1 /* rwmmap.c - rewrite/mapping routines */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1999-2010 The OpenLDAP Foundation.
6 * Portions Copyright 1999-2003 Howard Chu.
7 * Portions Copyright 2000-2003 Pierangelo Masarati.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by the Howard Chu for inclusion
20 * in OpenLDAP Software and subsequently enhanced by Pierangelo
30 #include <ac/string.h>
31 #include <ac/socket.h>
36 #undef ldap_debug /* silence a warning in ldap-int.h */
37 #include "../../../libraries/libldap/ldap-int.h"
40 rwm_mapping_cmp( const void *c1, const void *c2 )
42 struct ldapmapping *map1 = (struct ldapmapping *)c1;
43 struct ldapmapping *map2 = (struct ldapmapping *)c2;
44 int rc = map1->m_src.bv_len - map2->m_src.bv_len;
50 return strcasecmp( map1->m_src.bv_val, map2->m_src.bv_val );
54 rwm_mapping_dup( void *c1, void *c2 )
56 struct ldapmapping *map1 = (struct ldapmapping *)c1;
57 struct ldapmapping *map2 = (struct ldapmapping *)c2;
58 int rc = map1->m_src.bv_len - map2->m_src.bv_len;
64 return ( ( strcasecmp( map1->m_src.bv_val, map2->m_src.bv_val ) == 0 ) ? -1 : 0 );
68 rwm_map_init( struct ldapmap *lm, struct ldapmapping **m )
70 struct ldapmapping *mapping;
78 mapping = (struct ldapmapping *)ch_calloc( 2,
79 sizeof( struct ldapmapping ) );
80 if ( mapping == NULL ) {
81 return LDAP_NO_MEMORY;
84 /* NOTE: this is needed to make sure that
86 * does not filter out all attributes including objectClass */
87 rc = slap_str2ad( "objectClass", &mapping[0].m_src_ad, &text );
88 if ( rc != LDAP_SUCCESS ) {
93 mapping[0].m_dst_ad = mapping[0].m_src_ad;
94 ber_dupbv( &mapping[0].m_src, &mapping[0].m_src_ad->ad_cname );
95 ber_dupbv( &mapping[0].m_dst, &mapping[0].m_src );
97 mapping[1].m_src = mapping[0].m_src;
98 mapping[1].m_dst = mapping[0].m_dst;
99 mapping[1].m_src_ad = mapping[0].m_src_ad;
100 mapping[1].m_dst_ad = mapping[1].m_src_ad;
102 avl_insert( &lm->map, (caddr_t)&mapping[0],
103 rwm_mapping_cmp, rwm_mapping_dup );
104 avl_insert( &lm->remap, (caddr_t)&mapping[1],
105 rwm_mapping_cmp, rwm_mapping_dup );
113 rwm_mapping( struct ldapmap *map, struct berval *s, struct ldapmapping **m, int remap )
116 struct ldapmapping fmapping;
124 /* let special attrnames slip through (ITS#5760) */
125 if ( bvmatch( s, slap_bv_no_attrs )
126 || bvmatch( s, slap_bv_all_user_attrs )
127 || bvmatch( s, slap_bv_all_operational_attrs ) )
133 if ( remap == RWM_REMAP ) {
141 *m = (struct ldapmapping *)avl_find( tree, (caddr_t)&fmapping,
145 return map->drop_missing;
152 rwm_map( struct ldapmap *map, struct berval *s, struct berval *bv, int remap )
154 struct ldapmapping *mapping;
156 /* map->map may be NULL when mapping is configured,
157 * but map->remap can't */
158 if ( map->remap == NULL ) {
164 ( void )rwm_mapping( map, s, &mapping, remap );
165 if ( mapping != NULL ) {
166 if ( !BER_BVISNULL( &mapping->m_dst ) ) {
167 *bv = mapping->m_dst;
172 if ( !map->drop_missing ) {
178 * Map attribute names in place
183 struct ldapmap *at_map,
184 struct ldapmap *oc_map,
191 assert( anp != NULL );
199 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ )
201 *anp = op->o_tmpalloc( ( i + 1 )* sizeof( AttributeName ),
203 if ( *anp == NULL ) {
204 return LDAP_NO_MEMORY;
207 for ( i = 0, j = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
208 struct ldapmapping *m;
209 int at_drop_missing = 0,
212 if ( an[i].an_desc ) {
214 /* FIXME: better leave as is? */
218 at_drop_missing = rwm_mapping( at_map, &an[i].an_name, &m, remap );
219 if ( at_drop_missing || ( m && BER_BVISNULL( &m->m_dst ) ) ) {
230 if ( remap == RWM_MAP ) {
231 (*anp)[j].an_name = m->m_dst;
232 (*anp)[j].an_desc = m->m_dst_ad;
234 (*anp)[j].an_name = m->m_src;
235 (*anp)[j].an_desc = m->m_src_ad;
242 } else if ( an[i].an_oc ) {
244 /* FIXME: better leave as is? */
248 oc_drop_missing = rwm_mapping( oc_map, &an[i].an_name, &m, remap );
250 if ( oc_drop_missing || ( m && BER_BVISNULL( &m->m_dst ) ) ) {
261 if ( remap == RWM_MAP ) {
262 (*anp)[j].an_name = m->m_dst;
263 (*anp)[j].an_oc = m->m_dst_oc;
265 (*anp)[j].an_name = m->m_src;
266 (*anp)[j].an_oc = m->m_src_oc;
270 at_drop_missing = rwm_mapping( at_map, &an[i].an_name, &m, remap );
272 if ( at_drop_missing || !m ) {
273 oc_drop_missing = rwm_mapping( oc_map, &an[i].an_name, &m, remap );
275 /* if both at_map and oc_map required to drop missing,
277 if ( oc_drop_missing && at_drop_missing ) {
281 /* if no oc_map mapping was found and at_map required
282 * to drop missing, then do it; otherwise, at_map wins
283 * and an is considered an attr and is left unchanged */
285 if ( at_drop_missing ) {
293 if ( BER_BVISNULL( &m->m_dst ) ) {
298 if ( remap == RWM_MAP ) {
299 (*anp)[j].an_name = m->m_dst;
300 (*anp)[j].an_oc = m->m_dst_oc;
302 (*anp)[j].an_name = m->m_src;
303 (*anp)[j].an_oc = m->m_src_oc;
309 if ( !BER_BVISNULL( &m->m_dst ) ) {
311 if ( remap == RWM_MAP ) {
312 (*anp)[j].an_name = m->m_dst;
313 (*anp)[j].an_desc = m->m_dst_ad;
315 (*anp)[j].an_name = m->m_src;
316 (*anp)[j].an_desc = m->m_src_ad;
324 if ( j == 0 && i != 0 ) {
325 memset( &(*anp)[0], 0, sizeof( AttributeName ) );
326 (*anp)[0].an_name = *slap_bv_no_attrs;
329 memset( &(*anp)[j], 0, sizeof( AttributeName ) );
337 struct ldapmap *at_map,
340 char ***mapped_attrs )
346 *mapped_attrs = NULL;
350 for ( i = 0; !BER_BVISNULL( &an[ i ].an_name ); i++ )
353 na = (char **)ch_calloc( i + 1, sizeof( char * ) );
355 *mapped_attrs = NULL;
356 return LDAP_NO_MEMORY;
359 for ( i = j = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
360 struct ldapmapping *mapping;
362 if ( rwm_mapping( at_map, &an[i].an_name, &mapping, remap ) ) {
367 na[ j++ ] = an[ i ].an_name.bv_val;
369 } else if ( !BER_BVISNULL( &mapping->m_dst ) ) {
370 na[ j++ ] = mapping->m_dst.bv_val;
374 if ( j == 0 && i != 0 ) {
375 na[ j++ ] = LDAP_NO_ATTRS;
389 AttributeDescription **adp,
390 struct berval *mapped_attr,
391 struct berval *value,
392 struct berval *mapped_value,
396 struct berval vtmp = BER_BVNULL;
398 AttributeDescription *ad = *adp;
399 struct ldapmapping *mapping = NULL;
401 rwm_mapping( &dc->rwmap->rwm_at, &ad->ad_cname, &mapping, remap );
402 if ( mapping == NULL ) {
403 if ( dc->rwmap->rwm_at.drop_missing ) {
407 *mapped_attr = ad->ad_cname;
410 *mapped_attr = mapping->m_dst;
413 if ( value != NULL ) {
414 assert( mapped_value != NULL );
416 if ( ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
417 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
422 fdc.ctx = "searchFilterAttrDN";
425 rc = rwm_dn_massage_normalize( &fdc, value, &vtmp );
428 if ( vtmp.bv_val != value->bv_val ) {
433 case LDAP_UNWILLING_TO_PERFORM:
439 } else if ( ad->ad_type->sat_equality->smr_usage & SLAP_MR_MUTATION_NORMALIZER ) {
440 if ( ad->ad_type->sat_equality->smr_normalize(
441 (SLAP_MR_DENORMALIZE|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX),
442 NULL, NULL, value, &vtmp, memctx ) )
448 } else if ( ad == slap_schema.si_ad_objectClass
449 || ad == slap_schema.si_ad_structuralObjectClass )
451 rwm_map( &dc->rwmap->rwm_oc, value, &vtmp, remap );
452 if ( BER_BVISNULL( &vtmp ) || BER_BVISEMPTY( &vtmp ) ) {
460 filter_escape_value_x( &vtmp, mapped_value, memctx );
464 ch_free( vtmp.bv_val );
468 ber_memfree_x( vtmp.bv_val, memctx );
473 if ( mapping != NULL ) {
474 assert( mapping->m_dst_ad != NULL );
475 *adp = mapping->m_dst_ad;
482 rwm_int_filter_map_rewrite(
486 struct berval *fstr )
490 AttributeDescription *ad;
495 /* better than nothing... */
496 ber_bvfalse = BER_BVC( "(!(objectClass=*))" ),
497 ber_bvtf_false = BER_BVC( "(|)" ),
498 /* better than nothing... */
499 ber_bvtrue = BER_BVC( "(objectClass=*)" ),
500 ber_bvtf_true = BER_BVC( "(&)" ),
502 /* no longer needed; preserved for completeness */
503 ber_bvundefined = BER_BVC( "(?=undefined)" ),
505 ber_bverror = BER_BVC( "(?=error)" ),
506 ber_bvunknown = BER_BVC( "(?=unknown)" ),
507 ber_bvnone = BER_BVC( "(?=none)" );
510 assert( fstr != NULL );
514 ber_dupbv_x( fstr, &ber_bvnone, op->o_tmpmemctx );
518 if ( f->f_choice & SLAPD_FILTER_UNDEFINED ) {
522 switch ( f->f_choice & SLAPD_FILTER_MASK ) {
523 case LDAP_FILTER_EQUALITY:
525 if ( map_attr_value( dc, &ad, &atmp,
526 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
531 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(=)" );
532 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
534 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=%s)",
535 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
537 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
542 if ( map_attr_value( dc, &ad, &atmp,
543 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
548 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(>=)" );
549 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
551 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s>=%s)",
552 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
554 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
559 if ( map_attr_value( dc, &ad, &atmp,
560 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
565 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(<=)" );
566 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
568 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s<=%s)",
569 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
571 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
574 case LDAP_FILTER_APPROX:
576 if ( map_attr_value( dc, &ad, &atmp,
577 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
582 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(~=)" );
583 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
585 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s~=%s)",
586 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
588 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
591 case LDAP_FILTER_SUBSTRINGS:
593 if ( map_attr_value( dc, &ad, &atmp,
594 NULL, NULL, RWM_MAP, op->o_tmpmemctx ) )
599 /* cannot be a DN ... */
601 fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" );
602 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx );
604 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
607 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
610 filter_escape_value_x( &f->f_sub_initial, &vtmp, op->o_tmpmemctx );
612 fstr->bv_len += vtmp.bv_len;
613 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
616 snprintf( &fstr->bv_val[len - 2], vtmp.bv_len + 3,
617 /* "(attr=" */ "%s*)",
618 vtmp.bv_len ? vtmp.bv_val : "" );
620 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
623 if ( f->f_sub_any != NULL ) {
624 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[i] ); i++ ) {
626 filter_escape_value_x( &f->f_sub_any[i], &vtmp,
629 fstr->bv_len += vtmp.bv_len + 1;
630 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
633 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3,
634 /* "(attr=[init]*[any*]" */ "%s*)",
635 vtmp.bv_len ? vtmp.bv_val : "" );
636 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
640 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
643 filter_escape_value_x( &f->f_sub_final, &vtmp, op->o_tmpmemctx );
645 fstr->bv_len += vtmp.bv_len;
646 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
649 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3,
650 /* "(attr=[init*][any*]" */ "%s)",
651 vtmp.bv_len ? vtmp.bv_val : "" );
653 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
658 case LDAP_FILTER_PRESENT:
660 if ( map_attr_value( dc, &ad, &atmp,
661 NULL, NULL, RWM_MAP, op->o_tmpmemctx ) )
666 fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" );
667 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
669 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
673 case LDAP_FILTER_AND:
675 case LDAP_FILTER_NOT:
676 fstr->bv_len = STRLENOF( "(%)" );
677 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx );
679 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%c)",
680 f->f_choice == LDAP_FILTER_AND ? '&' :
681 f->f_choice == LDAP_FILTER_OR ? '|' : '!' );
683 for ( p = f->f_list; p != NULL; p = p->f_next ) {
688 rc = rwm_int_filter_map_rewrite( op, dc, p, &vtmp );
689 if ( rc != LDAP_SUCCESS ) {
693 fstr->bv_len += vtmp.bv_len;
694 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
697 snprintf( &fstr->bv_val[len-1], vtmp.bv_len + 2,
698 /*"("*/ "%s)", vtmp.bv_len ? vtmp.bv_val : "" );
700 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
705 case LDAP_FILTER_EXT: {
706 if ( f->f_mr_desc ) {
708 if ( map_attr_value( dc, &ad, &atmp,
709 &f->f_mr_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
715 BER_BVSTR( &atmp, "" );
716 filter_escape_value_x( &f->f_mr_value, &vtmp, op->o_tmpmemctx );
720 fstr->bv_len = atmp.bv_len +
721 ( f->f_mr_dnattrs ? STRLENOF( ":dn" ) : 0 ) +
722 ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len + 1 : 0 ) +
723 vtmp.bv_len + STRLENOF( "(:=)" );
724 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
726 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)",
728 f->f_mr_dnattrs ? ":dn" : "",
729 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? ":" : "",
730 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? f->f_mr_rule_text.bv_val : "",
731 vtmp.bv_len ? vtmp.bv_val : "" );
732 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
738 filter_free_x( op, f, 0 );
739 f->f_choice = SLAPD_FILTER_COMPUTED;
740 f->f_result = SLAPD_COMPARE_UNDEFINED;
743 case SLAPD_FILTER_COMPUTED:
744 switch ( f->f_result ) {
745 case LDAP_COMPARE_FALSE:
746 /* FIXME: treat UNDEFINED as FALSE */
747 case SLAPD_COMPARE_UNDEFINED:
748 if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) {
749 tmp = &ber_bvtf_false;
755 case LDAP_COMPARE_TRUE:
756 if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) {
757 tmp = &ber_bvtf_true;
768 ber_dupbv_x( fstr, tmp, op->o_tmpmemctx );
772 ber_dupbv_x( fstr, &ber_bvunknown, op->o_tmpmemctx );
780 rwm_filter_map_rewrite(
784 struct berval *fstr )
790 rc = rwm_int_filter_map_rewrite( op, dc, f, fstr );
799 fdc.ctx = "searchFilter";
801 switch ( rewrite_session( fdc.rwmap->rwm_rw, fdc.ctx,
802 ( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : "" ),
803 fdc.conn, &fstr->bv_val ) )
805 case REWRITE_REGEXEC_OK:
806 if ( !BER_BVISNULL( fstr ) ) {
807 fstr->bv_len = strlen( fstr->bv_val );
813 Debug( LDAP_DEBUG_ARGS,
814 "[rw] %s: \"%s\" -> \"%s\"\n",
815 fdc.ctx, ftmp.bv_val, fstr->bv_val );
816 if ( fstr->bv_val != ftmp.bv_val ) {
817 ber_bvreplace_x( &ftmp, fstr, op->o_tmpmemctx );
818 ch_free( fstr->bv_val );
824 case REWRITE_REGEXEC_UNWILLING:
826 fdc.rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
827 fdc.rs->sr_text = "Operation not allowed";
829 op->o_tmpfree( ftmp.bv_val, op->o_tmpmemctx );
830 rc = LDAP_UNWILLING_TO_PERFORM;
833 case REWRITE_REGEXEC_ERR:
835 fdc.rs->sr_err = LDAP_OTHER;
836 fdc.rs->sr_text = "Rewrite error";
838 op->o_tmpfree( ftmp.bv_val, op->o_tmpmemctx );
847 * I don't like this much, but we need two different
848 * functions because different heap managers may be
849 * in use in back-ldap/meta to reduce the amount of
850 * calls to malloc routines, and some of the free()
851 * routines may be macros with args
854 rwm_referral_rewrite(
859 BerVarray *pa_nvals )
861 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
862 struct ldaprwmap *rwmap =
863 (struct ldaprwmap *)on->on_bi.bi_private;
868 struct berval dn = BER_BVNULL,
871 assert( a_vals != NULL );
874 * Rewrite the dn if needed
877 dc.conn = op->o_conn;
879 dc.ctx = (char *)cookie;
881 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ )
885 if ( pa_nvals != NULL ) {
886 if ( *pa_nvals == NULL ) {
887 *pa_nvals = ch_malloc( ( last + 2 ) * sizeof(struct berval) );
888 memset( *pa_nvals, 0, ( last + 2 ) * sizeof(struct berval) );
892 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
893 struct berval olddn = BER_BVNULL,
899 rc = ldap_url_parse( oldval.bv_val, &ludp );
900 if ( rc != LDAP_URL_SUCCESS ) {
901 /* leave attr untouched if massage failed */
902 if ( pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
903 ber_dupbv( &(*pa_nvals)[i], &oldval );
908 /* FIXME: URLs like "ldap:///dc=suffix" if passed
909 * thru ldap_url_parse() and ldap_url_desc2str()
910 * get rewritten as "ldap:///dc=suffix??base";
911 * we don't want this to occur... */
912 if ( ludp->lud_scope == LDAP_SCOPE_BASE ) {
913 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
916 ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
921 rc = rwm_dn_massage_pretty_normalize( &dc, &olddn,
924 rc = rwm_dn_massage_pretty( &dc, &olddn, &dn );
928 case LDAP_UNWILLING_TO_PERFORM:
930 * FIXME: need to check if it may be considered
931 * legal to trim values when adding/modifying;
932 * it should be when searching (e.g. ACLs).
934 ch_free( a_vals[i].bv_val );
936 a_vals[i] = a_vals[last];
938 (*pa_nvals)[i] = (*pa_nvals)[last];
941 BER_BVZERO( &a_vals[last] );
943 BER_BVZERO( &(*pa_nvals)[last] );
949 if ( !BER_BVISNULL( &dn ) && dn.bv_val != olddn.bv_val ) {
952 ludp->lud_dn = dn.bv_val;
953 newurl = ldap_url_desc2str( ludp );
954 ludp->lud_dn = olddn.bv_val;
955 ch_free( dn.bv_val );
956 if ( newurl == NULL ) {
957 /* FIXME: leave attr untouched
958 * even if ldap_url_desc2str failed...
963 ber_str2bv( newurl, 0, 1, &a_vals[i] );
967 ludp->lud_dn = ndn.bv_val;
968 newurl = ldap_url_desc2str( ludp );
969 ludp->lud_dn = olddn.bv_val;
970 ch_free( ndn.bv_val );
971 if ( newurl == NULL ) {
972 /* FIXME: leave attr untouched
973 * even if ldap_url_desc2str failed...
975 ch_free( a_vals[i].bv_val );
980 if ( !BER_BVISNULL( &(*pa_nvals)[i] ) ) {
981 ch_free( (*pa_nvals)[i].bv_val );
983 ber_str2bv( newurl, 0, 1, &(*pa_nvals)[i] );
987 ch_free( oldval.bv_val );
988 ludp->lud_dn = olddn.bv_val;
993 /* leave attr untouched if massage failed */
994 if ( pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
995 ber_dupbv( &(*pa_nvals)[i], &a_vals[i] );
999 ldap_free_urldesc( ludp );
1006 * I don't like this much, but we need two different
1007 * functions because different heap managers may be
1008 * in use in back-ldap/meta to reduce the amount of
1009 * calls to malloc routines, and some of the free()
1010 * routines may be macros with args
1018 BerVarray *pa_nvals )
1020 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1021 struct ldaprwmap *rwmap =
1022 (struct ldaprwmap *)on->on_bi.bi_private;
1027 struct berval dn = BER_BVNULL,
1035 if ( pa_nvals == NULL || *pa_nvals == NULL ) {
1042 * Rewrite the dn if needed
1045 dc.conn = op->o_conn;
1047 dc.ctx = (char *)cookie;
1049 for ( last = 0; !BER_BVISNULL( &in[last] ); last++ );
1051 if ( pa_nvals != NULL ) {
1052 if ( *pa_nvals == NULL ) {
1053 *pa_nvals = ch_malloc( ( last + 2 ) * sizeof(struct berval) );
1054 memset( *pa_nvals, 0, ( last + 2 ) * sizeof(struct berval) );
1058 for ( i = 0; !BER_BVISNULL( &in[i] ); i++ ) {
1064 ndn = (*pa_nvals)[i];
1065 rc = rwm_dn_massage_pretty_normalize( &dc, &in[i], &dn, &ndn );
1067 rc = rwm_dn_massage_pretty( &dc, &in[i], &dn );
1071 rc = rwm_dn_massage_normalize( &dc, &in[i], &ndn );
1075 case LDAP_UNWILLING_TO_PERFORM:
1077 * FIXME: need to check if it may be considered
1078 * legal to trim values when adding/modifying;
1079 * it should be when searching (e.g. ACLs).
1081 ch_free( in[i].bv_val );
1084 if ( a_vals && pa_nvals ) {
1085 (*pa_nvals)[i] = (*pa_nvals)[last];
1088 BER_BVZERO( &in[last] );
1089 if ( a_vals && pa_nvals ) {
1090 BER_BVZERO( &(*pa_nvals)[last] );
1097 if ( !BER_BVISNULL( &dn ) && dn.bv_val != a_vals[i].bv_val ) {
1098 ch_free( a_vals[i].bv_val );
1102 if ( !BER_BVISNULL( &(*pa_nvals)[i] ) ) {
1103 ch_free( (*pa_nvals)[i].bv_val );
1105 (*pa_nvals)[i] = ndn;
1110 if ( !BER_BVISNULL( &ndn ) && ndn.bv_val != (*pa_nvals)[i].bv_val ) {
1111 ch_free( (*pa_nvals)[i].bv_val );
1112 (*pa_nvals)[i] = ndn;
1118 /* leave attr untouched if massage failed */
1119 if ( a_vals && pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
1120 dnNormalize( 0, NULL, NULL, &a_vals[i], &(*pa_nvals)[i], NULL );
1130 rwm_referral_result_rewrite(
1136 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ );
1139 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
1145 rc = ldap_url_parse( a_vals[i].bv_val, &ludp );
1146 if ( rc != LDAP_URL_SUCCESS ) {
1147 /* leave attr untouched if massage failed */
1151 /* FIXME: URLs like "ldap:///dc=suffix" if passed
1152 * thru ldap_url_parse() and ldap_url_desc2str()
1153 * get rewritten as "ldap:///dc=suffix??base";
1154 * we don't want this to occur... */
1155 if ( ludp->lud_scope == LDAP_SCOPE_BASE ) {
1156 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
1159 ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
1162 rc = rwm_dn_massage_pretty( dc, &olddn, &dn );
1164 case LDAP_UNWILLING_TO_PERFORM:
1166 * FIXME: need to check if it may be considered
1167 * legal to trim values when adding/modifying;
1168 * it should be when searching (e.g. ACLs).
1170 ch_free( a_vals[i].bv_val );
1172 a_vals[i] = a_vals[last];
1174 BER_BVZERO( &a_vals[last] );
1180 /* leave attr untouched if massage failed */
1181 if ( !BER_BVISNULL( &dn ) && olddn.bv_val != dn.bv_val ) {
1184 ludp->lud_dn = dn.bv_val;
1185 newurl = ldap_url_desc2str( ludp );
1186 if ( newurl == NULL ) {
1187 /* FIXME: leave attr untouched
1188 * even if ldap_url_desc2str failed...
1193 ch_free( a_vals[i].bv_val );
1194 ber_str2bv( newurl, 0, 1, &a_vals[i] );
1195 LDAP_FREE( newurl );
1196 ludp->lud_dn = olddn.bv_val;
1201 ldap_free_urldesc( ludp );
1208 rwm_dnattr_result_rewrite(
1215 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ );
1218 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
1219 struct berval pdn, ndn = BER_BVNULL;
1223 rc = rwm_dn_massage_pretty_normalize( dc, &a_vals[i], &pdn, &ndn );
1225 case LDAP_UNWILLING_TO_PERFORM:
1227 * FIXME: need to check if it may be considered
1228 * legal to trim values when adding/modifying;
1229 * it should be when searching (e.g. ACLs).
1231 assert( a_vals[i].bv_val != a_nvals[i].bv_val );
1232 ch_free( a_vals[i].bv_val );
1233 ch_free( a_nvals[i].bv_val );
1235 a_vals[i] = a_vals[last];
1236 a_nvals[i] = a_nvals[last];
1238 BER_BVZERO( &a_vals[last] );
1239 BER_BVZERO( &a_nvals[last] );
1244 /* leave attr untouched if massage failed */
1245 if ( !BER_BVISNULL( &pdn ) && a_vals[i].bv_val != pdn.bv_val ) {
1246 ch_free( a_vals[i].bv_val );
1249 if ( !BER_BVISNULL( &ndn ) && a_nvals[i].bv_val != ndn.bv_val ) {
1250 ch_free( a_nvals[i].bv_val );
1261 rwm_mapping_dst_free( void *v_mapping )
1263 struct ldapmapping *mapping = v_mapping;
1265 if ( BER_BVISEMPTY( &mapping[0].m_dst ) ) {
1266 rwm_mapping_free( &mapping[ -1 ] );
1271 rwm_mapping_free( void *v_mapping )
1273 struct ldapmapping *mapping = v_mapping;
1275 if ( !BER_BVISNULL( &mapping[0].m_src ) ) {
1276 ch_free( mapping[0].m_src.bv_val );
1279 if ( mapping[0].m_flags & RWMMAP_F_FREE_SRC ) {
1280 if ( mapping[0].m_flags & RWMMAP_F_IS_OC ) {
1281 if ( mapping[0].m_src_oc ) {
1282 ch_free( mapping[0].m_src_oc );
1286 if ( mapping[0].m_src_ad ) {
1287 ch_free( mapping[0].m_src_ad );
1292 if ( !BER_BVISNULL( &mapping[0].m_dst ) ) {
1293 ch_free( mapping[0].m_dst.bv_val );
1296 if ( mapping[0].m_flags & RWMMAP_F_FREE_DST ) {
1297 if ( mapping[0].m_flags & RWMMAP_F_IS_OC ) {
1298 if ( mapping[0].m_dst_oc ) {
1299 ch_free( mapping[0].m_dst_oc );
1303 if ( mapping[0].m_dst_ad ) {
1304 ch_free( mapping[0].m_dst_ad );
1313 #endif /* SLAPD_OVER_RWM */
projects / openldap / blob