4 files changed, 59 insertions, 30 deletions

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 431aba3c9..6dafe5b33 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,23 @@
 2014-05-22  Corinna Vinschen  <corinna@vinschen.de>
 
+	* autoload.cc (ldap_abandon): Remove.
+	(ldap_count_entries): Import.
+	(ldap_get_next_page_s): Import.
+	(ldap_result): Remove.
+	(ldap_searchW): Remove.
+	(ldap_search_abandon_page): Import.
+	(ldap_search_init_pageW): Import.
+	* ldap.cc (cyg_ldap::close): Use ldap_search_abandon_page to abandon
+	search.  Reset srch_id, srch_msg and srch_entry.
+	(cyg_ldap::enumerate_ad_accounts): Use paged search to overcome server
+	side search result set restriction.
+	(cyg_ldap::next_account): Ditto.
+	* ldap.h (class cyg_ldap): Add members srch_id, srch_msg and srch_entry.
+	Remove member msg_id.
+	(cyg_ldap::cyg_ldap): Change initialization accordingly.
+
+2014-05-22  Corinna Vinschen  <corinna@vinschen.de>
+
 	* sec_auth.cc (get_server_groups): Call get_user_local_groups only if
 	get_logon_server succeeded.
 
diff --git a/winsup/cygwin/autoload.cc b/winsup/cygwin/autoload.cc
index 822a30a44..fa2cd65c5 100644
--- a/winsup/cygwin/autoload.cc
+++ b/winsup/cygwin/autoload.cc
@@ -585,17 +585,18 @@ LoadDLLfunc (LocaleNameToLCID, 8, kernel32)
 #pragma push_macro ("mangle")
 #undef mangle
 #define mangle(name, n) #name
-LoadDLLfunc (ldap_abandon, 0, wldap32)
 LoadDLLfunc (ldap_bind_s, 0, wldap32)
+LoadDLLfunc (ldap_count_entries, 0, wldap32)
 LoadDLLfunc (ldap_count_valuesW, 0, wldap32)
 LoadDLLfunc (ldap_first_entry, 0, wldap32)
+LoadDLLfunc (ldap_get_next_page_s, 0, wldap32)
 LoadDLLfunc (ldap_get_valuesW, 0, wldap32)
 LoadDLLfunc (ldap_get_values_lenW, 0, wldap32)
 LoadDLLfunc (ldap_initW, 0, wldap32)
 LoadDLLfunc (ldap_memfreeW, 0, wldap32)
 LoadDLLfunc (ldap_next_entry, 0, wldap32)
-LoadDLLfunc (ldap_result, 0, wldap32)
-LoadDLLfunc (ldap_searchW, 0, wldap32)
+LoadDLLfunc (ldap_search_abandon_page, 0, wldap32)
+LoadDLLfunc (ldap_search_init_pageW, 0, wldap32)
 LoadDLLfunc (ldap_search_stW, 0, wldap32)
 LoadDLLfunc (ldap_set_option, 0, wldap32)
 LoadDLLfunc (ldap_sslinitW, 0, wldap32)
diff --git a/winsup/cygwin/ldap.cc b/winsup/cygwin/ldap.cc
index 89f9b37f2..72f16defb 100644
--- a/winsup/cygwin/ldap.cc
+++ b/winsup/cygwin/ldap.cc
@@ -182,10 +182,12 @@ err:
 void
 cyg_ldap::close ()
 {
-  if (msg_id != (ULONG) -1)
-    ldap_abandon (lh, msg_id);
+  if (srch_id != NULL)
+    ldap_search_abandon_page (lh, srch_id);
   if (lh)
     ldap_unbind (lh);
+  if (srch_msg)
+    ldap_memfreeW ((PWCHAR) srch_msg);
   if (msg)
     ldap_memfreeW ((PWCHAR) msg);
   if (val)
@@ -196,7 +198,8 @@ cyg_ldap::close ()
   msg = entry = NULL;
   val = NULL;
   rootdse = NULL;
-  msg_id = (ULONG) -1;
+  srch_id = NULL;
+  srch_msg = srch_entry = NULL;
 }
 
 bool
@@ -286,12 +289,13 @@ cyg_ldap::enumerate_ad_accounts (PCWSTR domain, bool group)
 		/* 1 == ACCOUNT_GROUP */
 		"(!(groupType:" LDAP_MATCHING_RULE_BIT_AND ":=1))"
 		"(objectSid=*))";
-  msg_id = ldap_searchW (lh, rootdse, LDAP_SCOPE_SUBTREE, (PWCHAR) filter,
-			 sid_attr, 0);
-  if (msg_id == (ULONG) -1)
+  srch_id = ldap_search_init_pageW (lh, rootdse, LDAP_SCOPE_SUBTREE,
+				    (PWCHAR) filter, sid_attr, 0,
+				    NULL, NULL, 3, 100, NULL);
+  if (srch_id == NULL)
     {
-      debug_printf ("ldap_searchW(%W,%W) error 0x%02x", rootdse, filter,
-		    LdapGetLastError ());
+      debug_printf ("ldap_search_init_pageW(%W,%W) error 0x%02x",
+		    rootdse, filter, LdapGetLastError ());
       return false;
     }
   return true;
@@ -303,29 +307,34 @@ cyg_ldap::next_account (cygsid &sid)
   ULONG ret;
   PLDAP_BERVAL *bval;
 
-  if (msg)
-    {
-      ldap_memfreeW ((PWCHAR) msg);
-      msg = entry = NULL;
-    }
-  if (val)
+  ULONG total;
+
+  if (srch_entry)
     {
-      ldap_value_freeW (val);
-      val = NULL;
+      if ((srch_entry = ldap_next_entry (lh, srch_entry))
+	  && (bval = ldap_get_values_lenW (lh, srch_entry, sid_attr[0])))
+	{
+	  sid = (PSID) bval[0]->bv_val;
+	  ldap_value_free_len (bval);
+	  return true;
+	}
+      ldap_memfreeW ((PWCHAR) srch_msg);
+      srch_msg = srch_entry = NULL;
     }
-  ret = ldap_result (lh, msg_id, LDAP_MSG_ONE, &tv, &msg);
-  if (ret == 0)
+  do
     {
-      debug_printf ("ldap_result() timeout!");
-      return false;
+      ret = ldap_get_next_page_s (lh, srch_id, &tv, 100, &total, &srch_msg);
     }
-  if (ret == (ULONG) -1)
+  while (ret == LDAP_SUCCESS && ldap_count_entries (lh, srch_msg) == 0);
+  if (ret == LDAP_NO_RESULTS_RETURNED)
+    return false;
+  if (ret != LDAP_SUCCESS)
     {
-      debug_printf ("ldap_result() error 0x%02x", LdapGetLastError ());
+      debug_printf ("ldap_result() error 0x%02x", ret);
       return false;
     }
-  if ((entry = ldap_first_entry (lh, msg))
-      && (bval = ldap_get_values_lenW (lh, entry, sid_attr[0])))
+  if ((srch_entry = ldap_first_entry (lh, srch_msg))
+      && (bval = ldap_get_values_lenW (lh, srch_entry, sid_attr[0])))
     {
       sid = (PSID) bval[0]->bv_val;
       ldap_value_free_len (bval);
diff --git a/winsup/cygwin/ldap.h b/winsup/cygwin/ldap.h
index a2bf0bde8..696fbebe0 100644
--- a/winsup/cygwin/ldap.h
+++ b/winsup/cygwin/ldap.h
@@ -33,7 +33,8 @@ class cyg_ldap {
   PWCHAR *val;
   PWCHAR *attr;
   bool isAD;
-  ULONG msg_id;
+  PLDAPSearch srch_id;
+  PLDAPMessage srch_msg, srch_entry;
 
   bool connect_ssl (PCWSTR domain);
   bool connect_non_ssl (PCWSTR domain);
@@ -43,8 +44,8 @@ class cyg_ldap {
   uint32_t get_num_attribute (int idx);
 
 public:
-  cyg_ldap () : lh (NULL), rootdse (NULL), msg (NULL), entry (NULL),
-		val (NULL), isAD (false), msg_id ((ULONG) -1)
+  cyg_ldap () : lh (NULL), rootdse (NULL), msg (NULL), entry (NULL), val (NULL),
+		isAD (false), srch_id (NULL), srch_msg (NULL), srch_entry (NULL)
   {}
   ~cyg_ldap () { close (); }