mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
more new API ...
This commit is contained in:
parent
8ecfc4e1db
commit
09b92f0aeb
@ -20,17 +20,9 @@
|
||||
#include "entry-id.h"
|
||||
|
||||
int
|
||||
backsql_bind(
|
||||
BackendDB *be,
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
struct berval *dn,
|
||||
struct berval *ndn,
|
||||
int method,
|
||||
struct berval *cred,
|
||||
struct berval *edn )
|
||||
backsql_bind( Operation *op, SlapReply *rs )
|
||||
{
|
||||
backsql_info *bi = (backsql_info*)be->be_private;
|
||||
backsql_info *bi = (backsql_info*)op->o_bd->be_private;
|
||||
backsql_entryID user_id;
|
||||
SQLHDBC dbh;
|
||||
AttributeDescription *password = slap_schema.si_ad_userPassword;
|
||||
@ -41,73 +33,74 @@ backsql_bind(
|
||||
|
||||
Debug( LDAP_DEBUG_TRACE, "==>backsql_bind()\n", 0, 0, 0 );
|
||||
|
||||
if ( be_isroot_pw( be, conn, ndn, cred ) ) {
|
||||
ber_dupbv( edn, be_root_dn( be ) );
|
||||
if ( be_isroot_pw( op ) ) {
|
||||
ber_dupbv( &op->oq_bind.rb_edn, be_root_dn( op->o_bd ) );
|
||||
Debug( LDAP_DEBUG_TRACE, "<==backsql_bind() root bind\n",
|
||||
0, 0, 0 );
|
||||
return LDAP_SUCCESS;
|
||||
return 0;
|
||||
}
|
||||
|
||||
ber_dupbv( edn, ndn );
|
||||
ber_dupbv( &op->oq_bind.rb_edn, &op->o_req_ndn );
|
||||
|
||||
if ( method != LDAP_AUTH_SIMPLE ) {
|
||||
send_ldap_result( conn, op, LDAP_STRONG_AUTH_NOT_SUPPORTED,
|
||||
NULL, "authentication method not supported",
|
||||
NULL, NULL );
|
||||
if ( op->oq_bind.rb_method != LDAP_AUTH_SIMPLE ) {
|
||||
rs->sr_err = LDAP_STRONG_AUTH_NOT_SUPPORTED;
|
||||
rs->sr_text = "authentication method not supported";
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* method = LDAP_AUTH_SIMPLE
|
||||
*/
|
||||
rc = backsql_get_db_conn( be, conn, &dbh );
|
||||
rs->sr_err = backsql_get_db_conn( op->o_bd, op->o_conn, &dbh );
|
||||
if (!dbh) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_bind(): "
|
||||
"could not get connection handle - exiting\n",
|
||||
0, 0, 0 );
|
||||
send_ldap_result( conn, op, rc, "",
|
||||
rc == LDAP_OTHER ? "SQL-backend error" : "",
|
||||
NULL, NULL );
|
||||
|
||||
rs->sr_text = ( rs->sr_err == LDAP_OTHER )
|
||||
? "SQL-backend error" : NULL;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
if ( backsql_dn2id( bi, &user_id, dbh, ndn ) != LDAP_SUCCESS ) {
|
||||
rc = backsql_dn2id( bi, &user_id, dbh, &op->o_req_ndn );
|
||||
if ( rc != LDAP_SUCCESS ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_bind(): "
|
||||
"could not retrieve bind dn id - no such entry\n",
|
||||
0, 0, 0 );
|
||||
send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
|
||||
NULL, NULL, NULL, NULL );
|
||||
rs->sr_err = LDAP_INVALID_CREDENTIALS;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
backsql_init_search( &bsi, bi, ndn, LDAP_SCOPE_BASE, -1, -1, -1,
|
||||
NULL, dbh, be, conn, op, NULL );
|
||||
backsql_init_search( &bsi, bi, &op->o_req_ndn, LDAP_SCOPE_BASE,
|
||||
-1, -1, -1, NULL, dbh, op->o_bd, op->o_conn, op, NULL );
|
||||
e = backsql_id2entry( &bsi, &user_entry, &user_id );
|
||||
if ( e == NULL ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_bind(): "
|
||||
"error in backsql_id2entry() - auth failed\n",
|
||||
0, 0, 0 );
|
||||
send_ldap_result( conn, op, LDAP_OTHER,
|
||||
NULL, NULL, NULL, NULL );
|
||||
rs->sr_err = LDAP_OTHER;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
if ( ! access_allowed( be, conn, op, e, password, NULL,
|
||||
ACL_AUTH, NULL ) ) {
|
||||
send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
|
||||
NULL, NULL, NULL, NULL );
|
||||
if ( ! access_allowed( op, e, password, NULL, ACL_AUTH, NULL ) ) {
|
||||
rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
if ( ( a = attr_find( e->e_attrs, password ) ) == NULL ) {
|
||||
send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH,
|
||||
NULL, NULL, NULL, NULL );
|
||||
rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
if ( slap_passwd_check( conn, a, cred ) != 0 ) {
|
||||
send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
|
||||
NULL, NULL, NULL, NULL );
|
||||
if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred ) != 0 ) {
|
||||
rs->sr_err = LDAP_INVALID_CREDENTIALS;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -115,17 +108,5 @@ backsql_bind(
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
backsql_unbind(
|
||||
BackendDB *be,
|
||||
Connection *conn,
|
||||
Operation *op )
|
||||
{
|
||||
Debug( LDAP_DEBUG_TRACE, "==>backsql_unbind()\n", 0, 0, 0 );
|
||||
send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL, NULL, 0 );
|
||||
Debug( LDAP_DEBUG_TRACE, "<==backsql_unbind()\n", 0, 0, 0 );
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* SLAPD_SQL */
|
||||
|
||||
|
@ -25,14 +25,12 @@ extern BI_db_destroy backsql_db_destroy;
|
||||
extern BI_db_config backsql_db_config;
|
||||
|
||||
extern BI_op_bind backsql_bind;
|
||||
extern BI_op_unbind backsql_unbind;
|
||||
extern BI_op_search backsql_search;
|
||||
extern BI_op_compare backsql_compare;
|
||||
extern BI_op_modify backsql_modify;
|
||||
extern BI_op_modrdn backsql_modrdn;
|
||||
extern BI_op_add backsql_add;
|
||||
extern BI_op_delete backsql_delete;
|
||||
extern BI_op_abandon backsql_abandon;
|
||||
|
||||
extern BI_operational backsql_operational;
|
||||
|
||||
|
@ -68,15 +68,10 @@ sql_back_initialize(
|
||||
bi->bi_db_close = backsql_db_close;
|
||||
bi->bi_db_destroy = backsql_db_destroy;
|
||||
|
||||
#ifdef BACKSQL_ALL_DONE
|
||||
bi->bi_op_abandon = backsql_abandon;
|
||||
bi->bi_op_compare = backsql_compare;
|
||||
#else
|
||||
bi->bi_op_abandon = 0;
|
||||
bi->bi_op_compare = 0;
|
||||
#endif
|
||||
bi->bi_op_compare = backsql_compare;
|
||||
bi->bi_op_bind = backsql_bind;
|
||||
bi->bi_op_unbind = backsql_unbind;
|
||||
bi->bi_op_unbind = 0;
|
||||
bi->bi_op_search = backsql_search;
|
||||
bi->bi_op_modify = backsql_modify;
|
||||
bi->bi_op_modrdn = backsql_modrdn;
|
||||
|
@ -17,34 +17,106 @@
|
||||
#include "back-sql.h"
|
||||
#include "sql-wrap.h"
|
||||
#include "entry-id.h"
|
||||
#include "util.h"
|
||||
|
||||
int
|
||||
backsql_compare(
|
||||
backsql_compare( Operation *op, SlapReply *rs )
|
||||
/*
|
||||
BackendDB *bd,
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
struct berval *dn,
|
||||
struct berval *ndn,
|
||||
AttributeAssertion *ava )
|
||||
AttributeAssertion *ava ) */
|
||||
{
|
||||
Debug( LDAP_DEBUG_TRACE, "==>backsql_compare() - not implemented\n",
|
||||
backsql_info *bi = (backsql_info*)op->o_bd->be_private;
|
||||
backsql_entryID user_id;
|
||||
SQLHDBC dbh;
|
||||
Entry *e, user_entry;
|
||||
Attribute *a;
|
||||
backsql_srch_info bsi;
|
||||
int rc;
|
||||
AttributeName anlist[2];
|
||||
|
||||
Debug( LDAP_DEBUG_TRACE, "==>backsql_compare()\n", 0, 0, 0 );
|
||||
|
||||
rs->sr_err = backsql_get_db_conn( op->o_bd, op->o_conn, &dbh );
|
||||
if (!dbh) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
|
||||
"could not get connection handle - exiting\n",
|
||||
0, 0, 0 );
|
||||
|
||||
rs->sr_text = ( rs->sr_err == LDAP_OTHER )
|
||||
? "SQL-backend error" : NULL;
|
||||
goto return_results;
|
||||
}
|
||||
|
||||
rc = backsql_dn2id( bi, &user_id, dbh, &op->o_req_ndn );
|
||||
if ( rc != LDAP_SUCCESS ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
|
||||
"could not retrieve bind dn id - no such entry\n",
|
||||
0, 0, 0 );
|
||||
rs->sr_err = LDAP_INVALID_CREDENTIALS;
|
||||
goto return_results;
|
||||
}
|
||||
|
||||
anlist[0].an_name = op->oq_compare.rs_ava->aa_desc->ad_cname;
|
||||
anlist[0].an_desc = op->oq_compare.rs_ava->aa_desc;
|
||||
anlist[1].an_name.bv_val = NULL;
|
||||
backsql_init_search( &bsi, bi, &op->o_req_ndn, LDAP_SCOPE_BASE,
|
||||
-1, -1, -1, NULL, dbh, op->o_bd, op->o_conn, op,
|
||||
anlist);
|
||||
e = backsql_id2entry( &bsi, &user_entry, &user_id );
|
||||
if ( e == NULL ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
|
||||
"error in backsql_id2entry() - auth failed\n",
|
||||
0, 0, 0 );
|
||||
rs->sr_err = LDAP_OTHER;
|
||||
goto return_results;
|
||||
}
|
||||
|
||||
if ( ! access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
|
||||
&op->oq_compare.rs_ava->aa_value,
|
||||
ACL_COMPARE, NULL ) ) {
|
||||
rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
|
||||
goto return_results;
|
||||
}
|
||||
|
||||
|
||||
rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
|
||||
for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
|
||||
a != NULL;
|
||||
a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ))
|
||||
{
|
||||
rs->sr_err = LDAP_COMPARE_FALSE;
|
||||
#ifdef SLAP_NVALUES
|
||||
if ( value_find_ex( op->oq_compare.rs_ava->aa_desc,
|
||||
SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
|
||||
SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
|
||||
a->a_nvals, &op->oq_compare.rs_ava->aa_value ) == 0 )
|
||||
#else
|
||||
if ( value_find( op->oq_compare.rs_ava->aa_desc, a->a_vals, &op->oq_compare.rs_ava->aa_value ) == 0 )
|
||||
#endif
|
||||
{
|
||||
rs->sr_err = LDAP_COMPARE_TRUE;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return_results:;
|
||||
send_ldap_result( op, rs );
|
||||
|
||||
Debug(LDAP_DEBUG_TRACE,"<==backsql_compare()\n",0,0,0);
|
||||
switch ( rs->sr_err ) {
|
||||
case LDAP_COMPARE_TRUE:
|
||||
case LDAP_COMPARE_FALSE:
|
||||
return 0;
|
||||
|
||||
default:
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
backsql_abandon(
|
||||
BackendDB *be,
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
int msgid )
|
||||
{
|
||||
Debug( LDAP_DEBUG_TRACE, "==>backsql_abandon()\n", 0, 0, 0 );
|
||||
Debug( LDAP_DEBUG_TRACE, "<==backsql_abandon()\n", 0, 0, 0 );
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* sets the supported operational attributes (if required)
|
||||
*/
|
||||
|
@ -984,7 +984,8 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
|
||||
}
|
||||
|
||||
int
|
||||
backsql_search(
|
||||
backsql_search( Operation *op, SlapReply *rs )
|
||||
/*
|
||||
BackendDB *be,
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
@ -997,50 +998,54 @@ backsql_search(
|
||||
Filter *filter,
|
||||
struct berval *filterstr,
|
||||
AttributeName *attrs,
|
||||
int attrsonly )
|
||||
int attrsonly ) */
|
||||
{
|
||||
backsql_info *bi = (backsql_info *)be->be_private;
|
||||
backsql_info *bi = (backsql_info *)op->o_bd->be_private;
|
||||
SQLHDBC dbh;
|
||||
int sres;
|
||||
int nentries;
|
||||
Entry *entry, *res;
|
||||
int manageDSAit = get_manageDSAit( op );
|
||||
BerVarray v2refs = NULL;
|
||||
int manageDSAit;
|
||||
time_t stoptime = 0;
|
||||
backsql_srch_info srch_info;
|
||||
backsql_entryID *eid = NULL;
|
||||
struct slap_limits_set *limit = NULL;
|
||||
int isroot = 0;
|
||||
|
||||
manageDSAit = get_manageDSAit( op );
|
||||
|
||||
Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
|
||||
"base='%s', filter='%s', scope=%d,",
|
||||
nbase->bv_val, filterstr->bv_val, scope );
|
||||
op->o_req_ndn.bv_val,
|
||||
op->oq_search.rs_filterstr.bv_val,
|
||||
op->oq_search.rs_scope );
|
||||
Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
|
||||
"attributes to load: %s\n",
|
||||
deref, attrsonly, attrs == NULL ? "all" : "custom list" );
|
||||
op->oq_search.rs_deref,
|
||||
op->oq_search.rs_attrsonly,
|
||||
op->oq_search.rs_attrs == NULL ? "all" : "custom list" );
|
||||
|
||||
if ( nbase->bv_len > BACKSQL_MAX_DN_LEN ) {
|
||||
if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
|
||||
"search base length (%ld) exceeds max length (%ld)\n",
|
||||
nbase->bv_len, BACKSQL_MAX_DN_LEN, 0 );
|
||||
op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
|
||||
/*
|
||||
* FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
|
||||
* since it is impossible that such a long DN exists
|
||||
* in the backend
|
||||
*/
|
||||
send_ldap_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED,
|
||||
"", NULL, NULL, NULL );
|
||||
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
sres = backsql_get_db_conn( be, conn, &dbh );
|
||||
sres = backsql_get_db_conn( op->o_bd, op->o_conn, &dbh );
|
||||
if ( sres != LDAP_SUCCESS ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
|
||||
"could not get connection handle - exiting\n",
|
||||
0, 0, 0 );
|
||||
send_ldap_result( conn, op, sres, "",
|
||||
sres == LDAP_OTHER ? "SQL-backend error" : "",
|
||||
NULL, NULL );
|
||||
rs->sr_err = sres;
|
||||
rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
|
||||
send_ldap_result( op, rs );
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -1048,10 +1053,10 @@ backsql_search(
|
||||
srch_info.use_reverse_dn = BACKSQL_USE_REVERSE_DN( bi );
|
||||
|
||||
/* if not root, get appropriate limits */
|
||||
if ( be_isroot( be, &op->o_ndn ) ) {
|
||||
if ( be_isroot( op->o_bd, &op->o_ndn ) ) {
|
||||
isroot = 1;
|
||||
} else {
|
||||
( void ) get_limits( be, &op->o_ndn, &limit );
|
||||
( void ) get_limits( op->o_bd, &op->o_ndn, &limit );
|
||||
}
|
||||
|
||||
/* The time/size limits come first because they require very little
|
||||
@ -1060,32 +1065,31 @@ backsql_search(
|
||||
|
||||
/* if no time limit requested, use soft limit (unless root!) */
|
||||
if ( isroot ) {
|
||||
if ( tlimit == 0 ) {
|
||||
tlimit = -1; /* allow root to set no limit */
|
||||
if ( op->oq_search.rs_tlimit == 0 ) {
|
||||
op->oq_search.rs_tlimit = -1; /* allow root to set no limit */
|
||||
}
|
||||
|
||||
if ( slimit == 0 ) {
|
||||
slimit = -1;
|
||||
if ( op->oq_search.rs_slimit == 0 ) {
|
||||
op->oq_search.rs_slimit = -1;
|
||||
}
|
||||
|
||||
} else {
|
||||
/* if no limit is required, use soft limit */
|
||||
if ( tlimit <= 0 ) {
|
||||
tlimit = limit->lms_t_soft;
|
||||
if ( op->oq_search.rs_tlimit <= 0 ) {
|
||||
op->oq_search.rs_tlimit = limit->lms_t_soft;
|
||||
|
||||
/* if requested limit higher than hard limit, abort */
|
||||
} else if ( tlimit > limit->lms_t_hard ) {
|
||||
} else if ( op->oq_search.rs_tlimit > limit->lms_t_hard ) {
|
||||
/* no hard limit means use soft instead */
|
||||
if ( limit->lms_t_hard == 0
|
||||
&& limit->lms_t_soft > -1
|
||||
&& tlimit > limit->lms_t_soft ) {
|
||||
tlimit = limit->lms_t_soft;
|
||||
&& op->oq_search.rs_tlimit > limit->lms_t_soft ) {
|
||||
op->oq_search.rs_tlimit = limit->lms_t_soft;
|
||||
|
||||
/* positive hard limit means abort */
|
||||
} else if ( limit->lms_t_hard > 0 ) {
|
||||
send_search_result( conn, op,
|
||||
LDAP_ADMINLIMIT_EXCEEDED,
|
||||
NULL, NULL, NULL, NULL, 0 );
|
||||
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
|
||||
send_ldap_result( op, rs );
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -1093,22 +1097,21 @@ backsql_search(
|
||||
}
|
||||
|
||||
/* if no limit is required, use soft limit */
|
||||
if ( slimit <= 0 ) {
|
||||
slimit = limit->lms_s_soft;
|
||||
if ( op->oq_search.rs_slimit <= 0 ) {
|
||||
op->oq_search.rs_slimit = limit->lms_s_soft;
|
||||
|
||||
/* if requested limit higher than hard limit, abort */
|
||||
} else if ( slimit > limit->lms_s_hard ) {
|
||||
} else if ( op->oq_search.rs_slimit > limit->lms_s_hard ) {
|
||||
/* no hard limit means use soft instead */
|
||||
if ( limit->lms_s_hard == 0
|
||||
&& limit->lms_s_soft > -1
|
||||
&& slimit > limit->lms_s_soft ) {
|
||||
slimit = limit->lms_s_soft;
|
||||
&& op->oq_search.rs_slimit > limit->lms_s_soft ) {
|
||||
op->oq_search.rs_slimit = limit->lms_s_soft;
|
||||
|
||||
/* positive hard limit means abort */
|
||||
} else if ( limit->lms_s_hard > 0 ) {
|
||||
send_search_result( conn, op,
|
||||
LDAP_ADMINLIMIT_EXCEEDED,
|
||||
NULL, NULL, NULL, NULL, 0 );
|
||||
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
|
||||
send_ldap_result( op, rs );
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -1117,11 +1120,14 @@ backsql_search(
|
||||
}
|
||||
|
||||
/* compute it anyway; root does not use it */
|
||||
stoptime = op->o_time + tlimit;
|
||||
stoptime = op->o_time + op->oq_search.rs_tlimit;
|
||||
|
||||
backsql_init_search( &srch_info, bi, nbase, scope,
|
||||
slimit, tlimit, stoptime, filter, dbh,
|
||||
be, conn, op, attrs );
|
||||
backsql_init_search( &srch_info, bi, &op->o_req_dn,
|
||||
op->oq_search.rs_scope,
|
||||
op->oq_search.rs_slimit, op->oq_search.rs_tlimit,
|
||||
stoptime, op->oq_search.rs_filter,
|
||||
dbh, op->o_bd, op->o_conn, op,
|
||||
op->oq_search.rs_attrs );
|
||||
|
||||
/*
|
||||
* for each objectclass we try to construct query which gets IDs
|
||||
@ -1134,14 +1140,12 @@ backsql_search(
|
||||
&srch_info, BACKSQL_STOP, AVL_INORDER );
|
||||
if ( !isroot && limit->lms_s_unchecked != -1 ) {
|
||||
if ( srch_info.n_candidates == -1 ) {
|
||||
send_search_result( conn, op,
|
||||
LDAP_ADMINLIMIT_EXCEEDED,
|
||||
NULL, NULL, NULL, NULL, 0 );
|
||||
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
|
||||
send_ldap_result( op, rs );
|
||||
goto done;
|
||||
}
|
||||
}
|
||||
|
||||
nentries = 0;
|
||||
/*
|
||||
* now we load candidate entries (only those attributes
|
||||
* mentioned in attrs and filter), test it against full filter
|
||||
@ -1158,9 +1162,13 @@ backsql_search(
|
||||
}
|
||||
|
||||
/* check time limit */
|
||||
if ( tlimit != -1 && slap_get_time() > stoptime ) {
|
||||
send_search_result( conn, op, LDAP_TIMELIMIT_EXCEEDED,
|
||||
NULL, NULL, v2refs, NULL, nentries );
|
||||
if ( op->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
|
||||
rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
|
||||
rs->sr_ctrls = NULL;
|
||||
rs->sr_ref = rs->sr_v2ref;
|
||||
rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
|
||||
: LDAP_REFERRAL;
|
||||
send_ldap_result( op, rs );
|
||||
goto end_of_search;
|
||||
}
|
||||
|
||||
@ -1177,14 +1185,34 @@ backsql_search(
|
||||
continue;
|
||||
}
|
||||
|
||||
if ( !manageDSAit && scope != LDAP_SCOPE_BASE &&
|
||||
if ( !manageDSAit &&
|
||||
op->oq_search.rs_scope != LDAP_SCOPE_BASE &&
|
||||
is_entry_referral( entry ) ) {
|
||||
BerVarray refs = get_entry_referrals( be, conn,
|
||||
op, entry );
|
||||
BerVarray refs;
|
||||
struct berval matched_dn;
|
||||
|
||||
send_search_reference( be, conn, op, entry, refs,
|
||||
NULL, &v2refs );
|
||||
ber_dupbv( &matched_dn, &entry->e_name );
|
||||
refs = get_entry_referrals( op, entry );
|
||||
if ( refs ) {
|
||||
rs->sr_ref = referral_rewrite( refs,
|
||||
&matched_dn, &op->o_req_dn,
|
||||
op->oq_search.rs_scope );
|
||||
ber_bvarray_free( refs );
|
||||
}
|
||||
|
||||
if (!rs->sr_ref) {
|
||||
rs->sr_text = "bad_referral object";
|
||||
}
|
||||
|
||||
rs->sr_err = LDAP_REFERRAL;
|
||||
rs->sr_matched = matched_dn.bv_val;
|
||||
send_ldap_result( op, rs );
|
||||
|
||||
ber_bvarray_free( rs->sr_ref );
|
||||
rs->sr_ref = NULL;
|
||||
ber_memfree( matched_dn.bv_val );
|
||||
rs->sr_matched = NULL;
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -1226,10 +1254,10 @@ backsql_search(
|
||||
}
|
||||
}
|
||||
|
||||
if ( test_filter( be, conn, op, entry, filter )
|
||||
if ( test_filter( op, entry, op->oq_search.rs_filter )
|
||||
== LDAP_COMPARE_TRUE ) {
|
||||
if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
|
||||
&& !ad_inlist( slap_schema.si_ad_hasSubordinates, attrs ) ) {
|
||||
&& !ad_inlist( slap_schema.si_ad_hasSubordinates, op->oq_search.rs_attrs ) ) {
|
||||
a->a_next = NULL;
|
||||
attr_free( hasSubordinate );
|
||||
hasSubordinate = NULL;
|
||||
@ -1240,15 +1268,14 @@ backsql_search(
|
||||
sres = 0;
|
||||
} else {
|
||||
#endif
|
||||
sres = send_search_entry( be, conn, op, entry,
|
||||
attrs, attrsonly, NULL );
|
||||
rs->sr_entry = entry;
|
||||
sres = send_search_entry( op, rs );
|
||||
#if 0
|
||||
}
|
||||
#endif
|
||||
|
||||
switch ( sres ) {
|
||||
case 0:
|
||||
nentries++;
|
||||
break;
|
||||
|
||||
case -1:
|
||||
@ -1266,22 +1293,28 @@ backsql_search(
|
||||
}
|
||||
entry_free( entry );
|
||||
|
||||
if ( slimit != -1 && nentries >= slimit ) {
|
||||
send_search_result( conn, op, LDAP_SIZELIMIT_EXCEEDED,
|
||||
NULL, NULL, v2refs, NULL, nentries );
|
||||
if ( op->oq_search.rs_slimit != -1
|
||||
&& rs->sr_nentries >= op->oq_search.rs_slimit ) {
|
||||
rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
|
||||
send_ldap_result( op, rs );
|
||||
goto end_of_search;
|
||||
}
|
||||
}
|
||||
|
||||
end_of_search:;
|
||||
|
||||
if ( nentries > 0 ) {
|
||||
send_search_result( conn, op,
|
||||
v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL,
|
||||
NULL, NULL, v2refs, NULL, nentries );
|
||||
if ( rs->sr_nentries > 0 ) {
|
||||
rs->sr_ref = rs->sr_v2ref;
|
||||
rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
|
||||
: LDAP_REFERRAL;
|
||||
} else {
|
||||
send_ldap_result( conn, op, srch_info.status,
|
||||
NULL, NULL, NULL, 0 );
|
||||
rs->sr_err = srch_info.status;
|
||||
}
|
||||
send_ldap_result( op, rs );
|
||||
|
||||
if ( rs->sr_v2ref ) {
|
||||
ber_bvarray_free( rs->sr_v2ref );
|
||||
rs->sr_v2ref = NULL;
|
||||
}
|
||||
|
||||
done:;
|
||||
|
Loading…
Reference in New Issue
Block a user