1/* noopsrch.c - LDAP Control that counts entries a search would return */ 2/* $OpenLDAP$ */ 3/* This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 * 5 * Copyright 2010-2011 The OpenLDAP Foundation. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted only as authorized by the OpenLDAP 10 * Public License. 11 * 12 * A copy of this license is available in the file LICENSE in the 13 * top-level directory of the distribution or, alternatively, at 14 * <http://www.OpenLDAP.org/license.html>. 15 */ 16/* ACKNOWLEDGEMENTS: 17 * This work was initially developed by Pierangelo Masarati for inclusion 18 * in OpenLDAP Software. 19 */ 20 21#include "portable.h" 22 23/* define SLAPD_OVER_NOOPSRCH=2 to build as run-time loadable module */ 24#ifdef SLAPD_OVER_NOOPSRCH 25 26/* 27 * Control OID 28 */ 29#define LDAP_CONTROL_X_NOOPSRCH "1.3.6.1.4.1.4203.666.5.18" 30 31#include "slap.h" 32#include "ac/string.h" 33 34#define o_noopsrch o_ctrlflag[noopsrch_cid] 35#define o_ctrlnoopsrch o_controls[noopsrch_cid] 36 37static int noopsrch_cid; 38static slap_overinst noopsrch; 39 40static int 41noopsrch_parseCtrl ( 42 Operation *op, 43 SlapReply *rs, 44 LDAPControl *ctrl ) 45{ 46 if ( op->o_noopsrch != SLAP_CONTROL_NONE ) { 47 rs->sr_text = "No-op Search control specified multiple times"; 48 return LDAP_PROTOCOL_ERROR; 49 } 50 51 if ( !BER_BVISNULL( &ctrl->ldctl_value ) ) { 52 rs->sr_text = "No-op Search control value is present"; 53 return LDAP_PROTOCOL_ERROR; 54 } 55 56 op->o_ctrlnoopsrch = (void *)NULL; 57 58 op->o_noopsrch = ctrl->ldctl_iscritical 59 ? SLAP_CONTROL_CRITICAL 60 : SLAP_CONTROL_NONCRITICAL; 61 62 rs->sr_err = LDAP_SUCCESS; 63 64 return rs->sr_err; 65} 66 67int dummy; 68 69typedef struct noopsrch_cb_t { 70 slap_overinst *nc_on; 71 ber_int_t nc_nentries; 72 ber_int_t nc_nsearchref; 73 AttributeName *nc_save_attrs; 74 int *nc_pdummy; 75 int nc_save_slimit; 76} noopsrch_cb_t; 77 78static int 79noopsrch_response( Operation *op, SlapReply *rs ) 80{ 81 noopsrch_cb_t *nc = (noopsrch_cb_t *)op->o_callback->sc_private; 82 83 /* if the control is global, limits are not computed yet */ 84 if ( nc->nc_pdummy == &dummy ) { 85 nc->nc_save_slimit = op->ors_slimit; 86 op->ors_slimit = SLAP_NO_LIMIT; 87 nc->nc_pdummy = NULL; 88 } 89 90 if ( rs->sr_type == REP_SEARCH ) { 91 nc->nc_nentries++; 92#ifdef NOOPSRCH_DEBUG 93 Debug( LDAP_DEBUG_TRACE, "noopsrch_response(REP_SEARCH): nentries=%d\n", nc->nc_nentries, 0, 0 ); 94#endif 95 return 0; 96 97 } else if ( rs->sr_type == REP_SEARCHREF ) { 98 nc->nc_nsearchref++; 99 return 0; 100 101 } else if ( rs->sr_type == REP_RESULT ) { 102 BerElementBuffer berbuf; 103 BerElement *ber = (BerElement *) &berbuf; 104 struct berval ctrlval; 105 LDAPControl *ctrl, *ctrlsp[2]; 106 int rc = rs->sr_err; 107 108 if ( nc->nc_save_slimit >= 0 && nc->nc_nentries >= nc->nc_save_slimit ) { 109 rc = LDAP_SIZELIMIT_EXCEEDED; 110 } 111 112#ifdef NOOPSRCH_DEBUG 113 Debug( LDAP_DEBUG_TRACE, "noopsrch_response(REP_RESULT): err=%d nentries=%d nref=%d\n", rc, nc->nc_nentries, nc->nc_nsearchref ); 114#endif 115 116 ber_init2( ber, NULL, LBER_USE_DER ); 117 118 ber_printf( ber, "{iii}", rc, nc->nc_nentries, nc->nc_nsearchref ); 119 if ( ber_flatten2( ber, &ctrlval, 0 ) == -1 ) { 120 ber_free_buf( ber ); 121 if ( op->o_noopsrch == SLAP_CONTROL_CRITICAL ) { 122 return LDAP_CONSTRAINT_VIOLATION; 123 } 124 return SLAP_CB_CONTINUE; 125 } 126 127 ctrl = op->o_tmpcalloc( 1, 128 sizeof( LDAPControl ) + ctrlval.bv_len + 1, 129 op->o_tmpmemctx ); 130 ctrl->ldctl_value.bv_val = (char *)&ctrl[ 1 ]; 131 ctrl->ldctl_oid = LDAP_CONTROL_X_NOOPSRCH; 132 ctrl->ldctl_iscritical = 0; 133 ctrl->ldctl_value.bv_len = ctrlval.bv_len; 134 AC_MEMCPY( ctrl->ldctl_value.bv_val, ctrlval.bv_val, ctrlval.bv_len ); 135 ctrl->ldctl_value.bv_val[ ctrl->ldctl_value.bv_len ] = '\0'; 136 137 ber_free_buf( ber ); 138 139 ctrlsp[0] = ctrl; 140 ctrlsp[1] = NULL; 141 slap_add_ctrls( op, rs, ctrlsp ); 142 143 return SLAP_CB_CONTINUE; 144 } 145} 146 147static int 148noopsrch_cleanup( Operation *op, SlapReply *rs ) 149{ 150 if ( rs->sr_type == REP_RESULT || rs->sr_err == SLAPD_ABANDON ) { 151 noopsrch_cb_t *nc = (noopsrch_cb_t *)op->o_callback->sc_private; 152 op->ors_attrs = nc->nc_save_attrs; 153 if ( nc->nc_pdummy == NULL ) { 154 op->ors_slimit = nc->nc_save_slimit; 155 } 156 157 op->o_tmpfree( op->o_callback, op->o_tmpmemctx ); 158 op->o_callback = NULL; 159 } 160 161 return SLAP_CB_CONTINUE; 162} 163 164static int 165noopsrch_op_search( Operation *op, SlapReply *rs ) 166{ 167 if ( op->o_noopsrch != SLAP_CONTROL_NONE ) { 168 slap_callback *sc; 169 noopsrch_cb_t *nc; 170 171 sc = op->o_tmpcalloc( 1, sizeof( slap_callback ) + sizeof( noopsrch_cb_t ), op->o_tmpmemctx ); 172 173 nc = (noopsrch_cb_t *)&sc[ 1 ]; 174 nc->nc_on = (slap_overinst *)op->o_bd->bd_info; 175 nc->nc_nentries = 0; 176 nc->nc_nsearchref = 0; 177 nc->nc_save_attrs = op->ors_attrs; 178 nc->nc_pdummy = &dummy; 179 180 sc->sc_response = noopsrch_response; 181 sc->sc_cleanup = noopsrch_cleanup; 182 sc->sc_private = (void *)nc; 183 184 op->ors_attrs = slap_anlist_no_attrs; 185 186 sc->sc_next = op->o_callback->sc_next; 187 op->o_callback->sc_next = sc; 188 } 189 190 return SLAP_CB_CONTINUE; 191} 192 193static int noopsrch_cnt; 194 195static int 196noopsrch_db_init( BackendDB *be, ConfigReply *cr) 197{ 198 if ( noopsrch_cnt++ == 0 ) { 199 int rc; 200 201 rc = register_supported_control( LDAP_CONTROL_X_NOOPSRCH, 202 SLAP_CTRL_SEARCH, NULL, 203 noopsrch_parseCtrl, &noopsrch_cid ); 204 if ( rc != LDAP_SUCCESS ) { 205 Debug( LDAP_DEBUG_ANY, 206 "noopsrch_initialize: Failed to register control '%s' (%d)\n", 207 LDAP_CONTROL_X_NOOPSRCH, rc, 0 ); 208 return rc; 209 } 210 } 211 212 return LDAP_SUCCESS; 213} 214 215static int 216noopsrch_db_destroy( BackendDB *be, ConfigReply *cr ) 217{ 218 assert( noopsrch_cnt > 0 ); 219 220#ifdef SLAP_CONFIG_DELETE 221 overlay_unregister_control( be, LDAP_CONTROL_X_NOOPSRCH ); 222 if ( --noopsrch_cnt == 0 ) { 223 unregister_supported_control( LDAP_CONTROL_X_NOOPSRCH ); 224 } 225 226#endif /* SLAP_CONFIG_DELETE */ 227 228 return 0; 229} 230 231#if SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC 232static 233#endif /* SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC */ 234int 235noopsrch_initialize( void ) 236{ 237 238 noopsrch.on_bi.bi_type = "noopsrch"; 239 240 noopsrch.on_bi.bi_db_init = noopsrch_db_init; 241 noopsrch.on_bi.bi_db_destroy = noopsrch_db_destroy; 242 noopsrch.on_bi.bi_op_search = noopsrch_op_search; 243 244 return overlay_register( &noopsrch ); 245} 246 247#if SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC 248int 249init_module( int argc, char *argv[] ) 250{ 251 return noopsrch_initialize(); 252} 253#endif /* SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC */ 254 255#endif /* SLAPD_OVER_NOOPSRCH */ 256