3 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 /* mra.c - routines for dealing with extensible matching rule assertions */
12 #include <ac/string.h>
13 #include <ac/socket.h>
19 MatchingRuleAssertion *mra,
23 ch_free( mra->ma_value.bv_val );
25 ch_free( (char *) mra );
32 MatchingRuleAssertion **mra,
39 struct berval type = { 0, NULL };
40 struct berval value = { 0, NULL };
41 MatchingRuleAssertion ma;
43 memset( &ma, 0, sizeof ma);
45 rtag = ber_scanf( ber, "{t" /*"}"*/, &tag );
47 if( rtag == LBER_ERROR ) {
49 LDAP_LOG( OPERATION, ERR,
50 "get_mra: ber_scanf (\"{t\") failure\n", 0, 0, 0 );
52 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
55 *text = "Error parsing matching rule assertion";
56 return SLAPD_DISCONNECT;
59 if ( tag == LDAP_FILTER_EXT_OID ) {
60 rtag = ber_scanf( ber, "m", &ma.ma_rule_text );
61 if ( rtag == LBER_ERROR ) {
63 LDAP_LOG( OPERATION, ERR,
64 "get_mra: ber_scanf(\"o\") failure.\n", 0, 0, 0 );
66 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for mr\n", 0, 0, 0 );
69 *text = "Error parsing matching rule in matching rule assertion";
70 return SLAPD_DISCONNECT;
73 rtag = ber_scanf( ber, "t", &tag );
74 if( rtag == LBER_ERROR ) {
76 LDAP_LOG( OPERATION, ERR,
77 "get_mra: ber_scanf (\"t\") failure\n", 0, 0, 0 );
79 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
82 *text = "Error parsing matching rule assertion";
83 return SLAPD_DISCONNECT;
87 if ( tag == LDAP_FILTER_EXT_TYPE ) {
88 rtag = ber_scanf( ber, "m", &type );
89 if ( rtag == LBER_ERROR ) {
91 LDAP_LOG( OPERATION, ERR,
92 "get_mra: ber_scanf (\"o\") failure.\n", 0, 0, 0 );
94 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for ad\n", 0, 0, 0 );
97 *text = "Error parsing attribute description in matching rule assertion";
98 return SLAPD_DISCONNECT;
101 rtag = ber_scanf( ber, "t", &tag );
102 if( rtag == LBER_ERROR ) {
104 LDAP_LOG( OPERATION, ERR,
105 "get_mra: ber_scanf (\"t\") failure.\n", 0, 0, 0 );
107 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
110 *text = "Error parsing matching rule assertion";
111 return SLAPD_DISCONNECT;
115 if ( tag != LDAP_FILTER_EXT_VALUE ) {
117 LDAP_LOG( OPERATION, ERR,
118 "get_mra: ber_scanf missing value\n", 0, 0, 0 );
120 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf missing value\n", 0, 0, 0 );
123 *text = "Missing value in matching rule assertion";
124 return SLAPD_DISCONNECT;
127 rtag = ber_scanf( ber, "m", &value );
129 if( rtag == LBER_ERROR ) {
131 LDAP_LOG( OPERATION, ERR,
132 "get_mra: ber_scanf (\"o\") failure.\n", 0, 0, 0 );
134 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
137 *text = "Error decoding value in matching rule assertion";
138 return SLAPD_DISCONNECT;
141 tag = ber_peek_tag( ber, &length );
143 if ( tag == LDAP_FILTER_EXT_DNATTRS ) {
144 rtag = ber_scanf( ber, /*"{"*/ "b}", &ma.ma_dnattrs );
146 rtag = ber_scanf( ber, /*"{"*/ "}" );
149 if( rtag == LBER_ERROR ) {
151 LDAP_LOG( OPERATION, ERR, "get_mra: ber_scanf failure\n", 0, 0, 0);
153 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
156 *text = "Error decoding dnattrs matching rule assertion";
157 return SLAPD_DISCONNECT;
160 if( type.bv_val != NULL ) {
161 rc = slap_bv2ad( &type, &ma.ma_desc, text );
162 if( rc != LDAP_SUCCESS ) {
167 if( ma.ma_rule_text.bv_val != NULL ) {
168 ma.ma_rule = mr_bvfind( &ma.ma_rule_text );
169 if( ma.ma_rule == NULL ) {
170 *text = "matching rule not recognized";
171 return LDAP_INAPPROPRIATE_MATCHING;
175 if ( ma.ma_rule == NULL ) {
177 * Need either type or rule ...
179 if ( ma.ma_desc == NULL ) {
180 *text = "no matching rule or type";
181 return LDAP_INAPPROPRIATE_MATCHING;
184 if ( ma.ma_desc->ad_type->sat_equality != NULL &&
185 ma.ma_desc->ad_type->sat_equality->smr_usage & SLAP_MR_EXT )
187 /* no matching rule was provided, use the attribute's
188 equality rule if it supports extensible matching. */
189 ma.ma_rule = ma.ma_desc->ad_type->sat_equality;
192 *text = "no appropriate rule to use for type";
193 return LDAP_INAPPROPRIATE_MATCHING;
197 if ( ma.ma_desc != NULL ) {
198 if( !mr_usable_with_at( ma.ma_rule, ma.ma_desc->ad_type ) ) {
199 *text = "matching rule use with this attribute not appropriate";
200 return LDAP_INAPPROPRIATE_MATCHING;
205 * OK, if no matching rule, normalize for equality, otherwise
206 * normalize for the matching rule.
208 rc = value_validate_normalize( ma.ma_desc, SLAP_MR_EQUALITY,
209 &value, &ma.ma_value, text );
212 * Need to normalize, but how?
214 rc = value_validate( ma.ma_rule, &value, text );
215 if ( rc == LDAP_SUCCESS ) {
216 ber_dupbv( &ma.ma_value, &value );
223 * Normalize per matching rule
225 rc = asserted_value_validate_normalize( ma.ma_desc,
227 SLAP_MR_EXT|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
228 &ma.ma_value, &value, text );
229 if ( rc == LDAP_SUCCESS ) {
233 if( rc != LDAP_SUCCESS )
239 *mra = ch_malloc( sizeof ma );