webserver: comparison src/server/safs/ldap.c

-:0a29110b94ec
+:d22ff46c171c
 return LDAP_SCOPE_CHILDREN;
 }
 return -1;
 }
-int ldap_query_saf(pblock *pb, Session *sn, Request *rq) {
+int service_ldap_search(pblock *pb, Session *sn, Request *rq) {
 char *resource_name = pblock_findval("resource", pb);
 char *basedn = pblock_findval("basedn", pb);
 char *binddn = pblock_findval("bindnd", pb);
 char *bindpw = pblock_findval("bindpw", pb);
-char *ldap_query = pblock_findval("query", pb);
+char *filter = pblock_findval("filter", pb);
-char *empty_query_error = pblock_findval("empty_query_error", pb);
+char *empty_query_error = pblock_findval("empty_filter_error", pb);
 char *empty_result_error = pblock_findval("empty_result_error", pb);
 char *scope_str = pblock_findval("scope", pb);
 char *timeout_str = pblock_findval("timeout", pb);
 char *sizelimit_str = pblock_findval("sizelimit", pb);
-int status_empty_query = WS_SAFS_LDAP_EMPTY_QUERY_ERROR;
+int status_empty_filter = WS_SAFS_LDAP_EMPTY_FILTER_ERROR;
 int status_empty_result = WS_SAFS_LDAP_EMPTY_RESULT_ERROR;
 if(empty_query_error) {
 int64_t status = 0;
 util_strtoint(empty_query_error, &status);
 if(status < 200 || status > 999) {
-log_ereport(LOG_MISCONFIG, "ldap-query: empty_query_error parameter must be an integer between 200 and 999");
+log_ereport(LOG_MISCONFIG, "ldap-search: empty_query_error parameter must be an integer between 200 and 999");
 return REQ_ABORTED;
 }
-status_empty_query = status;
+status_empty_filter = status;
 }
 if(empty_result_error) {
 int64_t status = 0;
 util_strtoint(empty_result_error, &status);
 if(status < 200 || status > 999) {
-log_ereport(LOG_MISCONFIG, "ldap-query: empty_result_error parameter must be an integer between 200 and 999");
+log_ereport(LOG_MISCONFIG, "ldap-search: empty_result_error parameter must be an integer between 200 and 999");
 return REQ_ABORTED;
 }
 status_empty_result = status;
 }
 // should we sent an empty response in case of an empty query/result
 // or the standard error message?
-WSBool empty_query_response = status_empty_query < 300 ? TRUE : FALSE;
+WSBool empty_query_response = status_empty_filter < 300 ? TRUE : FALSE;
 WSBool empty_result_response = status_empty_result < 300 ? TRUE : FALSE;
 int scope = WS_SAFS_LDAP_DEFAULT_SCOPE;
 if(scope_str) {
 scope = get_ldap_scope(scope_str);
 if(scope < 0) {
-log_ereport(LOG_MISCONFIG, "ldap-query: unknown scope %s", scope_str);
+log_ereport(LOG_MISCONFIG, "ldap-search: unknown scope %s", scope_str);
 return REQ_ABORTED;
 }
 }
 int timeout = WS_SAFS_LDAP_DEFAULT_TIMEOUT;
 if(timeout_str) {
 int64_t t;
 if(util_strtoint(timeout_str, &t)) {
 if(t < 0 || t > WS_SAFS_LDAP_MAX_TIMEOUT) {
-log_ereport(LOG_MISCONFIG, "ldap-query: timeout out of range");
+log_ereport(LOG_MISCONFIG, "ldap-search: timeout out of range");
 return REQ_ABORTED;
 }
 timeout = t;
 } else {
-log_ereport(LOG_MISCONFIG, "ldap-query: timeout %s is not a number", timeout_str);
+log_ereport(LOG_MISCONFIG, "ldap-search: timeout %s is not a number", timeout_str);
 }
 }
 int sizelimit = WS_SAFS_LDAP_DEFAULT_SIZELIMIT;
-if(timeout_str) {
+if(sizelimit_str) {
 int64_t v;
-if(util_strtoint(timeout_str, &v)) {
+if(util_strtoint(sizelimit_str, &v)) {
 if(v > INT_MAX) {
-log_ereport(LOG_MISCONFIG, "ldap-query: sizelimit out of range");
+log_ereport(LOG_MISCONFIG, "ldap-search: sizelimit out of range");
 return REQ_ABORTED;
 }
 sizelimit = v;
 } else {
-log_ereport(LOG_MISCONFIG, "ldap-query: sizelimit %s is not a number", timeout_str);
+log_ereport(LOG_MISCONFIG, "ldap-search: sizelimit %s is not a number", timeout_str);
 }
 }
 if(!resource_name) {
-log_ereport(LOG_MISCONFIG, "ldap-query: missing resource parameter");
+log_ereport(LOG_MISCONFIG, "ldap-search: missing resource parameter");
 return REQ_ABORTED;
 }
 if(!basedn) {
-log_ereport(LOG_MISCONFIG, "ldap-query: missing basedn parameter");
+log_ereport(LOG_MISCONFIG, "ldap-search: missing basedn parameter");
 return REQ_ABORTED;
 }
-if(!ldap_query) {
+if(!filter) {
-// alternatively get query from rq->vars
+// alternatively get filter from rq->vars
-ldap_query = pblock_findval("ldap_query", rq->vars);
+filter = pblock_findval("ldap_filter", rq->vars);
-if(!ldap_query) {
+log_ereport(LOG_DEBUG, "ldap-search: no filter parameter, rq.vars ldap_filter: %s", filter);
-// no ldap query
+if(!filter) {
-protocol_status(sn, rq, status_empty_query, NULL);
+// no ldap filter
+protocol_status(sn, rq, status_empty_filter, NULL);
 if(empty_query_response) {
 pblock_nvinsert("content-length", "0", rq->srvhdrs);
 http_start_response(sn, rq);
+} else {
+log_ereport(LOG_FAILURE, "ldap-search: no filter specified");
 }
 return REQ_PROCEED;
 }
 }
 // get the resource
 ResourceData *resdata = resourcepool_lookup(sn, rq, resource_name, 0);
 if(!resdata) {
-log_ereport(LOG_FAILURE, "ldap-query: cannot get resource %s", resource_name);
+log_ereport(LOG_FAILURE, "ldap-search: cannot get resource %s", resource_name);
 return REQ_ABORTED;
 }
 LDAP *ldap = resdata->data;
 // optionally, use binddn
 if(binddn) {
 struct berval *server_cred;
 if(ws_ldap_bind(ldap, binddn, bindpw ? bindpw : "", &server_cred) != LDAP_SUCCESS) {
-log_ereport(LOG_FAILURE, "ldap-query: resource %s: cannot bind %s", resource_name, binddn);
+log_ereport(LOG_FAILURE, "ldap-search: resource %s: cannot bind %s", resource_name, binddn);
 resourcepool_free(sn, rq, resdata);
 return REQ_ABORTED;
 }
 }
 ts.tv_usec = 0;
 int r = ldap_search_ext_s(
 ldap,
 basedn,
 LDAP_SCOPE_SUBTREE,
-ldap_query,
+filter,
 NULL,
 0,
 NULL,        // server controls
 NULL,        // client controls
 &ts,
 if(r != LDAP_SUCCESS) {
 if(result) {
 ldap_msgfree(result);
 }
-log_ereport(LOG_FAILURE, "ldap-query: ldap error: %s", ldap_err2string(r));
+log_ereport(LOG_FAILURE, "ldap-search: ldap error: %s", ldap_err2string(r));
 return REQ_ABORTED;
 }
 // send http header

Mercurial > hg > webserver / file comparison

comparison: src/server/safs/ldap.c

src/server/safs/ldap.c