- move the lock back

- go back to exhaustive searching for now

1 files changed, 17 insertions, 86 deletions

diff --git a/src/back-sch.c b/src/back-sch.c
index 6e3c81b..d368f59 100644
--- a/src/back-sch.c
+++ b/src/back-sch.c
@@ -504,7 +504,7 @@ struct backend_search_cbdata {
 
 	bool_t answer;
 	int result;
-	const char *matched, *text;
+	char *matched, *text;
 	int n_entries;
 };
 static bool_t
@@ -522,24 +522,15 @@ backend_search_entry_cb(const char *domain, const char *map, bool_t secure,
 	cbdata = cb_data;
 	entry_data = backend_data;
 	sdn = slapi_entry_get_sdn(entry_data->e);
-	/* If the search was for scope==base, then the client only wants to
-	 * examine one entry, so we need to check that this is the right one.
-	 * */
-	switch (cbdata->scope) {
-	case LDAP_SCOPE_BASE:
-		if (slapi_sdn_compare(sdn, cbdata->target_dn) != 0) {
-			/* The names don't match -- return now. */
-			return TRUE;
-		}
-		break;
-	default:
-		break;
+	/* Check if this entry belongs. */
+	if (slapi_sdn_scope_test(sdn, cbdata->target_dn, cbdata->scope) == 0) {
+		return TRUE;
 	}
 	/* Now check the entry against the filter. */
 	result = slapi_filter_test(cbdata->pb, entry_data->e,
 				   cbdata->filter, cbdata->check_access);
 	switch (result) {
-	case -1:
+	default:
 		/* Not a match. */
 		break;
 	case 0:
@@ -552,17 +543,6 @@ backend_search_entry_cb(const char *domain, const char *map, bool_t secure,
 					     cbdata->attrs, cbdata->attrsonly);
 		cbdata->n_entries++;
 		break;
-	default:
-		/* Return an LDAP error. */
-		slapi_log_error(SLAPI_LOG_PLUGIN,
-				cbdata->state->plugin_desc->spd_id,
-				"search got error %d checking %s\n",
-				result, slapi_sdn_get_ndn(sdn));
-		cbdata->answer = TRUE;
-		if (cbdata->result == 0) {
-			cbdata->result = result;
-		}
-		break;
 	}
 	return TRUE;
 }
@@ -580,8 +560,8 @@ backend_search_set_cb(const char *group, const char *set, bool_t flag,
 	set_data = backend_data;
 	cbdata->check_access = set_data->check_access;
 	/* Check the set itself. */
-	if (slapi_sdn_scope_test(set_data->container_sdn, cbdata->target_dn,
-				 cbdata->scope)) {
+	if (slapi_sdn_scope_test(set_data->container_sdn,
+				 cbdata->target_dn, cbdata->scope)) {
 		set_entry = slapi_entry_alloc();
 		slapi_entry_add_string(set_entry,
 				       "objectClass", "extensibleObject");
@@ -594,7 +574,7 @@ backend_search_set_cb(const char *group, const char *set, bool_t flag,
 					   cbdata->filter,
 					   cbdata->check_access);
 		switch (result) {
-		case -1:
+		default:
 			/* Not a match. */
 			break;
 		case 0:
@@ -607,49 +587,9 @@ backend_search_set_cb(const char *group, const char *set, bool_t flag,
 						     cbdata->attrsonly);
 			cbdata->n_entries++;
 			break;
-		default:
-			/* Return an LDAP error. */
-			slapi_log_error(SLAPI_LOG_PLUGIN,
-					cbdata->state->plugin_desc->spd_id,
-					"search got error %d checking %s\n",
-					result, ndn);
-			cbdata->answer = TRUE;
-			if (cbdata->result == 0) {
-				cbdata->result = result;
-			}
-			break;
 		}
 		slapi_entry_free(set_entry);
 	}
-	/* Now scope-check the set's contents so that we only do it once. */
-	switch (cbdata->scope) {
-	case LDAP_SCOPE_BASE:
-		/* If the container is not the parent of the target, then we're
-		 * done with this set. */
-		if (slapi_sdn_isparent(set_data->container_sdn,
-				       cbdata->target_dn) != 1) {
-			return TRUE;
-		}
-		break;
-	case LDAP_SCOPE_ONELEVEL:
-		/* If it's not a scope=one search of this set, then we're done
-		 * with this set. */
-		if (slapi_sdn_compare(set_data->container_sdn,
-				      cbdata->target_dn) != 0) {
-			return TRUE;
-		}
-		break;
-	case LDAP_SCOPE_SUBTREE:
-		/* If the search suffix is not a suffix of the set and it's not
-		 * the set itself, then we're done with this set. */
-		if ((slapi_sdn_compare(set_data->container_sdn,
-				       cbdata->target_dn) != 0) &&
-		    (slapi_sdn_issuffix(set_data->container_sdn,
-					cbdata->target_dn) != 1)) {
-			return TRUE;
-		}
-		break;
-	}
 	/* Walk the set of entries in this set. */
 	map_data_foreach_entry_id(cbdata->state, group, set, NULL,
 				  backend_search_entry_cb, cbdata);
@@ -679,7 +619,7 @@ backend_search_group_cb(const char *group, void *cb_data)
 					   cbdata->filter,
 					   cbdata->check_access);
 		switch (result) {
-		case -1:
+		default:
 			/* Not a match. */
 			break;
 		case 0:
@@ -692,17 +632,6 @@ backend_search_group_cb(const char *group, void *cb_data)
 						     cbdata->attrsonly);
 			cbdata->n_entries++;
 			break;
-		default:
-			/* Return an LDAP error. */
-			slapi_log_error(SLAPI_LOG_PLUGIN,
-					cbdata->state->plugin_desc->spd_id,
-					"search got error %d checking %s\n",
-					result, group);
-			cbdata->answer = TRUE;
-			if (cbdata->result == 0) {
-				cbdata->result = result;
-			}
-			break;
 		}
 		slapi_entry_free(group_entry);
 	}
@@ -711,8 +640,8 @@ backend_search_group_cb(const char *group, void *cb_data)
 			     backend_search_set_cb, cbdata);
 	/* If the search is confined to this group, we need to send the result
 	 * ourselves. */
-	if (slapi_sdn_scope_test(cbdata->target_dn, group_dn,
-				 LDAP_SCOPE_SUBTREE)) {
+	if (slapi_sdn_scope_test(cbdata->target_dn,
+				 group_dn, LDAP_SCOPE_SUBTREE)) {
 		cbdata->answer = TRUE;
 	}
 	slapi_sdn_free(&group_dn);
@@ -735,8 +664,8 @@ backend_search_cb(Slapi_PBlock *pb)
 	slapi_pblock_get(pb, SLAPI_SEARCH_ATTRSONLY, &cbdata.attrsonly);
 	cbdata.answer = FALSE;
 	cbdata.result = 0;
-	cbdata.matched = "";
-	cbdata.text = "";
+	cbdata.matched = NULL;
+	cbdata.text = NULL;
 	cbdata.n_entries = 0;
 	if (backend_shr_is_caller(cbdata.state, cbdata.pb)) {
 		slapi_log_error(SLAPI_LOG_PLUGIN,
@@ -752,14 +681,16 @@ backend_search_cb(Slapi_PBlock *pb)
 	cbdata.target_dn = slapi_sdn_new_dn_byval(cbdata.target);
 	map_rdlock();
 	map_data_foreach_domain(cbdata.state, backend_search_group_cb, &cbdata);
+	map_unlock();
+	slapi_sdn_free(&cbdata.target_dn);
 	if (cbdata.answer) {
 		slapi_send_ldap_result(cbdata.pb, cbdata.result,
 				       (char *) cbdata.matched,
 				       (char *) cbdata.text,
 				       cbdata.n_entries, NULL);
 	}
-	map_unlock();
-	slapi_sdn_free(&cbdata.target_dn);
+	free(cbdata.matched);
+	free(cbdata.text);
 	return cbdata.answer ? -1 : 0;
 }