int bdb_referrals( Operation *op, SlapReply *rs ) { struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *e = NULL; EntryInfo *ei; int rc = LDAP_SUCCESS; BDB_LOCKER locker; DB_LOCK lock; if( op->o_tag == LDAP_REQ_SEARCH ) { /* let search take care of itself */ return rc; } if( get_manageDSAit( op ) ) { /* let op take care of DSA management */ return rc; } rc = LOCK_ID(bdb->bi_dbenv, &locker); switch(rc) { case 0: break; default: return LDAP_OTHER; } dn2entry_retry: /* get entry */ rc = bdb_dn2entry( op, NULL, &op->o_req_ndn, &ei, 1, locker, &lock ); /* bdb_dn2entry() may legally leave ei == NULL * if rc != 0 and rc != DB_NOTFOUND */ if ( ei ) { e = ei->bei_e; } switch(rc) { case DB_NOTFOUND: case 0: break; case LDAP_BUSY: LOCK_ID_FREE ( bdb->bi_dbenv, locker ); rs->sr_text = "ldap server busy"; return LDAP_BUSY; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto dn2entry_retry; default: Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_referrals) ": dn2entry failed: %s (%d)\n", db_strerror(rc), rc, 0 ); LOCK_ID_FREE ( bdb->bi_dbenv, locker ); rs->sr_text = "internal error"; return LDAP_OTHER; } if ( rc == DB_NOTFOUND ) { rc = LDAP_SUCCESS; rs->sr_matched = NULL; if ( e != NULL ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_referrals) ": tag=%lu target=\"%s\" matched=\"%s\"\n", (unsigned long)op->o_tag, op->o_req_dn.bv_val, e->e_name.bv_val ); if( is_entry_referral( e ) ) { BerVarray ref = get_entry_referrals( op, e ); rc = LDAP_OTHER; rs->sr_ref = referral_rewrite( ref, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); ber_bvarray_free( ref ); if ( rs->sr_ref ) { rs->sr_matched = ber_strdup_x( e->e_name.bv_val, op->o_tmpmemctx ); } } bdb_cache_return_entry_r (bdb, e, &lock); e = NULL; } if( rs->sr_ref != NULL ) { /* send referrals */ rc = rs->sr_err = LDAP_REFERRAL; send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); rs->sr_ref = NULL; } else if ( rc != LDAP_SUCCESS ) { rs->sr_text = rs->sr_matched ? "bad referral object" : NULL; } LOCK_ID_FREE ( bdb->bi_dbenv, locker ); if (rs->sr_matched) { op->o_tmpfree( (char *)rs->sr_matched, op->o_tmpmemctx ); rs->sr_matched = NULL; } return rc; } if ( is_entry_referral( e ) ) { /* entry is a referral */ BerVarray refs = get_entry_referrals( op, e ); rs->sr_ref = referral_rewrite( refs, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_referrals) ": tag=%lu target=\"%s\" matched=\"%s\"\n", (unsigned long)op->o_tag, op->o_req_dn.bv_val, e->e_name.bv_val ); rs->sr_matched = e->e_name.bv_val; if( rs->sr_ref != NULL ) { rc = rs->sr_err = LDAP_REFERRAL; send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); rs->sr_ref = NULL; } else { rc = LDAP_OTHER; rs->sr_text = "bad referral object"; } rs->sr_matched = NULL; ber_bvarray_free( refs ); } bdb_cache_return_entry_r(bdb, e, &lock); LOCK_ID_FREE ( bdb->bi_dbenv, locker ); return rc; }
int bdb_compare( Operation *op, SlapReply *rs ) { struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *e = NULL; EntryInfo *ei; Attribute *a; int manageDSAit = get_manageDSAit( op ); BDB_LOCKER locker; DB_LOCK lock; rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker); switch(rs->sr_err) { case 0: break; default: send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); return rs->sr_err; } dn2entry_retry: /* get entry */ rs->sr_err = bdb_dn2entry( op, NULL, &op->o_req_ndn, &ei, 1, locker, &lock ); switch( rs->sr_err ) { case DB_NOTFOUND: case 0: break; case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto dn2entry_retry; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } e = ei->bei_e; if ( rs->sr_err == DB_NOTFOUND ) { if ( e != NULL ) { /* return referral only if "disclose" is granted on the object */ if ( ! access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { rs->sr_matched = ch_strdup( e->e_dn ); rs->sr_ref = is_entry_referral( e ) ? get_entry_referrals( op, e ) : NULL; rs->sr_err = LDAP_REFERRAL; } bdb_cache_return_entry_r( bdb, e, &lock ); e = NULL; } else { rs->sr_ref = referral_rewrite( default_referral, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); rs->sr_err = rs->sr_ref ? LDAP_REFERRAL : LDAP_NO_SUCH_OBJECT; } send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); free( (char *)rs->sr_matched ); rs->sr_ref = NULL; rs->sr_matched = NULL; goto done; } if (!manageDSAit && is_entry_referral( e ) ) { /* return referral only if "disclose" is granted on the object */ if ( !access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { /* entry is a referral, don't allow compare */ rs->sr_ref = get_entry_referrals( op, e ); rs->sr_err = LDAP_REFERRAL; rs->sr_matched = e->e_name.bv_val; } Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0, 0, 0 ); send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); rs->sr_ref = NULL; rs->sr_matched = NULL; goto done; } if ( get_assert( op ) && ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE )) { if ( !access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { rs->sr_err = LDAP_ASSERTION_FAILED; } goto return_results; } if ( !access_allowed( op, e, op->oq_compare.rs_ava->aa_desc, &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL ) ) { /* return error only if "disclose" * is granted on the object */ if ( !access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { rs->sr_err = LDAP_INSUFFICIENT_ACCESS; } goto return_results; } rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE; for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc ); a != NULL; a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ) ) { rs->sr_err = LDAP_COMPARE_FALSE; if ( attr_valfind( a, SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH | SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH, &op->oq_compare.rs_ava->aa_value, NULL, op->o_tmpmemctx ) == 0 ) { rs->sr_err = LDAP_COMPARE_TRUE; break; } } return_results: send_ldap_result( op, rs ); switch ( rs->sr_err ) { case LDAP_COMPARE_FALSE: case LDAP_COMPARE_TRUE: rs->sr_err = LDAP_SUCCESS; break; } done: /* free entry */ if ( e != NULL ) { bdb_cache_return_entry_r( bdb, e, &lock ); } LOCK_ID_FREE ( bdb->bi_dbenv, locker ); return rs->sr_err; }
int bdb_search( BackendDB *be, Connection *conn, Operation *op, struct berval *base, struct berval *nbase, int scope, int deref, int slimit, int tlimit, Filter *filter, struct berval *filterstr, AttributeName *attrs, int attrsonly ) { struct bdb_info *bdb = (struct bdb_info *) be->be_private; int rc; const char *text = NULL; time_t stoptime; ID id, cursor; ID candidates[BDB_IDL_UM_SIZE]; Entry *e = NULL; BerVarray v2refs = NULL; Entry *matched = NULL; struct berval realbase = { 0, NULL }; int nentries = 0; int manageDSAit; int tentries = 0; ID lastid = NOID; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) Filter cookief, csnfnot, csnfeq, csnfand, csnfge; AttributeAssertion aa_ge, aa_eq; int entry_count = 0; struct berval latest_entrycsn_bv = { 0, NULL }; LDAPControl *ctrls[SLAP_SEARCH_MAX_CTRLS]; int num_ctrls = 0; #endif #ifdef LDAP_SYNC int rc_sync = 0; int entry_sync_state = -1; AttributeName null_attr; #endif struct slap_limits_set *limit = NULL; int isroot = 0; u_int32_t locker = 0; DB_LOCK lock; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ENTRY, "bdb_back_search\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "=> bdb_back_search\n", 0, 0, 0); #endif #ifdef LDAP_CLIENT_UPDATE if ( op->o_clientupdate_type & SLAP_LCUP_PERSIST ) { bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit, tlimit, filter, filterstr, attrs, attrsonly, LDAP_CLIENT_UPDATE ); return LDAP_SUCCESS; } #endif #if defined(LDAP_CLIENT_UPDATE) && defined(LDAP_SYNC) else #endif #ifdef LDAP_SYNC /* psearch needs to be registered before refresh begins */ /* psearch and refresh transmission is serialized in send_ldap_ber() */ if ( op->o_sync_mode & SLAP_SYNC_PERSIST ) { bdb_add_psearch_spec( be, conn, op, base, base, scope, deref, slimit, tlimit, filter, filterstr, attrs, attrsonly, LDAP_SYNC ); } null_attr.an_desc = NULL; null_attr.an_oc = NULL; null_attr.an_name.bv_len = 0; null_attr.an_name.bv_val = NULL; #endif #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) for ( num_ctrls = 0; num_ctrls < SLAP_SEARCH_MAX_CTRLS; num_ctrls++ ) ctrls[num_ctrls] = NULL; num_ctrls = 0; #endif manageDSAit = get_manageDSAit( op ); rc = LOCK_ID (bdb->bi_dbenv, &locker ); switch(rc) { case 0: break; default: send_ldap_result( conn, op, rc=LDAP_OTHER, NULL, "internal error", NULL, NULL ); return rc; } if ( nbase->bv_len == 0 ) { /* DIT root special case */ e = (Entry *) &slap_entry_root; rc = 0; } else #ifdef BDB_ALIASES /* get entry with reader lock */ if ( deref & LDAP_DEREF_FINDING ) { e = deref_dn_r( be, nbase-, &err, &matched, &text ); } else