]> git.sur5r.net Git - openldap/blob - libraries/libldap/schema.c
66c228eb0245b2d1578281333b61c1f797be42b8
[openldap] / libraries / libldap / schema.c
1 /* $OpenLDAP$ */
2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
3  *
4  * Copyright 1998-2003 The OpenLDAP Foundation.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted only as authorized by the OpenLDAP
9  * Public License.
10  *
11  * A copy of this license is available in the file LICENSE in the
12  * top-level directory of the distribution or, alternatively, at
13  * <http://www.OpenLDAP.org/license.html>.
14  */
15
16 /*
17  * schema.c:  parsing routines used by servers and clients to process
18  *      schema definitions
19  */
20
21 #include "portable.h"
22
23 #include <stdio.h>
24 #include <ac/stdlib.h>
25
26 #include <ac/string.h>
27 #include <ac/time.h>
28
29 #include "ldap-int.h"
30
31 #include <ldap_schema.h>
32
33 static const char *
34 choose_name( char *names[], const char *fallback )
35 {
36         return (names != NULL && names[0] != NULL) ? names[0] : fallback;
37 }
38
39 LDAP_CONST char *
40 ldap_syntax2name( LDAPSyntax * syn )
41 {
42         return( syn->syn_oid );
43 }
44
45 LDAP_CONST char *
46 ldap_matchingrule2name( LDAPMatchingRule * mr )
47 {
48         return( choose_name( mr->mr_names, mr->mr_oid ) );
49 }
50
51 LDAP_CONST char *
52 ldap_matchingruleuse2name( LDAPMatchingRuleUse * mru )
53 {
54         return( choose_name( mru->mru_names, mru->mru_oid ) );
55 }
56
57 LDAP_CONST char *
58 ldap_attributetype2name( LDAPAttributeType * at )
59 {
60         return( choose_name( at->at_names, at->at_oid ) );
61 }
62
63 LDAP_CONST char *
64 ldap_objectclass2name( LDAPObjectClass * oc )
65 {
66         return( choose_name( oc->oc_names, oc->oc_oid ) );
67 }
68
69 LDAP_CONST char *
70 ldap_contentrule2name( LDAPContentRule * cr )
71 {
72         return( choose_name( cr->cr_names, cr->cr_oid ) );
73 }
74
75 LDAP_CONST char *
76 ldap_nameform2name( LDAPNameForm * nf )
77 {
78         return( choose_name( nf->nf_names, nf->nf_oid ) );
79 }
80
81 LDAP_CONST char *
82 ldap_structurerule2name( LDAPStructureRule * sr )
83 {
84         return( choose_name( sr->sr_names, NULL ) );
85 }
86
87 /*
88  * When pretty printing the entities we will be appending to a buffer.
89  * Since checking for overflow, realloc'ing and checking if no error
90  * is extremely boring, we will use a protection layer that will let
91  * us blissfully ignore the error until the end.  This layer is
92  * implemented with the help of the next type.
93  */
94
95 typedef struct safe_string {
96         char * val;
97         ber_len_t size;
98         ber_len_t pos;
99         int at_whsp;
100 } safe_string;
101
102 static safe_string *
103 new_safe_string(int size)
104 {
105         safe_string * ss;
106         
107         ss = LDAP_MALLOC(sizeof(safe_string));
108         if ( !ss )
109                 return(NULL);
110
111         ss->val = LDAP_MALLOC(size);
112         if ( !ss->val ) {
113                 LDAP_FREE(ss);
114                 return(NULL);
115         }
116
117         ss->size = size;
118         ss->pos = 0;
119         ss->at_whsp = 0;
120
121         return ss;
122 }
123
124 static void
125 safe_string_free(safe_string * ss)
126 {
127         if ( !ss )
128                 return;
129         LDAP_FREE(ss->val);
130         LDAP_FREE(ss);
131 }
132
133 #if 0   /* unused */
134 static char *
135 safe_string_val(safe_string * ss)
136 {
137         ss->val[ss->pos] = '\0';
138         return(ss->val);
139 }
140 #endif
141
142 static char *
143 safe_strdup(safe_string * ss)
144 {
145         char *ret = LDAP_MALLOC(ss->pos+1);
146         if (!ret)
147                 return NULL;
148         AC_MEMCPY(ret, ss->val, ss->pos);
149         ret[ss->pos] = '\0';
150         return ret;
151 }
152
153 static int
154 append_to_safe_string(safe_string * ss, char * s)
155 {
156         int l = strlen(s);
157         char * temp;
158
159         /*
160          * Some runaway process is trying to append to a string that
161          * overflowed and we could not extend.
162          */
163         if ( !ss->val )
164                 return -1;
165
166         /* We always make sure there is at least one position available */
167         if ( ss->pos + l >= ss->size-1 ) {
168                 ss->size *= 2;
169                 if ( ss->pos + l >= ss->size-1 ) {
170                         ss->size = ss->pos + l + 1;
171                 }
172
173                 temp = LDAP_REALLOC(ss->val, ss->size);
174                 if ( !temp ) {
175                         /* Trouble, out of memory */
176                         LDAP_FREE(ss->val);
177                         return -1;
178                 }
179                 ss->val = temp;
180         }
181         strncpy(&ss->val[ss->pos], s, l);
182         ss->pos += l;
183         if ( ss->pos > 0 && LDAP_SPACE(ss->val[ss->pos-1]) )
184                 ss->at_whsp = 1;
185         else
186                 ss->at_whsp = 0;
187
188         return 0;
189 }
190
191 static int
192 print_literal(safe_string *ss, char *s)
193 {
194         return(append_to_safe_string(ss,s));
195 }
196
197 static int
198 print_whsp(safe_string *ss)
199 {
200         if ( ss->at_whsp )
201                 return(append_to_safe_string(ss,""));
202         else
203                 return(append_to_safe_string(ss," "));
204 }
205
206 static int
207 print_numericoid(safe_string *ss, char *s)
208 {
209         if ( s )
210                 return(append_to_safe_string(ss,s));
211         else
212                 return(append_to_safe_string(ss,""));
213 }
214
215 /* This one is identical to print_qdescr */
216 static int
217 print_qdstring(safe_string *ss, char *s)
218 {
219         print_whsp(ss);
220         print_literal(ss,"'");
221         append_to_safe_string(ss,s);
222         print_literal(ss,"'");
223         return(print_whsp(ss));
224 }
225
226 static int
227 print_qdescr(safe_string *ss, char *s)
228 {
229         print_whsp(ss);
230         print_literal(ss,"'");
231         append_to_safe_string(ss,s);
232         print_literal(ss,"'");
233         return(print_whsp(ss));
234 }
235
236 static int
237 print_qdescrlist(safe_string *ss, char **sa)
238 {
239         char **sp;
240         int ret = 0;
241         
242         for (sp=sa; *sp; sp++) {
243                 ret = print_qdescr(ss,*sp);
244         }
245         /* If the list was empty, we return zero that is potentially
246          * incorrect, but since we will be still appending things, the
247          * overflow will be detected later.  Maybe FIX.
248          */
249         return(ret);
250 }
251
252 static int
253 print_qdescrs(safe_string *ss, char **sa)
254 {
255         /* The only way to represent an empty list is as a qdescrlist
256          * so, if the list is empty we treat it as a long list.
257          * Really, this is what the syntax mandates.  We should not
258          * be here if the list was empty, but if it happens, a label
259          * has already been output and we cannot undo it.
260          */
261         if ( !sa[0] || ( sa[0] && sa[1] ) ) {
262                 print_whsp(ss);
263                 print_literal(ss,"("/*)*/);
264                 print_qdescrlist(ss,sa);
265                 print_literal(ss,/*(*/")");
266                 return(print_whsp(ss));
267         } else {
268           return(print_qdescr(ss,*sa));
269         }
270 }
271
272 static int
273 print_woid(safe_string *ss, char *s)
274 {
275         print_whsp(ss);
276         append_to_safe_string(ss,s);
277         return print_whsp(ss);
278 }
279
280 static int
281 print_oidlist(safe_string *ss, char **sa)
282 {
283         char **sp;
284
285         for (sp=sa; *(sp+1); sp++) {
286                 print_woid(ss,*sp);
287                 print_literal(ss,"$");
288         }
289         return(print_woid(ss,*sp));
290 }
291
292 static int
293 print_oids(safe_string *ss, char **sa)
294 {
295         if ( sa[0] && sa[1] ) {
296                 print_literal(ss,"("/*)*/);
297                 print_oidlist(ss,sa);
298                 print_whsp(ss);
299                 return(print_literal(ss,/*(*/")"));
300         } else {
301                 return(print_woid(ss,*sa));
302         }
303 }
304
305 static int
306 print_noidlen(safe_string *ss, char *s, int l)
307 {
308         char buf[64];
309         int ret;
310
311         ret = print_numericoid(ss,s);
312         if ( l ) {
313                 snprintf(buf, sizeof buf, "{%d}",l);
314                 ret = print_literal(ss,buf);
315         }
316         return(ret);
317 }
318
319 static int
320 print_ruleid(safe_string *ss, int rid)
321 {
322         char buf[64];
323         snprintf(buf, sizeof buf, "%d", rid);
324         return print_literal(ss,buf);
325 }
326
327 static int
328 print_ruleids(safe_string *ss, int n, int *rids)
329 {
330         int i;
331
332         if( n == 1 ) {
333                 print_ruleid(ss,rids[0]);
334                 return print_whsp(ss);
335         } else {
336                 print_literal(ss,"("/*)*/);
337                 for( i=0; i<n; i++ ) {
338                         print_whsp(ss);
339                         print_ruleid(ss,rids[i]);
340                 }
341                 print_whsp(ss);
342                 return print_literal(ss,/*(*/")");
343         }
344 }
345
346
347 static int
348 print_extensions(safe_string *ss, LDAPSchemaExtensionItem **extensions)
349 {
350         LDAPSchemaExtensionItem **ext;
351
352         if ( extensions ) {
353                 print_whsp(ss);
354                 for ( ext = extensions; *ext != NULL; ext++ ) {
355                         print_literal(ss, (*ext)->lsei_name);
356                         print_whsp(ss);
357                         /* Should be print_qdstrings */
358                         print_qdescrs(ss, (*ext)->lsei_values);
359                         print_whsp(ss);
360                 }
361         }
362
363         return 0;
364 }
365
366 char *
367 ldap_syntax2str( LDAPSyntax * syn )
368 {
369         struct berval bv;
370         if (ldap_syntax2bv( syn, &bv ))
371                 return(bv.bv_val);
372         else
373                 return NULL;
374 }
375
376 struct berval *
377 ldap_syntax2bv( LDAPSyntax * syn, struct berval *bv )
378 {
379         safe_string * ss;
380         
381         ss = new_safe_string(256);
382         if ( !ss )
383                 return NULL;
384
385         print_literal(ss,"("/*)*/);
386         print_whsp(ss);
387
388         print_numericoid(ss, syn->syn_oid);
389         print_whsp(ss);
390
391         if ( syn->syn_desc ) {
392                 print_literal(ss,"DESC");
393                 print_qdstring(ss,syn->syn_desc);
394         }
395
396         print_whsp(ss);
397
398         print_extensions(ss, syn->syn_extensions);
399
400         print_literal(ss,/*(*/ ")");
401
402         bv->bv_val = safe_strdup(ss);
403         bv->bv_len = ss->pos;
404         safe_string_free(ss);
405         return(bv);
406 }
407
408 char *
409 ldap_matchingrule2str( LDAPMatchingRule * mr )
410 {
411         struct berval bv;
412         if (ldap_matchingrule2bv( mr, &bv ))
413                 return(bv.bv_val);
414         else
415                 return NULL;
416 }
417
418 struct berval *
419 ldap_matchingrule2bv( LDAPMatchingRule * mr, struct berval *bv )
420 {
421         safe_string * ss;
422         
423         ss = new_safe_string(256);
424         if ( !ss )
425                 return NULL;
426
427         print_literal(ss,"(" /*)*/);
428         print_whsp(ss);
429
430         print_numericoid(ss, mr->mr_oid);
431         print_whsp(ss);
432
433         if ( mr->mr_names ) {
434                 print_literal(ss,"NAME");
435                 print_qdescrs(ss,mr->mr_names);
436         }
437
438         if ( mr->mr_desc ) {
439                 print_literal(ss,"DESC");
440                 print_qdstring(ss,mr->mr_desc);
441         }
442
443         if ( mr->mr_obsolete ) {
444                 print_literal(ss, "OBSOLETE");
445                 print_whsp(ss);
446         }
447
448         if ( mr->mr_syntax_oid ) {
449                 print_literal(ss,"SYNTAX");
450                 print_whsp(ss);
451                 print_literal(ss, mr->mr_syntax_oid);
452                 print_whsp(ss);
453         }
454
455         print_whsp(ss);
456
457         print_extensions(ss, mr->mr_extensions);
458
459         print_literal(ss,/*(*/")");
460
461         bv->bv_val = safe_strdup(ss);
462         bv->bv_len = ss->pos;
463         safe_string_free(ss);
464         return(bv);
465 }
466
467 char *
468 ldap_matchingruleuse2str( LDAPMatchingRuleUse * mru )
469 {
470         struct berval bv;
471         if (ldap_matchingruleuse2bv( mru, &bv ))
472                 return(bv.bv_val);
473         else
474                 return NULL;
475 }
476
477 struct berval *
478 ldap_matchingruleuse2bv( LDAPMatchingRuleUse * mru, struct berval *bv )
479 {
480         safe_string * ss;
481         
482         ss = new_safe_string(256);
483         if ( !ss )
484                 return NULL;
485
486         print_literal(ss,"(" /*)*/);
487         print_whsp(ss);
488
489         print_numericoid(ss, mru->mru_oid);
490         print_whsp(ss);
491
492         if ( mru->mru_names ) {
493                 print_literal(ss,"NAME");
494                 print_qdescrs(ss,mru->mru_names);
495         }
496
497         if ( mru->mru_desc ) {
498                 print_literal(ss,"DESC");
499                 print_qdstring(ss,mru->mru_desc);
500         }
501
502         if ( mru->mru_obsolete ) {
503                 print_literal(ss, "OBSOLETE");
504                 print_whsp(ss);
505         }
506
507         if ( mru->mru_applies_oids ) {
508                 print_literal(ss,"APPLIES");
509                 print_whsp(ss);
510                 print_oids(ss, mru->mru_applies_oids);
511                 print_whsp(ss);
512         }
513
514         print_whsp(ss);
515
516         print_extensions(ss, mru->mru_extensions);
517
518         print_literal(ss,/*(*/")");
519
520         bv->bv_val = safe_strdup(ss);
521         bv->bv_len = ss->pos;
522         safe_string_free(ss);
523         return(bv);
524 }
525
526 char *
527 ldap_objectclass2str( LDAPObjectClass * oc )
528 {
529         struct berval bv;
530         if (ldap_objectclass2bv( oc, &bv ))
531                 return(bv.bv_val);
532         else
533                 return NULL;
534 }
535
536 struct berval *
537 ldap_objectclass2bv( LDAPObjectClass * oc, struct berval *bv )
538 {
539         safe_string * ss;
540         
541         ss = new_safe_string(256);
542         if ( !ss )
543                 return NULL;
544
545         print_literal(ss,"("/*)*/);
546         print_whsp(ss);
547
548         print_numericoid(ss, oc->oc_oid);
549         print_whsp(ss);
550
551         if ( oc->oc_names ) {
552                 print_literal(ss,"NAME");
553                 print_qdescrs(ss,oc->oc_names);
554         }
555
556         if ( oc->oc_desc ) {
557                 print_literal(ss,"DESC");
558                 print_qdstring(ss,oc->oc_desc);
559         }
560
561         if ( oc->oc_obsolete ) {
562                 print_literal(ss, "OBSOLETE");
563                 print_whsp(ss);
564         }
565
566         if ( oc->oc_sup_oids ) {
567                 print_literal(ss,"SUP");
568                 print_whsp(ss);
569                 print_oids(ss,oc->oc_sup_oids);
570                 print_whsp(ss);
571         }
572
573         switch (oc->oc_kind) {
574         case LDAP_SCHEMA_ABSTRACT:
575                 print_literal(ss,"ABSTRACT");
576                 break;
577         case LDAP_SCHEMA_STRUCTURAL:
578                 print_literal(ss,"STRUCTURAL");
579                 break;
580         case LDAP_SCHEMA_AUXILIARY:
581                 print_literal(ss,"AUXILIARY");
582                 break;
583         default:
584                 print_literal(ss,"KIND-UNKNOWN");
585                 break;
586         }
587         print_whsp(ss);
588         
589         if ( oc->oc_at_oids_must ) {
590                 print_literal(ss,"MUST");
591                 print_whsp(ss);
592                 print_oids(ss,oc->oc_at_oids_must);
593                 print_whsp(ss);
594         }
595
596         if ( oc->oc_at_oids_may ) {
597                 print_literal(ss,"MAY");
598                 print_whsp(ss);
599                 print_oids(ss,oc->oc_at_oids_may);
600                 print_whsp(ss);
601         }
602
603         print_whsp(ss);
604
605         print_extensions(ss, oc->oc_extensions);
606
607         print_literal(ss, /*(*/")");
608
609         bv->bv_val = safe_strdup(ss);
610         bv->bv_len = ss->pos;
611         safe_string_free(ss);
612         return(bv);
613 }
614
615 char *
616 ldap_contentrule2str( LDAPContentRule * cr )
617 {
618         struct berval bv;
619         if (ldap_contentrule2bv( cr, &bv ))
620                 return(bv.bv_val);
621         else
622                 return NULL;
623 }
624
625 struct berval *
626 ldap_contentrule2bv( LDAPContentRule * cr, struct berval *bv )
627 {
628         safe_string * ss;
629         
630         ss = new_safe_string(256);
631         if ( !ss )
632                 return NULL;
633
634         print_literal(ss,"("/*)*/);
635         print_whsp(ss);
636
637         print_numericoid(ss, cr->cr_oid);
638         print_whsp(ss);
639
640         if ( cr->cr_names ) {
641                 print_literal(ss,"NAME");
642                 print_qdescrs(ss,cr->cr_names);
643         }
644
645         if ( cr->cr_desc ) {
646                 print_literal(ss,"DESC");
647                 print_qdstring(ss,cr->cr_desc);
648         }
649
650         if ( cr->cr_obsolete ) {
651                 print_literal(ss, "OBSOLETE");
652                 print_whsp(ss);
653         }
654
655         if ( cr->cr_oc_oids_aux ) {
656                 print_literal(ss,"AUX");
657                 print_whsp(ss);
658                 print_oids(ss,cr->cr_oc_oids_aux);
659                 print_whsp(ss);
660         }
661
662         if ( cr->cr_at_oids_must ) {
663                 print_literal(ss,"MUST");
664                 print_whsp(ss);
665                 print_oids(ss,cr->cr_at_oids_must);
666                 print_whsp(ss);
667         }
668
669         if ( cr->cr_at_oids_may ) {
670                 print_literal(ss,"MAY");
671                 print_whsp(ss);
672                 print_oids(ss,cr->cr_at_oids_may);
673                 print_whsp(ss);
674         }
675
676         if ( cr->cr_at_oids_not ) {
677                 print_literal(ss,"NOT");
678                 print_whsp(ss);
679                 print_oids(ss,cr->cr_at_oids_not);
680                 print_whsp(ss);
681         }
682
683         print_whsp(ss);
684         print_extensions(ss, cr->cr_extensions);
685
686         print_literal(ss, /*(*/")");
687
688         bv->bv_val = safe_strdup(ss);
689         bv->bv_len = ss->pos;
690         safe_string_free(ss);
691         return(bv);
692 }
693
694 char *
695 ldap_structurerule2str( LDAPStructureRule * sr )
696 {
697         struct berval bv;
698         if (ldap_structurerule2bv( sr, &bv ))
699                 return(bv.bv_val);
700         else
701                 return NULL;
702 }
703
704 struct berval *
705 ldap_structurerule2bv( LDAPStructureRule * sr, struct berval *bv )
706 {
707         safe_string * ss;
708         
709         ss = new_safe_string(256);
710         if ( !ss )
711                 return NULL;
712
713         print_literal(ss,"("/*)*/);
714         print_whsp(ss);
715
716         print_ruleid(ss, sr->sr_ruleid);
717         print_whsp(ss);
718
719         if ( sr->sr_names ) {
720                 print_literal(ss,"NAME");
721                 print_qdescrs(ss,sr->sr_names);
722         }
723
724         if ( sr->sr_desc ) {
725                 print_literal(ss,"DESC");
726                 print_qdstring(ss,sr->sr_desc);
727         }
728
729         if ( sr->sr_obsolete ) {
730                 print_literal(ss, "OBSOLETE");
731                 print_whsp(ss);
732         }
733
734         print_literal(ss,"FORM");
735         print_whsp(ss);
736         print_woid(ss,sr->sr_nameform);
737         print_whsp(ss);
738
739         if ( sr->sr_nsup_ruleids ) {
740                 print_literal(ss,"SUP");
741                 print_whsp(ss);
742                 print_ruleids(ss,sr->sr_nsup_ruleids,sr->sr_sup_ruleids);
743                 print_whsp(ss);
744         }
745
746         print_whsp(ss);
747         print_extensions(ss, sr->sr_extensions);
748
749         print_literal(ss, /*(*/")");
750
751         bv->bv_val = safe_strdup(ss);
752         bv->bv_len = ss->pos;
753         safe_string_free(ss);
754         return(bv);
755 }
756
757
758 char *
759 ldap_nameform2str( LDAPNameForm * nf )
760 {
761         struct berval bv;
762         if (ldap_nameform2bv( nf, &bv ))
763                 return(bv.bv_val);
764         else
765                 return NULL;
766 }
767
768 struct berval *
769 ldap_nameform2bv( LDAPNameForm * nf, struct berval *bv )
770 {
771         safe_string * ss;
772         
773         ss = new_safe_string(256);
774         if ( !ss )
775                 return NULL;
776
777         print_literal(ss,"("/*)*/);
778         print_whsp(ss);
779
780         print_numericoid(ss, nf->nf_oid);
781         print_whsp(ss);
782
783         if ( nf->nf_names ) {
784                 print_literal(ss,"NAME");
785                 print_qdescrs(ss,nf->nf_names);
786         }
787
788         if ( nf->nf_desc ) {
789                 print_literal(ss,"DESC");
790                 print_qdstring(ss,nf->nf_desc);
791         }
792
793         if ( nf->nf_obsolete ) {
794                 print_literal(ss, "OBSOLETE");
795                 print_whsp(ss);
796         }
797
798         print_literal(ss,"OC");
799         print_whsp(ss);
800         print_woid(ss,nf->nf_objectclass);
801         print_whsp(ss);
802
803         print_literal(ss,"MUST");
804         print_whsp(ss);
805         print_oids(ss,nf->nf_at_oids_must);
806         print_whsp(ss);
807
808
809         if ( nf->nf_at_oids_may ) {
810                 print_literal(ss,"MAY");
811                 print_whsp(ss);
812                 print_oids(ss,nf->nf_at_oids_may);
813                 print_whsp(ss);
814         }
815
816         print_whsp(ss);
817         print_extensions(ss, nf->nf_extensions);
818
819         print_literal(ss, /*(*/")");
820
821         bv->bv_val = safe_strdup(ss);
822         bv->bv_len = ss->pos;
823         safe_string_free(ss);
824         return(bv);
825 }
826
827 char *
828 ldap_attributetype2str( LDAPAttributeType * at )
829 {
830         struct berval bv;
831         if (ldap_attributetype2bv( at, &bv ))
832                 return(bv.bv_val);
833         else
834                 return NULL;
835 }
836
837 struct berval *
838 ldap_attributetype2bv(  LDAPAttributeType * at, struct berval *bv )
839 {
840         safe_string * ss;
841         
842         ss = new_safe_string(256);
843         if ( !ss )
844                 return NULL;
845
846         print_literal(ss,"("/*)*/);
847         print_whsp(ss);
848
849         print_numericoid(ss, at->at_oid);
850         print_whsp(ss);
851
852         if ( at->at_names ) {
853                 print_literal(ss,"NAME");
854                 print_qdescrs(ss,at->at_names);
855         }
856
857         if ( at->at_desc ) {
858                 print_literal(ss,"DESC");
859                 print_qdstring(ss,at->at_desc);
860         }
861
862         if ( at->at_obsolete ) {
863                 print_literal(ss, "OBSOLETE");
864                 print_whsp(ss);
865         }
866
867         if ( at->at_sup_oid ) {
868                 print_literal(ss,"SUP");
869                 print_woid(ss,at->at_sup_oid);
870         }
871
872         if ( at->at_equality_oid ) {
873                 print_literal(ss,"EQUALITY");
874                 print_woid(ss,at->at_equality_oid);
875         }
876
877         if ( at->at_ordering_oid ) {
878                 print_literal(ss,"ORDERING");
879                 print_woid(ss,at->at_ordering_oid);
880         }
881
882         if ( at->at_substr_oid ) {
883                 print_literal(ss,"SUBSTR");
884                 print_woid(ss,at->at_substr_oid);
885         }
886
887         if ( at->at_syntax_oid ) {
888                 print_literal(ss,"SYNTAX");
889                 print_whsp(ss);
890                 print_noidlen(ss,at->at_syntax_oid,at->at_syntax_len);
891                 print_whsp(ss);
892         }
893
894         if ( at->at_single_value == LDAP_SCHEMA_YES ) {
895                 print_literal(ss,"SINGLE-VALUE");
896                 print_whsp(ss);
897         }
898
899         if ( at->at_collective == LDAP_SCHEMA_YES ) {
900                 print_literal(ss,"COLLECTIVE");
901                 print_whsp(ss);
902         }
903
904         if ( at->at_no_user_mod == LDAP_SCHEMA_YES ) {
905                 print_literal(ss,"NO-USER-MODIFICATION");
906                 print_whsp(ss);
907         }
908
909         if ( at->at_usage != LDAP_SCHEMA_USER_APPLICATIONS ) {
910                 print_literal(ss,"USAGE");
911                 print_whsp(ss);
912                 switch (at->at_usage) {
913                 case LDAP_SCHEMA_DIRECTORY_OPERATION:
914                         print_literal(ss,"directoryOperation");
915                         break;
916                 case LDAP_SCHEMA_DISTRIBUTED_OPERATION:
917                         print_literal(ss,"distributedOperation");
918                         break;
919                 case LDAP_SCHEMA_DSA_OPERATION:
920                         print_literal(ss,"dSAOperation");
921                         break;
922                 default:
923                         print_literal(ss,"UNKNOWN");
924                         break;
925                 }
926         }
927         
928         print_whsp(ss);
929
930         print_extensions(ss, at->at_extensions);
931
932         print_literal(ss,/*(*/")");
933
934         bv->bv_val = safe_strdup(ss);
935         bv->bv_len = ss->pos;
936         safe_string_free(ss);
937         return(bv);
938 }
939
940 /*
941  * Now come the parsers.  There is one parser for each entity type:
942  * objectclasses, attributetypes, etc.
943  *
944  * Each of them is written as a recursive-descent parser, except that
945  * none of them is really recursive.  But the idea is kept: there
946  * is one routine per non-terminal that eithers gobbles lexical tokens
947  * or calls lower-level routines, etc.
948  *
949  * The scanner is implemented in the routine get_token.  Actually,
950  * get_token is more than a scanner and will return tokens that are
951  * in fact non-terminals in the grammar.  So you can see the whole
952  * approach as the combination of a low-level bottom-up recognizer
953  * combined with a scanner and a number of top-down parsers.  Or just
954  * consider that the real grammars recognized by the parsers are not
955  * those of the standards.  As a matter of fact, our parsers are more
956  * liberal than the spec when there is no ambiguity.
957  *
958  * The difference is pretty academic (modulo bugs or incorrect
959  * interpretation of the specs).
960  */
961
962 #define TK_NOENDQUOTE   -2
963 #define TK_OUTOFMEM     -1
964 #define TK_EOS          0
965 #define TK_UNEXPCHAR    1
966 #define TK_BAREWORD     2
967 #define TK_QDSTRING     3
968 #define TK_LEFTPAREN    4
969 #define TK_RIGHTPAREN   5
970 #define TK_DOLLAR       6
971 #define TK_QDESCR       TK_QDSTRING
972
973 struct token {
974         int type;
975         char *sval;
976 };
977
978 static int
979 get_token( const char ** sp, char ** token_val )
980 {
981         int kind;
982         const char * p;
983         const char * q;
984         char * res;
985
986         *token_val = NULL;
987         switch (**sp) {
988         case '\0':
989                 kind = TK_EOS;
990                 (*sp)++;
991                 break;
992         case '(':
993                 kind = TK_LEFTPAREN;
994                 (*sp)++;
995                 break;
996         case ')':
997                 kind = TK_RIGHTPAREN;
998                 (*sp)++;
999                 break;
1000         case '$':
1001                 kind = TK_DOLLAR;
1002                 (*sp)++;
1003                 break;
1004         case '\'':
1005                 kind = TK_QDSTRING;
1006                 (*sp)++;
1007                 p = *sp;
1008                 while ( **sp != '\'' && **sp != '\0' )
1009                         (*sp)++;
1010                 if ( **sp == '\'' ) {
1011                         q = *sp;
1012                         res = LDAP_MALLOC(q-p+1);
1013                         if ( !res ) {
1014                                 kind = TK_OUTOFMEM;
1015                         } else {
1016                                 strncpy(res,p,q-p);
1017                                 res[q-p] = '\0';
1018                                 *token_val = res;
1019                         }
1020                         (*sp)++;
1021                 } else {
1022                         kind = TK_NOENDQUOTE;
1023                 }
1024                 break;
1025         default:
1026                 kind = TK_BAREWORD;
1027                 p = *sp;
1028                 while ( !LDAP_SPACE(**sp) &&
1029                         **sp != '(' &&
1030                         **sp != ')' &&
1031                         **sp != '$' &&
1032                         **sp != '\'' &&
1033                         **sp != '\0' )
1034                         (*sp)++;
1035                 q = *sp;
1036                 res = LDAP_MALLOC(q-p+1);
1037                 if ( !res ) {
1038                         kind = TK_OUTOFMEM;
1039                 } else {
1040                         strncpy(res,p,q-p);
1041                         res[q-p] = '\0';
1042                         *token_val = res;
1043                 }
1044                 break;
1045 /*              kind = TK_UNEXPCHAR; */
1046 /*              break; */
1047         }
1048         
1049         return kind;
1050 }
1051
1052 /* Gobble optional whitespace */
1053 static void
1054 parse_whsp(const char **sp)
1055 {
1056         while (LDAP_SPACE(**sp))
1057                 (*sp)++;
1058 }
1059
1060 /* TBC:!!
1061  * General note for all parsers: to guarantee the algorithm halts they
1062  * must always advance the pointer even when an error is found.  For
1063  * this one is not that important since an error here is fatal at the
1064  * upper layers, but it is a simple strategy that will not get in
1065  * endless loops.
1066  */
1067
1068 /* Parse a sequence of dot-separated decimal strings */
1069 char *
1070 ldap_int_parse_numericoid(const char **sp, int *code, const int flags)
1071 {
1072         char * res = NULL;
1073         const char * start = *sp;
1074         int len;
1075         int quoted = 0;
1076
1077         /* Netscape puts the SYNTAX value in quotes (incorrectly) */
1078         if ( flags & LDAP_SCHEMA_ALLOW_QUOTED && **sp == '\'' ) {
1079                 quoted = 1;
1080                 (*sp)++;
1081                 start++;
1082         }
1083         /* Each iteration of this loop gets one decimal string */
1084         while (**sp) {
1085                 if ( !LDAP_DIGIT(**sp) ) {
1086                         /*
1087                          * Initial char is not a digit or char after dot is
1088                          * not a digit
1089                          */
1090                         *code = LDAP_SCHERR_NODIGIT;
1091                         return NULL;
1092                 }
1093                 (*sp)++;
1094                 while ( LDAP_DIGIT(**sp) )
1095                         (*sp)++;
1096                 if ( **sp != '.' )
1097                         break;
1098                 /* Otherwise, gobble the dot and loop again */
1099                 (*sp)++;
1100         }
1101         /* Now *sp points at the char past the numericoid. Perfect. */
1102         len = *sp - start;
1103         if ( flags & LDAP_SCHEMA_ALLOW_QUOTED && quoted ) {
1104                 if ( **sp == '\'' ) {
1105                         (*sp)++;
1106                 } else {
1107                         *code = LDAP_SCHERR_UNEXPTOKEN;
1108                         return NULL;
1109                 }
1110         }
1111         if (flags & LDAP_SCHEMA_SKIP) {
1112                 res = (char *)start;
1113         } else {
1114                 res = LDAP_MALLOC(len+1);
1115                 if (!res) {
1116                         *code = LDAP_SCHERR_OUTOFMEM;
1117                         return(NULL);
1118                 }
1119                 strncpy(res,start,len);
1120                 res[len] = '\0';
1121         }
1122         return(res);
1123 }
1124
1125 /* Parse a sequence of dot-separated decimal strings */
1126 int
1127 ldap_int_parse_ruleid(const char **sp, int *code, const int flags, int *ruleid)
1128 {
1129         *ruleid=0;
1130
1131         if ( !LDAP_DIGIT(**sp) ) {
1132                 *code = LDAP_SCHERR_NODIGIT;
1133                 return -1;
1134         }
1135         *ruleid = (**sp) - '0';
1136         (*sp)++;
1137
1138         while ( LDAP_DIGIT(**sp) ) {
1139                 *ruleid *= 10;
1140                 *ruleid += (**sp) - '0';
1141                 (*sp)++;
1142         }
1143
1144         return 0;
1145 }
1146
1147 /* Parse a qdescr or a list of them enclosed in () */
1148 static char **
1149 parse_qdescrs(const char **sp, int *code)
1150 {
1151         char ** res;
1152         char ** res1;
1153         int kind;
1154         char * sval;
1155         int size;
1156         int pos;
1157
1158         parse_whsp(sp);
1159         kind = get_token(sp,&sval);
1160         if ( kind == TK_LEFTPAREN ) {
1161                 /* Let's presume there will be at least 2 entries */
1162                 size = 3;
1163                 res = LDAP_CALLOC(3,sizeof(char *));
1164                 if ( !res ) {
1165                         *code = LDAP_SCHERR_OUTOFMEM;
1166                         return NULL;
1167                 }
1168                 pos = 0;
1169                 while (1) {
1170                         parse_whsp(sp);
1171                         kind = get_token(sp,&sval);
1172                         if ( kind == TK_RIGHTPAREN )
1173                                 break;
1174                         if ( kind == TK_QDESCR ) {
1175                                 if ( pos == size-2 ) {
1176                                         size++;
1177                                         res1 = LDAP_REALLOC(res,size*sizeof(char *));
1178                                         if ( !res1 ) {
1179                                                 LDAP_VFREE(res);
1180                                                 LDAP_FREE(sval);
1181                                                 *code = LDAP_SCHERR_OUTOFMEM;
1182                                                 return(NULL);
1183                                         }
1184                                         res = res1;
1185                                 }
1186                                 res[pos] = sval;
1187                                 pos++;
1188                                 parse_whsp(sp);
1189                         } else {
1190                                 LDAP_VFREE(res);
1191                                 LDAP_FREE(sval);
1192                                 *code = LDAP_SCHERR_UNEXPTOKEN;
1193                                 return(NULL);
1194                         }
1195                 }
1196                 res[pos] = NULL;
1197                 parse_whsp(sp);
1198                 return(res);
1199         } else if ( kind == TK_QDESCR ) {
1200                 res = LDAP_CALLOC(2,sizeof(char *));
1201                 if ( !res ) {
1202                         *code = LDAP_SCHERR_OUTOFMEM;
1203                         return NULL;
1204                 }
1205                 res[0] = sval;
1206                 res[1] = NULL;
1207                 parse_whsp(sp);
1208                 return res;
1209         } else {
1210                 LDAP_FREE(sval);
1211                 *code = LDAP_SCHERR_BADNAME;
1212                 return NULL;
1213         }
1214 }
1215
1216 /* Parse a woid */
1217 static char *
1218 parse_woid(const char **sp, int *code)
1219 {
1220         char * sval;
1221         int kind;
1222
1223         parse_whsp(sp);
1224         kind = get_token(sp, &sval);
1225         if ( kind != TK_BAREWORD ) {
1226                 LDAP_FREE(sval);
1227                 *code = LDAP_SCHERR_UNEXPTOKEN;
1228                 return NULL;
1229         }
1230         parse_whsp(sp);
1231         return sval;
1232 }
1233
1234 /* Parse a noidlen */
1235 static char *
1236 parse_noidlen(const char **sp, int *code, int *len, int allow_quoted)
1237 {
1238         char * sval;
1239         int quoted = 0;
1240
1241         *len = 0;
1242         /* Netscape puts the SYNTAX value in quotes (incorrectly) */
1243         if ( allow_quoted && **sp == '\'' ) {
1244                 quoted = 1;
1245                 (*sp)++;
1246         }
1247         sval = ldap_int_parse_numericoid(sp, code, 0);
1248         if ( !sval ) {
1249                 return NULL;
1250         }
1251         if ( **sp == '{' /*}*/ ) {
1252                 (*sp)++;
1253                 *len = atoi(*sp);
1254                 while ( LDAP_DIGIT(**sp) )
1255                         (*sp)++;
1256                 if ( **sp != /*{*/ '}' ) {
1257                         *code = LDAP_SCHERR_UNEXPTOKEN;
1258                         LDAP_FREE(sval);
1259                         return NULL;
1260                 }
1261                 (*sp)++;
1262         }               
1263         if ( allow_quoted && quoted ) {
1264                 if ( **sp == '\'' ) {
1265                         (*sp)++;
1266                 } else {
1267                         *code = LDAP_SCHERR_UNEXPTOKEN;
1268                         LDAP_FREE(sval);
1269                         return NULL;
1270                 }
1271         }
1272         return sval;
1273 }
1274
1275 /*
1276  * Next routine will accept a qdstring in place of an oid if
1277  * allow_quoted is set.  This is necessary to interoperate with
1278  * Netscape Directory server that will improperly quote each oid (at
1279  * least those of the descr kind) in the SUP clause.
1280  */
1281
1282 /* Parse a woid or a $-separated list of them enclosed in () */
1283 static char **
1284 parse_oids(const char **sp, int *code, const int allow_quoted)
1285 {
1286         char ** res;
1287         char ** res1;
1288         int kind;
1289         char * sval;
1290         int size;
1291         int pos;
1292
1293         /*
1294          * Strictly speaking, doing this here accepts whsp before the
1295          * ( at the begining of an oidlist, but this is harmless.  Also,
1296          * we are very liberal in what we accept as an OID.  Maybe
1297          * refine later.
1298          */
1299         parse_whsp(sp);
1300         kind = get_token(sp,&sval);
1301         if ( kind == TK_LEFTPAREN ) {
1302                 /* Let's presume there will be at least 2 entries */
1303                 size = 3;
1304                 res = LDAP_CALLOC(3,sizeof(char *));
1305                 if ( !res ) {
1306                         *code = LDAP_SCHERR_OUTOFMEM;
1307                         return NULL;
1308                 }
1309                 pos = 0;
1310                 parse_whsp(sp);
1311                 kind = get_token(sp,&sval);
1312                 if ( kind == TK_BAREWORD ||
1313                      ( allow_quoted && kind == TK_QDSTRING ) ) {
1314                         res[pos] = sval;
1315                         pos++;
1316                 } else {
1317                         *code = LDAP_SCHERR_UNEXPTOKEN;
1318                         LDAP_FREE(sval);
1319                         LDAP_VFREE(res);
1320                         return NULL;
1321                 }
1322                 parse_whsp(sp);
1323                 while (1) {
1324                         kind = get_token(sp,&sval);
1325                         if ( kind == TK_RIGHTPAREN )
1326                                 break;
1327                         if ( kind == TK_DOLLAR ) {
1328                                 parse_whsp(sp);
1329                                 kind = get_token(sp,&sval);
1330                                 if ( kind == TK_BAREWORD ||
1331                                      ( allow_quoted &&
1332                                        kind == TK_QDSTRING ) ) {
1333                                         if ( pos == size-2 ) {
1334                                                 size++;
1335                                                 res1 = LDAP_REALLOC(res,size*sizeof(char *));
1336                                                 if ( !res1 ) {
1337                                                         LDAP_FREE(sval);
1338                                                         LDAP_VFREE(res);
1339                                                         *code = LDAP_SCHERR_OUTOFMEM;
1340                                                         return(NULL);
1341                                                 }
1342                                                 res = res1;
1343                                         }
1344                                         res[pos] = sval;
1345                                         pos++;
1346                                 } else {
1347                                         *code = LDAP_SCHERR_UNEXPTOKEN;
1348                                         LDAP_FREE(sval);
1349                                         LDAP_VFREE(res);
1350                                         return NULL;
1351                                 }
1352                                 parse_whsp(sp);
1353                         } else {
1354                                 *code = LDAP_SCHERR_UNEXPTOKEN;
1355                                 LDAP_FREE(sval);
1356                                 LDAP_VFREE(res);
1357                                 return NULL;
1358                         }
1359                 }
1360                 res[pos] = NULL;
1361                 parse_whsp(sp);
1362                 return(res);
1363         } else if ( kind == TK_BAREWORD ||
1364                     ( allow_quoted && kind == TK_QDSTRING ) ) {
1365                 res = LDAP_CALLOC(2,sizeof(char *));
1366                 if ( !res ) {
1367                         LDAP_FREE(sval);
1368                         *code = LDAP_SCHERR_OUTOFMEM;
1369                         return NULL;
1370                 }
1371                 res[0] = sval;
1372                 res[1] = NULL;
1373                 parse_whsp(sp);
1374                 return res;
1375         } else {
1376                 LDAP_FREE(sval);
1377                 *code = LDAP_SCHERR_BADNAME;
1378                 return NULL;
1379         }
1380 }
1381
1382 static int
1383 add_extension(LDAPSchemaExtensionItem ***extensions,
1384               char * name, char ** values)
1385 {
1386         int n;
1387         LDAPSchemaExtensionItem **tmp, *ext;
1388
1389         ext = LDAP_CALLOC(1, sizeof(LDAPSchemaExtensionItem));
1390         if ( !ext )
1391                 return 1;
1392         ext->lsei_name = name;
1393         ext->lsei_values = values;
1394
1395         if ( !*extensions ) {
1396                 *extensions =
1397                   LDAP_CALLOC(2, sizeof(LDAPSchemaExtensionItem *));
1398                 if ( !*extensions )
1399                   return 1;
1400                 n = 0;
1401         } else {
1402                 for ( n=0; (*extensions)[n] != NULL; n++ )
1403                         ;
1404                 tmp = LDAP_REALLOC(*extensions,
1405                                    (n+2)*sizeof(LDAPSchemaExtensionItem *));
1406                 if ( !tmp )
1407                         return 1;
1408                 *extensions = tmp;
1409         }
1410         (*extensions)[n] = ext;
1411         (*extensions)[n+1] = NULL;
1412         return 0;
1413 }
1414
1415 static void
1416 free_extensions(LDAPSchemaExtensionItem **extensions)
1417 {
1418         LDAPSchemaExtensionItem **ext;
1419
1420         if ( extensions ) {
1421                 for ( ext = extensions; *ext != NULL; ext++ ) {
1422                         LDAP_FREE((*ext)->lsei_name);
1423                         LDAP_VFREE((*ext)->lsei_values);
1424                         LDAP_FREE(*ext);
1425                 }
1426                 LDAP_FREE(extensions);
1427         }
1428 }
1429
1430 void
1431 ldap_syntax_free( LDAPSyntax * syn )
1432 {
1433         LDAP_FREE(syn->syn_oid);
1434         if (syn->syn_names) LDAP_VFREE(syn->syn_names);
1435         if (syn->syn_desc) LDAP_FREE(syn->syn_desc);
1436         free_extensions(syn->syn_extensions);
1437         LDAP_FREE(syn);
1438 }
1439
1440 LDAPSyntax *
1441 ldap_str2syntax( LDAP_CONST char * s,
1442         int * code,
1443         LDAP_CONST char ** errp,
1444         LDAP_CONST unsigned flags )
1445 {
1446         int kind;
1447         const char * ss = s;
1448         char * sval;
1449         int seen_name = 0;
1450         int seen_desc = 0;
1451         LDAPSyntax * syn;
1452         char ** ext_vals;
1453
1454         if ( !s ) {
1455                 *code = LDAP_SCHERR_EMPTY;
1456                 *errp = "";
1457                 return NULL;
1458         }
1459
1460         *errp = s;
1461         syn = LDAP_CALLOC(1,sizeof(LDAPSyntax));
1462
1463         if ( !syn ) {
1464                 *code = LDAP_SCHERR_OUTOFMEM;
1465                 return NULL;
1466         }
1467
1468         kind = get_token(&ss,&sval);
1469         if ( kind != TK_LEFTPAREN ) {
1470                 LDAP_FREE(sval);
1471                 *code = LDAP_SCHERR_NOLEFTPAREN;
1472                 ldap_syntax_free(syn);
1473                 return NULL;
1474         }
1475
1476         parse_whsp(&ss);
1477         syn->syn_oid = ldap_int_parse_numericoid(&ss,code,0);
1478         if ( !syn->syn_oid ) {
1479                 *errp = ss;
1480                 ldap_syntax_free(syn);
1481                 return NULL;
1482         }
1483         parse_whsp(&ss);
1484
1485         /*
1486          * Beyond this point we will be liberal and accept the items
1487          * in any order.
1488          */
1489         while (1) {
1490                 kind = get_token(&ss,&sval);
1491                 switch (kind) {
1492                 case TK_EOS:
1493                         *code = LDAP_SCHERR_NORIGHTPAREN;
1494                         *errp = ss;
1495                         ldap_syntax_free(syn);
1496                         return NULL;
1497                 case TK_RIGHTPAREN:
1498                         return syn;
1499                 case TK_BAREWORD:
1500                         if ( !strcmp(sval,"NAME") ) {
1501                                 LDAP_FREE(sval);
1502                                 if ( seen_name ) {
1503                                         *code = LDAP_SCHERR_DUPOPT;
1504                                         *errp = ss;
1505                                         ldap_syntax_free(syn);
1506                                         return(NULL);
1507                                 }
1508                                 seen_name = 1;
1509                                 syn->syn_names = parse_qdescrs(&ss,code);
1510                                 if ( !syn->syn_names ) {
1511                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
1512                                                 *code = LDAP_SCHERR_BADNAME;
1513                                         *errp = ss;
1514                                         ldap_syntax_free(syn);
1515                                         return NULL;
1516                                 }
1517                         } else if ( !strcmp(sval,"DESC") ) {
1518                                 LDAP_FREE(sval);
1519                                 if ( seen_desc ) {
1520                                         *code = LDAP_SCHERR_DUPOPT;
1521                                         *errp = ss;
1522                                         ldap_syntax_free(syn);
1523                                         return(NULL);
1524                                 }
1525                                 seen_desc = 1;
1526                                 parse_whsp(&ss);
1527                                 kind = get_token(&ss,&sval);
1528                                 if ( kind != TK_QDSTRING ) {
1529                                         *code = LDAP_SCHERR_UNEXPTOKEN;
1530                                         *errp = ss;
1531                                         LDAP_FREE(sval);
1532                                         ldap_syntax_free(syn);
1533                                         return NULL;
1534                                 }
1535                                 syn->syn_desc = sval;
1536                                 parse_whsp(&ss);
1537                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
1538                                 /* Should be parse_qdstrings */
1539                                 ext_vals = parse_qdescrs(&ss, code);
1540                                 if ( !ext_vals ) {
1541                                         *errp = ss;
1542                                         ldap_syntax_free(syn);
1543                                         return NULL;
1544                                 }
1545                                 if ( add_extension(&syn->syn_extensions,
1546                                                     sval, ext_vals) ) {
1547                                         *code = LDAP_SCHERR_OUTOFMEM;
1548                                         *errp = ss;
1549                                         LDAP_FREE(sval);
1550                                         ldap_syntax_free(syn);
1551                                         return NULL;
1552                                 }
1553                         } else {
1554                                 *code = LDAP_SCHERR_UNEXPTOKEN;
1555                                 *errp = ss;
1556                                 LDAP_FREE(sval);
1557                                 ldap_syntax_free(syn);
1558                                 return NULL;
1559                         }
1560                         break;
1561                 default:
1562                         *code = LDAP_SCHERR_UNEXPTOKEN;
1563                         *errp = ss;
1564                         LDAP_FREE(sval);
1565                         ldap_syntax_free(syn);
1566                         return NULL;
1567                 }
1568         }
1569 }
1570
1571 void
1572 ldap_matchingrule_free( LDAPMatchingRule * mr )
1573 {
1574         LDAP_FREE(mr->mr_oid);
1575         if (mr->mr_names) LDAP_VFREE(mr->mr_names);
1576         if (mr->mr_desc) LDAP_FREE(mr->mr_desc);
1577         if (mr->mr_syntax_oid) LDAP_FREE(mr->mr_syntax_oid);
1578         free_extensions(mr->mr_extensions);
1579         LDAP_FREE(mr);
1580 }
1581
1582 LDAPMatchingRule *
1583 ldap_str2matchingrule( LDAP_CONST char * s,
1584         int * code,
1585         LDAP_CONST char ** errp,
1586         LDAP_CONST unsigned flags )
1587 {
1588         int kind;
1589         const char * ss = s;
1590         char * sval;
1591         int seen_name = 0;
1592         int seen_desc = 0;
1593         int seen_obsolete = 0;
1594         int seen_syntax = 0;
1595         LDAPMatchingRule * mr;
1596         char ** ext_vals;
1597         const char * savepos;
1598
1599         if ( !s ) {
1600                 *code = LDAP_SCHERR_EMPTY;
1601                 *errp = "";
1602                 return NULL;
1603         }
1604
1605         *errp = s;
1606         mr = LDAP_CALLOC(1,sizeof(LDAPMatchingRule));
1607
1608         if ( !mr ) {
1609                 *code = LDAP_SCHERR_OUTOFMEM;
1610                 return NULL;
1611         }
1612
1613         kind = get_token(&ss,&sval);
1614         if ( kind != TK_LEFTPAREN ) {
1615                 *code = LDAP_SCHERR_NOLEFTPAREN;
1616                 LDAP_FREE(sval);
1617                 ldap_matchingrule_free(mr);
1618                 return NULL;
1619         }
1620
1621         parse_whsp(&ss);
1622         savepos = ss;
1623         mr->mr_oid = ldap_int_parse_numericoid(&ss,code,flags);
1624         if ( !mr->mr_oid ) {
1625                 if ( flags & LDAP_SCHEMA_ALLOW_NO_OID ) {
1626                         /* Backtracking */
1627                         ss = savepos;
1628                         kind = get_token(&ss,&sval);
1629                         if ( kind == TK_BAREWORD ) {
1630                                 if ( !strcmp(sval, "NAME") ||
1631                                      !strcmp(sval, "DESC") ||
1632                                      !strcmp(sval, "OBSOLETE") ||
1633                                      !strcmp(sval, "SYNTAX") ||
1634                                      !strncmp(sval, "X-", 2) ) {
1635                                         /* Missing OID, backtrack */
1636                                         ss = savepos;
1637                                 } else {
1638                                         /* Non-numerical OID, ignore */
1639                                 }
1640                         }
1641                         LDAP_FREE(sval);
1642                 } else {
1643                         *errp = ss;
1644                         ldap_matchingrule_free(mr);
1645                         return NULL;
1646                 }
1647         }
1648         parse_whsp(&ss);
1649
1650         /*
1651          * Beyond this point we will be liberal and accept the items
1652          * in any order.
1653          */
1654         while (1) {
1655                 kind = get_token(&ss,&sval);
1656                 switch (kind) {
1657                 case TK_EOS:
1658                         *code = LDAP_SCHERR_NORIGHTPAREN;
1659                         *errp = ss;
1660                         ldap_matchingrule_free(mr);
1661                         return NULL;
1662                 case TK_RIGHTPAREN:
1663                         if( !seen_syntax ) {
1664                                 *code = LDAP_SCHERR_MISSING;
1665                                 ldap_matchingrule_free(mr);
1666                                 return NULL;
1667                         }
1668                         return mr;
1669                 case TK_BAREWORD:
1670                         if ( !strcmp(sval,"NAME") ) {
1671                                 LDAP_FREE(sval);
1672                                 if ( seen_name ) {
1673                                         *code = LDAP_SCHERR_DUPOPT;
1674                                         *errp = ss;
1675                                         ldap_matchingrule_free(mr);
1676                                         return(NULL);
1677                                 }
1678                                 seen_name = 1;
1679                                 mr->mr_names = parse_qdescrs(&ss,code);
1680                                 if ( !mr->mr_names ) {
1681                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
1682                                                 *code = LDAP_SCHERR_BADNAME;
1683                                         *errp = ss;
1684                                         ldap_matchingrule_free(mr);
1685                                         return NULL;
1686                                 }
1687                         } else if ( !strcmp(sval,"DESC") ) {
1688                                 LDAP_FREE(sval);
1689                                 if ( seen_desc ) {
1690                                         *code = LDAP_SCHERR_DUPOPT;
1691                                         *errp = ss;
1692                                         ldap_matchingrule_free(mr);
1693                                         return(NULL);
1694                                 }
1695                                 seen_desc = 1;
1696                                 parse_whsp(&ss);
1697                                 kind = get_token(&ss,&sval);
1698                                 if ( kind != TK_QDSTRING ) {
1699                                         *code = LDAP_SCHERR_UNEXPTOKEN;
1700                                         *errp = ss;
1701                                         LDAP_FREE(sval);
1702                                         ldap_matchingrule_free(mr);
1703                                         return NULL;
1704                                 }
1705                                 mr->mr_desc = sval;
1706                                 parse_whsp(&ss);
1707                         } else if ( !strcmp(sval,"OBSOLETE") ) {
1708                                 LDAP_FREE(sval);
1709                                 if ( seen_obsolete ) {
1710                                         *code = LDAP_SCHERR_DUPOPT;
1711                                         *errp = ss;
1712                                         ldap_matchingrule_free(mr);
1713                                         return(NULL);
1714                                 }
1715                                 seen_obsolete = 1;
1716                                 mr->mr_obsolete = LDAP_SCHEMA_YES;
1717                                 parse_whsp(&ss);
1718                         } else if ( !strcmp(sval,"SYNTAX") ) {
1719                                 LDAP_FREE(sval);
1720                                 if ( seen_syntax ) {
1721                                         *code = LDAP_SCHERR_DUPOPT;
1722                                         *errp = ss;
1723                                         ldap_matchingrule_free(mr);
1724                                         return(NULL);
1725                                 }
1726                                 seen_syntax = 1;
1727                                 parse_whsp(&ss);
1728                                 mr->mr_syntax_oid =
1729                                         ldap_int_parse_numericoid(&ss,code,flags);
1730                                 if ( !mr->mr_syntax_oid ) {
1731                                         *errp = ss;
1732                                         ldap_matchingrule_free(mr);
1733                                         return NULL;
1734                                 }
1735                                 parse_whsp(&ss);
1736                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
1737                                 /* Should be parse_qdstrings */
1738                                 ext_vals = parse_qdescrs(&ss, code);
1739                                 if ( !ext_vals ) {
1740                                         *errp = ss;
1741                                         ldap_matchingrule_free(mr);
1742                                         return NULL;
1743                                 }
1744                                 if ( add_extension(&mr->mr_extensions,
1745                                                     sval, ext_vals) ) {
1746                                         *code = LDAP_SCHERR_OUTOFMEM;
1747                                         *errp = ss;
1748                                         LDAP_FREE(sval);
1749                                         ldap_matchingrule_free(mr);
1750                                         return NULL;
1751                                 }
1752                         } else {
1753                                 *code = LDAP_SCHERR_UNEXPTOKEN;
1754                                 *errp = ss;
1755                                 LDAP_FREE(sval);
1756                                 ldap_matchingrule_free(mr);
1757                                 return NULL;
1758                         }
1759                         break;
1760                 default:
1761                         *code = LDAP_SCHERR_UNEXPTOKEN;
1762                         *errp = ss;
1763                         LDAP_FREE(sval);
1764                         ldap_matchingrule_free(mr);
1765                         return NULL;
1766                 }
1767         }
1768 }
1769
1770 void
1771 ldap_matchingruleuse_free( LDAPMatchingRuleUse * mru )
1772 {
1773         LDAP_FREE(mru->mru_oid);
1774         if (mru->mru_names) LDAP_VFREE(mru->mru_names);
1775         if (mru->mru_desc) LDAP_FREE(mru->mru_desc);
1776         if (mru->mru_applies_oids) LDAP_VFREE(mru->mru_applies_oids);
1777         free_extensions(mru->mru_extensions);
1778         LDAP_FREE(mru);
1779 }
1780
1781 LDAPMatchingRuleUse *
1782 ldap_str2matchingruleuse( LDAP_CONST char * s,
1783         int * code,
1784         LDAP_CONST char ** errp,
1785         LDAP_CONST unsigned flags )
1786 {
1787         int kind;
1788         const char * ss = s;
1789         char * sval;
1790         int seen_name = 0;
1791         int seen_desc = 0;
1792         int seen_obsolete = 0;
1793         int seen_applies = 0;
1794         LDAPMatchingRuleUse * mru;
1795         char ** ext_vals;
1796         const char * savepos;
1797
1798         if ( !s ) {
1799                 *code = LDAP_SCHERR_EMPTY;
1800                 *errp = "";
1801                 return NULL;
1802         }
1803
1804         *errp = s;
1805         mru = LDAP_CALLOC(1,sizeof(LDAPMatchingRuleUse));
1806
1807         if ( !mru ) {
1808                 *code = LDAP_SCHERR_OUTOFMEM;
1809                 return NULL;
1810         }
1811
1812         kind = get_token(&ss,&sval);
1813         if ( kind != TK_LEFTPAREN ) {
1814                 *code = LDAP_SCHERR_NOLEFTPAREN;
1815                 LDAP_FREE(sval);
1816                 ldap_matchingruleuse_free(mru);
1817                 return NULL;
1818         }
1819
1820         parse_whsp(&ss);
1821         savepos = ss;
1822         mru->mru_oid = ldap_int_parse_numericoid(&ss,code,flags);
1823         if ( !mru->mru_oid ) {
1824                 if ( flags & LDAP_SCHEMA_ALLOW_NO_OID ) {
1825                         /* Backtracking */
1826                         ss = savepos;
1827                         kind = get_token(&ss,&sval);
1828                         if ( kind == TK_BAREWORD ) {
1829                                 if ( !strcmp(sval, "NAME") ||
1830                                      !strcmp(sval, "DESC") ||
1831                                      !strcmp(sval, "OBSOLETE") ||
1832                                      !strcmp(sval, "APPLIES") ||
1833                                      !strncmp(sval, "X-", 2) ) {
1834                                         /* Missing OID, backtrack */
1835                                         ss = savepos;
1836                                 } else {
1837                                         /* Non-numerical OID, ignore */
1838                                 }
1839                         }
1840                         LDAP_FREE(sval);
1841                 } else {
1842                         *errp = ss;
1843                         ldap_matchingruleuse_free(mru);
1844                         return NULL;
1845                 }
1846         }
1847         parse_whsp(&ss);
1848
1849         /*
1850          * Beyond this point we will be liberal and accept the items
1851          * in any order.
1852          */
1853         while (1) {
1854                 kind = get_token(&ss,&sval);
1855                 switch (kind) {
1856                 case TK_EOS:
1857                         *code = LDAP_SCHERR_NORIGHTPAREN;
1858                         *errp = ss;
1859                         ldap_matchingruleuse_free(mru);
1860                         return NULL;
1861                 case TK_RIGHTPAREN:
1862                         if( !seen_applies ) {
1863                                 *code = LDAP_SCHERR_MISSING;
1864                                 ldap_matchingruleuse_free(mru);
1865                                 return NULL;
1866                         }
1867                         return mru;
1868                 case TK_BAREWORD:
1869                         if ( !strcmp(sval,"NAME") ) {
1870                                 LDAP_FREE(sval);
1871                                 if ( seen_name ) {
1872                                         *code = LDAP_SCHERR_DUPOPT;
1873                                         *errp = ss;
1874                                         ldap_matchingruleuse_free(mru);
1875                                         return(NULL);
1876                                 }
1877                                 seen_name = 1;
1878                                 mru->mru_names = parse_qdescrs(&ss,code);
1879                                 if ( !mru->mru_names ) {
1880                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
1881                                                 *code = LDAP_SCHERR_BADNAME;
1882                                         *errp = ss;
1883                                         ldap_matchingruleuse_free(mru);
1884                                         return NULL;
1885                                 }
1886                         } else if ( !strcmp(sval,"DESC") ) {
1887                                 LDAP_FREE(sval);
1888                                 if ( seen_desc ) {
1889                                         *code = LDAP_SCHERR_DUPOPT;
1890                                         *errp = ss;
1891                                         ldap_matchingruleuse_free(mru);
1892                                         return(NULL);
1893                                 }
1894                                 seen_desc = 1;
1895                                 parse_whsp(&ss);
1896                                 kind = get_token(&ss,&sval);
1897                                 if ( kind != TK_QDSTRING ) {
1898                                         *code = LDAP_SCHERR_UNEXPTOKEN;
1899                                         *errp = ss;
1900                                         LDAP_FREE(sval);
1901                                         ldap_matchingruleuse_free(mru);
1902                                         return NULL;
1903                                 }
1904                                 mru->mru_desc = sval;
1905                                 parse_whsp(&ss);
1906                         } else if ( !strcmp(sval,"OBSOLETE") ) {
1907                                 LDAP_FREE(sval);
1908                                 if ( seen_obsolete ) {
1909                                         *code = LDAP_SCHERR_DUPOPT;
1910                                         *errp = ss;
1911                                         ldap_matchingruleuse_free(mru);
1912                                         return(NULL);
1913                                 }
1914                                 seen_obsolete = 1;
1915                                 mru->mru_obsolete = LDAP_SCHEMA_YES;
1916                                 parse_whsp(&ss);
1917                         } else if ( !strcmp(sval,"APPLIES") ) {
1918                                 LDAP_FREE(sval);
1919                                 if ( seen_applies ) {
1920                                         *code = LDAP_SCHERR_DUPOPT;
1921                                         *errp = ss;
1922                                         ldap_matchingruleuse_free(mru);
1923                                         return(NULL);
1924                                 }
1925                                 seen_applies = 1;
1926                                 mru->mru_applies_oids = parse_oids(&ss,
1927                                                              code,
1928                                                              flags);
1929                                 if ( !mru->mru_applies_oids ) {
1930                                         *errp = ss;
1931                                         ldap_matchingruleuse_free(mru);
1932                                         return NULL;
1933                                 }
1934                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
1935                                 /* Should be parse_qdstrings */
1936                                 ext_vals = parse_qdescrs(&ss, code);
1937                                 if ( !ext_vals ) {
1938                                         *errp = ss;
1939                                         ldap_matchingruleuse_free(mru);
1940                                         return NULL;
1941                                 }
1942                                 if ( add_extension(&mru->mru_extensions,
1943                                                     sval, ext_vals) ) {
1944                                         *code = LDAP_SCHERR_OUTOFMEM;
1945                                         *errp = ss;
1946                                         LDAP_FREE(sval);
1947                                         ldap_matchingruleuse_free(mru);
1948                                         return NULL;
1949                                 }
1950                         } else {
1951                                 *code = LDAP_SCHERR_UNEXPTOKEN;
1952                                 *errp = ss;
1953                                 LDAP_FREE(sval);
1954                                 ldap_matchingruleuse_free(mru);
1955                                 return NULL;
1956                         }
1957                         break;
1958                 default:
1959                         *code = LDAP_SCHERR_UNEXPTOKEN;
1960                         *errp = ss;
1961                         LDAP_FREE(sval);
1962                         ldap_matchingruleuse_free(mru);
1963                         return NULL;
1964                 }
1965         }
1966 }
1967
1968 void
1969 ldap_attributetype_free(LDAPAttributeType * at)
1970 {
1971         LDAP_FREE(at->at_oid);
1972         if (at->at_names) LDAP_VFREE(at->at_names);
1973         if (at->at_desc) LDAP_FREE(at->at_desc);
1974         if (at->at_sup_oid) LDAP_FREE(at->at_sup_oid);
1975         if (at->at_equality_oid) LDAP_FREE(at->at_equality_oid);
1976         if (at->at_ordering_oid) LDAP_FREE(at->at_ordering_oid);
1977         if (at->at_substr_oid) LDAP_FREE(at->at_substr_oid);
1978         if (at->at_syntax_oid) LDAP_FREE(at->at_syntax_oid);
1979         free_extensions(at->at_extensions);
1980         LDAP_FREE(at);
1981 }
1982
1983 LDAPAttributeType *
1984 ldap_str2attributetype( LDAP_CONST char * s,
1985         int * code,
1986         LDAP_CONST char ** errp,
1987         LDAP_CONST unsigned flags )
1988 {
1989         int kind;
1990         const char * ss = s;
1991         char * sval;
1992         int seen_name = 0;
1993         int seen_desc = 0;
1994         int seen_obsolete = 0;
1995         int seen_sup = 0;
1996         int seen_equality = 0;
1997         int seen_ordering = 0;
1998         int seen_substr = 0;
1999         int seen_syntax = 0;
2000         int seen_usage = 0;
2001         LDAPAttributeType * at;
2002         char ** ext_vals;
2003         const char * savepos;
2004
2005         if ( !s ) {
2006                 *code = LDAP_SCHERR_EMPTY;
2007                 *errp = "";
2008                 return NULL;
2009         }
2010
2011         *errp = s;
2012         at = LDAP_CALLOC(1,sizeof(LDAPAttributeType));
2013
2014         if ( !at ) {
2015                 *code = LDAP_SCHERR_OUTOFMEM;
2016                 return NULL;
2017         }
2018
2019         kind = get_token(&ss,&sval);
2020         if ( kind != TK_LEFTPAREN ) {
2021                 *code = LDAP_SCHERR_NOLEFTPAREN;
2022                 LDAP_FREE(sval);
2023                 ldap_attributetype_free(at);
2024                 return NULL;
2025         }
2026
2027         /*
2028          * Definitions MUST begin with an OID in the numericoid format.
2029          * However, this routine is used by clients to parse the response
2030          * from servers and very well known servers will provide an OID
2031          * in the wrong format or even no OID at all.  We do our best to
2032          * extract info from those servers.
2033          */
2034         parse_whsp(&ss);
2035         savepos = ss;
2036         at->at_oid = ldap_int_parse_numericoid(&ss,code,0);
2037         if ( !at->at_oid ) {
2038                 if ( ( flags & ( LDAP_SCHEMA_ALLOW_NO_OID
2039                                 | LDAP_SCHEMA_ALLOW_OID_MACRO ) )
2040                             && (ss == savepos) ) {
2041                         /* Backtracking */
2042                         ss = savepos;
2043                         kind = get_token(&ss,&sval);
2044                         if ( kind == TK_BAREWORD ) {
2045                                 if ( !strcmp(sval, "NAME") ||
2046                                      !strcmp(sval, "DESC") ||
2047                                      !strcmp(sval, "OBSOLETE") ||
2048                                      !strcmp(sval, "SUP") ||
2049                                      !strcmp(sval, "EQUALITY") ||
2050                                      !strcmp(sval, "ORDERING") ||
2051                                      !strcmp(sval, "SUBSTR") ||
2052                                      !strcmp(sval, "SYNTAX") ||
2053                                      !strcmp(sval, "SINGLE-VALUE") ||
2054                                      !strcmp(sval, "COLLECTIVE") ||
2055                                      !strcmp(sval, "NO-USER-MODIFICATION") ||
2056                                      !strcmp(sval, "USAGE") ||
2057                                      !strncmp(sval, "X-", 2) ) {
2058                                         /* Missing OID, backtrack */
2059                                         ss = savepos;
2060                                 } else if ( flags
2061                                         & LDAP_SCHEMA_ALLOW_OID_MACRO) {
2062                                         /* Non-numerical OID ... */
2063                                         int len = ss-savepos;
2064                                         at->at_oid = LDAP_MALLOC(len+1);
2065                                         strncpy(at->at_oid, savepos, len);
2066                                         at->at_oid[len] = 0;
2067                                 }
2068                         }
2069                         LDAP_FREE(sval);
2070                 } else {
2071                         *errp = ss;
2072                         ldap_attributetype_free(at);
2073                         return NULL;
2074                 }
2075         }
2076         parse_whsp(&ss);
2077
2078         /*
2079          * Beyond this point we will be liberal and accept the items
2080          * in any order.
2081          */
2082         while (1) {
2083                 kind = get_token(&ss,&sval);
2084                 switch (kind) {
2085                 case TK_EOS:
2086                         *code = LDAP_SCHERR_NORIGHTPAREN;
2087                         *errp = ss;
2088                         ldap_attributetype_free(at);
2089                         return NULL;
2090                 case TK_RIGHTPAREN:
2091                         return at;
2092                 case TK_BAREWORD:
2093                         if ( !strcmp(sval,"NAME") ) {
2094                                 LDAP_FREE(sval);
2095                                 if ( seen_name ) {
2096                                         *code = LDAP_SCHERR_DUPOPT;
2097                                         *errp = ss;
2098                                         ldap_attributetype_free(at);
2099                                         return(NULL);
2100                                 }
2101                                 seen_name = 1;
2102                                 at->at_names = parse_qdescrs(&ss,code);
2103                                 if ( !at->at_names ) {
2104                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
2105                                                 *code = LDAP_SCHERR_BADNAME;
2106                                         *errp = ss;
2107                                         ldap_attributetype_free(at);
2108                                         return NULL;
2109                                 }
2110                         } else if ( !strcmp(sval,"DESC") ) {
2111                                 LDAP_FREE(sval);
2112                                 if ( seen_desc ) {
2113                                         *code = LDAP_SCHERR_DUPOPT;
2114                                         *errp = ss;
2115                                         ldap_attributetype_free(at);
2116                                         return(NULL);
2117                                 }
2118                                 seen_desc = 1;
2119                                 parse_whsp(&ss);
2120                                 kind = get_token(&ss,&sval);
2121                                 if ( kind != TK_QDSTRING ) {
2122                                         *code = LDAP_SCHERR_UNEXPTOKEN;
2123                                         *errp = ss;
2124                                         LDAP_FREE(sval);
2125                                         ldap_attributetype_free(at);
2126                                         return NULL;
2127                                 }
2128                                 at->at_desc = sval;
2129                                 parse_whsp(&ss);
2130                         } else if ( !strcmp(sval,"OBSOLETE") ) {
2131                                 LDAP_FREE(sval);
2132                                 if ( seen_obsolete ) {
2133                                         *code = LDAP_SCHERR_DUPOPT;
2134                                         *errp = ss;
2135                                         ldap_attributetype_free(at);
2136                                         return(NULL);
2137                                 }
2138                                 seen_obsolete = 1;
2139                                 at->at_obsolete = LDAP_SCHEMA_YES;
2140                                 parse_whsp(&ss);
2141                         } else if ( !strcmp(sval,"SUP") ) {
2142                                 LDAP_FREE(sval);
2143                                 if ( seen_sup ) {
2144                                         *code = LDAP_SCHERR_DUPOPT;
2145                                         *errp = ss;
2146                                         ldap_attributetype_free(at);
2147                                         return(NULL);
2148                                 }
2149                                 seen_sup = 1;
2150                                 at->at_sup_oid = parse_woid(&ss,code);
2151                                 if ( !at->at_sup_oid ) {
2152                                         *errp = ss;
2153                                         ldap_attributetype_free(at);
2154                                         return NULL;
2155                                 }
2156                         } else if ( !strcmp(sval,"EQUALITY") ) {
2157                                 LDAP_FREE(sval);
2158                                 if ( seen_equality ) {
2159                                         *code = LDAP_SCHERR_DUPOPT;
2160                                         *errp = ss;
2161                                         ldap_attributetype_free(at);
2162                                         return(NULL);
2163                                 }
2164                                 seen_equality = 1;
2165                                 at->at_equality_oid = parse_woid(&ss,code);
2166                                 if ( !at->at_equality_oid ) {
2167                                         *errp = ss;
2168                                         ldap_attributetype_free(at);
2169                                         return NULL;
2170                                 }
2171                         } else if ( !strcmp(sval,"ORDERING") ) {
2172                                 LDAP_FREE(sval);
2173                                 if ( seen_ordering ) {
2174                                         *code = LDAP_SCHERR_DUPOPT;
2175                                         *errp = ss;
2176                                         ldap_attributetype_free(at);
2177                                         return(NULL);
2178                                 }
2179                                 seen_ordering = 1;
2180                                 at->at_ordering_oid = parse_woid(&ss,code);
2181                                 if ( !at->at_ordering_oid ) {
2182                                         *errp = ss;
2183                                         ldap_attributetype_free(at);
2184                                         return NULL;
2185                                 }
2186                         } else if ( !strcmp(sval,"SUBSTR") ) {
2187                                 LDAP_FREE(sval);
2188                                 if ( seen_substr ) {
2189                                         *code = LDAP_SCHERR_DUPOPT;
2190                                         *errp = ss;
2191                                         ldap_attributetype_free(at);
2192                                         return(NULL);
2193                                 }
2194                                 seen_substr = 1;
2195                                 at->at_substr_oid = parse_woid(&ss,code);
2196                                 if ( !at->at_substr_oid ) {
2197                                         *errp = ss;
2198                                         ldap_attributetype_free(at);
2199                                         return NULL;
2200                                 }
2201                         } else if ( !strcmp(sval,"SYNTAX") ) {
2202                                 LDAP_FREE(sval);
2203                                 if ( seen_syntax ) {
2204                                         *code = LDAP_SCHERR_DUPOPT;
2205                                         *errp = ss;
2206                                         ldap_attributetype_free(at);
2207                                         return(NULL);
2208                                 }
2209                                 seen_syntax = 1;
2210                                 parse_whsp(&ss);
2211                                 savepos = ss;
2212                                 at->at_syntax_oid =
2213                                         parse_noidlen(&ss,
2214                                                       code,
2215                                                       &at->at_syntax_len,
2216                                                       flags);
2217                                 if ( !at->at_syntax_oid ) {
2218                                     if ( flags & LDAP_SCHEMA_ALLOW_OID_MACRO ) {
2219                                         kind = get_token(&ss,&sval);
2220                                         if (kind == TK_BAREWORD)
2221                                         {
2222                                             char *sp = strchr(sval, '{');
2223                                             at->at_syntax_oid = sval;
2224                                             if (sp)
2225                                             {
2226                                                 *sp++ = 0;
2227                                                 at->at_syntax_len = atoi(sp);
2228                                                 while ( LDAP_DIGIT(*sp) )
2229                                                         sp++;
2230                                                 if ( *sp != '}' ) {
2231                                                     *code = LDAP_SCHERR_UNEXPTOKEN;
2232                                                     *errp = ss;
2233                                                     ldap_attributetype_free(at);
2234                                                     return NULL;
2235                                                 }
2236                                             }
2237                                         }
2238                                     } else {
2239                                         *errp = ss;
2240                                         ldap_attributetype_free(at);
2241                                         return NULL;
2242                                     }
2243                                 }
2244                                 parse_whsp(&ss);
2245                         } else if ( !strcmp(sval,"SINGLE-VALUE") ) {
2246                                 LDAP_FREE(sval);
2247                                 if ( at->at_single_value ) {
2248                                         *code = LDAP_SCHERR_DUPOPT;
2249                                         *errp = ss;
2250                                         ldap_attributetype_free(at);
2251                                         return(NULL);
2252                                 }
2253                                 at->at_single_value = LDAP_SCHEMA_YES;
2254                                 parse_whsp(&ss);
2255                         } else if ( !strcmp(sval,"COLLECTIVE") ) {
2256                                 LDAP_FREE(sval);
2257                                 if ( at->at_collective ) {
2258                                         *code = LDAP_SCHERR_DUPOPT;
2259                                         *errp = ss;
2260                                         ldap_attributetype_free(at);
2261                                         return(NULL);
2262                                 }
2263                                 at->at_collective = LDAP_SCHEMA_YES;
2264                                 parse_whsp(&ss);
2265                         } else if ( !strcmp(sval,"NO-USER-MODIFICATION") ) {
2266                                 LDAP_FREE(sval);
2267                                 if ( at->at_no_user_mod ) {
2268                                         *code = LDAP_SCHERR_DUPOPT;
2269                                         *errp = ss;
2270                                         ldap_attributetype_free(at);
2271                                         return(NULL);
2272                                 }
2273                                 at->at_no_user_mod = LDAP_SCHEMA_YES;
2274                                 parse_whsp(&ss);
2275                         } else if ( !strcmp(sval,"USAGE") ) {
2276                                 LDAP_FREE(sval);
2277                                 if ( seen_usage ) {
2278                                         *code = LDAP_SCHERR_DUPOPT;
2279                                         *errp = ss;
2280                                         ldap_attributetype_free(at);
2281                                         return(NULL);
2282                                 }
2283                                 seen_usage = 1;
2284                                 parse_whsp(&ss);
2285                                 kind = get_token(&ss,&sval);
2286                                 if ( kind != TK_BAREWORD ) {
2287                                         *code = LDAP_SCHERR_UNEXPTOKEN;
2288                                         *errp = ss;
2289                                         LDAP_FREE(sval);
2290                                         ldap_attributetype_free(at);
2291                                         return NULL;
2292                                 }
2293                                 if ( !strcasecmp(sval,"userApplications") )
2294                                         at->at_usage =
2295                                             LDAP_SCHEMA_USER_APPLICATIONS;
2296                                 else if ( !strcasecmp(sval,"directoryOperation") )
2297                                         at->at_usage =
2298                                             LDAP_SCHEMA_DIRECTORY_OPERATION;
2299                                 else if ( !strcasecmp(sval,"distributedOperation") )
2300                                         at->at_usage =
2301                                             LDAP_SCHEMA_DISTRIBUTED_OPERATION;
2302                                 else if ( !strcasecmp(sval,"dSAOperation") )
2303                                         at->at_usage =
2304                                             LDAP_SCHEMA_DSA_OPERATION;
2305                                 else {
2306                                         *code = LDAP_SCHERR_UNEXPTOKEN;
2307                                         *errp = ss;
2308                                         LDAP_FREE(sval);
2309                                         ldap_attributetype_free(at);
2310                                         return NULL;
2311                                 }
2312                                 LDAP_FREE(sval);
2313                                 parse_whsp(&ss);
2314                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
2315                                 /* Should be parse_qdstrings */
2316                                 ext_vals = parse_qdescrs(&ss, code);
2317                                 if ( !ext_vals ) {
2318                                         *errp = ss;
2319                                         ldap_attributetype_free(at);
2320                                         return NULL;
2321                                 }
2322                                 if ( add_extension(&at->at_extensions,
2323                                                     sval, ext_vals) ) {
2324                                         *code = LDAP_SCHERR_OUTOFMEM;
2325                                         *errp = ss;
2326                                         LDAP_FREE(sval);
2327                                         ldap_attributetype_free(at);
2328                                         return NULL;
2329                                 }
2330                         } else {
2331                                 *code = LDAP_SCHERR_UNEXPTOKEN;
2332                                 *errp = ss;
2333                                 LDAP_FREE(sval);
2334                                 ldap_attributetype_free(at);
2335                                 return NULL;
2336                         }
2337                         break;
2338                 default:
2339                         *code = LDAP_SCHERR_UNEXPTOKEN;
2340                         *errp = ss;
2341                         LDAP_FREE(sval);
2342                         ldap_attributetype_free(at);
2343                         return NULL;
2344                 }
2345         }
2346 }
2347
2348 void
2349 ldap_objectclass_free(LDAPObjectClass * oc)
2350 {
2351         LDAP_FREE(oc->oc_oid);
2352         if (oc->oc_names) LDAP_VFREE(oc->oc_names);
2353         if (oc->oc_desc) LDAP_FREE(oc->oc_desc);
2354         if (oc->oc_sup_oids) LDAP_VFREE(oc->oc_sup_oids);
2355         if (oc->oc_at_oids_must) LDAP_VFREE(oc->oc_at_oids_must);
2356         if (oc->oc_at_oids_may) LDAP_VFREE(oc->oc_at_oids_may);
2357         free_extensions(oc->oc_extensions);
2358         LDAP_FREE(oc);
2359 }
2360
2361 LDAPObjectClass *
2362 ldap_str2objectclass( LDAP_CONST char * s,
2363         int * code,
2364         LDAP_CONST char ** errp,
2365         LDAP_CONST unsigned flags )
2366 {
2367         int kind;
2368         const char * ss = s;
2369         char * sval;
2370         int seen_name = 0;
2371         int seen_desc = 0;
2372         int seen_obsolete = 0;
2373         int seen_sup = 0;
2374         int seen_kind = 0;
2375         int seen_must = 0;
2376         int seen_may = 0;
2377         LDAPObjectClass * oc;
2378         char ** ext_vals;
2379         const char * savepos;
2380
2381         if ( !s ) {
2382                 *code = LDAP_SCHERR_EMPTY;
2383                 *errp = "";
2384                 return NULL;
2385         }
2386
2387         *errp = s;
2388         oc = LDAP_CALLOC(1,sizeof(LDAPObjectClass));
2389
2390         if ( !oc ) {
2391                 *code = LDAP_SCHERR_OUTOFMEM;
2392                 return NULL;
2393         }
2394         oc->oc_kind = LDAP_SCHEMA_STRUCTURAL;
2395
2396         kind = get_token(&ss,&sval);
2397         if ( kind != TK_LEFTPAREN ) {
2398                 *code = LDAP_SCHERR_NOLEFTPAREN;
2399                 LDAP_FREE(sval);
2400                 ldap_objectclass_free(oc);
2401                 return NULL;
2402         }
2403
2404         /*
2405          * Definitions MUST begin with an OID in the numericoid format.
2406          * However, this routine is used by clients to parse the response
2407          * from servers and very well known servers will provide an OID
2408          * in the wrong format or even no OID at all.  We do our best to
2409          * extract info from those servers.
2410          */
2411         parse_whsp(&ss);
2412         savepos = ss;
2413         oc->oc_oid = ldap_int_parse_numericoid(&ss,code,0);
2414         if ( !oc->oc_oid ) {
2415                 if ( (flags & LDAP_SCHEMA_ALLOW_ALL) && (ss == savepos) ) {
2416                         /* Backtracking */
2417                         ss = savepos;
2418                         kind = get_token(&ss,&sval);
2419                         if ( kind == TK_BAREWORD ) {
2420                                 if ( !strcmp(sval, "NAME") ||
2421                                      !strcmp(sval, "DESC") ||
2422                                      !strcmp(sval, "OBSOLETE") ||
2423                                      !strcmp(sval, "SUP") ||
2424                                      !strcmp(sval, "ABSTRACT") ||
2425                                      !strcmp(sval, "STRUCTURAL") ||
2426                                      !strcmp(sval, "AUXILIARY") ||
2427                                      !strcmp(sval, "MUST") ||
2428                                      !strcmp(sval, "MAY") ||
2429                                      !strncmp(sval, "X-", 2) ) {
2430                                         /* Missing OID, backtrack */
2431                                         ss = savepos;
2432                                 } else if ( flags &
2433                                         LDAP_SCHEMA_ALLOW_OID_MACRO ) {
2434                                         /* Non-numerical OID, ignore */
2435                                         int len = ss-savepos;
2436                                         oc->oc_oid = LDAP_MALLOC(len+1);
2437                                         strncpy(oc->oc_oid, savepos, len);
2438                                         oc->oc_oid[len] = 0;
2439                                 }
2440                         }
2441                         LDAP_FREE(sval);
2442                 } else {
2443                         *errp = ss;
2444                         ldap_objectclass_free(oc);
2445                         return NULL;
2446                 }
2447         }
2448         parse_whsp(&ss);
2449
2450         /*
2451          * Beyond this point we will be liberal an accept the items
2452          * in any order.
2453          */
2454         while (1) {
2455                 kind = get_token(&ss,&sval);
2456                 switch (kind) {
2457                 case TK_EOS:
2458                         *code = LDAP_SCHERR_NORIGHTPAREN;
2459                         *errp = ss;
2460                         ldap_objectclass_free(oc);
2461                         return NULL;
2462                 case TK_RIGHTPAREN:
2463                         return oc;
2464                 case TK_BAREWORD:
2465                         if ( !strcmp(sval,"NAME") ) {
2466                                 LDAP_FREE(sval);
2467                                 if ( seen_name ) {
2468                                         *code = LDAP_SCHERR_DUPOPT;
2469                                         *errp = ss;
2470                                         ldap_objectclass_free(oc);
2471                                         return(NULL);
2472                                 }
2473                                 seen_name = 1;
2474                                 oc->oc_names = parse_qdescrs(&ss,code);
2475                                 if ( !oc->oc_names ) {
2476                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
2477                                                 *code = LDAP_SCHERR_BADNAME;
2478                                         *errp = ss;
2479                                         ldap_objectclass_free(oc);
2480                                         return NULL;
2481                                 }
2482                         } else if ( !strcmp(sval,"DESC") ) {
2483                                 LDAP_FREE(sval);
2484                                 if ( seen_desc ) {
2485                                         *code = LDAP_SCHERR_DUPOPT;
2486                                         *errp = ss;
2487                                         ldap_objectclass_free(oc);
2488                                         return(NULL);
2489                                 }
2490                                 seen_desc = 1;
2491                                 parse_whsp(&ss);
2492                                 kind = get_token(&ss,&sval);
2493                                 if ( kind != TK_QDSTRING ) {
2494                                         *code = LDAP_SCHERR_UNEXPTOKEN;
2495                                         *errp = ss;
2496                                         LDAP_FREE(sval);
2497                                         ldap_objectclass_free(oc);
2498                                         return NULL;
2499                                 }
2500                                 oc->oc_desc = sval;
2501                                 parse_whsp(&ss);
2502                         } else if ( !strcmp(sval,"OBSOLETE") ) {
2503                                 LDAP_FREE(sval);
2504                                 if ( seen_obsolete ) {
2505                                         *code = LDAP_SCHERR_DUPOPT;
2506                                         *errp = ss;
2507                                         ldap_objectclass_free(oc);
2508                                         return(NULL);
2509                                 }
2510                                 seen_obsolete = 1;
2511                                 oc->oc_obsolete = LDAP_SCHEMA_YES;
2512                                 parse_whsp(&ss);
2513                         } else if ( !strcmp(sval,"SUP") ) {
2514                                 LDAP_FREE(sval);
2515                                 if ( seen_sup ) {
2516                                         *code = LDAP_SCHERR_DUPOPT;
2517                                         *errp = ss;
2518                                         ldap_objectclass_free(oc);
2519                                         return(NULL);
2520                                 }
2521                                 seen_sup = 1;
2522                                 oc->oc_sup_oids = parse_oids(&ss,
2523                                                              code,
2524                                                              flags);
2525                                 if ( !oc->oc_sup_oids ) {
2526                                         *errp = ss;
2527                                         ldap_objectclass_free(oc);
2528                                         return NULL;
2529                                 }
2530                         } else if ( !strcmp(sval,"ABSTRACT") ) {
2531                                 LDAP_FREE(sval);
2532                                 if ( seen_kind ) {
2533                                         *code = LDAP_SCHERR_DUPOPT;
2534                                         *errp = ss;
2535                                         ldap_objectclass_free(oc);
2536                                         return(NULL);
2537                                 }
2538                                 seen_kind = 1;
2539                                 oc->oc_kind = LDAP_SCHEMA_ABSTRACT;
2540                                 parse_whsp(&ss);
2541                         } else if ( !strcmp(sval,"STRUCTURAL") ) {
2542                                 LDAP_FREE(sval);
2543                                 if ( seen_kind ) {
2544                                         *code = LDAP_SCHERR_DUPOPT;
2545                                         *errp = ss;
2546                                         ldap_objectclass_free(oc);
2547                                         return(NULL);
2548                                 }
2549                                 seen_kind = 1;
2550                                 oc->oc_kind = LDAP_SCHEMA_STRUCTURAL;
2551                                 parse_whsp(&ss);
2552                         } else if ( !strcmp(sval,"AUXILIARY") ) {
2553                                 LDAP_FREE(sval);
2554                                 if ( seen_kind ) {
2555                                         *code = LDAP_SCHERR_DUPOPT;
2556                                         *errp = ss;
2557                                         ldap_objectclass_free(oc);
2558                                         return(NULL);
2559                                 }
2560                                 seen_kind = 1;
2561                                 oc->oc_kind = LDAP_SCHEMA_AUXILIARY;
2562                                 parse_whsp(&ss);
2563                         } else if ( !strcmp(sval,"MUST") ) {
2564                                 LDAP_FREE(sval);
2565                                 if ( seen_must ) {
2566                                         *code = LDAP_SCHERR_DUPOPT;
2567                                         *errp = ss;
2568                                         ldap_objectclass_free(oc);
2569                                         return(NULL);
2570                                 }
2571                                 seen_must = 1;
2572                                 oc->oc_at_oids_must = parse_oids(&ss,code,0);
2573                                 if ( !oc->oc_at_oids_must ) {
2574                                         *errp = ss;
2575                                         ldap_objectclass_free(oc);
2576                                         return NULL;
2577                                 }
2578                                 parse_whsp(&ss);
2579                         } else if ( !strcmp(sval,"MAY") ) {
2580                                 LDAP_FREE(sval);
2581                                 if ( seen_may ) {
2582                                         *code = LDAP_SCHERR_DUPOPT;
2583                                         *errp = ss;
2584                                         ldap_objectclass_free(oc);
2585                                         return(NULL);
2586                                 }
2587                                 seen_may = 1;
2588                                 oc->oc_at_oids_may = parse_oids(&ss,code,0);
2589                                 if ( !oc->oc_at_oids_may ) {
2590                                         *errp = ss;
2591                                         ldap_objectclass_free(oc);
2592                                         return NULL;
2593                                 }
2594                                 parse_whsp(&ss);
2595                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
2596                                 /* Should be parse_qdstrings */
2597                                 ext_vals = parse_qdescrs(&ss, code);
2598                                 if ( !ext_vals ) {
2599                                         *errp = ss;
2600                                         ldap_objectclass_free(oc);
2601                                         return NULL;
2602                                 }
2603                                 if ( add_extension(&oc->oc_extensions,
2604                                                     sval, ext_vals) ) {
2605                                         *code = LDAP_SCHERR_OUTOFMEM;
2606                                         *errp = ss;
2607                                         LDAP_FREE(sval);
2608                                         ldap_objectclass_free(oc);
2609                                         return NULL;
2610                                 }
2611                         } else {
2612                                 *code = LDAP_SCHERR_UNEXPTOKEN;
2613                                 *errp = ss;
2614                                 LDAP_FREE(sval);
2615                                 ldap_objectclass_free(oc);
2616                                 return NULL;
2617                         }
2618                         break;
2619                 default:
2620                         *code = LDAP_SCHERR_UNEXPTOKEN;
2621                         *errp = ss;
2622                         LDAP_FREE(sval);
2623                         ldap_objectclass_free(oc);
2624                         return NULL;
2625                 }
2626         }
2627 }
2628
2629 void
2630 ldap_contentrule_free(LDAPContentRule * cr)
2631 {
2632         LDAP_FREE(cr->cr_oid);
2633         if (cr->cr_names) LDAP_VFREE(cr->cr_names);
2634         if (cr->cr_desc) LDAP_FREE(cr->cr_desc);
2635         if (cr->cr_oc_oids_aux) LDAP_VFREE(cr->cr_oc_oids_aux);
2636         if (cr->cr_at_oids_must) LDAP_VFREE(cr->cr_at_oids_must);
2637         if (cr->cr_at_oids_may) LDAP_VFREE(cr->cr_at_oids_may);
2638         if (cr->cr_at_oids_not) LDAP_VFREE(cr->cr_at_oids_not);
2639         free_extensions(cr->cr_extensions);
2640         LDAP_FREE(cr);
2641 }
2642
2643 LDAPContentRule *
2644 ldap_str2contentrule( LDAP_CONST char * s,
2645         int * code,
2646         LDAP_CONST char ** errp,
2647         LDAP_CONST unsigned flags )
2648 {
2649         int kind;
2650         const char * ss = s;
2651         char * sval;
2652         int seen_name = 0;
2653         int seen_desc = 0;
2654         int seen_obsolete = 0;
2655         int seen_aux = 0;
2656         int seen_must = 0;
2657         int seen_may = 0;
2658         int seen_not = 0;
2659         LDAPContentRule * cr;
2660         char ** ext_vals;
2661         const char * savepos;
2662
2663         if ( !s ) {
2664                 *code = LDAP_SCHERR_EMPTY;
2665                 *errp = "";
2666                 return NULL;
2667         }
2668
2669         *errp = s;
2670         cr = LDAP_CALLOC(1,sizeof(LDAPContentRule));
2671
2672         if ( !cr ) {
2673                 *code = LDAP_SCHERR_OUTOFMEM;
2674                 return NULL;
2675         }
2676
2677         kind = get_token(&ss,&sval);
2678         if ( kind != TK_LEFTPAREN ) {
2679                 *code = LDAP_SCHERR_NOLEFTPAREN;
2680                 LDAP_FREE(sval);
2681                 ldap_contentrule_free(cr);
2682                 return NULL;
2683         }
2684
2685         /*
2686          * Definitions MUST begin with an OID in the numericoid format.
2687          */
2688         parse_whsp(&ss);
2689         savepos = ss;
2690         cr->cr_oid = ldap_int_parse_numericoid(&ss,code,0);
2691         if ( !cr->cr_oid ) {
2692                 *errp = ss;
2693                 ldap_contentrule_free(cr);
2694                 return NULL;
2695         }
2696         parse_whsp(&ss);
2697
2698         /*
2699          * Beyond this point we will be liberal an accept the items
2700          * in any order.
2701          */
2702         while (1) {
2703                 kind = get_token(&ss,&sval);
2704                 switch (kind) {
2705                 case TK_EOS:
2706                         *code = LDAP_SCHERR_NORIGHTPAREN;
2707                         *errp = ss;
2708                         ldap_contentrule_free(cr);
2709                         return NULL;
2710                 case TK_RIGHTPAREN:
2711                         return cr;
2712                 case TK_BAREWORD:
2713                         if ( !strcmp(sval,"NAME") ) {
2714                                 LDAP_FREE(sval);
2715                                 if ( seen_name ) {
2716                                         *code = LDAP_SCHERR_DUPOPT;
2717                                         *errp = ss;
2718                                         ldap_contentrule_free(cr);
2719                                         return(NULL);
2720                                 }
2721                                 seen_name = 1;
2722                                 cr->cr_names = parse_qdescrs(&ss,code);
2723                                 if ( !cr->cr_names ) {
2724                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
2725                                                 *code = LDAP_SCHERR_BADNAME;
2726                                         *errp = ss;
2727                                         ldap_contentrule_free(cr);
2728                                         return NULL;
2729                                 }
2730                         } else if ( !strcmp(sval,"DESC") ) {
2731                                 LDAP_FREE(sval);
2732                                 if ( seen_desc ) {
2733                                         *code = LDAP_SCHERR_DUPOPT;
2734                                         *errp = ss;
2735                                         ldap_contentrule_free(cr);
2736                                         return(NULL);
2737                                 }
2738                                 seen_desc = 1;
2739                                 parse_whsp(&ss);
2740                                 kind = get_token(&ss,&sval);
2741                                 if ( kind != TK_QDSTRING ) {
2742                                         *code = LDAP_SCHERR_UNEXPTOKEN;
2743                                         *errp = ss;
2744                                         LDAP_FREE(sval);
2745                                         ldap_contentrule_free(cr);
2746                                         return NULL;
2747                                 }
2748                                 cr->cr_desc = sval;
2749                                 parse_whsp(&ss);
2750                         } else if ( !strcmp(sval,"OBSOLETE") ) {
2751                                 LDAP_FREE(sval);
2752                                 if ( seen_obsolete ) {
2753                                         *code = LDAP_SCHERR_DUPOPT;
2754                                         *errp = ss;
2755                                         ldap_contentrule_free(cr);
2756                                         return(NULL);
2757                                 }
2758                                 seen_obsolete = 1;
2759                                 cr->cr_obsolete = LDAP_SCHEMA_YES;
2760                                 parse_whsp(&ss);
2761                         } else if ( !strcmp(sval,"AUX") ) {
2762                                 LDAP_FREE(sval);
2763                                 if ( seen_aux ) {
2764                                         *code = LDAP_SCHERR_DUPOPT;
2765                                         *errp = ss;
2766                                         ldap_contentrule_free(cr);
2767                                         return(NULL);
2768                                 }
2769                                 seen_aux = 1;
2770                                 cr->cr_oc_oids_aux = parse_oids(&ss,code,0);
2771                                 if ( !cr->cr_oc_oids_aux ) {
2772                                         *errp = ss;
2773                                         ldap_contentrule_free(cr);
2774                                         return NULL;
2775                                 }
2776                                 parse_whsp(&ss);
2777                         } else if ( !strcmp(sval,"MUST") ) {
2778                                 LDAP_FREE(sval);
2779                                 if ( seen_must ) {
2780                                         *code = LDAP_SCHERR_DUPOPT;
2781                                         *errp = ss;
2782                                         ldap_contentrule_free(cr);
2783                                         return(NULL);
2784                                 }
2785                                 seen_must = 1;
2786                                 cr->cr_at_oids_must = parse_oids(&ss,code,0);
2787                                 if ( !cr->cr_at_oids_must ) {
2788                                         *errp = ss;
2789                                         ldap_contentrule_free(cr);
2790                                         return NULL;
2791                                 }
2792                                 parse_whsp(&ss);
2793                         } else if ( !strcmp(sval,"MAY") ) {
2794                                 LDAP_FREE(sval);
2795                                 if ( seen_may ) {
2796                                         *code = LDAP_SCHERR_DUPOPT;
2797                                         *errp = ss;
2798                                         ldap_contentrule_free(cr);
2799                                         return(NULL);
2800                                 }
2801                                 seen_may = 1;
2802                                 cr->cr_at_oids_may = parse_oids(&ss,code,0);
2803                                 if ( !cr->cr_at_oids_may ) {
2804                                         *errp = ss;
2805                                         ldap_contentrule_free(cr);
2806                                         return NULL;
2807                                 }
2808                                 parse_whsp(&ss);
2809                         } else if ( !strcmp(sval,"NOT") ) {
2810                                 LDAP_FREE(sval);
2811                                 if ( seen_not ) {
2812                                         *code = LDAP_SCHERR_DUPOPT;
2813                                         *errp = ss;
2814                                         ldap_contentrule_free(cr);
2815                                         return(NULL);
2816                                 }
2817                                 seen_not = 1;
2818                                 cr->cr_at_oids_not = parse_oids(&ss,code,0);
2819                                 if ( !cr->cr_at_oids_not ) {
2820                                         *errp = ss;
2821                                         ldap_contentrule_free(cr);
2822                                         return NULL;
2823                                 }
2824                                 parse_whsp(&ss);
2825                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
2826                                 /* Should be parse_qdstrings */
2827                                 ext_vals = parse_qdescrs(&ss, code);
2828                                 if ( !ext_vals ) {
2829                                         *errp = ss;
2830                                         ldap_contentrule_free(cr);
2831                                         return NULL;
2832                                 }
2833                                 if ( add_extension(&cr->cr_extensions,
2834                                                     sval, ext_vals) ) {
2835                                         *code = LDAP_SCHERR_OUTOFMEM;
2836                                         *errp = ss;
2837                                         LDAP_FREE(sval);
2838                                         ldap_contentrule_free(cr);
2839                                         return NULL;
2840                                 }
2841                         } else {
2842                                 *code = LDAP_SCHERR_UNEXPTOKEN;
2843                                 *errp = ss;
2844                                 LDAP_FREE(sval);
2845                                 ldap_contentrule_free(cr);
2846                                 return NULL;
2847                         }
2848                         break;
2849                 default:
2850                         *code = LDAP_SCHERR_UNEXPTOKEN;
2851                         *errp = ss;
2852                         LDAP_FREE(sval);
2853                         ldap_contentrule_free(cr);
2854                         return NULL;
2855                 }
2856         }
2857 }
2858
2859 void
2860 ldap_structurerule_free(LDAPStructureRule * sr)
2861 {
2862         if (sr->sr_names) LDAP_VFREE(sr->sr_names);
2863         if (sr->sr_desc) LDAP_FREE(sr->sr_desc);
2864         if (sr->sr_nameform) LDAP_FREE(sr->sr_nameform);
2865         if (sr->sr_sup_ruleids) LDAP_FREE(sr->sr_sup_ruleids);
2866         free_extensions(sr->sr_extensions);
2867         LDAP_FREE(sr);
2868 }
2869
2870 LDAPStructureRule *
2871 ldap_str2structurerule( LDAP_CONST char * s,
2872         int * code,
2873         LDAP_CONST char ** errp,
2874         LDAP_CONST unsigned flags )
2875 {
2876         int kind, ret;
2877         const char * ss = s;
2878         char * sval;
2879         int seen_name = 0;
2880         int seen_desc = 0;
2881         int seen_obsolete = 0;
2882         int seen_nameform = 0;
2883         LDAPStructureRule * sr;
2884         char ** ext_vals;
2885         const char * savepos;
2886
2887         if ( !s ) {
2888                 *code = LDAP_SCHERR_EMPTY;
2889                 *errp = "";
2890                 return NULL;
2891         }
2892
2893         *errp = s;
2894         sr = LDAP_CALLOC(1,sizeof(LDAPStructureRule));
2895
2896         if ( !sr ) {
2897                 *code = LDAP_SCHERR_OUTOFMEM;
2898                 return NULL;
2899         }
2900
2901         kind = get_token(&ss,&sval);
2902         if ( kind != TK_LEFTPAREN ) {
2903                 *code = LDAP_SCHERR_NOLEFTPAREN;
2904                 LDAP_FREE(sval);
2905                 ldap_structurerule_free(sr);
2906                 return NULL;
2907         }
2908
2909         /*
2910          * Definitions MUST begin with a ruleid.
2911          */
2912         parse_whsp(&ss);
2913         savepos = ss;
2914         ret = ldap_int_parse_ruleid(&ss,code,0,&sr->sr_ruleid);
2915         if ( ret ) {
2916                 *errp = ss;
2917                 ldap_structurerule_free(sr);
2918                 return NULL;
2919         }
2920         parse_whsp(&ss);
2921
2922         /*
2923          * Beyond this point we will be liberal an accept the items
2924          * in any order.
2925          */
2926         while (1) {
2927                 kind = get_token(&ss,&sval);
2928                 switch (kind) {
2929                 case TK_EOS:
2930                         *code = LDAP_SCHERR_NORIGHTPAREN;
2931                         *errp = ss;
2932                         ldap_structurerule_free(sr);
2933                         return NULL;
2934                 case TK_RIGHTPAREN:
2935                         if( !seen_nameform ) {
2936                                 *code = LDAP_SCHERR_MISSING;
2937                                 ldap_structurerule_free(sr);
2938                                 return NULL;
2939                         }
2940                         return sr;
2941                 case TK_BAREWORD:
2942                         if ( !strcmp(sval,"NAME") ) {
2943                                 LDAP_FREE(sval);
2944                                 if ( seen_name ) {
2945                                         *code = LDAP_SCHERR_DUPOPT;
2946                                         *errp = ss;
2947                                         ldap_structurerule_free(sr);
2948                                         return(NULL);
2949                                 }
2950                                 seen_name = 1;
2951                                 sr->sr_names = parse_qdescrs(&ss,code);
2952                                 if ( !sr->sr_names ) {
2953                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
2954                                                 *code = LDAP_SCHERR_BADNAME;
2955                                         *errp = ss;
2956                                         ldap_structurerule_free(sr);
2957                                         return NULL;
2958                                 }
2959                         } else if ( !strcmp(sval,"DESC") ) {
2960                                 LDAP_FREE(sval);
2961                                 if ( seen_desc ) {
2962                                         *code = LDAP_SCHERR_DUPOPT;
2963                                         *errp = ss;
2964                                         ldap_structurerule_free(sr);
2965                                         return(NULL);
2966                                 }
2967                                 seen_desc = 1;
2968                                 parse_whsp(&ss);
2969                                 kind = get_token(&ss,&sval);
2970                                 if ( kind != TK_QDSTRING ) {
2971                                         *code = LDAP_SCHERR_UNEXPTOKEN;
2972                                         *errp = ss;
2973                                         LDAP_FREE(sval);
2974                                         ldap_structurerule_free(sr);
2975                                         return NULL;
2976                                 }
2977                                 sr->sr_desc = sval;
2978                                 parse_whsp(&ss);
2979                         } else if ( !strcmp(sval,"OBSOLETE") ) {
2980                                 LDAP_FREE(sval);
2981                                 if ( seen_obsolete ) {
2982                                         *code = LDAP_SCHERR_DUPOPT;
2983                                         *errp = ss;
2984                                         ldap_structurerule_free(sr);
2985                                         return(NULL);
2986                                 }
2987                                 seen_obsolete = 1;
2988                                 sr->sr_obsolete = LDAP_SCHEMA_YES;
2989                                 parse_whsp(&ss);
2990                         } else if ( !strcmp(sval,"FORM") ) {
2991                                 LDAP_FREE(sval);
2992                                 if ( seen_nameform ) {
2993                                         *code = LDAP_SCHERR_DUPOPT;
2994                                         *errp = ss;
2995                                         ldap_structurerule_free(sr);
2996                                         return(NULL);
2997                                 }
2998                                 seen_nameform = 1;
2999                                 sr->sr_nameform = parse_woid(&ss,code);
3000                                 if ( !sr->sr_nameform ) {
3001                                         *errp = ss;
3002                                         ldap_structurerule_free(sr);
3003                                         return NULL;
3004                                 }
3005                                 parse_whsp(&ss);
3006                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
3007                                 /* Should be parse_qdstrings */
3008                                 ext_vals = parse_qdescrs(&ss, code);
3009                                 if ( !ext_vals ) {
3010                                         *errp = ss;
3011                                         ldap_structurerule_free(sr);
3012                                         return NULL;
3013                                 }
3014                                 if ( add_extension(&sr->sr_extensions,
3015                                                     sval, ext_vals) ) {
3016                                         *code = LDAP_SCHERR_OUTOFMEM;
3017                                         *errp = ss;
3018                                         LDAP_FREE(sval);
3019                                         ldap_structurerule_free(sr);
3020                                         return NULL;
3021                                 }
3022                         } else {
3023                                 *code = LDAP_SCHERR_UNEXPTOKEN;
3024                                 *errp = ss;
3025                                 LDAP_FREE(sval);
3026                                 ldap_structurerule_free(sr);
3027                                 return NULL;
3028                         }
3029                         break;
3030                 default:
3031                         *code = LDAP_SCHERR_UNEXPTOKEN;
3032                         *errp = ss;
3033                         LDAP_FREE(sval);
3034                         ldap_structurerule_free(sr);
3035                         return NULL;
3036                 }
3037         }
3038 }
3039
3040 void
3041 ldap_nameform_free(LDAPNameForm * nf)
3042 {
3043         LDAP_FREE(nf->nf_oid);
3044         if (nf->nf_names) LDAP_VFREE(nf->nf_names);
3045         if (nf->nf_desc) LDAP_FREE(nf->nf_desc);
3046         if (nf->nf_objectclass) LDAP_FREE(nf->nf_objectclass);
3047         if (nf->nf_at_oids_must) LDAP_VFREE(nf->nf_at_oids_must);
3048         if (nf->nf_at_oids_may) LDAP_VFREE(nf->nf_at_oids_may);
3049         free_extensions(nf->nf_extensions);
3050         LDAP_FREE(nf);
3051 }
3052
3053 LDAPNameForm *
3054 ldap_str2nameform( LDAP_CONST char * s,
3055         int * code,
3056         LDAP_CONST char ** errp,
3057         LDAP_CONST unsigned flags )
3058 {
3059         int kind;
3060         const char * ss = s;
3061         char * sval;
3062         int seen_name = 0;
3063         int seen_desc = 0;
3064         int seen_obsolete = 0;
3065         int seen_class = 0;
3066         int seen_must = 0;
3067         int seen_may = 0;
3068         LDAPNameForm * nf;
3069         char ** ext_vals;
3070         const char * savepos;
3071
3072         if ( !s ) {
3073                 *code = LDAP_SCHERR_EMPTY;
3074                 *errp = "";
3075                 return NULL;
3076         }
3077
3078         *errp = s;
3079         nf = LDAP_CALLOC(1,sizeof(LDAPNameForm));
3080
3081         if ( !nf ) {
3082                 *code = LDAP_SCHERR_OUTOFMEM;
3083                 return NULL;
3084         }
3085
3086         kind = get_token(&ss,&sval);
3087         if ( kind != TK_LEFTPAREN ) {
3088                 *code = LDAP_SCHERR_NOLEFTPAREN;
3089                 LDAP_FREE(sval);
3090                 ldap_nameform_free(nf);
3091                 return NULL;
3092         }
3093
3094         /*
3095          * Definitions MUST begin with an OID in the numericoid format.
3096          * However, this routine is used by clients to parse the response
3097          * from servers and very well known servers will provide an OID
3098          * in the wrong format or even no OID at all.  We do our best to
3099          * extract info from those servers.
3100          */
3101         parse_whsp(&ss);
3102         savepos = ss;
3103         nf->nf_oid = ldap_int_parse_numericoid(&ss,code,0);
3104         if ( !nf->nf_oid ) {
3105                 *errp = ss;
3106                 ldap_nameform_free(nf);
3107                 return NULL;
3108         }
3109         parse_whsp(&ss);
3110
3111         /*
3112          * Beyond this point we will be liberal an accept the items
3113          * in any order.
3114          */
3115         while (1) {
3116                 kind = get_token(&ss,&sval);
3117                 switch (kind) {
3118                 case TK_EOS:
3119                         *code = LDAP_SCHERR_NORIGHTPAREN;
3120                         *errp = ss;
3121                         ldap_nameform_free(nf);
3122                         return NULL;
3123                 case TK_RIGHTPAREN:
3124                         if( !seen_class || !seen_must ) {
3125                                 *code = LDAP_SCHERR_MISSING;
3126                                 ldap_nameform_free(nf);
3127                                 return NULL;
3128                         }
3129                         return nf;
3130                 case TK_BAREWORD:
3131                         if ( !strcmp(sval,"NAME") ) {
3132                                 LDAP_FREE(sval);
3133                                 if ( seen_name ) {
3134                                         *code = LDAP_SCHERR_DUPOPT;
3135                                         *errp = ss;
3136                                         ldap_nameform_free(nf);
3137                                         return(NULL);
3138                                 }
3139                                 seen_name = 1;
3140                                 nf->nf_names = parse_qdescrs(&ss,code);
3141                                 if ( !nf->nf_names ) {
3142                                         if ( *code != LDAP_SCHERR_OUTOFMEM )
3143                                                 *code = LDAP_SCHERR_BADNAME;
3144                                         *errp = ss;
3145                                         ldap_nameform_free(nf);
3146                                         return NULL;
3147                                 }
3148                         } else if ( !strcmp(sval,"DESC") ) {
3149                                 LDAP_FREE(sval);
3150                                 if ( seen_desc ) {
3151                                         *code = LDAP_SCHERR_DUPOPT;
3152                                         *errp = ss;
3153                                         ldap_nameform_free(nf);
3154                                         return(NULL);
3155                                 }
3156                                 seen_desc = 1;
3157                                 parse_whsp(&ss);
3158                                 kind = get_token(&ss,&sval);
3159                                 if ( kind != TK_QDSTRING ) {
3160                                         *code = LDAP_SCHERR_UNEXPTOKEN;
3161                                         *errp = ss;
3162                                         LDAP_FREE(sval);
3163                                         ldap_nameform_free(nf);
3164                                         return NULL;
3165                                 }
3166                                 nf->nf_desc = sval;
3167                                 parse_whsp(&ss);
3168                         } else if ( !strcmp(sval,"OBSOLETE") ) {
3169                                 LDAP_FREE(sval);
3170                                 if ( seen_obsolete ) {
3171                                         *code = LDAP_SCHERR_DUPOPT;
3172                                         *errp = ss;
3173                                         ldap_nameform_free(nf);
3174                                         return(NULL);
3175                                 }
3176                                 seen_obsolete = 1;
3177                                 nf->nf_obsolete = LDAP_SCHEMA_YES;
3178                                 parse_whsp(&ss);
3179                         } else if ( !strcmp(sval,"MUST") ) {
3180                                 LDAP_FREE(sval);
3181                                 if ( seen_must ) {
3182                                         *code = LDAP_SCHERR_DUPOPT;
3183                                         *errp = ss;
3184                                         ldap_nameform_free(nf);
3185                                         return(NULL);
3186                                 }
3187                                 seen_must = 1;
3188                                 nf->nf_at_oids_must = parse_oids(&ss,code,0);
3189                                 if ( !nf->nf_at_oids_must ) {
3190                                         *errp = ss;
3191                                         ldap_nameform_free(nf);
3192                                         return NULL;
3193                                 }
3194                                 parse_whsp(&ss);
3195                         } else if ( !strcmp(sval,"MAY") ) {
3196                                 LDAP_FREE(sval);
3197                                 if ( seen_may ) {
3198                                         *code = LDAP_SCHERR_DUPOPT;
3199                                         *errp = ss;
3200                                         ldap_nameform_free(nf);
3201                                         return(NULL);
3202                                 }
3203                                 seen_may = 1;
3204                                 nf->nf_at_oids_may = parse_oids(&ss,code,0);
3205                                 if ( !nf->nf_at_oids_may ) {
3206                                         *errp = ss;
3207                                         ldap_nameform_free(nf);
3208                                         return NULL;
3209                                 }
3210                                 parse_whsp(&ss);
3211                         } else if ( sval[0] == 'X' && sval[1] == '-' ) {
3212                                 /* Should be parse_qdstrings */
3213                                 ext_vals = parse_qdescrs(&ss, code);
3214                                 if ( !ext_vals ) {
3215                                         *errp = ss;
3216                                         ldap_nameform_free(nf);
3217                                         return NULL;
3218                                 }
3219                                 if ( add_extension(&nf->nf_extensions,
3220                                                     sval, ext_vals) ) {
3221                                         *code = LDAP_SCHERR_OUTOFMEM;
3222                                         *errp = ss;
3223                                         LDAP_FREE(sval);
3224                                         ldap_nameform_free(nf);
3225                                         return NULL;
3226                                 }
3227                         } else {
3228                                 *code = LDAP_SCHERR_UNEXPTOKEN;
3229                                 *errp = ss;
3230                                 LDAP_FREE(sval);
3231                                 ldap_nameform_free(nf);
3232                                 return NULL;
3233                         }
3234                         break;
3235                 default:
3236                         *code = LDAP_SCHERR_UNEXPTOKEN;
3237                         *errp = ss;
3238                         LDAP_FREE(sval);
3239                         ldap_nameform_free(nf);
3240                         return NULL;
3241                 }
3242         }
3243 }
3244
3245 static char *const err2text[] = {
3246         N_("Success"),
3247         N_("Out of memory"),
3248         N_("Unexpected token"),
3249         N_("Missing opening parenthesis"),
3250         N_("Missing closing parenthesis"),
3251         N_("Expecting digit"),
3252         N_("Expecting a name"),
3253         N_("Bad description"),
3254         N_("Bad superiors"),
3255         N_("Duplicate option"),
3256         N_("Unexpected end of data"),
3257         N_("Missing required field"),
3258         N_("Out of order field")
3259 };
3260
3261 char *
3262 ldap_scherr2str(int code)
3263 {
3264         if ( code < 0 || code >= (int)(sizeof(err2text)/sizeof(char *)) ) {
3265                 return _("Unknown error");
3266         } else {
3267                 return _(err2text[code]);
3268         }
3269 }