request.c 34.4 KB
Newer Older
1
/* $OpenLDAP$ */
2
3
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
Kurt Zeilenga's avatar
Kurt Zeilenga committed
4
 * Copyright 1998-2008 The OpenLDAP Foundation.
5
6
7
8
9
10
11
12
13
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
 * Public License.
 *
 * A copy of this license is available in the file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
Kurt Zeilenga's avatar
Kurt Zeilenga committed
14
 */
15
16
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
 * All rights reserved.
17
 */
18
/* This notice applies to changes, created by or for Novell, Inc.,
19
20
21
22
23
24
25
26
27
28
29
30
 * to preexisting works for which notices appear elsewhere in this file.
 *
 * Copyright (C) 1999, 2000 Novell, Inc. All Rights Reserved.
 *
 * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES.
 * USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO VERSION
 * 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS AVAILABLE AT
 * HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE" IN THE
 * TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION OF THIS
 * WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP PUBLIC
 * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE
 * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY. 
31
 *---
32
33
 * Modification to OpenLDAP source by Novell, Inc.
 * April 2000 sfs  Added code to chase V3 referrals
Kurt Zeilenga's avatar
Kurt Zeilenga committed
34
 *  request.c - sending of ldap requests; handling of referrals
35
36
 *---
 * Note: A verbatim copy of version 2.0.1 of the OpenLDAP Public License 
37
38
39
 * can be found in the file "build/LICENSE-2.0.1" in this distribution
 * of OpenLDAP Software.
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
40

41
#include "portable.h"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
42
43

#include <stdio.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
44
45

#include <ac/stdlib.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
46

47
48
49
50
51
52
#include <ac/errno.h>
#include <ac/socket.h>
#include <ac/string.h>
#include <ac/time.h>
#include <ac/unistd.h>

Kurt Zeilenga's avatar
Kurt Zeilenga committed
53
#include "ldap-int.h"
54
#include "lber.h"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
55

56
static LDAPConn *find_connection LDAP_P(( LDAP *ld, LDAPURLDesc *srv, int any ));
57
static void use_connection LDAP_P(( LDAP *ld, LDAPConn *lc ));
Kurt Zeilenga's avatar
Kurt Zeilenga committed
58
static void ldap_free_request_int LDAP_P(( LDAP *ld, LDAPRequest *lr ));
Kurt Zeilenga's avatar
Kurt Zeilenga committed
59

60
61
static BerElement *
re_encode_request( LDAP *ld,
62
	BerElement *origber,
63
	ber_int_t msgid,
64
	int sref,
65
66
	LDAPURLDesc *srv,
	int *type );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
67
68

BerElement *
69
ldap_alloc_ber_with_options( LDAP *ld )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
70
71
72
{
	BerElement	*ber;

73
    if (( ber = ber_alloc_t( ld->ld_lberoptions )) == NULL ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
74
75
76
77
78
79
80
81
		ld->ld_errno = LDAP_NO_MEMORY;
	}

	return( ber );
}


void
82
ldap_set_ber_options( LDAP *ld, BerElement *ber )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
83
84
85
86
87
{
	ber->ber_options = ld->ld_lberoptions;
}


88
ber_int_t
Kurt Zeilenga's avatar
Kurt Zeilenga committed
89
90
ldap_send_initial_request(
	LDAP *ld,
91
	ber_tag_t msgtype,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
92
	const char *dn,
93
94
	BerElement *ber,
	ber_int_t msgid)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
95
{
96
	int rc = 1;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
97

98
	Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
99

100
101
102
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif
103
	if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, NULL ) == -1 ) {
104
		/* not connected yet */
105
		rc = ldap_open_defconn( ld );
106

107
108
109
110
111
112
113
114
	}
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
#endif
	if( rc < 0 ) {
		ber_free( ber, 1 );
		return( -1 );
	} else if ( rc == 0 ) {
115
		Debug( LDAP_DEBUG_TRACE,
116
117
			"ldap_open_defconn: successful\n",
			0, 0, 0 );
118
119
	}

120
121
122
123
124
125
126
127
128
129
130
131
#ifdef LDAP_CONNECTIONLESS
	if (LDAP_IS_UDP(ld)) {
		if (msgtype == LDAP_REQ_BIND) {
			if (ld->ld_options.ldo_cldapdn)
				ldap_memfree(ld->ld_options.ldo_cldapdn);
			ld->ld_options.ldo_cldapdn = ldap_strdup(dn);
			return 0;
		}
		if (msgtype != LDAP_REQ_ABANDON && msgtype != LDAP_REQ_SEARCH)
			return LDAP_PARAM_ERROR;
	}
#endif
132
133
134
135
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif
	rc = ldap_send_server_request( ld, ber, msgid, NULL,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
136
		NULL, NULL, NULL );
137
138
139
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
#endif
140
	return(rc);
Kurt Zeilenga's avatar
Kurt Zeilenga committed
141
142
143
}


144
145
146
int
ldap_int_flush_request(
	LDAP *ld,
147
	LDAPRequest *lr )
148
149
150
151
{
	LDAPConn *lc = lr->lr_conn;

	if ( ber_flush( lc->lconn_sb, lr->lr_ber, 0 ) != 0 ) {
152
		if ( sock_errno() == EAGAIN ) {
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
			/* need to continue write later */
			lr->lr_status = LDAP_REQST_WRITING;
			ldap_mark_select_write( ld, lc->lconn_sb );
			ld->ld_errno = LDAP_BUSY;
			return -2;
		} else {
			ld->ld_errno = LDAP_SERVER_DOWN;
			ldap_free_request( ld, lr );
			ldap_free_connection( ld, lc, 0, 0 );
			return( -1 );
		}
	} else {
		if ( lr->lr_parent == NULL ) {
			lr->lr_ber->ber_end = lr->lr_ber->ber_ptr;
			lr->lr_ber->ber_ptr = lr->lr_ber->ber_buf;
		}
		lr->lr_status = LDAP_REQST_INPROGRESS;

		/* sent -- waiting for a response */
		ldap_mark_select_read( ld, lc->lconn_sb );
	}
	return 0;
}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
176
177

int
178
179
180
181
182
ldap_send_server_request(
	LDAP *ld,
	BerElement *ber,
	ber_int_t msgid,
	LDAPRequest *parentreq,
183
	LDAPURLDesc *srvlist,
184
	LDAPConn *lc,
185
	LDAPreqinfo *bind )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
186
187
{
	LDAPRequest	*lr;
188
	int incparent, rc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
189

190
	Debug( LDAP_DEBUG_TRACE, "ldap_send_server_request\n", 0, 0, 0 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
191

192
	incparent = 0;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
193
194
195
196
197
198
	ld->ld_errno = LDAP_SUCCESS;	/* optimistic */

	if ( lc == NULL ) {
		if ( srvlist == NULL ) {
			lc = ld->ld_defconn;
		} else {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
199
200
			lc = find_connection( ld, srvlist, 1 );
			if ( lc == NULL ) {
201
				if ( (bind != NULL) && (parentreq != NULL) ) {
202
203
204
205
					/* Remember the bind in the parent */
					incparent = 1;
					++parentreq->lr_outrefcnt;
				}
206
				lc = ldap_new_connection( ld, srvlist, 0, 1, bind );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
207
208
209
210
211
212
213
214
215
			}
		}
	}

	if ( lc == NULL || lc->lconn_status != LDAP_CONNST_CONNECTED ) {
		ber_free( ber, 1 );
		if ( ld->ld_errno == LDAP_SUCCESS ) {
			ld->ld_errno = LDAP_SERVER_DOWN;
		}
216
217
218
219
		if ( incparent ) {
			/* Forget about the bind */
			--parentreq->lr_outrefcnt; 
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
220
221
222
223
		return( -1 );
	}

	use_connection( ld, lc );
224

Howard Chu's avatar
Howard Chu committed
225
226
227
228
229
230
231
232
233
234
235
236
237
#ifdef LDAP_CONNECTIONLESS
	if ( LDAP_IS_UDP( ld )) {
		BerElement tmpber = *ber;
		ber_rewind( &tmpber );
		rc = ber_write( &tmpber, ld->ld_options.ldo_peer,
			sizeof( struct sockaddr ), 0 );
		if ( rc == -1 ) {
			ld->ld_errno = LDAP_ENCODING_ERROR;
			return rc;
		}
	}
#endif

238
239
240
241
242
	/* If we still have an incomplete write, try to finish it before
	 * dealing with the new request. If we don't finish here, return
	 * LDAP_BUSY and let the caller retry later. We only allow a single
	 * request to be in WRITING state.
	 */
243
	rc = 0;
244
245
	if ( ld->ld_requests &&
		ld->ld_requests->lr_status == LDAP_REQST_WRITING &&
Kurt Zeilenga's avatar
Kurt Zeilenga committed
246
247
		ldap_int_flush_request( ld, ld->ld_requests ) < 0 )
	{
248
		rc = -1;
249
	}
250
	if ( rc ) return rc;
251

Kurt Zeilenga's avatar
Kurt Zeilenga committed
252
253
	lr = (LDAPRequest *)LDAP_CALLOC( 1, sizeof( LDAPRequest ));
	if ( lr == NULL ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
254
		ld->ld_errno = LDAP_NO_MEMORY;
255
		ldap_free_connection( ld, lc, 0, 0 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
256
		ber_free( ber, 1 );
257
258
259
260
		if ( incparent ) {
			/* Forget about the bind */
			--parentreq->lr_outrefcnt; 
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
261
262
263
264
265
266
267
268
		return( -1 );
	} 
	lr->lr_msgid = msgid;
	lr->lr_status = LDAP_REQST_INPROGRESS;
	lr->lr_res_errno = LDAP_SUCCESS;	/* optimistic */
	lr->lr_ber = ber;
	lr->lr_conn = lc;
	if ( parentreq != NULL ) {	/* sub-request */
269
270
271
272
		if ( !incparent ) { 
			/* Increment if we didn't do it before the bind */
			++parentreq->lr_outrefcnt;
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
273
		lr->lr_origid = parentreq->lr_origid;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
274
		lr->lr_parentcnt = ++parentreq->lr_parentcnt;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
275
		lr->lr_parent = parentreq;
276
277
		lr->lr_refnext = parentreq->lr_child;
		parentreq->lr_child = lr;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
278
279
280
281
	} else {			/* original request */
		lr->lr_origid = lr->lr_msgid;
	}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
	/* Extract requestDN for future reference */
	{
		BerElement tmpber = *ber;
		ber_int_t	bint;
		ber_tag_t	tag, rtag;

		ber_reset( &tmpber, 1 );
		rtag = ber_scanf( &tmpber, "{it", /*}*/ &bint, &tag );
		switch ( tag ) {
		case LDAP_REQ_BIND:
			rtag = ber_scanf( &tmpber, "{i" /*}*/, &bint );
			break;
		case LDAP_REQ_DELETE:
			break;
		default:
			rtag = ber_scanf( &tmpber, "{" /*}*/ );
		case LDAP_REQ_ABANDON:
			break;
		}
		if ( tag != LDAP_REQ_ABANDON ) {
			ber_skip_tag( &tmpber, &lr->lr_dn.bv_len );
			lr->lr_dn.bv_val = tmpber.ber_ptr;
		}
	}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
307
	lr->lr_prev = NULL;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
308
309
310
311
312
	if (( lr->lr_next = ld->ld_requests ) != NULL ) {
		lr->lr_next->lr_prev = lr;
	}
	ld->ld_requests = lr;

313
	ld->ld_errno = LDAP_SUCCESS;
314
	if ( ldap_int_flush_request( ld, lr ) == -1 ) {
315
		msgid = -1;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
316
317
318
319
320
321
	}

	return( msgid );
}

LDAPConn *
322
ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
323
	int connect, LDAPreqinfo *bind )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
324
325
{
	LDAPConn	*lc;
326
	LDAPURLDesc	*srv;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
327

Kurt Zeilenga's avatar
Kurt Zeilenga committed
328
329
	Debug( LDAP_DEBUG_TRACE, "ldap_new_connection %d %d %d\n",
		use_ldsb, connect, (bind != NULL) );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
330
331
332
333
	/*
	 * make a new LDAP server connection
	 * XXX open connection synchronously for now
	 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
334
335
	lc = (LDAPConn *)LDAP_CALLOC( 1, sizeof( LDAPConn ) );
	if ( lc == NULL ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
336
337
338
		ld->ld_errno = LDAP_NO_MEMORY;
		return( NULL );
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
339
340
341
342
	
	if ( use_ldsb ) {
		assert( ld->ld_sb != NULL );
		lc->lconn_sb = ld->ld_sb;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
343

Kurt Zeilenga's avatar
Kurt Zeilenga committed
344
345
346
347
348
349
350
351
	} else {
		lc->lconn_sb = ber_sockbuf_alloc();
		if ( lc->lconn_sb == NULL ) {
			LDAP_FREE( (char *)lc );
			ld->ld_errno = LDAP_NO_MEMORY;
			return( NULL );
		}
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
352
353

	if ( connect ) {
354
		for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
355
356
			if ( ldap_int_open_connection( ld, lc, srv, 0 ) != -1 )
			{
Kurt Zeilenga's avatar
Kurt Zeilenga committed
357
358
359
360
361
				break;
			}
		}

		if ( srv == NULL ) {
362
363
364
			if ( !use_ldsb ) {
				ber_sockbuf_free( lc->lconn_sb );
			}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
365
366
367
			LDAP_FREE( (char *)lc );
			ld->ld_errno = LDAP_SERVER_DOWN;
			return( NULL );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
368
369
		}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
370
		lc->lconn_server = ldap_url_dup( srv );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
371
372
373
	}

	lc->lconn_status = LDAP_CONNST_CONNECTED;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
374
375
376
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_lock( &ld->ld_conn_mutex );
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
377
378
	lc->lconn_next = ld->ld_conns;
	ld->ld_conns = lc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
379
380
381
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_unlock( &ld->ld_conn_mutex );
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
382
383
384
385
386

	/*
	 * XXX for now, we always do a synchronous bind.  This will have
	 * to change in the long run...
	 */
387
388
	if ( bind != NULL) {
		int		err = 0;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
389
390
		LDAPConn	*savedefconn;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
391
392
		/* Set flag to prevent additional referrals
		 * from being processed on this
393
394
395
396
		 * connection until the bind has completed
		 */
		lc->lconn_rebind_inprogress = 1;
		/* V3 rebind function */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
397
		if ( ld->ld_rebind_proc != NULL) {
398
			LDAPURLDesc	*srvfunc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
399
400
401

			srvfunc = ldap_url_dup( srvlist );
			if ( srvfunc == NULL ) {
402
403
				ld->ld_errno = LDAP_NO_MEMORY;
				err = -1;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
404
			} else {
405
406
407
408
				savedefconn = ld->ld_defconn;
				++lc->lconn_refcnt;	/* avoid premature free */
				ld->ld_defconn = lc;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
409
				Debug( LDAP_DEBUG_TRACE, "Call application rebind_proc\n", 0, 0, 0);
410
#ifdef LDAP_R_COMPILE
Kurt Zeilenga's avatar
Kurt Zeilenga committed
411
412
				ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
				ldap_pvt_thread_mutex_unlock( &ld->ld_res_mutex );
Julius Enarusai's avatar
   
Julius Enarusai committed
413
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
414
415
				err = (*ld->ld_rebind_proc)( ld,
					bind->ri_url, bind->ri_request, bind->ri_msgid,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
416
					ld->ld_rebind_params );
417
#ifdef LDAP_R_COMPILE
Kurt Zeilenga's avatar
Kurt Zeilenga committed
418
419
				ldap_pvt_thread_mutex_lock( &ld->ld_res_mutex );
				ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
420
#endif
421
422
423
424

				ld->ld_defconn = savedefconn;
				--lc->lconn_refcnt;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
425
426
				if ( err != 0 ) {
					err = -1;
427
428
					ldap_free_connection( ld, lc, 1, 0 );
					lc = NULL;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
429
430
				}
				ldap_free_urldesc( srvfunc );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
431
			}
432
		} else {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
433
434
435
			int		msgid, rc;
			struct berval	passwd = BER_BVNULL;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
436
437
			savedefconn = ld->ld_defconn;
			++lc->lconn_refcnt;	/* avoid premature free */
438
			ld->ld_defconn = lc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
439

440
441
442
443
			Debug( LDAP_DEBUG_TRACE,
				"anonymous rebind via ldap_sasl_bind(\"\")\n",
				0, 0, 0);

444
445
446
#ifdef LDAP_R_COMPILE
			ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
			ldap_pvt_thread_mutex_unlock( &ld->ld_res_mutex );
Julius Enarusai's avatar
   
Julius Enarusai committed
447
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
448
449
450
			rc = ldap_sasl_bind( ld, "", LDAP_SASL_SIMPLE, &passwd,
				NULL, NULL, &msgid );
			if ( rc != LDAP_SUCCESS ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
451
				err = -1;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480

			} else {
				for ( err = 1; err > 0; ) {
					struct timeval	tv = { 0, 100000 };
					LDAPMessage	*res = NULL;

					switch ( ldap_result( ld, msgid, LDAP_MSG_ALL, &tv, &res ) ) {
					case -1:
						err = -1;
						break;

					case 0:
#ifdef LDAP_R_COMPILE
						ldap_pvt_thread_yield();
#endif
						break;

					case LDAP_RES_BIND:
						rc = ldap_parse_result( ld, res, &err, NULL, NULL, NULL, NULL, 1 );
						if ( rc != LDAP_SUCCESS ) {
							err = -1;

						} else if ( err != LDAP_SUCCESS ) {
							err = -1;
						}
						/* else err == LDAP_SUCCESS == 0 */
						break;

					default:
481
482
483
484
						Debug( LDAP_DEBUG_TRACE,
							"ldap_new_connection %p: "
							"unexpected response %d "
							"from BIND request id=%d\n",
485
							(void *)ld, ldap_msgtype( res ), msgid );
486
487
						err = -1;
						break;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
488
489
					}
				}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
490
			}
491
492
493
494
#ifdef LDAP_R_COMPILE
			ldap_pvt_thread_mutex_lock( &ld->ld_res_mutex );
			ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
495
			ld->ld_defconn = savedefconn;
496
			--lc->lconn_refcnt;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
497

Kurt Zeilenga's avatar
Kurt Zeilenga committed
498
499
500
501
			if ( err != 0 ) {
				ldap_free_connection( ld, lc, 1, 0 );
				lc = NULL;
			}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
502
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
503
		if ( lc != NULL )
504
505
			lc->lconn_rebind_inprogress = 0;
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
506
507
508
509
510
511

	return( lc );
}


static LDAPConn *
512
find_connection( LDAP *ld, LDAPURLDesc *srv, int any )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
513
514
515
516
517
518
/*
 * return an existing connection (if any) to the server srv
 * if "any" is non-zero, check for any server in the "srv" chain
 */
{
	LDAPConn	*lc;
519
520
	LDAPURLDesc	*lcu, *lsu;
	int lcu_port, lsu_port;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
521
	int found = 0;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
522

Kurt Zeilenga's avatar
Kurt Zeilenga committed
523
524
525
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_lock( &ld->ld_conn_mutex );
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
526
	for ( lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next ) {
527
		lcu = lc->lconn_server;
528
529
530
		lcu_port = ldap_pvt_url_scheme_port( lcu->lud_scheme,
			lcu->lud_port );

531
		for ( lsu = srv; lsu != NULL; lsu = lsu->lud_next ) {
532
533
534
			lsu_port = ldap_pvt_url_scheme_port( lsu->lud_scheme,
				lsu->lud_port );

Kurt Zeilenga's avatar
Kurt Zeilenga committed
535
536
			if ( lsu_port == lcu_port
				&& strcmp( lcu->lud_scheme, lsu->lud_scheme ) == 0
537
				&& lcu->lud_host != NULL && *lcu->lud_host != '\0'
538
			    && lsu->lud_host != NULL && *lsu->lud_host != '\0'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
539
				&& strcasecmp( lsu->lud_host, lcu->lud_host ) == 0 )
540
			{
Kurt Zeilenga's avatar
Kurt Zeilenga committed
541
542
				found = 1;
				break;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
543
			}
544
545

			if ( !any ) break;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
546
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
547
548
		if ( found )
			break;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
549
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
550
551
552
553
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_unlock( &ld->ld_conn_mutex );
#endif
	return lc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
554
555
556
557
558
559
560
561
}



static void
use_connection( LDAP *ld, LDAPConn *lc )
{
	++lc->lconn_refcnt;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
562
	lc->lconn_lastused = time( NULL );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
563
564
565
566
}


void
567
ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
568
569
570
{
	LDAPConn	*tmplc, *prevlc;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
571
572
573
	Debug( LDAP_DEBUG_TRACE,
		"ldap_free_connection %d %d\n",
		force, unbind, 0 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
574
575
576

	if ( force || --lc->lconn_refcnt <= 0 ) {
		if ( lc->lconn_status == LDAP_CONNST_CONNECTED ) {
577
			ldap_mark_select_clear( ld, lc->lconn_sb );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
578
			if ( unbind ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
579
580
				ldap_send_unbind( ld, lc->lconn_sb,
						NULL, NULL );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
581
582
			}
		}
583

Kurt Zeilenga's avatar
Kurt Zeilenga committed
584
		if ( lc->lconn_ber != NULL ) {
585
586
587
			ber_free( lc->lconn_ber, 1 );
		}

588
589
		ldap_int_sasl_close( ld, lc );

Kurt Zeilenga's avatar
Kurt Zeilenga committed
590
		prevlc = NULL;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
591
592
593
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_lock( &ld->ld_conn_mutex );
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
594
595
596
597
		for ( tmplc = ld->ld_conns;
			tmplc != NULL;
			tmplc = tmplc->lconn_next )
		{
Kurt Zeilenga's avatar
Kurt Zeilenga committed
598
599
600
601
602
603
			if ( tmplc == lc ) {
				if ( prevlc == NULL ) {
				    ld->ld_conns = tmplc->lconn_next;
				} else {
				    prevlc->lconn_next = tmplc->lconn_next;
				}
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
604
605
606
				if ( ld->ld_defconn == lc ) {
					ld->ld_defconn = NULL;
				}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
607
608
				break;
			}
609
			prevlc = tmplc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
610
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
611
612
613
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_unlock( &ld->ld_conn_mutex );
#endif
614
		ldap_free_urllist( lc->lconn_server );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
615
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
Kurt Zeilenga's avatar
Kurt Zeilenga committed
616
		if ( lc->lconn_krbinstance != NULL ) {
617
			LDAP_FREE( lc->lconn_krbinstance );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
618
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
619
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634

		/* FIXME: is this at all possible? */
		if ( force ) {
			LDAPRequest	*lr;

			for ( lr = ld->ld_requests; lr; ) {
				LDAPRequest	*lr_next = lr->lr_next;

				if ( lr->lr_conn == lc ) {
					ldap_free_request_int( ld, lr );
				}

				lr = lr_next;
			}
		}
635
		if ( lc->lconn_sb != ld->ld_sb ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
636
			ber_sockbuf_free( lc->lconn_sb );
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
637
638
		} else {
			ber_int_sb_close( lc->lconn_sb );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
639
		}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
640
		if ( lc->lconn_rebind_queue != NULL) {
641
			int i;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
642
643
			for( i = 0; lc->lconn_rebind_queue[i] != NULL; i++ ) {
				LDAP_VFREE( lc->lconn_rebind_queue[i] );
644
			}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
645
			LDAP_FREE( lc->lconn_rebind_queue );
646
		}
647
		LDAP_FREE( lc );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
648
649
650
		Debug( LDAP_DEBUG_TRACE,
			"ldap_free_connection: actually freed\n",
			0, 0, 0 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
651
	} else {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
652
		lc->lconn_lastused = time( NULL );
653
		Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: refcnt %d\n",
Kurt Zeilenga's avatar
Kurt Zeilenga committed
654
				lc->lconn_refcnt, 0, 0 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
655
656
657
658
659
660
	}
}


#ifdef LDAP_DEBUG
void
661
ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
662
663
{
	LDAPConn	*lc;
664
   	char		timebuf[32];
Kurt Zeilenga's avatar
Kurt Zeilenga committed
665

Kurt Zeilenga's avatar
Kurt Zeilenga committed
666
	fprintf( stderr, "** ld %p Connection%s:\n", (void *)ld, all ? "s" : "" );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
667
668
669
	for ( lc = lconns; lc != NULL; lc = lc->lconn_next ) {
		if ( lc->lconn_server != NULL ) {
			fprintf( stderr, "* host: %s  port: %d%s\n",
670
671
672
			    ( lc->lconn_server->lud_host == NULL ) ? "(null)"
			    : lc->lconn_server->lud_host,
			    lc->lconn_server->lud_port, ( lc->lconn_sb ==
673
			    ld->ld_sb ) ? "  (default)" : "" );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
674
675
676
677
678
		}
		fprintf( stderr, "  refcnt: %d  status: %s\n", lc->lconn_refcnt,
		    ( lc->lconn_status == LDAP_CONNST_NEEDSOCKET ) ?
		    "NeedSocket" : ( lc->lconn_status ==
		    LDAP_CONNST_CONNECTING ) ? "Connecting" : "Connected" );
679
		fprintf( stderr, "  last used: %s",
Bart Hartgers's avatar
   
Bart Hartgers committed
680
		    ldap_pvt_ctime( &lc->lconn_lastused, timebuf ));
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
		if( lc->lconn_rebind_inprogress ) {
			fprintf( stderr, "  rebind in progress\n");
			if( lc->lconn_rebind_queue != NULL) {
				int i = 0;
				for( ;lc->lconn_rebind_queue[i] != NULL; i++) {
					int j = 0;
					for( ;lc->lconn_rebind_queue[i][j] != 0; j++) {
						fprintf( stderr, "    queue %d entry %d - %s\n",
							i, j, lc->lconn_rebind_queue[i][j]);
					}
				}
			} else {
				fprintf( stderr, "    queue is empty\n");
			}
		}
		fprintf(stderr, "\n");
Kurt Zeilenga's avatar
Kurt Zeilenga committed
697
698
699
700
701
702
703
704
		if ( !all ) {
			break;
		}
	}
}


void
705
ldap_dump_requests_and_responses( LDAP *ld )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
706
707
708
709
{
	LDAPRequest	*lr;
	LDAPMessage	*lm, *l;

710
711
712
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
713
	fprintf( stderr, "** ld %p Outstanding Requests:\n", (void *)ld );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
714
715
716
717
718
	if (( lr = ld->ld_requests ) == NULL ) {
		fprintf( stderr, "   Empty\n" );
	}
	for ( ; lr != NULL; lr = lr->lr_next ) {
	    fprintf( stderr, " * msgid %d,  origid %d, status %s\n",
719
720
		lr->lr_msgid, lr->lr_origid,
		( lr->lr_status == LDAP_REQST_INPROGRESS ) ? "InProgress" :
Kurt Zeilenga's avatar
Kurt Zeilenga committed
721
722
		( lr->lr_status == LDAP_REQST_CHASINGREFS ) ? "ChasingRefs" :
		( lr->lr_status == LDAP_REQST_NOTCONNECTED ) ? "NotConnected" :
723
		( lr->lr_status == LDAP_REQST_WRITING) ? "Writing" :
Kurt Zeilenga's avatar
Kurt Zeilenga committed
724
725
		( lr->lr_status == LDAP_REQST_COMPLETED ? "RequestCompleted"
			: "InvalidStatus"));
Kurt Zeilenga's avatar
Kurt Zeilenga committed
726
727
728
	    fprintf( stderr, "   outstanding referrals %d, parent count %d\n",
		    lr->lr_outrefcnt, lr->lr_parentcnt );
	}
729
730
731
#ifdef LDAP_R_COMPILE
	ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
732
	fprintf( stderr, "** ld %p Response Queue:\n", (void *)ld );
733
	if (( lm = ld->ld_responses ) == NULL ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
734
735
		fprintf( stderr, "   Empty\n" );
	}
736
	for ( ; lm != NULL; lm = lm->lm_next ) {
737
738
		fprintf( stderr, " * msgid %d,  type %lu\n",
		    lm->lm_msgid, (unsigned long) lm->lm_msgtype );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
739
740
		if (( l = lm->lm_chain ) != NULL ) {
			fprintf( stderr, "   chained responses:\n" );
741
			for ( ; l != NULL; l = l->lm_chain ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
742
				fprintf( stderr,
743
744
745
				    "  * msgid %d,  type %lu\n",
				    l->lm_msgid,
				    (unsigned long) l->lm_msgtype );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
746
747
748
749
750
751
			}
		}
	}
}
#endif /* LDAP_DEBUG */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
752
static void
753
ldap_free_request_int( LDAP *ld, LDAPRequest *lr )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
754
755
{
	if ( lr->lr_prev == NULL ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
756
757
		/* free'ing the first request? */
		assert( ld->ld_requests == lr );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
758
		ld->ld_requests = lr->lr_next;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
759

Kurt Zeilenga's avatar
Kurt Zeilenga committed
760
761
762
763
764
765
766
767
768
769
770
771
772
	} else {
		lr->lr_prev->lr_next = lr->lr_next;
	}

	if ( lr->lr_next != NULL ) {
		lr->lr_next->lr_prev = lr->lr_prev;
	}

	if ( lr->lr_ber != NULL ) {
		ber_free( lr->lr_ber, 1 );
	}

	if ( lr->lr_res_error != NULL ) {
773
		LDAP_FREE( lr->lr_res_error );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
774
775
776
	}

	if ( lr->lr_res_matched != NULL ) {
777
		LDAP_FREE( lr->lr_res_matched );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
778
779
	}

780
	LDAP_FREE( lr );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
781
782
}

783
784
785
786
787
788
789
790
void
ldap_free_request( LDAP *ld, LDAPRequest *lr )
{
	LDAPRequest     **ttmplr;

	Debug( LDAP_DEBUG_TRACE, "ldap_free_request (origid %d, msgid %d)\n",
		lr->lr_origid, lr->lr_msgid, 0 );

791
792
793
794
	/* free all referrals (child requests) */
	while ( lr->lr_child )
		ldap_free_request( ld, lr->lr_child );

795
796
797
798
799
800
801
802
803
	if ( lr->lr_parent != NULL ) {
		--lr->lr_parent->lr_outrefcnt;
		for ( ttmplr = &lr->lr_parent->lr_child; *ttmplr && *ttmplr != lr; ttmplr = &(*ttmplr)->lr_refnext ); 
		if ( *ttmplr == lr )  
			*ttmplr = lr->lr_refnext;
	}
	ldap_free_request_int( ld, lr );
}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
/*
 * call first time with *cntp = -1
 * when returns *cntp == -1, no referrals are left
 *
 * NOTE: may replace *refsp, or shuffle the contents
 * of the original array.
 */
static int ldap_int_nextref(
	LDAP			*ld,
	char			***refsp,
	int			*cntp,
	void			*params )
{
	assert( refsp != NULL );
	assert( *refsp != NULL );
	assert( cntp != NULL );

	if ( *cntp < -1 ) {
		*cntp = -1;
		return -1;
	}

	(*cntp)++;

	if ( (*refsp)[ *cntp ] == NULL ) {
		*cntp = -1;
	}

	return 0;
}
834

835
836
837
838
839
840
841
842
/*
 * Chase v3 referrals
 *
 * Parameters:
 *  (IN) ld = LDAP connection handle
 *  (IN) lr = LDAP Request structure
 *  (IN) refs = array of pointers to referral strings that we will chase
 *              The array will be free'd by this function when no longer needed
843
 *  (IN) sref != 0 if following search reference
844
845
846
847
848
 *  (OUT) errstrp = Place to return a string of referrals which could not be followed
 *  (OUT) hadrefp = 1 if sucessfully followed referral
 *
 * Return value - number of referrals followed
 */
849
int
850
ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char **errstrp, int *hadrefp )
851
852
{
	char		*unfollowed;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
853
	int		 unfollowedcnt = 0;
854
855
856
857
858
	LDAPRequest	*origreq;
	LDAPURLDesc	*srv = NULL;
	BerElement	*ber;
	char		**refarray = NULL;
	LDAPConn	*lc;
859
	int			 rc, count, i, j, id;
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
	LDAPreqinfo  rinfo;

	ld->ld_errno = LDAP_SUCCESS;	/* optimistic */
	*hadrefp = 0;

	Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals\n", 0, 0, 0 );

	unfollowed = NULL;
	rc = count = 0;

	/* If no referrals in array, return */
	if ( (refs == NULL) || ( (refs)[0] == NULL) ) {
		rc = 0;
		goto done;
	}

	/* Check for hop limit exceeded */
	if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
		Debug( LDAP_DEBUG_ANY,
		    "more than %d referral hops (dropping)\n", ld->ld_refhoplimit, 0, 0 );
		ld->ld_errno = LDAP_REFERRAL_LIMIT_EXCEEDED;
	    rc = -1;
		goto done;
	}

	/* find original request */
886
887
888
889
890
	for ( origreq = lr;
		origreq->lr_parent != NULL;
		origreq = origreq->lr_parent )
	{
		/* empty */ ;
891
892
893
894
	}

	refarray = refs;
	refs = NULL;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
895
896
897
898
899

	if ( ld->ld_nextref_proc == NULL ) {
		ld->ld_nextref_proc = ldap_int_nextref;
	}

900
	/* parse out & follow referrals */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
901
902
903
904
905
906
	i = -1;
	for ( ld->ld_nextref_proc( ld, &refarray, &i, ld->ld_nextref_params );
			i != -1;
			ld->ld_nextref_proc( ld, &refarray, &i, ld->ld_nextref_params ) )
	{

907
		/* Parse the referral URL */
908
		if (( rc = ldap_url_parse_ext( refarray[i], &srv)) != LDAP_SUCCESS) {
909
910
911
912
913
			ld->ld_errno = rc;
			rc = -1;
			goto done;
		}

914
915
916
917
918
919
920
		if( srv->lud_crit_exts ) {
			/* we do not support any extensions */
			ld->ld_errno = LDAP_NOT_SUPPORTED;
			rc = -1;
			goto done;
		}

921
922
923
924
925
926
		/* treat ldap://hostpart and ldap://hostpart/ the same */
		if ( srv->lud_dn && srv->lud_dn[0] == '\0' ) {
			LDAP_FREE( srv->lud_dn );
			srv->lud_dn = NULL;
		}

927
928
		/* check connection for re-bind in progress */
		if (( lc = find_connection( ld, srv, 1 )) != NULL ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
929
930
931
932
			/* See if we've already requested this DN with this conn */
			LDAPRequest *lp;
			int looped = 0;
			int len = srv->lud_dn ? strlen( srv->lud_dn ) : 0;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
933
			for ( lp = origreq; lp; ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
934
				if ( lp->lr_conn == lc ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
935
936
937
938
					if ( len == lp->lr_dn.bv_len
						&& len
						&& strncmp( srv->lud_dn, lp->lr_dn.bv_val, len ) == 0 )
					{
Kurt Zeilenga's avatar
Kurt Zeilenga committed
939
940
941
942
						looped = 1;
						break;
					}
				}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
943
				if ( lp == origreq ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
944
					lp = lp->lr_child;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
945
				} else {
946
					lp = lp->lr_refnext;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
947
				}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
948
949
950
951
952
953
954
955
956
			}
			if ( looped ) {
				ldap_free_urllist( srv );
				srv = NULL;
				ld->ld_errno = LDAP_CLIENT_LOOP;
				rc = -1;
				continue;
			}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
957
			if ( lc->lconn_rebind_inprogress ) {
958
959
960
961
962
963
964
				/* We are already chasing a referral or search reference and a
				 * bind on that connection is in progress.  We must queue
				 * referrals on that connection, so we don't get a request
				 * going out before the bind operation completes. This happens
				 * if two search references come in one behind the other
				 * for the same server with different contexts.
				 */
965
966
				Debug( LDAP_DEBUG_TRACE,
					"ldap_chase_v3referrals: queue referral \"%s\"\n",
967
968
969
					refarray[i], 0, 0);
				if( lc->lconn_rebind_queue == NULL ) {
					/* Create a referral list */
970
					lc->lconn_rebind_queue =
Kurt Zeilenga's avatar
Kurt Zeilenga committed
971
						(char ***) LDAP_MALLOC( sizeof(void *) * 2);
972
973

					if( lc->lconn_rebind_queue == NULL) {
974
975
976
977
						ld->ld_errno = LDAP_NO_MEMORY;
						rc = -1;
						goto done;
					}
978

979
980
981
					lc->lconn_rebind_queue[0] = refarray;
					lc->lconn_rebind_queue[1] = NULL;
					refarray = NULL;
982

983
984
985
				} else {
					/* Count how many referral arrays we already have */
					for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) {
986
						/* empty */;
987
					}
988

989
					/* Add the new referral to the list */
990
991
992
993
					lc->lconn_rebind_queue = (char ***) LDAP_REALLOC(
						lc->lconn_rebind_queue, sizeof(void *) * (j + 2));

					if( lc->lconn_rebind_queue == NULL ) {
994
995
996
997
998
999
1000
1001
						ld->ld_errno = LDAP_NO_MEMORY;
						rc = -1;
						goto done;
					}
					lc->lconn_rebind_queue[j] = refarray;
					lc->lconn_rebind_queue[j+1] = NULL;
					refarray = NULL;
				}
1002

1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
				/* We have queued the referral/reference, now just return */
				rc = 0;
				*hadrefp = 1;
				count = 1; /* Pretend we already followed referral */
				goto done;
			}
		} 
		/* Re-encode the request with the new starting point of the search.
		 * Note: In the future we also need to replace the filter if one
		 * was provided with the search reference
		 */
1014
1015

		/* For references we don't want old dn if new dn empty */
1016
		if ( sref && srv->lud_dn == NULL ) {
1017
			srv->lud_dn = LDAP_STRDUP( "" );
1018
		}
1019

1020
1021
		LDAP_NEXT_MSGID( ld, id );
		ber = re_encode_request( ld, origreq->lr_ber, id,
1022
1023
1024
			sref, srv, &rinfo.ri_request );

		if( ber == NULL ) {
1025
1026
1027
1028
1029
			ld->ld_errno = LDAP_ENCODING_ERROR;
			rc = -1;
			goto done;
		}

1030
1031
		Debug( LDAP_DEBUG_TRACE,
			"ldap_chase_v3referral: msgid %d, url \"%s\"\n",
1032
1033
1034
1035
1036
			lr->lr_msgid, refarray[i], 0);

		/* Send the new request to the server - may require a bind */
		rinfo.ri_msgid = origreq->lr_origid;
		rinfo.ri_url = refarray[i];
1037
1038
1039
#ifdef LDAP_R_COMPILE
		ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif
1040
		rc = ldap_send_server_request( ld, ber, id,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1041
			origreq, srv, NULL, &rinfo );
1042
1043
1044
1045
#ifdef LDAP_R_COMPILE
		ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
#endif
		if ( rc < 0 ) {
1046
			/* Failure, try next referral in the list */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1047
1048
1049
1050
			Debug( LDAP_DEBUG_ANY, "Unable to chase referral \"%s\" (%d: %s)\n", 
				refarray[i], ld->ld_errno, ldap_err2string( ld->ld_errno ) );
			unfollowedcnt += ldap_append_referral( ld, &unfollowed, refarray[i] );
			ldap_free_urllist( srv );
1051
			srv = NULL;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1052
			ld->ld_errno = LDAP_REFERRAL;
1053
1054
1055
1056
1057
1058
1059
		} else {
			/* Success, no need to try this referral list further */
			rc = 0;
			++count;
			*hadrefp = 1;

			/* check if there is a queue of referrals that came in during bind */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1060
1061
1062
			if ( lc == NULL) {
				lc = find_connection( ld, srv, 1 );
				if ( lc == NULL ) {
1063
1064
1065
1066
1067
1068
					ld->ld_errno = LDAP_OPERATIONS_ERROR;
					rc = -1;
					goto done;
				}
			}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
1069
			if ( lc->lconn_rebind_queue != NULL ) {
1070
				/* Release resources of previous list */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1071
				LDAP_VFREE( refarray );
1072
				refarray = NULL;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1073
				ldap_free_urllist( srv );
1074
1075
1076
				srv = NULL;

				/* Pull entries off end of queue so list always null terminated */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1077
				for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++ )
1078
					;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1079
				refarray = lc->lconn_rebind_queue[j - 1];
1080
1081
1082
				lc->lconn_rebind_queue[j-1] = NULL;
				/* we pulled off last entry from queue, free queue */
				if ( j == 1 ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1083
					LDAP_FREE( lc->lconn_rebind_queue );
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
					lc->lconn_rebind_queue = NULL;
				}
				/* restart the loop the with new referral list */
				i = -1;
				continue;
			}
			break; /* referral followed, break out of for loop */
		}
	} /* end for loop */
done:
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1094
1095
	LDAP_VFREE( refarray );
	ldap_free_urllist( srv );
1096
1097
	LDAP_FREE( *errstrp );
	
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1098
	if( rc == 0 ) {
1099
1100
1101
1102
1103
1104
1105
1106
		*errstrp = NULL;
		LDAP_FREE( unfollowed );
		return count;
	} else {
		*errstrp = unfollowed;
		return rc;
	}
}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1107
1108
1109
1110
1111

/*
 * XXX merging of errors in this routine needs to be improved
 */
int
1112
1113
1114
1115
1116
ldap_chase_referrals( LDAP *ld,
	LDAPRequest *lr,
	char **errstrp,
	int sref,
	int *hadrefp )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1117
{
1118
	int		rc, count, id;
Howard Chu's avatar
Howard Chu committed
1119
	unsigned	len;
1120
	char		*p, *ref, *unfollowed;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1121
	LDAPRequest	*origreq;
1122
	LDAPURLDesc	*srv;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1123
	BerElement	*ber;
1124
	LDAPreqinfo  rinfo;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1125
	LDAPConn	*lc;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1126

1127
	Debug( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n", 0, 0, 0 );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137

	ld->ld_errno = LDAP_SUCCESS;	/* optimistic */
	*hadrefp = 0;

	if ( *errstrp == NULL ) {
		return( 0 );
	}

	len = strlen( *errstrp );
	for ( p = *errstrp; len >= LDAP_REF_STR_LEN; ++p, --len ) {
1138
		if ( strncasecmp( p, LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
			*p = '\0';
			p += LDAP_REF_STR_LEN;
			break;
		}
	}

	if ( len < LDAP_REF_STR_LEN ) {
		return( 0 );
	}

	if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
		Debug( LDAP_DEBUG_ANY,
		    "more than %d referral hops (dropping)\n",
		    ld->ld_refhoplimit, 0, 0 );
		    /* XXX report as error in ld->ld_errno? */
		    return( 0 );
	}

	/* find original request */
	for ( origreq = lr; origreq->lr_parent != NULL;
	     origreq = origreq->lr_parent ) {
1160
		/* empty */;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1161
1162