1 /* dn.c - routines for dealing with distinguished names */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
13 #include <ac/socket.h>
14 #include <ac/string.h>
28 #define INQUOTEDVALUE 7
32 * dn_pretty - "pretty" the DN
34 char *dn_pretty( const char *dn_in )
37 * dn_validate based implementation (for now)
38 * likely better just to zap this, dn_validate, dn_normalize
42 dn = ch_strdup( dn_in );
43 dn_out = dn_validate( dn );
44 if( dn_out == NULL ) free( dn );
49 * dn_validate - validate and compress dn. the dn is
50 * compressed in place are returned if valid.
54 dn_validate( char *dn_in )
56 #ifdef USE_LDAP_DN_PARSING
57 struct berval val, *normalized;
60 if ( dn_in == NULL || dn_in[ 0 ] == '\0' ) {
65 val.bv_len = strlen( dn_in );
67 rc = dnPretty( NULL, &val, &normalized );
68 if ( rc != LDAP_SUCCESS ) {
72 if ( val.bv_len < normalized->bv_len ) {
73 ber_bvfree( normalized );
77 AC_MEMCPY( dn_in, normalized->bv_val, normalized->bv_len + 1 );
78 ber_bvfree( normalized );
82 #else /* !USE_LDAP_DN_PARSING */
89 for ( d = s = dn; *s; s++ ) {
93 if ( OID_LEADCHAR(*s) ) {
96 } else if ( ATTR_LEADCHAR(*s) ) {
99 } else if ( ! ASCII_SPACE( *s ) ) {
107 if ( OID_CHAR(*s) ) {
109 } else if ( *s == '=' ) {
112 } else if ( ASCII_SPACE( *s ) ) {
121 if ( ATTR_CHAR(*s) ) {
123 } else if ( *s == '=' ) {
126 } else if ( ASCII_SPACE( *s ) ) {
138 } else if ( ! ASCII_SPACE( *s ) ) {
139 /* not a valid dn - but what can we do here? */
147 state = INQUOTEDVALUE;
149 } else if ( ! ASCII_SPACE( *s ) ) {
156 if ( !gotesc && RDN_SEPARATOR( *s ) ) {
157 while ( ASCII_SPACE( *(d - 1) ) )
165 } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) &&
166 !RDN_SEPARATOR( *s ) )
170 } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) {
176 if ( !gotesc && *s == '"' ) {
179 } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) ) {
182 } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) {
188 if ( RDN_SEPARATOR( *s ) ) {
191 } else if ( !ASCII_SPACE( *s ) ) {
199 LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
200 "dn_validate: unknown state %d for dn \"%s\".\n",
203 Debug( LDAP_DEBUG_ANY,
204 "dn_validate - unknown state %d\n", state, 0, 0 );
216 /* trim trailing spaces */
217 while( d > dn_in && ASCII_SPACE( *(d-1) ) ) {
223 /* shouldn't be left in escape */
227 /* check end state */
229 case B4LEADTYPE: /* looking for first type */
230 case B4SEPARATOR: /* looking for separator */
231 case INVALUE: /* inside value */
238 #endif /* !USE_LDAP_DN_PARSING */
242 * dn_normalize - put dn into a canonical form suitable for storing
243 * in a hash database. this involves normalizing the case as well as
244 * the format. the dn is normalized in place as well as returned if valid.
248 dn_normalize( char *dn )
250 #ifdef USE_LDAP_DN_PARSING
251 struct berval val, *normalized;
254 if ( dn == NULL || dn[ 0 ] == '\0' ) {
259 val.bv_len = strlen( dn );
261 rc = dnNormalize( NULL, &val, &normalized );
262 if ( rc != LDAP_SUCCESS ) {
266 if ( val.bv_len < normalized->bv_len ) {
267 ber_bvfree( normalized );
271 AC_MEMCPY( dn, normalized->bv_val, normalized->bv_len + 1 );
272 ber_bvfree( normalized );
276 #else /* !USE_LDAP_DN_PARSING */
278 struct berval *bvdn, *nbvdn;
281 bvdn = ber_bvstr( dn );
283 if ( dnNormalize( NULL, bvdn, &nbvdn ) == LDAP_SUCCESS ) {
284 if ( nbvdn->bv_len <= bvdn->bv_len ) {
286 strcpy( out, nbvdn->bv_val );
290 bvdn->bv_val = NULL; /* prevent bvfree from freeing dn */
294 #endif /* !USE_LDAP_DN_PARSING */
298 dn_match( const char *val, const char *asserted )
300 struct berval bval, basserted;
302 if ( val == NULL || asserted == NULL ) {
306 bval.bv_val = ( char * )val;
307 bval.bv_len = strlen( val );
309 basserted.bv_val = ( char * )asserted;
310 basserted.bv_len = strlen( asserted);
312 return dnMatch( NULL, 0, NULL, NULL, &bval, &basserted);
316 * dn_parent - return the dn's parent, in-place
331 while(*dn != '\0' && ASCII_SPACE(*dn)) {
339 if ( be != NULL && be_issuffix( be, dn ) ) {
344 * assume it is an X.500-style name, which looks like
345 * foo=bar,sha=baz,...
349 for ( s = dn; *s; s++ ) {
363 } else if ( DN_SEPARATOR( *s ) ) {
364 return (char *)s + 1;
379 if( dn_in == NULL ) {
383 while(*dn_in && ASCII_SPACE(*dn_in)) {
387 if( *dn_in == '\0' ) {
391 if ( be != NULL && be_issuffix( be, dn_in ) ) {
397 for ( s = (char *)dn_in; *s; s++ ) {
411 } else if ( DN_SEPARATOR( *s ) ) {
425 int i = dn_rdnlen( be, dn_in );
427 rdn = ch_malloc( i + 1 );
428 strncpy(rdn, dn_in, i);
434 * return a charray of all subtrees to which the DN resides in
440 char **subtree = NULL;
443 charray_add( &subtree, dn );
445 dn = dn_parent( be, dn );
447 } while ( dn != NULL );
455 const struct berval *dn,
456 const struct berval *suffix
459 int d = dn->bv_len - suffix->bv_len;
464 /* empty suffix matches any dn */
465 if ( suffix->bv_len == 0 ) {
469 /* suffix longer than dn */
474 /* no rdn separator or escaped rdn separator */
475 if ( d > 1 && ( !DN_SEPARATOR( dn->bv_val[ d - 1 ] )
476 || DN_ESCAPE( dn->bv_val[ d - 2 ] ) ) ) {
480 /* no possible match or malformed dn */
486 return( strcmp( dn->bv_val + d, suffix->bv_val ) == 0 );
490 * dn_issuffix - tells whether suffix is a suffix of dn. Both dn
491 * and suffix must be normalized.
500 struct berval bvdn, bvsuffix;
505 bvdn.bv_val = (char *) dn;
506 bvdn.bv_len = strlen( dn );
507 bvsuffix.bv_val = (char *) suffix;
508 bvsuffix.bv_len = strlen( suffix );
510 return dn_issuffixbv( &bvdn, &bvsuffix );
514 * get_next_substring(), rdn_attr_type(), rdn_attr_value(), and
517 * Copyright 1999, Juan C. Gomez, All rights reserved.
518 * This software is not subject to any license of Silicon Graphics
519 * Inc. or Purdue University.
521 * Redistribution and use in source and binary forms are permitted
522 * without restriction or fee of any kind as long as this notice
527 /* get_next_substring:
529 * Gets next substring in s, using d (or the end of the string '\0') as a
530 * string delimiter, and places it in a duplicated memory space. Leading
531 * spaces are ignored. String s **must** be null-terminated.
535 get_next_substring( const char * s, char d )
540 r = str = ch_malloc( strlen(s) + 1 );
542 /* Skip leading spaces */
544 while ( *s && ASCII_SPACE(*s) ) {
550 while ( *s && (*s != d) ) {
552 /* Don't stop when you see trailing spaces may be a multi-word
553 * string, i.e. name=John Doe!
568 * Given a string (i.e. an rdn) of the form:
569 * "attribute_type = attribute_value"
570 * this function returns the type of an attribute, that is the
571 * string "attribute_type" which is placed in newly allocated
572 * memory. The returned string will be null-terminated.
575 char * rdn_attr_type( const char * s )
577 return get_next_substring( s, '=' );
583 * Given a string (i.e. an rdn) of the form:
584 * "attribute_type = attribute_value"
585 * this function returns "attribute_type" which is placed in newly allocated
586 * memory. The returned string will be null-terminated and may contain
587 * spaces (i.e. "John Doe\0").
591 rdn_attr_value( const char * rdn )
596 if ( (str = strchr( rdn, '=' )) != NULL ) {
597 return get_next_substring(++str, '\0');
607 * Given a string (i.e. an rdn) of the form:
608 * "attribute_type=attribute_value[+attribute_type=attribute_value[...]]"
609 * this function stores the types of the attributes in ptypes, that is the
610 * array of strings "attribute_type" which is placed in newly allocated
611 * memory, and the values of the attributes in pvalues, that is the
612 * array of strings "attribute_value" which is placed in newly allocated
613 * memory. Returns 0 on success, -1 on failure.
615 * note: got part of the code from dn_validate
619 rdn_attrs( const char * rdn_in, char ***ptypes, char ***pvalues)
627 * explode the rdn in parts
629 parts = ldap_explode_rdn( rdn_in, 0 );
631 if ( parts == NULL ) {
635 for ( p = parts; p[0]; p++ ) {
638 /* split each rdn part in type value */
639 s = strchr( p[0], '=' );
641 charray_free( *ptypes );
642 charray_free( *pvalues );
643 charray_free( parts );
647 /* type should be fine */
648 charray_add_n( ptypes, p[0], ( s-p[0] ) );
650 /* value needs to be unescaped
651 * (maybe this should be moved to ldap_explode_rdn?) */
652 for ( e = d = s + 1; e[0]; e++ ) {
658 charray_add( pvalues, s + 1 );
662 charray_free( parts );
670 * 1 if rdn is a legal rdn;
671 * 0 otherwise (including a sequence of rdns)
673 * note: got it from dn_rdn; it should be rewritten
674 * according to dn_validate
677 rdn_validate( const char * rdn )
685 if ( strchr( rdn, '=' ) == NULL ) {
689 while ( *rdn && ASCII_SPACE( *rdn ) ) {
699 for ( ; *rdn; rdn++ ) {
700 if ( *rdn == '\\' ) {
713 } else if ( DN_SEPARATOR( *rdn ) ) {
725 * Used by ldbm/bdb2 back_modrdn to create the new dn of entries being
728 * new_dn = parent (p_dn) + separator(s) + rdn (newrdn) + null.
732 build_new_dn( char ** new_dn,
735 const char * newrdn )
738 if ( p_dn == NULL ) {
739 *new_dn = ch_strdup( newrdn );
743 *new_dn = (char *) ch_malloc( strlen( p_dn ) + strlen( newrdn ) + 3 );
745 strcpy( *new_dn, newrdn );
746 strcat( *new_dn, "," );
747 strcat( *new_dn, p_dn );