int
bdb_referrals( Operation *op, SlapReply *rs )
{
struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
Entry *e = NULL;
EntryInfo *ei;
int rc = LDAP_SUCCESS;
BDB_LOCKER locker;
DB_LOCK lock;
if( op->o_tag == LDAP_REQ_SEARCH ) {
/* let search take care of itself */
return rc;
}
if( get_manageDSAit( op ) ) {
/* let op take care of DSA management */
return rc;
}
rc = LOCK_ID(bdb->bi_dbenv, &locker);
switch(rc) {
case 0:
break;
default:
return LDAP_OTHER;
}
dn2entry_retry:
/* get entry */
rc = bdb_dn2entry( op, NULL, &op->o_req_ndn, &ei, 1, locker, &lock );
/* bdb_dn2entry() may legally leave ei == NULL
* if rc != 0 and rc != DB_NOTFOUND
*/
if ( ei ) {
e = ei->bei_e;
}
switch(rc) {
case DB_NOTFOUND:
case 0:
break;
case LDAP_BUSY:
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
rs->sr_text = "ldap server busy";
return LDAP_BUSY;
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto dn2entry_retry;
default:
Debug( LDAP_DEBUG_TRACE,
LDAP_XSTRING(bdb_referrals)
": dn2entry failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
rs->sr_text = "internal error";
return LDAP_OTHER;
}
if ( rc == DB_NOTFOUND ) {
rc = LDAP_SUCCESS;
rs->sr_matched = NULL;
if ( e != NULL ) {
Debug( LDAP_DEBUG_TRACE,
LDAP_XSTRING(bdb_referrals)
": tag=%lu target=\"%s\" matched=\"%s\"\n",
(unsigned long)op->o_tag, op->o_req_dn.bv_val, e->e_name.bv_val );
if( is_entry_referral( e ) ) {
BerVarray ref = get_entry_referrals( op, e );
rc = LDAP_OTHER;
rs->sr_ref = referral_rewrite( ref, &e->e_name,
&op->o_req_dn, LDAP_SCOPE_DEFAULT );
ber_bvarray_free( ref );
if ( rs->sr_ref ) {
rs->sr_matched = ber_strdup_x(
e->e_name.bv_val, op->o_tmpmemctx );
}
}
bdb_cache_return_entry_r (bdb, e, &lock);
e = NULL;
}
if( rs->sr_ref != NULL ) {
/* send referrals */
rc = rs->sr_err = LDAP_REFERRAL;
send_ldap_result( op, rs );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
} else if ( rc != LDAP_SUCCESS ) {
rs->sr_text = rs->sr_matched ? "bad referral object" : NULL;
}
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
if (rs->sr_matched) {
op->o_tmpfree( (char *)rs->sr_matched, op->o_tmpmemctx );
rs->sr_matched = NULL;
}
return rc;
}
if ( is_entry_referral( e ) ) {
/* entry is a referral */
BerVarray refs = get_entry_referrals( op, e );
rs->sr_ref = referral_rewrite(
refs, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
Debug( LDAP_DEBUG_TRACE,
LDAP_XSTRING(bdb_referrals)
": tag=%lu target=\"%s\" matched=\"%s\"\n",
(unsigned long)op->o_tag, op->o_req_dn.bv_val, e->e_name.bv_val );
rs->sr_matched = e->e_name.bv_val;
if( rs->sr_ref != NULL ) {
rc = rs->sr_err = LDAP_REFERRAL;
send_ldap_result( op, rs );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
} else {
rc = LDAP_OTHER;
rs->sr_text = "bad referral object";
}
rs->sr_matched = NULL;
ber_bvarray_free( refs );
}
bdb_cache_return_entry_r(bdb, e, &lock);
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
return rc;
}
int
bdb_compare( Operation *op, SlapReply *rs )
{
struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
Entry *e = NULL;
EntryInfo *ei;
Attribute *a;
int manageDSAit = get_manageDSAit( op );
BDB_LOCKER locker;
DB_LOCK lock;
rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker);
switch(rs->sr_err) {
case 0:
break;
default:
send_ldap_error( op, rs, LDAP_OTHER, "internal error" );
return rs->sr_err;
}
dn2entry_retry:
/* get entry */
rs->sr_err = bdb_dn2entry( op, NULL, &op->o_req_ndn, &ei, 1,
locker, &lock );
switch( rs->sr_err ) {
case DB_NOTFOUND:
case 0:
break;
case LDAP_BUSY:
rs->sr_text = "ldap server busy";
goto return_results;
case DB_LOCK_DEADLOCK:
case DB_LOCK_NOTGRANTED:
goto dn2entry_retry;
default:
rs->sr_err = LDAP_OTHER;
rs->sr_text = "internal error";
goto return_results;
}
e = ei->bei_e;
if ( rs->sr_err == DB_NOTFOUND ) {
if ( e != NULL ) {
/* return referral only if "disclose" is granted on the object */
if ( ! access_allowed( op, e, slap_schema.si_ad_entry,
NULL, ACL_DISCLOSE, NULL ) )
{
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else {
rs->sr_matched = ch_strdup( e->e_dn );
rs->sr_ref = is_entry_referral( e )
? get_entry_referrals( op, e )
: NULL;
rs->sr_err = LDAP_REFERRAL;
}
bdb_cache_return_entry_r( bdb, e, &lock );
e = NULL;
} else {
rs->sr_ref = referral_rewrite( default_referral,
NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
rs->sr_err = rs->sr_ref ? LDAP_REFERRAL : LDAP_NO_SUCH_OBJECT;
}
send_ldap_result( op, rs );
ber_bvarray_free( rs->sr_ref );
free( (char *)rs->sr_matched );
rs->sr_ref = NULL;
rs->sr_matched = NULL;
goto done;
}
if (!manageDSAit && is_entry_referral( e ) ) {
/* return referral only if "disclose" is granted on the object */
if ( !access_allowed( op, e, slap_schema.si_ad_entry,
NULL, ACL_DISCLOSE, NULL ) )
{
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else {
/* entry is a referral, don't allow compare */
rs->sr_ref = get_entry_referrals( op, e );
rs->sr_err = LDAP_REFERRAL;
rs->sr_matched = e->e_name.bv_val;
}
Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0, 0, 0 );
send_ldap_result( op, rs );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
rs->sr_matched = NULL;
goto done;
}
if ( get_assert( op ) &&
( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
{
if ( !access_allowed( op, e, slap_schema.si_ad_entry,
NULL, ACL_DISCLOSE, NULL ) )
{
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else {
rs->sr_err = LDAP_ASSERTION_FAILED;
}
goto return_results;
}
if ( !access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
&op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL ) )
{
/* return error only if "disclose"
* is granted on the object */
if ( !access_allowed( op, e, slap_schema.si_ad_entry,
NULL, ACL_DISCLOSE, NULL ) )
{
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else {
rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
}
goto return_results;
}
rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
a != NULL;
a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ) )
{
rs->sr_err = LDAP_COMPARE_FALSE;
if ( attr_valfind( a,
SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
&op->oq_compare.rs_ava->aa_value, NULL,
op->o_tmpmemctx ) == 0 )
{
rs->sr_err = LDAP_COMPARE_TRUE;
break;
}
}
return_results:
send_ldap_result( op, rs );
switch ( rs->sr_err ) {
case LDAP_COMPARE_FALSE:
case LDAP_COMPARE_TRUE:
rs->sr_err = LDAP_SUCCESS;
break;
}
done:
/* free entry */
if ( e != NULL ) {
bdb_cache_return_entry_r( bdb, e, &lock );
}
LOCK_ID_FREE ( bdb->bi_dbenv, locker );
return rs->sr_err;
}
int
bdb_search(
BackendDB *be,
Connection *conn,
Operation *op,
struct berval *base,
struct berval *nbase,
int scope,
int deref,
int slimit,
int tlimit,
Filter *filter,
struct berval *filterstr,
AttributeName *attrs,
int attrsonly )
{
struct bdb_info *bdb = (struct bdb_info *) be->be_private;
int rc;
const char *text = NULL;
time_t stoptime;
ID id, cursor;
ID candidates[BDB_IDL_UM_SIZE];
Entry *e = NULL;
BerVarray v2refs = NULL;
Entry *matched = NULL;
struct berval realbase = { 0, NULL };
int nentries = 0;
int manageDSAit;
int tentries = 0;
ID lastid = NOID;
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
Filter cookief, csnfnot, csnfeq, csnfand, csnfge;
AttributeAssertion aa_ge, aa_eq;
int entry_count = 0;
struct berval latest_entrycsn_bv = { 0, NULL };
LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS];
int num_ctrls = 0;
#endif
#ifdef LDAP_SYNC
int rc_sync = 0;
int entry_sync_state = -1;
AttributeName null_attr;
#endif
struct slap_limits_set *limit = NULL;
int isroot = 0;
u_int32_t locker = 0;
DB_LOCK lock;
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ENTRY, "bdb_back_search\n", 0, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n",
0, 0, 0);
#endif
#ifdef LDAP_CLIENT_UPDATE
if ( op->o_clientupdate_type & SLAP_LCUP_PERSIST ) {
bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit,
tlimit, filter, filterstr, attrs, attrsonly, LDAP_CLIENT_UPDATE );
return LDAP_SUCCESS;
}
#endif
#if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC)
else
#endif
#ifdef LDAP_SYNC
/* psearch needs to be registered before refresh begins */
/* psearch and refresh transmission is serialized in send_ldap_ber() */
if ( op->o_sync_mode & SLAP_SYNC_PERSIST ) {
bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit,
tlimit, filter, filterstr, attrs, attrsonly, LDAP_SYNC );
}
null_attr.an_desc = NULL;
null_attr.an_oc = NULL;
null_attr.an_name.bv_len = 0;
null_attr.an_name.bv_val = NULL;
#endif
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ )
ctrls[num_ctrls] = NULL;
num_ctrls = 0;
#endif
manageDSAit = get_manageDSAit( op );
rc = LOCK_ID (bdb->bi_dbenv, &locker );
switch(rc) {
case 0:
break;
default:
send_ldap_result( conn, op, rc=LDAP_OTHER,
NULL, "internal error", NULL, NULL );
return rc;
}
if ( nbase->bv_len == 0 ) {
/* DIT root special case */
e = (Entry *) &slap_entry_root;
rc = 0;
} else
#ifdef BDB_ALIASES
/* get entry with reader lock */
if ( deref & LDAP_DEREF_FINDING ) {
e = deref_dn_r( be, nbase-, &err, &matched, &text );
} else
