n", 0, 0, 0 ); #endif - switch ( f->f_choice ) { case SLAPD_FILTER_COMPUTED: #ifdef NEW_LOGGING @@ -89,7 +73,7 @@ test_filter( Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 ); #endif - rc = test_ava_filter( be, conn, op, e, f->f_ava, + rc = test_ava_filter( op, e, f->f_ava, LDAP_FILTER_EQUALITY ); break; @@ -100,16 +84,16 @@ test_filter( Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 ); #endif - rc = test_substrings_filter( be, conn, op, e, f ); + rc = test_substrings_filter( op, e, f ); break; case LDAP_FILTER_GE: - rc = test_ava_filter( be, conn, op, e, f->f_ava, + rc = test_ava_filter( op, e, f->f_ava, LDAP_FILTER_GE ); break; case LDAP_FILTER_LE: - rc = test_ava_filter( be, conn, op, e, f->f_ava, + rc = test_ava_filter( op, e, f->f_ava, LDAP_FILTER_LE ); break; @@ -120,7 +104,7 @@ test_filter( Debug( LDAP_DEBUG_FILTER, " PRESENT\n", 0, 0, 0 ); #endif - rc = test_presence_filter( be, conn, op, e, f->f_desc ); + rc = test_presence_filter( op, e, f->f_desc ); break; case LDAP_FILTER_APPROX: @@ -129,7 +113,7 @@ test_filter( #else Debug( LDAP_DEBUG_FILTER, " APPROX\n", 0, 0, 0 ); #endif - rc = test_ava_filter( be, conn, op, e, f->f_ava, + rc = test_ava_filter( op, e, f->f_ava, LDAP_FILTER_APPROX ); break; @@ -140,7 +124,7 @@ test_filter( Debug( LDAP_DEBUG_FILTER, " AND\n", 0, 0, 0 ); #endif - rc = test_filter_and( be, conn, op, e, f->f_and ); + rc = test_filter_and( op, e, f->f_and ); break; case LDAP_FILTER_OR: @@ -150,7 +134,7 @@ test_filter( Debug( LDAP_DEBUG_FILTER, " OR\n", 0, 0, 0 ); #endif - rc = test_filter_or( be, conn, op, e, f->f_or ); + rc = test_filter_or( op, e, f->f_or ); break; case LDAP_FILTER_NOT: @@ -160,7 +144,7 @@ test_filter( Debug( LDAP_DEBUG_FILTER, " NOT\n", 0, 0, 0 ); #endif - rc = test_filter( be, conn, op, e, f->f_not ); + rc = test_filter( op, e, f->f_not ); /* Flip true to false and false to true * but leave Undefined alone. @@ -182,7 +166,7 @@ test_filter( Debug( LDAP_DEBUG_FILTER, " EXT\n", 0, 0, 0 ); #endif - rc = test_mra_filter( be, conn, op, e, f->f_mra ); + rc = test_mra_filter( op, e, f->f_mra ); break; default: @@ -207,8 +191,6 @@ test_filter( } static int test_mra_filter( - Backend *be, - Connection *conn, Operation *op, Entry *e, MatchingRuleAssertion *mra ) @@ -221,7 +203,7 @@ static int test_mra_filter( * one attribute, and SEARCH permissions can be checked * directly. */ - if( !access_allowed( be, conn, op, e, + if( !access_allowed( op, e, mra->ma_desc, &mra->ma_value, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; @@ -289,7 +271,7 @@ static int test_mra_filter( } /* check search access */ - if ( !access_allowed( be, conn, op, e, + if ( !access_allowed( op, e, a->a_desc, &value, ACL_SEARCH, NULL ) ) { continue; } @@ -376,7 +358,7 @@ static int test_mra_filter( } /* check search access */ - if ( !access_allowed( be, conn, op, e, + if ( !access_allowed( op, e, ad, &value, ACL_SEARCH, NULL ) ) { continue; } @@ -404,17 +386,15 @@ static int test_mra_filter( static int test_ava_filter( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, + Operation *op, + Entry *e, AttributeAssertion *ava, - int type + int type ) { Attribute *a; - if ( !access_allowed( be, conn, op, e, + if ( !access_allowed( op, e, ava->aa_desc, &ava->aa_value, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; @@ -492,7 +472,7 @@ test_ava_filter( } if ( ava->aa_desc == slap_schema.si_ad_hasSubordinates - && be && be->be_has_subordinates ) { + && op->o_bd && op->o_bd->be_has_subordinates ) { int hasSubordinates; struct berval hs; @@ -501,7 +481,7 @@ test_ava_filter( */ assert( type == LDAP_FILTER_EQUALITY ); - if ( (*be->be_has_subordinates)( be, conn, op, e, &hasSubordinates ) ) { + if (op->o_bd->be_has_subordinates( op, e, &hasSubordinates ) != LDAP_SUCCESS) { return LDAP_OTHER; } @@ -530,16 +510,14 @@ test_ava_filter( static int test_presence_filter( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, + Operation *op, + Entry *e, AttributeDescription *desc ) { Attribute *a; - if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_SEARCH, NULL ) ) + if ( !access_allowed( op, e, desc, NULL, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; } @@ -554,7 +532,7 @@ test_presence_filter( * is boolean-valued; I think we may live with this * simplification by now */ - if ( be && be->be_has_subordinates ) { + if ( op->o_bd && op->o_bd->be_has_subordinates ) { return LDAP_COMPARE_TRUE; } @@ -567,11 +545,9 @@ test_presence_filter( static int test_filter_and( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - Filter *flist + Operation *op, + Entry *e, + Filter *flist ) { Filter *f; @@ -585,7 +561,7 @@ test_filter_and( for ( f = flist; f != NULL; f = f->f_next ) { - int rc = test_filter( be, conn, op, e, f ); + int rc = test_filter( op, e, f ); if ( rc == LDAP_COMPARE_FALSE ) { /* filter is False */ @@ -610,11 +586,9 @@ test_filter_and( static int test_filter_or( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - Filter *flist + Operation *op, + Entry *e, + Filter *flist ) { Filter *f; @@ -628,7 +602,7 @@ test_filter_or( for ( f = flist; f != NULL; f = f->f_next ) { - int rc = test_filter( be, conn, op, e, f ); + int rc = test_filter( op, e, f ); if ( rc == LDAP_COMPARE_TRUE ) { /* filter is True */ @@ -654,11 +628,9 @@ test_filter_or( static int test_substrings_filter( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - Filter *f + Operation *op, + Entry *e, + Filter *f ) { Attribute *a; @@ -670,7 +642,7 @@ test_substrings_filter( #endif - if ( !access_allowed( be, conn, op, e, + if ( !access_allowed( op, e, f->f_sub_desc, NULL, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; diff --git a/servers/slapd/matchedValues.c b/servers/slapd/matchedValues.c index fa3f8597bd..22a0ad17ee 100644 --- a/servers/slapd/matchedValues.c +++ b/servers/slapd/matchedValues.c @@ -21,8 +21,6 @@ static int test_mra_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, MatchingRuleAssertion *mra, @@ -31,8 +29,6 @@ test_mra_vrFilter( static int test_substrings_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, ValuesReturnFilter *f, @@ -41,8 +37,6 @@ test_substrings_vrFilter( static int test_presence_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, AttributeDescription *desc, @@ -51,8 +45,6 @@ test_presence_vrFilter( static int test_ava_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, AttributeAssertion *ava, @@ -63,8 +55,6 @@ test_ava_vrFilter( int filter_matched_values( - Backend *be, - Connection *conn, Operation *op, Attribute *a, char ***e_flags @@ -106,7 +96,7 @@ filter_matched_values( #else Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 ); #endif - rc = test_ava_vrFilter( be, conn, op, a, vrf->vrf_ava, + rc = test_ava_vrFilter( op, a, vrf->vrf_ava, LDAP_FILTER_EQUALITY, e_flags ); if( rc == -1 ) { return rc; @@ -120,7 +110,7 @@ filter_matched_values( Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 ); #endif - rc = test_substrings_vrFilter( be, conn, op, a, + rc = test_substrings_vrFilter( op, a, vrf, e_flags ); if( rc == -1 ) { return rc; @@ -133,7 +123,7 @@ filter_matched_values( #else Debug( LDAP_DEBUG_FILTER, " PRESENT\n", 0, 0, 0 ); #endif - rc = test_presence_vrFilter( be, conn, op, a, + rc = test_presence_vrFilter( op, a, vrf->vrf_desc, e_flags ); if( rc == -1 ) { return rc; @@ -141,7 +131,7 @@ filter_matched_values( break; case LDAP_FILTER_GE: - rc = test_ava_vrFilter( be, conn, op, a, vrf->vrf_ava, + rc = test_ava_vrFilter( op, a, vrf->vrf_ava, LDAP_FILTER_GE, e_flags ); if( rc == -1 ) { return rc; @@ -149,7 +139,7 @@ filter_matched_values( break; case LDAP_FILTER_LE: - rc = test_ava_vrFilter( be, conn, op, a, vrf->vrf_ava, + rc = test_ava_vrFilter( op, a, vrf->vrf_ava, LDAP_FILTER_LE, e_flags ); if( rc == -1 ) { return rc; @@ -162,7 +152,7 @@ filter_matched_values( #else Debug( LDAP_DEBUG_FILTER, " EXT\n", 0, 0, 0 ); #endif - rc = test_mra_vrFilter( be, conn, op, a, + rc = test_mra_vrFilter( op, a, vrf->vrf_mra, e_flags ); if( rc == -1 ) { return rc; @@ -191,8 +181,6 @@ filter_matched_values( static int test_ava_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, AttributeAssertion *ava, @@ -278,8 +266,6 @@ test_ava_vrFilter( static int test_presence_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, AttributeDescription *desc, @@ -304,8 +290,6 @@ test_presence_vrFilter( static int test_substrings_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, ValuesReturnFilter *vrf, @@ -354,8 +338,6 @@ test_substrings_vrFilter( static int test_mra_vrFilter( - Backend *be, - Connection *conn, Operation *op, Attribute *a, MatchingRuleAssertion *mra, diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c index 1d3c7b325f..d28b85e3c2 100644 --- a/servers/slapd/modify.c +++ b/servers/slapd/modify.c @@ -33,12 +33,10 @@ int do_modify( - Connection *conn, - Operation *op ) + Operation *op, + SlapReply *rs ) { struct berval dn = { 0, NULL }; - struct berval pdn = { 0, NULL }; - struct berval ndn = { 0, NULL }; char *last; ber_tag_t tag; ber_len_t len; @@ -51,9 +49,6 @@ do_modify( LDAPMod **modv = NULL; Slapi_PBlock *pb = op->o_pb; #endif - Backend *be; - int rc; - const char *text; int manageDSAit; #ifdef NEW_LOGGING @@ -88,8 +83,7 @@ do_modify( Debug( LDAP_DEBUG_ANY, "do_modify: ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); return SLAPD_DISCONNECT; } @@ -117,9 +111,8 @@ do_modify( &tmp.sml_type, &tmp.sml_values ) == LBER_ERROR ) { - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding modlist error" ); - rc = SLAPD_DISCONNECT; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding modlist error" ); + rs->sr_err = SLAPD_DISCONNECT; goto cleanup; } @@ -147,10 +140,8 @@ do_modify( (long) mop, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR, - NULL, "modify/add operation requires values", - NULL, NULL ); - rc = LDAP_PROTOCOL_ERROR; + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, + "modify/add operation requires values" ); goto cleanup; } @@ -170,9 +161,8 @@ do_modify( (long) mop, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR, - NULL, "unrecognized modify operation", NULL, NULL ); - rc = LDAP_PROTOCOL_ERROR; + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, + "unrecognized modify operation" ); goto cleanup; } } @@ -181,7 +171,7 @@ do_modify( } *modtail = NULL; - if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_modify: get_ctrls failed\n", 0, 0, 0 ); #else @@ -191,21 +181,20 @@ do_modify( goto cleanup; } - rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn ); - if( rc != LDAP_SUCCESS ) { + rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn ); + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_modify: conn %d invalid dn (%s)\n", - conn->c_connid, dn.bv_val, 0 ); + op->o_connid, dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_modify: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" ); goto cleanup; } - if( ndn.bv_len == 0 ) { + if( op->o_req_ndn.bv_len == 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_modify: attempt to modify root DSE.\n",0, 0, 0 ); @@ -213,11 +202,11 @@ do_modify( Debug( LDAP_DEBUG_ANY, "do_modify: root dse!\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "modify upon the root DSE not supported", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "modify upon the root DSE not supported" ); goto cleanup; - } else if ( bvmatch( &ndn, &global_schemandn ) ) { + } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_modify: attempt to modify subschema subentry.\n" , 0, 0, 0 ); @@ -225,9 +214,8 @@ do_modify( Debug( LDAP_DEBUG_ANY, "do_modify: subschema subentry!\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "modification of subschema subentry not supported", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "modification of subschema subentry not supported" ); goto cleanup; } @@ -312,28 +300,26 @@ do_modify( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) { - BerVarray ref = referral_rewrite( default_referral, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); + if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) { + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); + if (!rs->sr_ref) rs->sr_ref = default_referral; - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, ref ? ref : default_referral, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( ref ); + if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref ); goto cleanup; } /* check restrictions */ - rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, &pdn, &ndn ); - if ( rc != LDAP_SUCCESS ) { + if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) { goto cleanup; } @@ -346,8 +332,8 @@ do_modify( modv = slapi_x_modifications2ldapmods( &modlist ); slapi_pblock_set( pb, SLAPI_MODIFY_MODS, (void *)modv ); - rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_MODIFY_FN, pb ); - if ( rc != 0 ) { + rs->sr_err = doPluginFNs( be, SLAPI_PLUGIN_PRE_MODIFY_FN, pb ); + if ( rs->sr_err != 0 ) { /* * A preoperation plugin failure will abort the * entire operation. @@ -359,8 +345,8 @@ do_modify( Debug(LDAP_DEBUG_TRACE, "do_modify: modify preoperation plugin failed.\n", 0, 0, 0); #endif - if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0) { - rc = LDAP_OTHER; + if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0) { + rs->sr_err = LDAP_OTHER; } ldap_mods_free( modv, 1 ); modv = NULL; @@ -385,27 +371,25 @@ do_modify( * 2) this backend is master for what it holds; * 3) it's a replica and the dn supplied is the update_ndn. */ - if ( be->be_modify ) { + if ( op->o_bd->be_modify ) { /* do the update here */ - int repl_user = be_isupdate( be, &op->o_ndn ); + int repl_user = be_isupdate( op->o_bd, &op->o_ndn ); #ifndef SLAPD_MULTIMASTER /* Multimaster slapd does not have to check for replicator dn * because it accepts each modify request */ - if ( !be->be_update_ndn.bv_len || repl_user ) + if ( !op->o_bd->be_update_ndn.bv_len || repl_user ) #endif { - int update = be->be_update_ndn.bv_len; - const char *text; + int update = op->o_bd->be_update_ndn.bv_len; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; - rc = slap_mods_check( modlist, update, &text, + rs->sr_err = slap_mods_check( modlist, update, &rs->sr_text, textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } @@ -417,47 +401,45 @@ do_modify( /* empty */ } - rc = slap_mods_opattrs( be, op, modlist, modtail, &text, - textbuf, textlen ); - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, - NULL, NULL ); + rs->sr_err = slap_mods_opattrs( op, modlist, modtail, + &rs->sr_text, textbuf, textlen ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } } - if ( (*be->be_modify)( be, conn, op, &pdn, &ndn, modlist ) == 0 + op->oq_modify.rs_modlist = modlist; + if ( (op->o_bd->be_modify)( op, rs ) == 0 #ifdef SLAPD_MULTIMASTER && !repl_user #endif ) { /* but we log only the ones not from a replicator user */ - replog( be, op, &pdn, &ndn, modlist ); + replog( op ); } #ifndef SLAPD_MULTIMASTER /* send a referral */ } else { - BerVarray defref = be->be_update_refs - ? be->be_update_refs : default_referral; - BerVarray ref = referral_rewrite( defref, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); - - send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, - ref ? ref : defref, NULL ); + BerVarray defref = op->o_bd->be_update_refs + ? op->o_bd->be_update_refs : default_referral; + rs->sr_ref = referral_rewrite( defref, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); - ber_bvarray_free( ref ); + if (!rs->sr_ref) rs->sr_ref = defref; + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + if (rs->sr_ref != defref) ber_bvarray_free( rs->sr_ref ); #endif } } else { - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "operation not supported within namingContext" ); } #if defined( LDAP_SLAPI ) - if ( doPluginFNs( be, SLAPI_PLUGIN_POST_MODIFY_FN, pb ) != 0 ) { + if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_MODIFY_FN, pb ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_modify: modify postoperation plugins " "failed\n", 0, 0, 0 ); @@ -469,13 +451,13 @@ do_modify( #endif /* defined( LDAP_SLAPI ) */ cleanup: - free( pdn.bv_val ); - free( ndn.bv_val ); + free( op->o_req_dn.bv_val ); + free( op->o_req_ndn.bv_val ); if ( modlist != NULL ) slap_mods_free( modlist ); #if defined( LDAP_SLAPI ) if ( modv != NULL ) slapi_x_free_ldapmods( modv ); #endif - return rc; + return rs->sr_err; } /* @@ -660,7 +642,6 @@ int slap_mods_check( } int slap_mods_opattrs( - Backend *be, Operation *op, Modifications *mods, Modifications **modtail, @@ -681,7 +662,7 @@ int slap_mods_opattrs( assert( modtail != NULL ); assert( *modtail == NULL ); - if( SLAP_LASTMOD(be) ) { + if( SLAP_LASTMOD(op->o_bd) ) { struct tm *ltm; time_t now = slap_get_time(); @@ -742,7 +723,7 @@ int slap_mods_opattrs( modtail = &mod->sml_next; } - if( SLAP_LASTMOD(be) ) { + if( SLAP_LASTMOD(op->o_bd) ) { char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ]; tmpval.bv_len = lutil_uuidstr( uuidbuf, sizeof( uuidbuf ) ); @@ -801,7 +782,7 @@ int slap_mods_opattrs( } } - if( SLAP_LASTMOD(be) ) { + if( SLAP_LASTMOD(op->o_bd) ) { mod = (Modifications *) ch_malloc( sizeof( Modifications ) ); mod->sml_op = mop; mod->sml_type.bv_val = NULL; diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c index 0a7cc9ed7e..a97995c9c4 100644 --- a/servers/slapd/modrdn.c +++ b/servers/slapd/modrdn.c @@ -43,8 +43,8 @@ int do_modrdn( - Connection *conn, - Operation *op + Operation *op, + SlapReply *rs ) { struct berval dn = { 0, NULL }; @@ -52,19 +52,12 @@ do_modrdn( struct berval newSuperior = { 0, NULL }; ber_int_t deloldrdn; - struct berval pdn = { 0, NULL }; - struct berval pnewrdn = { 0, NULL }; - struct berval pnewSuperior = { 0, NULL }, *pnewS = NULL; + struct berval pnewSuperior = { 0, NULL }; - struct berval ndn = { 0, NULL }; - struct berval nnewrdn = { 0, NULL }; - struct berval nnewSuperior = { 0, NULL }, *nnewS = NULL; + struct berval nnewSuperior = { 0, NULL }; - Backend *be; Backend *newSuperior_be = NULL; ber_len_t length; - int rc; - const char *text; int manageDSAit; #ifdef LDAP_SLAPI @@ -98,8 +91,7 @@ do_modrdn( Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); return SLAPD_DISCONNECT; } @@ -119,9 +111,9 @@ do_modrdn( 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "newSuperior requires LDAPv3" ); - rc = SLAPD_DISCONNECT; + rs->sr_err = SLAPD_DISCONNECT; goto cleanup; } @@ -136,13 +128,13 @@ do_modrdn( 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = SLAPD_DISCONNECT; + rs->sr_err = SLAPD_DISCONNECT; goto cleanup; } - pnewS = &pnewSuperior; - nnewS = &nnewSuperior; + op->oq_modrdn.rs_newSup = &pnewSuperior; + op->oq_modrdn.rs_nnewSup = &nnewSuperior; } #ifdef NEW_LOGGING @@ -164,13 +156,13 @@ do_modrdn( Debug( LDAP_DEBUG_ANY, "do_modrdn: ber_scanf failed\n", 0, 0, 0 ); #endif - send_ldap_disconnect( conn, op, + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = SLAPD_DISCONNECT; + rs->sr_err = SLAPD_DISCONNECT; goto cleanup; } - if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_modrdn: get_ctrls failed\n", 0, 0, 0 ); #else @@ -181,22 +173,21 @@ do_modrdn( goto cleanup; } - rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn ); - if( rc != LDAP_SUCCESS ) { + rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn ); + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_modrdn: conn %d invalid dn (%s)\n", - conn->c_connid, dn.bv_val, 0 ); + op->o_connid, dn.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" ); goto cleanup; } - if( ndn.bv_len == 0 ) { + if( op->o_req_ndn.bv_len == 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_modrdn: attempt to modify root DSE.\n", 0, 0, 0 ); @@ -204,11 +195,11 @@ do_modrdn( Debug( LDAP_DEBUG_ANY, "do_modrdn: root dse!\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "cannot rename the root DSE", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "cannot rename the root DSE" ); goto cleanup; - } else if ( bvmatch( &ndn, &global_schemandn ) ) { + } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_modrdn: attempt to modify subschema subentry: %s (%ld)\n", @@ -218,63 +209,60 @@ do_modrdn( global_schemandn.bv_val, (long) global_schemandn.bv_len, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "cannot rename subschema subentry", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "cannot rename subschema subentry" ); goto cleanup; } /* FIXME: should have/use rdnPretty / rdnNormalize routines */ - rc = dnPrettyNormal( NULL, &newrdn, &pnewrdn, &nnewrdn ); - if( rc != LDAP_SUCCESS ) { + rs->sr_err = dnPrettyNormal( NULL, &newrdn, &op->oq_modrdn.rs_newrdn, &op->oq_modrdn.rs_nnewrdn ); + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_modrdn: conn %d invalid newrdn (%s)\n", - conn->c_connid, newrdn.bv_val, 0 ); + op->o_connid, newrdn.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid newrdn (%s)\n", newrdn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid new RDN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid new RDN" ); goto cleanup; } - if( rdnValidate( &pnewrdn ) != LDAP_SUCCESS ) { + if( rdnValidate( &op->oq_modrdn.rs_newrdn ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "do_modrdn: invalid rdn (%s).\n", pnewrdn.bv_val, 0, 0 ); + "do_modrdn: invalid rdn (%s).\n", op->oq_modrdn.rs_newrdn.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid rdn (%s)\n", - pnewrdn.bv_val, 0, 0 ); + op->oq_modrdn.rs_newrdn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid new RDN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid new RDN" ); goto cleanup; } - if( pnewS ) { - rc = dnPrettyNormal( NULL, &newSuperior, &pnewSuperior, + if( op->oq_modrdn.rs_newSup ) { + rs->sr_err = dnPrettyNormal( NULL, &newSuperior, &pnewSuperior, &nnewSuperior ); - if( rc != LDAP_SUCCESS ) { + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_modrdn: conn %d invalid newSuperior (%s)\n", - conn->c_connid, newSuperior.bv_val, 0 ); + op->o_connid, newSuperior.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid newSuperior (%s)\n", newSuperior.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid newSuperior", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid newSuperior" ); goto cleanup; } } Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu MODRDN dn=\"%s\"\n", - op->o_connid, op->o_opid, pdn.bv_val, 0, 0 ); + op->o_connid, op->o_opid, op->o_req_dn.bv_val, 0, 0 ); manageDSAit = get_manageDSAit( op ); @@ -283,51 +271,47 @@ do_modrdn( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( &ndn, manageDSAit, 0 )) == NULL ) { - BerVarray ref = referral_rewrite( default_referral, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); + if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 )) == NULL ) { + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); + if (!rs->sr_ref) rs->sr_ref = default_referral; - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, ref ? ref : default_referral, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( ref ); + if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref ); goto cleanup; } /* check restrictions */ - rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto cleanup; } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, &pdn, &ndn ); - if ( rc != LDAP_SUCCESS ) { + if ( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) { goto cleanup; } /* Make sure that the entry being changed and the newSuperior are in * the same backend, otherwise we return an error. */ - if( pnewS ) { + if( op->oq_modrdn.rs_newSup ) { newSuperior_be = select_backend( &nnewSuperior, 0, 0 ); - if ( newSuperior_be != be ) { - /* newSuperior is in same backend */ - rc = LDAP_AFFECTS_MULTIPLE_DSAS; - - send_ldap_result( conn, op, rc, - NULL, "cannot rename between DSAa", NULL, NULL ); + if ( newSuperior_be != op->o_bd ) { + /* newSuperior is in different backend */ + send_ldap_error( op, rs, LDAP_AFFECTS_MULTIPLE_DSAS, + "cannot rename between DSAs" ); goto cleanup; } } #if defined( LDAP_SLAPI ) - slapi_x_backend_set_pb( pb, be ); - slapi_x_connection_set_pb( pb, conn ); + slapi_x_backend_set_pb( pb, op->o_bd ); + slapi_x_connection_set_pb( pb, op->o_conn ); slapi_x_operation_set_pb( pb, op ); slapi_pblock_set( pb, SLAPI_MODRDN_TARGET, (void *)dn.bv_val ); slapi_pblock_set( pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn.bv_val ); @@ -336,8 +320,8 @@ do_modrdn( slapi_pblock_set( pb, SLAPI_MODRDN_DELOLDRDN, (void *)deloldrdn ); slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit ); - rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_MODRDN_FN, pb ); - if ( rc != 0 ) { + rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_MODRDN_FN, pb ); + if ( rs->sr_err != 0 ) { /* * A preoperation plugin failure will abort the * entire operation. @@ -349,60 +333,54 @@ do_modrdn( Debug(LDAP_DEBUG_TRACE, "do_modrdn: modrdn preoperation plugin " "failed.\n", 0, 0, 0); #endif - if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0) - rc = LDAP_OTHER; + if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rs->sr_err ) != 0) + rs->sr_err = LDAP_OTHER; goto cleanup; } #endif /* defined( LDAP_SLAPI ) */ /* - * do the add if 1 && (2 || 3) - * 1) there is an add function implemented in this backend; + * do the modrdn if 1 && (2 || 3) + * 1) there is a modrdn function implemented in this backend; * 2) this backend is master for what it holds; * 3) it's a replica and the dn supplied is the update_ndn. */ - if ( be->be_modrdn ) { + if ( op->o_bd->be_modrdn ) { /* do the update here */ - int repl_user = be_isupdate( be, &op->o_ndn ); + int repl_user = be_isupdate( op->o_bd, &op->o_ndn ); #ifndef SLAPD_MULTIMASTER - if ( !be->be_update_ndn.bv_len || repl_user ) + if ( !op->o_bd->be_update_ndn.bv_len || repl_user ) #endif { - if ( (*be->be_modrdn)( be, conn, op, &pdn, &ndn, - &pnewrdn, &nnewrdn, deloldrdn, - pnewS, nnewS ) == 0 + op->oq_modrdn.rs_deleteoldrdn = deloldrdn; + if ( (op->o_bd->be_modrdn)( op, rs ) == 0 #ifdef SLAPD_MULTIMASTER - && ( !be->be_update_ndn.bv_len || !repl_user ) + && ( !op->o_bd->be_update_ndn.bv_len || !repl_user ) #endif ) { - struct slap_replog_moddn moddn; - moddn.newrdn = &pnewrdn; - moddn.deloldrdn = deloldrdn; - moddn.newsup = &pnewSuperior; - - replog( be, op, &pdn, &ndn, &moddn ); + replog( op ); } #ifndef SLAPD_MULTIMASTER } else { - BerVarray defref = be->be_update_refs - ? be->be_update_refs : default_referral; - BerVarray ref = referral_rewrite( defref, - NULL, &pdn, LDAP_SCOPE_DEFAULT ); + BerVarray defref = op->o_bd->be_update_refs + ? op->o_bd->be_update_refs : default_referral; + rs->sr_ref = referral_rewrite( defref, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); + if (!rs->sr_ref) rs->sr_ref = defref; - send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, - ref ? ref : defref, NULL ); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( ref ); + if (rs->sr_ref != defref) ber_bvarray_free( rs->sr_ref ); #endif } } else { - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "operation not supported within namingContext" ); } #if defined( LDAP_SLAPI ) - if ( doPluginFNs( be, SLAPI_PLUGIN_POST_MODRDN_FN, pb ) != 0 ) { + if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_MODRDN_FN, pb ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_modrdn: modrdn postoperation plugins " "failed\n", 0, 0, 0 ); @@ -414,61 +392,57 @@ do_modrdn( #endif /* defined( LDAP_SLAPI ) */ cleanup: - free( pdn.bv_val ); - free( ndn.bv_val ); + free( op->o_req_dn.bv_val ); + free( op->o_req_ndn.bv_val ); - free( pnewrdn.bv_val ); - free( nnewrdn.bv_val ); + free( op->oq_modrdn.rs_newrdn.bv_val ); + free( op->oq_modrdn.rs_nnewrdn.bv_val ); if ( pnewSuperior.bv_val ) free( pnewSuperior.bv_val ); if ( nnewSuperior.bv_val ) free( nnewSuperior.bv_val ); - return rc; + return rs->sr_err; } int slap_modrdn2mods( - Backend *be, - Connection *conn, Operation *op, + SlapReply *rs, Entry *e, LDAPRDN *old_rdn, LDAPRDN *new_rdn, - int deleteoldrdn, Modifications **pmod ) { - int rc = LDAP_SUCCESS; - const char *text; Modifications *mod = NULL; int a_cnt, d_cnt; assert( new_rdn != NULL ); - assert( !deleteoldrdn || old_rdn != NULL ); + assert( !op->oq_modrdn.rs_deleteoldrdn || old_rdn != NULL ); /* Add new attribute values to the entry */ for ( a_cnt = 0; new_rdn[0][a_cnt]; a_cnt++ ) { AttributeDescription *desc = NULL; Modifications *mod_tmp; - rc = slap_bv2ad( &new_rdn[0][a_cnt]->la_attr, &desc, &text ); + rs->sr_err = slap_bv2ad( &new_rdn[0][a_cnt]->la_attr, &desc, &rs->sr_text ); - if ( rc != LDAP_SUCCESS ) { + if ( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "slap_modrdn2modlist: %s: %s (new)\n", - text, + rs->sr_text, new_rdn[ 0 ][ a_cnt ]->la_attr.bv_val, 0 ); #else Debug( LDAP_DEBUG_TRACE, "slap_modrdn2modlist: %s: %s (new)\n", - text, + rs->sr_text, new_rdn[ 0 ][ a_cnt ]->la_attr.bv_val, 0 ); #endif goto done; } /* ACL check of newly added attrs */ - if ( be && !access_allowed( be, conn, op, e, desc, + if ( op->o_bd && !access_allowed( op, e, desc, &new_rdn[0][a_cnt]->la_value, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, @@ -481,7 +455,7 @@ slap_modrdn2mods( "(new) not allowed\n", new_rdn[0][ a_cnt ]->la_attr.bv_val, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto done; } @@ -517,23 +491,23 @@ slap_modrdn2mods( } /* Remove old rdn value if required */ - if ( deleteoldrdn ) { + if ( op->oq_modrdn.rs_deleteoldrdn ) { for ( d_cnt = 0; old_rdn[0][d_cnt]; d_cnt++ ) { AttributeDescription *desc = NULL; Modifications *mod_tmp; - rc = slap_bv2ad( &old_rdn[0][d_cnt]->la_attr, &desc, &text ); - if ( rc != LDAP_SUCCESS ) { + rs->sr_err = slap_bv2ad( &old_rdn[0][d_cnt]->la_attr, &desc, &rs->sr_text ); + if ( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "slap_modrdn2modlist: %s: %s (old)\n", - text, + rs->sr_text, old_rdn[0][d_cnt]->la_attr.bv_val, 0 ); #else Debug( LDAP_DEBUG_TRACE, "slap_modrdn2modlist: %s: %s (old)\n", - text, + rs->sr_text, old_rdn[0][d_cnt]->la_attr.bv_val, 0 ); #endif @@ -541,7 +515,7 @@ slap_modrdn2mods( } /* ACL check of newly added attrs */ - if ( be && !access_allowed( be, conn, op, e, desc, + if ( op->o_bd && !access_allowed( op, e, desc, &old_rdn[0][d_cnt]->la_value, ACL_WRITE, NULL ) ) { #ifdef NEW_LOGGING @@ -557,7 +531,7 @@ slap_modrdn2mods( old_rdn[ 0 ][ d_cnt ]->la_attr.bv_val, 0, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; + rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto done; } @@ -595,7 +569,7 @@ slap_modrdn2mods( done: /* LDAP v2 supporting correct attribute handling. */ - if ( rc != LDAP_SUCCESS && mod != NULL ) { + if ( rs->sr_err != LDAP_SUCCESS && mod != NULL ) { Modifications *tmp; for ( ; mod; mod = tmp ) { tmp = mod->sml_next; @@ -605,5 +579,5 @@ done: *pmod = mod; - return rc; + return rs->sr_err; } diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c index 14e37f2970..c85d7f81eb 100644 --- a/servers/slapd/passwd.c +++ b/servers/slapd/passwd.c @@ -20,73 +20,52 @@ #include int passwd_extop( - Connection *conn, Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl ***rspctrls, - const char **text, - BerVarray *refs ) + Operation *op, + SlapReply *rs ) { - Backend *be; - int rc; - - assert( reqoid != NULL ); - assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 ); + assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 ); if( op->o_dn.bv_len == 0 ) { - *text = "only authenticated users may change passwords"; + rs->sr_text = "only authenticated users may change passwords"; return LDAP_STRONG_AUTH_REQUIRED; } - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - be = conn->c_authz_backend; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + op->o_bd = op->o_conn->c_authz_backend; + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); - if( be && !be->be_extended ) { - *text = "operation not supported for current user"; + if( op->o_bd && !op->o_bd->be_extended ) { + rs->sr_text = "operation not supported for current user"; return LDAP_UNWILLING_TO_PERFORM; } - { - rc = backend_check_restrictions( be, conn, op, - (struct berval *)&slap_EXOP_MODIFY_PASSWD, text ); + if (backend_check_restrictions( op, rs, + (struct berval *)&slap_EXOP_MODIFY_PASSWD ) != LDAP_SUCCESS) { + return rs->sr_err; } - if( rc != LDAP_SUCCESS ) { - return rc; - } - - if( be == NULL ) { + if( op->o_bd == NULL ) { #ifdef HAVE_CYRUS_SASL - rc = slap_sasl_setpass( conn, op, - reqoid, reqdata, - rspoid, rspdata, rspctrls, - text ); + rs->sr_err = slap_sasl_setpass( op, rs ); #else - *text = "no authz backend"; - rc = LDAP_OTHER; + rs->sr_text = "no authz backend"; + rs->sr_err = LDAP_OTHER; #endif #ifndef SLAPD_MULTIMASTER /* This does not apply to multi-master case */ - } else if( be->be_update_ndn.bv_len ) { + } else if( op->o_bd->be_update_ndn.bv_len ) { /* we SHOULD return a referral in this case */ - *refs = referral_rewrite( be->be_update_refs, + rs->sr_ref = referral_rewrite( op->o_bd->be_update_refs, NULL, NULL, LDAP_SCOPE_DEFAULT ); - rc = LDAP_REFERRAL; + rs->sr_err = LDAP_REFERRAL; #endif /* !SLAPD_MULTIMASTER */ } else { - rc = be->be_extended( - be, conn, op, - reqoid, reqdata, - rspoid, rspdata, rspctrls, - text, refs ); + rs->sr_err = op->o_bd->be_extended( op, rs ); } - return rc; + return rs->sr_err; } int slap_passwd_parse( struct berval *reqdata, diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 07c3ae3260..13837bdb00 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -15,13 +15,12 @@ LDAP_BEGIN_DECL * acl.c */ LDAP_SLAPD_F (int) access_allowed LDAP_P(( - Backend *be, Connection *conn, Operation *op, + Operation *op, Entry *e, AttributeDescription *desc, struct berval *val, slap_access_t access, AccessControlState *state )); LDAP_SLAPD_F (int) acl_check_modlist LDAP_P(( - Backend *be, Connection *conn, Operation *op, - Entry *e, Modifications *ml )); + Operation *op, Entry *e, Modifications *ml )); LDAP_SLAPD_F (void) acl_append( AccessControl **l, AccessControl *a ); @@ -204,40 +203,31 @@ LDAP_SLAPD_F (int) be_issuffix LDAP_P(( Backend *be, struct berval *suffix )); LDAP_SLAPD_F (int) be_isroot LDAP_P(( Backend *be, struct berval *ndn )); -LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Backend *be, - Connection *conn, struct berval *ndn, struct berval *cred )); +LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Operation *op )); LDAP_SLAPD_F (int) be_isupdate LDAP_P(( Backend *be, struct berval *ndn )); LDAP_SLAPD_F (struct berval *) be_root_dn LDAP_P(( Backend *be )); -LDAP_SLAPD_F (int) be_entry_get_rw LDAP_P(( BackendDB *bd, - struct slap_conn *c, struct slap_op *o, +LDAP_SLAPD_F (int) be_entry_get_rw LDAP_P(( struct slap_op *o, struct berval *ndn, ObjectClass *oc, AttributeDescription *at, int rw, Entry **e )); LDAP_SLAPD_F (int) be_entry_release_rw LDAP_P(( - BackendDB *be, Connection *c, Operation *o, Entry *e, int rw )); -#define be_entry_release_r( be, c, o, e ) be_entry_release_rw( be, c, o, e, 0 ) -#define be_entry_release_w( be, c, o, e ) be_entry_release_rw( be, c, o, e, 1 ) + Operation *o, Entry *e, int rw )); +#define be_entry_release_r( o, e ) be_entry_release_rw( o, e, 0 ) +#define be_entry_release_w( o, e ) be_entry_release_rw( o, e, 1 ) -LDAP_SLAPD_F (int) backend_unbind LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) backend_unbind LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) backend_connection_init LDAP_P((Connection *conn)); +LDAP_SLAPD_F (int) backend_connection_destroy LDAP_P((Connection *conn)); LDAP_SLAPD_F( int ) backend_check_restrictions LDAP_P(( - BackendDB *be, - Connection *conn, Operation *op, - struct berval *opdata, - const char **text )); + SlapReply *rs, + struct berval *opdata )); LDAP_SLAPD_F( int ) backend_check_referrals LDAP_P(( - BackendDB *be, - Connection *conn, Operation *op, - struct berval *dn, - struct berval *ndn )); - -LDAP_SLAPD_F (int) backend_connection_init LDAP_P((Connection *conn)); -LDAP_SLAPD_F (int) backend_connection_destroy LDAP_P((Connection *conn)); + SlapReply *rs )); -LDAP_SLAPD_F (int) backend_group LDAP_P((BackendDB *be, - Connection *conn, +LDAP_SLAPD_F (int) backend_group LDAP_P(( Operation *op, Entry *target, struct berval *gr_ndn, @@ -246,8 +236,7 @@ LDAP_SLAPD_F (int) backend_group LDAP_P((BackendDB *be, AttributeDescription *group_at )); -LDAP_SLAPD_F (int) backend_attribute LDAP_P((BackendDB *be, - Connection *conn, +LDAP_SLAPD_F (int) backend_attribute LDAP_P(( Operation *op, Entry *target, struct berval *entry_ndn, @@ -256,11 +245,8 @@ LDAP_SLAPD_F (int) backend_attribute LDAP_P((BackendDB *be, )); LDAP_SLAPD_F (Attribute *) backend_operational( - BackendDB *, - Connection *conn, Operation *op, - Entry *e, - AttributeName *attrs, + SlapReply *rs, int opattrs ); /* @@ -297,8 +283,8 @@ LDAP_SLAPD_F (void) ch_free LDAP_P(( void * )); * controls.c */ LDAP_SLAPD_F (int) get_ctrls LDAP_P(( - Connection *co, Operation *op, + SlapReply *rs, int senderrors )); LDAP_SLAPD_F (int) register_supported_control LDAP_P(( const char *controloid, @@ -491,15 +477,7 @@ const struct berval slap_EXOP_WHOAMI; const struct berval slap_EXOP_MODIFY_PASSWD; const struct berval slap_EXOP_START_TLS; -typedef int (SLAP_EXTOP_MAIN_FN) LDAP_P(( - Connection *conn, Operation *op, - struct berval * reqoid, - struct berval * reqdata, - char ** rspoid, - struct berval ** rspdata, - LDAPControl *** rspctrls, - const char ** text, - BerVarray *refs )); +typedef int (SLAP_EXTOP_MAIN_FN) LDAP_P(( Operation *op, SlapReply *rs )); typedef int (SLAP_EXTOP_GETOID_FN) LDAP_P(( int index, struct berval *oid, int blen )); @@ -546,9 +524,7 @@ LDAP_SLAPD_F (int) filter_escape_value LDAP_P(( struct berval *in, * filterentry.c */ -LDAP_SLAPD_F (int) test_filter LDAP_P(( - Backend *be, Connection *conn, Operation *op, - Entry *e, Filter *f )); +LDAP_SLAPD_F (int) test_filter LDAP_P(( Operation *op, Entry *e, Filter *f )); /* * globals.c @@ -603,8 +579,6 @@ LDAP_SLAPD_F (int) lock_fclose LDAP_P(( FILE *fp, FILE *lfp )); * matchedValues.c */ LDAP_SLAPD_F (int) filter_matched_values( - Backend *be, - Connection *conn, Operation *op, Attribute *a, char ***e_flags ); @@ -613,13 +587,11 @@ LDAP_SLAPD_F (int) filter_matched_values( * modrdn.c */ LDAP_SLAPD_F (int) slap_modrdn2mods( - Backend *be, - Connection *conn, Operation *op, + SlapReply *rs, Entry *e, LDAPRDN *oldrdn, LDAPRDN *newrdn, - int deleteoldrdn, Modifications **pmod ); /* @@ -632,7 +604,6 @@ LDAP_SLAPD_F( int ) slap_mods_check( char *textbuf, size_t textlen ); LDAP_SLAPD_F( int ) slap_mods_opattrs( - Backend *be, Operation *op, Modifications *mods, Modifications **modlist, @@ -824,7 +795,7 @@ LDAP_SLAPD_F (int) validate_global_referral LDAP_P(( const char *url )); LDAP_SLAPD_F (BerVarray) get_entry_referrals LDAP_P(( - Backend *be, Connection *conn, Operation *op, Entry *e )); + Operation *op, Entry *e )); LDAP_SLAPD_F (BerVarray) referral_rewrite LDAP_P(( BerVarray refs, @@ -841,66 +812,19 @@ LDAP_SLAPD_F (int) add_replica_suffix LDAP_P(( Backend *be, int nr, const char *suffix )); LDAP_SLAPD_F (int) add_replica_attrs LDAP_P(( Backend *be, int nr, char *attrs, int exclude )); -LDAP_SLAPD_F (void) replog LDAP_P(( Backend *be, Operation *op, - struct berval *dn, struct berval *ndn, void *change )); +LDAP_SLAPD_F (void) replog LDAP_P(( Operation *op )); /* * result.c */ -LDAP_SLAPD_F (void) slap_send_ldap_result LDAP_P(( - Connection *conn, Operation *op, - ber_int_t err, const char *matched, const char *text, - BerVarray refs, - LDAPControl **ctrls )); - -LDAP_SLAPD_F (void) send_ldap_sasl LDAP_P(( - Connection *conn, Operation *op, - ber_int_t err, const char *matched, - const char *text, - BerVarray refs, - LDAPControl **ctrls, - struct berval *cred )); - -LDAP_SLAPD_F (void) send_ldap_disconnect LDAP_P(( - Connection *conn, Operation *op, - ber_int_t err, const char *text )); - -LDAP_SLAPD_F (void) slap_send_ldap_extended LDAP_P(( - Connection *conn, Operation *op, - ber_int_t err, const char *matched, - const char *text, BerVarray refs, - const char *rspoid, struct berval *rspdata, - LDAPControl **ctrls )); - -LDAP_SLAPD_F (void) slap_send_ldap_intermediate_resp LDAP_P(( - Connection *conn, Operation *op, - ber_int_t err, const char *matched, - const char *text, BerVarray refs, - const char *rspoid, struct berval *rspdata, - LDAPControl **ctrls )); - -LDAP_SLAPD_F (void) send_ldap_partial LDAP_P(( - Connection *conn, Operation *op, - const char *rspoid, struct berval *rspdata, - LDAPControl **ctrls )); - -LDAP_SLAPD_F (void) slap_send_search_result LDAP_P(( - Connection *conn, Operation *op, - ber_int_t err, const char *matched, const char *text, - BerVarray refs, - LDAPControl **ctrls, - int nentries )); - -LDAP_SLAPD_F (int) slap_send_search_reference LDAP_P(( - Backend *be, Connection *conn, Operation *op, - Entry *e, BerVarray refs, - LDAPControl **ctrls, - BerVarray *v2refs )); - -LDAP_SLAPD_F (int) slap_send_search_entry LDAP_P(( - Backend *be, Connection *conn, Operation *op, - Entry *e, AttributeName *attrs, int attrsonly, - LDAPControl **ctrls )); +LDAP_SLAPD_F (void) slap_send_ldap_result LDAP_P(( Operation *op, SlapReply *rs )); +LDAP_SLAPD_F (void) send_ldap_sasl LDAP_P(( Operation *op, SlapReply *rs )); +LDAP_SLAPD_F (void) send_ldap_disconnect LDAP_P(( Operation *op, SlapReply *rs )); +LDAP_SLAPD_F (void) slap_send_ldap_extended LDAP_P(( Operation *op, SlapReply *rs )); +LDAP_SLAPD_F (void) slap_send_ldap_intermediate_resp LDAP_P(( Operation *op, SlapReply *rs )); +LDAP_SLAPD_F (void) slap_send_search_result LDAP_P(( Operation *op, SlapReply *rs )); +LDAP_SLAPD_F (int) slap_send_search_reference LDAP_P(( Operation *op, SlapReply *rs )); +LDAP_SLAPD_F (int) slap_send_search_entry LDAP_P(( Operation *op, SlapReply *rs )); LDAP_SLAPD_F (int) str2result LDAP_P(( char *s, int *code, char **matched, char **info )); @@ -933,21 +857,11 @@ LDAP_SLAPD_F (int) slap_sasl_external( Connection *c, LDAP_SLAPD_F (int) slap_sasl_reset( Connection *c ); LDAP_SLAPD_F (int) slap_sasl_close( Connection *c ); -LDAP_SLAPD_F (int) slap_sasl_bind LDAP_P(( - Connection *conn, Operation *op, - struct berval *dn, struct berval *ndn, - struct berval *cred, - struct berval *edn, slap_ssf_t *ssf )); +LDAP_SLAPD_F (int) slap_sasl_bind LDAP_P(( Operation *op, SlapReply *rs )); LDAP_SLAPD_F (int) slap_sasl_setpass( - Connection *conn, Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char **text ); + SlapReply *rs ); LDAP_SLAPD_F (int) slap_sasl_config( int cargc, @@ -1223,16 +1137,16 @@ LDAP_SLAPD_V (struct berval) NoAttrs; /* * operations */ -LDAP_SLAPD_F (int) do_abandon LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_add LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_bind LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_compare LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_delete LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_modify LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_modrdn LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_search LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_unbind LDAP_P((Connection *conn, Operation *op)); -LDAP_SLAPD_F (int) do_extended LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_abandon LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_add LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_bind LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_compare LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_delete LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_modify LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_modrdn LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_search LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_unbind LDAP_P((Operation *op, SlapReply *rs)); +LDAP_SLAPD_F (int) do_extended LDAP_P((Operation *op, SlapReply *rs)); LDAP_END_DECL diff --git a/servers/slapd/referral.c b/servers/slapd/referral.c index dccd862b7a..acc9b9c2c5 100644 --- a/servers/slapd/referral.c +++ b/servers/slapd/referral.c @@ -292,8 +292,6 @@ BerVarray referral_rewrite( BerVarray get_entry_referrals( - Backend *be, - Connection *conn, Operation *op, Entry *e ) { diff --git a/servers/slapd/repl.c b/servers/slapd/repl.c index 25fe030e79..9df3b68795 100644 --- a/servers/slapd/repl.c +++ b/servers/slapd/repl.c @@ -100,20 +100,13 @@ add_replica_attrs( static void print_vals( FILE *fp, struct berval *type, struct berval *bv ); static void -replog1( struct slap_replica_info *ri, Operation *op, void *change, FILE *fp, void *first); +replog1( struct slap_replica_info *ri, Operation *op, FILE *fp, void *first); void -replog( - Backend *be, - Operation *op, - struct berval *dn, - struct berval *ndn, - void *change -) +replog( Operation *op ) { Modifications *ml = NULL; Attribute *a = NULL; - Entry *e; FILE *fp, *lfp; int i; /* undef NO_LOG_WHEN_NO_REPLICAS */ @@ -123,35 +116,35 @@ replog( int subsets = 0; long now = slap_get_time(); - if ( be->be_replogfile == NULL && replogfile == NULL ) { + if ( op->o_bd->be_replogfile == NULL && replogfile == NULL ) { return; } ldap_pvt_thread_mutex_lock( &replog_mutex ); - if ( (fp = lock_fopen( be->be_replogfile ? be->be_replogfile : + if ( (fp = lock_fopen( op->o_bd->be_replogfile ? op->o_bd->be_replogfile : replogfile, "a", &lfp )) == NULL ) { ldap_pvt_thread_mutex_unlock( &replog_mutex ); return; } - for ( i = 0; be->be_replica != NULL && be->be_replica[i] != NULL; i++ ) { + for ( i = 0; op->o_bd->be_replica != NULL && op->o_bd->be_replica[i] != NULL; i++ ) { /* check if dn's suffix matches legal suffixes, if any */ - if ( be->be_replica[i]->ri_nsuffix != NULL ) { + if ( op->o_bd->be_replica[i]->ri_nsuffix != NULL ) { int j; - for ( j = 0; be->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) { - if ( dnIsSuffix( ndn, &be->be_replica[i]->ri_nsuffix[j] ) ) { + for ( j = 0; op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) { + if ( dnIsSuffix( &op->o_req_ndn, &op->o_bd->be_replica[i]->ri_nsuffix[j] ) ) { break; } } - if ( !be->be_replica[i]->ri_nsuffix[j].bv_val ) { + if ( !op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val ) { /* do not add "replica:" line */ continue; } } /* See if we only want a subset of attributes */ - if ( be->be_replica[i]->ri_attrs != NULL && + if ( op->o_bd->be_replica[i]->ri_attrs != NULL && ( op->o_tag == LDAP_REQ_MODIFY || op->o_tag == LDAP_REQ_ADD || op->o_tag == LDAP_REQ_EXTENDED ) ) { if ( !subsets ) { subsets = i + 1; @@ -160,7 +153,7 @@ replog( continue; } - fprintf( fp, "replica: %s\n", be->be_replica[i]->ri_host ); + fprintf( fp, "replica: %s\n", op->o_bd->be_replica[i]->ri_host ); #ifdef NO_LOG_WHEN_NO_REPLICAS ++count; #endif @@ -178,30 +171,30 @@ replog( #endif fprintf( fp, "time: %ld\n", now ); - fprintf( fp, "dn: %s\n", dn->bv_val ); + fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val ); - replog1( NULL, op, change, fp, NULL ); + replog1( NULL, op, fp, NULL ); if ( subsets > 0 ) { void *first; - for ( i = subsets - 1; be->be_replica != NULL && be->be_replica[i] != NULL; i++ ) { + for ( i = subsets - 1; op->o_bd->be_replica != NULL && op->o_bd->be_replica[i] != NULL; i++ ) { /* If no attrs, we already did this above */ - if ( be->be_replica[i]->ri_attrs == NULL ) { + if ( op->o_bd->be_replica[i]->ri_attrs == NULL ) { continue; } /* check if dn's suffix matches legal suffixes, if any */ - if ( be->be_replica[i]->ri_nsuffix != NULL ) { + if ( op->o_bd->be_replica[i]->ri_nsuffix != NULL ) { int j; - for ( j = 0; be->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) { - if ( dnIsSuffix( ndn, &be->be_replica[i]->ri_nsuffix[j] ) ) { + for ( j = 0; op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) { + if ( dnIsSuffix( &op->o_req_ndn, &op->o_bd->be_replica[i]->ri_nsuffix[j] ) ) { break; } } - if ( !be->be_replica[i]->ri_nsuffix[j].bv_val ) { + if ( !op->o_bd->be_replica[i]->ri_nsuffix[j].bv_val ) { /* do not add "replica:" line */ continue; } @@ -214,11 +207,11 @@ replog( /* assume change parameter is a Modfications* */ /* fall thru */ case LDAP_REQ_MODIFY: - for ( ml = change; ml != NULL; ml = ml->sml_next ) { + for ( ml = op->oq_modify.rs_modlist; ml != NULL; ml = ml->sml_next ) { int is_in, exclude; - is_in = ad_inlist( ml->sml_desc, be->be_replica[i]->ri_attrs ); - exclude = be->be_replica[i]->ri_exclude; + is_in = ad_inlist( ml->sml_desc, op->o_bd->be_replica[i]->ri_attrs ); + exclude = op->o_bd->be_replica[i]->ri_exclude; /* * there might be a more clever way to do this test, @@ -235,12 +228,11 @@ replog( } break; case LDAP_REQ_ADD: - e = change; - for ( a = e->e_attrs; a != NULL; a = a->a_next ) { + for ( a = op->oq_add.rs_e->e_attrs; a != NULL; a = a->a_next ) { int is_in, exclude; - is_in = ad_inlist( a->a_desc, be->be_replica[i]->ri_attrs ); - exclude = be->be_replica[i]->ri_exclude; + is_in = ad_inlist( a->a_desc, op->o_bd->be_replica[i]->ri_attrs ); + exclude = op->o_bd->be_replica[i]->ri_exclude; if ( ( is_in && !exclude ) || ( !is_in && exclude ) ) { subsets = 1; @@ -256,10 +248,10 @@ replog( /* Other operations were logged in the first pass */ continue; } - fprintf( fp, "replica: %s\n", be->be_replica[i]->ri_host ); + fprintf( fp, "replica: %s\n", op->o_bd->be_replica[i]->ri_host ); fprintf( fp, "time: %ld\n", now ); - fprintf( fp, "dn: %s\n", dn->bv_val ); - replog1( be->be_replica[i], op, change, fp, first ); + fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val ); + replog1( op->o_bd->be_replica[i], op, fp, first ); } } @@ -272,15 +264,12 @@ static void replog1( struct slap_replica_info *ri, Operation *op, - void *change, FILE *fp, void *first ) { Modifications *ml; Attribute *a; - Entry *e; - struct slap_replog_moddn *moddn; switch ( op->o_tag ) { case LDAP_REQ_EXTENDED: @@ -290,7 +279,7 @@ replog1( case LDAP_REQ_MODIFY: fprintf( fp, "changetype: modify\n" ); - ml = first ? first : change; + ml = first ? first : op->oq_modify.rs_modlist; for ( ; ml != NULL; ml = ml->sml_next ) { char *type; if ( ri && ri->ri_attrs ) { @@ -321,9 +310,8 @@ replog1( break; case LDAP_REQ_ADD: - e = change; fprintf( fp, "changetype: add\n" ); - a = first ? first : e->e_attrs; + a = first ? first : op->oq_add.rs_e->e_attrs; for ( ; a != NULL; a=a->a_next ) { if ( ri && ri->ri_attrs ) { int is_in = ad_inlist( a->a_desc, ri->ri_attrs ); @@ -367,13 +355,11 @@ replog1( break; case LDAP_REQ_MODRDN: - moddn = change; fprintf( fp, "changetype: modrdn\n" ); - fprintf( fp, "newrdn: %s\n", moddn->newrdn->bv_val ); - fprintf( fp, "deleteoldrdn: %d\n", moddn->deloldrdn ? 1 : 0 ); - /* moddn->newsup is never NULL, see modrdn.c */ - if( moddn->newsup->bv_val != NULL ) { - fprintf( fp, "newsuperior: %s\n", moddn->newsup->bv_val ); + fprintf( fp, "newrdn: %s\n", op->oq_modrdn.rs_newrdn.bv_val ); + fprintf( fp, "deleteoldrdn: %d\n", op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 ); + if( op->oq_modrdn.rs_newSup != NULL ) { + fprintf( fp, "newsuperior: %s\n", op->oq_modrdn.rs_newSup->bv_val ); } } fprintf( fp, "\n" ); diff --git a/servers/slapd/result.c b/servers/slapd/result.c index 2e412aeb5f..c8fa71362e 100644 --- a/servers/slapd/result.c +++ b/servers/slapd/result.c @@ -220,19 +220,8 @@ send_ldap_controls( BerElement *ber, LDAPControl **c ) static void send_ldap_response( - Connection *conn, - Operation *op, - ber_tag_t tag, - ber_int_t msgid, - ber_int_t err, - const char *matched, - const char *text, - BerVarray ref, - const char *resoid, - struct berval *resdata, - struct berval *sasldata, - LDAPControl **ctrls -) + Operation *op, + SlapReply *rs ) { char berbuf[LBER_ELEMENT_SIZEOF]; BerElement *ber = (BerElement *)berbuf; @@ -240,88 +229,87 @@ send_ldap_response( long bytes; if (op->o_callback && op->o_callback->sc_response) { - op->o_callback->sc_response( conn, op, tag, msgid, err, matched, - text, ref, resoid, resdata, sasldata, ctrls ); + op->o_callback->sc_response( op, rs ); return; } #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp) + if (op->o_conn && op->o_conn->c_is_udp) ber = op->o_res_ber; else #endif - ber_init_w_nullc( ber, LBER_USE_DER ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "send_ldap_response: msgid=%d tag=%lu err=%d\n", - msgid, tag, err ); + rs->sr_msgid, rs->sr_tag, rs->sr_err ); #else Debug( LDAP_DEBUG_TRACE, "send_ldap_response: msgid=%d tag=%lu err=%d\n", - msgid, tag, err ); + rs->sr_msgid, rs->sr_tag, rs->sr_err ); #endif - if( ref ) { + if( rs->sr_ref ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "send_ldap_response: conn %lu ref=\"%s\"\n", - conn ? conn->c_connid : 0, - ref[0].bv_val ? ref[0].bv_val : "NULL" , 0 ); + op->o_connid, + rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL" , 0 ); #else Debug( LDAP_DEBUG_ARGS, "send_ldap_response: ref=\"%s\"\n", - ref[0].bv_val ? ref[0].bv_val : "NULL", + rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL", NULL, NULL ); #endif } #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp && op->o_protocol == LDAP_VERSION2) { + if (op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2) { rc = ber_printf( ber, "t{ess" /*"}}"*/, - tag, err, - matched == NULL ? "" : matched, - text == NULL ? "" : text ); + rs->sr_tag, rs->sr_err, + rs->sr_matched == NULL ? "" : rs->sr_matched, + rs->sr_text == NULL ? "" : rs->sr_text ); } else #endif { rc = ber_printf( ber, "{it{ess" /*"}}"*/, - msgid, tag, err, - matched == NULL ? "" : matched, - text == NULL ? "" : text ); + rs->sr_msgid, rs->sr_tag, rs->sr_err, + rs->sr_matched == NULL ? "" : rs->sr_matched, + rs->sr_text == NULL ? "" : rs->sr_text ); } if( rc != -1 ) { - if ( ref != NULL ) { - assert( err == LDAP_REFERRAL ); + if ( rs->sr_ref != NULL ) { + assert( rs->sr_err == LDAP_REFERRAL ); rc = ber_printf( ber, "t{W}", - LDAP_TAG_REFERRAL, ref ); + LDAP_TAG_REFERRAL, rs->sr_ref ); } else { - assert( err != LDAP_REFERRAL ); + assert( rs->sr_err != LDAP_REFERRAL ); } } - if( rc != -1 && sasldata != NULL ) { + if( rc != -1 && rs->sr_type == REP_SASL && rs->sr_sasldata != NULL ) { rc = ber_printf( ber, "tO", - LDAP_TAG_SASL_RES_CREDS, sasldata ); - } - - if( rc != -1 && resoid != NULL ) { - rc = ber_printf( ber, "ts", - LDAP_TAG_EXOP_RES_OID, resoid ); + LDAP_TAG_SASL_RES_CREDS, rs->sr_sasldata ); } - if( rc != -1 && resdata != NULL ) { - rc = ber_printf( ber, "tO", - LDAP_TAG_EXOP_RES_VALUE, resdata ); + if( rc != -1 && rs->sr_type == REP_EXTENDED ) { + if ( rs->sr_rspoid != NULL ) { + rc = ber_printf( ber, "ts", + LDAP_TAG_EXOP_RES_OID, rs->sr_rspoid ); + } + if( rc != -1 && rs->sr_rspdata != NULL ) { + rc = ber_printf( ber, "tO", + LDAP_TAG_EXOP_RES_VALUE, rs->sr_rspdata ); + } } if( rc != -1 ) { rc = ber_printf( ber, /*"{"*/ "N}" ); } - if( rc != -1 && ctrls != NULL ) { - rc = send_ldap_controls( ber, ctrls ); + if( rc != -1 && rs->sr_ctrls != NULL ) { + rc = send_ldap_controls( ber, rs->sr_ctrls ); } if( rc != -1 ) { @@ -329,7 +317,7 @@ send_ldap_response( } #ifdef LDAP_CONNECTIONLESS - if( conn->c_is_udp && op->o_protocol == LDAP_VERSION2 && rc != -1 ) { + if( op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2 && rc != -1 ) { rc = ber_printf( ber, /*"{"*/ "N}" ); } #endif @@ -338,22 +326,22 @@ send_ldap_response( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "send_ldap_response: conn %lu ber_printf failed\n", - conn ? conn->c_connid : 0, 0, 0 ); + op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); return; } /* send BER */ - bytes = send_ldap_ber( conn, ber ); + bytes = send_ldap_ber( op->o_conn, ber ); #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); @@ -361,7 +349,7 @@ send_ldap_response( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "send_ldap_response: conn %lu ber write failed\n", - conn ? conn->c_connid : 0, 0, 0 ); + op->o_connid : 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "send_ldap_response: ber write failed\n", @@ -372,9 +360,9 @@ send_ldap_response( } #ifdef LDAP_SLAPI - slapi_pblock_set( op->o_pb, SLAPI_RESULT_CODE, (void *)err ); - slapi_pblock_set( op->o_pb, SLAPI_RESULT_MATCHED, ( matched != NULL ) ? (void *)ch_strdup( matched ) : NULL ); - slapi_pblock_set( op->o_pb, SLAPI_RESULT_TEXT, ( text != NULL ) ? (void *)ch_strdup( text ) : NULL ); + slapi_pblock_set( op->o_pb, SLAPI_RESULT_CODE, (void *)rs->sr_err ); + slapi_pblock_set( op->o_pb, SLAPI_RESULT_MATCHED, ( rs->sr_matched != NULL ) ? (void *)ch_strdup( rs->sr_matched ) : NULL ); + slapi_pblock_set( op->o_pb, SLAPI_RESULT_TEXT, ( rs->sr_text != NULL ) ? (void *)ch_strdup( rs->sr_text ) : NULL ); #endif /* LDAP_SLAPI */ ldap_pvt_thread_mutex_lock( &num_sent_mutex ); @@ -386,71 +374,54 @@ send_ldap_response( void -send_ldap_disconnect( - Connection *conn, - Operation *op, - ber_int_t err, - const char *text -) +send_ldap_disconnect( Operation *op, SlapReply *rs ) { - ber_tag_t tag; - ber_int_t msgid; - char *reqoid; - #define LDAP_UNSOLICITED_ERROR(e) \ ( (e) == LDAP_PROTOCOL_ERROR \ || (e) == LDAP_STRONG_AUTH_REQUIRED \ || (e) == LDAP_UNAVAILABLE ) - assert( LDAP_UNSOLICITED_ERROR( err ) ); + assert( LDAP_UNSOLICITED_ERROR( rs->sr_err ) ); + + rs->sr_type = REP_EXTENDED; #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "send_ldap_disconnect: conn %lu %d:%s\n", - conn ? conn->c_connid : 0, err, text ? text : "" ); + op->o_connid, rs->sr_err, rs->sr_text ? rs->sr_text : "" ); #else Debug( LDAP_DEBUG_TRACE, "send_ldap_disconnect %d:%s\n", - err, text ? text : "", NULL ); + rs->sr_err, rs->sr_text ? rs->sr_text : "", NULL ); #endif if ( op->o_protocol < LDAP_VERSION3 ) { - reqoid = NULL; - tag = req2res( op->o_tag ); - msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; + rs->sr_rspoid = NULL; + rs->sr_tag = req2res( op->o_tag ); + rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0; } else { - reqoid = LDAP_NOTICE_DISCONNECT; - tag = LDAP_RES_EXTENDED; - msgid = 0; + rs->sr_rspoid = LDAP_NOTICE_DISCONNECT; + rs->sr_tag = LDAP_RES_EXTENDED; + rs->sr_msgid = 0; } - send_ldap_response( conn, op, tag, msgid, - err, NULL, text, NULL, - reqoid, NULL, NULL, NULL ); + send_ldap_response( op, rs ); Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu DISCONNECT tag=%lu err=%d text=%s\n", - op->o_connid, op->o_opid, tag, err, text ? text : "" ); + op->o_connid, op->o_opid, rs->sr_tag, rs->sr_err, rs->sr_text ? rs->sr_text : "" ); } void -slap_send_ldap_result( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray ref, - LDAPControl **ctrls -) +slap_send_ldap_result( Operation *op, SlapReply *rs ) { - ber_tag_t tag; - ber_int_t msgid; char *tmp = NULL; + const char *otext = rs->sr_text; + BerVarray oref = rs->sr_ref; - assert( !LDAP_API_ERROR( err ) ); + assert( !LDAP_API_ERROR( rs->sr_err ) ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, @@ -465,257 +436,148 @@ slap_send_ldap_result( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n", - err, matched ? matched : "", text ? text : "" ); + rs->sr_err, rs->sr_matched ? rs->sr_matched : "", rs->sr_text ? rs->sr_text : "" ); #else Debug( LDAP_DEBUG_ARGS, "send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n", - err, matched ? matched : "", text ? text : "" ); + rs->sr_err, rs->sr_matched ? rs->sr_matched : "", rs->sr_text ? rs->sr_text : "" ); #endif - if( ref ) { + if( rs->sr_ref ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "send_ldap_result: referral=\"%s\"\n", - ref[0].bv_val ? ref[0].bv_val : "NULL", 0, 0 ); + rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL", 0, 0 ); #else Debug( LDAP_DEBUG_ARGS, "send_ldap_result: referral=\"%s\"\n", - ref[0].bv_val ? ref[0].bv_val : "NULL", + rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL", NULL, NULL ); #endif } - assert( err != LDAP_PARTIAL_RESULTS ); + assert( rs->sr_err != LDAP_PARTIAL_RESULTS ); - if ( err == LDAP_REFERRAL ) { + if ( rs->sr_err == LDAP_REFERRAL ) { #ifdef LDAP_CONTROL_X_DOMAIN_SCOPE if( op->o_domain_scope ) { - ref = NULL; + rs->sr_ref = NULL; } #endif - if( ref == NULL ) { - err = LDAP_NO_SUCH_OBJECT; + if( rs->sr_ref == NULL ) { + rs->sr_err = LDAP_NO_SUCH_OBJECT; } else if ( op->o_protocol < LDAP_VERSION3 ) { - err = LDAP_PARTIAL_RESULTS; + rs->sr_err = LDAP_PARTIAL_RESULTS; } } if ( op->o_protocol < LDAP_VERSION3 ) { - tmp = v2ref( ref, text ); - text = tmp; - ref = NULL; + tmp = v2ref( rs->sr_ref, rs->sr_text ); + rs->sr_text = tmp; + rs->sr_ref = NULL; } - tag = req2res( op->o_tag ); - msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; + rs->sr_tag = req2res( op->o_tag ); + rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0; - send_ldap_response( conn, op, tag, msgid, - err, matched, text, ref, - NULL, NULL, NULL, ctrls ); + send_ldap_response( op, rs ); - Statslog( LDAP_DEBUG_STATS, - "conn=%lu op=%lu RESULT tag=%lu err=%d text=%s\n", - op->o_connid, op->o_opid, tag, err, text ? text : "" ); + if ( rs->sr_type == REP_SRESULT ) { + char nbuf[64]; + snprintf( nbuf, sizeof nbuf, "%d nentries=%d", rs->sr_err, rs->sr_nentries ); + + Statslog( LDAP_DEBUG_STATS, + "conn=%lu op=%lu SEARCH RESULT tag=%lu err=%s text=%s\n", + op->o_connid, op->o_opid, rs->sr_tag, nbuf, rs->sr_text ? rs->sr_text : "" ); + } else { + Statslog( LDAP_DEBUG_STATS, + "conn=%lu op=%lu RESULT tag=%lu err=%d text=%s\n", + op->o_connid, op->o_opid, rs->sr_tag, rs->sr_err, rs->sr_text ? rs->sr_text : "" ); + } if( tmp != NULL ) { ch_free(tmp); } + rs->sr_text = otext; + rs->sr_ref = oref; } void -send_ldap_sasl( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray ref, - LDAPControl **ctrls, - struct berval *cred -) +send_ldap_sasl( Operation *op, SlapReply *rs ) { - ber_tag_t tag; - ber_int_t msgid; - + rs->sr_type = REP_SASL; #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "send_ldap_sasl: conn %lu err=%d len=%lu\n", - op->o_connid, err, cred ? cred->bv_len : -1 ); + op->o_connid, rs->sr_err, rs->sr_sasldata ? rs->sr_sasldata->bv_len : -1 ); #else Debug( LDAP_DEBUG_TRACE, "send_ldap_sasl: err=%d len=%ld\n", - err, cred ? (long) cred->bv_len : -1, NULL ); + rs->sr_err, rs->sr_sasldata ? (long) rs->sr_sasldata->bv_len : -1, NULL ); #endif + rs->sr_tag = req2res( op->o_tag ); + rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0; - tag = req2res( op->o_tag ); - msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; - - send_ldap_response( conn, op, tag, msgid, - err, matched, text, ref, - NULL, NULL, cred, ctrls ); + send_ldap_response( op, rs ); } void -slap_send_ldap_extended( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, - struct berval *rspdata, - LDAPControl **ctrls -) +slap_send_ldap_extended( Operation *op, SlapReply *rs ) { - ber_tag_t tag; - ber_int_t msgid; + rs->sr_type = REP_EXTENDED; #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "send_ldap_extended: err=%d oid=%s len=%ld\n", - err, rspoid ? rspoid : "", - rspdata != NULL ? rspdata->bv_len : 0 ); + rs->sr_err, rs->sr_rspoid ? rs->sr_rspoid : "", + rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 ); #else Debug( LDAP_DEBUG_TRACE, "send_ldap_extended: err=%d oid=%s len=%ld\n", - err, - rspoid ? rspoid : "", - rspdata != NULL ? rspdata->bv_len : 0 ); + rs->sr_err, + rs->sr_rspoid ? rs->sr_rspoid : "", + rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 ); #endif - tag = req2res( op->o_tag ); - msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; + rs->sr_tag = req2res( op->o_tag ); + rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0; - send_ldap_response( conn, op, tag, msgid, - err, matched, text, refs, - rspoid, rspdata, NULL, ctrls ); + send_ldap_response( op, rs ); } #ifdef LDAP_RES_INTERMEDIATE_RESP void -slap_send_ldap_intermediate_resp( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, - struct berval *rspdata, - LDAPControl **ctrls ) +slap_send_ldap_intermediate_resp( Operation *op, SlapReply *rs ) { - ber_tag_t tag; - ber_int_t msgid; + rs->sr_type = REP_EXTENDED; #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "send_ldap_intermediate: err=%d oid=%s len=%ld\n", - err, rspoid ? rspoid : "", - rspdata != NULL ? rspdata->bv_len : 0 ); + rs->sr_err, rs->sr_rspoid ? rs->sr_rspoid : "", + rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 ); #else Debug( LDAP_DEBUG_TRACE, "send_ldap_intermediate: err=%d oid=%s len=%ld\n", - err, - rspoid ? rspoid : "", - rspdata != NULL ? rspdata->bv_len : 0 ); -#endif - tag = LDAP_RES_INTERMEDIATE_RESP; - msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; - send_ldap_response( conn, op, tag, msgid, - err, matched, text, refs, - rspoid, rspdata, NULL, ctrls ); + rs->sr_err, + rs->sr_rspoid ? rs->sr_rspoid : "", + rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 ); +#endif + rs->sr_tag = LDAP_RES_INTERMEDIATE_RESP; + rs->sr_msgid = op->o_msgid; + send_ldap_response( op, rs ); } #endif void -slap_send_search_result( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - LDAPControl **ctrls, - int nentries -) +slap_send_search_result( Operation *op, SlapReply *rs ) { - ber_tag_t tag; - ber_int_t msgid; - char *tmp = NULL; - - assert( !LDAP_API_ERROR( err ) ); - - if (op->o_callback && op->o_callback->sc_sresult) { - op->o_callback->sc_sresult(conn, op, err, matched, text, refs, - ctrls, nentries); - return; - } - -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ENTRY, - "send_search_result: err=%d matched=\"%s\" text=\"%s\"\n", - err, matched ? matched : "", text ? text : "" ); -#else - Debug( LDAP_DEBUG_TRACE, - "send_search_result: err=%d matched=\"%s\" text=\"%s\"\n", - err, matched ? matched : "", text ? text : "" ); -#endif - - - assert( err != LDAP_PARTIAL_RESULTS ); - - if( op->o_protocol < LDAP_VERSION3 ) { - /* send references in search results */ - if( err == LDAP_REFERRAL ) { - err = LDAP_PARTIAL_RESULTS; - } - - tmp = v2ref( refs, text ); - text = tmp; - refs = NULL; - - } else { - /* don't send references in search results */ - assert( refs == NULL ); - refs = NULL; - - if( err == LDAP_REFERRAL ) { - err = LDAP_SUCCESS; - } - } - - tag = req2res( op->o_tag ); - msgid = (tag != LBER_SEQUENCE) ? op->o_msgid : 0; - - send_ldap_response( conn, op, tag, msgid, - err, matched, text, refs, - NULL, NULL, NULL, ctrls ); - - { - char nbuf[64]; - snprintf( nbuf, sizeof nbuf, "%d nentries=%d", err, nentries ); - - Statslog( LDAP_DEBUG_STATS, - "conn=%lu op=%lu SEARCH RESULT tag=%lu err=%s text=%s\n", - op->o_connid, op->o_opid, tag, nbuf, text ? text : "" ); - } - - if (tmp != NULL) { - ch_free(tmp); - } + rs->sr_type = REP_SRESULT; + slap_send_ldap_result( op, rs ); } int -slap_send_search_entry( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - AttributeName *attrs, - int attrsonly, - LDAPControl **ctrls -) +slap_send_search_entry( Operation *op, SlapReply *rs ) { char berbuf[LBER_ELEMENT_SIZEOF]; BerElement *ber = (BerElement *)berbuf; @@ -739,28 +601,27 @@ slap_send_search_entry( */ char **e_flags = NULL; + rs->sr_type = REP_SEARCH; if (op->o_callback && op->o_callback->sc_sendentry) { - return op->o_callback->sc_sendentry( be, conn, op, e, attrs, - attrsonly, ctrls ); + return op->o_callback->sc_sendentry( op, rs ); } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "send_search_entry: conn %lu dn=\"%s\"%s\n", - op->o_connid, e->e_dn, attrsonly ? " (attrsOnly)" : "" ); + op->o_connid, rs->sr_entry->e_name.bv_val, op->oq_search.rs_attrsonly ? " (attrsOnly)" : "" ); #else Debug( LDAP_DEBUG_TRACE, "=> send_search_entry: dn=\"%s\"%s\n", - e->e_dn, attrsonly ? " (attrsOnly)" : "", 0 ); + rs->sr_entry->e_name.bv_val, op->oq_search.rs_attrsonly ? " (attrsOnly)" : "", 0 ); #endif - if ( ! access_allowed( be, conn, op, e, - ad_entry, NULL, ACL_READ, NULL ) ) + if ( ! access_allowed( op, rs->sr_entry, ad_entry, NULL, ACL_READ, NULL ) ) { #ifdef NEW_LOGGING LDAP_LOG( ACL, INFO, "send_search_entry: conn %lu access to entry (%s) not allowed\n", - op->o_connid, e->e_dn, 0 ); + op->o_connid, rs->sr_entry->e_name.bv_val, 0 ); #else Debug( LDAP_DEBUG_ACL, "send_search_entry: access to entry not allowed\n", @@ -770,24 +631,24 @@ slap_send_search_entry( return( 1 ); } - edn = e->e_ndn; + edn = rs->sr_entry->e_nname.bv_val; #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp) + if (op->o_conn && op->o_conn->c_is_udp) ber = op->o_res_ber; else #endif ber_init_w_nullc( ber, LBER_USE_DER ); #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp && op->o_protocol == LDAP_VERSION2) { + if (op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2) { rc = ber_printf(ber, "t{O{" /*}}*/, - LDAP_RES_SEARCH_ENTRY, &e->e_name); + LDAP_RES_SEARCH_ENTRY, &rs->sr_entry->e_name); } else #endif { rc = ber_printf( ber, "{it{O{" /*}}}*/, op->o_msgid, - LDAP_RES_SEARCH_ENTRY, &e->e_name ); + LDAP_RES_SEARCH_ENTRY, &rs->sr_entry->e_name ); } if ( rc == -1 ) { @@ -800,21 +661,20 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encoding DN error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encoding DN error" ); goto error_return; } /* check for special all user attributes ("*") type */ - userattrs = ( attrs == NULL ) ? 1 - : an_find( attrs, &AllUser ); + userattrs = ( rs->sr_attrs == NULL ) ? 1 + : an_find( rs->sr_attrs, &AllUser ); /* check for special all operational attributes ("+") type */ - opattrs = ( attrs == NULL ) ? 0 - : an_find( attrs, &AllOper ); + opattrs = ( rs->sr_attrs == NULL ) ? 0 + : an_find( rs->sr_attrs, &AllOper ); /* create an array of arrays of flags. Each flag corresponds * to particular value of attribute and equals 1 if value matches @@ -824,7 +684,7 @@ slap_send_search_entry( int k = 0; size_t size; - for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) { + for ( a = rs->sr_entry->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) { for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ) k++; } @@ -836,53 +696,48 @@ slap_send_search_entry( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "send_search_entry: conn %lu SLAP_CALLOC failed\n", - conn ? conn->c_connid : 0, 0, 0 ); + op->o_connid : 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "send_search_entry: SLAP_CALLOC failed\n", 0, 0, 0 ); #endif ber_free( ber, 1 ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "memory error", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "out of memory" ); goto error_return; } a_flags = (char *)(e_flags + i); memset( a_flags, 0, k ); - for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) { + for ( a = rs->sr_entry->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) { for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ); e_flags[i] = a_flags; a_flags += j; } - rc = filter_matched_values(be, conn, op, e->e_attrs, &e_flags) ; + rc = filter_matched_values(op, rs->sr_entry->e_attrs, &e_flags) ; if ( rc == -1 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "send_search_entry: conn %lu matched values filtering failed\n", - conn ? conn->c_connid : 0, 0, 0 ); + op->o_connid : 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "matched values filtering failed\n", 0, 0, 0 ); #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free( ber, 1 ); - - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "matched values filtering error", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "matched values filtering error" ); goto error_return; } } } - for ( a = e->e_attrs, j = 0; a != NULL; a = a->a_next, j++ ) { + for ( a = rs->sr_entry->e_attrs, j = 0; a != NULL; a = a->a_next, j++ ) { AttributeDescription *desc = a->a_desc; - if ( attrs == NULL ) { + if ( rs->sr_attrs == NULL ) { /* all attrs request, skip operational attributes */ if( is_at_operational( desc->ad_type ) ) { continue; @@ -891,18 +746,18 @@ slap_send_search_entry( } else { /* specific attrs requested */ if ( is_at_operational( desc->ad_type ) ) { - if( !opattrs && !ad_inlist( desc, attrs ) ) { + if( !opattrs && !ad_inlist( desc, rs->sr_attrs ) ) { continue; } } else { - if (!userattrs && !ad_inlist( desc, attrs ) ) { + if (!userattrs && !ad_inlist( desc, rs->sr_attrs ) ) { continue; } } } - if ( ! access_allowed( be, conn, op, e, desc, NULL, + if ( ! access_allowed( op, rs->sr_entry, desc, NULL, ACL_READ, &acl_state ) ) { #ifdef NEW_LOGGING @@ -927,17 +782,16 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encoding description error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encoding description error"); goto error_return; } - if ( ! attrsonly ) { + if ( ! op->oq_search.rs_attrsonly ) { for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) { - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, rs->sr_entry, desc, &a->a_vals[i], ACL_READ, &acl_state ) ) { #ifdef NEW_LOGGING @@ -970,12 +824,10 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encoding values error", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encoding values error" ); goto error_return; } } @@ -991,18 +843,17 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encode end error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encode end error" ); goto error_return; } } /* eventually will loop through generated operational attributes */ /* only have subschemaSubentry implemented */ - aa = backend_operational( be, conn, op, e, attrs, opattrs ); + aa = backend_operational( op, rs, opattrs ); if ( aa != NULL && op->vrFilter != NULL ) { int k = 0; @@ -1027,18 +878,17 @@ slap_send_search_entry( "send_search_entry: conn %lu " "not enough memory " "for matched values filtering\n", - conn ? conn->c_connid : 0, 0, 0); + op->o_connid, 0, 0); #else Debug( LDAP_DEBUG_ANY, "send_search_entry: conn %lu " "not enough memory " "for matched values filtering\n", - conn ? conn->c_connid : 0, 0, 0 ); + op->o_connid, 0, 0 ); #endif ber_free( ber, 1 ); - send_ldap_result( conn, op, LDAP_NO_MEMORY, - NULL, NULL, NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "not enough memory for matched values filtering" ); goto error_return; } e_flags = tmp; @@ -1049,26 +899,24 @@ slap_send_search_entry( e_flags[i] = a_flags; a_flags += j; } - rc = filter_matched_values(be, conn, op, aa, &e_flags) ; + rc = filter_matched_values(op, aa, &e_flags) ; if ( rc == -1 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "send_search_entry: conn %lu " "matched values filtering failed\n", - conn ? conn->c_connid : 0, 0, 0); + op->o_connid : 0, 0, 0); #else Debug( LDAP_DEBUG_ANY, "matched values filtering failed\n", 0, 0, 0 ); #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free( ber, 1 ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "matched values filtering error", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "matched values filtering error" ); goto error_return; } } @@ -1077,7 +925,7 @@ slap_send_search_entry( for (a = aa, j=0; a != NULL; a = a->a_next, j++ ) { AttributeDescription *desc = a->a_desc; - if ( attrs == NULL ) { + if ( rs->sr_attrs == NULL ) { /* all attrs request, skip operational attributes */ if( is_at_operational( desc->ad_type ) ) { continue; @@ -1086,18 +934,18 @@ slap_send_search_entry( } else { /* specific attrs requested */ if( is_at_operational( desc->ad_type ) ) { - if( !opattrs && !ad_inlist( desc, attrs ) ) { + if( !opattrs && !ad_inlist( desc, rs->sr_attrs ) ) { continue; } } else { - if (!userattrs && !ad_inlist( desc, attrs ) ) + if (!userattrs && !ad_inlist( desc, rs->sr_attrs ) ) { continue; } } } - if ( ! access_allowed( be, conn, op, e, desc, NULL, + if ( ! access_allowed( op, rs->sr_entry, desc, NULL, ACL_READ, &acl_state ) ) { #ifdef NEW_LOGGING @@ -1106,7 +954,7 @@ slap_send_search_entry( "access to attribute %s not allowed\n", op->o_connid, desc->ad_cname.bv_val, 0 ); #else - Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s " + Debug( LDAP_DEBUG_ACL, "send_search_entry: access to attribute %s " "not allowed\n", desc->ad_cname.bv_val, 0, 0 ); #endif @@ -1125,19 +973,18 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encoding description error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encoding description error" ); attrs_free( aa ); goto error_return; } - if ( ! attrsonly ) { + if ( ! op->oq_search.rs_attrsonly ) { for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) { - if ( ! access_allowed( be, conn, op, e, + if ( ! access_allowed( op, rs->sr_entry, desc, &a->a_vals[i], ACL_READ, &acl_state ) ) { #ifdef NEW_LOGGING @@ -1147,7 +994,7 @@ slap_send_search_entry( op->o_connid, desc->ad_cname.bv_val, i ); #else Debug( LDAP_DEBUG_ACL, - "acl: access to attribute %s, " + "send_search_entry: access to attribute %s, " "value %d not allowed\n", desc->ad_cname.bv_val, i, 0 ); #endif @@ -1170,13 +1017,10 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encoding values error", - NULL, NULL ); - + send_ldap_error( op, rs, LDAP_OTHER, "encoding values error" ); attrs_free( aa ); goto error_return; } @@ -1193,11 +1037,10 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encode end error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encode end error" ); attrs_free( aa ); goto error_return; @@ -1210,8 +1053,8 @@ slap_send_search_entry( * passed to all plugins. */ ctx.cac_pb = op->o_pb; - ctx.cac_attrs = attrs; - ctx.cac_attrsonly = attrsonly; + ctx.cac_attrs = rs->sr_attrs; + ctx.cac_attrsonly = op->oq_search.rs_attrsonly; ctx.cac_userattrs = userattrs; ctx.cac_opattrs = opattrs; ctx.cac_acl_state = acl_state; @@ -1220,9 +1063,9 @@ slap_send_search_entry( /* * For each client requested attribute, call the plugins. */ - if ( attrs != NULL ) { - for ( anp = attrs; anp->an_name.bv_val != NULL; anp++ ) { - rc = compute_evaluator( &ctx, anp->an_name.bv_val, e, slapi_x_compute_output_ber ); + if ( rs->sr_attrs != NULL ) { + for ( anp = rs->sr_attrs; anp->an_name.bv_val != NULL; anp++ ) { + rc = compute_evaluator( &ctx, anp->an_name.bv_val, rs->sr_entry, slapi_x_compute_output_ber ); if ( rc == 1 ) { break; } @@ -1233,12 +1076,11 @@ slap_send_search_entry( * when the user requested only user attributes. We'll let the * plugin decide whether to be naughty or not. */ - rc = compute_evaluator( &ctx, "*", e, slapi_x_compute_output_ber ); + rc = compute_evaluator( &ctx, "*", rs->sr_entry, slapi_x_compute_output_ber ); } if ( rc == 1 ) { ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "computed attribute error", NULL, NULL ); + send_ldap_error( op, LDAP_OTHER, "computed attribute error" ); goto error_return; } #endif /* LDAP_SLAPI */ @@ -1252,12 +1094,12 @@ slap_send_search_entry( attrs_free( aa ); rc = ber_printf( ber, /*{{*/ "}N}" ); - if( rc != -1 && ctrls != NULL ) { - rc = send_ldap_controls( ber, ctrls ); + if( rc != -1 && rs->sr_ctrls != NULL ) { + rc = send_ldap_controls( ber, rs->sr_ctrls ); } #ifdef LDAP_CONNECTIONLESS - if( conn->c_is_udp && op->o_protocol == LDAP_VERSION2 ) { + if( op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2 ) { ; /* empty, skip following if */ } else #endif @@ -1275,18 +1117,17 @@ slap_send_search_entry( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encode entry end error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encode entry end error" ); return( 1 ); } #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) { + if (!op->o_conn || op->o_conn->c_is_udp == 0) { #endif - bytes = op->o_noop ? 0 : send_ldap_ber( conn, ber ); + bytes = op->o_noop ? 0 : send_ldap_ber( op->o_conn, ber ); ber_free_buf( ber ); if ( bytes < 0 ) { @@ -1314,7 +1155,7 @@ slap_send_search_entry( #endif Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu ENTRY dn=\"%s\"\n", - conn->c_connid, op->o_opid, e->e_dn, 0, 0 ); + op->o_connid, op->o_opid, rs->sr_entry->e_dn, 0, 0 ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, @@ -1331,15 +1172,7 @@ error_return:; } int -slap_send_search_reference( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - BerVarray refs, - LDAPControl **ctrls, - BerVarray *v2refs -) +slap_send_search_reference( Operation *op, SlapReply *rs ) { char berbuf[LBER_ELEMENT_SIZEOF]; BerElement *ber = (BerElement *)berbuf; @@ -1349,28 +1182,29 @@ slap_send_search_reference( AttributeDescription *ad_ref = slap_schema.si_ad_ref; AttributeDescription *ad_entry = slap_schema.si_ad_entry; + rs->sr_type = REP_SEARCHREF; if (op->o_callback && op->o_callback->sc_sendreference) { - return op->o_callback->sc_sendreference( be, conn, op, e, refs, ctrls, v2refs ); + return op->o_callback->sc_sendreference( op, rs ); } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, "send_search_reference: conn %lu dn=\"%s\"\n", - op->o_connid, e ? e->e_dn : "(null)", 0 ); + op->o_connid, rs->sr_entry ? rs->sr_entry->e_name.bv_val : "(null)", 0 ); #else Debug( LDAP_DEBUG_TRACE, "=> send_search_reference: dn=\"%s\"\n", - e ? e->e_dn : "(null)", 0, 0 ); + rs->sr_entry ? rs->sr_entry->e_name.bv_val : "(null)", 0, 0 ); #endif - if ( e && ! access_allowed( be, conn, op, e, + if ( rs->sr_entry && ! access_allowed( op, rs->sr_entry, ad_entry, NULL, ACL_READ, NULL ) ) { #ifdef NEW_LOGGING LDAP_LOG( ACL, INFO, "send_search_reference: conn %lu " "access to entry %s not allowed\n", - op->o_connid, e->e_dn, 0 ); + op->o_connid, rs->sr_entry->e_dn, 0 ); #else Debug( LDAP_DEBUG_ACL, "send_search_reference: access to entry not allowed\n", @@ -1380,7 +1214,7 @@ slap_send_search_reference( return( 1 ); } - if ( e && ! access_allowed( be, conn, op, e, + if ( rs->sr_entry && ! access_allowed( op, rs->sr_entry, ad_ref, NULL, ACL_READ, NULL ) ) { #ifdef NEW_LOGGING @@ -1402,26 +1236,26 @@ slap_send_search_reference( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "send_search_reference: conn %lu domainScope control in (%s).\n", - op->o_connid, e->e_dn, 0 ); + op->o_connid, rs->sr_entry->e_dn, 0 ); #else Debug( LDAP_DEBUG_ANY, "send_search_reference: domainScope control in (%s)\n", - e->e_dn, 0, 0 ); + rs->sr_entry->e_dn, 0, 0 ); #endif return( 0 ); } #endif - if( refs == NULL ) { + if( rs->sr_ref == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "send_search_reference: conn %lu null ref in (%s).\n", - op->o_connid, e ? e->e_dn : "(null)", 0 ); + op->o_connid, rs->sr_entry ? rs->sr_entry->e_dn : "(null)", 0 ); #else Debug( LDAP_DEBUG_ANY, "send_search_reference: null ref in (%s)\n", - e ? e->e_dn : "(null)", 0, 0 ); + rs->sr_entry ? rs->sr_entry->e_dn : "(null)", 0, 0 ); #endif return( 1 ); @@ -1429,30 +1263,29 @@ slap_send_search_reference( if( op->o_protocol < LDAP_VERSION3 ) { /* save the references for the result */ - if( refs[0].bv_val != NULL ) { - if( value_add( v2refs, refs ) ) + if( rs->sr_ref[0].bv_val != NULL ) { + if( value_add( &rs->sr_v2ref, rs->sr_ref ) ) return LDAP_OTHER; } return 0; } #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp) + if (op->o_conn && op->o_conn->c_is_udp) ber = op->o_res_ber; else #endif ber_init_w_nullc( ber, LBER_USE_DER ); rc = ber_printf( ber, "{it{W}" /*"}"*/ , op->o_msgid, - LDAP_RES_SEARCH_REFERENCE, refs ); + LDAP_RES_SEARCH_REFERENCE, rs->sr_ref ); - if( rc != -1 && ctrls != NULL ) { - rc = send_ldap_controls( ber, ctrls ); + if( rc != -1 && rs->sr_ctrls != NULL ) { + rc = send_ldap_controls( ber, rs->sr_ctrls ); } if( rc != -1 ) { - rc = ber_printf( ber, /*"{"*/ "N}", op->o_msgid, - LDAP_RES_SEARCH_REFERENCE, refs ); + rc = ber_printf( ber, /*"{"*/ "N}" ); } if ( rc == -1 ) { @@ -1466,18 +1299,17 @@ slap_send_search_reference( #endif #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) + if (!op->o_conn || op->o_conn->c_is_udp == 0) #endif ber_free_buf( ber ); - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "encode DN error", NULL, NULL ); + send_ldap_error( op, rs, LDAP_OTHER, "encode DN error" ); return -1; } #ifdef LDAP_CONNECTIONLESS - if (conn->c_is_udp == 0) { + if (!op->o_conn || op->o_conn->c_is_udp == 0) { #endif - bytes = op->o_noop ? 0 : send_ldap_ber( conn, ber ); + bytes = op->o_noop ? 0 : send_ldap_ber( op->o_conn, ber ); ber_free_buf( ber ); ldap_pvt_thread_mutex_lock( &num_sent_mutex ); @@ -1490,7 +1322,7 @@ slap_send_search_reference( #endif Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu REF dn=\"%s\"\n", - conn->c_connid, op->o_opid, e ? e->e_dn : "(null)", 0, 0 ); + op->o_connid, op->o_opid, rs->sr_entry ? rs->sr_entry->e_dn : "(null)", 0, 0 ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, @@ -1502,7 +1334,6 @@ slap_send_search_reference( return 0; } - int str2result( char *s, diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 5fee9f72f4..cd55885794 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -305,15 +305,10 @@ typedef struct lookup_info { sasl_server_params_t *sparams; } lookup_info; +static slap_sendentry sasl_ap_lookup, sasl_cb_checkpass; + static int -sasl_ap_lookup( - BackendDB *be, - Connection *conn, - Operation *op, - Entry *e, - AttributeName *an, - int attrsonly, - LDAPControl **ctrls ) +sasl_ap_lookup( Operation *op, SlapReply *rs ) { BerVarray bv; AttributeDescription *ad; @@ -347,9 +342,9 @@ sasl_ap_lookup( #endif continue; } - a = attr_find( e->e_attrs, ad ); + a = attr_find( rs->sr_entry->e_attrs, ad ); if ( !a ) continue; - if ( ! access_allowed( be, conn, op, e, ad, NULL, ACL_AUTH, NULL ) ) { + if ( ! access_allowed( op, rs->sr_entry, ad, NULL, ACL_AUTH, NULL ) ) { continue; } if ( sl->list[i].values && ( sl->flags & SASL_AUXPROP_OVERRIDE ) ) { @@ -372,8 +367,8 @@ slap_auxprop_lookup( const char *user, unsigned ulen) { + Operation op = {0}; int rc, i, doit=0; - struct berval dn; Connection *conn = NULL; lookup_info sl; @@ -393,14 +388,14 @@ slap_auxprop_lookup( !strcmp( sl.list[i].name, slap_propnames[PROP_AUTHZ] ) ) { if ( sl.list[i].values && sl.list[i].values[0] ) - AC_MEMCPY( &dn, sl.list[i].values[0], sizeof( dn ) ); + AC_MEMCPY( &op.o_req_ndn, sl.list[i].values[0], sizeof( struct berval ) ); if ( !sl.last ) sl.last = i; break; } if ( !strcmp( sl.list[i].name, slap_propnames[PROP_AUTHC] ) ) { if ( !sl.last ) sl.last = i; if ( sl.list[i].values && sl.list[i].values[0] ) { - AC_MEMCPY( &dn, sl.list[i].values[0], sizeof( dn ) ); + AC_MEMCPY( &op.o_req_ndn, sl.list[i].values[0], sizeof( struct berval ) ); if ( !(flags & SASL_AUXPROP_AUTHZID) ) break; } @@ -425,16 +420,15 @@ slap_auxprop_lookup( } if (doit) { - Backend *be; - Operation op = {0}; slap_callback cb = { slap_cb_null_response, slap_cb_null_sresult, sasl_ap_lookup, slap_cb_null_sreference, NULL }; cb.sc_private = &sl; - be = select_backend( &dn, 0, 1 ); + op.o_bd = select_backend( &op.o_req_ndn, 0, 1 ); - if ( be && be->be_search ) { + if ( op.o_bd && op.o_bd->be_search ) { + SlapReply rs = {REP_RESULT}; op.o_tag = LDAP_REQ_SEARCH; op.o_protocol = LDAP_VERSION3; op.o_ndn = conn->c_ndn; @@ -443,10 +437,14 @@ slap_auxprop_lookup( op.o_do_not_cache = 1; op.o_is_auth_check = 1; op.o_threadctx = conn->c_sasl_bindop->o_threadctx; - - (*be->be_search)( be, conn, &op, NULL, &dn, - LDAP_SCOPE_BASE, LDAP_DEREF_NEVER, 1, 0, - generic_filter, NULL, NULL, 0 ); + op.o_conn = conn; + op.o_connid = conn->c_connid; + op.oq_search.rs_scope = LDAP_SCOPE_BASE; + op.oq_search.rs_deref = LDAP_DEREF_NEVER; + op.oq_search.rs_slimit = 1; + op.oq_search.rs_filter = generic_filter; + + op.o_bd->be_search( &op, &rs ); } } } @@ -484,14 +482,7 @@ typedef struct checkpass_info { } checkpass_info; static int -sasl_cb_checkpass( - BackendDB *be, - Connection *conn, - Operation *op, - Entry *e, - AttributeName *an, - int attrsonly, - LDAPControl **ctrls ) +sasl_cb_checkpass( Operation *op, SlapReply *rs ) { slap_callback *tmp = op->o_callback; checkpass_info *ci = tmp->sc_private; @@ -500,9 +491,9 @@ sasl_cb_checkpass( ci->rc = SASL_NOVERIFY; - a = attr_find( e->e_attrs, slap_schema.si_ad_userPassword ); + a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_userPassword ); if ( !a ) return 0; - if ( ! access_allowed( be, conn, op, e, slap_schema.si_ad_userPassword, + if ( ! access_allowed( op, rs->sr_entry, slap_schema.si_ad_userPassword, NULL, ACL_AUTH, NULL ) ) return 0; for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) { @@ -524,9 +515,8 @@ slap_sasl_checkpass( struct propctx *propctx) { Connection *conn = (Connection *)context; - struct berval dn; + Operation op = {0}; int rc; - Backend *be; checkpass_info ci; ci.rc = SASL_NOUSER; @@ -535,27 +525,27 @@ slap_sasl_checkpass( * find an answer here. */ - rc = slap_sasl_getdn( conn, (char *)username, 0, NULL, &dn, + rc = slap_sasl_getdn( conn, (char *)username, 0, NULL, &op.o_req_ndn, SLAP_GETDN_AUTHCID ); if ( rc != LDAP_SUCCESS ) { sasl_seterror( sconn, 0, ldap_err2string( rc ) ); return SASL_NOUSER; } - if ( dn.bv_len == 0 ) { + if ( op.o_req_ndn.bv_len == 0 ) { sasl_seterror( sconn, 0, "No password is associated with the Root DSE" ); - if ( dn.bv_val != NULL ) { - ch_free( dn.bv_val ); + if ( op.o_req_ndn.bv_val != NULL ) { + ch_free( op.o_req_ndn.bv_val ); } return SASL_NOUSER; } - be = select_backend( &dn, 0, 1 ); - if ( be && be->be_search ) { - Operation op = {0}; + op.o_bd = select_backend( &op.o_req_ndn, 0, 1 ); + if ( op.o_bd && op.o_bd->be_search ) { slap_callback cb = { slap_cb_null_response, slap_cb_null_sresult, sasl_cb_checkpass, slap_cb_null_sreference, NULL }; + SlapReply rs = {REP_RESULT}; ci.cred.bv_val = (char *)pass; ci.cred.bv_len = passlen; @@ -569,17 +559,21 @@ slap_sasl_checkpass( op.o_do_not_cache = 1; op.o_is_auth_check = 1; op.o_threadctx = conn->c_sasl_bindop->o_threadctx; - - (*be->be_search)( be, conn, &op, NULL, &dn, - LDAP_SCOPE_BASE, LDAP_DEREF_NEVER, 1, 0, - generic_filter, NULL, NULL, 0 ); + op.o_conn = conn; + op.o_connid = conn->c_connid; + op.oq_search.rs_scope = LDAP_SCOPE_BASE; + op.oq_search.rs_deref = LDAP_DEREF_NEVER; + op.oq_search.rs_slimit = 1; + op.oq_search.rs_filter = generic_filter; + + op.o_bd->be_search( &op, &rs ); } if ( ci.rc != SASL_OK ) { sasl_seterror( sconn, 0, ldap_err2string( LDAP_INVALID_CREDENTIALS ) ); } - ch_free( dn.bv_val ); + ch_free( op.o_req_ndn.bv_val ); return ci.rc; } @@ -1304,44 +1298,35 @@ int slap_sasl_close( Connection *conn ) return LDAP_SUCCESS; } -int slap_sasl_bind( - Connection *conn, - Operation *op, - struct berval *dn, - struct berval *ndn, - struct berval *cred, - struct berval *edn, - slap_ssf_t *ssfp ) +int slap_sasl_bind( Operation *op, SlapReply *rs ) { - int rc = 1; - #ifdef HAVE_CYRUS_SASL - sasl_conn_t *ctx = conn->c_sasl_context; + sasl_conn_t *ctx = op->o_conn->c_sasl_context; struct berval response; unsigned reslen = 0; - const char *errstr = NULL; int sc; #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, "sasl_bind: dn=\"%s\" mech=%s datalen=%ld\n", - dn->bv_len ? dn->bv_val : "", - conn->c_sasl_bind_in_progress ? "" : - conn->c_sasl_bind_mech.bv_val, - cred ? cred->bv_len : 0 ); + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", + op->o_conn->c_sasl_bind_in_progress ? "" : + op->o_conn->c_sasl_bind_mech.bv_val, + op->oq_bind.rb_cred.bv_len ); #else Debug(LDAP_DEBUG_ARGS, "==> sasl_bind: dn=\"%s\" mech=%s datalen=%ld\n", - dn->bv_len ? dn->bv_val : "", - conn->c_sasl_bind_in_progress ? "":conn->c_sasl_bind_mech.bv_val, - cred ? cred->bv_len : 0 ); + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", + op->o_conn->c_sasl_bind_in_progress ? "" : + op->o_conn->c_sasl_bind_mech.bv_val, + op->oq_bind.rb_cred.bv_len ); #endif if( ctx == NULL ) { - send_ldap_result( conn, op, LDAP_UNAVAILABLE, - NULL, "SASL unavailable on this session", NULL, NULL ); - return rc; + send_ldap_error( op, rs, LDAP_UNAVAILABLE, + "SASL unavailable on this session" ); + return rs->sr_err; } #if SASL_VERSION_MAJOR >= 2 @@ -1356,16 +1341,16 @@ int slap_sasl_bind( sasl_server_step( ctx, cred, clen, resp, rlen, err ) #endif - if ( !conn->c_sasl_bind_in_progress ) { + if ( !op->o_conn->c_sasl_bind_in_progress ) { sc = START( ctx, - conn->c_sasl_bind_mech.bv_val, - cred->bv_val, cred->bv_len, - (SASL_CONST char **)&response.bv_val, &reslen, &errstr ); + op->o_conn->c_sasl_bind_mech.bv_val, + op->oq_bind.rb_cred.bv_val, op->oq_bind.rb_cred.bv_len, + (SASL_CONST char **)&response.bv_val, &reslen, &rs->sr_text ); } else { sc = STEP( ctx, - cred->bv_val, cred->bv_len, - (SASL_CONST char **)&response.bv_val, &reslen, &errstr ); + op->oq_bind.rb_cred.bv_val, op->oq_bind.rb_cred.bv_len, + (SASL_CONST char **)&response.bv_val, &reslen, &rs->sr_text ); } response.bv_len = reslen; @@ -1373,35 +1358,35 @@ int slap_sasl_bind( if ( sc == SASL_OK ) { sasl_ssf_t *ssf = NULL; - *edn = conn->c_sasl_dn; - conn->c_sasl_dn.bv_val = NULL; - conn->c_sasl_dn.bv_len = 0; + op->oq_bind.rb_edn = op->o_conn->c_sasl_dn; + op->o_conn->c_sasl_dn.bv_val = NULL; + op->o_conn->c_sasl_dn.bv_len = 0; - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; (void) sasl_getprop( ctx, SASL_SSF, (void *)&ssf ); - *ssfp = ssf ? *ssf : 0; + op->oq_bind.rb_ssf = ssf ? *ssf : 0; - if( *ssfp ) { - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - conn->c_sasl_layers++; - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + if( op->oq_bind.rb_ssf ) { + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); + op->o_conn->c_sasl_layers++; + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); } - send_ldap_sasl( conn, op, rc, - NULL, NULL, NULL, NULL, - response.bv_len ? &response : NULL ); + if (response.bv_len) rs->sr_sasldata = &response; + send_ldap_sasl( op, rs ); } else if ( sc == SASL_CONTINUE ) { - send_ldap_sasl( conn, op, rc = LDAP_SASL_BIND_IN_PROGRESS, - NULL, NULL, NULL, NULL, &response ); + rs->sr_err = LDAP_SASL_BIND_IN_PROGRESS, + rs->sr_sasldata = &response; + send_ldap_sasl( op, rs ); } else { #if SASL_VERSION_MAJOR >= 2 - errstr = sasl_errdetail( ctx ); + rs->sr_text = sasl_errdetail( ctx ); #endif - send_ldap_result( conn, op, rc = slap_sasl_err2ldap( sc ), - NULL, errstr, NULL, NULL ); + rs->sr_err = slap_sasl_err2ldap( sc ), + send_ldap_result( op, rs ); } #if SASL_VERSION_MAJOR < 2 @@ -1411,18 +1396,18 @@ int slap_sasl_bind( #endif #ifdef NEW_LOGGING - LDAP_LOG( TRANSPORT, RESULTS, "slap_sasl_bind: rc=%d\n", rc, 0, 0 ); + LDAP_LOG( TRANSPORT, RESULTS, "slap_sasl_bind: rc=%d\n", rs->sr_err, 0, 0 ); #else - Debug(LDAP_DEBUG_TRACE, "<== slap_sasl_bind: rc=%d\n", rc, 0, 0); + Debug(LDAP_DEBUG_TRACE, "<== slap_sasl_bind: rc=%d\n", rs->sr_err, 0, 0); #endif #else - send_ldap_result( conn, op, rc = LDAP_UNAVAILABLE, - NULL, "SASL not supported", NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNAVAILABLE, + "SASL not supported" ); #endif - return rc; + return rs->sr_err; } char* slap_sasl_secprops( const char *in ) @@ -1438,30 +1423,20 @@ char* slap_sasl_secprops( const char *in ) #ifdef HAVE_CYRUS_SASL int -slap_sasl_setpass( - Connection *conn, - Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char **text ) +slap_sasl_setpass( Operation *op, SlapReply *rs ) { - int rc; struct berval id = { 0, NULL }; /* needs to come from connection */ struct berval new = { 0, NULL }; struct berval old = { 0, NULL }; - assert( reqoid != NULL ); - assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, reqoid ) == 0 ); + assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 ); - rc = sasl_getprop( conn->c_sasl_context, SASL_USERNAME, + rs->sr_err = sasl_getprop( op->o_conn->c_sasl_context, SASL_USERNAME, (SASL_CONST void **)&id.bv_val ); - if( rc != SASL_OK ) { - *text = "unable to retrieve SASL username"; - rc = LDAP_OTHER; + if( rs->sr_err != SASL_OK ) { + rs->sr_text = "unable to retrieve SASL username"; + rs->sr_err = LDAP_OTHER; goto done; } @@ -1474,10 +1449,10 @@ slap_sasl_setpass( id.bv_val ? id.bv_val : "", 0, 0 ); #endif - rc = slap_passwd_parse( reqdata, - NULL, &old, &new, text ); + rs->sr_err = slap_passwd_parse( op->oq_extended.rs_reqdata, + NULL, &old, &new, &rs->sr_text ); - if( rc != LDAP_SUCCESS ) { + if( rs->sr_err != LDAP_SUCCESS ) { goto done; } @@ -1485,27 +1460,27 @@ slap_sasl_setpass( slap_passwd_generate(&new); if( new.bv_len == 0 ) { - *text = "password generation failed."; - rc = LDAP_OTHER; + rs->sr_text = "password generation failed."; + rs->sr_err = LDAP_OTHER; goto done; } - *rspdata = slap_passwd_return( &new ); + rs->sr_rspdata = slap_passwd_return( &new ); } #if SASL_VERSION_MAJOR < 2 - rc = sasl_setpass( conn->c_sasl_context, - id.bv_val, new.bv_val, new.bv_len, 0, text ); + rs->sr_err = sasl_setpass( op->o_conn->c_sasl_context, + id.bv_val, new.bv_val, new.bv_len, 0, &rs->sr_text ); #else - rc = sasl_setpass( conn->c_sasl_context, id.bv_val, + rs->sr_err = sasl_setpass( op->o_conn->c_sasl_context, id.bv_val, new.bv_val, new.bv_len, old.bv_val, old.bv_len, 0 ); - if( rc != SASL_OK ) { - *text = sasl_errdetail( conn->c_sasl_context ); + if( rs->sr_err != SASL_OK ) { + rs->sr_text = sasl_errdetail( op->o_conn->c_sasl_context ); } #endif - switch(rc) { + switch(rs->sr_err) { case SASL_OK: - rc = LDAP_SUCCESS; + rs->sr_err = LDAP_SUCCESS; break; case SASL_NOCHANGE: @@ -1515,11 +1490,11 @@ slap_sasl_setpass( case SASL_FAIL: case SASL_BADPARAM: default: - rc = LDAP_OTHER; + rs->sr_err = LDAP_OTHER; } done: - return rc; + return rs->sr_err; } #endif /* HAVE_CYRUS_SASL */ diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index 775979bf1d..dd288d8429 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -328,28 +328,21 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out ) } /* Two empty callback functions to avoid sending results */ -void slap_cb_null_response( Connection *conn, Operation *o, ber_tag_t tag, - ber_int_t msgid, ber_int_t err, const char *matched, - const char *text, BerVarray ref, const char *resoid, - struct berval *resdata, struct berval *sasldata, LDAPControl **c) +void slap_cb_null_response( Operation *o, SlapReply *rs ) { } -void slap_cb_null_sresult( Connection *conn, Operation *o, ber_int_t err, - const char *matched, const char *text, BerVarray refs, LDAPControl **c, - int nentries) +void slap_cb_null_sresult( Operation *o, SlapReply *rs ) { } -int slap_cb_null_sreference( BackendDB *db, Connection *conn, Operation *o, - Entry *e, BerVarray r, LDAPControl **c, BerVarray *v2) +int slap_cb_null_sreference( Operation *o, SlapReply *rs ) { return 0; } /* This callback actually does some work...*/ -static int sasl_sc_sasl2dn( BackendDB *be, Connection *conn, Operation *o, - Entry *e, AttributeName *an, int ao, LDAPControl **c) +static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs ) { struct berval *ndn = o->o_callback->sc_private; @@ -368,7 +361,7 @@ static int sasl_sc_sasl2dn( BackendDB *be, Connection *conn, Operation *o, return -1; } - ber_dupbv(ndn, &e->e_nname); + ber_dupbv(ndn, &rs->sr_entry->e_nname); return 0; } @@ -378,12 +371,11 @@ typedef struct smatch_info { int match; } smatch_info; -static int sasl_sc_smatch( BackendDB *be, Connection *conn, Operation *o, - Entry *e, AttributeName *an, int ao, LDAPControl **c) +static int sasl_sc_smatch( Operation *o, SlapReply *rs ) { smatch_info *sm = o->o_callback->sc_private; - if (dn_match(sm->dn, &e->e_nname)) { + if (dn_match(sm->dn, &rs->sr_entry->e_nname)) { sm->match = 1; return -1; /* short-circuit the search */ } @@ -403,19 +395,17 @@ static int sasl_sc_smatch( BackendDB *be, Connection *conn, Operation *o, static int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assertDN, struct berval *authc ) { - struct berval searchbase = {0, NULL}; - int rc, scope; - Backend *be; - Filter *filter=NULL; + int rc; regex_t reg; smatch_info sm; slap_callback cb = { slap_cb_null_response, slap_cb_null_sresult, sasl_sc_smatch, - NULL + slap_cb_null_sreference }; Operation op = {0}; + SlapReply rs = {REP_RESULT}; #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, @@ -427,12 +417,12 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert assertDN->bv_val, rule->bv_val, 0 ); #endif - rc = slap_parseURI( rule, &searchbase, &scope, &filter ); + rc = slap_parseURI( rule, &op.o_req_ndn, &op.oq_search.rs_scope, &op.oq_search.rs_filter ); if( rc != LDAP_SUCCESS ) goto CONCLUDED; /* Massive shortcut: search scope == base */ - if( scope == LDAP_SCOPE_BASE ) { - rc = regcomp(®, searchbase.bv_val, + if( op.oq_search.rs_scope == LDAP_SCOPE_BASE ) { + rc = regcomp(®, op.o_req_ndn.bv_val, REG_EXTENDED|REG_ICASE|REG_NOSUB); if ( rc == 0 ) { rc = regexec(®, assertDN->bv_val, 0, NULL, 0); @@ -451,15 +441,15 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, DETAIL1, "slap_sasl_match: performing internal search (base=%s, scope=%d)\n", - searchbase.bv_val, scope,0 ); + op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 ); #else Debug( LDAP_DEBUG_TRACE, "slap_sasl_match: performing internal search (base=%s, scope=%d)\n", - searchbase.bv_val, scope, 0 ); + op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 ); #endif - be = select_backend( &searchbase, 0, 1 ); - if(( be == NULL ) || ( be->be_search == NULL)) { + op.o_bd = select_backend( &op.o_req_ndn, 0, 1 ); + if(( op.o_bd == NULL ) || ( op.o_bd->be_search == NULL)) { rc = LDAP_INAPPROPRIATE_AUTH; goto CONCLUDED; } @@ -476,10 +466,10 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert op.o_do_not_cache = 1; op.o_is_auth_check = 1; op.o_threadctx = conn->c_sasl_bindop->o_threadctx; + op.o_conn = conn; + op.o_connid = conn->c_connid; - (*be->be_search)( be, conn, &op, /*base=*/NULL, &searchbase, - scope, /*deref=*/1, /*sizelimit=*/0, /*time=*/0, filter, /*fstr=*/NULL, - /*attrs=*/NULL, /*attrsonly=*/0 ); + op.o_bd->be_search( &op, &rs ); if (sm.match) { rc = LDAP_SUCCESS; @@ -488,8 +478,8 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert } CONCLUDED: - if( searchbase.bv_len ) ch_free( searchbase.bv_val ); - if( filter ) filter_free( filter ); + if( op.o_req_ndn.bv_len ) ch_free( op.o_req_ndn.bv_val ); + if( op.oq_search.rs_filter ) filter_free( op.oq_search.rs_filter ); #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, @@ -531,7 +521,7 @@ slap_sasl_check_authz( Connection *conn, assertDN->bv_val, ad->ad_cname.bv_val, searchDN->bv_val); #endif - rc = backend_attribute( NULL, NULL, conn->c_sasl_bindop, NULL, + rc = backend_attribute( conn->c_sasl_bindop, NULL, searchDN, ad, &vals ); if( rc != LDAP_SUCCESS ) goto COMPLETE; @@ -570,13 +560,10 @@ void slap_sasl2dn( Connection *conn, struct berval *saslname, struct berval *sasldn ) { int rc; - Backend *be = NULL; - struct berval dn = { 0, NULL }; - int scope = LDAP_SCOPE_BASE; - Filter *filter = NULL; slap_callback cb = { slap_cb_null_response, slap_cb_null_sresult, sasl_sc_sasl2dn, slap_cb_null_sreference, NULL}; Operation op = {0}; + SlapReply rs = {REP_RESULT}; struct berval regout = { 0, NULL }; #ifdef NEW_LOGGING @@ -598,37 +585,39 @@ void slap_sasl2dn( Connection *conn, goto FINISHED; } - rc = slap_parseURI( ®out, &dn, &scope, &filter ); + rc = slap_parseURI( ®out, &op.o_req_ndn, &op.oq_search.rs_scope, &op.oq_search.rs_filter ); if( regout.bv_val ) ch_free( regout.bv_val ); if( rc != LDAP_SUCCESS ) { goto FINISHED; } /* Must do an internal search */ - be = select_backend( &dn, 0, 1 ); + op.o_bd = select_backend( &op.o_req_ndn, 0, 1 ); /* Massive shortcut: search scope == base */ - if( scope == LDAP_SCOPE_BASE ) { - *sasldn = dn; - dn.bv_len = 0; - dn.bv_val = NULL; + if( op.oq_search.rs_scope == LDAP_SCOPE_BASE ) { + *sasldn = op.o_req_ndn; + op.o_req_ndn.bv_len = 0; + op.o_req_ndn.bv_val = NULL; goto FINISHED; } #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, DETAIL1, "slap_sasl2dn: performing internal search (base=%s, scope=%d)\n", - dn.bv_val, scope, 0 ); + op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 ); #else Debug( LDAP_DEBUG_TRACE, "slap_sasl2dn: performing internal search (base=%s, scope=%d)\n", - dn.bv_val, scope, 0 ); + op.o_req_ndn.bv_val, op.oq_search.rs_scope, 0 ); #endif - if(( be == NULL ) || ( be->be_search == NULL)) { + if(( op.o_bd == NULL ) || ( op.o_bd->be_search == NULL)) { goto FINISHED; } + op.o_conn = conn; + op.o_connid = conn->c_connid; op.o_tag = LDAP_REQ_SEARCH; op.o_protocol = LDAP_VERSION3; op.o_ndn = conn->c_ndn; @@ -638,17 +627,18 @@ void slap_sasl2dn( Connection *conn, op.o_is_auth_check = 1; op.o_threadctx = conn->c_sasl_bindop ? conn->c_sasl_bindop->o_threadctx: ldap_pvt_thread_pool_context( &connection_pool ); + op.oq_search.rs_deref = LDAP_DEREF_NEVER; + op.oq_search.rs_slimit = 1; + op.oq_search.rs_attrsonly = 1; - (*be->be_search)( be, conn, &op, NULL, &dn, - scope, LDAP_DEREF_NEVER, 1, 0, - filter, NULL, NULL, 1 ); + op.o_bd->be_search( &op, &rs ); FINISHED: if( sasldn->bv_len ) { - conn->c_authz_backend = be; + conn->c_authz_backend = op.o_bd; } - if( dn.bv_len ) ch_free( dn.bv_val ); - if( filter ) filter_free( filter ); + if( op.o_req_ndn.bv_len ) ch_free( op.o_req_ndn.bv_val ); + if( op.oq_search.rs_filter ) filter_free( op.oq_search.rs_filter ); #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, diff --git a/servers/slapd/search.c b/servers/slapd/search.c index fd7ea25a02..05092aeb8a 100644 --- a/servers/slapd/search.c +++ b/servers/slapd/search.c @@ -29,10 +29,7 @@ #ifdef LDAP_SLAPI #include "slapi.h" static char **anlist2charray( AttributeName *an ); -static Slapi_PBlock *initSearchPlugin( Backend *be, Connection *conn, Operation *op, - struct berval *base, int scope, int deref, int sizelimit, int timelimit, - Filter *filter, struct berval *fstr, char **attrs, - int attrsonly, int managedsait ); +static Slapi_PBlock *initSearchPlugin( Operation *op, char **attrs, int managedsait ); static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb ); static int doSearchRewriteFNs( Backend *be, Slapi_PBlock *pb, Filter **filter, struct berval *fstr ); static void doPostSearchPluginFNs( Backend *be, Slapi_PBlock *pb ); @@ -40,29 +37,18 @@ static void doPostSearchPluginFNs( Backend *be, Slapi_PBlock *pb ); int do_search( - Connection *conn, /* where to send results */ - Operation *op /* info about the op to which we're responding */ + Operation *op, /* info about the op to which we're responding */ + SlapReply *rs /* all the response data we'll send */ ) { - ber_int_t scope, deref, attrsonly; - ber_int_t sizelimit, timelimit; struct berval base = { 0, NULL }; - struct berval pbase = { 0, NULL }; - struct berval nbase = { 0, NULL }; - struct berval fstr = { 0, NULL }; - Filter *filter = NULL; - AttributeName *an = NULL; ber_len_t siz, off, i; - Backend *be; - int rc; - const char *text; int manageDSAit; #ifdef LDAP_SLAPI - Slapi_PBlock *pb = NULL; char **attrs = NULL; #endif #ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ENTRY, "do_search: conn %d\n", conn->c_connid, 0, 0 ); + LDAP_LOG( OPERATION, ENTRY, "do_search: conn %d\n", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_search\n", 0, 0, 0 ); #endif @@ -93,108 +79,103 @@ do_search( /* baseObject, scope, derefAliases, sizelimit, timelimit, attrsOnly */ if ( ber_scanf( op->o_ber, "{miiiib" /*}*/, - &base, &scope, &deref, &sizelimit, - &timelimit, &attrsonly ) == LBER_ERROR ) + &base, &op->oq_search.rs_scope, &op->oq_search.rs_deref, &op->oq_search.rs_slimit, + &op->oq_search.rs_tlimit, &op->oq_search.rs_attrsonly ) == LBER_ERROR ) { - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding error" ); - rc = SLAPD_DISCONNECT; + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); + rs->sr_err = SLAPD_DISCONNECT; goto return_results; } - switch( scope ) { + switch( op->oq_search.rs_scope ) { case LDAP_SCOPE_BASE: case LDAP_SCOPE_ONELEVEL: case LDAP_SCOPE_SUBTREE: break; default: - send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, - NULL, "invalid scope", NULL, NULL ); + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "invalid scope" ); goto return_results; } - switch( deref ) { + switch( op->oq_search.rs_deref ) { case LDAP_DEREF_NEVER: case LDAP_DEREF_FINDING: case LDAP_DEREF_SEARCHING: case LDAP_DEREF_ALWAYS: break; default: - send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, - NULL, "invalid deref", NULL, NULL ); + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "invalid deref" ); goto return_results; } - rc = dnPrettyNormal( NULL, &base, &pbase, &nbase ); - if( rc != LDAP_SUCCESS ) { + rs->sr_err = dnPrettyNormal( NULL, &base, &op->o_req_dn, &op->o_req_ndn ); + if( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, "do_search: conn %d invalid dn (%s)\n", - conn->c_connid, base.bv_val, 0 ); + op->o_connid, base.bv_val, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_search: invalid dn (%s)\n", base.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); + send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" ); goto return_results; } #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "SRCH \"%s\" %d %d", - base.bv_val, scope, deref ); + base.bv_val, op->oq_search.rs_scope, op->oq_search.rs_deref ); LDAP_LOG( OPERATION, ARGS, " %d %d %d\n", - sizelimit, timelimit, attrsonly); + op->oq_search.rs_slimit, op->oq_search.rs_tlimit, op->oq_search.rs_attrsonly); #else Debug( LDAP_DEBUG_ARGS, "SRCH \"%s\" %d %d", - base.bv_val, scope, deref ); + base.bv_val, op->oq_search.rs_scope, op->oq_search.rs_deref ); Debug( LDAP_DEBUG_ARGS, " %d %d %d\n", - sizelimit, timelimit, attrsonly); + op->oq_search.rs_slimit, op->oq_search.rs_tlimit, op->oq_search.rs_attrsonly); #endif /* filter - returns a "normalized" version */ - rc = get_filter( conn, op->o_ber, &filter, &text ); - if( rc != LDAP_SUCCESS ) { - if( rc == SLAPD_DISCONNECT ) { - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, text ); + rs->sr_err = get_filter( op->o_conn, op->o_ber, &op->oq_search.rs_filter, &rs->sr_text ); + if( rs->sr_err != LDAP_SUCCESS ) { + if( rs->sr_err == SLAPD_DISCONNECT ) { + rs->sr_err = LDAP_PROTOCOL_ERROR; + send_ldap_disconnect( op, rs ); } else { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + send_ldap_result( op, rs ); } goto return_results; } - filter2bv( filter, &fstr ); + filter2bv( op->oq_search.rs_filter, &op->oq_search.rs_filterstr ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "do_search: conn %d filter: %s\n", - conn->c_connid, fstr.bv_len ? fstr.bv_val : "empty", 0 ); + op->o_connid, op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0 ); #else Debug( LDAP_DEBUG_ARGS, " filter: %s\n", - fstr.bv_len ? fstr.bv_val : "empty", 0, 0 ); + op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0, 0 ); #endif /* attributes */ siz = sizeof(AttributeName); off = 0; - if ( ber_scanf( op->o_ber, "{M}}", &an, &siz, off ) == LBER_ERROR ) { - send_ldap_disconnect( conn, op, - LDAP_PROTOCOL_ERROR, "decoding attrs error" ); - rc = SLAPD_DISCONNECT; + if ( ber_scanf( op->o_ber, "{M}}", &op->oq_search.rs_attrs, &siz, off ) == LBER_ERROR ) { + send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding attrs error" ); + rs->sr_err = SLAPD_DISCONNECT; goto return_results; } for ( i=0; ioq_search.rs_attrs[i].an_desc = NULL; + op->oq_search.rs_attrs[i].an_oc = NULL; + slap_bv2ad(&op->oq_search.rs_attrs[i].an_name, &op->oq_search.rs_attrs[i].an_desc, &dummy); } - if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "do_search: conn %d get_ctrls failed (%d)\n", - conn->c_connid, rc, 0 ); + op->o_connid, rs->sr_err, 0 ); #else Debug( LDAP_DEBUG_ANY, "do_search: get_ctrls failed\n", 0, 0, 0 ); #endif @@ -204,7 +185,7 @@ do_search( #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, - "do_search: conn %d attrs:", conn->c_connid, 0, 0 ); + "do_search: conn %d attrs:", op->o_connid, 0, 0 ); #else Debug( LDAP_DEBUG_ARGS, " attrs:", 0, 0, 0 ); #endif @@ -213,9 +194,9 @@ do_search( for ( i = 0; ioq_search.rs_attrs[i].an_name.bv_val, 0, 0 ); #else - Debug( LDAP_DEBUG_ARGS, " %s", an[i].an_name.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_ARGS, " %s", op->oq_search.rs_attrs[i].an_name.bv_val, 0, 0 ); #endif } } @@ -232,10 +213,10 @@ do_search( Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu SRCH base=\"%s\" scope=%d filter=\"%s\"\n", - op->o_connid, op->o_opid, pbase.bv_val, scope, fstr.bv_val ); + op->o_connid, op->o_opid, op->o_req_dn.bv_val, op->oq_search.rs_scope, op->oq_search.rs_filterstr.bv_val ); for ( i = 0; ioq_search.rs_attrs[i].an_name.bv_len; if (alen >= sizeof(abuf)) { alen = sizeof(abuf)-1; } @@ -249,7 +230,7 @@ do_search( *ptr++ = ' '; len++; } - ptr = lutil_strncopy(ptr, an[i].an_name.bv_val, alen); + ptr = lutil_strncopy(ptr, op->oq_search.rs_attrs[i].an_name.bv_val, alen); len += alen; *ptr = '\0'; } @@ -261,95 +242,88 @@ do_search( manageDSAit = get_manageDSAit( op ); - if ( scope == LDAP_SCOPE_BASE ) { + if ( op->oq_search.rs_scope == LDAP_SCOPE_BASE ) { Entry *entry = NULL; - if ( nbase.bv_len == 0 ) { + if ( op->o_req_ndn.bv_len == 0 ) { #ifdef LDAP_CONNECTIONLESS /* Ignore LDAPv2 CLDAP Root DSE queries */ - if (op->o_protocol == LDAP_VERSION2 && conn->c_is_udp) { + if (op->o_protocol == LDAP_VERSION2 && op->o_conn->c_is_udp) { goto return_results; } #endif /* check restrictions */ - rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto return_results; } #ifdef LDAP_SLAPI - attrs = anlist2charray( an ); - pb = initSearchPlugin( NULL, conn, op, &nbase, scope, - deref, sizelimit, timelimit, filter, &fstr, - attrs, attrsonly, manageDSAit ); - rc = doPreSearchPluginFNs( NULL, pb ); - if ( rc == LDAP_SUCCESS ) { - doSearchRewriteFNs( NULL, pb, &filter, &fstr ); + attrs = anlist2charray( op->oq_search.rs_attrs ); + initSearchPlugin( op, attrs, manageDSAit ); + rs->sr_err = doPreSearchPluginFNs( op ); + if ( rs->sr_err == LDAP_SUCCESS ) { + doSearchRewriteFNs( op ); #endif /* LDAP_SLAPI */ - rc = root_dse_info( conn, &entry, &text ); + rs->sr_err = root_dse_info( op->o_conn, &entry, &rs->sr_text ); #ifdef LDAP_SLAPI } #endif /* LDAP_SLAPI */ - } else if ( bvmatch( &nbase, &global_schemandn ) ) { + } else if ( bvmatch( &op->o_req_ndn, &global_schemandn ) ) { /* check restrictions */ - rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto return_results; } #ifdef LDAP_SLAPI - attrs = anlist2charray( an ); - pb = initSearchPlugin( NULL, conn, op, &nbase, scope, - deref, sizelimit, timelimit, filter, &fstr, - attrs, attrsonly, manageDSAit ); - rc = doPreSearchPluginFNs( NULL, pb ); - if ( rc == LDAP_SUCCESS ) { - doSearchRewriteFNs( NULL, pb, &filter, &fstr ); + attrs = anlist2charray( op->oq_search.rs_attrs ); + initSearchPlugin( op, attrs, manageDSAit ); + rs->sr_err = doPreSearchPluginFNs( op ); + if ( rs->sr_err == LDAP_SUCCESS ) { + doSearchRewriteFNs( op ); #endif /* LDAP_SLAPI */ - rc = schema_info( &entry, &text ); + rs->sr_err = schema_info( &entry, &rs->sr_text ); #ifdef LDAP_SLAPI } #endif /* LDAP_SLAPI */ } - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); #ifdef LDAP_SLAPI - doPostSearchPluginFNs( NULL, pb ); + doPostSearchPluginFNs( op ); #endif /* LDAP_SLAPI */ goto return_results; } else if ( entry != NULL ) { - rc = test_filter( NULL, conn, op, - entry, filter ); + rs->sr_err = test_filter( op, entry, op->oq_search.rs_filter ); - if( rc == LDAP_COMPARE_TRUE ) { - send_search_entry( NULL, conn, op, - entry, an, attrsonly, NULL ); + if( rs->sr_err == LDAP_COMPARE_TRUE ) { + rs->sr_entry = entry; + rs->sr_attrs = op->oq_search.rs_attrs; + send_search_entry( op, rs ); + rs->sr_entry = NULL; } entry_free( entry ); - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + rs->sr_err = LDAP_SUCCESS; + rs->sr_nentries = 1; + send_search_result( op, rs ); #ifdef LDAP_SLAPI - doPostSearchPluginFNs( NULL, pb ); + doPostSearchPluginFNs( op ); #endif /* LDAP_SLAPI */ goto return_results; } } - if( !nbase.bv_len && default_search_nbase.bv_len ) { - ch_free( pbase.bv_val ); - ch_free( nbase.bv_val ); + if( !op->o_req_ndn.bv_len && default_search_nbase.bv_len ) { + ch_free( op->o_req_dn.bv_val ); + ch_free( op->o_req_ndn.bv_val ); - ber_dupbv( &pbase, &default_search_base ); - ber_dupbv( &nbase, &default_search_nbase ); + ber_dupbv( &op->o_req_dn, &default_search_base ); + ber_dupbv( &op->o_req_ndn, &default_search_nbase ); } /* @@ -357,85 +331,79 @@ do_search( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( &nbase, manageDSAit, 1 )) == NULL ) { - BerVarray ref = referral_rewrite( default_referral, - NULL, &pbase, scope ); + if ( (op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 1 )) == NULL ) { + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, op->oq_search.rs_scope ); - send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, ref ? ref : default_referral, NULL ); + if (!rs->sr_ref) rs->sr_ref = default_referral; + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); - ber_bvarray_free( ref ); + if (rs->sr_ref != default_referral) + ber_bvarray_free( rs->sr_ref ); + rs->sr_ref = NULL; goto return_results; } /* check restrictions */ - rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; - if( rc != LDAP_SUCCESS ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); + if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); goto return_results; } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, &pbase, &nbase ); - if ( rc != LDAP_SUCCESS ) { + if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) { goto return_results; } #ifdef LDAP_SLAPI - attrs = anlist2charray( an ); - pb = initSearchPlugin( be, conn, op, &pbase, - scope, deref, sizelimit, - timelimit, filter, &fstr, attrs, attrsonly, - manageDSAit ); - rc = doPreSearchPluginFNs( be, pb ); - if ( rc != LDAP_SUCCESS ) { + attrs = anlist2charray( op->oq_search.rs_attrs ); + initSearchPlugin( op, attrs, manageDSAit ); + rs->sr_err = doPreSearchPluginFNs( op ); + if ( rs->sr_err != LDAP_SUCCESS ) { goto return_results; } - doSearchRewriteFNs( be, pb, &filter, &fstr ); + doSearchRewriteFNs( op ); #endif /* LDAP_SLAPI */ /* actually do the search and send the result(s) */ - if ( be->be_search ) { - (*be->be_search)( be, conn, op, &pbase, &nbase, - scope, deref, sizelimit, - timelimit, filter, &fstr, an, attrsonly ); + if ( op->o_bd->be_search ) { + (op->o_bd->be_search)( op, rs ); } else { - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", - NULL, NULL ); + send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, + "operation not supported within namingContext" ); } #ifdef LDAP_SLAPI - doPostSearchPluginFNs( be, pb ); + doPostSearchPluginFNs( op ); #endif /* LDAP_SLAPI */ return_results:; #ifdef LDAP_CLIENT_UPDATE if ( ( op->o_clientupdate_type & SLAP_LCUP_PERSIST ) ) - return rc; + return rs->sr_err; #endif #if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC) else #endif #ifdef LDAP_SYNC if ( ( op->o_sync_mode & SLAP_SYNC_PERSIST ) ) - return rc; + return rs->sr_err; #endif - if( pbase.bv_val != NULL) free( pbase.bv_val ); - if( nbase.bv_val != NULL) free( nbase.bv_val ); + if( op->o_req_dn.bv_val != NULL) free( op->o_req_dn.bv_val ); + if( op->o_req_ndn.bv_val != NULL) free( op->o_req_ndn.bv_val ); - if( fstr.bv_val != NULL) free( fstr.bv_val ); - if( filter != NULL) filter_free( filter ); - if( an != NULL ) free( an ); + if( op->oq_search.rs_filterstr.bv_val != NULL) free( op->oq_search.rs_filterstr.bv_val ); + if( op->oq_search.rs_filter != NULL) filter_free( op->oq_search.rs_filter ); + if( op->oq_search.rs_attrs != NULL ) free( op->oq_search.rs_attrs ); #ifdef LDAP_SLAPI if( attrs != NULL) ch_free( attrs ); #endif /* LDAP_SLAPI */ - return rc; + return rs->sr_err; } #ifdef LDAP_SLAPI @@ -460,37 +428,29 @@ static char **anlist2charray( AttributeName *an ) return attrs; } -static Slapi_PBlock *initSearchPlugin( Backend *be, Connection *conn, Operation *op, - struct berval *base, int scope, int deref, int sizelimit, - int timelimit, Filter *filter, struct berval *fstr, - char **attrs, int attrsonly, int managedsait ) +static void Slapi_PBlock *initSearchPlugin( Operation *op, + char **attrs, int managedsait ) { - Slapi_PBlock *pb; - - pb = op->o_pb; - - slapi_x_backend_set_pb( pb, be ); - slapi_x_connection_set_pb( pb, conn ); - slapi_x_operation_set_pb( pb, op ); - slapi_pblock_set( pb, SLAPI_SEARCH_TARGET, (void *)base->bv_val ); - slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, (void *)scope ); - slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, (void *)deref ); - slapi_pblock_set( pb, SLAPI_SEARCH_SIZELIMIT, (void *)sizelimit ); - slapi_pblock_set( pb, SLAPI_SEARCH_TIMELIMIT, (void *)timelimit ); - slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, (void *)filter ); - slapi_pblock_set( pb, SLAPI_SEARCH_STRFILTER, (void *)fstr->bv_val ); - slapi_pblock_set( pb, SLAPI_SEARCH_ATTRS, (void *)attrs ); - slapi_pblock_set( pb, SLAPI_SEARCH_ATTRSONLY, (void *)attrsonly ); - slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)managedsait ); - - return pb; + slapi_x_backend_set_pb( op->o_pb, op->o_bd ); + slapi_x_connection_set_pb( op->o_pb, op->o_conn ); + slapi_x_operation_set_pb( op->o_pb, op ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_TARGET, (void *)op->o_req_dn.bv_val ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_SCOPE, (void *)op->oq_search.rs_scope ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_DEREF, (void *)op->oq_search.rs_deref ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_SIZELIMIT, (void *)op->oq_search.rs_slimit ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_TIMELIMIT, (void *)op->oq_search.rs_tlimit ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_FILTER, (void *)op->oq_search.rs_filter ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_STRFILTER, (void *)op->oq_search.rs_filterstr.bv_val ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_ATTRS, (void *)attrs ); + slapi_pblock_set( op->o_pb, SLAPI_SEARCH_ATTRSONLY, (void *)op->oq_search.rs_attrsonly ); + slapi_pblock_set( op->o_pb, SLAPI_MANAGEDSAIT, (void *)managedsait ); } -static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb ) +static int doPreSearchPluginFNs( Operation *op ) { int rc; - rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_SEARCH_FN, pb ); + rc = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_SEARCH_FN, op->o_pb ); if ( rc != 0 ) { /* * A preoperation plugin failure will abort the @@ -503,7 +463,7 @@ static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb ) Debug(LDAP_DEBUG_TRACE, "doPreSearchPluginFNs: search preoperation plugin " "returned %d.\n", rc, 0, 0); #endif - if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0) + if ( slapi_pblock_get( op->o_pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0) rc = LDAP_OTHER; } else { rc = LDAP_SUCCESS; @@ -512,32 +472,32 @@ static int doPreSearchPluginFNs( Backend *be, Slapi_PBlock *pb ) return rc; } -static int doSearchRewriteFNs( Backend *be, Slapi_PBlock *pb, Filter **filter, struct berval *fstr ) +static int doSearchRewriteFNs( Operation *op ) { - if ( doPluginFNs( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb ) == 0 ) { + if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, op->o_pb ) == 0 ) { /* * The plugin can set the SLAPI_SEARCH_FILTER. * SLAPI_SEARCH_STRFILER is not normative. */ - slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, (void *)filter); - ch_free( fstr->bv_val ); - filter2bv( *filter, fstr ); + slapi_pblock_get( op->o_pb, SLAPI_SEARCH_FILTER, (void *)&op->oq_search.rs_filter); + ch_free( op->oq_search.rs_filterstr.bv_val ); + filter2bv( op->oq_search.rs_filter, &op->oq_search.rs_filterstr ); #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ARGS, "doSearchRewriteFNs: after compute_rewrite_search filter: %s\n", - fstr->bv_len ? fstr->bv_val : "empty", 0, 0 ); + op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0, 0 ); #else Debug( LDAP_DEBUG_ARGS, " after compute_rewrite_search filter: %s\n", - fstr->bv_len ? fstr->bv_val : "empty", 0, 0 ); + op->oq_search.rs_filterstr.bv_len ? op->oq_search.rs_filterstr.bv_val : "empty", 0, 0 ); #endif } return LDAP_SUCCESS; } -static void doPostSearchPluginFNs( Backend *be, Slapi_PBlock *pb ) +static void doPostSearchPluginFNs( Operation *op ) { - if ( doPluginFNs( be, SLAPI_PLUGIN_POST_SEARCH_FN, pb ) != 0 ) { + if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_SEARCH_FN, op->o_pb ) != 0 ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, INFO, "doPostSearchPluginFNs: search postoperation plugins " "failed\n", 0, 0, 0 ); diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index f09916f2b0..f3c394b4cf 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -1206,15 +1206,6 @@ typedef struct slap_acl_state { #define ACL_STATE_INIT { ACL_STATE_NOT_RECORDED, NULL, NULL, 0UL, \ { { 0, 0 } }, 0, NULL, 0, 0, NULL } -/* - * replog moddn param structure - */ -struct slap_replog_moddn { - struct berval *newrdn; - int deloldrdn; - struct berval *newsup; -}; - /* * Backend-info * represents a backend @@ -1446,11 +1437,11 @@ typedef int (BI_db_open) LDAP_P((Backend *bd)); typedef int (BI_db_close) LDAP_P((Backend *bd)); typedef int (BI_db_destroy) LDAP_P((Backend *bd)); -#ifdef SLAP_OP_BLOCKS typedef struct req_bind_s { int rb_method; struct berval rb_cred; struct berval rb_edn; + slap_ssf_t rb_ssf; } req_bind_s; typedef struct req_search_s { @@ -1460,7 +1451,7 @@ typedef struct req_search_s { int rs_tlimit; int rs_attrsonly; AttributeName *rs_attrs; - Filter *rs_f; + Filter *rs_filter; struct berval rs_filterstr; } req_search_s; @@ -1468,11 +1459,15 @@ typedef struct req_compare_s { AttributeAssertion *rs_ava; } req_compare_s; +typedef struct req_modify_s { + Modifications *rs_modlist; +} req_modify_s; + typedef struct req_modrdn_s { struct berval rs_newrdn; struct berval rs_nnewrdn; - struct berval rs_newSup; - struct berval rs_nnewSup; + struct berval *rs_newSup; + struct berval *rs_nnewSup; int rs_deleteoldrdn; } req_modrdn_s; @@ -1486,88 +1481,80 @@ typedef struct req_abandon_s { typedef struct req_extended_s { struct berval rs_reqoid; - char *rs_rspoid; - struct berval *rs_rspdata; - LDAPControl **rs_rspctrls; - const char *rs_text; - BerVarray rs_refs; + struct berval *rs_reqdata; } req_extended_s; -#endif /* SLAP_OP_BLOCKS */ - -typedef int (BI_op_bind) LDAP_P(( BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *dn, struct berval *ndn, int method, - struct berval *cred, struct berval *edn )); -typedef int (BI_op_unbind) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o )); -typedef int (BI_op_search) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *base, struct berval *nbase, - int scope, int deref, - int slimit, int tlimit, - Filter *f, struct berval *filterstr, - AttributeName *attrs, int attrsonly)); -typedef int (BI_op_compare)LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *dn, struct berval *ndn, - AttributeAssertion *ava)); -typedef int (BI_op_modify) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *dn, struct berval *ndn, - Modifications *m)); -typedef int (BI_op_modrdn) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *dn, struct berval *ndn, - struct berval *newrdn, struct berval *nnewrdn, - int deleteoldrdn, - struct berval *newSup, struct berval *nnewSup )); -typedef int (BI_op_add) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - Entry *e)); -typedef int (BI_op_delete) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *dn, struct berval *ndn)); -typedef int (BI_op_abandon) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - ber_int_t msgid)); -typedef int (BI_op_cancel) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - ber_int_t msgid)); - -typedef int (BI_op_extended) LDAP_P(( - BackendDB *be, - struct slap_conn *conn, - struct slap_op *op, - struct berval *reqoid, - struct berval * reqdata, - char **rspoid, - struct berval ** rspdata, - LDAPControl *** rspctrls, - const char ** text, - BerVarray *refs )); - -typedef int (BI_entry_get_rw) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *ndn, ObjectClass *oc, - AttributeDescription *at, int rw, - Entry **e )); - -typedef int (BI_entry_release_rw) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - Entry *e, int rw)); - -typedef int (BI_chk_referrals) LDAP_P((BackendDB *bd, - struct slap_conn *c, struct slap_op *o, - struct berval *dn, struct berval *ndn, - const char **text )); - -typedef int (BI_operational) LDAP_P((Backend *bd, - struct slap_conn *c, struct slap_op *o, - Entry *e, AttributeName *attrs, int opattrs, Attribute **a )); - -typedef int (BI_has_subordinates) LDAP_P((Backend *bd, - struct slap_conn *c, struct slap_op *o, - Entry *e, int *has_subordinates )); + +typedef enum slap_reply_e { + REP_RESULT, + REP_SASL, + REP_SRESULT, + REP_EXTENDED, + REP_SEARCH, + REP_SEARCHREF +} slap_reply_t; + +typedef struct rep_sasl_s { + struct berval *r_sasldata; +} rep_sasl_s; + +typedef struct rep_sresult_s { + int r_nentries; +} rep_sresult_s; + +typedef struct rep_extended_s { + const char *r_rspoid; + struct berval *r_rspdata; +} rep_extended_s; + +typedef struct rep_search_s { + AttributeName *r_attrs; + Entry *r_entry; + BerVarray r_v2ref; +} rep_search_s; + +typedef struct slap_rep { + slap_reply_t sr_type; + ber_tag_t sr_tag; + ber_int_t sr_msgid; + ber_int_t sr_err; + const char *sr_matched; + const char *sr_text; + BerVarray sr_ref; + LDAPControl **sr_ctrls; + union sr_u { + rep_sasl_s sru_sasl; + rep_sresult_s sru_sresult; + rep_extended_s sru_extended; + rep_search_s sru_search; + } sr_un; +} SlapReply; + +/* short hands for response members */ +#define sr_attrs sr_un.sru_search.r_attrs +#define sr_entry sr_un.sru_search.r_entry +#define sr_v2ref sr_un.sru_search.r_v2ref +#define sr_rspoid sr_un.sru_extended.r_rspoid +#define sr_rspdata sr_un.sru_extended.r_rspdata +#define sr_sasldata sr_un.sru_sasl.r_sasldata +#define sr_nentries sr_un.sru_sresult.r_nentries + +typedef int (BI_op_bind) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_unbind) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_search) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_compare) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_modify) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_modrdn) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_add) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_delete) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_abandon) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_cancel) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_op_extended) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_entry_release_rw) LDAP_P(( struct slap_op *op, Entry *e, int rw )); +typedef int (BI_entry_get_rw) LDAP_P(( struct slap_op *op, struct berval *ndn, + ObjectClass *oc, AttributeDescription *at, int rw, Entry **e )); +typedef int (BI_chk_referrals) LDAP_P(( struct slap_op *op, struct slap_rep *rs )); +typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs, int opattrs, Attribute **ap )); +typedef int (BI_has_subordinates) LDAP_P(( struct slap_op *op, Entry *e, int *hasSubs )); typedef int (BI_connection_init) LDAP_P((BackendDB *bd, struct slap_conn *c)); @@ -1703,20 +1690,10 @@ struct slap_backend_info { #define o_tls_ssf o_authz.sai_tls_ssf #define o_sasl_ssf o_authz.sai_sasl_ssf -typedef void (slap_response)( struct slap_conn *, struct slap_op *, - ber_tag_t, ber_int_t, ber_int_t, const char *, const char *, - BerVarray, const char *, struct berval *, - struct berval *, LDAPControl ** ); - -typedef void (slap_sresult)( struct slap_conn *, struct slap_op *, - ber_int_t, const char *, const char *, BerVarray, - LDAPControl **, int nentries); - -typedef int (slap_sendentry)( BackendDB *, struct slap_conn *, - struct slap_op *, Entry *, AttributeName *, int, LDAPControl **); - -typedef int (slap_sendreference)( BackendDB *, struct slap_conn *, - struct slap_op *, Entry *, BerVarray, LDAPControl **, BerVarray * ); +typedef void (slap_response)( struct slap_op *, struct slap_rep * ); +typedef void (slap_sresult)( struct slap_op *, struct slap_rep * ); +typedef int (slap_sendentry)( struct slap_op *, struct slap_rep * ); +typedef int (slap_sendreference)( struct slap_op *, struct slap_rep * ); typedef struct slap_callback { slap_response *sc_response; @@ -1744,26 +1721,9 @@ typedef struct slap_paged_state { #define LDAP_PSEARCH_BY_MODIFY 0x04 #define LDAP_PSEARCH_BY_SCOPEOUT 0x05 -struct ldap_psearch_spec { - struct slap_op *op; - struct berval *base; - struct berval *nbase; - int scope; - int deref; - int slimit; - int tlimit; - Filter *filter; - struct berval *filterstr; - AttributeName *attrs; - int attrsonly; - int protocol; - int entry_count; - LDAP_LIST_ENTRY(ldap_psearch_spec) link; -}; - struct psid_entry { - struct ldap_psearch_spec* ps; - LDAP_LIST_ENTRY(psid_entry) link; + struct slap_op *ps_op; + LDAP_LIST_ENTRY(psid_entry) ps_link; }; #endif @@ -1775,53 +1735,44 @@ typedef struct slap_op { unsigned long o_opid; /* id of this operation */ unsigned long o_connid; /* id of conn initiating this op */ struct slap_conn *o_conn; /* connection spawning this op */ -#ifdef SLAP_OP_BLOCKS BackendDB *o_bd; /* backend DB processing this op */ -#endif ber_int_t o_msgid; /* msgid of the request */ ber_int_t o_protocol; /* version of the LDAP protocol used by client */ ber_tag_t o_tag; /* tag of the request */ time_t o_time; /* time op was initiated */ -#ifdef SLAP_OP_BLOCKS struct berval o_req_dn; /* DN of target of request */ struct berval o_req_ndn; union o_req_u { + req_add_s oq_add; req_bind_s oq_bind; - req_search_s oq_search; req_compare_s oq_compare; + req_modify_s oq_modify; req_modrdn_s oq_modrdn; - req_add_s oq_add; + req_search_s oq_search; req_abandon_s oq_abandon; req_abandon_s oq_cancel; req_extended_s oq_extended; } o_request; /* short hands for union members */ -#define o_bind o_request.oq_bind +#define oq_add o_request.oq_add +#define oq_bind o_request.oq_bind +#define oq_compare o_request.oq_compare +#define oq_modify o_request.oq_modify +#define oq_modrdn o_request.oq_modrdn +#define oq_search o_request.oq_search +#define oq_abandon o_request.oq_abandon +#define oq_cancel o_request.oq_cancel +#define oq_extended o_request.oq_extended /* ... */ /* short hands for inner request members */ -#define o_bind_edn o_bind.rb_edn +#define o_bind_edn oq_bind.rb_edn /* ... */ - struct o_rep_s { - ber_tag_t or_tag; - ber_int_t or_err; - const char *or_matched; - const char *or_text; - BerVarray or_ref; - const char *or_resoid; - struct berval *or_resdata; - struct berval *or_sasldata; - LDAPControl **or_ctrls; - } o_response; -#else - char * o_extendedop; /* extended operation OID */ -#endif - ldap_pvt_thread_t o_tid; /* thread handling this op */ volatile sig_atomic_t o_abandon; /* abandon flag */ @@ -1895,9 +1846,10 @@ typedef struct slap_op { #endif #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - LDAP_LIST_HEAD(lss, ldap_psearch_spec) psearch_spec; - LDAP_LIST_HEAD(pe, psid_entry) premodify_list; - LDAP_LIST_ENTRY(slap_op) link; + int o_ps_protocol; + int o_ps_entries; + LDAP_LIST_ENTRY(slap_op) o_ps_link; + LDAP_LIST_HEAD(pe, psid_entry) o_pm_list; #endif AuthorizationInformation o_authz; @@ -1924,94 +1876,30 @@ typedef struct slap_op { #endif } Operation; -typedef void (*SEND_LDAP_RESULT)( - struct slap_conn *conn, - struct slap_op *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray ref, - LDAPControl **ctrls - ); - -#define send_ldap_result( conn, op, err, matched, text, ref, ctrls ) \ -(*conn->c_send_ldap_result)( conn, op, err, matched, text, ref, ctrls ) - - -typedef int (*SEND_SEARCH_ENTRY)( - struct slap_backend_db *be, - struct slap_conn *conn, - struct slap_op *op, - struct slap_entry *e, - AttributeName *attrs, - int attrsonly, - LDAPControl **ctrls - ); - -#define send_search_entry( be, conn, op, e, attrs, attrsonly, ctrls) \ -(*conn->c_send_search_entry)( be, conn, op, e, attrs, attrsonly, ctrls) - - -typedef void (*SEND_SEARCH_RESULT)( - struct slap_conn *conn, - struct slap_op *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - LDAPControl **ctrls, - int nentries - ); - -#define send_search_result( conn, op, err, matched, text, refs, ctrls, nentries ) \ -(*conn->c_send_search_result)( conn, op, err, matched, text, refs, ctrls, nentries ) - - -typedef int (*SEND_SEARCH_REFERENCE)( - struct slap_backend_db *be, - struct slap_conn *conn, - struct slap_op *op, - struct slap_entry *e, - BerVarray refs, - LDAPControl **ctrls, - BerVarray *v2refs - ); - -#define send_search_reference( be, conn, op, e, refs, ctrls, v2refs ) \ -(*conn->c_send_search_reference)( be, conn, op, e, refs, ctrls, v2refs ) - - -typedef void (*SEND_LDAP_EXTENDED)( - struct slap_conn *conn, - struct slap_op *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, - struct berval *rspdata, - LDAPControl **ctrls - ); - -#define send_ldap_extended( conn, op, err, matched, text, refs, rspoid, rspdata, ctrls) \ -(*conn->c_send_ldap_extended)( conn, op, err, matched, text, refs, rspoid, rspdata, ctrls ) - -typedef void (*SEND_LDAP_INTERMEDIATE_RESP)( - struct slap_conn *conn, - struct slap_op *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, - struct berval *rspdata, - LDAPControl **ctrls - ); - -#define send_ldap_intermediate_resp( conn, op, err, matched, text, refs, \ - rspoid, rspdata, ctrls) \ - (*conn->c_send_ldap_intermediate_resp)( conn, op, err, matched, text, \ - refs, rspoid, rspdata, ctrls ) +#define send_ldap_error( op, rs, err, text ) \ +do { (rs)->sr_err = err; (rs)->sr_text = text; \ +(op->o_conn->c_send_ldap_result)( op, rs ); } while (0) +#define send_ldap_discon( op, rs, err, text ) \ +do { (rs)->sr_err = err; (rs)->sr_text = text; \ +send_ldap_disconnect( op, rs ); } while (0) +typedef void (SEND_LDAP_RESULT)(struct slap_op *op, struct slap_rep *rs); +typedef int (SEND_SEARCH_ENTRY)(struct slap_op *op, struct slap_rep *rs); +typedef void (SEND_SEARCH_RESULT)(struct slap_op *op, struct slap_rep *rs); +typedef int (SEND_SEARCH_REFERENCE)(struct slap_op *op, struct slap_rep *rs); +typedef void (SEND_LDAP_EXTENDED)(struct slap_op *op, struct slap_rep *rs); +typedef void (SEND_LDAP_INTERMEDIATE_RESP)(struct slap_op *op, struct slap_rep *rs); +#define send_ldap_result( op, rs ) \ +(op->o_conn->c_send_ldap_result)( op, rs ) +#define send_search_entry( op, rs ) \ +(op->o_conn->c_send_search_entry)( op, rs ) +#define send_search_result( op, rs ) \ +(op->o_conn->c_send_search_result)( op, rs ) +#define send_search_reference( op, rs ) \ +(op->o_conn->c_send_search_reference)( op, rs ) +#define send_ldap_extended( op, rs ) \ +(op->o_conn->c_send_ldap_extended)( op, rs ) +#define send_ldap_intermediate_resp( op, rs ) \ +(op->o_conn->c_send_ldap_intermediate_resp)( op, rs ) /* * Caches the result of a backend_group check for ACL evaluation @@ -2101,13 +1989,13 @@ typedef struct slap_conn { * supply data back to connected clients that are connected * through the "front-end". */ - SEND_LDAP_RESULT c_send_ldap_result; - SEND_SEARCH_ENTRY c_send_search_entry; - SEND_SEARCH_RESULT c_send_search_result; - SEND_SEARCH_REFERENCE c_send_search_reference; - SEND_LDAP_EXTENDED c_send_ldap_extended; + SEND_LDAP_RESULT *c_send_ldap_result; + SEND_SEARCH_ENTRY *c_send_search_entry; + SEND_SEARCH_RESULT *c_send_search_result; + SEND_SEARCH_REFERENCE *c_send_search_reference; + SEND_LDAP_EXTENDED *c_send_ldap_extended; #ifdef LDAP_RES_INTERMEDIATE_RESP - SEND_LDAP_INTERMEDIATE_RESP c_send_ldap_intermediate_resp; + SEND_LDAP_INTERMEDIATE_RESP *c_send_ldap_intermediate_resp; #endif } Connection; @@ -2211,10 +2099,9 @@ enum { #define SLAP_CTRL_ACCESS (SLAP_CTRL_INTROGATE|SLAP_CTRL_UPDATE) typedef int (SLAP_CTRL_PARSE_FN) LDAP_P(( - Connection *conn, Operation *op, - LDAPControl *ctrl, - const char **text )); + SlapReply *rs, + LDAPControl *ctrl )); LDAP_END_DECL diff --git a/servers/slapd/starttls.c b/servers/slapd/starttls.c index fce72e4a9a..43066ba136 100644 --- a/servers/slapd/starttls.c +++ b/servers/slapd/starttls.c @@ -21,62 +21,53 @@ #ifdef HAVE_TLS int -starttls_extop ( - Connection *conn, - Operation *op, - struct berval * reqoid, - struct berval * reqdata, - char ** rspoid, - struct berval ** rspdata, - LDAPControl ***rspctrls, - const char ** text, - BerVarray * refs ) +starttls_extop ( Operation *op, SlapReply *rs ) { void *ctx; int rc; - if ( reqdata != NULL ) { + if ( op->oq_extended.rs_reqdata != NULL ) { /* no request data should be provided */ - *text = "no request data expected"; + rs->sr_text = "no request data expected"; return LDAP_PROTOCOL_ERROR; } /* acquire connection lock */ - ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); /* can't start TLS if it is already started */ - if (conn->c_is_tls != 0) { - *text = "TLS already started"; + if (op->o_conn->c_is_tls != 0) { + rs->sr_text = "TLS already started"; rc = LDAP_OPERATIONS_ERROR; goto done; } /* can't start TLS if there are other op's around */ - if (( !LDAP_STAILQ_EMPTY(&conn->c_ops) && - (LDAP_STAILQ_FIRST(&conn->c_ops) != op || + if (( !LDAP_STAILQ_EMPTY(&op->o_conn->c_ops) && + (LDAP_STAILQ_FIRST(&op->o_conn->c_ops) != op || LDAP_STAILQ_NEXT(op, o_next) != NULL)) || - ( !LDAP_STAILQ_EMPTY(&conn->c_pending_ops) )) + ( !LDAP_STAILQ_EMPTY(&op->o_conn->c_pending_ops) )) { - *text = "cannot start TLS when operations are outstanding"; + rs->sr_text = "cannot start TLS when operations are outstanding"; rc = LDAP_OPERATIONS_ERROR; goto done; } if ( !( global_disallows & SLAP_DISALLOW_TLS_2_ANON ) && - ( conn->c_dn.bv_len != 0 ) ) + ( op->o_conn->c_dn.bv_len != 0 ) ) { Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu AUTHZ anonymous mech=starttls ssf=0", op->o_connid, op->o_opid, 0, 0, 0 ); /* force to anonymous */ - connection2anonymous( conn ); + connection2anonymous( op->o_conn ); } if ( ( global_disallows & SLAP_DISALLOW_TLS_AUTHC ) && - ( conn->c_dn.bv_len != 0 ) ) + ( op->o_conn->c_dn.bv_len != 0 ) ) { - *text = "cannot start TLS after authentication"; + rs->sr_text = "cannot start TLS after authentication"; rc = LDAP_OPERATIONS_ERROR; goto done; } @@ -91,19 +82,19 @@ starttls_extop ( goto done; } - *text = "Could not initialize TLS"; + rs->sr_text = "Could not initialize TLS"; rc = LDAP_UNAVAILABLE; goto done; } - conn->c_is_tls = 1; - conn->c_needs_tls_accept = 1; + op->o_conn->c_is_tls = 1; + op->o_conn->c_needs_tls_accept = 1; rc = LDAP_SUCCESS; done: /* give up connection lock */ - ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); /* * RACE CONDITION: we give up lock before sending result diff --git a/servers/slapd/tools/mimic.c b/servers/slapd/tools/mimic.c index baba886817..f5c1ca8972 100644 --- a/servers/slapd/tools/mimic.c +++ b/servers/slapd/tools/mimic.c @@ -22,7 +22,7 @@ const char Versionstr[] = ""; /* bogus ../results.c */ int str2result( char* s, - int *code, + int *code, char **matched, char **info ) { @@ -31,27 +31,14 @@ int str2result( } void -send_ldap_disconnect( - Connection *conn, - Operation *op, - ber_int_t err, - const char *text -) +send_ldap_disconnect( Operation *op, SlapReply *rs ) { assert(0); } void slap_send_ldap_extended( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, - struct berval *rspdata, - LDAPControl **ctrls + Operation *op, SlapReply *rs ) { assert(0); @@ -59,89 +46,39 @@ slap_send_ldap_extended( void slap_send_ldap_intermediate_resp( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - const char *rspoid, - struct berval *rspdata, - LDAPControl **ctrls + Operation *op, SlapReply *rs ) { assert(0); } void -send_ldap_sasl( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - LDAPControl **ctrls, - struct berval *cred -) +send_ldap_sasl( Operation *op, SlapReply *rs ) { assert(0); } void -slap_send_ldap_result( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - LDAPControl **ctrls -) +slap_send_ldap_result( Operation *op, SlapReply *rs ) { assert(0); } void -slap_send_search_result( - Connection *conn, - Operation *op, - ber_int_t err, - const char *matched, - const char *text, - BerVarray refs, - LDAPControl **ctrls, - int nentries -) +slap_send_search_result( Operation *op, SlapReply *rs ) { assert(0); } int -slap_send_search_entry( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - AttributeName *attrs, - int attrsonly, - LDAPControl **ctrls -) +slap_send_search_entry( Operation *op, SlapReply *rs ) { assert(0); return -1; } int -slap_send_search_reference( - Backend *be, - Connection *conn, - Operation *op, - Entry *e, - BerVarray refs, - LDAPControl **ctrls, - BerVarray *v2refs -) +slap_send_search_reference( Operation *op, SlapReply *rs ) { assert(0); return -1; @@ -157,15 +94,7 @@ int slap_sasl_destroy(void) return LDAP_SUCCESS; } -int slap_sasl_setpass( - Connection *conn, - Operation *op, - struct berval *reqoid, - struct berval *reqdata, - char **rspoid, - struct berval **rspdata, - LDAPControl *** rspctrls, - const char **text ) +int slap_sasl_setpass( Operation *op, SlapReply *rs ) { return LDAP_SUCCESS; } @@ -214,8 +143,7 @@ const char * connection_state2str( int state ) return NULL; } -void replog( Backend *be, Operation *op, - struct berval *dn, struct berval *ndn, void *change) +void replog( Operation *op ) { assert(0); } @@ -275,13 +203,10 @@ slapd_get_listeners(void) int slap_modrdn2mods( - Backend *be, - Connection *conn, - Operation *op, + Operation *op, SlapReply *rs, Entry *e, LDAPRDN *oldrdn, LDAPRDN *newrdn, - int deleteoldrdn, Modifications **pmod ) { return 0; diff --git a/servers/slapd/tools/slapcat.c b/servers/slapd/tools/slapcat.c index 96fd0c9caf..0cd0a30597 100644 --- a/servers/slapd/tools/slapcat.c +++ b/servers/slapd/tools/slapcat.c @@ -19,6 +19,7 @@ main( int argc, char **argv ) { ID id; int rc = EXIT_SUCCESS; + Operation op = {0}; slap_tool_init( "slapcat", SLAPCAT, argc, argv ); @@ -59,7 +60,8 @@ main( int argc, char **argv ) } data = entry2str( e, &len ); - be_entry_release_r( be, 0L, 0L, e ); + op.o_bd = be; + be_entry_release_r( &op, e ); if ( data == NULL ) { printf("# bad data for entry id=%08lx\n\n", (long) id ); diff --git a/servers/slapd/unbind.c b/servers/slapd/unbind.c index 44bc42a2e5..7515837d51 100644 --- a/servers/slapd/unbind.c +++ b/servers/slapd/unbind.c @@ -27,19 +27,15 @@ #include "slap.h" int -do_unbind( - Connection *conn, - Operation *op -) +do_unbind( Operation *op, SlapReply *rs ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ENTRY, - "do_unbind: conn %d\n", conn ? conn->c_connid : -1, 0, 0 ); + "do_unbind: conn %d\n", op->o_connid : -1, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "do_unbind\n", 0, 0, 0 ); #endif - /* * Parse the unbind request. It looks like this: * @@ -50,7 +46,7 @@ do_unbind( op->o_opid, 0, 0, 0 ); /* pass the unbind to all backends */ - backend_unbind( conn, op ); + backend_unbind( op, rs ); return 0; }