more new API ...

This commit is contained in:
Pierangelo Masarati 2003-04-02 22:58:02 +00:00
parent 8ecfc4e1db
commit 09b92f0aeb
5 changed files with 228 additions and 149 deletions

View File

@ -20,17 +20,9 @@
#include "entry-id.h" #include "entry-id.h"
int int
backsql_bind( backsql_bind( Operation *op, SlapReply *rs )
BackendDB *be,
Connection *conn,
Operation *op,
struct berval *dn,
struct berval *ndn,
int method,
struct berval *cred,
struct berval *edn )
{ {
backsql_info *bi = (backsql_info*)be->be_private; backsql_info *bi = (backsql_info*)op->o_bd->be_private;
backsql_entryID user_id; backsql_entryID user_id;
SQLHDBC dbh; SQLHDBC dbh;
AttributeDescription *password = slap_schema.si_ad_userPassword; AttributeDescription *password = slap_schema.si_ad_userPassword;
@ -41,73 +33,74 @@ backsql_bind(
Debug( LDAP_DEBUG_TRACE, "==>backsql_bind()\n", 0, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "==>backsql_bind()\n", 0, 0, 0 );
if ( be_isroot_pw( be, conn, ndn, cred ) ) { if ( be_isroot_pw( op ) ) {
ber_dupbv( edn, be_root_dn( be ) ); ber_dupbv( &op->oq_bind.rb_edn, be_root_dn( op->o_bd ) );
Debug( LDAP_DEBUG_TRACE, "<==backsql_bind() root bind\n", Debug( LDAP_DEBUG_TRACE, "<==backsql_bind() root bind\n",
0, 0, 0 ); 0, 0, 0 );
return LDAP_SUCCESS; return 0;
} }
ber_dupbv( edn, ndn ); ber_dupbv( &op->oq_bind.rb_edn, &op->o_req_ndn );
if ( method != LDAP_AUTH_SIMPLE ) { if ( op->oq_bind.rb_method != LDAP_AUTH_SIMPLE ) {
send_ldap_result( conn, op, LDAP_STRONG_AUTH_NOT_SUPPORTED, rs->sr_err = LDAP_STRONG_AUTH_NOT_SUPPORTED;
NULL, "authentication method not supported", rs->sr_text = "authentication method not supported";
NULL, NULL ); send_ldap_result( op, rs );
return 1; return 1;
} }
/* /*
* method = LDAP_AUTH_SIMPLE * method = LDAP_AUTH_SIMPLE
*/ */
rc = backsql_get_db_conn( be, conn, &dbh ); rs->sr_err = backsql_get_db_conn( op->o_bd, op->o_conn, &dbh );
if (!dbh) { if (!dbh) {
Debug( LDAP_DEBUG_TRACE, "backsql_bind(): " Debug( LDAP_DEBUG_TRACE, "backsql_bind(): "
"could not get connection handle - exiting\n", "could not get connection handle - exiting\n",
0, 0, 0 ); 0, 0, 0 );
send_ldap_result( conn, op, rc, "",
rc == LDAP_OTHER ? "SQL-backend error" : "", rs->sr_text = ( rs->sr_err == LDAP_OTHER )
NULL, NULL ); ? "SQL-backend error" : NULL;
send_ldap_result( op, rs );
return 1; return 1;
} }
if ( backsql_dn2id( bi, &user_id, dbh, ndn ) != LDAP_SUCCESS ) { rc = backsql_dn2id( bi, &user_id, dbh, &op->o_req_ndn );
if ( rc != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_bind(): " Debug( LDAP_DEBUG_TRACE, "backsql_bind(): "
"could not retrieve bind dn id - no such entry\n", "could not retrieve bind dn id - no such entry\n",
0, 0, 0 ); 0, 0, 0 );
send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS, rs->sr_err = LDAP_INVALID_CREDENTIALS;
NULL, NULL, NULL, NULL ); send_ldap_result( op, rs );
return 1; return 1;
} }
backsql_init_search( &bsi, bi, ndn, LDAP_SCOPE_BASE, -1, -1, -1, backsql_init_search( &bsi, bi, &op->o_req_ndn, LDAP_SCOPE_BASE,
NULL, dbh, be, conn, op, NULL ); -1, -1, -1, NULL, dbh, op->o_bd, op->o_conn, op, NULL );
e = backsql_id2entry( &bsi, &user_entry, &user_id ); e = backsql_id2entry( &bsi, &user_entry, &user_id );
if ( e == NULL ) { if ( e == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_bind(): " Debug( LDAP_DEBUG_TRACE, "backsql_bind(): "
"error in backsql_id2entry() - auth failed\n", "error in backsql_id2entry() - auth failed\n",
0, 0, 0 ); 0, 0, 0 );
send_ldap_result( conn, op, LDAP_OTHER, rs->sr_err = LDAP_OTHER;
NULL, NULL, NULL, NULL ); send_ldap_result( op, rs );
return 1; return 1;
} }
if ( ! access_allowed( be, conn, op, e, password, NULL, if ( ! access_allowed( op, e, password, NULL, ACL_AUTH, NULL ) ) {
ACL_AUTH, NULL ) ) { rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, send_ldap_result( op, rs );
NULL, NULL, NULL, NULL );
return 1; return 1;
} }
if ( ( a = attr_find( e->e_attrs, password ) ) == NULL ) { if ( ( a = attr_find( e->e_attrs, password ) ) == NULL ) {
send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH, rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
NULL, NULL, NULL, NULL ); send_ldap_result( op, rs );
return 1; return 1;
} }
if ( slap_passwd_check( conn, a, cred ) != 0 ) { if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred ) != 0 ) {
send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS, rs->sr_err = LDAP_INVALID_CREDENTIALS;
NULL, NULL, NULL, NULL ); send_ldap_result( op, rs );
return 1; return 1;
} }
@ -115,17 +108,5 @@ backsql_bind(
return 0; return 0;
} }
int
backsql_unbind(
BackendDB *be,
Connection *conn,
Operation *op )
{
Debug( LDAP_DEBUG_TRACE, "==>backsql_unbind()\n", 0, 0, 0 );
send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL, NULL, 0 );
Debug( LDAP_DEBUG_TRACE, "<==backsql_unbind()\n", 0, 0, 0 );
return 0;
}
#endif /* SLAPD_SQL */ #endif /* SLAPD_SQL */

View File

@ -14,7 +14,7 @@
LDAP_BEGIN_DECL LDAP_BEGIN_DECL
extern BI_init sql_back_initialize; extern BI_init sql_back_initialize;
extern BI_destroy backsql_destroy; extern BI_destroy backsql_destroy;
extern BI_db_init backsql_db_init; extern BI_db_init backsql_db_init;
@ -25,14 +25,12 @@ extern BI_db_destroy backsql_db_destroy;
extern BI_db_config backsql_db_config; extern BI_db_config backsql_db_config;
extern BI_op_bind backsql_bind; extern BI_op_bind backsql_bind;
extern BI_op_unbind backsql_unbind;
extern BI_op_search backsql_search; extern BI_op_search backsql_search;
extern BI_op_compare backsql_compare; extern BI_op_compare backsql_compare;
extern BI_op_modify backsql_modify; extern BI_op_modify backsql_modify;
extern BI_op_modrdn backsql_modrdn; extern BI_op_modrdn backsql_modrdn;
extern BI_op_add backsql_add; extern BI_op_add backsql_add;
extern BI_op_delete backsql_delete; extern BI_op_delete backsql_delete;
extern BI_op_abandon backsql_abandon;
extern BI_operational backsql_operational; extern BI_operational backsql_operational;

View File

@ -68,15 +68,10 @@ sql_back_initialize(
bi->bi_db_close = backsql_db_close; bi->bi_db_close = backsql_db_close;
bi->bi_db_destroy = backsql_db_destroy; bi->bi_db_destroy = backsql_db_destroy;
#ifdef BACKSQL_ALL_DONE
bi->bi_op_abandon = backsql_abandon;
bi->bi_op_compare = backsql_compare;
#else
bi->bi_op_abandon = 0; bi->bi_op_abandon = 0;
bi->bi_op_compare = 0; bi->bi_op_compare = backsql_compare;
#endif
bi->bi_op_bind = backsql_bind; bi->bi_op_bind = backsql_bind;
bi->bi_op_unbind = backsql_unbind; bi->bi_op_unbind = 0;
bi->bi_op_search = backsql_search; bi->bi_op_search = backsql_search;
bi->bi_op_modify = backsql_modify; bi->bi_op_modify = backsql_modify;
bi->bi_op_modrdn = backsql_modrdn; bi->bi_op_modrdn = backsql_modrdn;

View File

@ -17,34 +17,106 @@
#include "back-sql.h" #include "back-sql.h"
#include "sql-wrap.h" #include "sql-wrap.h"
#include "entry-id.h" #include "entry-id.h"
#include "util.h"
int int
backsql_compare( backsql_compare( Operation *op, SlapReply *rs )
/*
BackendDB *bd, BackendDB *bd,
Connection *conn, Connection *conn,
Operation *op, Operation *op,
struct berval *dn, struct berval *dn,
struct berval *ndn, struct berval *ndn,
AttributeAssertion *ava ) AttributeAssertion *ava ) */
{ {
Debug( LDAP_DEBUG_TRACE, "==>backsql_compare() - not implemented\n", backsql_info *bi = (backsql_info*)op->o_bd->be_private;
backsql_entryID user_id;
SQLHDBC dbh;
Entry *e, user_entry;
Attribute *a;
backsql_srch_info bsi;
int rc;
AttributeName anlist[2];
Debug( LDAP_DEBUG_TRACE, "==>backsql_compare()\n", 0, 0, 0 );
rs->sr_err = backsql_get_db_conn( op->o_bd, op->o_conn, &dbh );
if (!dbh) {
Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
"could not get connection handle - exiting\n",
0, 0, 0 ); 0, 0, 0 );
return 1;
rs->sr_text = ( rs->sr_err == LDAP_OTHER )
? "SQL-backend error" : NULL;
goto return_results;
}
rc = backsql_dn2id( bi, &user_id, dbh, &op->o_req_ndn );
if ( rc != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
"could not retrieve bind dn id - no such entry\n",
0, 0, 0 );
rs->sr_err = LDAP_INVALID_CREDENTIALS;
goto return_results;
}
anlist[0].an_name = op->oq_compare.rs_ava->aa_desc->ad_cname;
anlist[0].an_desc = op->oq_compare.rs_ava->aa_desc;
anlist[1].an_name.bv_val = NULL;
backsql_init_search( &bsi, bi, &op->o_req_ndn, LDAP_SCOPE_BASE,
-1, -1, -1, NULL, dbh, op->o_bd, op->o_conn, op,
anlist);
e = backsql_id2entry( &bsi, &user_entry, &user_id );
if ( e == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
"error in backsql_id2entry() - auth failed\n",
0, 0, 0 );
rs->sr_err = LDAP_OTHER;
goto return_results;
}
if ( ! access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
&op->oq_compare.rs_ava->aa_value,
ACL_COMPARE, NULL ) ) {
rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
a != NULL;
a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ))
{
rs->sr_err = LDAP_COMPARE_FALSE;
#ifdef SLAP_NVALUES
if ( value_find_ex( op->oq_compare.rs_ava->aa_desc,
SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
a->a_nvals, &op->oq_compare.rs_ava->aa_value ) == 0 )
#else
if ( value_find( op->oq_compare.rs_ava->aa_desc, a->a_vals, &op->oq_compare.rs_ava->aa_value ) == 0 )
#endif
{
rs->sr_err = LDAP_COMPARE_TRUE;
break;
}
}
return_results:;
send_ldap_result( op, rs );
Debug(LDAP_DEBUG_TRACE,"<==backsql_compare()\n",0,0,0);
switch ( rs->sr_err ) {
case LDAP_COMPARE_TRUE:
case LDAP_COMPARE_FALSE:
return 0;
default:
return 1;
}
} }
int
backsql_abandon(
BackendDB *be,
Connection *conn,
Operation *op,
int msgid )
{
Debug( LDAP_DEBUG_TRACE, "==>backsql_abandon()\n", 0, 0, 0 );
Debug( LDAP_DEBUG_TRACE, "<==backsql_abandon()\n", 0, 0, 0 );
return 0;
}
/* /*
* sets the supported operational attributes (if required) * sets the supported operational attributes (if required)
*/ */

View File

@ -984,7 +984,8 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
} }
int int
backsql_search( backsql_search( Operation *op, SlapReply *rs )
/*
BackendDB *be, BackendDB *be,
Connection *conn, Connection *conn,
Operation *op, Operation *op,
@ -997,50 +998,54 @@ backsql_search(
Filter *filter, Filter *filter,
struct berval *filterstr, struct berval *filterstr,
AttributeName *attrs, AttributeName *attrs,
int attrsonly ) int attrsonly ) */
{ {
backsql_info *bi = (backsql_info *)be->be_private; backsql_info *bi = (backsql_info *)op->o_bd->be_private;
SQLHDBC dbh; SQLHDBC dbh;
int sres; int sres;
int nentries;
Entry *entry, *res; Entry *entry, *res;
int manageDSAit = get_manageDSAit( op ); int manageDSAit;
BerVarray v2refs = NULL;
time_t stoptime = 0; time_t stoptime = 0;
backsql_srch_info srch_info; backsql_srch_info srch_info;
backsql_entryID *eid = NULL; backsql_entryID *eid = NULL;
struct slap_limits_set *limit = NULL; struct slap_limits_set *limit = NULL;
int isroot = 0; int isroot = 0;
manageDSAit = get_manageDSAit( op );
Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): " Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
"base='%s', filter='%s', scope=%d,", "base='%s', filter='%s', scope=%d,",
nbase->bv_val, filterstr->bv_val, scope ); op->o_req_ndn.bv_val,
op->oq_search.rs_filterstr.bv_val,
op->oq_search.rs_scope );
Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, " Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
"attributes to load: %s\n", "attributes to load: %s\n",
deref, attrsonly, attrs == NULL ? "all" : "custom list" ); op->oq_search.rs_deref,
op->oq_search.rs_attrsonly,
op->oq_search.rs_attrs == NULL ? "all" : "custom list" );
if ( nbase->bv_len > BACKSQL_MAX_DN_LEN ) { if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
Debug( LDAP_DEBUG_TRACE, "backsql_search(): " Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
"search base length (%ld) exceeds max length (%ld)\n", "search base length (%ld) exceeds max length (%ld)\n",
nbase->bv_len, BACKSQL_MAX_DN_LEN, 0 ); op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
/* /*
* FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
* since it is impossible that such a long DN exists * since it is impossible that such a long DN exists
* in the backend * in the backend
*/ */
send_ldap_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED, rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
"", NULL, NULL, NULL ); send_ldap_result( op, rs );
return 1; return 1;
} }
sres = backsql_get_db_conn( be, conn, &dbh ); sres = backsql_get_db_conn( op->o_bd, op->o_conn, &dbh );
if ( sres != LDAP_SUCCESS ) { if ( sres != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_search(): " Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
"could not get connection handle - exiting\n", "could not get connection handle - exiting\n",
0, 0, 0 ); 0, 0, 0 );
send_ldap_result( conn, op, sres, "", rs->sr_err = sres;
sres == LDAP_OTHER ? "SQL-backend error" : "", rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
NULL, NULL ); send_ldap_result( op, rs );
return 1; return 1;
} }
@ -1048,10 +1053,10 @@ backsql_search(
srch_info.use_reverse_dn = BACKSQL_USE_REVERSE_DN( bi ); srch_info.use_reverse_dn = BACKSQL_USE_REVERSE_DN( bi );
/* if not root, get appropriate limits */ /* if not root, get appropriate limits */
if ( be_isroot( be, &op->o_ndn ) ) { if ( be_isroot( op->o_bd, &op->o_ndn ) ) {
isroot = 1; isroot = 1;
} else { } else {
( void ) get_limits( be, &op->o_ndn, &limit ); ( void ) get_limits( op->o_bd, &op->o_ndn, &limit );
} }
/* The time/size limits come first because they require very little /* The time/size limits come first because they require very little
@ -1060,32 +1065,31 @@ backsql_search(
/* if no time limit requested, use soft limit (unless root!) */ /* if no time limit requested, use soft limit (unless root!) */
if ( isroot ) { if ( isroot ) {
if ( tlimit == 0 ) { if ( op->oq_search.rs_tlimit == 0 ) {
tlimit = -1; /* allow root to set no limit */ op->oq_search.rs_tlimit = -1; /* allow root to set no limit */
} }
if ( slimit == 0 ) { if ( op->oq_search.rs_slimit == 0 ) {
slimit = -1; op->oq_search.rs_slimit = -1;
} }
} else { } else {
/* if no limit is required, use soft limit */ /* if no limit is required, use soft limit */
if ( tlimit <= 0 ) { if ( op->oq_search.rs_tlimit <= 0 ) {
tlimit = limit->lms_t_soft; op->oq_search.rs_tlimit = limit->lms_t_soft;
/* if requested limit higher than hard limit, abort */ /* if requested limit higher than hard limit, abort */
} else if ( tlimit > limit->lms_t_hard ) { } else if ( op->oq_search.rs_tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */ /* no hard limit means use soft instead */
if ( limit->lms_t_hard == 0 if ( limit->lms_t_hard == 0
&& limit->lms_t_soft > -1 && limit->lms_t_soft > -1
&& tlimit > limit->lms_t_soft ) { && op->oq_search.rs_tlimit > limit->lms_t_soft ) {
tlimit = limit->lms_t_soft; op->oq_search.rs_tlimit = limit->lms_t_soft;
/* positive hard limit means abort */ /* positive hard limit means abort */
} else if ( limit->lms_t_hard > 0 ) { } else if ( limit->lms_t_hard > 0 ) {
send_search_result( conn, op, rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
LDAP_ADMINLIMIT_EXCEEDED, send_ldap_result( op, rs );
NULL, NULL, NULL, NULL, 0 );
return 0; return 0;
} }
@ -1093,22 +1097,21 @@ backsql_search(
} }
/* if no limit is required, use soft limit */ /* if no limit is required, use soft limit */
if ( slimit <= 0 ) { if ( op->oq_search.rs_slimit <= 0 ) {
slimit = limit->lms_s_soft; op->oq_search.rs_slimit = limit->lms_s_soft;
/* if requested limit higher than hard limit, abort */ /* if requested limit higher than hard limit, abort */
} else if ( slimit > limit->lms_s_hard ) { } else if ( op->oq_search.rs_slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */ /* no hard limit means use soft instead */
if ( limit->lms_s_hard == 0 if ( limit->lms_s_hard == 0
&& limit->lms_s_soft > -1 && limit->lms_s_soft > -1
&& slimit > limit->lms_s_soft ) { && op->oq_search.rs_slimit > limit->lms_s_soft ) {
slimit = limit->lms_s_soft; op->oq_search.rs_slimit = limit->lms_s_soft;
/* positive hard limit means abort */ /* positive hard limit means abort */
} else if ( limit->lms_s_hard > 0 ) { } else if ( limit->lms_s_hard > 0 ) {
send_search_result( conn, op, rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
LDAP_ADMINLIMIT_EXCEEDED, send_ldap_result( op, rs );
NULL, NULL, NULL, NULL, 0 );
return 0; return 0;
} }
@ -1117,11 +1120,14 @@ backsql_search(
} }
/* compute it anyway; root does not use it */ /* compute it anyway; root does not use it */
stoptime = op->o_time + tlimit; stoptime = op->o_time + op->oq_search.rs_tlimit;
backsql_init_search( &srch_info, bi, nbase, scope, backsql_init_search( &srch_info, bi, &op->o_req_dn,
slimit, tlimit, stoptime, filter, dbh, op->oq_search.rs_scope,
be, conn, op, attrs ); op->oq_search.rs_slimit, op->oq_search.rs_tlimit,
stoptime, op->oq_search.rs_filter,
dbh, op->o_bd, op->o_conn, op,
op->oq_search.rs_attrs );
/* /*
* for each objectclass we try to construct query which gets IDs * for each objectclass we try to construct query which gets IDs
@ -1134,14 +1140,12 @@ backsql_search(
&srch_info, BACKSQL_STOP, AVL_INORDER ); &srch_info, BACKSQL_STOP, AVL_INORDER );
if ( !isroot && limit->lms_s_unchecked != -1 ) { if ( !isroot && limit->lms_s_unchecked != -1 ) {
if ( srch_info.n_candidates == -1 ) { if ( srch_info.n_candidates == -1 ) {
send_search_result( conn, op, rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
LDAP_ADMINLIMIT_EXCEEDED, send_ldap_result( op, rs );
NULL, NULL, NULL, NULL, 0 );
goto done; goto done;
} }
} }
nentries = 0;
/* /*
* now we load candidate entries (only those attributes * now we load candidate entries (only those attributes
* mentioned in attrs and filter), test it against full filter * mentioned in attrs and filter), test it against full filter
@ -1158,9 +1162,13 @@ backsql_search(
} }
/* check time limit */ /* check time limit */
if ( tlimit != -1 && slap_get_time() > stoptime ) { if ( op->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
send_search_result( conn, op, LDAP_TIMELIMIT_EXCEEDED, rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
NULL, NULL, v2refs, NULL, nentries ); rs->sr_ctrls = NULL;
rs->sr_ref = rs->sr_v2ref;
rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
: LDAP_REFERRAL;
send_ldap_result( op, rs );
goto end_of_search; goto end_of_search;
} }
@ -1177,14 +1185,34 @@ backsql_search(
continue; continue;
} }
if ( !manageDSAit && scope != LDAP_SCOPE_BASE && if ( !manageDSAit &&
is_entry_referral( entry ) ) { op->oq_search.rs_scope != LDAP_SCOPE_BASE &&
BerVarray refs = get_entry_referrals( be, conn, is_entry_referral( entry ) ) {
op, entry ); BerVarray refs;
struct berval matched_dn;
ber_dupbv( &matched_dn, &entry->e_name );
refs = get_entry_referrals( op, entry );
if ( refs ) {
rs->sr_ref = referral_rewrite( refs,
&matched_dn, &op->o_req_dn,
op->oq_search.rs_scope );
ber_bvarray_free( refs );
}
if (!rs->sr_ref) {
rs->sr_text = "bad_referral object";
}
rs->sr_err = LDAP_REFERRAL;
rs->sr_matched = matched_dn.bv_val;
send_ldap_result( op, rs );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
ber_memfree( matched_dn.bv_val );
rs->sr_matched = NULL;
send_search_reference( be, conn, op, entry, refs,
NULL, &v2refs );
ber_bvarray_free( refs );
continue; continue;
} }
@ -1226,10 +1254,10 @@ backsql_search(
} }
} }
if ( test_filter( be, conn, op, entry, filter ) if ( test_filter( op, entry, op->oq_search.rs_filter )
== LDAP_COMPARE_TRUE ) { == LDAP_COMPARE_TRUE ) {
if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER ) if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
&& !ad_inlist( slap_schema.si_ad_hasSubordinates, attrs ) ) { && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->oq_search.rs_attrs ) ) {
a->a_next = NULL; a->a_next = NULL;
attr_free( hasSubordinate ); attr_free( hasSubordinate );
hasSubordinate = NULL; hasSubordinate = NULL;
@ -1240,15 +1268,14 @@ backsql_search(
sres = 0; sres = 0;
} else { } else {
#endif #endif
sres = send_search_entry( be, conn, op, entry, rs->sr_entry = entry;
attrs, attrsonly, NULL ); sres = send_search_entry( op, rs );
#if 0 #if 0
} }
#endif #endif
switch ( sres ) { switch ( sres ) {
case 0: case 0:
nentries++;
break; break;
case -1: case -1:
@ -1266,24 +1293,30 @@ backsql_search(
} }
entry_free( entry ); entry_free( entry );
if ( slimit != -1 && nentries >= slimit ) { if ( op->oq_search.rs_slimit != -1
send_search_result( conn, op, LDAP_SIZELIMIT_EXCEEDED, && rs->sr_nentries >= op->oq_search.rs_slimit ) {
NULL, NULL, v2refs, NULL, nentries ); rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
send_ldap_result( op, rs );
goto end_of_search; goto end_of_search;
} }
} }
end_of_search:; end_of_search:;
if ( nentries > 0 ) { if ( rs->sr_nentries > 0 ) {
send_search_result( conn, op, rs->sr_ref = rs->sr_v2ref;
v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL, rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
NULL, NULL, v2refs, NULL, nentries ); : LDAP_REFERRAL;
} else { } else {
send_ldap_result( conn, op, srch_info.status, rs->sr_err = srch_info.status;
NULL, NULL, NULL, 0 );
} }
send_ldap_result( op, rs );
if ( rs->sr_v2ref ) {
ber_bvarray_free( rs->sr_v2ref );
rs->sr_v2ref = NULL;
}
done:; done:;
ch_free( srch_info.attrs ); ch_free( srch_info.attrs );