From 3521fccff4ce45ef3027be9e816acefde958ab80 Mon Sep 17 00:00:00 2001
From: James Elliott <james-d-elliott@users.noreply.github.com>
Date: Sat, 30 Apr 2022 12:59:18 +1000
Subject: [PATCH 1/4] feat: return referrals for search operation

In the instance of an LDAP Error code 10 during searches, this change should similarly return referrals to other methods.
---
 search.go    | 30 ++++++++++++++++++++++++++----
 v3/search.go | 38 +++++++++++++++++++++++++-------------
 2 files changed, 51 insertions(+), 17 deletions(-)

diff --git a/search.go b/search.go
index 35fc2497..65cf8b08 100644
--- a/search.go
+++ b/search.go
@@ -372,15 +372,35 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 		}
 
 		switch packet.Children[1].Tag {
-		case 4:
+		case ApplicationSearchResultEntry:
 			entry := &Entry{
 				DN:         packet.Children[1].Children[0].Value.(string),
 				Attributes: unpackAttributes(packet.Children[1].Children[1].Children),
 			}
 			result.Entries = append(result.Entries, entry)
-		case 5:
+		case ApplicationSearchResultDone:
 			err := GetLDAPError(packet)
 			if err != nil {
+				if IsErrorWithCode(err, LDAPResultReferral) && len(packet.Children) >= 2 {
+					var (
+						referral string
+						ok       bool
+					)
+
+					for _, child := range packet.Children[1].Children {
+						if child.Tag == 3 && len(child.Children) >= 1 {
+							if referral, ok = child.Children[0].Value.(string); !ok {
+								continue
+							}
+						}
+					}
+
+					if referral != "" {
+						result.Referrals = append(result.Referrals, referral)
+						continue
+					}
+				}
+
 				return result, err
 			}
 			if len(packet.Children) == 3 {
@@ -393,8 +413,10 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 				}
 			}
 			return result, nil
-		case 19:
-			result.Referrals = append(result.Referrals, packet.Children[1].Children[0].Value.(string))
+		case ApplicationSearchResultReference:
+			if len(packet.Children) >= 2 && len(packet.Children[1].Children) >= 1 {
+				result.Referrals = append(result.Referrals, packet.Children[1].Children[0].Value.(string))
+			}
 		}
 	}
 }
diff --git a/v3/search.go b/v3/search.go
index 35fc2497..0e22048c 100644
--- a/v3/search.go
+++ b/v3/search.go
@@ -372,29 +372,41 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 		}
 
 		switch packet.Children[1].Tag {
-		case 4:
+		case ApplicationSearchResultEntry:
 			entry := &Entry{
 				DN:         packet.Children[1].Children[0].Value.(string),
 				Attributes: unpackAttributes(packet.Children[1].Children[1].Children),
 			}
 			result.Entries = append(result.Entries, entry)
-		case 5:
+		case ApplicationSearchResultDone:
 			err := GetLDAPError(packet)
 			if err != nil {
-				return result, err
-			}
-			if len(packet.Children) == 3 {
-				for _, child := range packet.Children[2].Children {
-					decodedChild, err := DecodeControl(child)
-					if err != nil {
-						return result, fmt.Errorf("failed to decode child control: %s", err)
+				if IsErrorWithCode(err, LDAPResultReferral) && len(packet.Children) >= 2 {
+					var (
+						referral string
+						ok       bool
+					)
+
+					for _, child := range packet.Children[1].Children {
+						if child.Tag == 3 && len(child.Children) >= 1 {
+							if referral, ok = child.Children[0].Value.(string); !ok {
+								continue
+							}
+						}
+					}
+
+					if referral != "" {
+						result.Referrals = append(result.Referrals, referral)
+						continue
 					}
-					result.Controls = append(result.Controls, decodedChild)
 				}
+
+				return result, err
+			}
+		case ApplicationSearchResultReference:
+			if len(packet.Children) >= 2 && len(packet.Children[1].Children) >= 1 {
+				result.Referrals = append(result.Referrals, packet.Children[1].Children[0].Value.(string))
 			}
-			return result, nil
-		case 19:
-			result.Referrals = append(result.Referrals, packet.Children[1].Children[0].Value.(string))
 		}
 	}
 }

From 52a9100db92d59cb419bb982606c124670c66430 Mon Sep 17 00:00:00 2001
From: James Elliott <james-d-elliott@users.noreply.github.com>
Date: Sat, 30 Apr 2022 13:05:07 +1000
Subject: [PATCH 2/4] fix: linting

---
 search.go    | 8 +++++---
 v3/search.go | 8 +++++---
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/search.go b/search.go
index 65cf8b08..f60b3b0d 100644
--- a/search.go
+++ b/search.go
@@ -389,13 +389,15 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 
 					for _, child := range packet.Children[1].Children {
 						if child.Tag == 3 && len(child.Children) >= 1 {
-							if referral, ok = child.Children[0].Value.(string); !ok {
-								continue
+							referral, ok = child.Children[0].Value.(string)
+
+							if ok {
+								break
 							}
 						}
 					}
 
-					if referral != "" {
+					if ok {
 						result.Referrals = append(result.Referrals, referral)
 						continue
 					}
diff --git a/v3/search.go b/v3/search.go
index 0e22048c..4e454550 100644
--- a/v3/search.go
+++ b/v3/search.go
@@ -389,13 +389,15 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 
 					for _, child := range packet.Children[1].Children {
 						if child.Tag == 3 && len(child.Children) >= 1 {
-							if referral, ok = child.Children[0].Value.(string); !ok {
-								continue
+							referral, ok = child.Children[0].Value.(string)
+
+							if ok {
+								break
 							}
 						}
 					}
 
-					if referral != "" {
+					if ok {
 						result.Referrals = append(result.Referrals, referral)
 						continue
 					}

From 2aca9fd8a6e53362eb0eb475ea5250d3503fbb7e Mon Sep 17 00:00:00 2001
From: James Elliott <james-d-elliott@users.noreply.github.com>
Date: Sat, 30 Apr 2022 13:20:51 +1000
Subject: [PATCH 3/4] refactor: utilize asn.1 ber consts

---
 search.go    | 2 +-
 v3/search.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/search.go b/search.go
index f60b3b0d..33655496 100644
--- a/search.go
+++ b/search.go
@@ -388,7 +388,7 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 					)
 
 					for _, child := range packet.Children[1].Children {
-						if child.Tag == 3 && len(child.Children) >= 1 {
+						if child.Tag == ber.TagBitString && len(child.Children) >= 1 {
 							referral, ok = child.Children[0].Value.(string)
 
 							if ok {
diff --git a/v3/search.go b/v3/search.go
index 4e454550..78623dab 100644
--- a/v3/search.go
+++ b/v3/search.go
@@ -388,7 +388,7 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 					)
 
 					for _, child := range packet.Children[1].Children {
-						if child.Tag == 3 && len(child.Children) >= 1 {
+						if child.Tag == ber.TagBitString && len(child.Children) >= 1 {
 							referral, ok = child.Children[0].Value.(string)
 
 							if ok {

From 2e774f6143894b0204be22c5d45cd6c43f89ada6 Mon Sep 17 00:00:00 2001
From: James Elliott <james-d-elliott@users.noreply.github.com>
Date: Sat, 30 Apr 2022 14:33:52 +1000
Subject: [PATCH 4/4] fix: restore accidentally deleted section

---
 v3/search.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/v3/search.go b/v3/search.go
index 78623dab..33655496 100644
--- a/v3/search.go
+++ b/v3/search.go
@@ -405,6 +405,16 @@ func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) {
 
 				return result, err
 			}
+			if len(packet.Children) == 3 {
+				for _, child := range packet.Children[2].Children {
+					decodedChild, err := DecodeControl(child)
+					if err != nil {
+						return result, fmt.Errorf("failed to decode child control: %s", err)
+					}
+					result.Controls = append(result.Controls, decodedChild)
+				}
+			}
+			return result, nil
 		case ApplicationSearchResultReference:
 			if len(packet.Children) >= 2 && len(packet.Children[1].Children) >= 1 {
 				result.Referrals = append(result.Referrals, packet.Children[1].Children[0].Value.(string))