Bug 692991 - rhds82 - windows_tot_run: failed to obtain data to send to the consumer; LDAP error - -1

https://bugzilla.redhat.com/show_bug.cgi?id=692991
Resolves: bug 692991
Bug Description: windows_tot_run: failed to obtain data to send to the consumer; LDAP error - -1
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: I could not reproduce the problem.  I could not figure out
a way to get Windows to let me add a user-type entry with child entries.
The GUI does not even have this option.  Using ldapmodify results in a
Naming Violation.  I suspect Exchange somehow tweaks AD to allow this
sort of dit structure.  I'm pretty sure the problem is that we are doing
a scope SUBTREE search to get the user's entry and we are running into a
SIZELIMIT_EXCEEDED.  The solution is to just do an LDAP_SCOPE_BASE search
to get the single entry to operate on.  I had to extend
windows_search_entry_ext to add a scope parameter.  Since the old default
was to do a SUBTREE search, I made windows_search_entry use that.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no

ldap/servers/plugins/replication/windows_connection.c

@@ -618,12 +618,12 @@ windows_LDAPMessage2Entry(Repl_Connection *conn, LDAPMessage * msg, int attrsonl
 ConnResult
 windows_search_entry(Repl_Connection *conn, char* searchbase, char *filter, Slapi_Entry **entry)
 {
-	return windows_search_entry_ext(conn, searchbase, filter, entry, NULL);
+	return windows_search_entry_ext(conn, searchbase, filter, entry, NULL, LDAP_SCOPE_SUBTREE);
 }
 
 /* Perform a simple search against Windows with optional controls */
 ConnResult
-windows_search_entry_ext(Repl_Connection *conn, char* searchbase, char *filter, Slapi_Entry **entry, LDAPControl **serverctrls)
+windows_search_entry_ext(Repl_Connection *conn, char* searchbase, char *filter, Slapi_Entry **entry, LDAPControl **serverctrls, int scope)
 {
 	ConnResult return_value = 0;
 
@@ -642,7 +642,6 @@ windows_search_entry_ext(Repl_Connection *conn, char* searchbase, char *filter,
 		int ldap_rc = 0;
 		LDAPMessage *res = NULL;
 		char *searchbase_copy = slapi_ch_strdup(searchbase);
-		int scope = LDAP_SCOPE_SUBTREE;
 		char *filter_copy = slapi_ch_strdup(filter);
 		char **attrs = NULL;
 		LDAPControl **serverctrls_copy = NULL;

ldap/servers/plugins/replication/windows_protocol_util.c

@@ -2773,7 +2773,7 @@ windows_get_remote_entry (Private_Repl_Protocol *prp, const Slapi_DN* remote_dn,
 	Slapi_Entry *found_entry = NULL;
 
 	searchbase = slapi_sdn_get_dn(remote_dn);
-	cres = windows_search_entry(prp->conn, (char*)searchbase, filter, &found_entry);
+	cres = windows_search_entry_ext(prp->conn, (char*)searchbase, filter, &found_entry, NULL, LDAP_SCOPE_BASE);
 	if (cres)
 	{
 		retval = -1;
@@ -2806,7 +2806,7 @@ windows_get_remote_tombstone (Private_Repl_Protocol *prp, const Slapi_DN* remote
 
 	searchbase = slapi_sdn_get_dn(remote_dn);
 	cres = windows_search_entry_ext(prp->conn, (char*)searchbase, filter,
-				&found_entry, server_controls);
+									&found_entry, server_controls, LDAP_SCOPE_SUBTREE);
 	if (cres) {
 		retval = -1;
 	} else {
@@ -4791,8 +4791,8 @@ retry:
 				char *filter = "(objectclass=*)";
 
 				retried = 1;
-				cres = windows_search_entry(prp->conn, (char*)searchbase, 
-											filter, &found_entry);
+				cres = windows_search_entry_ext(prp->conn, (char*)searchbase, 
+												filter, &found_entry, NULL, LDAP_SCOPE_BASE);
 				if (0 == cres && found_entry) {
 					/* 
 					 * Entry e originally allocated in windows_dirsync_inc_run

ldap/servers/plugins/replication/windowsrepl.h

@@ -51,7 +51,7 @@ const Slapi_DN* windows_private_get_directory_subtree (const Repl_Agmt *ra);
 LDAPControl* windows_private_dirsync_control(const Repl_Agmt *ra);
 ConnResult send_dirsync_search(Repl_Connection *conn);
 ConnResult windows_search_entry(Repl_Connection *conn, char* searchbase, char *filter, Slapi_Entry **entry);
-ConnResult windows_search_entry_ext(Repl_Connection *conn, char* searchbase, char *filter, Slapi_Entry **entry, LDAPControl **serverctrls);
+ConnResult windows_search_entry_ext(Repl_Connection *conn, char* searchbase, char *filter, Slapi_Entry **entry, LDAPControl **serverctrls, int scope);
 Slapi_Entry *windows_conn_get_search_result(Repl_Connection *conn );
 void windows_private_update_dirsync_control(const Repl_Agmt *ra,LDAPControl **controls );
 PRBool windows_private_dirsync_has_more(const Repl_Agmt *ra);