Added libldap TLS_PROTOCOL_MIN (ITS#5655)
Added libldap GnuTLS support for TLS_CIPHER_SUITE (ITS#5887)
Added libldap GnuTLS setting random file (ITS#5462)
+ Added libldap alias dereferencing in C API (ITS#5916)
Fixed libldap avl to macroize constants (ITS#5909)
Fixed libldap deref handling (ITS#5768)
Fixed libldap peer cert memory leak (ITS#5849)
Fixed slapd-hdb idlcache with empty suffix (ITS#5859)
Fixed slapd-ldap idassert-bind validity checking (ITS#5863)
Fixed slapd-ldap/meta RFC4525 increment support (ITS#5912)
+ Fixed slapd-ldap/meta search dereferencing (ITS#5916)
Fixed slapd-ldif numerous bugs (ITS#5408)
Fixed slapd-ldif rename on same DN (ITS#5319)
Fixed slapd-ldif deadlock (ITS#5329)
ldap_bv2escaped_filter_value_x LDAP_P(( struct berval *in, struct berval *out,
int inplace, void *ctx ));
+LDAP_F (int) ldap_pvt_search LDAP_P((
+ struct ldap *ld,
+ LDAP_CONST char *base,
+ int scope,
+ LDAP_CONST char *filter,
+ char **attrs,
+ int attrsonly,
+ struct ldapcontrol **sctrls,
+ struct ldapcontrol **cctrls,
+ struct timeval *timeout,
+ int sizelimit,
+ int deref,
+ int *msgidp ));
+
+LDAP_F(int) ldap_pvt_search_s LDAP_P((
+ struct ldap *ld,
+ LDAP_CONST char *base,
+ int scope,
+ LDAP_CONST char *filter,
+ char **attrs,
+ int attrsonly,
+ struct ldapcontrol **sctrls,
+ struct ldapcontrol **cctrls,
+ struct timeval *timeout,
+ int sizelimit,
+ int deref,
+ struct ldapmsg **res ));
+
/* string.c */
LDAP_F( char * )
ldap_pvt_str2upper LDAP_P(( char *str ));
LDAPControl **cctrls,
ber_int_t timelimit,
ber_int_t sizelimit,
+ ber_int_t deref,
ber_int_t *msgidp));
struct timeval *timeout,
int sizelimit,
int *msgidp )
+{
+ return ldap_pvt_search( ld, base, scope, filter, attrs,
+ attrsonly, sctrls, cctrls, timeout, sizelimit, -1, msgidp );
+}
+
+int
+ldap_pvt_search(
+ LDAP *ld,
+ LDAP_CONST char *base,
+ int scope,
+ LDAP_CONST char *filter,
+ char **attrs,
+ int attrsonly,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ struct timeval *timeout,
+ int sizelimit,
+ int deref,
+ int *msgidp )
{
int rc;
BerElement *ber;
}
ber = ldap_build_search_req( ld, base, scope, filter, attrs,
- attrsonly, sctrls, cctrls, timelimit, sizelimit, &id );
+ attrsonly, sctrls, cctrls, timelimit, sizelimit, deref, &id );
if ( ber == NULL ) {
return ld->ld_errno;
struct timeval *timeout,
int sizelimit,
LDAPMessage **res )
+{
+ return ldap_pvt_search_s( ld, base, scope, filter, attrs,
+ attrsonly, sctrls, cctrls, timeout, sizelimit, -1, res );
+}
+
+int
+ldap_pvt_search_s(
+ LDAP *ld,
+ LDAP_CONST char *base,
+ int scope,
+ LDAP_CONST char *filter,
+ char **attrs,
+ int attrsonly,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ struct timeval *timeout,
+ int sizelimit,
+ int deref,
+ LDAPMessage **res )
{
int rc;
int msgid;
- rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
- sctrls, cctrls, timeout, sizelimit, &msgid );
+ rc = ldap_pvt_search( ld, base, scope, filter, attrs, attrsonly,
+ sctrls, cctrls, timeout, sizelimit, deref, &msgid );
if ( rc != LDAP_SUCCESS ) {
return( rc );
assert( LDAP_VALID( ld ) );
ber = ldap_build_search_req( ld, base, scope, filter, attrs,
- attrsonly, NULL, NULL, -1, -1, &id );
+ attrsonly, NULL, NULL, -1, -1, -1, &id );
if ( ber == NULL ) {
return( -1 );
LDAPControl **cctrls,
ber_int_t timelimit,
ber_int_t sizelimit,
+ ber_int_t deref,
ber_int_t *idp)
{
BerElement *ber;
char *dn = ld->ld_options.ldo_cldapdn;
if (!dn) dn = "";
err = ber_printf( ber, "{ist{seeiib", *idp, dn,
- LDAP_REQ_SEARCH, base, (ber_int_t) scope, ld->ld_deref,
+ LDAP_REQ_SEARCH, base, (ber_int_t) scope,
+ (deref < 0) ? ld->ld_deref : deref,
(sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
(timelimit < 0) ? ld->ld_timelimit : timelimit,
attrsonly );
* to map attrs and maybe rewrite value
*/
- /* should we check return values? */
- if ( op->ors_deref != -1 ) {
- ldap_set_option( lc->lc_ld, LDAP_OPT_DEREF,
- (void *)&op->ors_deref );
- }
-
if ( op->ors_tlimit != SLAP_NO_LIMIT ) {
tv.tv_sec = op->ors_tlimit;
tv.tv_usec = 0;
/* deal with <draft-zeilenga-ldap-t-f> filters */
filter = op->ors_filterstr;
retry:
- rs->sr_err = ldap_search_ext( lc->lc_ld, op->o_req_dn.bv_val,
+ rs->sr_err = ldap_pvt_search( lc->lc_ld, op->o_req_dn.bv_val,
op->ors_scope, filter.bv_val,
attrs, op->ors_attrsonly, ctrls, NULL,
tv.tv_sec ? &tv : NULL,
- op->ors_slimit, &msgid );
+ op->ors_slimit, op->ors_deref, &msgid );
if ( rs->sr_err != LDAP_SUCCESS ) {
switch ( rs->sr_err ) {
}
/* TODO: timeout? */
- rc = ldap_search_ext_s( lc->lc_ld, ndn->bv_val, LDAP_SCOPE_BASE, filter,
+ rc = ldap_pvt_search_s( lc->lc_ld, ndn->bv_val, LDAP_SCOPE_BASE, filter,
attrp, 0, ctrls, NULL,
- NULL, LDAP_NO_LIMIT, &result );
+ NULL, LDAP_NO_LIMIT, op->ors_deref, &result );
if ( rc != LDAP_SUCCESS ) {
if ( rc == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
}
retry:;
- /* should we check return values? */
- if ( op->ors_deref != -1 ) {
- assert( msc->msc_ld != NULL );
- (void)ldap_set_option( msc->msc_ld, LDAP_OPT_DEREF,
- ( void * )&op->ors_deref );
- }
-
ctrls = op->o_ctrls;
if ( meta_back_controls_add( op, rs, *mcp, candidate, &ctrls )
!= LDAP_SUCCESS )
* Starts the search
*/
assert( msc->msc_ld != NULL );
- rc = ldap_search_ext( msc->msc_ld,
+ rc = ldap_pvt_search( msc->msc_ld,
mbase.bv_val, realscope, mfilter.bv_val,
mapped_attrs, op->ors_attrsonly,
- ctrls, NULL, tvp, op->ors_slimit,
+ ctrls, NULL, tvp, op->ors_slimit, op->ors_deref,
&candidates[ candidate ].sr_msgid );
switch ( rc ) {
case LDAP_SUCCESS: