summaryrefslogtreecommitdiffstats
path: root/contrib/slapd-modules/noopsrch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 11:11:40 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 11:11:40 +0000
commit7731832751ab9f3c6ddeb66f186d3d7fa1934a6d (patch)
treee91015872543a59be2aad26c2fea02e41b57005d /contrib/slapd-modules/noopsrch
parentInitial commit. (diff)
downloadopenldap-7731832751ab9f3c6ddeb66f186d3d7fa1934a6d.tar.xz
openldap-7731832751ab9f3c6ddeb66f186d3d7fa1934a6d.zip
Adding upstream version 2.4.57+dfsg.upstream/2.4.57+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'contrib/slapd-modules/noopsrch')
-rw-r--r--contrib/slapd-modules/noopsrch/Makefile58
-rw-r--r--contrib/slapd-modules/noopsrch/noopsrch.c254
2 files changed, 312 insertions, 0 deletions
diff --git a/contrib/slapd-modules/noopsrch/Makefile b/contrib/slapd-modules/noopsrch/Makefile
new file mode 100644
index 0000000..ab1babe
--- /dev/null
+++ b/contrib/slapd-modules/noopsrch/Makefile
@@ -0,0 +1,58 @@
+# $OpenLDAP$
+# This work is part of OpenLDAP Software <http://www.openldap.org/>.
+#
+# Copyright 1998-2021 The OpenLDAP Foundation.
+# Copyright 2004 Howard Chu, Symas Corp. All Rights Reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+LDAP_SRC = ../../..
+LDAP_BUILD = $(LDAP_SRC)
+LDAP_INC = -I$(LDAP_BUILD)/include -I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd
+LDAP_LIB = $(LDAP_BUILD)/libraries/libldap_r/libldap_r.la \
+ $(LDAP_BUILD)/libraries/liblber/liblber.la
+
+LIBTOOL = $(LDAP_BUILD)/libtool
+CC = gcc
+OPT = -g -O2 -Wall
+DEFS = -DSLAPD_OVER_NOOPSRCH=SLAPD_MOD_DYNAMIC
+INCS = $(LDAP_INC)
+LIBS = $(LDAP_LIB)
+
+PROGRAMS = noopsrch.la
+LTVER = 0:0:0
+
+prefix=/usr/local
+exec_prefix=$(prefix)
+ldap_subdir=/openldap
+
+libdir=$(exec_prefix)/lib
+libexecdir=$(exec_prefix)/libexec
+moduledir = $(libexecdir)$(ldap_subdir)
+
+.SUFFIXES: .c .o .lo
+
+.c.lo:
+ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+
+all: $(PROGRAMS)
+
+noopsrch.la: noopsrch.lo
+ $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+clean:
+ rm -rf *.o *.lo *.la .libs
+
+install: $(PROGRAMS)
+ mkdir -p $(DESTDIR)$(moduledir)
+ for p in $(PROGRAMS) ; do \
+ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \
+ done
+
diff --git a/contrib/slapd-modules/noopsrch/noopsrch.c b/contrib/slapd-modules/noopsrch/noopsrch.c
new file mode 100644
index 0000000..57522ac
--- /dev/null
+++ b/contrib/slapd-modules/noopsrch/noopsrch.c
@@ -0,0 +1,254 @@
+/* noopsrch.c - LDAP Control that counts entries a search would return */
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 2010-2021 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by Pierangelo Masarati for inclusion
+ * in OpenLDAP Software.
+ */
+
+#include "portable.h"
+
+/* define SLAPD_OVER_NOOPSRCH=2 to build as run-time loadable module */
+#ifdef SLAPD_OVER_NOOPSRCH
+
+/*
+ * Control OID
+ */
+#define LDAP_CONTROL_X_NOOPSRCH "1.3.6.1.4.1.4203.666.5.18"
+
+#include "slap.h"
+#include "ac/string.h"
+
+#define o_noopsrch o_ctrlflag[noopsrch_cid]
+#define o_ctrlnoopsrch o_controls[noopsrch_cid]
+
+static int noopsrch_cid;
+static slap_overinst noopsrch;
+
+static int
+noopsrch_parseCtrl (
+ Operation *op,
+ SlapReply *rs,
+ LDAPControl *ctrl )
+{
+ if ( op->o_noopsrch != SLAP_CONTROL_NONE ) {
+ rs->sr_text = "No-op Search control specified multiple times";
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ if ( !BER_BVISNULL( &ctrl->ldctl_value ) ) {
+ rs->sr_text = "No-op Search control value is present";
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ op->o_ctrlnoopsrch = (void *)NULL;
+
+ op->o_noopsrch = ctrl->ldctl_iscritical
+ ? SLAP_CONTROL_CRITICAL
+ : SLAP_CONTROL_NONCRITICAL;
+
+ rs->sr_err = LDAP_SUCCESS;
+
+ return rs->sr_err;
+}
+
+int dummy;
+
+typedef struct noopsrch_cb_t {
+ slap_overinst *nc_on;
+ ber_int_t nc_nentries;
+ ber_int_t nc_nsearchref;
+ AttributeName *nc_save_attrs;
+ int *nc_pdummy;
+ int nc_save_slimit;
+} noopsrch_cb_t;
+
+static int
+noopsrch_response( Operation *op, SlapReply *rs )
+{
+ noopsrch_cb_t *nc = (noopsrch_cb_t *)op->o_callback->sc_private;
+
+ /* if the control is global, limits are not computed yet */
+ if ( nc->nc_pdummy == &dummy ) {
+ nc->nc_save_slimit = op->ors_slimit;
+ op->ors_slimit = SLAP_NO_LIMIT;
+ nc->nc_pdummy = NULL;
+ }
+
+ if ( rs->sr_type == REP_SEARCH ) {
+ nc->nc_nentries++;
+#ifdef NOOPSRCH_DEBUG
+ Debug( LDAP_DEBUG_TRACE, "noopsrch_response(REP_SEARCH): nentries=%d\n", nc->nc_nentries, 0, 0 );
+#endif
+ return 0;
+
+ } else if ( rs->sr_type == REP_SEARCHREF ) {
+ nc->nc_nsearchref++;
+ return 0;
+
+ } else if ( rs->sr_type == REP_RESULT ) {
+ BerElementBuffer berbuf;
+ BerElement *ber = (BerElement *) &berbuf;
+ struct berval ctrlval;
+ LDAPControl *ctrl, *ctrlsp[2];
+ int rc = rs->sr_err;
+
+ if ( nc->nc_save_slimit >= 0 && nc->nc_nentries >= nc->nc_save_slimit ) {
+ rc = LDAP_SIZELIMIT_EXCEEDED;
+ }
+
+#ifdef NOOPSRCH_DEBUG
+ Debug( LDAP_DEBUG_TRACE, "noopsrch_response(REP_RESULT): err=%d nentries=%d nref=%d\n", rc, nc->nc_nentries, nc->nc_nsearchref );
+#endif
+
+ ber_init2( ber, NULL, LBER_USE_DER );
+
+ ber_printf( ber, "{iii}", rc, nc->nc_nentries, nc->nc_nsearchref );
+ if ( ber_flatten2( ber, &ctrlval, 0 ) == -1 ) {
+ ber_free_buf( ber );
+ if ( op->o_noopsrch == SLAP_CONTROL_CRITICAL ) {
+ return LDAP_CONSTRAINT_VIOLATION;
+ }
+ return SLAP_CB_CONTINUE;
+ }
+
+ ctrl = op->o_tmpcalloc( 1,
+ sizeof( LDAPControl ) + ctrlval.bv_len + 1,
+ op->o_tmpmemctx );
+ ctrl->ldctl_value.bv_val = (char *)&ctrl[ 1 ];
+ ctrl->ldctl_oid = LDAP_CONTROL_X_NOOPSRCH;
+ ctrl->ldctl_iscritical = 0;
+ ctrl->ldctl_value.bv_len = ctrlval.bv_len;
+ AC_MEMCPY( ctrl->ldctl_value.bv_val, ctrlval.bv_val, ctrlval.bv_len );
+ ctrl->ldctl_value.bv_val[ ctrl->ldctl_value.bv_len ] = '\0';
+
+ ber_free_buf( ber );
+
+ ctrlsp[0] = ctrl;
+ ctrlsp[1] = NULL;
+ slap_add_ctrls( op, rs, ctrlsp );
+ }
+ return SLAP_CB_CONTINUE;
+}
+
+static int
+noopsrch_cleanup( Operation *op, SlapReply *rs )
+{
+ if ( rs->sr_type == REP_RESULT || rs->sr_err == SLAPD_ABANDON ) {
+ noopsrch_cb_t *nc = (noopsrch_cb_t *)op->o_callback->sc_private;
+ op->ors_attrs = nc->nc_save_attrs;
+ if ( nc->nc_pdummy == NULL ) {
+ op->ors_slimit = nc->nc_save_slimit;
+ }
+
+ op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
+ op->o_callback = NULL;
+ }
+
+ return SLAP_CB_CONTINUE;
+}
+
+static int
+noopsrch_op_search( Operation *op, SlapReply *rs )
+{
+ if ( op->o_noopsrch != SLAP_CONTROL_NONE ) {
+ slap_callback *sc;
+ noopsrch_cb_t *nc;
+
+ sc = op->o_tmpcalloc( 1, sizeof( slap_callback ) + sizeof( noopsrch_cb_t ), op->o_tmpmemctx );
+
+ nc = (noopsrch_cb_t *)&sc[ 1 ];
+ nc->nc_on = (slap_overinst *)op->o_bd->bd_info;
+ nc->nc_nentries = 0;
+ nc->nc_nsearchref = 0;
+ nc->nc_save_attrs = op->ors_attrs;
+ nc->nc_pdummy = &dummy;
+
+ sc->sc_response = noopsrch_response;
+ sc->sc_cleanup = noopsrch_cleanup;
+ sc->sc_private = (void *)nc;
+
+ op->ors_attrs = slap_anlist_no_attrs;
+
+ sc->sc_next = op->o_callback->sc_next;
+ op->o_callback->sc_next = sc;
+ }
+
+ return SLAP_CB_CONTINUE;
+}
+
+static int noopsrch_cnt;
+
+static int
+noopsrch_db_init( BackendDB *be, ConfigReply *cr)
+{
+ if ( noopsrch_cnt++ == 0 ) {
+ int rc;
+
+ rc = register_supported_control( LDAP_CONTROL_X_NOOPSRCH,
+ SLAP_CTRL_SEARCH | SLAP_CTRL_GLOBAL_SEARCH, NULL,
+ noopsrch_parseCtrl, &noopsrch_cid );
+ if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_ANY,
+ "noopsrch_initialize: Failed to register control '%s' (%d)\n",
+ LDAP_CONTROL_X_NOOPSRCH, rc, 0 );
+ return rc;
+ }
+ }
+
+ return LDAP_SUCCESS;
+}
+
+static int
+noopsrch_db_destroy( BackendDB *be, ConfigReply *cr )
+{
+ assert( noopsrch_cnt > 0 );
+
+#ifdef SLAP_CONFIG_DELETE
+ overlay_unregister_control( be, LDAP_CONTROL_X_NOOPSRCH );
+ if ( --noopsrch_cnt == 0 ) {
+ unregister_supported_control( LDAP_CONTROL_X_NOOPSRCH );
+ }
+
+#endif /* SLAP_CONFIG_DELETE */
+
+ return 0;
+}
+
+#if SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC
+static
+#endif /* SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC */
+int
+noopsrch_initialize( void )
+{
+
+ noopsrch.on_bi.bi_type = "noopsrch";
+
+ noopsrch.on_bi.bi_db_init = noopsrch_db_init;
+ noopsrch.on_bi.bi_db_destroy = noopsrch_db_destroy;
+ noopsrch.on_bi.bi_op_search = noopsrch_op_search;
+
+ return overlay_register( &noopsrch );
+}
+
+#if SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC
+int
+init_module( int argc, char *argv[] )
+{
+ return noopsrch_initialize();
+}
+#endif /* SLAPD_OVER_NOOPSRCH == SLAPD_MOD_DYNAMIC */
+
+#endif /* SLAPD_OVER_NOOPSRCH */