Add sssvlv overlay

clients/tools/common.c

@@ -120,6 +120,9 @@ static int	chainingContinuation = -1;
 static int	sessionTracking = 0;
 struct berval	stValue;
 #endif /* LDAP_CONTROL_X_SESSION_TRACKING */
+ber_int_t vlvPos;
+ber_int_t vlvCount;
+struct berval *vlvContext;
 
 LDAPControl	*unknown_ctrls = NULL;
 int		unknown_ctrls_num = 0;
@@ -136,6 +139,7 @@ static int print_paged_results( LDAP *ld, LDAPControl *ctrl );
 static int print_ppolicy( LDAP *ld, LDAPControl *ctrl );
 #endif
 static int print_sss( LDAP *ld, LDAPControl *ctrl );
+static int print_vlv( LDAP *ld, LDAPControl *ctrl );
 #ifdef LDAP_CONTROL_X_DEREF
 static int print_deref( LDAP *ld, LDAPControl *ctrl );
 #endif
@@ -155,6 +159,7 @@ static struct tool_ctrls_t {
 	{ LDAP_CONTROL_PASSWORDPOLICYRESPONSE,		TOOL_ALL,	print_ppolicy },
 #endif
 	{ LDAP_CONTROL_SORTRESPONSE,	TOOL_SEARCH,	print_sss },
+	{ LDAP_CONTROL_VLVRESPONSE,		TOOL_SEARCH,	print_vlv },
 #ifdef LDAP_CONTROL_X_DEREF
 	{ LDAP_CONTROL_X_DEREF,				TOOL_SEARCH,	print_deref },
 #endif
@@ -1927,6 +1932,46 @@ print_sss( LDAP *ld, LDAPControl *ctrl )
 	return rc;
 }
 
+static int
+print_vlv( LDAP *ld, LDAPControl *ctrl )
+{
+	int rc;
+	ber_int_t err;
+	struct berval bv;
+
+	rc = ldap_parse_vlvresponse_control( ld, ctrl, &vlvPos, &vlvCount,
+		&vlvContext, &err );
+	if ( rc == LDAP_SUCCESS ) {
+		char buf[ BUFSIZ ];
+
+		if ( vlvContext && vlvContext->bv_len > 0 ) {
+			bv.bv_len = LUTIL_BASE64_ENCODE_LEN(
+				vlvContext->bv_len ) + 1;
+			bv.bv_val = ber_memalloc( bv.bv_len + 1 );
+
+			bv.bv_len = lutil_b64_ntop(
+				(unsigned char *) vlvContext->bv_val,
+				vlvContext->bv_len,
+				bv.bv_val, bv.bv_len );
+		} else {
+			bv.bv_val = "";
+			bv.bv_len = 0;
+		}
+
+		rc = snprintf( buf, sizeof(buf), "pos=%d count=%d context=%s (%d) %s",
+			vlvPos, vlvCount, bv.bv_val,
+			err, ldap_err2string(err));
+
+		if ( bv.bv_len )
+			ber_memfree( bv.bv_val );
+
+		tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE,
+			"vlvResult", buf, rc );
+	}
+
+	return rc;
+}
+
 #ifdef LDAP_CONTROL_X_DEREF
 static int
 print_deref( LDAP *ld, LDAPControl *ctrl )

clients/tools/common.h

@@ -93,6 +93,9 @@ extern struct berval	pr_cookie;
 #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
 extern int		chaining;
 #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+extern ber_int_t	vlvPos;
+extern ber_int_t	vlvCount;
+extern struct berval	*vlvContext;
 
 /* options */
 extern struct timeval	nettimeout;

clients/tools/ldapsearch.c

@@ -133,6 +133,8 @@ usage( void )
 	fprintf( stderr, _("             [!]subentries[=true|false]  (RFC 3672 subentries)\n"));
 	fprintf( stderr, _("             [!]sync=ro[/<cookie>]       (RFC 4533 LDAP Sync refreshOnly)\n"));
 	fprintf( stderr, _("                     rp[/<cookie>][/<slimit>] (refreshAndPersist)\n"));
+	fprintf( stderr, _("             [!]vlv=<before>/<after>(/<offset>/<count>|:<value>)\n"));
+	fprintf( stderr, _("                                         (ldapv3-vlv-09 virtual list views)\n"));
 #ifdef LDAP_CONTROL_X_DEREF
 	fprintf( stderr, _("             [!]deref=derefAttr:attr[,...][;derefAttr:attr[,...][;...]]\n"));
 #endif
@@ -207,6 +209,10 @@ static int domainScope = 0;
 static int sss = 0;
 static LDAPSortKey **sss_keys = NULL;
 
+static int vlv = 0;
+static LDAPVLVInfo vlvInfo;
+static struct berval vlvValue;
+
 static int ldapsync = 0;
 static struct berval sync_cookie = { 0, NULL };
 static int sync_slimit = -1;
@@ -263,6 +269,47 @@ urlize(char *url)
 	}
 }
 
+static int
+parse_vlv(char *cvalue)
+{
+	char *keyp, *key2;
+	int num1, num2;
+
+	keyp = cvalue;
+	if ( sscanf( keyp, "%d/%d", &num1, &num2 ) != 2 ) {
+		fprintf( stderr,
+			_("VLV control value \"%s\" invalid\n"),
+			cvalue );
+		return -1;
+	}
+	vlvInfo.ldvlv_before_count = num1;
+	vlvInfo.ldvlv_after_count = num2;
+	keyp = strchr( keyp, '/' ) + 1;
+	key2 = strchr( keyp, '/' );
+	if ( key2 ) {
+		keyp = key2 + 1;
+		if ( sscanf( keyp, "%d/%d", &num1, &num2 ) != 2 ) {
+			fprintf( stderr,
+				_("VLV control value \"%s\" invalid\n"),
+				cvalue );
+			return -1;
+		}
+		vlvInfo.ldvlv_offset = num1;
+		vlvInfo.ldvlv_count = num2;
+		vlvInfo.ldvlv_attrvalue = NULL;
+	} else {
+		key2 = strchr( keyp, ':' );
+		if ( !key2 ) {
+			fprintf( stderr,
+				_("VLV control value \"%s\" invalid\n"),
+				cvalue );
+			return -1;
+		}
+		ber_str2bv( key2+1, 0, 0, &vlvValue );
+		vlvInfo.ldvlv_attrvalue = &vlvValue;
+	}
+	return 0;
+}
 
 const char options[] = "a:Ab:cE:F:l:Ls:S:tT:uz:"
 	"Cd:D:e:f:h:H:IMnNO:o:p:P:QR:U:vVw:WxX:y:Y:Z";
@@ -343,6 +390,11 @@ handle_private_option( int i )
 					_("PagedResultsControl previously specified\n") );
 				exit( EXIT_FAILURE );
 			}
+			if ( vlv != 0 ) {
+				fprintf( stderr,
+					_("PagedResultsControl incompatible with VLV\n") );
+				exit( EXIT_FAILURE );
+			}
 
 			if( cvalue != NULL ) {
 				char *promptp;
@@ -500,6 +552,27 @@ handle_private_option( int i )
 			}
 			if ( crit ) ldapsync *= -1;
 
+		} else if ( strcasecmp( control, "vlv" ) == 0 ) {
+			if( vlv ) {
+				fprintf( stderr,
+					_("virtual list view control previously specified\n"));
+				exit( EXIT_FAILURE );
+			}
+			if ( pagedResults != 0 ) {
+				fprintf( stderr,
+					_("PagedResultsControl incompatible with VLV\n") );
+				exit( EXIT_FAILURE );
+			}
+			if( cvalue == NULL ) {
+				fprintf( stderr,
+			         _("missing specification of vlv control\n") );
+				exit( EXIT_FAILURE );
+			}
+			if ( parse_vlv( cvalue ))
+				exit( EXIT_FAILURE );
+
+			vlv = 1 + crit;
+
 #ifdef LDAP_CONTROL_X_DEREF
 		} else if ( strcasecmp( control, "deref" ) == 0 ) {
 			int ispecs;
@@ -748,6 +821,12 @@ main( int argc, char **argv )
 
 	tool_args( argc, argv );
 
+	if ( vlv && !sss ) {
+		fprintf( stderr,
+			_("VLV control requires server side sort control\n" ));
+		return EXIT_FAILURE;
+	}
+
 	if (( argc - optind < 1 ) ||
 		( *argv[optind] != '(' /*')'*/ &&
 		( strchr( argv[optind], '=' ) == NULL ) ) )
@@ -843,7 +922,8 @@ getNextPage:
 		|| ldapsync
 		|| sss
 		|| subentries
-		|| valuesReturnFilter )
+		|| valuesReturnFilter
+		|| vlv )
 	{
 
 #ifdef LDAP_CONTROL_DONTUSECOPY
@@ -991,6 +1071,21 @@ getNextPage:
 			i++;
 		}
 
+		if ( vlv ) {
+			if ( ctrl_add() ) {
+				return EXIT_FAILURE;
+			}
+
+			if ( ldap_create_vlv_control_value( ld,
+				&vlvInfo, &c[i].ldctl_value ) )
+			{
+				return EXIT_FAILURE;
+			}
+
+			c[i].ldctl_oid = LDAP_CONTROL_VLVREQUEST;
+			c[i].ldctl_iscritical = sss > 1;
+			i++;
+		}
 #ifdef LDAP_CONTROL_X_DEREF
 		if ( derefcrit ) {
 			if ( derefval.bv_val == NULL ) {
@@ -1106,6 +1201,15 @@ getNextPage:
 			printf(_("\n# with server side sorting %scontrol"),
 				sss > 1 ? _("critical ") : "" );
 		}
+		if ( vlv ) {
+			printf(_("\n# with virtual list view %scontrol: %d/%d"),
+				vlv > 1 ? _("critical ") : "",
+				vlvInfo.ldvlv_before_count, vlvInfo.ldvlv_after_count);
+			if ( vlvInfo.ldvlv_attrvalue )
+				printf(":%s", vlvInfo.ldvlv_attrvalue->bv_val );
+			else
+				printf("/%d/%d", vlvInfo.ldvlv_offset, vlvInfo.ldvlv_count );
+		}
 #ifdef LDAP_CONTROL_X_DEREF
 		if ( derefcrit ) {
 			printf(_("\n# with dereference %scontrol"),
@@ -1149,7 +1253,7 @@ getNextPage:
 	}
 
 	if (( rc == LDAP_SUCCESS ) && pageSize && pr_morePagedResults ) {
-		char	buf[6];
+		char	buf[12];
 		int	i, moreEntries, tmpSize;
 
 		/* Loop to get the next pages when 
@@ -1187,6 +1291,41 @@ getNextPage:
 		goto getNextPage;
 	}
 
+	if (( rc == LDAP_SUCCESS ) && vlv ) {
+		char	buf[BUFSIZ];
+		int	i, moreEntries, tmpSize;
+
+		/* Loop to get the next window when 
+		 * enter is pressed on the terminal.
+		 */
+		printf( _("Press [before/after(/offset/count|:value)] Enter for the next window.\n"));
+		i = 0;
+		moreEntries = getchar();
+		while ( moreEntries != EOF && moreEntries != '\n' ) { 
+			if ( i < (int)sizeof(buf) - 1 ) {
+				buf[i] = moreEntries;
+				i++;
+			}
+			moreEntries = getchar();
+		}
+		buf[i] = '\0';
+		if ( buf[0] ) {
+			i = parse_vlv( strdup( buf ));
+			if ( i )
+				return EXIT_FAILURE;
+		} else {
+			vlvInfo.ldvlv_attrvalue = NULL;
+			vlvInfo.ldvlv_count = vlvCount;
+			vlvInfo.ldvlv_offset += vlvInfo.ldvlv_after_count;
+		}
+
+		if ( vlvInfo.ldvlv_context )
+			ber_bvfree( vlvInfo.ldvlv_context );
+		vlvInfo.ldvlv_context = vlvContext;
+
+		goto getNextPage;
+	}
+
 	tool_unbind( ld );
 	tool_destroy();
 	if ( base != NULL ) {

configure.in

@@ -346,6 +346,7 @@ Overlays="accesslog \
 	retcode \
 	rwm \
 	seqmod \
+	sssvlv \
 	syncprov \
 	translucent \
 	unique \
@@ -385,7 +386,9 @@ OL_ARG_ENABLE(retcode,[    --enable-retcode	  Return Code testing overlay],
 OL_ARG_ENABLE(rwm,[    --enable-rwm       	  Rewrite/Remap overlay],
 	no, [no yes mod], ol_enable_overlays)
 OL_ARG_ENABLE(seqmod,[    --enable-seqmod	  Sequential Modify overlay],
-	yes, [no yes mod], ol_enable_overlays)
+	no, [no yes mod], ol_enable_overlays)
+OL_ARG_ENABLE(sssvlv,[    --enable-sssvlv	  ServerSideSort/VLV overlay],
+	no, [no yes mod], ol_enable_overlays)
 OL_ARG_ENABLE(syncprov,[    --enable-syncprov	  Syncrepl Provider overlay],
 	yes, [no yes mod], ol_enable_overlays)
 OL_ARG_ENABLE(translucent,[    --enable-translucent  Translucent Proxy overlay],
@@ -554,6 +557,7 @@ BUILD_REFINT=no
 BUILD_RETCODE=no
 BUILD_RWM=no
 BUILD_SEQMOD=no
+BUILD_SSSVLV=no
 BUILD_SYNCPROV=no
 BUILD_TRANSLUCENT=no
 BUILD_UNIQUE=no
@@ -2938,6 +2942,18 @@ if test "$ol_enable_seqmod" != no ; then
 	AC_DEFINE_UNQUOTED(SLAPD_OVER_SEQMOD,$MFLAG,[define for Sequential Modify overlay])
 fi
 
+if test "$ol_enable_sssvlv" != no ; then
+	BUILD_SSSVLV=$ol_enable_sssvlv
+	if test "$ol_enable_sssvlv" = mod ; then
+		MFLAG=SLAPD_MOD_DYNAMIC
+		SLAPD_DYNAMIC_OVERLAYS="$SLAPD_DYNAMIC_OVERLAYS sssvlv.la"
+	else
+		MFLAG=SLAPD_MOD_STATIC
+		SLAPD_STATIC_OVERLAYS="$SLAPD_STATIC_OVERLAYS sssvlv.o"
+	fi
+	AC_DEFINE_UNQUOTED(SLAPD_OVER_SSSVLV,$MFLAG,[define for ServerSideSort/VLV overlay])
+fi
+
 if test "$ol_enable_syncprov" != no ; then
 	BUILD_SYNCPROV=$ol_enable_syncprov
 	if test "$ol_enable_syncprov" = mod ; then
@@ -3056,6 +3072,7 @@ dnl overlays
   AC_SUBST(BUILD_RETCODE)
   AC_SUBST(BUILD_RWM)
   AC_SUBST(BUILD_SEQMOD)
+  AC_SUBST(BUILD_SSSVLV)
   AC_SUBST(BUILD_SYNCPROV)
   AC_SUBST(BUILD_TRANSLUCENT)
   AC_SUBST(BUILD_UNIQUE)

doc/man/man1/ldapsearch.1

@@ -93,13 +93,13 @@ library call.
 opens a connection to an LDAP server, binds, and performs a search
 using specified parameters.   The \fIfilter\fP should conform to
 the string representation for search filters as defined in RFC 4515.
-If not provided, the default filter, (objectClass=*), is used.
+If not provided, the default filter, \fB(objectClass=*)\fP, is used.
 .LP
 If
 .B ldapsearch
 finds one or more entries, the attributes specified by
-\fIattrs\fP are returned.  If * is listed, all user attributes are
-returned.  If + is listed, all operational attributes are returned.
+\fIattrs\fP are returned.  If \fB*\fP is listed, all user attributes are
+returned.  If \fB+\fP is listed, all operational attributes are returned.
 If no \fIattrs\fP are listed, all user attributes are returned.  If only
 1.1 is listed, no attributes will be returned.
 .LP
@@ -109,12 +109,12 @@ Option \fI\-L\fP controls the format of the output.
 .TP
 .B \-n
 Show what would be done, but don't actually perform the search.  Useful for
-debugging in conjunction with -v.
+debugging in conjunction with \fB\-v\fP.
 .TP
 .B \-c
 Continuous operation mode. Errors are reported, but ldapsearch will continue
 with searches. The default is to exit after reporting an error.  Only useful
-in conjunction with -f.
+in conjunction with \fB\-f\fP.
 .TP
 .B \-u
 Include the User Friendly Name form of the Distinguished Name (DN)
@@ -274,13 +274,14 @@ General extensions:
 
 Search extensions:
 .nf
-  [!]domainScope                               (domain scope)
-  [!]mv=<filter>                               (matched values filter)
+  [!]domainScope                       (domain scope)
+  [!]mv=<filter>                       (matched values filter)
   [!]pr=<size>[/prompt|noprompt]       (paged results/prompt)
   [!]sss=[\-]<attr[:OID]>[/[\-]<attr[:OID]>...]  (server side sorting)
   [!]subentries[=true|false]           (subentries)
-  [!]sync=ro[/<cookie>]                        (LDAP Sync refreshOnly)
+  [!]sync=ro[/<cookie>]                (LDAP Sync refreshOnly)
           rp[/<cookie>][/<slimit>]     (LDAP Sync refreshAndPersist)
+  [!]vlv=<before>/<after>(/<offset>/<count>|:<value>)  (virtual list view)
 .fi
 .TP
 .BI \-l \ timelimit

doc/man/man5/slapo-sssvlv.5

@@ -0,0 +1,53 @@
+.TH SLAPO-SSSVLV 5 "RELEASEDATE" "OpenLDAP LDVERSION"
+.\" Copyright 2009 The OpenLDAP Foundation All Rights Reserved.
+.\" Copyright 2009 Symas Corporation All Rights Reserved.
+.\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapo\-sssvlv \- Server Side Sorting and Virtual List View overlay to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+This overlay implements the LDAP Server Side Sorting (RFC2891) control
+as well as the Virtual List View control. It also replaces the default
+implementation of the LDAP PagedResults (RFC2696) control, to ensure
+that it works with Sorting. The overlay can be used with any backend
+or globally for all backends.
+
+Since a complete result set must be generated in memory before sorting can
+be performed, processing sort requests can have a large impact on the
+server's memory use. As such, any connection is limited to having only
+one sort request active at a time. Additional limits may be configured
+as described below.
+
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the SSSVLV overlay.
+They should appear after the
+.B overlay
+directive.
+.TP
+.B sssvlv\-max <num>
+Set the maximum number of concurrent sort requests allowed across all
+connections. The default is one half of the number of server threads.
+.TP
+.B sssvlv\-maxkeys <num>
+Set the maximum number of keys allowed in a sort request. The default is 5.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.TP
+ETCDIR/slapd.d
+default slapd configuration directory
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd\-config (5).
+.LP
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
+.LP
+IETF LDAP Virtual List View proposal by D. Boreham, J. Sermersheim,
+and A. Kashi in IETF document "draft-ietf-ldapext-ldapv3-vlv-09.txt".
+.SH AUTHOR
+Howard Chu

include/ldap.h

@@ -246,7 +246,6 @@ typedef struct ldapcontrol {
 #define LDAP_CONTROL_PRE_READ			"1.3.6.1.1.13.1"		/* RFC 4527 */
 #define LDAP_CONTROL_POST_READ			"1.3.6.1.1.13.2"		/* RFC 4527 */
 
-/*  standard track - not implemented in slapd(8) */
 #define LDAP_CONTROL_SORTREQUEST    "1.2.840.113556.1.4.473" /* RFC 2891 */
 #define LDAP_CONTROL_SORTRESPONSE	"1.2.840.113556.1.4.474" /* RFC 2891 */
 
@@ -349,11 +348,10 @@ typedef struct ldapcontrol {
 #define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_MODIFY	0x4
 #define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_RENAME	0x8
 
-/* LDAP VLV *//* not implemented in slapd(8) */
+/* LDAP VLV */
 #define LDAP_CONTROL_VLVREQUEST    	"2.16.840.1.113730.3.4.9"
 #define LDAP_CONTROL_VLVRESPONSE    "2.16.840.1.113730.3.4.10"
 
-
 /* LDAP Unsolicited Notifications */
 #define	LDAP_NOTICE_OF_DISCONNECTION	"1.3.6.1.4.1.1466.20036" /* RFC 4511 */
 #define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION
@@ -618,6 +616,8 @@ typedef struct ldapcontrol {
 #define LDAP_RESULTS_TOO_LARGE		0x46 /* CLDAP */
 #define LDAP_AFFECTS_MULTIPLE_DSAS	0x47
 
+#define LDAP_VLV_ERROR				0x4C
+
 #define LDAP_OTHER					0x50
 
 /* LCUP operation codes (113-117) - not implemented */

include/portable.hin

@@ -1014,6 +1014,9 @@
 /* define for Sequential Modify overlay */
 #undef SLAPD_OVER_SEQMOD
 
+/* define for ServerSideSort/VLV overlay */
+#undef SLAPD_OVER_SSSVLV
+
 /* define for Syncrepl Provider overlay */
 #undef SLAPD_OVER_SYNCPROV
 

libraries/libldap/error.c

@@ -79,6 +79,9 @@ static struct ldaperror ldap_builtin_errlist[] = {
 	{LDAP_RESULTS_TOO_LARGE,		N_("Results too large")},
 	{LDAP_AFFECTS_MULTIPLE_DSAS,	N_("Operation affects multiple DSAs")},
 
+	/* Virtual List View draft */
+	{LDAP_VLV_ERROR,				N_("Virtual List View error")},
+
 	{LDAP_OTHER, 					N_("Other (e.g., implementation specific) error")},
 
 	{LDAP_CANCELLED,				N_("Cancelled")},

servers/slapd/bconfig.c

@@ -261,6 +261,7 @@ static OidRec OidMacros[] = {
  * OLcfgOv{Oc|At}:18			-> memberof
  * OLcfgOv{Oc|At}:19			-> collect
  * OLcfgOv{Oc|At}:20			-> retcode
+ * OLcfgOv{Oc|At}:21			-> sssvlv
  */
 
 /* alphabetical ordering */

servers/slapd/overlays/Makefile.in

@@ -29,6 +29,7 @@ SRCS = overlays.c \
 	retcode.c \
 	rwm.c rwmconf.c rwmdn.c rwmmap.c \
 	seqmod.c \
+	sssvlv.c \
 	syncprov.c \
 	translucent.c \
 	unique.c \
@@ -109,6 +110,9 @@ rwm.la : rwm.lo rwmconf.lo rwmdn.lo rwmmap.lo
 seqmod.la : seqmod.lo
 	$(LTLINK_MOD) -module -o $@ seqmod.lo version.lo $(LINK_LIBS)
 
+sssvlv.la : sssvlv.lo
+	$(LTLINK_MOD) -module -o $@ sssvlv.lo version.lo $(LINK_LIBS)
+
 syncprov.la : syncprov.lo
 	$(LTLINK_MOD) -module -o $@ syncprov.lo version.lo $(LINK_LIBS)
 

servers/slapd/slap.h

@@ -62,7 +62,6 @@ LDAP_BEGIN_DECL
 #define LDAP_COLLECTIVE_ATTRIBUTES
 #define LDAP_COMP_MATCH
 #define LDAP_SYNC_TIMESTAMP
-#define SLAP_CONTROL_X_SORTEDRESULTS
 #define SLAP_CONTROL_X_SESSION_TRACKING
 #define SLAP_CONTROL_X_WHATFAILED
 #define SLAP_CONFIG_DELETE