3 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 /* mra.c - routines for dealing with extensible matching rule assertions */
12 #include <ac/string.h>
13 #include <ac/socket.h>
19 MatchingRuleAssertion *mra,
23 ch_free( mra->ma_value.bv_val );
25 ch_free( (char *) mra );
32 MatchingRuleAssertion **mra,
39 struct berval type = { 0, NULL };
40 struct berval value = { 0, NULL };
41 struct berval tmp = { 0, NULL };
42 MatchingRuleAssertion ma;
44 memset( &ma, 0, sizeof ma);
46 rtag = ber_scanf( ber, "{t" /*"}"*/, &tag );
48 if( rtag == LBER_ERROR ) {
50 LDAP_LOG( OPERATION, ERR,
51 "get_mra: ber_scanf (\"{t\") failure\n", 0, 0, 0 );
53 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
56 *text = "Error parsing matching rule assertion";
57 return SLAPD_DISCONNECT;
60 if ( tag == LDAP_FILTER_EXT_OID ) {
61 rtag = ber_scanf( ber, "m", &tmp );
62 if ( rtag == LBER_ERROR ) {
64 LDAP_LOG( OPERATION, ERR,
65 "get_mra: ber_scanf(\"o\") failure.\n", 0, 0, 0 );
67 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for mr\n", 0, 0, 0 );
70 *text = "Error parsing matching rule in matching rule assertion";
71 return SLAPD_DISCONNECT;
73 ber_dupbv( &ma.ma_rule_text, &tmp );
75 rtag = ber_scanf( ber, "t", &tag );
76 if( rtag == LBER_ERROR ) {
78 LDAP_LOG( OPERATION, ERR,
79 "get_mra: ber_scanf (\"t\") failure\n", 0, 0, 0 );
81 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
84 *text = "Error parsing matching rule assertion";
85 return SLAPD_DISCONNECT;
89 if ( tag == LDAP_FILTER_EXT_TYPE ) {
90 rtag = ber_scanf( ber, "m", &type );
91 if ( rtag == LBER_ERROR ) {
93 LDAP_LOG( OPERATION, ERR,
94 "get_mra: ber_scanf (\"o\") failure.\n", 0, 0, 0 );
96 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for ad\n", 0, 0, 0 );
99 *text = "Error parsing attribute description in matching rule assertion";
100 return SLAPD_DISCONNECT;
103 rtag = ber_scanf( ber, "t", &tag );
104 if( rtag == LBER_ERROR ) {
106 LDAP_LOG( OPERATION, ERR,
107 "get_mra: ber_scanf (\"t\") failure.\n", 0, 0, 0 );
109 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
112 *text = "Error parsing matching rule assertion";
113 return SLAPD_DISCONNECT;
117 if ( tag != LDAP_FILTER_EXT_VALUE ) {
119 LDAP_LOG( OPERATION, ERR,
120 "get_mra: ber_scanf missing value\n", 0, 0, 0 );
122 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf missing value\n", 0, 0, 0 );
125 *text = "Missing value in matching rule assertion";
126 return SLAPD_DISCONNECT;
129 rtag = ber_scanf( ber, "m", &value );
131 if( rtag == LBER_ERROR ) {
133 LDAP_LOG( OPERATION, ERR,
134 "get_mra: ber_scanf (\"o\") failure.\n", 0, 0, 0 );
136 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
139 *text = "Error decoding value in matching rule assertion";
140 return SLAPD_DISCONNECT;
143 tag = ber_peek_tag( ber, &length );
145 if ( tag == LDAP_FILTER_EXT_DNATTRS ) {
146 rtag = ber_scanf( ber, /*"{"*/ "b}", &ma.ma_dnattrs );
148 rtag = ber_scanf( ber, /*"{"*/ "}" );
151 if( rtag == LBER_ERROR ) {
153 LDAP_LOG( OPERATION, ERR, "get_mra: ber_scanf failure\n", 0, 0, 0);
155 Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
158 *text = "Error decoding dnattrs matching rule assertion";
159 return SLAPD_DISCONNECT;
162 if( type.bv_val != NULL ) {
163 rc = slap_bv2ad( &type, &ma.ma_desc, text );
164 if( rc != LDAP_SUCCESS ) {
169 if( ma.ma_rule_text.bv_val != NULL ) {
170 ma.ma_rule = mr_bvfind( &ma.ma_rule_text );
171 if( ma.ma_rule == NULL ) {
172 *text = "matching rule not recognized";
173 return LDAP_INAPPROPRIATE_MATCHING;
177 if ( ma.ma_rule == NULL ) {
179 * Need either type or rule ...
181 if ( ma.ma_desc == NULL ) {
182 *text = "no matching rule or type";
183 return LDAP_INAPPROPRIATE_MATCHING;
186 if ( ma.ma_desc->ad_type->sat_equality != NULL &&
187 ma.ma_desc->ad_type->sat_equality->smr_usage & SLAP_MR_EXT )
189 /* no matching rule was provided, use the attribute's
190 equality rule if it supports extensible matching. */
191 ma.ma_rule = ma.ma_desc->ad_type->sat_equality;
194 *text = "no appropriate rule to use for type";
195 return LDAP_INAPPROPRIATE_MATCHING;
199 if ( ma.ma_desc != NULL ) {
200 if( !mr_usable_with_at( ma.ma_rule, ma.ma_desc->ad_type ) ) {
201 *text = "matching rule use with this attribute not appropriate";
202 return LDAP_INAPPROPRIATE_MATCHING;
207 * OK, if no matching rule, normalize for equality, otherwise
208 * normalize for the matching rule.
210 rc = value_validate_normalize( ma.ma_desc, SLAP_MR_EQUALITY,
211 &value, &ma.ma_value, text );
214 * Need to normalize, but how?
216 rc = value_validate( ma.ma_rule, &value, text );
217 if ( rc == LDAP_SUCCESS ) {
218 ber_dupbv( &ma.ma_value, &value );
225 * Normalize per matching rule
227 rc = asserted_value_validate_normalize( ma.ma_desc,
229 SLAP_MR_EXT|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
230 &value, &ma.ma_value, text );
233 if( rc != LDAP_SUCCESS ) {
237 *mra = ch_malloc( sizeof ma );