1 /* rwmmap.c - rewrite/mapping routines */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1999-2007 The OpenLDAP Foundation.
6 * Portions Copyright 1999-2003 Howard Chu.
7 * Portions Copyright 2000-2003 Pierangelo Masarati.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by the Howard Chu for inclusion
20 * in OpenLDAP Software and subsequently enhanced by Pierangelo
30 #include <ac/string.h>
31 #include <ac/socket.h>
37 #undef ldap_debug /* silence a warning in ldap-int.h */
38 #include "../../../libraries/libldap/ldap-int.h"
41 rwm_mapping_cmp( const void *c1, const void *c2 )
43 struct ldapmapping *map1 = (struct ldapmapping *)c1;
44 struct ldapmapping *map2 = (struct ldapmapping *)c2;
45 int rc = map1->m_src.bv_len - map2->m_src.bv_len;
51 return strcasecmp( map1->m_src.bv_val, map2->m_src.bv_val );
55 rwm_mapping_dup( void *c1, void *c2 )
57 struct ldapmapping *map1 = (struct ldapmapping *)c1;
58 struct ldapmapping *map2 = (struct ldapmapping *)c2;
59 int rc = map1->m_src.bv_len - map2->m_src.bv_len;
65 return ( ( strcasecmp( map1->m_src.bv_val, map2->m_src.bv_val ) == 0 ) ? -1 : 0 );
69 rwm_map_init( struct ldapmap *lm, struct ldapmapping **m )
71 struct ldapmapping *mapping;
79 mapping = (struct ldapmapping *)ch_calloc( 2,
80 sizeof( struct ldapmapping ) );
81 if ( mapping == NULL ) {
82 return LDAP_NO_MEMORY;
85 /* FIXME: I don't think this is needed any more... */
86 rc = slap_str2ad( "objectClass", &mapping[0].m_src_ad, &text );
87 if ( rc != LDAP_SUCCESS ) {
92 mapping[0].m_dst_ad = mapping[0].m_src_ad;
93 ber_dupbv( &mapping[0].m_src, &mapping[0].m_src_ad->ad_cname );
94 ber_dupbv( &mapping[0].m_dst, &mapping[0].m_src );
96 mapping[1].m_src = mapping[0].m_src;
97 mapping[1].m_dst = mapping[0].m_dst;
98 mapping[1].m_src_ad = mapping[0].m_src_ad;
99 mapping[1].m_dst_ad = mapping[1].m_src_ad;
101 avl_insert( &lm->map, (caddr_t)&mapping[0],
102 rwm_mapping_cmp, rwm_mapping_dup );
103 avl_insert( &lm->remap, (caddr_t)&mapping[1],
104 rwm_mapping_cmp, rwm_mapping_dup );
112 rwm_mapping( struct ldapmap *map, struct berval *s, struct ldapmapping **m, int remap )
115 struct ldapmapping fmapping;
123 if ( remap == RWM_REMAP ) {
131 *m = (struct ldapmapping *)avl_find( tree, (caddr_t)&fmapping,
135 return map->drop_missing;
142 rwm_map( struct ldapmap *map, struct berval *s, struct berval *bv, int remap )
144 struct ldapmapping *mapping;
146 /* map->map may be NULL when mapping is configured,
147 * but map->remap can't */
148 if ( map->remap == NULL ) {
154 ( void )rwm_mapping( map, s, &mapping, remap );
155 if ( mapping != NULL ) {
156 if ( !BER_BVISNULL( &mapping->m_dst ) ) {
157 *bv = mapping->m_dst;
162 if ( !map->drop_missing ) {
168 * Map attribute names in place
172 struct ldapmap *at_map,
173 struct ldapmap *oc_map,
180 assert( anp != NULL );
188 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ )
190 *anp = ch_malloc( ( i + 1 )* sizeof( AttributeName ) );
191 if ( *anp == NULL ) {
192 return LDAP_NO_MEMORY;
195 for ( i = 0, j = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
196 struct ldapmapping *m;
197 int at_drop_missing = 0,
200 if ( an[i].an_desc ) {
202 /* FIXME: better leave as is? */
206 at_drop_missing = rwm_mapping( at_map, &an[i].an_name, &m, remap );
207 if ( at_drop_missing || ( m && BER_BVISNULL( &m->m_dst ) ) ) {
218 if ( remap == RWM_MAP ) {
219 (*anp)[j].an_name = m->m_dst;
220 (*anp)[j].an_desc = m->m_dst_ad;
222 (*anp)[j].an_name = m->m_src;
223 (*anp)[j].an_desc = m->m_src_ad;
230 } else if ( an[i].an_oc ) {
232 /* FIXME: better leave as is? */
236 oc_drop_missing = rwm_mapping( oc_map, &an[i].an_name, &m, remap );
238 if ( oc_drop_missing || ( m && BER_BVISNULL( &m->m_dst ) ) ) {
249 if ( remap == RWM_MAP ) {
250 (*anp)[j].an_name = m->m_dst;
251 (*anp)[j].an_oc = m->m_dst_oc;
253 (*anp)[j].an_name = m->m_src;
254 (*anp)[j].an_oc = m->m_src_oc;
258 at_drop_missing = rwm_mapping( at_map, &an[i].an_name, &m, remap );
260 if ( at_drop_missing || !m ) {
261 oc_drop_missing = rwm_mapping( oc_map, &an[i].an_name, &m, remap );
263 /* if both at_map and oc_map required to drop missing,
265 if ( oc_drop_missing && at_drop_missing ) {
269 /* if no oc_map mapping was found and at_map required
270 * to drop missing, then do it; otherwise, at_map wins
271 * and an is considered an attr and is left unchanged */
273 if ( at_drop_missing ) {
281 if ( BER_BVISNULL( &m->m_dst ) ) {
286 if ( remap == RWM_MAP ) {
287 (*anp)[j].an_name = m->m_dst;
288 (*anp)[j].an_oc = m->m_dst_oc;
290 (*anp)[j].an_name = m->m_src;
291 (*anp)[j].an_oc = m->m_src_oc;
297 if ( !BER_BVISNULL( &m->m_dst ) ) {
299 if ( remap == RWM_MAP ) {
300 (*anp)[j].an_name = m->m_dst;
301 (*anp)[j].an_desc = m->m_dst_ad;
303 (*anp)[j].an_name = m->m_src;
304 (*anp)[j].an_desc = m->m_src_ad;
312 if ( j == 0 && i != 0 ) {
313 memset( &(*anp)[0], 0, sizeof( AttributeName ) );
314 BER_BVSTR( &(*anp)[0].an_name, LDAP_NO_ATTRS );
317 memset( &(*anp)[j], 0, sizeof( AttributeName ) );
324 struct ldapmap *at_map,
327 char ***mapped_attrs )
333 *mapped_attrs = NULL;
337 for ( i = 0; !BER_BVISNULL( &an[ i ].an_name ); i++ )
340 na = (char **)ch_calloc( i + 1, sizeof( char * ) );
342 *mapped_attrs = NULL;
343 return LDAP_NO_MEMORY;
346 for ( i = j = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
347 struct ldapmapping *mapping;
349 if ( rwm_mapping( at_map, &an[i].an_name, &mapping, remap ) ) {
354 na[ j++ ] = an[ i ].an_name.bv_val;
356 } else if ( !BER_BVISNULL( &mapping->m_dst ) ) {
357 na[ j++ ] = mapping->m_dst.bv_val;
361 if ( j == 0 && i != 0 ) {
362 na[ j++ ] = LDAP_NO_ATTRS;
375 AttributeDescription **adp,
376 struct berval *mapped_attr,
377 struct berval *value,
378 struct berval *mapped_value,
381 struct berval vtmp = BER_BVNULL;
383 char uuid[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
384 AttributeDescription *ad = *adp;
385 struct ldapmapping *mapping = NULL;
387 rwm_mapping( &dc->rwmap->rwm_at, &ad->ad_cname, &mapping, remap );
388 if ( mapping == NULL ) {
389 if ( dc->rwmap->rwm_at.drop_missing ) {
393 *mapped_attr = ad->ad_cname;
396 *mapped_attr = mapping->m_dst;
399 if ( value != NULL ) {
400 assert( mapped_value != NULL );
402 if ( ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
403 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
408 fdc.ctx = "searchFilterAttrDN";
411 rc = rwm_dn_massage_normalize( &fdc, value, &vtmp );
414 if ( vtmp.bv_val != value->bv_val ) {
419 case LDAP_UNWILLING_TO_PERFORM:
425 } else if ( ad->ad_type->sat_syntax == slap_schema.si_ad_entryUUID->ad_type->sat_syntax ) {
426 vtmp.bv_len = lutil_uuidstr_from_normalized( value->bv_val,
427 value->bv_len, uuid, LDAP_LUTIL_UUIDSTR_BUFSIZE );
428 if ( vtmp.bv_len < 0 ) {
433 } else if ( ad == slap_schema.si_ad_objectClass
434 || ad == slap_schema.si_ad_structuralObjectClass )
436 rwm_map( &dc->rwmap->rwm_oc, value, &vtmp, remap );
437 if ( BER_BVISNULL( &vtmp ) || BER_BVISEMPTY( &vtmp ) ) {
445 filter_escape_value( &vtmp, mapped_value );
448 ch_free( vtmp.bv_val );
452 if ( mapping != NULL ) {
453 assert( mapping->m_dst_ad != NULL );
454 *adp = mapping->m_dst_ad;
461 rwm_int_filter_map_rewrite(
465 struct berval *fstr )
469 AttributeDescription *ad;
474 /* better than nothing... */
475 ber_bvfalse = BER_BVC( "(!(objectClass=*))" ),
476 ber_bvtf_false = BER_BVC( "(|)" ),
477 /* better than nothing... */
478 ber_bvtrue = BER_BVC( "(objectClass=*)" ),
479 ber_bvtf_true = BER_BVC( "(&)" ),
481 /* no longer needed; preserved for completeness */
482 ber_bvundefined = BER_BVC( "(?=undefined)" ),
484 ber_bverror = BER_BVC( "(?=error)" ),
485 ber_bvunknown = BER_BVC( "(?=unknown)" ),
486 ber_bvnone = BER_BVC( "(?=none)" );
489 assert( fstr != NULL );
493 ber_dupbv( fstr, &ber_bvnone );
497 switch ( f->f_choice & SLAPD_FILTER_MASK ) {
498 case LDAP_FILTER_EQUALITY:
500 if ( map_attr_value( dc, &ad, &atmp,
501 &f->f_av_value, &vtmp, RWM_MAP ) )
506 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(=)" );
507 fstr->bv_val = ch_malloc( fstr->bv_len + 1 );
509 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=%s)",
510 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
512 ch_free( vtmp.bv_val );
517 if ( map_attr_value( dc, &ad, &atmp,
518 &f->f_av_value, &vtmp, RWM_MAP ) )
523 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(>=)" );
524 fstr->bv_val = ch_malloc( fstr->bv_len + 1 );
526 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s>=%s)",
527 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
529 ch_free( vtmp.bv_val );
534 if ( map_attr_value( dc, &ad, &atmp,
535 &f->f_av_value, &vtmp, RWM_MAP ) )
540 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(<=)" );
541 fstr->bv_val = ch_malloc( fstr->bv_len + 1 );
543 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s<=%s)",
544 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
546 ch_free( vtmp.bv_val );
549 case LDAP_FILTER_APPROX:
551 if ( map_attr_value( dc, &ad, &atmp,
552 &f->f_av_value, &vtmp, RWM_MAP ) )
557 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(~=)" );
558 fstr->bv_val = ch_malloc( fstr->bv_len + 1 );
560 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s~=%s)",
561 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
563 ch_free( vtmp.bv_val );
566 case LDAP_FILTER_SUBSTRINGS:
568 if ( map_attr_value( dc, &ad, &atmp,
569 NULL, NULL, RWM_MAP ) )
574 /* cannot be a DN ... */
576 fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" );
577 fstr->bv_val = ch_malloc( fstr->bv_len + 128 );
579 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
582 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
585 filter_escape_value( &f->f_sub_initial, &vtmp );
587 fstr->bv_len += vtmp.bv_len;
588 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
590 snprintf( &fstr->bv_val[len - 2], vtmp.bv_len + 3,
591 /* "(attr=" */ "%s*)",
592 vtmp.bv_len ? vtmp.bv_val : "" );
594 ch_free( vtmp.bv_val );
597 if ( f->f_sub_any != NULL ) {
598 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[i] ); i++ ) {
600 filter_escape_value( &f->f_sub_any[i], &vtmp );
602 fstr->bv_len += vtmp.bv_len + 1;
603 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
605 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3,
606 /* "(attr=[init]*[any*]" */ "%s*)",
607 vtmp.bv_len ? vtmp.bv_val : "" );
608 ch_free( vtmp.bv_val );
612 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
615 filter_escape_value( &f->f_sub_final, &vtmp );
617 fstr->bv_len += vtmp.bv_len;
618 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
620 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3,
621 /* "(attr=[init*][any*]" */ "%s)",
622 vtmp.bv_len ? vtmp.bv_val : "" );
624 ch_free( vtmp.bv_val );
629 case LDAP_FILTER_PRESENT:
631 if ( map_attr_value( dc, &ad, &atmp,
632 NULL, NULL, RWM_MAP ) )
637 fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" );
638 fstr->bv_val = ch_malloc( fstr->bv_len + 1 );
640 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
644 case LDAP_FILTER_AND:
646 case LDAP_FILTER_NOT:
647 fstr->bv_len = STRLENOF( "(%)" );
648 fstr->bv_val = ch_malloc( fstr->bv_len + 128 );
650 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%c)",
651 f->f_choice == LDAP_FILTER_AND ? '&' :
652 f->f_choice == LDAP_FILTER_OR ? '|' : '!' );
654 for ( p = f->f_list; p != NULL; p = p->f_next ) {
659 rc = rwm_int_filter_map_rewrite( op, dc, p, &vtmp );
660 if ( rc != LDAP_SUCCESS ) {
664 fstr->bv_len += vtmp.bv_len;
665 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
667 snprintf( &fstr->bv_val[len-1], vtmp.bv_len + 2,
668 /*"("*/ "%s)", vtmp.bv_len ? vtmp.bv_val : "" );
670 ch_free( vtmp.bv_val );
675 case LDAP_FILTER_EXT: {
676 if ( f->f_mr_desc ) {
678 if ( map_attr_value( dc, &ad, &atmp,
679 &f->f_mr_value, &vtmp, RWM_MAP ) )
685 BER_BVSTR( &atmp, "" );
686 filter_escape_value( &f->f_mr_value, &vtmp );
690 fstr->bv_len = atmp.bv_len +
691 ( f->f_mr_dnattrs ? STRLENOF( ":dn" ) : 0 ) +
692 ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len + 1 : 0 ) +
693 vtmp.bv_len + STRLENOF( "(:=)" );
694 fstr->bv_val = ch_malloc( fstr->bv_len + 1 );
696 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)",
698 f->f_mr_dnattrs ? ":dn" : "",
699 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? ":" : "",
700 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? f->f_mr_rule_text.bv_val : "",
701 vtmp.bv_len ? vtmp.bv_val : "" );
702 ch_free( vtmp.bv_val );
708 filter_free_x( op, f );
709 f->f_choice = SLAPD_FILTER_COMPUTED;
710 f->f_result = SLAPD_COMPARE_UNDEFINED;
713 case SLAPD_FILTER_COMPUTED:
714 switch ( f->f_result ) {
715 case LDAP_COMPARE_FALSE:
716 /* FIXME: treat UNDEFINED as FALSE */
717 case SLAPD_COMPARE_UNDEFINED:
718 if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) {
719 tmp = &ber_bvtf_false;
725 case LDAP_COMPARE_TRUE:
726 if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) {
727 tmp = &ber_bvtf_true;
738 ber_dupbv( fstr, tmp );
742 ber_dupbv( fstr, &ber_bvunknown );
750 rwm_filter_map_rewrite(
754 struct berval *fstr )
760 rc = rwm_int_filter_map_rewrite( op, dc, f, fstr );
769 fdc.ctx = "searchFilter";
771 switch ( rewrite_session( fdc.rwmap->rwm_rw, fdc.ctx,
772 ( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : "" ),
773 fdc.conn, &fstr->bv_val ) )
775 case REWRITE_REGEXEC_OK:
776 if ( !BER_BVISNULL( fstr ) ) {
777 fstr->bv_len = strlen( fstr->bv_val );
778 if ( fstr->bv_val != ftmp.bv_val ) {
779 ch_free( ftmp.bv_val );
786 Debug( LDAP_DEBUG_ARGS,
787 "[rw] %s: \"%s\" -> \"%s\"\n",
788 fdc.ctx, ftmp.bv_val, fstr->bv_val );
792 case REWRITE_REGEXEC_UNWILLING:
794 fdc.rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
795 fdc.rs->sr_text = "Operation not allowed";
797 rc = LDAP_UNWILLING_TO_PERFORM;
800 case REWRITE_REGEXEC_ERR:
802 fdc.rs->sr_err = LDAP_OTHER;
803 fdc.rs->sr_text = "Rewrite error";
813 * I don't like this much, but we need two different
814 * functions because different heap managers may be
815 * in use in back-ldap/meta to reduce the amount of
816 * calls to malloc routines, and some of the free()
817 * routines may be macros with args
820 rwm_referral_rewrite(
825 BerVarray *pa_nvals )
827 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
828 struct ldaprwmap *rwmap =
829 (struct ldaprwmap *)on->on_bi.bi_private;
834 struct berval dn = BER_BVNULL,
837 assert( a_vals != NULL );
840 * Rewrite the dn if needed
843 dc.conn = op->o_conn;
845 dc.ctx = (char *)cookie;
847 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ )
851 if ( pa_nvals != NULL ) {
852 if ( *pa_nvals == NULL ) {
853 *pa_nvals = ch_malloc( ( last + 2 ) * sizeof(struct berval) );
854 memset( *pa_nvals, 0, ( last + 2 ) * sizeof(struct berval) );
858 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
859 struct berval olddn = BER_BVNULL,
865 rc = ldap_url_parse( oldval.bv_val, &ludp );
866 if ( rc != LDAP_URL_SUCCESS ) {
867 /* leave attr untouched if massage failed */
868 if ( pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
869 ber_dupbv( &(*pa_nvals)[i], &oldval );
874 /* FIXME: URLs like "ldap:///dc=suffix" if passed
875 * thru ldap_url_parse() and ldap_url_desc2str()
876 * get rewritten as "ldap:///dc=suffix??base";
877 * we don't want this to occur... */
878 if ( ludp->lud_scope == LDAP_SCOPE_BASE ) {
879 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
882 ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
887 rc = rwm_dn_massage_pretty_normalize( &dc, &olddn,
890 rc = rwm_dn_massage_pretty( &dc, &olddn, &dn );
894 case LDAP_UNWILLING_TO_PERFORM:
896 * FIXME: need to check if it may be considered
897 * legal to trim values when adding/modifying;
898 * it should be when searching (e.g. ACLs).
900 ch_free( a_vals[i].bv_val );
902 a_vals[i] = a_vals[last];
904 (*pa_nvals)[i] = (*pa_nvals)[last];
907 BER_BVZERO( &a_vals[last] );
909 BER_BVZERO( &(*pa_nvals)[last] );
915 if ( !BER_BVISNULL( &dn ) && dn.bv_val != olddn.bv_val ) {
918 ludp->lud_dn = dn.bv_val;
919 newurl = ldap_url_desc2str( ludp );
920 ludp->lud_dn = olddn.bv_val;
921 ch_free( dn.bv_val );
922 if ( newurl == NULL ) {
923 /* FIXME: leave attr untouched
924 * even if ldap_url_desc2str failed...
929 ber_str2bv( newurl, 0, 1, &a_vals[i] );
933 ludp->lud_dn = ndn.bv_val;
934 newurl = ldap_url_desc2str( ludp );
935 ludp->lud_dn = olddn.bv_val;
936 ch_free( ndn.bv_val );
937 if ( newurl == NULL ) {
938 /* FIXME: leave attr untouched
939 * even if ldap_url_desc2str failed...
941 ch_free( a_vals[i].bv_val );
946 if ( !BER_BVISNULL( &(*pa_nvals)[i] ) ) {
947 ch_free( (*pa_nvals)[i].bv_val );
949 ber_str2bv( newurl, 0, 1, &(*pa_nvals)[i] );
953 ch_free( oldval.bv_val );
954 ludp->lud_dn = olddn.bv_val;
959 /* leave attr untouched if massage failed */
960 if ( pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
961 ber_dupbv( &(*pa_nvals)[i], &a_vals[i] );
965 ldap_free_urldesc( ludp );
972 * I don't like this much, but we need two different
973 * functions because different heap managers may be
974 * in use in back-ldap/meta to reduce the amount of
975 * calls to malloc routines, and some of the free()
976 * routines may be macros with args
984 BerVarray *pa_nvals )
986 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
987 struct ldaprwmap *rwmap =
988 (struct ldaprwmap *)on->on_bi.bi_private;
993 struct berval dn = BER_BVNULL,
1001 if ( pa_nvals == NULL || *pa_nvals == NULL ) {
1008 * Rewrite the dn if needed
1011 dc.conn = op->o_conn;
1013 dc.ctx = (char *)cookie;
1015 for ( last = 0; !BER_BVISNULL( &in[last] ); last++ );
1017 if ( pa_nvals != NULL ) {
1018 if ( *pa_nvals == NULL ) {
1019 *pa_nvals = ch_malloc( ( last + 2 ) * sizeof(struct berval) );
1020 memset( *pa_nvals, 0, ( last + 2 ) * sizeof(struct berval) );
1024 for ( i = 0; !BER_BVISNULL( &in[i] ); i++ ) {
1030 ndn = (*pa_nvals)[i];
1031 rc = rwm_dn_massage_pretty_normalize( &dc, &in[i], &dn, &ndn );
1033 rc = rwm_dn_massage_pretty( &dc, &in[i], &dn );
1037 rc = rwm_dn_massage_normalize( &dc, &in[i], &ndn );
1041 case LDAP_UNWILLING_TO_PERFORM:
1043 * FIXME: need to check if it may be considered
1044 * legal to trim values when adding/modifying;
1045 * it should be when searching (e.g. ACLs).
1047 ch_free( in[i].bv_val );
1050 if ( a_vals && pa_nvals ) {
1051 (*pa_nvals)[i] = (*pa_nvals)[last];
1054 BER_BVZERO( &in[last] );
1055 if ( a_vals && pa_nvals ) {
1056 BER_BVZERO( &(*pa_nvals)[last] );
1063 if ( !BER_BVISNULL( &dn ) && dn.bv_val != a_vals[i].bv_val ) {
1064 ch_free( a_vals[i].bv_val );
1068 if ( !BER_BVISNULL( &(*pa_nvals)[i] ) ) {
1069 ch_free( (*pa_nvals)[i].bv_val );
1071 (*pa_nvals)[i] = ndn;
1076 if ( !BER_BVISNULL( &ndn ) && ndn.bv_val != (*pa_nvals)[i].bv_val ) {
1077 ch_free( (*pa_nvals)[i].bv_val );
1078 (*pa_nvals)[i] = ndn;
1084 /* leave attr untouched if massage failed */
1085 if ( a_vals && pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
1086 dnNormalize( 0, NULL, NULL, &a_vals[i], &(*pa_nvals)[i], NULL );
1096 rwm_referral_result_rewrite(
1102 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ );
1105 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
1111 rc = ldap_url_parse( a_vals[i].bv_val, &ludp );
1112 if ( rc != LDAP_URL_SUCCESS ) {
1113 /* leave attr untouched if massage failed */
1117 /* FIXME: URLs like "ldap:///dc=suffix" if passed
1118 * thru ldap_url_parse() and ldap_url_desc2str()
1119 * get rewritten as "ldap:///dc=suffix??base";
1120 * we don't want this to occur... */
1121 if ( ludp->lud_scope == LDAP_SCOPE_BASE ) {
1122 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
1125 ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
1128 rc = rwm_dn_massage_pretty( dc, &olddn, &dn );
1130 case LDAP_UNWILLING_TO_PERFORM:
1132 * FIXME: need to check if it may be considered
1133 * legal to trim values when adding/modifying;
1134 * it should be when searching (e.g. ACLs).
1136 ch_free( a_vals[i].bv_val );
1138 a_vals[i] = a_vals[last];
1140 BER_BVZERO( &a_vals[last] );
1146 /* leave attr untouched if massage failed */
1147 if ( !BER_BVISNULL( &dn ) && olddn.bv_val != dn.bv_val ) {
1150 ludp->lud_dn = dn.bv_val;
1151 newurl = ldap_url_desc2str( ludp );
1152 if ( newurl == NULL ) {
1153 /* FIXME: leave attr untouched
1154 * even if ldap_url_desc2str failed...
1159 ch_free( a_vals[i].bv_val );
1160 ber_str2bv( newurl, 0, 1, &a_vals[i] );
1161 LDAP_FREE( newurl );
1162 ludp->lud_dn = olddn.bv_val;
1167 ldap_free_urldesc( ludp );
1174 rwm_dnattr_result_rewrite(
1180 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ );
1183 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
1188 rc = rwm_dn_massage_pretty( dc, &a_vals[i], &dn );
1190 case LDAP_UNWILLING_TO_PERFORM:
1192 * FIXME: need to check if it may be considered
1193 * legal to trim values when adding/modifying;
1194 * it should be when searching (e.g. ACLs).
1196 ch_free( a_vals[i].bv_val );
1198 a_vals[i] = a_vals[last];
1200 BER_BVZERO( &a_vals[last] );
1205 /* leave attr untouched if massage failed */
1206 if ( !BER_BVISNULL( &dn ) && a_vals[i].bv_val != dn.bv_val ) {
1207 ch_free( a_vals[i].bv_val );
1218 rwm_mapping_dst_free( void *v_mapping )
1220 struct ldapmapping *mapping = v_mapping;
1222 if ( BER_BVISEMPTY( &mapping[0].m_dst ) ) {
1223 rwm_mapping_free( &mapping[ -1 ] );
1228 rwm_mapping_free( void *v_mapping )
1230 struct ldapmapping *mapping = v_mapping;
1232 if ( !BER_BVISNULL( &mapping[0].m_src ) ) {
1233 ch_free( mapping[0].m_src.bv_val );
1236 if ( mapping[0].m_flags & RWMMAP_F_FREE_SRC ) {
1237 if ( mapping[0].m_flags & RWMMAP_F_IS_OC ) {
1238 if ( mapping[0].m_src_oc ) {
1239 ch_free( mapping[0].m_src_oc );
1243 if ( mapping[0].m_src_ad ) {
1244 ch_free( mapping[0].m_src_ad );
1249 if ( !BER_BVISNULL( &mapping[0].m_dst ) ) {
1250 ch_free( mapping[0].m_dst.bv_val );
1253 if ( mapping[0].m_flags & RWMMAP_F_FREE_DST ) {
1254 if ( mapping[0].m_flags & RWMMAP_F_IS_OC ) {
1255 if ( mapping[0].m_dst_oc ) {
1256 ch_free( mapping[0].m_dst_oc );
1260 if ( mapping[0].m_dst_ad ) {
1261 ch_free( mapping[0].m_dst_ad );
1270 #endif /* SLAPD_OVER_RWM */
projects / openldap / blob