#include #include #include "byte.h" #include "buffer.h" #include "ldap.h" #include "ldif.h" #include "open.h" #include "mmap.h" #include "uint32.h" #ifdef STANDALONE #include "socket.h" #include "ip6.h" #include #endif #define verbose 0 #define debug 0 char* map; long filelen; uint32 magic,attribute_count,record_count,indices_offset,size_of_string_table; /* how many longs are needed to have one bit for each record? */ uint32 record_set_length; /* some pre-looked-up attribute offsets to speed up ldap_match_mapped */ uint32 dn_ofs,objectClass_ofs; #define BUFSIZE 8192 #if (verbose != 0) /* debugging support functions, adapted from t2.c */ static void printava(struct AttributeValueAssertion* a,const char* rel) { buffer_puts(buffer_2,"["); buffer_put(buffer_2,a->desc.s,a->desc.l); buffer_puts(buffer_2," "); buffer_puts(buffer_2,rel); buffer_puts(buffer_2," "); buffer_put(buffer_2,a->value.s,a->value.l); buffer_puts(buffer_2,"]"); } static void printal(struct AttributeDescriptionList* a) { while (a) { buffer_put(buffer_2,a->a.s,a->a.l); a=a->next; if (a) buffer_puts(buffer_2,","); } if (a) buffer_puts(buffer_2,"\n"); } static void printfilter(struct Filter* f) { switch (f->type) { case AND: buffer_puts(buffer_2,"&("); mergesub: printfilter(f->x); buffer_puts(buffer_2,")\n"); break; case OR: buffer_puts(buffer_2,"|("); goto mergesub; break; case NOT: buffer_puts(buffer_2,"!("); goto mergesub; case EQUAL: printava(&f->ava,"=="); break; case SUBSTRING: { struct Substring* s=f->substrings; int first=1; buffer_put(buffer_2,f->ava.desc.s,f->ava.desc.l); buffer_puts(buffer_2," has "); while (s) { if (!first) buffer_puts(buffer_2," and "); first=0; switch(s->substrtype) { case prefix: buffer_puts(buffer_2,"prefix \""); break; case any: buffer_puts(buffer_2,"substr \""); break; case suffix: buffer_puts(buffer_2,"suffix \""); break; } buffer_put(buffer_2,s->s.s,s->s.l); buffer_puts(buffer_2,"\""); s=s->next; } } break; case GREATEQUAL: printava(&f->ava,">="); break; case LESSEQUAL: printava(&f->ava,"<="); break; case PRESENT: printava(&f->ava,"\\exist"); break; case APPROX: printava(&f->ava,"\\approx"); break; case EXTENSIBLE: buffer_puts(buffer_2,"[extensible]"); break; } if (f->next) { buffer_puts(buffer_2,","); printfilter(f->next); } buffer_flush(buffer_2); } #endif /* recursively fill in attrofs and attrflag */ static void fixup(struct Filter* f) { if (!f) return; switch (f->type) { case EQUAL: case SUBSTRING: case GREATEQUAL: case LESSEQUAL: case PRESENT: case APPROX: { char* x=map+5*4+size_of_string_table; unsigned int i; f->attrofs=f->attrflag=0; for (i=0; iava.desc,map+j)) { f->attrofs=j; uint32_unpack(x+-attribute_count*4,&f->attrflag); break; } x+=4; } if (!f->attrofs) { buffer_puts(buffer_2,"cannot find attribute \""); buffer_put(buffer_2,f->ava.desc.s,f->ava.desc.l); buffer_putsflush(buffer_2,"\"!\n"); } } case AND: case OR: case NOT: if (f->x) fixup(f->x); default: } if (f->next) fixup(f->next); } /* find out whether this filter can be accelerated with the indices */ static int indexable(struct Filter* f) { struct Filter* y=f->x; if (!f) return 0; switch (f->type) { case AND: while (y) { if (indexable(y)) return 1; y=y->next; } return 0; case OR: while (y) { if (!indexable(y)) return 0; y=y->next; } return 1; #if 0 /* doesn't make much sense to try to speed up negated queries */ case NOT: return indexable(y); #endif case SUBSTRING: if (f->substrings->substrtype!=prefix) return 0; /* fall through */ case EQUAL: { uint32 ofs; for (ofs=indices_offset+record_count*4; ofs<(unsigned long)filelen;) { uint32 index_type,next,indexed_attribute; uint32_unpack(map+ofs,&index_type); uint32_unpack(map+ofs+4,&next); uint32_unpack(map+ofs+8,&indexed_attribute); if (index_type==0) if (!matchstring(&f->ava.desc,map+indexed_attribute)) return 1; ofs=next; } } /* fall through */ default: return 0; } } /* each record can have more than one attribute with the same name, i.e. * two email addresses. Thus, the index can't just be a sorted list of * pointers the records (because a record with two email addresses needs * to be in the index twice, once for each email address). So our index * is a sorted list of pointers to the attributes. Thus, a look-up in * the index does not yield the record but the attribute. We need to be * able to find the record for a given attribute. To do that, we * exploit the fact that the strings in the string table are in the same * order as the records, so we can do a binary search over the record * table to find the record with the attribute. This does not work for * objectClass, because the classes are stored in a different string * table to remove duplicates. */ /* find record given a data pointer */ static uint32 findrec(uint32 dat) { uint32* records=(uint32*)(map+indices_offset); uint32 bottom=0; uint32 top=record_count; while ((top>=bottom)) { uint32 mid=(top+bottom)/2; uint32 k,l; uint32_unpack(&records[mid],&k); uint32_unpack(map+k+8,&l); if (ldat) return mid; /* found! */ bottom=mid+1; } else if (mid) top=mid-1; else break; } buffer_putsflush(buffer_2,"findrec failed!\n"); return 0; } /* basic bit-set support: set all bits to zero */ static inline void emptyset(unsigned long* r) { unsigned long i; for (i=0; i=bottom)) { uint32 mid=(top+bottom)/2; uint32 k; int l; uint32_unpack(&index[mid],&k); if ((l=match(s,map+k))==0) { /* match! */ uint32 rec; uint32 m; if ((rec=findrec(k))) setbit(bitfield,rec); /* there may be multiple matches. * Look before and after mid, too */ for (k=mid-1; k>0; --k) { uint32_unpack(&index[k],&m); if ((l=match(s,map+m))==0) { if ((rec=findrec(m))) setbit(bitfield,rec); } else break; } for (k=mid+1; kx; if (!f) return 1; switch (f->type) { case AND: { unsigned long* tmp=alloca(record_set_length*sizeof(unsigned long)); int ok=0; fillset(bitfield); while (y) { if (useindex(y,tmp)) { unsigned int i; for (i=0; inext; } return ok; } case OR: { unsigned long* tmp=alloca(record_set_length*sizeof(unsigned long)); int ok=1; emptyset(bitfield); while (y) { if (useindex(y,tmp)) { unsigned int i; for (i=0; inext; } return ok; } #if 0 /* doesn't make much sense to try to speed up negated queries */ case NOT: return indexable(y); #endif case SUBSTRING: if (f->substrings->substrtype!=prefix) return 0; { uint32 ofs; for (ofs=indices_offset+record_count*4; ofs<(unsigned long)filelen;) { uint32 index_type,next,indexed_attribute; uint32_unpack(map+ofs,&index_type); uint32_unpack(map+ofs+4,&next); uint32_unpack(map+ofs+8,&indexed_attribute); if (index_type==0) if (!matchstring(&f->ava.desc,map+indexed_attribute)) { tagmatches((uint32*)(map+ofs+12),(next-ofs-12)/4,&f->substrings->s,bitfield, f->attrflag&1?matchcaseprefix:matchprefix); return 1; } ofs=next; } } return 0; case EQUAL: { uint32 ofs; for (ofs=indices_offset+record_count*4; ofs<(unsigned long)filelen;) { uint32 index_type,next,indexed_attribute; uint32_unpack(map+ofs,&index_type); uint32_unpack(map+ofs+4,&next); uint32_unpack(map+ofs+8,&indexed_attribute); if (index_type==0) if (!matchstring(&f->ava.desc,map+indexed_attribute)) { tagmatches((uint32*)(map+ofs+12),(next-ofs-12)/4,&f->ava.value,bitfield, f->attrflag&1?matchcasestring:matchstring); return 1; } ofs=next; } } /* fall through */ default: return 0; } } static void answerwith(uint32 ofs,struct SearchRequest* sr,long messageid,int out) { uint32 k; struct SearchResultEntry sre; struct PartialAttributeList** pal=&sre.attributes; #if (debug != 0) if (debug) { char* x=map+ofs; uint32 j,k; uint32_unpack(x,&j); buffer_putulong(buffer_2,j); buffer_puts(buffer_2," attributes:\n"); x+=8; buffer_puts(buffer_2," dn: "); uint32_unpack(x,&k); buffer_puts(buffer_2,map+k); buffer_puts(buffer_2,"\n objectClass: "); x+=4; uint32_unpack(x,&k); buffer_puts(buffer_2,map+k); buffer_puts(buffer_2,"\n"); x+=4; for (; j>2; --j) { uint32_unpack(x,&k); buffer_puts(buffer_2," "); buffer_puts(buffer_2,map+k); buffer_puts(buffer_2,": "); uint32_unpack(x+4,&k); buffer_puts(buffer_2,map+k); buffer_puts(buffer_2,"\n"); x+=8; } buffer_flush(buffer_2); } #endif uint32_unpack(map+ofs+8,&k); sre.objectName.s=map+k; sre.objectName.l=strlen(map+k); sre.attributes=0; /* now go through list of requested attributes */ { struct AttributeDescriptionList* adl=sr->attributes; while (adl) { const char* val=0; uint32 i=2,j; uint32_unpack(map+ofs,&j); #if 0 buffer_puts(buffer_2,"looking for attribute \""); buffer_put(buffer_2,adl->a.s,adl->a.l); buffer_putsflush(buffer_2,"\"\n"); #endif if (!matchstring(&adl->a,"dn")) val=sre.objectName.s; else if (!matchstring(&adl->a,"objectClass")) { uint32_unpack(map+ofs+12,&k); val=map+k; } else { for (; ia,map+k)) { uint32_unpack(map+ofs+i*8+4,&k); val=map+k; break; } } } if (val) { *pal=malloc(sizeof(struct PartialAttributeList)); if (!*pal) { nomem: buffer_putsflush(buffer_2,"out of virtual memory!\n"); exit(1); } (*pal)->type=adl->a; { struct AttributeDescriptionList** a=&(*pal)->values; while (ia.s=val; (*a)->a.l=strlen(val); (*a)->next=0; for (;ia,map+k)) { uint32_unpack(map+ofs+i*8+4,&k); val=map+k; ++i; break; } } } } (*pal)->next=0; pal=&(*pal)->next; } adl=adl->next; } } { long l=fmt_ldapsearchresultentry(0,&sre); char *buf=alloca(l+300); /* you never know ;) */ long tmp; if (verbose) { buffer_puts(buffer_2,"sre len "); buffer_putulong(buffer_2,l); buffer_putsflush(buffer_2,".\n"); } tmp=fmt_ldapmessage(buf,messageid,SearchResultEntry,l); fmt_ldapsearchresultentry(buf+tmp,&sre); write(out,buf,l+tmp); } } int handle(int in,int out) { int len; char buf[BUFSIZE]; for (len=0;;) { int tmp=read(in,buf+len,BUFSIZE-len); int res; long messageid,op,Len; if (tmp==0) if (!len) { return 0; } if (tmp<0) { write(2,"error!\n",7); return 1; } len+=tmp; res=scan_ldapmessage(buf,buf+len,&messageid,&op,&Len); if (res>0) { if (verbose) { buffer_puts(buffer_2,"got message of length "); buffer_putulong(buffer_2,Len); buffer_puts(buffer_2," with id "); buffer_putulong(buffer_2,messageid); buffer_puts(buffer_2,": op "); buffer_putulong(buffer_2,op); buffer_putsflush(buffer_2,".\n"); } switch (op) { case BindRequest: { long version,method; struct string name; int tmp; tmp=scan_ldapbindrequest(buf+res,buf+res+len,&version,&name,&method); if (tmp>=0) { if (verbose) { buffer_puts(buffer_2,"bind request: version "); buffer_putulong(buffer_2,version); buffer_puts(buffer_2," for name \""); buffer_put(buffer_2,name.s,name.l); buffer_puts(buffer_2,"\" with method "); buffer_putulong(buffer_2,method); buffer_putsflush(buffer_2,".\n"); } { char outbuf[1024]; int s=100; int len=fmt_ldapbindresponse(outbuf+s,0,"","go ahead",""); int hlen=fmt_ldapmessage(0,messageid,BindResponse,len); fmt_ldapmessage(outbuf+s-hlen,messageid,BindResponse,len); write(out,outbuf+s-hlen,len+hlen); } } } break; case SearchRequest: { struct SearchRequest sr; int tmp; #if 0 { int fd=open_write("request"); write(fd,buf,res+len); close(fd); } #endif if ((tmp=scan_ldapsearchrequest(buf+res,buf+res+len,&sr))) { #if (debug != 0) if (debug) { const char* scopes[]={"baseObject","singleLevel","wholeSubtree"}; const char* alias[]={"neverDerefAliases","derefInSearching","derefFindingBaseObj","derefAlways"}; buffer_puts(buffer_2,"search request: baseObject \""); buffer_put(buffer_2,sr.baseObject.s,sr.baseObject.l); buffer_puts(buffer_2,"\", scope "); buffer_puts(buffer_2,scopes[sr.scope]); buffer_puts(buffer_2,", "); buffer_puts(buffer_2,alias[sr.derefAliases]); buffer_puts(buffer_2,"\nsize limit "); buffer_putulong(buffer_2,sr.sizeLimit); buffer_puts(buffer_2,", time limit "); buffer_putulong(buffer_2,sr.timeLimit); buffer_puts(buffer_2,"\n"); printfilter(sr.filter); buffer_puts(buffer_2,"attributes: "); printal(sr.attributes); buffer_putsflush(buffer_2,"\n\n"); } #endif fixup(sr.filter); if (indexable(sr.filter)) { unsigned long* result; unsigned long i; #if (debug != 0) if (debug) buffer_putsflush(buffer_2,"query can be answered with index!\n"); #endif record_set_length=(record_count+sizeof(unsigned long)*8-1) / (sizeof(long)*8); result=alloca(record_set_length*sizeof(unsigned long)); /* Use the index to find matching data. Put the offsets * of the matches in a table. Use findrec to locate * the records that point to the data. */ useindex(sr.filter,result); for (i=0; i \""); buffer_put(buffer_1,x->a.s,x->a.l); buffer_putsflush(buffer_1,"\"\n"); x=x->next; } while (x); } } else { buffer_putsflush(buffer_2,"couldn't parse modify request!\n"); exit(1); } } case AbandonRequest: /* do nothing */ break; default: buffer_puts(buffer_2,"unknown request type "); buffer_putulong(buffer_2,op); buffer_putsflush(buffer_2,"\n"); return 0; // exit(1); } Len+=res; #if 0 buffer_puts(buffer_2,"byte_copy(buf,"); buffer_putulong(buffer_2,len-Len); buffer_puts(buffer_2,",buf+"); buffer_putulong(buffer_2,Len); buffer_putsflush(buffer_2,");\n"); #endif if (Len