git.sur5r.net Git - openldap/blob - servers/slapd/filter.c

   1 /* filter.c - routines for parsing and dealing with filters */
   2 /* $OpenLDAP$ */
   3 /*
   4  * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
   5  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   6  */
   7
   8 #include "portable.h"
   9
  10 #include <stdio.h>
  11
  12 #include <ac/socket.h>
  13 #include <ac/string.h>
  14
  15 #include "slap.h"
  16
  17 static int      get_filter_list(Connection *conn, BerElement *ber, Filter **f, char **fstr);
  18 static int      get_substring_filter(Connection *conn, BerElement *ber, Filter *f, char **fstr);
  19
  20 int
  21 get_filter( Connection *conn, BerElement *ber, Filter **filt, char **fstr )
  22 {
  23         ber_len_t       len;
  24         int             err;
  25         Filter          *f;
  26         char            *ftmp;
  27
  28         Debug( LDAP_DEBUG_FILTER, "begin get_filter\n", 0, 0, 0 );
  29
  30         /*
  31          * A filter looks like this coming in:
  32          *      Filter ::= CHOICE {
  33          *              and             [0]     SET OF Filter,
  34          *              or              [1]     SET OF Filter,
  35          *              not             [2]     Filter,
  36          *              equalityMatch   [3]     AttributeValueAssertion,
  37          *              substrings      [4]     SubstringFilter,
  38          *              greaterOrEqual  [5]     AttributeValueAssertion,
  39          *              lessOrEqual     [6]     AttributeValueAssertion,
  40          *              present         [7]     AttributeType,,
  41          *              approxMatch     [8]     AttributeValueAssertion
  42          *              extensibleMatch [9] MatchingRuleAssertion
  43          *      }
  44          *
  45          *      SubstringFilter ::= SEQUENCE {
  46          *              type               AttributeType,
  47          *              SEQUENCE OF CHOICE {
  48          *                      initial          [0] IA5String,
  49          *                      any              [1] IA5String,
  50          *                      final            [2] IA5String
  51          *              }
  52          *      }
  53          *
  54      *  MatchingRuleAssertion ::= SEQUENCE {
  55      *          matchingRule    [1] MatchingRuleId OPTIONAL,
  56      *          type            [2] AttributeDescription OPTIONAL,
  57      *          matchValue      [3] AssertionValue,
  58      *          dnAttributes    [4] BOOLEAN DEFAULT FALSE
  59          *      }
  60          *
  61          */
  62
  63         f = (Filter *) ch_malloc( sizeof(Filter) );
  64         f->f_next = NULL;
  65
  66         err = LDAP_SUCCESS;
  67         *fstr = NULL;
  68         f->f_choice = ber_peek_tag( ber, &len );
  69
  70         switch ( f->f_choice ) {
  71         case LDAP_FILTER_EQUALITY:
  72                 Debug( LDAP_DEBUG_FILTER, "EQUALITY\n", 0, 0, 0 );
  73                 if ( (err = get_ava( ber, &f->f_ava )) == LDAP_SUCCESS ) {
  74                         *fstr = ch_malloc(4 + strlen( f->f_avtype ) +
  75                             f->f_avvalue.bv_len);
  76                         sprintf( *fstr, "(%s=%s)", f->f_avtype,
  77                             f->f_avvalue.bv_val );
  78                 }
  79                 break;
  80
  81         case LDAP_FILTER_SUBSTRINGS:
  82                 Debug( LDAP_DEBUG_FILTER, "SUBSTRINGS\n", 0, 0, 0 );
  83                 err = get_substring_filter( conn, ber, f, fstr );
  84                 break;
  85
  86         case LDAP_FILTER_GE:
  87                 Debug( LDAP_DEBUG_FILTER, "GE\n", 0, 0, 0 );
  88                 if ( (err = get_ava( ber, &f->f_ava )) == LDAP_SUCCESS ) {
  89                         *fstr = ch_malloc(5 + strlen( f->f_avtype ) +
  90                             f->f_avvalue.bv_len);
  91                         sprintf( *fstr, "(%s>=%s)", f->f_avtype,
  92                             f->f_avvalue.bv_val );
  93                 }
  94                 break;
  95
  96         case LDAP_FILTER_LE:
  97                 Debug( LDAP_DEBUG_FILTER, "LE\n", 0, 0, 0 );
  98                 if ( (err = get_ava( ber, &f->f_ava )) == LDAP_SUCCESS ) {
  99                         *fstr = ch_malloc(5 + strlen( f->f_avtype ) +
 100                             f->f_avvalue.bv_len);
 101                         sprintf( *fstr, "(%s<=%s)", f->f_avtype,
 102                             f->f_avvalue.bv_val );
 103                 }
 104                 break;
 105
 106         case LDAP_FILTER_PRESENT:
 107                 Debug( LDAP_DEBUG_FILTER, "PRESENT\n", 0, 0, 0 );
 108                 if ( ber_scanf( ber, "a", &f->f_type ) == LBER_ERROR ) {
 109                         err = -1;
 110                 } else {
 111                         err = LDAP_SUCCESS;
 112                         attr_normalize( f->f_type );
 113                         *fstr = ch_malloc( 5 + strlen( f->f_type ) );
 114                         sprintf( *fstr, "(%s=*)", f->f_type );
 115                 }
 116                 break;
 117
 118         case LDAP_FILTER_APPROX:
 119                 Debug( LDAP_DEBUG_FILTER, "APPROX\n", 0, 0, 0 );
 120                 if ( (err = get_ava( ber, &f->f_ava )) == LDAP_SUCCESS ) {
 121                         *fstr = ch_malloc(5 + strlen( f->f_avtype ) +
 122                             f->f_avvalue.bv_len);
 123                         sprintf( *fstr, "(%s~=%s)", f->f_avtype,
 124                             f->f_avvalue.bv_val );
 125                 }
 126                 break;
 127
 128         case LDAP_FILTER_AND:
 129                 Debug( LDAP_DEBUG_FILTER, "AND\n", 0, 0, 0 );
 130                 if ( (err = get_filter_list( conn, ber, &f->f_and, &ftmp ))
 131                     == LDAP_SUCCESS ) {
 132                         if (ftmp == NULL) ftmp = ch_strdup("");
 133                         *fstr = ch_malloc( 4 + strlen( ftmp ) );
 134                         sprintf( *fstr, "(&%s)", ftmp );
 135                         free( ftmp );
 136                 }
 137                 break;
 138
 139         case LDAP_FILTER_OR:
 140                 Debug( LDAP_DEBUG_FILTER, "OR\n", 0, 0, 0 );
 141                 if ( (err = get_filter_list( conn, ber, &f->f_or, &ftmp ))
 142                     == LDAP_SUCCESS ) {
 143                         if (ftmp == NULL) ftmp = ch_strdup("");
 144                         *fstr = ch_malloc( 4 + strlen( ftmp ) );
 145                         sprintf( *fstr, "(|%s)", ftmp );
 146                         free( ftmp );
 147                 }
 148                 break;
 149
 150         case LDAP_FILTER_NOT:
 151                 Debug( LDAP_DEBUG_FILTER, "NOT\n", 0, 0, 0 );
 152                 (void) ber_skip_tag( ber, &len );
 153                 if ( (err = get_filter( conn, ber, &f->f_not, &ftmp )) == LDAP_SUCCESS ) {
 154                         if (ftmp == NULL) ftmp = ch_strdup("");
 155                         *fstr = ch_malloc( 4 + strlen( ftmp ) );
 156                         sprintf( *fstr, "(!%s)", ftmp );
 157                         free( ftmp );
 158                 }
 159                 break;
 160
 161         case LBER_DEFAULT:
 162                 Debug( LDAP_DEBUG_ANY, "decoding filter error\n",
 163                        0, 0, 0 );
 164                 err = -1;
 165                 break;
 166
 167         default:
 168                 Debug( LDAP_DEBUG_ANY, "unknown filter type %lu\n",
 169                        f->f_choice, 0, 0 );
 170                 err = LDAP_PROTOCOL_ERROR;
 171                 break;
 172         }
 173
 174         if ( err != LDAP_SUCCESS ) {
 175                 free( (char *) f );
 176                 if ( *fstr != NULL ) {
 177                         free( *fstr );
 178                 }
 179         } else {
 180                 *filt = f;
 181         }
 182
 183         Debug( LDAP_DEBUG_FILTER, "end get_filter %d\n", err, 0, 0 );
 184         return( err );
 185 }
 186
 187 static int
 188 get_filter_list( Connection *conn, BerElement *ber, Filter **f, char **fstr )
 189 {
 190         Filter          **new;
 191         int             err;
 192         ber_tag_t       tag;
 193         ber_len_t       len;
 194         char            *last, *ftmp;
 195
 196         Debug( LDAP_DEBUG_FILTER, "begin get_filter_list\n", 0, 0, 0 );
 197
 198         *fstr = NULL;
 199         new = f;
 200         for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
 201             tag = ber_next_element( ber, &len, last ) )
 202         {
 203                 if ( (err = get_filter( conn, ber, new, &ftmp )) != LDAP_SUCCESS )
 204                         return( err );
 205                 if ( *fstr == NULL ) {
 206                         *fstr = ftmp;
 207                 } else {
 208                         *fstr = ch_realloc( *fstr, strlen( *fstr ) +
 209                             strlen( ftmp ) + 1 );
 210                         strcat( *fstr, ftmp );
 211                         free( ftmp );
 212                 }
 213                 new = &(*new)->f_next;
 214         }
 215         *new = NULL;
 216
 217         Debug( LDAP_DEBUG_FILTER, "end get_filter_list\n", 0, 0, 0 );
 218         return( LDAP_SUCCESS );
 219 }
 220
 221 static int
 222 get_substring_filter(
 223     Connection  *conn,
 224     BerElement  *ber,
 225     Filter      *f,
 226     char        **fstr
 227 )
 228 {
 229         ber_tag_t       tag;
 230         ber_len_t       len;
 231         ber_tag_t       rc;
 232         char            *val, *last;
 233         int             syntax;
 234
 235         Debug( LDAP_DEBUG_FILTER, "begin get_substring_filter\n", 0, 0, 0 );
 236
 237         if ( ber_scanf( ber, "{a" /*}*/, &f->f_sub_type ) == LBER_ERROR ) {
 238                 return( -1 );
 239         }
 240         attr_normalize( f->f_sub_type );
 241         syntax = attr_syntax( f->f_sub_type );
 242         f->f_sub_initial = NULL;
 243         f->f_sub_any = NULL;
 244         f->f_sub_final = NULL;
 245
 246         *fstr = ch_malloc( strlen( f->f_sub_type ) + 3 );
 247         sprintf( *fstr, "(%s=", f->f_sub_type );
 248         for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
 249             tag = ber_next_element( ber, &len, last ) )
 250         {
 251                 rc = ber_scanf( ber, "a", &val );
 252                 if ( rc == LBER_ERROR ) {
 253                         return( -1 );
 254                 }
 255                 if ( val == NULL || *val == '\0' ) {
 256                         if ( val != NULL ) {
 257                                 free( val );
 258                         }
 259                         return( LDAP_INVALID_SYNTAX );
 260                 }
 261                 value_normalize( val, syntax );
 262
 263                 switch ( tag ) {
 264                 case LDAP_SUBSTRING_INITIAL:
 265                         Debug( LDAP_DEBUG_FILTER, "  INITIAL\n", 0, 0, 0 );
 266                         if ( f->f_sub_initial != NULL ) {
 267                                 return( LDAP_PROTOCOL_ERROR );
 268                         }
 269                         f->f_sub_initial = val;
 270                         *fstr = ch_realloc( *fstr, strlen( *fstr ) +
 271                             strlen( val ) + 1 );
 272                         strcat( *fstr, val );
 273                         break;
 274
 275                 case LDAP_SUBSTRING_ANY:
 276                         Debug( LDAP_DEBUG_FILTER, "  ANY\n", 0, 0, 0 );
 277                         charray_add( &f->f_sub_any, val );
 278                         *fstr = ch_realloc( *fstr, strlen( *fstr ) +
 279                             strlen( val ) + 2 );
 280                         strcat( *fstr, "*" );
 281                         strcat( *fstr, val );
 282                         break;
 283
 284                 case LDAP_SUBSTRING_FINAL:
 285                         Debug( LDAP_DEBUG_FILTER, "  FINAL\n", 0, 0, 0 );
 286                         if ( f->f_sub_final != NULL ) {
 287                                 return( LDAP_PROTOCOL_ERROR );
 288                         }
 289                         f->f_sub_final = val;
 290                         *fstr = ch_realloc( *fstr, strlen( *fstr ) +
 291                             strlen( val ) + 2 );
 292                         strcat( *fstr, "*" );
 293                         strcat( *fstr, val );
 294                         break;
 295
 296                 default:
 297                         Debug( LDAP_DEBUG_FILTER, "  unknown type\n", tag, 0,
 298                             0 );
 299                         return( LDAP_PROTOCOL_ERROR );
 300                 }
 301         }
 302         *fstr = ch_realloc( *fstr, strlen( *fstr ) + 3 );
 303         if ( f->f_sub_final == NULL ) {
 304                 strcat( *fstr, "*" );
 305         }
 306         strcat( *fstr, ")" );
 307
 308         Debug( LDAP_DEBUG_FILTER, "end get_substring_filter\n", 0, 0, 0 );
 309         return( LDAP_SUCCESS );
 310 }
 311
 312 void
 313 filter_free( Filter *f )
 314 {
 315         Filter  *p, *next;
 316
 317         if ( f == NULL ) {
 318                 return;
 319         }
 320
 321         switch ( f->f_choice ) {
 322         case LDAP_FILTER_EQUALITY:
 323         case LDAP_FILTER_GE:
 324         case LDAP_FILTER_LE:
 325         case LDAP_FILTER_APPROX:
 326                 ava_free( &f->f_ava, 0 );
 327                 break;
 328
 329         case LDAP_FILTER_SUBSTRINGS:
 330                 if ( f->f_sub_type != NULL ) {
 331                         free( f->f_sub_type );
 332                 }
 333                 if ( f->f_sub_initial != NULL ) {
 334                         free( f->f_sub_initial );
 335                 }
 336                 charray_free( f->f_sub_any );
 337                 if ( f->f_sub_final != NULL ) {
 338                         free( f->f_sub_final );
 339                 }
 340                 break;
 341
 342         case LDAP_FILTER_PRESENT:
 343                 if ( f->f_type != NULL ) {
 344                         free( f->f_type );
 345                 }
 346                 break;
 347
 348         case LDAP_FILTER_AND:
 349         case LDAP_FILTER_OR:
 350         case LDAP_FILTER_NOT:
 351                 for ( p = f->f_list; p != NULL; p = next ) {
 352                         next = p->f_next;
 353                         filter_free( p );
 354                 }
 355                 break;
 356
 357         default:
 358                 Debug( LDAP_DEBUG_ANY, "unknown filter type %lu\n",
 359                        f->f_choice, 0, 0 );
 360                 break;
 361         }
 362         free( f );
 363 }
 364
 365 #ifdef LDAP_DEBUG
 366
 367 void
 368 filter_print( Filter *f )
 369 {
 370         int     i;
 371         Filter  *p;
 372
 373         if ( f == NULL ) {
 374                 fprintf( stderr, "NULL" );
 375         }
 376
 377         switch ( f->f_choice ) {
 378         case LDAP_FILTER_EQUALITY:
 379                 fprintf( stderr, "(%s=%s)", f->f_ava.ava_type,
 380                     f->f_ava.ava_value.bv_val );
 381                 break;
 382
 383         case LDAP_FILTER_GE:
 384                 fprintf( stderr, "(%s>=%s)", f->f_ava.ava_type,
 385                     f->f_ava.ava_value.bv_val );
 386                 break;
 387
 388         case LDAP_FILTER_LE:
 389                 fprintf( stderr, "(%s<=%s)", f->f_ava.ava_type,
 390                     f->f_ava.ava_value.bv_val );
 391                 break;
 392
 393         case LDAP_FILTER_APPROX:
 394                 fprintf( stderr, "(%s~=%s)", f->f_ava.ava_type,
 395                     f->f_ava.ava_value.bv_val );
 396                 break;
 397
 398         case LDAP_FILTER_SUBSTRINGS:
 399                 fprintf( stderr, "(%s=", f->f_sub_type );
 400                 if ( f->f_sub_initial != NULL ) {
 401                         fprintf( stderr, "%s", f->f_sub_initial );
 402                 }
 403                 if ( f->f_sub_any != NULL ) {
 404                         for ( i = 0; f->f_sub_any[i] != NULL; i++ ) {
 405                                 fprintf( stderr, "*%s", f->f_sub_any[i] );
 406                         }
 407                 }
 408                 charray_free( f->f_sub_any );
 409                 if ( f->f_sub_final != NULL ) {
 410                         fprintf( stderr, "*%s", f->f_sub_final );
 411                 }
 412                 break;
 413
 414         case LDAP_FILTER_PRESENT:
 415                 fprintf( stderr, "%s=*", f->f_type );
 416                 break;
 417
 418         case LDAP_FILTER_AND:
 419         case LDAP_FILTER_OR:
 420         case LDAP_FILTER_NOT:
 421                 fprintf( stderr, "(%c", f->f_choice == LDAP_FILTER_AND ? '&' :
 422                     f->f_choice == LDAP_FILTER_OR ? '|' : '!' );
 423                 for ( p = f->f_list; p != NULL; p = p->f_next ) {
 424                         filter_print( p );
 425                 }
 426                 fprintf( stderr, ")" );
 427                 break;
 428
 429         default:
 430                 fprintf( stderr, "unknown type %lu", f->f_choice );
 431                 break;
 432         }
 433 }
 434
 435 #endif /* ldap_debug */