1 /* schema.c - routines to enforce schema definitions */
3 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/string.h>
13 #include <ac/socket.h>
15 #include "ldap_defaults.h"
18 static char * oc_check_required(Entry *e, char *ocname);
19 static int oc_check_allowed(char *type, struct berval **ocl);
23 * oc_check - check that entry e conforms to the schema required by
24 * its object class(es). returns 0 if so, non-zero otherwise.
28 oc_schema_check( Entry *e )
34 /* find the object class attribute - could error out here */
35 if ( (aoc = attr_find( e->e_attrs, "objectclass" )) == NULL ) {
36 Debug( LDAP_DEBUG_ANY, "No object class for entry (%s)\n",
41 /* check that the entry has required attrs for each oc */
42 for ( i = 0; aoc->a_vals[i] != NULL; i++ ) {
43 char *s = oc_check_required( e, aoc->a_vals[i]->bv_val );
46 Debug( LDAP_DEBUG_ANY,
47 "Entry (%s), oc \"%s\" requires attr \"%s\"\n",
48 e->e_dn, aoc->a_vals[i]->bv_val, s );
57 /* check that each attr in the entry is allowed by some oc */
58 for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
59 if ( oc_check_allowed( a->a_type, aoc->a_vals ) != 0 ) {
60 Debug( LDAP_DEBUG_ANY,
61 "Entry (%s), attr \"%s\" not allowed\n",
62 e->e_dn, a->a_type, 0 );
71 oc_check_required( Entry *e, char *ocname )
79 Debug( LDAP_DEBUG_TRACE,
80 "oc_check_required entry (%s), objectclass \"%s\"\n",
83 /* find global oc defn. it we don't know about it assume it's ok */
84 if ( (oc = oc_find( ocname )) == NULL ) {
88 /* check for empty oc_required */
89 if(oc->soc_required == NULL) {
93 /* for each required attribute */
94 for ( i = 0; oc->soc_required[i] != NULL; i++ ) {
95 at = oc->soc_required[i];
96 /* see if it's in the entry */
97 for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
99 strcmp( a->a_type, at->sat_oid ) == 0 ) {
104 /* Empty name list => not found */
109 if ( strcasecmp( a->a_type, *pp ) == 0 ) {
118 /* not there => schema violation */
120 if ( at->sat_names && at->sat_names[0] ) {
121 return at->sat_names[0];
131 static char *oc_usermod_attrs[] = {
133 * OpenLDAP doesn't support any user modification of
134 * operational attributes.
139 static char *oc_operational_attrs[] = {
141 * these are operational attributes
142 * most could be user modifiable
153 "supportedExtension",
155 "supportedSASLMechanisms",
156 "supportedLDAPversion",
157 "subschemaSubentry", /* NO USER MOD */
162 /* this list should be extensible */
163 static char *oc_no_usermod_attrs[] = {
165 * Operational and 'no user modification' attributes
166 * which are STORED in the directory server.
180 * check to see if attribute is 'operational' or not.
183 oc_check_operational_attr( char *type )
185 return charray_inlist( oc_operational_attrs, type )
186 || charray_inlist( oc_usermod_attrs, type )
187 || charray_inlist( oc_no_usermod_attrs, type );
191 * check to see if attribute can be user modified or not.
194 oc_check_usermod_attr( char *type )
196 return charray_inlist( oc_usermod_attrs, type );
200 * check to see if attribute is 'no user modification' or not.
203 oc_check_no_usermod_attr( char *type )
205 return charray_inlist( oc_no_usermod_attrs, type );
210 oc_check_allowed( char *type, struct berval **ocl )
217 Debug( LDAP_DEBUG_TRACE,
218 "oc_check_allowed type \"%s\"\n", type, 0, 0 );
220 /* always allow objectclass attribute */
221 if ( strcasecmp( type, "objectclass" ) == 0 ) {
226 * All operational attributions are allowed by schema rules.
227 * However, we only check attributions which are stored in the
228 * the directory regardless if they are user or non-user modified.
230 if ( oc_check_usermod_attr( type ) || oc_check_no_usermod_attr( type ) ) {
234 /* check that the type appears as req or opt in at least one oc */
235 for ( i = 0; ocl[i] != NULL; i++ ) {
236 /* if we know about the oc */
237 if ( (oc = oc_find( ocl[i]->bv_val )) != NULL ) {
238 /* does it require the type? */
239 for ( j = 0; oc->soc_required != NULL &&
240 oc->soc_required[j] != NULL; j++ ) {
241 at = oc->soc_required[j];
243 strcmp(at->sat_oid, type ) == 0 ) {
250 if ( strcasecmp( *pp, type ) == 0 ) {
256 /* does it allow the type? */
257 for ( j = 0; oc->soc_allowed != NULL &&
258 oc->soc_allowed[j] != NULL; j++ ) {
259 at = oc->soc_allowed[j];
261 strcmp(at->sat_oid, type ) == 0 ) {
268 if ( strcasecmp( *pp, type ) == 0 ||
269 strcmp( *pp, "*" ) == 0 ) {
275 /* maybe the next oc allows it */
277 /* we don't know about the oc. assume it allows it */
283 /* not allowed by any oc */
292 static Avlnode *oc_index = NULL;
293 static ObjectClass *oc_list = NULL;
297 struct oindexrec *oir1,
298 struct oindexrec *oir2
301 return (strcasecmp( oir1->oir_name, oir2->oir_name ));
307 struct oindexrec *oir
310 return (strcasecmp( name, oir->oir_name ));
314 oc_find( const char *ocname )
316 struct oindexrec *oir = NULL;
318 if ( (oir = (struct oindexrec *) avl_find( oc_index, ocname,
319 (AVL_CMP) oc_index_name_cmp )) != NULL ) {
320 return( oir->oir_oc );
334 AttributeType **satp;
340 sat = at_find(*attrs1);
343 return SLAP_SCHERR_ATTR_NOT_FOUND;
345 if ( at_find_in_list(sat, soc->soc_required) < 0) {
346 if ( at_append_to_list(sat, &soc->soc_required) ) {
348 return SLAP_SCHERR_OUTOFMEM;
353 /* Now delete duplicates from the allowed list */
354 for ( satp = soc->soc_required; *satp; satp++ ) {
355 i = at_find_in_list(*satp,soc->soc_allowed);
357 at_delete_from_list(i, &soc->soc_allowed);
377 sat = at_find(*attrs1);
380 return SLAP_SCHERR_ATTR_NOT_FOUND;
382 if ( at_find_in_list(sat, soc->soc_required) < 0 &&
383 at_find_in_list(sat, soc->soc_allowed) < 0 ) {
384 if ( at_append_to_list(sat, &soc->soc_allowed) ) {
386 return SLAP_SCHERR_OUTOFMEM;
409 if ( !soc->soc_sups ) {
410 /* We are at the first recursive level */
419 soc->soc_sups = (ObjectClass **)ch_calloc(1,
420 nsups*sizeof(ObjectClass *));
425 soc1 = oc_find(*sups1);
428 return SLAP_SCHERR_CLASS_NOT_FOUND;
432 soc->soc_sups[nsups] = soc1;
434 code = oc_add_sups(soc,soc1->soc_sup_oids, err);
438 if ( code = oc_create_required(soc,
439 soc1->soc_at_oids_must,err) )
441 if ( code = oc_create_allowed(soc,
442 soc1->soc_at_oids_may,err) )
458 struct oindexrec *oir;
462 while ( *ocp != NULL ) {
463 ocp = &(*ocp)->soc_next;
467 if ( soc->soc_oid ) {
468 oir = (struct oindexrec *)
469 ch_calloc( 1, sizeof(struct oindexrec) );
470 oir->oir_name = soc->soc_oid;
472 if ( avl_insert( &oc_index, (caddr_t) oir,
473 (AVL_CMP) oc_index_cmp,
474 (AVL_DUP) avl_dup_error ) ) {
477 return SLAP_SCHERR_DUP_CLASS;
479 /* FIX: temporal consistency check */
480 oc_find(oir->oir_name);
482 if ( (names = soc->soc_names) ) {
484 oir = (struct oindexrec *)
485 ch_calloc( 1, sizeof(struct oindexrec) );
486 oir->oir_name = ch_strdup(*names);
488 if ( avl_insert( &oc_index, (caddr_t) oir,
489 (AVL_CMP) oc_index_cmp,
490 (AVL_DUP) avl_dup_error ) ) {
493 return SLAP_SCHERR_DUP_CLASS;
495 /* FIX: temporal consistency check */
496 oc_find(oir->oir_name);
505 LDAP_OBJECT_CLASS *oc,
512 soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
513 memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS));
514 if ( code = oc_add_sups(soc,soc->soc_sup_oids,err) )
516 if ( code = oc_create_required(soc,soc->soc_at_oids_must,err) )
518 if ( code = oc_create_allowed(soc,soc->soc_at_oids_may,err) )
520 code = oc_insert(soc,err);
529 static Avlnode *syn_index = NULL;
530 static Syntax *syn_list = NULL;
534 struct sindexrec *sir1,
535 struct sindexrec *sir2
538 return (strcmp( sir1->sir_name, sir2->sir_name ));
544 struct sindexrec *sir
547 return (strcmp( name, sir->sir_name ));
551 syn_find( const char *synname )
553 struct sindexrec *sir = NULL;
555 if ( (sir = (struct sindexrec *) avl_find( syn_index, synname,
556 (AVL_CMP) syn_index_name_cmp )) != NULL ) {
557 return( sir->sir_syn );
563 syn_find_desc( const char *syndesc, int *len )
567 for (synp = syn_list; synp; synp = synp->ssyn_next)
568 if ((*len = dscompare( synp->ssyn_syn.syn_desc, (char *)syndesc, '{')))
580 struct sindexrec *sir;
583 while ( *synp != NULL ) {
584 synp = &(*synp)->ssyn_next;
588 if ( ssyn->ssyn_oid ) {
589 sir = (struct sindexrec *)
590 ch_calloc( 1, sizeof(struct sindexrec) );
591 sir->sir_name = ssyn->ssyn_oid;
593 if ( avl_insert( &syn_index, (caddr_t) sir,
594 (AVL_CMP) syn_index_cmp,
595 (AVL_DUP) avl_dup_error ) ) {
596 *err = ssyn->ssyn_oid;
598 return SLAP_SCHERR_DUP_SYNTAX;
600 /* FIX: temporal consistency check */
601 syn_find(sir->sir_name);
609 slap_syntax_check_func *check,
616 ssyn = (Syntax *) ch_calloc( 1, sizeof(Syntax) );
617 memcpy( &ssyn->ssyn_syn, syn, sizeof(LDAP_SYNTAX));
618 ssyn->ssyn_check = check;
619 code = syn_insert(ssyn,err);
625 MatchingRule *mir_mr;
628 static Avlnode *mr_index = NULL;
629 static MatchingRule *mr_list = NULL;
633 struct mindexrec *mir1,
634 struct mindexrec *mir2
637 return (strcmp( mir1->mir_name, mir2->mir_name ));
643 struct mindexrec *mir
646 return (strcmp( name, mir->mir_name ));
650 mr_find( const char *mrname )
652 struct mindexrec *mir = NULL;
654 if ( (mir = (struct mindexrec *) avl_find( mr_index, mrname,
655 (AVL_CMP) mr_index_name_cmp )) != NULL ) {
656 return( mir->mir_mr );
668 struct mindexrec *mir;
672 while ( *mrp != NULL ) {
673 mrp = &(*mrp)->smr_next;
677 if ( smr->smr_oid ) {
678 mir = (struct mindexrec *)
679 ch_calloc( 1, sizeof(struct mindexrec) );
680 mir->mir_name = smr->smr_oid;
682 if ( avl_insert( &mr_index, (caddr_t) mir,
683 (AVL_CMP) mr_index_cmp,
684 (AVL_DUP) avl_dup_error ) ) {
687 return SLAP_SCHERR_DUP_RULE;
689 /* FIX: temporal consistency check */
690 mr_find(mir->mir_name);
692 if ( (names = smr->smr_names) ) {
694 mir = (struct mindexrec *)
695 ch_calloc( 1, sizeof(struct mindexrec) );
696 mir->mir_name = ch_strdup(*names);
698 if ( avl_insert( &mr_index, (caddr_t) mir,
699 (AVL_CMP) mr_index_cmp,
700 (AVL_DUP) avl_dup_error ) ) {
703 return SLAP_SCHERR_DUP_RULE;
705 /* FIX: temporal consistency check */
706 mr_find(mir->mir_name);
715 LDAP_MATCHING_RULE *mr,
716 slap_mr_normalize_func *normalize,
717 slap_mr_compare_func *compare,
725 smr = (MatchingRule *) ch_calloc( 1, sizeof(MatchingRule) );
726 memcpy( &smr->smr_mrule, mr, sizeof(LDAP_MATCHING_RULE));
727 smr->smr_normalize = normalize;
728 smr->smr_compare = compare;
729 if ( smr->smr_syntax_oid ) {
730 if ( (syn = syn_find(smr->smr_syntax_oid)) ) {
731 smr->smr_syntax = syn;
733 *err = smr->smr_syntax_oid;
734 return SLAP_SCHERR_SYN_NOT_FOUND;
738 return SLAP_SCHERR_MR_INCOMPLETE;
740 code = mr_insert(smr,err);
745 case_exact_normalize(
747 struct berval **normalized
750 struct berval *newval;
753 newval = ber_bvdup( val );
754 p = q = newval->bv_val;
755 /* Ignore initial whitespace */
756 while ( isspace( *p++ ) )
759 if ( isspace( *p ) ) {
761 /* Ignore the extra whitespace */
762 while ( isspace(*p++) )
769 * If the string ended in space, backup the pointer one
770 * position. One is enough because the above loop collapsed
771 * all whitespace to a single space.
773 if ( p != newval->bv_val && isspace( *(p-1) ) ) {
776 newval->bv_len = strlen( newval->bv_val );
777 normalized = &newval;
788 return strcmp( val1->bv_val, val2->bv_val );
792 case_ignore_normalize(
794 struct berval **normalized
797 struct berval *newval;
800 newval = ber_bvdup( val );
801 p = q = newval->bv_val;
802 /* Ignore initial whitespace */
803 while ( isspace( *p++ ) )
806 if ( isspace( *p ) ) {
808 /* Ignore the extra whitespace */
809 while ( isspace(*p++) )
812 *q++ = TOUPPER( *p++ );
816 * If the string ended in space, backup the pointer one
817 * position. One is enough because the above loop collapsed
818 * all whitespace to a single space.
820 if ( p != newval->bv_val && isspace( *(p-1) ) ) {
823 newval->bv_len = strlen( newval->bv_val );
824 normalized = &newval;
835 return strcasecmp( val1->bv_val, val2->bv_val );
841 slap_syntax_check_func *check )
847 syn = ldap_str2syntax( desc, &code, &err);
849 Debug( LDAP_DEBUG_ANY, "Error in register_syntax: %s before %s in %s\n",
850 ldap_scherr2str(code), err, desc );
853 code = syn_add( syn, check, &err );
855 Debug( LDAP_DEBUG_ANY, "Error in register_syntax: %s %s in %s\n",
856 scherr2str(code), err, desc );
863 register_matching_rule(
865 slap_mr_normalize_func *normalize,
866 slap_mr_compare_func *compare )
868 LDAP_MATCHING_RULE *mr;
872 mr = ldap_str2matchingrule( desc, &code, &err);
874 Debug( LDAP_DEBUG_ANY, "Error in register_matching_rule: %s before %s in %s\n",
875 ldap_scherr2str(code), err, desc );
878 code = mr_add( mr, normalize, compare, &err );
880 Debug( LDAP_DEBUG_ANY, "Error in register_syntax: %s for %s in %s\n",
881 scherr2str(code), err, desc );
887 struct syntax_defs_rec {
889 slap_syntax_check_func *sd_check;
892 struct syntax_defs_rec syntax_defs[] = {
893 {"( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'AttributeTypeDescription' )", NULL},
894 {"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' )", NULL},
895 {"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' )", NULL},
896 {"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'BitString' )", NULL},
897 {"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' )", NULL},
898 {"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'CertificateList' )", NULL},
899 {"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'CertificatePair' )", NULL},
900 {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'DN' )", NULL},
901 {"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'DeliveryMethod' )", NULL},
902 {"( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'DirectoryString' )", NULL},
903 {"( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DITContentRuleDescription' )", NULL},
904 {"( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DITStructureRuleDescription' )", NULL},
905 {"( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'EnhancedGuide' )", NULL},
906 {"( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'FacsimileTelephoneNumber' )", NULL},
907 {"( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'GeneralizedTime' )", NULL},
908 {"( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )", NULL},
909 {"( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5String' )", NULL},
910 {"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )", NULL},
911 {"( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'MatchingRuleDescription' )", NULL},
912 {"( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'MatchingRuleUseDescription' )", NULL},
913 {"( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'MailPreference' )", NULL},
914 {"( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'NameAndOptionalUID' )", NULL},
915 {"( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'NameFormDescription' )", NULL},
916 {"( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'NumericString' )", NULL},
917 {"( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'ObjectClassDescription' )", NULL},
918 {"( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )", NULL},
919 {"( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'OtherMailbox' )", NULL},
920 {"( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'OctetString' )", NULL},
921 {"( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'PostalAddress' )", NULL},
922 {"( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'ProtocolInformation' )", NULL},
923 {"( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'PresentationAddress' )", NULL},
924 {"( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'PrintableString' )", NULL},
925 {"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'SupportedAlgorithm' )", NULL},
926 {"( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'TelephoneNumber' )", NULL},
927 {"( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'TeletexTerminalIdentifier' )", NULL},
928 {"( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'TelexNumber' )", NULL},
929 {"( 1.3.6.1.4.1.1466.115.121.1.53 DESC 'UTCTime' )", NULL},
930 {"( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAPSyntaxDescription' )", NULL},
931 {"( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'SubstringAssertion' )", NULL},
932 {"( 1.3.6.1.1.1.0.0 DESC 'NISnetgrouptriple' )", NULL},
933 {"( 1.3.6.1.1.1.0.1 DESC 'Bootparameter' )", NULL},
937 struct mrule_defs_rec {
939 slap_mr_normalize_func *mrd_normalize;
940 slap_mr_compare_func *mrd_compare;
944 * Other matching rules in X.520 that we do not use:
946 * 2.5.13.9 numericStringOrderingMatch
947 * 2.5.13.12 caseIgnoreListSubstringsMatch
948 * 2.5.13.13 booleanMatch
949 * 2.5.13.15 integerOrderingMatch
950 * 2.5.13.18 octetStringOrderingMatch
951 * 2.5.13.19 octetStringSubstringsMatch
952 * 2.5.13.25 uTCTimeMatch
953 * 2.5.13.26 uTCTimeOrderingMatch
954 * 2.5.13.31 directoryStringFirstComponentMatch
955 * 2.5.13.32 wordMatch
956 * 2.5.13.33 keywordMatch
957 * 2.5.13.34 certificateExactMatch
958 * 2.5.13.35 certificateMatch
959 * 2.5.13.36 certificatePairExactMatch
960 * 2.5.13.37 certificatePairMatch
961 * 2.5.13.38 certificateListExactMatch
962 * 2.5.13.39 certificateListMatch
963 * 2.5.13.40 algorithmIdentifierMatch
964 * 2.5.13.41 storedPrefixMatch
965 * 2.5.13.42 attributeCertificateMatch
966 * 2.5.13.43 readerAndKeyIDMatch
967 * 2.5.13.44 attributeIntegrityMatch
970 struct mrule_defs_rec mrule_defs[] = {
971 {"( 2.5.13.0 NAME 'objectIdentifierMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )", NULL, NULL},
972 {"( 2.5.13.1 NAME 'distinguishedNameMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )", NULL, NULL},
973 {"( 2.5.13.2 NAME 'caseIgnoreMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
974 case_ignore_normalize, case_ignore_compare},
975 {"( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
976 case_ignore_normalize, case_ignore_compare},
977 {"( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
978 case_ignore_normalize, case_ignore_compare},
979 /* Next three are not in the RFC's, but are needed for compatibility */
980 {"( 2.5.13.5 NAME 'caseExactMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
981 case_exact_normalize, case_exact_compare},
982 {"( 2.5.13.6 NAME 'caseExactOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
983 case_exact_normalize, case_exact_compare},
984 {"( 2.5.13.7 NAME 'caseExactSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
985 case_exact_normalize, case_exact_compare},
986 {"( 2.5.13.8 NAME 'numericStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )", NULL, NULL},
987 {"( 2.5.13.10 NAME 'numericStringSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )", NULL, NULL},
988 {"( 2.5.13.11 NAME 'caseIgnoreListMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )", NULL, NULL},
989 {"( 2.5.13.14 NAME 'integerMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )", NULL, NULL},
990 {"( 2.5.13.16 NAME 'bitStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )", NULL, NULL},
991 {"( 2.5.13.17 NAME 'octetStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )", NULL, NULL},
992 {"( 2.5.13.20 NAME 'telephoneNumberMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )", NULL, NULL},
993 {"( 2.5.13.21 NAME 'telephoneNumberSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )", NULL, NULL},
994 {"( 2.5.13.22 NAME 'presentationAddressMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 )", NULL, NULL},
995 {"( 2.5.13.23 NAME 'uniqueMemberMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )", NULL, NULL},
996 {"( 2.5.13.24 NAME 'protocolInformationMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )", NULL, NULL},
997 {"( 2.5.13.27 NAME 'generalizedTimeMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )", NULL, NULL},
998 {"( 2.5.13.28 NAME 'generalizedTimeOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )", NULL, NULL},
999 {"( 2.5.13.29 NAME 'integerFirstComponentMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )", NULL, NULL},
1000 {"( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )", NULL, NULL},
1001 {"( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
1002 case_exact_normalize, case_exact_compare},
1003 {"( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
1004 case_ignore_normalize, case_ignore_compare},
1013 static int schema_init_done = 0;
1015 /* We are called from read_config that is recursive */
1016 if ( schema_init_done )
1018 for ( i=0; syntax_defs[i].sd_desc != NULL; i++ ) {
1019 res = register_syntax( syntax_defs[i].sd_desc,
1020 syntax_defs[i].sd_check );
1022 fprintf( stderr, "schema_init: Error registering syntax %s\n",
1023 syntax_defs[i].sd_desc );
1024 exit( EXIT_FAILURE );
1027 for ( i=0; mrule_defs[i].mrd_desc != NULL; i++ ) {
1028 res = register_matching_rule( mrule_defs[i].mrd_desc,
1029 ( mrule_defs[i].mrd_normalize ?
1030 mrule_defs[i].mrd_normalize : case_ignore_normalize ),
1031 ( mrule_defs[i].mrd_compare ?
1032 mrule_defs[i].mrd_compare : case_ignore_compare ) );
1034 fprintf( stderr, "schema_init: Error registering matching rule %s\n",
1035 mrule_defs[i].mrd_desc );
1036 exit( EXIT_FAILURE );
1039 schema_init_done = 1;
1043 #if defined( SLAPD_SCHEMA_DN )
1046 syn_schema_info( Entry *e )
1049 struct berval *vals[2];
1055 for ( syn = syn_list; syn; syn = syn->ssyn_next ) {
1056 val.bv_val = ldap_syntax2str( &syn->ssyn_syn );
1058 val.bv_len = strlen( val.bv_val );
1059 Debug( LDAP_DEBUG_TRACE, "Merging syn [%d] %s\n",
1060 val.bv_len, val.bv_val, 0 );
1061 attr_merge( e, "ldapSyntaxes", vals );
1062 ldap_memfree( val.bv_val );
1071 mr_schema_info( Entry *e )
1074 struct berval *vals[2];
1080 for ( mr = mr_list; mr; mr = mr->smr_next ) {
1081 val.bv_val = ldap_matchingrule2str( &mr->smr_mrule );
1083 val.bv_len = strlen( val.bv_val );
1084 Debug( LDAP_DEBUG_TRACE, "Merging mr [%d] %s\n",
1085 val.bv_len, val.bv_val, 0 );
1086 attr_merge( e, "matchingRules", vals );
1087 ldap_memfree( val.bv_val );
1096 oc_schema_info( Entry *e )
1099 struct berval *vals[2];
1105 for ( oc = oc_list; oc; oc = oc->soc_next ) {
1106 val.bv_val = ldap_objectclass2str( &oc->soc_oclass );
1108 val.bv_len = strlen( val.bv_val );
1109 Debug( LDAP_DEBUG_TRACE, "Merging oc [%d] %s\n",
1110 val.bv_len, val.bv_val, 0 );
1111 attr_merge( e, "objectClasses", vals );
1112 ldap_memfree( val.bv_val );
1121 schema_info( Connection *conn, Operation *op, char **attrs, int attrsonly )
1125 struct berval *vals[2];
1130 e = (Entry *) ch_calloc( 1, sizeof(Entry) );
1133 e->e_dn = ch_strdup( SLAPD_SCHEMA_DN );
1134 e->e_ndn = ch_strdup( SLAPD_SCHEMA_DN );
1135 (void) dn_normalize_case( e->e_ndn );
1136 e->e_private = NULL;
1139 char *rdn = ch_strdup( SLAPD_SCHEMA_DN );
1140 val.bv_val = strchr( rdn, '=' );
1142 if( val.bv_val != NULL ) {
1144 val.bv_len = strlen( ++val.bv_val );
1146 attr_merge( e, rdn, vals );
1152 if ( syn_schema_info( e ) ) {
1153 /* Out of memory, do something about it */
1157 if ( mr_schema_info( e ) ) {
1158 /* Out of memory, do something about it */
1162 if ( at_schema_info( e ) ) {
1163 /* Out of memory, do something about it */
1167 if ( oc_schema_info( e ) ) {
1168 /* Out of memory, do something about it */
1174 val.bv_len = sizeof("top")-1;
1175 attr_merge( e, "objectClass", vals );
1177 val.bv_val = "LDAPsubentry";
1178 val.bv_len = sizeof("LDAPsubentry")-1;
1179 attr_merge( e, "objectClass", vals );
1181 val.bv_val = "subschema";
1182 val.bv_len = sizeof("subschema")-1;
1183 attr_merge( e, "objectClass", vals );
1185 val.bv_val = "extensibleObject";
1186 val.bv_len = sizeof("extensibleObject")-1;
1187 attr_merge( e, "objectClass", vals );
1189 send_search_entry( &backends[0], conn, op,
1190 e, attrs, attrsonly, NULL );
1191 send_search_result( conn, op, LDAP_SUCCESS,
1192 NULL, NULL, NULL, NULL, 1 );
1201 oc_print( ObjectClass *oc )
1206 printf( "objectclass %s\n", ldap_objectclass2name( &oc->soc_oclass ) );
1207 if ( oc->soc_required != NULL ) {
1208 mid = "\trequires ";
1209 for ( i = 0; oc->soc_required[i] != NULL; i++, mid = "," )
1210 printf( "%s%s", mid,
1211 ldap_attributetype2name( &oc->soc_required[i]->sat_atype ) );
1214 if ( oc->soc_allowed != NULL ) {
1216 for ( i = 0; oc->soc_allowed[i] != NULL; i++, mid = "," )
1217 printf( "%s%s", mid,
1218 ldap_attributetype2name( &oc->soc_allowed[i]->sat_atype ) );
1226 int is_entry_objectclass(
1233 if( e == NULL || oc == NULL || *oc == '\0' )
1237 * find objectClass attribute
1239 attr = attr_find(e->e_attrs, "objectclass");
1241 if( attr == NULL ) {
1242 /* no objectClass attribute */
1247 bv.bv_len = strlen( bv.bv_val );
1249 if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
1250 /* entry is not of this objectclass */
projects / openldap / blob