# HG changeset patch # User Olaf Wintermann # Date 1678616942 -3600 # Node ID d22ff46c171cfdd56588d01f30b861eac0beea90 # Parent 0a29110b94eccca2dab788a610255b93cafdf40c rename ldap-query to ldap-search, rename query parameter to filter diff -r 0a29110b94ec -r d22ff46c171c src/server/daemon/ws-fn.c --- a/src/server/daemon/ws-fn.c Sat Mar 11 17:14:51 2023 +0100 +++ b/src/server/daemon/ws-fn.c Sun Mar 12 11:29:02 2023 +0100 @@ -71,7 +71,7 @@ { "set-variable", set_variable, NULL, NULL, 0}, { "common-log", common_log, NULL, NULL, 0}, { "send-cgi", send_cgi, NULL, NULL, 0}, - { "ldap-query", ldap_query_saf, NULL, NULL, 0}, + { "ldap-search", service_ldap_search, NULL, NULL, 0}, { "webdav-init", webdav_init, NULL, NULL, 0}, { "webdav-service", webdav_service, NULL, NULL, 0}, {NULL, NULL, NULL, NULL, 0} diff -r 0a29110b94ec -r d22ff46c171c src/server/safs/ldap.c --- a/src/server/safs/ldap.c Sat Mar 11 17:14:51 2023 +0100 +++ b/src/server/safs/ldap.c Sun Mar 12 11:29:02 2023 +0100 @@ -47,35 +47,35 @@ return -1; } -int ldap_query_saf(pblock *pb, Session *sn, Request *rq) { +int service_ldap_search(pblock *pb, Session *sn, Request *rq) { char *resource_name = pblock_findval("resource", pb); char *basedn = pblock_findval("basedn", pb); char *binddn = pblock_findval("bindnd", pb); char *bindpw = pblock_findval("bindpw", pb); - char *ldap_query = pblock_findval("query", pb); - char *empty_query_error = pblock_findval("empty_query_error", pb); + char *filter = pblock_findval("filter", pb); + char *empty_query_error = pblock_findval("empty_filter_error", pb); char *empty_result_error = pblock_findval("empty_result_error", pb); char *scope_str = pblock_findval("scope", pb); char *timeout_str = pblock_findval("timeout", pb); char *sizelimit_str = pblock_findval("sizelimit", pb); - int status_empty_query = WS_SAFS_LDAP_EMPTY_QUERY_ERROR; + int status_empty_filter = WS_SAFS_LDAP_EMPTY_FILTER_ERROR; int status_empty_result = WS_SAFS_LDAP_EMPTY_RESULT_ERROR; if(empty_query_error) { int64_t status = 0; util_strtoint(empty_query_error, &status); if(status < 200 || status > 999) { - log_ereport(LOG_MISCONFIG, "ldap-query: empty_query_error parameter must be an integer between 200 and 999"); + log_ereport(LOG_MISCONFIG, "ldap-search: empty_query_error parameter must be an integer between 200 and 999"); return REQ_ABORTED; } - status_empty_query = status; + status_empty_filter = status; } if(empty_result_error) { int64_t status = 0; util_strtoint(empty_result_error, &status); if(status < 200 || status > 999) { - log_ereport(LOG_MISCONFIG, "ldap-query: empty_result_error parameter must be an integer between 200 and 999"); + log_ereport(LOG_MISCONFIG, "ldap-search: empty_result_error parameter must be an integer between 200 and 999"); return REQ_ABORTED; } status_empty_result = status; @@ -83,14 +83,14 @@ // should we sent an empty response in case of an empty query/result // or the standard error message? - WSBool empty_query_response = status_empty_query < 300 ? TRUE : FALSE; + WSBool empty_query_response = status_empty_filter < 300 ? TRUE : FALSE; WSBool empty_result_response = status_empty_result < 300 ? TRUE : FALSE; int scope = WS_SAFS_LDAP_DEFAULT_SCOPE; if(scope_str) { scope = get_ldap_scope(scope_str); if(scope < 0) { - log_ereport(LOG_MISCONFIG, "ldap-query: unknown scope %s", scope_str); + log_ereport(LOG_MISCONFIG, "ldap-search: unknown scope %s", scope_str); return REQ_ABORTED; } } @@ -99,47 +99,50 @@ int64_t t; if(util_strtoint(timeout_str, &t)) { if(t < 0 || t > WS_SAFS_LDAP_MAX_TIMEOUT) { - log_ereport(LOG_MISCONFIG, "ldap-query: timeout out of range"); + log_ereport(LOG_MISCONFIG, "ldap-search: timeout out of range"); return REQ_ABORTED; } timeout = t; } else { - log_ereport(LOG_MISCONFIG, "ldap-query: timeout %s is not a number", timeout_str); + log_ereport(LOG_MISCONFIG, "ldap-search: timeout %s is not a number", timeout_str); } } int sizelimit = WS_SAFS_LDAP_DEFAULT_SIZELIMIT; - if(timeout_str) { + if(sizelimit_str) { int64_t v; - if(util_strtoint(timeout_str, &v)) { + if(util_strtoint(sizelimit_str, &v)) { if(v > INT_MAX) { - log_ereport(LOG_MISCONFIG, "ldap-query: sizelimit out of range"); + log_ereport(LOG_MISCONFIG, "ldap-search: sizelimit out of range"); return REQ_ABORTED; } sizelimit = v; } else { - log_ereport(LOG_MISCONFIG, "ldap-query: sizelimit %s is not a number", timeout_str); + log_ereport(LOG_MISCONFIG, "ldap-search: sizelimit %s is not a number", timeout_str); } } if(!resource_name) { - log_ereport(LOG_MISCONFIG, "ldap-query: missing resource parameter"); + log_ereport(LOG_MISCONFIG, "ldap-search: missing resource parameter"); return REQ_ABORTED; } if(!basedn) { - log_ereport(LOG_MISCONFIG, "ldap-query: missing basedn parameter"); + log_ereport(LOG_MISCONFIG, "ldap-search: missing basedn parameter"); return REQ_ABORTED; } - if(!ldap_query) { - // alternatively get query from rq->vars - ldap_query = pblock_findval("ldap_query", rq->vars); - if(!ldap_query) { - // no ldap query - protocol_status(sn, rq, status_empty_query, NULL); + if(!filter) { + // alternatively get filter from rq->vars + filter = pblock_findval("ldap_filter", rq->vars); + log_ereport(LOG_DEBUG, "ldap-search: no filter parameter, rq.vars ldap_filter: %s", filter); + if(!filter) { + // no ldap filter + protocol_status(sn, rq, status_empty_filter, NULL); if(empty_query_response) { pblock_nvinsert("content-length", "0", rq->srvhdrs); http_start_response(sn, rq); + } else { + log_ereport(LOG_FAILURE, "ldap-search: no filter specified"); } return REQ_PROCEED; } @@ -148,7 +151,7 @@ // get the resource ResourceData *resdata = resourcepool_lookup(sn, rq, resource_name, 0); if(!resdata) { - log_ereport(LOG_FAILURE, "ldap-query: cannot get resource %s", resource_name); + log_ereport(LOG_FAILURE, "ldap-search: cannot get resource %s", resource_name); return REQ_ABORTED; } LDAP *ldap = resdata->data; @@ -157,7 +160,7 @@ if(binddn) { struct berval *server_cred; if(ws_ldap_bind(ldap, binddn, bindpw ? bindpw : "", &server_cred) != LDAP_SUCCESS) { - log_ereport(LOG_FAILURE, "ldap-query: resource %s: cannot bind %s", resource_name, binddn); + log_ereport(LOG_FAILURE, "ldap-search: resource %s: cannot bind %s", resource_name, binddn); resourcepool_free(sn, rq, resdata); return REQ_ABORTED; } @@ -173,7 +176,7 @@ ldap, basedn, LDAP_SCOPE_SUBTREE, - ldap_query, + filter, NULL, 0, NULL, // server controls @@ -186,7 +189,7 @@ if(result) { ldap_msgfree(result); } - log_ereport(LOG_FAILURE, "ldap-query: ldap error: %s", ldap_err2string(r)); + log_ereport(LOG_FAILURE, "ldap-search: ldap error: %s", ldap_err2string(r)); return REQ_ABORTED; } diff -r 0a29110b94ec -r d22ff46c171c src/server/safs/ldap.h --- a/src/server/safs/ldap.h Sat Mar 11 17:14:51 2023 +0100 +++ b/src/server/safs/ldap.h Sun Mar 12 11:29:02 2023 +0100 @@ -43,14 +43,14 @@ #define WS_SAFS_LDAP_MAX_TIMEOUT 32767 -#define WS_SAFS_LDAP_EMPTY_QUERY_ERROR 404 +#define WS_SAFS_LDAP_EMPTY_FILTER_ERROR 404 #define WS_SAFS_LDAP_EMPTY_RESULT_ERROR 404 /* - * ldap-query + * ldap-search * - * Sends an ldap query result as ldif to the client. If no query parameter is - * specified, the SAFs tries to use the "ldap_query" parameter from rq->vars. + * Sends an ldap search result as ldif to the client. If no filter parameter is + * specified, the SAFs tries to use the "ldap_filter" parameter from rq->vars. * * required parameters: * resource name of the ldap resource pool @@ -59,17 +59,17 @@ * optional parameters: * binddn bind ldap session to binddn * bindpw binddn password - * query ldap search query + * filter ldap search filter * scope search scope: base, onelevel, subtree, children * timeout timeout in seconds default: 30 * sizelimit maximum number of result entries defazkt: 1000 - * empty_query_error status code if the query is empty/null default: 404 + * empty_filter_error status code if the filter is empty/null default: 404 * empty_result_error status code if the result is empty default: 404 * * If the query or result is empty and the status code is 2xx, an empty * response is sent to the client. */ -int ldap_query_saf(pblock *pb, Session *sn, Request *rq); +int service_ldap_search(pblock *pb, Session *sn, Request *rq); #ifdef __cplusplus