If an error occurs during a search and an operation exception is thrown, return the result code as part of the SearchResultDone message. This is how LDAP clients would expect it and how the RFC specifies that it would be done.

Currently, the operation exception comes as an unexpected message after the SearchResultDone which would be considered an unsolicited message from a clients perspective and would cause an immediate disconnected from the server.

Author: ChadSikorra

src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerPagingHandler.php

@@ -81,15 +81,36 @@ public function handleRequest(
         );
         $pagingRequest = $this->findOrMakePagingRequest($message);
 
-        $response = $this->handlePaging(
-            $context,
-            $pagingRequest,
-            $message
-        );
+        $response = null;
+        $controls = [];
+        try {
+            $response = $this->handlePaging(
+                $context,
+                $pagingRequest,
+                $message
+            );
+            $searchResult = ServerSearchResult::makeSuccessResult($response->getEntries());
+            $controls[] = new PagingControl(
+                $response->getRemaining(),
+                $response->isComplete()
+                    ? ''
+                    : $pagingRequest->getNextCookie()
+            );
+        } catch (OperationException $e) {
+            $searchResult = ServerSearchResult::makeErrorResult(
+                $e->getCode(),
+                '',
+                $e->getMessage()
+            );
+            $controls[] = new PagingControl(
+                0,
+                $pagingRequest->getCookie()
+            );
+        }
 
         $pagingRequest->markProcessed();
 
-        if ($response->isComplete()) {
+        if ($response && $response->isComplete()) {
             $this->requestHistory->pagingRequest()
                 ->remove($pagingRequest);
             $this->pagingHandler->remove(
@@ -99,13 +120,10 @@ public function handleRequest(
         }
 
         $this->sendEntriesToClient(
-            $response->getEntries(),
+            $searchResult,
             $message,
             $queue,
-            new PagingControl(
-                $response->getRemaining(),
-                $response->isComplete() ? '' : $pagingRequest->getNextCookie()
-            )
+            ...$controls
         );
     }
 

src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerPagingUnsupportedHandler.php

@@ -60,13 +60,20 @@ public function handleRequest(
             );
         }
 
-        $entries = $dispatcher->search(
-            $context,
-            $request
-        );
+        try {
+            $searchResult = ServerSearchResult::makeSuccessResult($dispatcher->search(
+                $context,
+                $request
+            ));
+        } catch (OperationException $e) {
+            $searchResult = ServerSearchResult::makeErrorResult(
+                $e->getCode(),
+                $e->getMessage()
+            );
+        }
 
         $this->sendEntriesToClient(
-            $entries,
+            $searchResult,
             $message,
             $queue
         );

src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerSearchHandler.php

@@ -11,6 +11,7 @@
 
 namespace FreeDSx\Ldap\Protocol\ServerProtocolHandler;
 
+use FreeDSx\Ldap\Exception\OperationException;
 use FreeDSx\Ldap\Protocol\LdapMessageRequest;
 use FreeDSx\Ldap\Protocol\Queue\ServerQueue;
 use FreeDSx\Ldap\Server\RequestContext;
@@ -42,13 +43,20 @@ public function handleRequest(
         );
         $request = $this->getSearchRequestFromMessage($message);
 
-        $entries = $dispatcher->search(
-            $context,
-            $request
-        );
+        try {
+            $searchResult = ServerSearchResult::makeSuccessResult($dispatcher->search(
+                $context,
+                $request
+            ));
+        } catch (OperationException $e) {
+            $searchResult = ServerSearchResult::makeErrorResult(
+                $e->getCode(),
+                $e->getMessage()
+            );
+        }
 
         $this->sendEntriesToClient(
-            $entries,
+            $searchResult,
             $message,
             $queue
         );

src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerSearchResult.php

@@ -0,0 +1,111 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * This file is part of the FreeDSx LDAP package.
+ *
+ * (c) Chad Sikorra <Chad.Sikorra@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace FreeDSx\Ldap\Protocol\ServerProtocolHandler;
+
+use FreeDSx\Ldap\Entry\Entries;
+use FreeDSx\Ldap\Exception\InvalidArgumentException;
+use FreeDSx\Ldap\Operation\ResultCode;
+
+final class ServerSearchResult
+{
+    /**
+     * @var Entries|null
+     */
+    private $entries;
+
+    /**
+     * @var string
+     */
+    private $baseDn;
+
+    /**
+     * @var int
+     */
+    private $resultCode;
+
+    /**
+     * @var string
+     */
+    private $diagnosticMessage;
+
+    private function __construct(
+        ?Entries $entries,
+        string $baseDn = '',
+        int $resultCode = ResultCode::SUCCESS,
+        string $diagnosticMessage = ''
+    ) {
+        $this->entries = $entries;
+        $this->baseDn = $baseDn;
+        $this->resultCode = $resultCode;
+        $this->diagnosticMessage = $diagnosticMessage;
+    }
+
+    /**
+     * Make a successful server search result representation.
+     */
+    public static function makeSuccessResult(
+        Entries $entries,
+        string $baseDn = '',
+        string $diagnosticMessage = ''
+    ): self {
+        return new self(
+            $entries,
+            $baseDn,
+            ResultCode::SUCCESS,
+            $diagnosticMessage
+        );
+    }
+
+    /**
+     * Make an error result for server search result representation. This could occur for any reason, such as a base DN
+     * not existing. This result MUST not return a success result code.
+     */
+    public static function makeErrorResult(
+        int $resultCode,
+        string $baseDn = '',
+        string $diagnosticMessage = '',
+        ?Entries $entries = null
+    ): self {
+        if ($resultCode === ResultCode::SUCCESS) {
+            throw new InvalidArgumentException('You must not return a success result code on a search error.');
+        }
+
+        return new self(
+            $entries,
+            $baseDn,
+            $resultCode,
+            $diagnosticMessage
+        );
+    }
+
+    public function getEntries(): ?Entries
+    {
+        return $this->entries;
+    }
+
+    public function getResultCode(): int
+    {
+        return $this->resultCode;
+    }
+
+    public function getDiagnosticMessage(): string
+    {
+        return $this->diagnosticMessage;
+    }
+
+    public function getBaseDn(): string
+    {
+        return $this->baseDn;
+    }
+}

src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerSearchTrait.php

@@ -27,29 +27,36 @@
 trait ServerSearchTrait
 {
     /**
-     * @param Entries $entries
+     * @param ServerSearchResult $searchResult
      * @param LdapMessageRequest $message
      * @param ServerQueue $queue
      * @return void
      */
     private function sendEntriesToClient(
-        Entries $entries,
+        ServerSearchResult $searchResult,
         LdapMessageRequest $message,
         ServerQueue $queue,
         Control ...$controls
     ): void {
         $messages = [];
+        $entries = $searchResult->getEntries();
 
-        foreach ($entries->toArray() as $entry) {
-            $messages[] = new LdapMessageResponse(
-                $message->getMessageId(),
-                new SearchResultEntry($entry)
-            );
+        if ($entries !== null) {
+            foreach ($entries->toArray() as $entry) {
+                $messages[] = new LdapMessageResponse(
+                    $message->getMessageId(),
+                    new SearchResultEntry($entry)
+                );
+            }
         }
 
         $messages[] = new LdapMessageResponse(
             $message->getMessageId(),
-            new SearchResultDone(ResultCode::SUCCESS),
+            new SearchResultDone(
+                $searchResult->getResultCode(),
+                $searchResult->getBaseDn(),
+                $searchResult->getDiagnosticMessage()
+            ),
             ...$controls
         );
 

tests/spec/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerPagingHandlerSpec.php

@@ -18,7 +18,9 @@
 use FreeDSx\Ldap\Entry\Entry;
 use FreeDSx\Ldap\Exception\OperationException;
 use FreeDSx\Ldap\Operation\Request\SearchRequest;
+use FreeDSx\Ldap\Operation\Response\SearchResultDone;
 use FreeDSx\Ldap\Operation\Response\SearchResultEntry;
+use FreeDSx\Ldap\Operation\ResultCode;
 use FreeDSx\Ldap\Protocol\LdapMessageRequest;
 use FreeDSx\Ldap\Protocol\LdapMessageResponse;
 use FreeDSx\Ldap\Protocol\Queue\ServerQueue;
@@ -209,13 +211,27 @@ public function it_throws_an_exception_if_the_old_and_new_paging_requests_are_di
         $pagingHandler->remove(Argument::any(), Argument::any())
             ->shouldNotBeCalled();
 
-        $this->shouldThrow(new OperationException("The search request and controls must be identical between paging requests."))->during('handleRequest', [
+         $queue->sendMessage(new LdapMessageResponse(
+            $message->getMessageId(),
+            new SearchResultDone(
+                ResultCode::OPERATIONS_ERROR,
+                '',
+                "The search request and controls must be identical between paging requests."
+            ),
+            ...[new PagingControl(
+                0,
+                'bar'
+            )]
+        ))->shouldBeCalled()
+            ->willReturn($queue);
+
+        $this->handleRequest(
             $message,
             $token,
             $handler,
             $queue,
             []
-        ]);
+        );
     }
 
     public function it_throws_an_exception_if_the_paging_cookie_does_not_exist(