1 /* filterentry.c - apply a filter to an entry */
13 extern Attribute *attr_find();
14 extern char *first_word();
15 extern char *next_word();
16 extern char *phonetic();
18 static int test_filter_list();
19 static int test_substring_filter();
20 static int test_ava_filter();
21 static int test_approx_filter();
22 static int test_presence_filter();
25 * test_filter - test a filter against a single entry.
26 * returns 0 filter matched
27 * -1 filter did not match
28 * >0 an ldap error code
42 Debug( LDAP_DEBUG_FILTER, "=> test_filter\n", 0, 0, 0 );
44 switch ( f->f_choice ) {
45 case LDAP_FILTER_EQUALITY:
46 Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 );
47 rc = test_ava_filter( be, conn, op, e, &f->f_ava,
48 LDAP_FILTER_EQUALITY );
51 case LDAP_FILTER_SUBSTRINGS:
52 Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 );
53 rc = test_substring_filter( be, conn, op, e, f );
57 Debug( LDAP_DEBUG_FILTER, " GE\n", 0, 0, 0 );
58 rc = test_ava_filter( be, conn, op, e, &f->f_ava,
63 Debug( LDAP_DEBUG_FILTER, " LE\n", 0, 0, 0 );
64 rc = test_ava_filter( be, conn, op, e, &f->f_ava,
68 case LDAP_FILTER_PRESENT:
69 Debug( LDAP_DEBUG_FILTER, " PRESENT\n", 0, 0, 0 );
70 rc = test_presence_filter( be, conn, op, e, f->f_type );
73 case LDAP_FILTER_APPROX:
74 Debug( LDAP_DEBUG_FILTER, " APPROX\n", 0, 0, 0 );
75 rc = test_approx_filter( be, conn, op, e, &f->f_ava );
79 Debug( LDAP_DEBUG_FILTER, " AND\n", 0, 0, 0 );
80 rc = test_filter_list( be, conn, op, e, f->f_and,
85 Debug( LDAP_DEBUG_FILTER, " OR\n", 0, 0, 0 );
86 rc = test_filter_list( be, conn, op, e, f->f_or,
91 Debug( LDAP_DEBUG_FILTER, " NOT\n", 0, 0, 0 );
92 rc = (! test_filter( be, conn, op, e, f->f_not ) );
96 Debug( LDAP_DEBUG_ANY, " unknown filter type %d\n",
101 Debug( LDAP_DEBUG_FILTER, "<= test_filter %d\n", rc, 0, 0 );
118 if ( be != NULL && ! access_allowed( be, conn, op, e, ava->ava_type,
119 &ava->ava_value, op->o_dn, ACL_SEARCH ) ) {
123 if ( (a = attr_find( e->e_attrs, ava->ava_type )) == NULL ) {
127 if ( a->a_syntax == 0 ) {
128 a->a_syntax = attr_syntax( ava->ava_type );
130 for ( i = 0; a->a_vals[i] != NULL; i++ ) {
131 rc = value_cmp( a->a_vals[i], &ava->ava_value, a->a_syntax,
135 case LDAP_FILTER_EQUALITY:
159 test_presence_filter(
167 if ( be != NULL && ! access_allowed( be, conn, op, e, type, NULL,
168 op->o_dn, ACL_SEARCH ) ) {
172 return( attr_find( e->e_attrs, type ) != NULL ? 0 : -1 );
184 char *w1, *w2, *c1, *c2;
188 if ( be != NULL && ! access_allowed( be, conn, op, e, ava->ava_type,
189 NULL, op->o_dn, ACL_SEARCH ) ) {
193 if ( (a = attr_find( e->e_attrs, ava->ava_type )) == NULL ) {
197 /* for each value in the attribute */
198 for ( i = 0; a->a_vals[i] != NULL; i++ ) {
200 * try to match words in the filter value in order
201 * in the attribute value.
204 w2 = a->a_vals[i]->bv_val;
205 /* for each word in the filter value */
206 for ( w1 = first_word( ava->ava_value.bv_val ); w1 != NULL;
207 w1 = next_word( w1 ) ) {
208 if ( (c1 = phonetic( w1 )) == NULL ) {
213 * for each word in the attribute value from
214 * where we left off...
216 for ( w2 = first_word( w2 ); w2 != NULL;
217 w2 = next_word( w2 ) ) {
219 if ( strcmp( c1, c2 ) == 0 ) {
228 * if we stopped because we ran out of words
229 * before making a match, go on to the next
230 * value. otherwise try to keep matching
231 * words in this value from where we left off.
236 w2 = next_word( w2 );
240 * if we stopped because we ran out of words we
264 Debug( LDAP_DEBUG_FILTER, "=> test_filter_list\n", 0, 0, 0 );
267 for ( f = flist; f != NULL; f = f->f_next ) {
268 if ( test_filter( be, conn, op, e, f ) != 0 ) {
269 if ( ftype == LDAP_FILTER_AND ) {
270 Debug( LDAP_DEBUG_FILTER,
271 "<= test_filter_list 1\n", 0, 0, 0 );
279 Debug( LDAP_DEBUG_FILTER, "<= test_filter_list %d\n", nomatch, 0, 0 );
284 strcpy_special( char *d, char *s )
306 test_substring_filter(
316 char *p, *end, *realval, *tmp;
322 Debug( LDAP_DEBUG_FILTER, "begin test_substring_filter\n", 0, 0, 0 );
324 if ( be != NULL && ! access_allowed( be, conn, op, e, f->f_sub_type,
325 NULL, op->o_dn, ACL_SEARCH ) ) {
329 if ( (a = attr_find( e->e_attrs, f->f_sub_type )) == NULL ) {
333 if ( a->a_syntax & SYNTAX_BIN ) {
334 Debug( LDAP_DEBUG_FILTER, "test_substring_filter bin attr\n",
340 * construct a regular expression corresponding to the
341 * filter and let regex do the work
346 end = pat + sizeof(pat) - 2; /* leave room for null */
347 if ( f->f_sub_initial != NULL ) {
349 p = strchr( p, '\0' );
350 /* 2 * in case every char is special */
351 if ( p + 2 * strlen( f->f_sub_initial ) > end ) {
352 Debug( LDAP_DEBUG_ANY, "not enough pattern space\n",
356 strcpy_special( p, f->f_sub_initial );
357 p = strchr( p, '\0' );
359 if ( f->f_sub_any != NULL ) {
360 for ( i = 0; f->f_sub_any[i] != NULL; i++ ) {
362 if ( p + 2 * strlen( f->f_sub_any[i] ) + 2 > end ) {
363 Debug( LDAP_DEBUG_ANY,
364 "not enough pattern space\n", 0, 0, 0 );
368 p = strchr( p, '\0' );
369 strcpy_special( p, f->f_sub_any[i] );
370 p = strchr( p, '\0' );
373 if ( f->f_sub_final != NULL ) {
375 if ( p + 2 * strlen( f->f_sub_final ) + 2 > end ) {
376 Debug( LDAP_DEBUG_ANY, "not enough pattern space\n",
381 p = strchr( p, '\0' );
382 strcpy_special( p, f->f_sub_final );
383 p = strchr( p, '\0' );
387 /* compile the regex */
388 Debug( LDAP_DEBUG_FILTER, "test_substring_filter: regcomp pat: %s\n",
390 if ((rc = regcomp(&re, pat, 0))) {
393 regerror(rc, &re, error, sizeof(error));
394 Debug( LDAP_DEBUG_ANY, "regcomp failed (%s) %s\n",
399 /* for each value in the attribute see if regex matches */
400 for ( i = 0; a->a_vals[i] != NULL; i++ ) {
403 if ( val->bv_len < sizeof(buf) ) {
404 strcpy( buf, val->bv_val );
407 tmp = (char *) ch_malloc( val->bv_len + 1 );
408 strcpy( tmp, val->bv_val );
411 value_normalize( realval, a->a_syntax );
413 rc = !regexec(&re, realval, 0, NULL, 0);
426 Debug( LDAP_DEBUG_FILTER, "end test_substring_filter 1\n", 0, 0, 0 );