noopsrch.c revision 1.1
1 /* $NetBSD: noopsrch.c,v 1.1 2014/05/28 09:58:27 tron Exp $ */ 2 3 /* noopsrch.c - LDAP Control that counts entries a search would return */ 4 /* $OpenLDAP$ */ 5 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 6 * 7 * Copyright 2010-2014 The OpenLDAP Foundation. 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted only as authorized by the OpenLDAP 12 * Public License. 13 * 14 * A copy of this license is available in the file LICENSE in the 15 * top-level directory of the distribution or, alternatively, at 16 * <http://www.OpenLDAP.org/license.html>. 17 */ 18 /* ACKNOWLEDGEMENTS: 19 * This work was initially developed by Pierangelo Masarati for inclusion 20 * in OpenLDAP Software. 21 */ 22 23 #include "portable.h" 24 25 /* define SLAPD_OVER_NOOPSRCH=2 to build as run-time loadable module */ 26 #ifdef SLAPD_OVER_NOOPSRCH 27 28 /* 29 * Control OID 30 */ 31 #define LDAP_CONTROL_X_NOOPSRCH "1.3.6.1.4.1.4203.666.5.18" 32 33 #include "slap.h" 34 #include "ac/string.h" 35 36 #define o_noopsrch o_ctrlflag[noopsrch_cid] 37 #define o_ctrlnoopsrch o_controls[noopsrch_cid] 38 39 static int noopsrch_cid; 40 static slap_overinst noopsrch; 41 42 static int 43 noopsrch_parseCtrl ( 44 Operation *op, 45 SlapReply *rs, 46 LDAPControl *ctrl ) 47 { 48 if ( op->o_noopsrch != SLAP_CONTROL_NONE ) { 49 rs->sr_text = "No-op Search control specified multiple times"; 50 return LDAP_PROTOCOL_ERROR; 51 } 52 53 if ( !BER_BVISNULL( &ctrl->ldctl_value ) ) { 54 rs->sr_text = "No-op Search control value is present"; 55 return LDAP_PROTOCOL_ERROR; 56 } 57 58 op->o_ctrlnoopsrch = (void *)NULL; 59 60 op->o_noopsrch = ctrl->ldctl_iscritical 61 ? SLAP_CONTROL_CRITICAL 62 : SLAP_CONTROL_NONCRITICAL; 63 64 rs->sr_err = LDAP_SUCCESS; 65 66 return rs->sr_err; 67 } 68 69 int dummy; 70 71 typedef struct noopsrch_cb_t { 72 slap_overinst *nc_on; 73 ber_int_t nc_nentries; 74 ber_int_t nc_nsearchref; 75 AttributeName *nc_save_attrs; 76 int *nc_pdummy; 77 int nc_save_slimit; 78 } noopsrch_cb_t; 79 80 static int 81 noopsrch_response( Operation *op, SlapReply *rs ) 82 { 83 noopsrch_cb_t *nc = (noopsrch_cb_t *)op->o_callback->sc_private; 84 85 /* if the control is global, limits are not computed yet */ 86 if ( nc->nc_pdummy == &dummy ) { 87 nc->nc_save_slimit = op->ors_slimit; 88 op->ors_slimit = SLAP_NO_LIMIT; 89 nc->nc_pdummy = NULL; 90 } 91 92 if ( rs->sr_type == REP_SEARCH ) { 93 nc->nc_nentries++; 94 #ifdef NOOPSRCH_DEBUG 95 Debug( LDAP_DEBUG_TRACE, "noopsrch_response(REP_SEARCH): nentries=%d\n", nc->nc_nentries, 0, 0 ); 96 #endif 97 return 0; 98 99 } else if ( rs->sr_type == REP_SEARCHREF ) { 100 nc->nc_nsearchref++; 101 return 0; 102 103 } else if ( rs->sr_type == REP_RESULT ) { 104 BerElementBuffer berbuf; 105 BerElement *ber = (BerElement *) &berbuf; 106 struct berval ctrlval; 107 LDAPControl *ctrl, *ctrlsp[2]; 108 int rc = rs->sr_err; 109 110 if ( nc->nc_save_slimit >= 0 && nc->nc_nentries >= nc->nc_save_slimit ) { 111 rc = LDAP_SIZELIMIT_EXCEEDED; 112 } 113 114 #ifdef NOOPSRCH_DEBUG 115 Debug( LDAP_DEBUG_TRACE, "noopsrch_response(REP_RESULT): err=%d nentries=%d nref=%d\n", rc, nc->nc_nentries, nc->nc_nsearchref ); 116 #endif 117 118 ber_init2( ber, NULL, LBER_USE_DER ); 119 120 ber_printf( ber, "{iii}", rc, nc->nc_nentries, nc->nc_nsearchref ); 121 if ( ber_flatten2( ber, &ctrlval, 0 ) == -1 ) { 122 ber_free_buf( ber ); 123 if ( op->o_noopsrch == SLAP_CONTROL_CRITICAL ) { 124 return LDAP_CONSTRAINT_VIOLATION; 125 } 126 return SLAP_CB_CONTINUE; 127 } 128 129 ctrl = op->o_tmpcalloc( 1, 130 sizeof( LDAPControl ) + ctrlval.bv_len + 1, 131 op->o_tmpmemctx ); 132 ctrl->ldctl_value.bv_val = (char *)&ctrl[ 1 ]; 133 ctrl->ldctl_oid = LDAP_CONTROL_X_NOOPSRCH; 134 ctrl->ldctl_iscritical = 0; 135 ctrl->ldctl_value.bv_len = ctrlval.bv_len; 136 AC_MEMCPY( ctrl->ldctl_value.bv_val, ctrlval.bv_val, ctrlval.bv_len ); 137 ctrl->ldctl_value.bv_val[ ctrl->ldctl_value.bv_len ] = '\0'; 138 139 ber_free_buf( ber ); 140 141 ctrlsp[0] = ctrl; 142 ctrlsp[1] = NULL; 143 slap_add_ctrls( op, rs, ctrlsp ); 144 145 return SLAP_CB_CONTINUE; 146 } 147 } 148 149 static int 150 noopsrch_cleanup( Operation *op, SlapReply *rs ) 151 { 152 if ( rs->sr_type == REP_RESULT || rs->sr_err == SLAPD_ABANDON ) { 153 noopsrch_cb_t *nc = (noopsrch_cb_t *)op->o_callback->sc_private; 154 op->ors_attrs = nc->nc_save_attrs; 155 if ( nc->nc_pdummy == NULL ) { 156 op->ors_slimit = nc->nc_save_slimit; 157 } 158 159 op->o_tmpfree( op->o_callback, op->o_tmpmemctx ); 160 op->o_callback = NULL; 161 } 162 163 return SLAP_CB_CONTINUE; 164 } 165 166 static int 167 noopsrch_op_search( Operation *op, SlapReply *rs ) 168 { 169 if ( op->o_noopsrch != SLAP_CONTROL_NONE ) { 170 slap_callback *sc; 171 noopsrch_cb_t *nc; 172 173 sc = op->o_tmpcalloc( 1, sizeof( slap_callback ) + sizeof( noopsrch_cb_t ), op->o_tmpmemctx ); 174 175 nc = (noopsrch_cb_t *)&sc[ 1 ]; 176 nc->nc_on = (slap_overinst *)op->o_bd->bd_info; 177 nc->nc_nentries = 0; 178 nc->nc_nsearchref = 0; 179 nc->nc_save_attrs = op->ors_attrs; 180 nc->nc_pdummy = &dummy; 181 182 sc->sc_response = noopsrch_response; 183 sc->sc_cleanup = noopsrch_cleanup; 184 sc->sc_private = (void *)nc; 185 186 op->ors_attrs = slap_anlist_no_attrs; 187 188 sc->sc_next = op->o_callback->sc_next; 189 op->o_callback->sc_next = sc; 190 } 191 192 return SLAP_CB_CONTINUE; 193 } 194 195 static int noopsrch_cnt; 196 197 static int 198 noopsrch_db_init( BackendDB *be, ConfigReply *cr) 199 { 200 if ( noopsrch_cnt++ == 0 ) { 201 int rc; 202 203 rc = register_supported_control( LDAP_CONTROL_X_NOOPSRCH, 204 SLAP_CTRL_SEARCH | SLAP_CTRL_GLOBAL_SEARCH, NULL, 205 noopsrch_parseCtrl, &noopsrch_cid ); 206 if ( rc != LDAP_SUCCESS ) { 207 Debug( LDAP_DEBUG_ANY, 208 "noopsrch_initialize: Failed to register control '%s' (%d)\n", 209 LDAP_CONTROL_X_NOOPSRCH, rc, 0 ); 210 return rc; 211 } 212 } 213 214 return LDAP_SUCCESS; 215 } 216 217 static int 218 noopsrch_db_destroy( BackendDB *be, ConfigReply *cr ) 219 { 220 assert( noopsrch_cnt > 0 ); 221 222 #ifdef SLAP_CONFIG_DELETE 223 overlay_unregister_control( be, LDAP_CONTROL_X_NOOPSRCH ); 224 if ( --noopsrch_cnt == 0 ) { 225 unregister_supported_control( LDAP_CONTROL_X_NOOPSRCH ); 226 } 227 228 #endif /* SLAP_CONFIG_DELETE */ 229 230 return 0; 231 } 232 233 #if SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC 234 static 235 #endif /* SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC */ 236 int 237 noopsrch_initialize( void ) 238 { 239 240 noopsrch.on_bi.bi_type = "noopsrch"; 241 242 noopsrch.on_bi.bi_db_init = noopsrch_db_init; 243 noopsrch.on_bi.bi_db_destroy = noopsrch_db_destroy; 244 noopsrch.on_bi.bi_op_search = noopsrch_op_search; 245 246 return overlay_register( &noopsrch ); 247 } 248 249 #if SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC 250 int 251 init_module( int argc, char *argv[] ) 252 { 253 return noopsrch_initialize(); 254 } 255 #endif /* SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC */ 256 257 #endif /* SLAPD_OVER_NOOPSRCH */ 258
Indexes created Tue Mar 03 05:31:39 UTC 2026