result.c 39.5 KB
Newer Older
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1
/* result.c - routines to send ldap results, errors, and referrals */
2
/* $OpenLDAP$ */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
3
4
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
Kurt Zeilenga's avatar
Kurt Zeilenga committed
5
 * Copyright 1998-2008 The OpenLDAP Foundation.
Kurt Zeilenga's avatar
Kurt Zeilenga committed
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
 * Public License.
 *
 * A copy of this license is available in the file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
 */
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that this notice is preserved and that due credit is given
 * to the University of Michigan at Ann Arbor. The name of the University
 * may not be used to endorse or promote products derived from this
 * software without specific prior written permission. This software
 * is provided ``as is'' without express or implied warranty.
25
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
26
27

#include "portable.h"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
28
29
30

#include <stdio.h>

31
#include <ac/socket.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
32
33
#include <ac/errno.h>
#include <ac/string.h>
Hallvard Furuseth's avatar
Hallvard Furuseth committed
34
#include <ac/ctype.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
35
#include <ac/time.h>
36
#include <ac/unistd.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
37

Kurt Zeilenga's avatar
Kurt Zeilenga committed
38
#include "slap.h"
39

40
41
const struct berval slap_dummy_bv = BER_BVNULL;

Howard Chu's avatar
Howard Chu committed
42
43
44
45
46
int slap_null_cb( Operation *op, SlapReply *rs )
{
	return 0;
}

47
48
int slap_freeself_cb( Operation *op, SlapReply *rs )
{
49
	assert( op->o_callback != NULL );
50
51
52
53
54
55
56

	op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
	op->o_callback = NULL;

	return SLAP_CB_CONTINUE;
}

57
static char *v2ref( BerVarray ref, const char *text )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
58
{
59
	size_t len = 0, i = 0;
60
	char *v2;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
61

Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
62
	if(ref == NULL) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
63
64
65
66
67
		if (text) {
			return ch_strdup(text);
		} else {
			return NULL;
		}
68
69
	}
	
Kurt Zeilenga's avatar
Kurt Zeilenga committed
70
	if ( text != NULL ) {
71
		len = strlen( text );
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
72
		if (text[len-1] != '\n') {
73
		    i = 1;
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
74
		}
75
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
76

77
	v2 = ch_malloc( len+i+sizeof("Referral:") );
Julius Enarusai's avatar
   
Julius Enarusai committed
78

Kurt Zeilenga's avatar
Kurt Zeilenga committed
79
	if( text != NULL ) {
80
		strcpy(v2, text);
Kurt Zeilenga's avatar
Kurt Zeilenga committed
81
		if( i ) {
82
			v2[len++] = '\n';
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
83
		}
84
85
	}
	strcpy( v2+len, "Referral:" );
Howard Chu's avatar
Howard Chu committed
86
	len += sizeof("Referral:");
87

88
	for( i=0; ref[i].bv_val != NULL; i++ ) {
89
		v2 = ch_realloc( v2, len + ref[i].bv_len + 1 );
90
		v2[len-1] = '\n';
91
92
93
		AC_MEMCPY(&v2[len], ref[i].bv_val, ref[i].bv_len );
		len += ref[i].bv_len;
		if (ref[i].bv_val[ref[i].bv_len-1] != '/') {
94
			++len;
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
95
		}
96
	}
97

98
99
100
	v2[len-1] = '\0';
	return v2;
}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
101

102
103
ber_tag_t
slap_req2res( ber_tag_t tag )
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
{
	switch( tag ) {
	case LDAP_REQ_ADD:
	case LDAP_REQ_BIND:
	case LDAP_REQ_COMPARE:
	case LDAP_REQ_EXTENDED:
	case LDAP_REQ_MODIFY:
	case LDAP_REQ_MODRDN:
		tag++;
		break;

	case LDAP_REQ_DELETE:
		tag = LDAP_RES_DELETE;
		break;

	case LDAP_REQ_ABANDON:
	case LDAP_REQ_UNBIND:
		tag = LBER_SEQUENCE;
		break;

	case LDAP_REQ_SEARCH:
		tag = LDAP_RES_SEARCH_RESULT;
		break;

	default:
129
		tag = LBER_SEQUENCE;
130
	}
131

132
133
	return tag;
}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
134

135
136
137
138
static long send_ldap_ber(
	Connection *conn,
	BerElement *ber )
{
Kurt Zeilenga's avatar
Kurt Zeilenga committed
139
140
141
	ber_len_t bytes;

	ber_get_option( ber, LBER_OPT_BER_BYTES_TO_WRITE, &bytes );
142

Kurt Zeilenga's avatar
Kurt Zeilenga committed
143
	/* write only one pdu at a time - wait til it's our turn */
144
145
	ldap_pvt_thread_mutex_lock( &conn->c_write_mutex );

146
	/* lock the connection */ 
147
	ldap_pvt_thread_mutex_lock( &conn->c_mutex );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
148
149

	/* write the pdu */
150
	while( 1 ) {
151
152
153
154
155
		int err;

		if ( connection_state_closing( conn ) ) {
			ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
			ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
156

157
			return 0;
158
159
		}

Pierangelo Masarati's avatar
Pierangelo Masarati committed
160
		if ( ber_flush2( conn->c_sb, ber, LBER_FLUSH_FREE_NEVER ) == 0 ) {
161
162
163
			break;
		}

164
		err = sock_errno();
165

Kurt Zeilenga's avatar
Kurt Zeilenga committed
166
167
168
169
170
171
		/*
		 * we got an error.  if it's ewouldblock, we need to
		 * wait on the socket being writable.  otherwise, figure
		 * it's a hard error and return.
		 */

Pierangelo Masarati's avatar
Pierangelo Masarati committed
172
		Debug( LDAP_DEBUG_CONNS, "ber_flush2 failed errno=%d reason=\"%s\"\n",
Howard Chu's avatar
Howard Chu committed
173
		    err, sock_errstr(err), 0 );
174

175
		if ( err != EWOULDBLOCK && err != EAGAIN ) {
176
			connection_closing( conn, "connection lost on write" );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
177

178
179
			ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
			ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
180

181
			return( -1 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
182
183
184
185
		}

		/* wait for socket to be write-ready */
		conn->c_writewaiter = 1;
186
		slapd_set_write( conn->c_sd, 1 );
187

188
189
		ldap_pvt_thread_cond_wait( &conn->c_write_cv, &conn->c_mutex );
		conn->c_writewaiter = 0;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
190
191
	}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
192
	ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
193
194
	ldap_pvt_thread_mutex_unlock( &conn->c_write_mutex );

195
196
197
	return bytes;
}

198
static int
199
send_ldap_control( BerElement *ber, LDAPControl *c )
200
201
{
	int rc;
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228

	assert( c != NULL );

	rc = ber_printf( ber, "{s" /*}*/, c->ldctl_oid );

	if( c->ldctl_iscritical ) {
		rc = ber_printf( ber, "b",
			(ber_int_t) c->ldctl_iscritical ) ;
		if( rc == -1 ) return rc;
	}

	if( c->ldctl_value.bv_val != NULL ) {
		rc = ber_printf( ber, "O", &c->ldctl_value ); 
		if( rc == -1 ) return rc;
	}

	rc = ber_printf( ber, /*{*/"N}" );
	if( rc == -1 ) return rc;

	return 0;
}

static int
send_ldap_controls( Operation *o, BerElement *ber, LDAPControl **c )
{
	int rc;

229
230
	if( c == NULL )
		return 0;
231
232
233
234

	rc = ber_printf( ber, "t{"/*}*/, LDAP_TAG_CONTROLS );
	if( rc == -1 ) return rc;

235
236
237
	for( ; *c != NULL; c++) {
		rc = send_ldap_control( ber, *c );
		if( rc == -1 ) return rc;
238
239
	}

240
#ifdef SLAP_CONTROL_X_SORTEDRESULTS
241
242
243
244
245
246
247
248
249
250
251
	/* this is a hack to avoid having to modify op->s_ctrls */
	if( o->o_sortedresults ) {
		BerElementBuffer berbuf;
		BerElement *sber = (BerElement *) &berbuf;
		LDAPControl sorted;
		BER_BVZERO( &sorted.ldctl_value );
		sorted.ldctl_oid = LDAP_CONTROL_SORTRESPONSE;
		sorted.ldctl_iscritical = 0;

		ber_init2( sber, NULL, LBER_USE_DER );

252
		ber_printf( sber, "{e}", LDAP_UNWILLING_TO_PERFORM );
253
254

		if( ber_flatten2( ber, &sorted.ldctl_value, 0 ) == -1 ) {
255
			return -1;
256
257
258
259
260
		}

		(void) ber_free_buf( ber );

		rc = send_ldap_control( ber, &sorted );
261
262
		if( rc == -1 ) return rc;
	}
263
#endif
264
265
266
267
268
269

	rc = ber_printf( ber, /*{*/"N}" );

	return rc;
}

270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
/*
 * slap_response_play()
 *
 * plays the callback list; rationale: a callback can
 *   - remove itself from the list, by setting op->o_callback = NULL;
 *     malloc()'ed callbacks should free themselves from inside the
 *     sc_response() function.
 *   - replace itself with another (list of) callback(s), by setting
 *     op->o_callback = a new (list of) callback(s); in this case, it
 *     is the callback's responsibility to to append existing subsequent
 *     callbacks to the end of the list that is passed to the sc_response()
 *     function.
 *   - modify the list of subsequent callbacks by modifying the value
 *     of the sc_next field from inside the sc_response() function; this
 *     case does not require any handling from inside slap_response_play()
 *
 * To stop execution of the playlist, the sc_response() function must return
 * a value different from SLAP_SC_CONTINUE.
 *
 * The same applies to slap_cleanup_play(); only, there is no means to stop
 * execution of the playlist, since all cleanup functions must be called.
 */
292
static int
293
slap_response_play(
294
295
296
297
298
	Operation *op,
	SlapReply *rs )
{
	int rc;

299
	slap_callback	*sc = op->o_callback, **scp;
300
301

	rc = SLAP_CB_CONTINUE;
302
303
	for ( scp = &sc; *scp; ) {
		slap_callback *sc_next = (*scp)->sc_next, **sc_nextp = &(*scp)->sc_next;
304

305
		op->o_callback = *scp;
306
307
308
		if ( op->o_callback->sc_response ) {
			rc = op->o_callback->sc_response( op, rs );
			if ( op->o_callback == NULL ) {
309
310
311
312
313
314
315
				/* the callback has been removed;
				 * repair the list */
				*scp = sc_next;
				sc_nextp = scp;

			} else if ( op->o_callback != *scp ) {
				/* a new callback has been inserted
316
317
318
				 * in place of the existing one; repair the list */
				*scp = op->o_callback;
				sc_nextp = scp;
319
320
321
			}
			if ( rc != SLAP_CB_CONTINUE ) break;
		}
322
		scp = sc_nextp;
323
324
325
326
327
328
329
	}

	op->o_callback = sc;
	return rc;
}

static int
330
slap_cleanup_play(
331
332
333
	Operation *op,
	SlapReply *rs )
{
334
	slap_callback	*sc = op->o_callback, **scp;
335

336
337
	for ( scp = &sc; *scp; ) {
		slap_callback *sc_next = (*scp)->sc_next, **sc_nextp = &(*scp)->sc_next;
338

339
		op->o_callback = *scp;
340
341
342
		if ( op->o_callback->sc_cleanup ) {
			(void)op->o_callback->sc_cleanup( op, rs );
			if ( op->o_callback == NULL ) {
343
344
345
346
347
348
349
350
				/* the callback has been removed;
				 * repair the list */
				*scp = sc_next;
				sc_nextp = scp;

			} else if ( op->o_callback != *scp ) {
				/* a new callback has been inserted
				 * after the existing one; repair the list */
351
352
353
354
				/* a new callback has been inserted
				 * in place of the existing one; repair the list */
				*scp = op->o_callback;
				sc_nextp = scp;
355
356
357
			}
			/* don't care about the result; do all cleanup */
		}
358
		scp = sc_nextp;
359
360
361
362
363
364
	}

	op->o_callback = sc;
	return LDAP_SUCCESS;
}

365
static int
366
send_ldap_response(
367
368
	Operation *op,
	SlapReply *rs )
369
{
370
371
	BerElementBuffer berbuf;
	BerElement	*ber = (BerElement *) &berbuf;
372
	int		rc = LDAP_SUCCESS;
373
374
	long	bytes;

375
	if ( rs->sr_err == SLAPD_ABANDON || op->o_abandon ) {
376
377
378
379
		rc = SLAPD_ABANDON;
		goto clean2;
	}

380
	if ( op->o_callback ) {
381
		rc = slap_response_play( op, rs );
382
383
		if ( rc != SLAP_CB_CONTINUE ) {
			goto clean2;
384
		}
385
	}
386

387
#ifdef LDAP_CONNECTIONLESS
388
	if (op->o_conn && op->o_conn->c_is_udp)
389
390
391
		ber = op->o_res_ber;
	else
#endif
392
393
	{
		ber_init_w_nullc( ber, LBER_USE_DER );
Howard Chu's avatar
Howard Chu committed
394
		ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
395
	}
396

Kurt Zeilenga's avatar
Kurt Zeilenga committed
397
	Debug( LDAP_DEBUG_TRACE,
Pierangelo Masarati's avatar
Pierangelo Masarati committed
398
		"send_ldap_response: msgid=%d tag=%lu err=%d\n",
399
		rs->sr_msgid, rs->sr_tag, rs->sr_err );
400

401
	if( rs->sr_ref ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
402
		Debug( LDAP_DEBUG_ARGS, "send_ldap_response: ref=\"%s\"\n",
403
			rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL",
Kurt Zeilenga's avatar
Kurt Zeilenga committed
404
405
			NULL, NULL );
	}
406

407
#ifdef LDAP_CONNECTIONLESS
Kurt Zeilenga's avatar
Kurt Zeilenga committed
408
409
410
	if (op->o_conn && op->o_conn->c_is_udp &&
		op->o_protocol == LDAP_VERSION2 )
	{
411
		rc = ber_printf( ber, "t{ess" /*"}"*/,
412
413
414
			rs->sr_tag, rs->sr_err,
		rs->sr_matched == NULL ? "" : rs->sr_matched,
		rs->sr_text == NULL ? "" : rs->sr_text );
415
	} else 
416
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
417
418
419
420
421
	if ( rs->sr_type == REP_INTERMEDIATE ) {
	    rc = ber_printf( ber, "{it{" /*"}}"*/,
			rs->sr_msgid, rs->sr_tag );

	} else {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
422
	    rc = ber_printf( ber, "{it{ess" /*"}}"*/,
423
424
425
		rs->sr_msgid, rs->sr_tag, rs->sr_err,
		rs->sr_matched == NULL ? "" : rs->sr_matched,
		rs->sr_text == NULL ? "" : rs->sr_text );
426
	}
427

Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
428
	if( rc != -1 ) {
429
430
		if ( rs->sr_ref != NULL ) {
			assert( rs->sr_err == LDAP_REFERRAL );
431
			rc = ber_printf( ber, "t{W}",
432
				LDAP_TAG_REFERRAL, rs->sr_ref );
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
433
		} else {
434
			assert( rs->sr_err != LDAP_REFERRAL );
435
		}
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
436
	}
437

438
	if( rc != -1 && rs->sr_type == REP_SASL && rs->sr_sasldata != NULL ) {
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
439
		rc = ber_printf( ber, "tO",
440
			LDAP_TAG_SASL_RES_CREDS, rs->sr_sasldata );
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
441
	}
442

Kurt Zeilenga's avatar
Kurt Zeilenga committed
443
444
445
	if( rc != -1 &&
		( rs->sr_type == REP_EXTENDED || rs->sr_type == REP_INTERMEDIATE ))
	{
446
447
		if ( rs->sr_rspoid != NULL ) {
			rc = ber_printf( ber, "ts",
448
449
450
				rs->sr_type == REP_EXTENDED
					? LDAP_TAG_EXOP_RES_OID : LDAP_TAG_IM_RES_OID,
				rs->sr_rspoid );
451
452
453
		}
		if( rc != -1 && rs->sr_rspdata != NULL ) {
			rc = ber_printf( ber, "tO",
454
455
456
				rs->sr_type == REP_EXTENDED
					? LDAP_TAG_EXOP_RES_VALUE : LDAP_TAG_IM_RES_VALUE,
				rs->sr_rspdata );
457
		}
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
458
459
460
	}

	if( rc != -1 ) {
461
		rc = ber_printf( ber, /*"{"*/ "N}" );
462
	}
463

464
465
	if( rc != -1 ) {
		rc = send_ldap_controls( op, ber, rs->sr_ctrls );
466
467
468
469
470
471
	}

	if( rc != -1 ) {
		rc = ber_printf( ber, /*"{"*/ "N}" );
	}

472
#ifdef LDAP_CONNECTIONLESS
473
474
475
	if( op->o_conn && op->o_conn->c_is_udp && op->o_protocol == LDAP_VERSION2
		&& rc != -1 )
	{
476
477
478
479
		rc = ber_printf( ber, /*"{"*/ "N}" );
	}
#endif
		
480
481
	if ( rc == -1 ) {
		Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
482

483
#ifdef LDAP_CONNECTIONLESS
484
		if (!op->o_conn || op->o_conn->c_is_udp == 0)
485
#endif
486
487
488
		{
			ber_free_buf( ber );
		}
489
		goto cleanup;
490
491
492
	}

	/* send BER */
493
	bytes = send_ldap_ber( op->o_conn, ber );
494
#ifdef LDAP_CONNECTIONLESS
495
	if (!op->o_conn || op->o_conn->c_is_udp == 0)
496
#endif
497
498
499
	{
		ber_free_buf( ber );
	}
500
501
502
503
504

	if ( bytes < 0 ) {
		Debug( LDAP_DEBUG_ANY,
			"send_ldap_response: ber write failed\n",
			0, 0, 0 );
505

506
		goto cleanup;
507
508
	}

509
510
511
512
	ldap_pvt_thread_mutex_lock( &op->o_counters->sc_mutex );
	ldap_pvt_mp_add_ulong( op->o_counters->sc_pdu, 1 );
	ldap_pvt_mp_add_ulong( op->o_counters->sc_bytes, (unsigned long)bytes );
	ldap_pvt_thread_mutex_unlock( &op->o_counters->sc_mutex );
513

514
cleanup:;
515
516
517
518
519
	/* Tell caller that we did this for real, as opposed to being
	 * overridden by a callback
	 */
	rc = SLAP_CB_CONTINUE;

520
521
clean2:;
	if ( op->o_callback ) {
522
		(void)slap_cleanup_play( op, rs );
523
524
	}

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
525
526
527
528
529
530
	if ( rs->sr_flags & REP_MATCHED_MUSTBEFREED ) {
		rs->sr_flags ^= REP_MATCHED_MUSTBEFREED; /* paranoia */
		if ( rs->sr_matched ) {
			free( (char *)rs->sr_matched );
			rs->sr_matched = NULL;
		}
531
532
	}

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
533
534
535
536
537
538
	if ( rs->sr_flags & REP_REF_MUSTBEFREED ) {
		rs->sr_flags ^= REP_REF_MUSTBEFREED; /* paranoia */
		if ( rs->sr_ref ) {
			ber_bvarray_free( rs->sr_ref );
			rs->sr_ref = NULL;
		}
539
540
	}

541
	return rc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
542
543
}

544

Kurt Zeilenga's avatar
Kurt Zeilenga committed
545
void
546
send_ldap_disconnect( Operation	*op, SlapReply *rs )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
547
{
548
549
550
551
552
#define LDAP_UNSOLICITED_ERROR(e) \
	(  (e) == LDAP_PROTOCOL_ERROR \
	|| (e) == LDAP_STRONG_AUTH_REQUIRED \
	|| (e) == LDAP_UNAVAILABLE )

553
554
555
	assert( LDAP_UNSOLICITED_ERROR( rs->sr_err ) );

	rs->sr_type = REP_EXTENDED;
556
557
558

	Debug( LDAP_DEBUG_TRACE,
		"send_ldap_disconnect %d:%s\n",
559
		rs->sr_err, rs->sr_text ? rs->sr_text : "", NULL );
560

561
	if ( op->o_protocol < LDAP_VERSION3 ) {
562
		rs->sr_rspoid = NULL;
563
		rs->sr_tag = slap_req2res( op->o_tag );
564
		rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
565
566

	} else {
567
568
		rs->sr_rspoid = LDAP_NOTICE_DISCONNECT;
		rs->sr_tag = LDAP_RES_EXTENDED;
569
		rs->sr_msgid = LDAP_RES_UNSOLICITED;
570
	}
571

572
573
	if ( send_ldap_response( op, rs ) == SLAP_CB_CONTINUE ) {
		Statslog( LDAP_DEBUG_STATS,
574
575
576
			"%s DISCONNECT tag=%lu err=%d text=%s\n",
			op->o_log_prefix, rs->sr_tag, rs->sr_err,
			rs->sr_text ? rs->sr_text : "", 0 );
577
	}
578
579
580
}

void
581
slap_send_ldap_result( Operation *op, SlapReply *rs )
582
{
583
	char *tmp = NULL;
584
585
	const char *otext = rs->sr_text;
	BerVarray oref = rs->sr_ref;
586

Howard Chu's avatar
Howard Chu committed
587
588
	rs->sr_type = REP_RESULT;

589
	/* Propagate Abandons so that cleanup callbacks can be processed */
590
	if ( rs->sr_err == SLAPD_ABANDON || op->o_abandon )
591
592
		goto abandon;

Pierangelo Masarati's avatar
Pierangelo Masarati committed
593
	assert( !LDAP_API_ERROR( rs->sr_err ) );
594

Kurt Zeilenga's avatar
Kurt Zeilenga committed
595
	Debug( LDAP_DEBUG_TRACE,
596
597
		"send_ldap_result: %s p=%d\n",
		op->o_log_prefix, op->o_protocol, 0 );
598

Kurt Zeilenga's avatar
Kurt Zeilenga committed
599
600
	Debug( LDAP_DEBUG_ARGS,
		"send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n",
601
602
		rs->sr_err, rs->sr_matched ? rs->sr_matched : "",
		rs->sr_text ? rs->sr_text : "" );
603

Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
604

605
	if( rs->sr_ref ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
606
607
		Debug( LDAP_DEBUG_ARGS,
			"send_ldap_result: referral=\"%s\"\n",
608
			rs->sr_ref[0].bv_val ? rs->sr_ref[0].bv_val : "NULL",
Kurt Zeilenga's avatar
Cleanup    
Kurt Zeilenga committed
609
			NULL, NULL );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
610
	}
611

612
	assert( rs->sr_err != LDAP_PARTIAL_RESULTS );
613

614
	if ( rs->sr_err == LDAP_REFERRAL ) {
615
616
		if( op->o_domain_scope ) rs->sr_ref = NULL;

617
618
		if( rs->sr_ref == NULL ) {
			rs->sr_err = LDAP_NO_SUCH_OBJECT;
619
		} else if ( op->o_protocol < LDAP_VERSION3 ) {
620
			rs->sr_err = LDAP_PARTIAL_RESULTS;
621
622
623
		}
	}

624
	if ( op->o_protocol < LDAP_VERSION3 ) {
625
626
627
		tmp = v2ref( rs->sr_ref, rs->sr_text );
		rs->sr_text = tmp;
		rs->sr_ref = NULL;
628
629
	}

630
	rs->sr_tag = slap_req2res( op->o_tag );
631
	rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
632

633
abandon:
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
634
635
636
637
638
639
640
641
	if ( rs->sr_flags & REP_REF_MUSTBEFREED ) {
		if ( rs->sr_ref == NULL ) {
			rs->sr_flags ^= REP_REF_MUSTBEFREED;
			ber_bvarray_free( oref );
		}
		oref = NULL; /* send_ldap_response() will free rs->sr_ref if != NULL */
	}

642
643
644
645
646
	if ( send_ldap_response( op, rs ) == SLAP_CB_CONTINUE ) {
		if ( op->o_tag == LDAP_REQ_SEARCH ) {
			char nbuf[64];
			snprintf( nbuf, sizeof nbuf, "%d nentries=%d",
				rs->sr_err, rs->sr_nentries );
647

648
			Statslog( LDAP_DEBUG_STATS,
649
650
651
			"%s SEARCH RESULT tag=%lu err=%s text=%s\n",
				op->o_log_prefix, rs->sr_tag, nbuf,
				rs->sr_text ? rs->sr_text : "", 0 );
652
653
		} else {
			Statslog( LDAP_DEBUG_STATS,
654
655
656
				"%s RESULT tag=%lu err=%d text=%s\n",
				op->o_log_prefix, rs->sr_tag, rs->sr_err,
				rs->sr_text ? rs->sr_text : "", 0 );
657
		}
658
	}
659

660
	if( tmp != NULL ) ch_free(tmp);
661
662
	rs->sr_text = otext;
	rs->sr_ref = oref;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
663
664
}

665
void
666
send_ldap_sasl( Operation *op, SlapReply *rs )
667
{
668
	rs->sr_type = REP_SASL;
Pierangelo Masarati's avatar
Pierangelo Masarati committed
669
	Debug( LDAP_DEBUG_TRACE, "send_ldap_sasl: err=%d len=%ld\n",
670
671
		rs->sr_err,
		rs->sr_sasldata ? (long) rs->sr_sasldata->bv_len : -1, NULL );
672

673
	rs->sr_tag = slap_req2res( op->o_tag );
674
	rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
675

676
677
678
679
680
681
	if ( send_ldap_response( op, rs ) == SLAP_CB_CONTINUE ) {
		Statslog( LDAP_DEBUG_STATS,
			"%s RESULT tag=%lu err=%d text=%s\n",
			op->o_log_prefix, rs->sr_tag, rs->sr_err,
			rs->sr_text ? rs->sr_text : "", 0 );
	}
682
683
}

684
void
685
slap_send_ldap_extended( Operation *op, SlapReply *rs )
686
{
687
	rs->sr_type = REP_EXTENDED;
688
689

	Debug( LDAP_DEBUG_TRACE,
690
		"send_ldap_extended: err=%d oid=%s len=%ld\n",
691
692
693
		rs->sr_err,
		rs->sr_rspoid ? rs->sr_rspoid : "",
		rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 );
694

695
	rs->sr_tag = slap_req2res( op->o_tag );
696
	rs->sr_msgid = (rs->sr_tag != LBER_SEQUENCE) ? op->o_msgid : 0;
697

698
699
700
701
702
703
	if ( send_ldap_response( op, rs ) == SLAP_CB_CONTINUE ) {
		Statslog( LDAP_DEBUG_STATS,
			"%s RESULT oid=%s err=%d text=%s\n",
			op->o_log_prefix, rs->sr_rspoid ? rs->sr_rspoid : "",
			rs->sr_err, rs->sr_text ? rs->sr_text : "", 0 );
	}
704
705
}

Jong Hyuk Choi's avatar
Jong Hyuk Choi committed
706
void
707
slap_send_ldap_intermediate( Operation *op, SlapReply *rs )
Jong Hyuk Choi's avatar
Jong Hyuk Choi committed
708
{
Kurt Zeilenga's avatar
Kurt Zeilenga committed
709
	rs->sr_type = REP_INTERMEDIATE;
Jong Hyuk Choi's avatar
Jong Hyuk Choi committed
710
711
	Debug( LDAP_DEBUG_TRACE,
		"send_ldap_intermediate: err=%d oid=%s len=%ld\n",
712
713
714
		rs->sr_err,
		rs->sr_rspoid ? rs->sr_rspoid : "",
		rs->sr_rspdata != NULL ? rs->sr_rspdata->bv_len : 0 );
715
	rs->sr_tag = LDAP_RES_INTERMEDIATE;
716
	rs->sr_msgid = op->o_msgid;
717
718
719
720
721
722
	if ( send_ldap_response( op, rs ) == SLAP_CB_CONTINUE ) {
		Statslog( LDAP_DEBUG_STATS2,
			"%s INTERM oid=%s\n",
			op->o_log_prefix,
			rs->sr_rspoid ? rs->sr_rspoid : "", 0, 0, 0 );
	}
Jong Hyuk Choi's avatar
Jong Hyuk Choi committed
723
}
724

725
726
727
/*
 * returns:
 *
728
729
730
731
732
 * LDAP_SUCCESS			entry sent
 * LDAP_OTHER			entry not sent (other)
 * LDAP_INSUFFICIENT_ACCESS	entry not sent (ACL)
 * LDAP_UNAVAILABLE		entry not sent (connection closed)
 * LDAP_SIZELIMIT_EXCEEDED	entry not sent (caller must send sizelimitExceeded)
733
734
 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
735
int
736
slap_send_search_entry( Operation *op, SlapReply *rs )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
737
{
738
739
	BerElementBuffer berbuf;
	BerElement	*ber = (BerElement *) &berbuf;
740
	Attribute	*a;
741
	int		i, j, rc = LDAP_UNAVAILABLE, bytes;
Gary Williams's avatar
Gary Williams committed
742
	char		*edn;
743
	int		userattrs;
Howard Chu's avatar
Howard Chu committed
744
	AccessControlState acl_state = ACL_STATE_INIT;
745
	int			 attrsonly;
746
	AttributeDescription *ad_entry = slap_schema.si_ad_entry;
747

748
749
750
751
	/* a_flags: array of flags telling if the i-th element will be
	 *          returned or filtered out
	 * e_flags: array of a_flags
	 */
752
	char **e_flags = NULL;
753
754

	if ( op->ors_slimit >= 0 && rs->sr_nentries >= op->ors_slimit ) {
755
		return LDAP_SIZELIMIT_EXCEEDED;
756
757
	}

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
758
	/* Every 64 entries, check for thread pool pause */
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
759
	if ( ( ( rs->sr_nentries & 0x3f ) == 0x3f ) &&
Howard Chu's avatar
Howard Chu committed
760
		ldap_pvt_thread_pool_pausing( &connection_pool ) > 0 )
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
761
	{
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
762
763
764
		return LDAP_BUSY;
	}

765
766
	rs->sr_type = REP_SEARCH;

767
768
769
	/* eventually will loop through generated operational attribute types
	 * currently implemented types include:
	 *	entryDN, subschemaSubentry, and hasSubordinates */
770
771
772
	/* NOTE: moved before overlays callback circling because
	 * they may modify entry and other stuff in rs */
	/* check for special all operational attributes ("+") type */
773
	/* FIXME: maybe we could set this flag at the operation level;
774
775
	 * however, in principle the caller of send_search_entry() may
	 * change the attribute list at each call */
776
	rs->sr_attr_flags = slap_attr_flags( rs->sr_attrs );
777
778
779
780
781

	rc = backend_operational( op, rs );
	if ( rc ) {
		goto error_return;
	}
782

783
	if ( op->o_callback ) {
784
		rc = slap_response_play( op, rs );
785
786
		if ( rc != SLAP_CB_CONTINUE ) {
			goto error_return;
787
		}
788
789
	}

790
	Debug( LDAP_DEBUG_TRACE, "=> send_search_entry: conn %lu dn=\"%s\"%s\n",
791
		op->o_connid, rs->sr_entry->e_name.bv_val,
792
		op->ors_attrsonly ? " (attrsOnly)" : "" );
793

794
795
	attrsonly = op->ors_attrsonly;

796
	if ( !access_allowed( op, rs->sr_entry, ad_entry, NULL, ACL_READ, NULL )) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
797
		Debug( LDAP_DEBUG_ACL,
798
799
			"send_search_entry: conn %lu access to entry (%s) not allowed\n", 
			op->o_connid, rs->sr_entry->e_name.bv_val, 0 );
800

801
		rc = LDAP_INSUFFICIENT_ACCESS;
802
		goto error_return;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
803
804
	}

805
	edn = rs->sr_entry->e_nname.bv_val;
806

807
808
	if ( op->o_res_ber ) {
		/* read back control or LDAP_CONNECTIONLESS */
809
	    ber = op->o_res_ber;
810
	} else {
Howard Chu's avatar
Howard Chu committed
811
812
		struct berval	bv;

813
		bv.bv_len = entry_flatsize( rs->sr_entry, 0 );
Pierangelo Masarati's avatar
cleanup    
Pierangelo Masarati committed
814
		bv.bv_val = op->o_tmpalloc( bv.bv_len, op->o_tmpmemctx );
Howard Chu's avatar
Howard Chu committed
815
816

		ber_init2( ber, &bv, LBER_USE_DER );
Howard Chu's avatar
Howard Chu committed
817
		ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
Howard Chu's avatar
Howard Chu committed
818
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
819

820
#ifdef LDAP_CONNECTIONLESS
821
822
823
	if ( op->o_conn && op->o_conn->c_is_udp ) {
		/* CONNECTIONLESS */
		if ( op->o_protocol == LDAP_VERSION2 ) {
824
825
	    	rc = ber_printf(ber, "t{O{" /*}}*/,
				LDAP_RES_SEARCH_ENTRY, &rs->sr_entry->e_name );
826
		} else {
827
828
	    	rc = ber_printf( ber, "{it{O{" /*}}}*/, op->o_msgid,
				LDAP_RES_SEARCH_ENTRY, &rs->sr_entry->e_name );
829
		}
830
	} else
831
#endif
832
833
	if ( op->o_res_ber ) {
		/* read back control */
834
	    rc = ber_printf( ber, "{O{" /*}}*/, &rs->sr_entry->e_name );
835
	} else {
836
837
	    rc = ber_printf( ber, "{it{O{" /*}}}*/, op->o_msgid,
			LDAP_RES_SEARCH_ENTRY, &rs->sr_entry->e_name );
838
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
839
840

	if ( rc == -1 ) {
841
842
843
		Debug( LDAP_DEBUG_ANY, 
			"send_search_entry: conn %lu  ber_printf failed\n", 
			op->o_connid, 0, 0 );
844

845
		if ( op->o_res_ber == NULL ) ber_free_buf( ber );
846
		send_ldap_error( op, rs, LDAP_OTHER, "encoding DN error" );
847
		rc = rs->sr_err;
848
		goto error_return;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
849
850
	}

851
	/* check for special all user attributes ("*") type */
852
	userattrs = SLAP_USERATTRS( rs->sr_attr_flags );
853

854
	/* create an array of arrays of flags. Each flag corresponds
855
	 * to particular value of attribute and equals 1 if value matches
856
857
	 * to ValuesReturnFilter or 0 if not
	 */	
Kurt Zeilenga's avatar
Kurt Zeilenga committed
858
	if ( op->o_vrFilter != NULL ) {
859
860
		int	k = 0;
		size_t	size;
861

862
		for ( a = rs->sr_entry->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
863
864
			for ( j = 0; a->a_vals[j].bv_val != NULL; j++ ) k++;
		}
865

866
867
868
		size = i * sizeof(char *) + k;
		if ( size > 0 ) {
			char	*a_flags;
869
			e_flags = slap_sl_calloc ( 1, i * sizeof(char *) + k, op->o_tmpmemctx );
Julius Enarusai's avatar
   
Julius Enarusai committed
870
871
			if( e_flags == NULL ) {
		    	Debug( LDAP_DEBUG_ANY, 
872
873
					"send_search_entry: conn %lu slap_sl_calloc failed\n",
					op->o_connid ? op->o_connid : 0, 0, 0 );
Julius Enarusai's avatar
   
Julius Enarusai committed
874
875
				ber_free( ber, 1 );
	
876
				send_ldap_error( op, rs, LDAP_OTHER, "out of memory" );
Julius Enarusai's avatar
   
Julius Enarusai committed
877
878
				goto error_return;
			}
879
880
			a_flags = (char *)(e_flags + i);
			memset( a_flags, 0, k );