1 /* schema_init.c - init builtin schema */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
13 #include <ac/string.h>
14 #include <ac/socket.h>
18 #include "lutil_md5.h"
20 /* recycled validatation routines */
21 #define berValidate blobValidate
23 /* recycled normalization routines */
24 #define faxNumberNormalize numericStringNormalize
25 #define phoneNumberNormalize numericStringNormalize
26 #define telexNumberNormalize numericStringNormalize
28 /* unimplemented pretters */
30 #define integerPretty NULL
32 /* recycled matching routines */
33 #define bitStringMatch octetStringMatch
34 #define integerMatch caseIgnoreIA5Match
35 #define numericStringMatch caseIgnoreMatch
36 #define objectIdentifierMatch numericStringMatch
37 #define telephoneNumberMatch numericStringMatch
38 #define telephoneNumberSubstringsMatch caseIgnoreIA5SubstringsMatch
39 #define generalizedTimeMatch numericStringMatch
40 #define generalizedTimeOrderingMatch numericStringMatch
41 #define uniqueMemberMatch dnMatch
43 /* approx matching rules */
44 #define directoryStringApproxMatchOID "1.3.6.1.4.1.4203.666.4.4"
45 #define directoryStringApproxMatch NULL
46 #define IA5StringApproxMatchOID "1.3.6.1.4.1.4203.666.4.5"
47 #define IA5StringApproxMatch NULL
49 /* orderring matching rules */
50 #define caseIgnoreOrderingMatch caseIgnoreMatch
51 #define caseExactOrderingMatch caseExactMatch
53 /* unimplemented matching routines */
54 #define caseIgnoreListMatch NULL
55 #define caseIgnoreListSubstringsMatch NULL
56 #define presentationAddressMatch NULL
57 #define protocolInformationMatch NULL
58 #define integerFirstComponentMatch NULL
60 #define OpenLDAPaciMatch NULL
61 #define authPasswordMatch NULL
63 /* recycled indexing/filtering routines */
64 #define dnIndexer caseIgnoreIndexer
65 #define dnFilter caseIgnoreFilter
66 #define integerIndexer caseIgnoreIA5Indexer
67 #define integerFilter caseIgnoreIA5Filter
69 static char *strcasechr( const char *str, int c )
71 char *lower = strchr( str, TOLOWER(c) );
72 char *upper = strchr( str, TOUPPER(c) );
74 if( lower && upper ) {
75 return lower < upper ? lower : upper;
92 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
95 match = memcmp( value->bv_val,
96 ((struct berval *) assertedValue)->bv_val,
104 /* Index generation function */
105 int octetStringIndexer(
110 struct berval *prefix,
111 struct berval **values,
112 struct berval ***keysp )
116 struct berval **keys;
117 lutil_MD5_CTX MD5context;
118 unsigned char MD5digest[16];
119 struct berval digest;
120 digest.bv_val = MD5digest;
121 digest.bv_len = sizeof(MD5digest);
123 /* we should have at least one value at this point */
124 assert( values != NULL && values[0] != NULL );
126 for( i=0; values[i] != NULL; i++ ) {
127 /* just count them */
130 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
132 slen = strlen( syntax->ssyn_oid );
133 mlen = strlen( mr->smr_oid );
135 for( i=0; values[i] != NULL; i++ ) {
136 lutil_MD5Init( &MD5context );
137 if( prefix != NULL && prefix->bv_len > 0 ) {
138 lutil_MD5Update( &MD5context,
139 prefix->bv_val, prefix->bv_len );
141 lutil_MD5Update( &MD5context,
142 syntax->ssyn_oid, slen );
143 lutil_MD5Update( &MD5context,
145 lutil_MD5Update( &MD5context,
146 values[i]->bv_val, values[i]->bv_len );
147 lutil_MD5Final( MD5digest, &MD5context );
149 keys[i] = ber_bvdup( &digest );
159 /* Index generation function */
160 int octetStringFilter(
165 struct berval *prefix,
167 struct berval ***keysp )
170 struct berval **keys;
171 lutil_MD5_CTX MD5context;
172 unsigned char MD5digest[LUTIL_MD5_BYTES];
173 struct berval *value = (struct berval *) assertValue;
174 struct berval digest;
175 digest.bv_val = MD5digest;
176 digest.bv_len = sizeof(MD5digest);
178 slen = strlen( syntax->ssyn_oid );
179 mlen = strlen( mr->smr_oid );
181 keys = ch_malloc( sizeof( struct berval * ) * 2 );
183 lutil_MD5Init( &MD5context );
184 if( prefix != NULL && prefix->bv_len > 0 ) {
185 lutil_MD5Update( &MD5context,
186 prefix->bv_val, prefix->bv_len );
188 lutil_MD5Update( &MD5context,
189 syntax->ssyn_oid, slen );
190 lutil_MD5Update( &MD5context,
192 lutil_MD5Update( &MD5context,
193 value->bv_val, value->bv_len );
194 lutil_MD5Final( MD5digest, &MD5context );
196 keys[0] = ber_bvdup( &digest );
212 if( in->bv_len == 0 ) return LDAP_SUCCESS;
214 dn = ch_strdup( in->bv_val );
216 rc = dn_validate( dn ) == NULL
217 ? LDAP_INVALID_SYNTAX : LDAP_SUCCESS;
227 struct berval **normalized )
229 struct berval *out = ber_bvdup( val );
231 if( out->bv_len != 0 ) {
233 #ifdef USE_DN_NORMALIZE
234 dn = dn_normalize( out->bv_val );
236 dn = dn_validate( out->bv_val );
241 return LDAP_INVALID_SYNTAX;
245 out->bv_len = strlen( dn );
258 struct berval *value,
259 void *assertedValue )
262 struct berval *asserted = (struct berval *) assertedValue;
264 match = value->bv_len - asserted->bv_len;
267 #ifdef USE_DN_NORMALIZE
268 match = strcmp( value->bv_val, asserted->bv_val );
270 match = strcasecmp( value->bv_val, asserted->bv_val );
274 Debug( LDAP_DEBUG_ARGS, "dnMatch %d\n\t\"%s\"\n\t\"%s\"\n",
275 match, value->bv_val, asserted->bv_val );
289 if( in->bv_len == 0 ) return LDAP_SUCCESS;
291 dn = ber_bvdup( in );
293 if( dn->bv_val[dn->bv_len-1] == '\'' ) {
294 /* assume presence of optional UID */
297 for(i=dn->bv_len-2; i>2; i--) {
298 if( dn->bv_val[i] != '0' && dn->bv_val[i] != '1' ) {
302 if( dn->bv_val[i] != '\'' ) {
303 return LDAP_INVALID_SYNTAX;
305 if( dn->bv_val[i-1] != 'B' ) {
306 return LDAP_INVALID_SYNTAX;
308 if( dn->bv_val[i-2] != '#' ) {
309 return LDAP_INVALID_SYNTAX;
312 /* trim the UID to allow use of dn_validate */
313 dn->bv_val[i-2] = '\0';
316 rc = dn_validate( dn->bv_val ) == NULL
317 ? LDAP_INVALID_SYNTAX : LDAP_SUCCESS;
327 struct berval **normalized )
329 struct berval *out = ber_bvdup( val );
331 if( out->bv_len != 0 ) {
335 ber_len_t uidlen = 0;
337 if( out->bv_val[out->bv_len-1] == '\'' ) {
338 /* assume presence of optional UID */
339 uid = strrchr( out->bv_val, '#' );
343 return LDAP_INVALID_SYNTAX;
346 uidlen = out->bv_len - (out->bv_val - uid);
347 /* temporarily trim the UID */
351 #ifdef USE_DN_NORMALIZE
352 dn = dn_normalize( out->bv_val );
354 dn = dn_validate( out->bv_val );
359 return LDAP_INVALID_SYNTAX;
365 /* restore the separator */
368 SAFEMEMCPY( &dn[dnlen], uid, uidlen );
372 out->bv_len = dnlen + uidlen;
384 /* any value allowed */
393 /* any value allowed */
404 /* very unforgiving validation, requires no normalization
405 * before simplistic matching
407 if( in->bv_len < 3 ) {
408 return LDAP_INVALID_SYNTAX;
410 if( in->bv_val[0] != 'B' ||
411 in->bv_val[1] != '\'' ||
412 in->bv_val[in->bv_len-1] != '\'' )
414 return LDAP_INVALID_SYNTAX;
417 for( i=in->bv_len-2; i>1; i-- ) {
418 if( in->bv_val[i] != '0' && in->bv_val[i] != '1' ) {
419 return LDAP_INVALID_SYNTAX;
427 * Handling boolean syntax and matching is quite rigid.
428 * A more flexible approach would be to allow a variety
429 * of strings to be normalized and prettied into TRUE
437 /* very unforgiving validation, requires no normalization
438 * before simplistic matching
441 if( in->bv_len == 4 ) {
442 if( !memcmp( in->bv_val, "TRUE", 4 ) ) {
445 } else if( in->bv_len == 5 ) {
446 if( !memcmp( in->bv_val, "FALSE", 5 ) ) {
451 return LDAP_INVALID_SYNTAX;
460 struct berval *value,
461 void *assertedValue )
463 /* simplistic matching allowed by rigid validation */
464 struct berval *asserted = (struct berval *) assertedValue;
465 *matchp = value->bv_len != asserted->bv_len;
472 struct berval *right,
473 struct berval *left )
477 ldap_unicode_t ru, lu;
478 ldap_unicode_t ruu, luu;
481 r < right->bv_len && l < left->bv_len;
485 * XXYYZ: we convert to ucs4 even though -llunicode
486 * expects ucs2 in an unsigned long
488 ru = ldap_utf8_to_ucs4( &right->bv_val[r] );
489 if( ru == LDAP_UCS4_INVALID ) {
493 lu = ldap_utf8_to_ucs4( &left->bv_val[l] );
494 if( lu == LDAP_UCS4_INVALID ) {
498 ruu = uctoupper( ru );
499 luu = uctoupper( lu );
503 } else if( luu > ruu ) {
507 rlen = LDAP_UTF8_CHARLEN( &right->bv_val[r] );
508 llen = LDAP_UTF8_CHARLEN( &left->bv_val[l] );
511 if( r < right->bv_len ) {
516 if( l < left->bv_len ) {
532 unsigned char *u = in->bv_val;
534 if( !in->bv_len ) return LDAP_INVALID_SYNTAX;
536 for( count = in->bv_len; count > 0; count-=len, u+=len ) {
537 /* get the length indicated by the first byte */
538 len = LDAP_UTF8_CHARLEN( u );
540 /* should not be zero */
541 if( len == 0 ) return LDAP_INVALID_SYNTAX;
543 /* make sure len corresponds with the offset
544 to the next character */
545 if( LDAP_UTF8_OFFSET( u ) != len ) return LDAP_INVALID_SYNTAX;
548 if( count != 0 ) return LDAP_INVALID_SYNTAX;
557 struct berval **normalized )
559 struct berval *newval;
562 newval = ch_malloc( sizeof( struct berval ) );
566 /* Ignore initial whitespace */
567 while ( ldap_utf8_isspace( p ) ) {
573 return LDAP_INVALID_SYNTAX;
576 newval->bv_val = ch_strdup( p );
577 p = q = newval->bv_val;
583 if ( ldap_utf8_isspace( p ) ) {
584 len = LDAP_UTF8_COPY(q,p);
589 /* Ignore the extra whitespace */
590 while ( ldap_utf8_isspace( p ) ) {
594 len = LDAP_UTF8_COPY(q,p);
601 assert( *newval->bv_val );
602 assert( newval->bv_val < p );
605 /* cannot start with a space */
606 assert( !ldap_utf8_isspace(newval->bv_val) );
609 * If the string ended in space, backup the pointer one
610 * position. One is enough because the above loop collapsed
611 * all whitespace to a single space.
618 /* cannot end with a space */
619 assert( !ldap_utf8_isspace( LDAP_UTF8_PREV(q) ) );
624 newval->bv_len = q - newval->bv_val;
625 *normalized = newval;
636 struct berval *value,
637 void *assertedValue )
639 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
642 match = strncmp( value->bv_val,
643 ((struct berval *) assertedValue)->bv_val,
652 caseExactSubstringsMatch(
657 struct berval *value,
658 void *assertedValue )
661 SubstringsAssertion *sub = assertedValue;
662 struct berval left = *value;
666 /* Add up asserted input length */
667 if( sub->sa_initial ) {
668 inlen += sub->sa_initial->bv_len;
671 for(i=0; sub->sa_any[i] != NULL; i++) {
672 inlen += sub->sa_any[i]->bv_len;
675 if( sub->sa_final ) {
676 inlen += sub->sa_final->bv_len;
679 if( sub->sa_initial ) {
680 if( inlen > left.bv_len ) {
685 match = strncmp( sub->sa_initial->bv_val, left.bv_val,
686 sub->sa_initial->bv_len );
692 left.bv_val += sub->sa_initial->bv_len;
693 left.bv_len -= sub->sa_initial->bv_len;
694 inlen -= sub->sa_initial->bv_len;
697 if( sub->sa_final ) {
698 if( inlen > left.bv_len ) {
703 match = strncmp( sub->sa_final->bv_val,
704 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
705 sub->sa_final->bv_len );
711 left.bv_len -= sub->sa_final->bv_len;
712 inlen -= sub->sa_final->bv_len;
716 for(i=0; sub->sa_any[i]; i++) {
721 if( inlen > left.bv_len ) {
722 /* not enough length */
727 if( sub->sa_any[i]->bv_len == 0 ) {
731 p = strchr( left.bv_val, *sub->sa_any[i]->bv_val );
738 idx = p - left.bv_val;
739 assert( idx < left.bv_len );
741 if( idx >= left.bv_len ) {
742 /* this shouldn't happen */
749 if( sub->sa_any[i]->bv_len > left.bv_len ) {
750 /* not enough left */
755 match = strncmp( left.bv_val,
756 sub->sa_any[i]->bv_val,
757 sub->sa_any[i]->bv_len );
765 left.bv_val += sub->sa_any[i]->bv_len;
766 left.bv_len -= sub->sa_any[i]->bv_len;
767 inlen -= sub->sa_any[i]->bv_len;
776 /* Index generation function */
777 int caseExactIndexer(
782 struct berval *prefix,
783 struct berval **values,
784 struct berval ***keysp )
788 struct berval **keys;
789 lutil_MD5_CTX MD5context;
790 unsigned char MD5digest[16];
791 struct berval digest;
792 digest.bv_val = MD5digest;
793 digest.bv_len = sizeof(MD5digest);
795 /* we should have at least one value at this point */
796 assert( values != NULL && values[0] != NULL );
798 for( i=0; values[i] != NULL; i++ ) {
799 /* just count them */
802 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
804 slen = strlen( syntax->ssyn_oid );
805 mlen = strlen( mr->smr_oid );
807 for( i=0; values[i] != NULL; i++ ) {
808 struct berval *value = values[i];
810 lutil_MD5Init( &MD5context );
811 if( prefix != NULL && prefix->bv_len > 0 ) {
812 lutil_MD5Update( &MD5context,
813 prefix->bv_val, prefix->bv_len );
815 lutil_MD5Update( &MD5context,
816 syntax->ssyn_oid, slen );
817 lutil_MD5Update( &MD5context,
819 lutil_MD5Update( &MD5context,
820 value->bv_val, value->bv_len );
821 lutil_MD5Final( MD5digest, &MD5context );
823 keys[i] = ber_bvdup( &digest );
831 /* Index generation function */
837 struct berval *prefix,
839 struct berval ***keysp )
842 struct berval **keys;
843 lutil_MD5_CTX MD5context;
844 unsigned char MD5digest[LUTIL_MD5_BYTES];
845 struct berval *value;
846 struct berval digest;
847 digest.bv_val = MD5digest;
848 digest.bv_len = sizeof(MD5digest);
850 slen = strlen( syntax->ssyn_oid );
851 mlen = strlen( mr->smr_oid );
853 value = (struct berval *) assertValue;
855 keys = ch_malloc( sizeof( struct berval * ) * 2 );
857 lutil_MD5Init( &MD5context );
858 if( prefix != NULL && prefix->bv_len > 0 ) {
859 lutil_MD5Update( &MD5context,
860 prefix->bv_val, prefix->bv_len );
862 lutil_MD5Update( &MD5context,
863 syntax->ssyn_oid, slen );
864 lutil_MD5Update( &MD5context,
866 lutil_MD5Update( &MD5context,
867 value->bv_val, value->bv_len );
868 lutil_MD5Final( MD5digest, &MD5context );
870 keys[0] = ber_bvdup( &digest );
877 /* Substrings Index generation function */
878 int caseExactSubstringsIndexer(
883 struct berval *prefix,
884 struct berval **values,
885 struct berval ***keysp )
889 struct berval **keys;
890 lutil_MD5_CTX MD5context;
891 unsigned char MD5digest[16];
892 struct berval digest;
893 digest.bv_val = MD5digest;
894 digest.bv_len = sizeof(MD5digest);
896 /* we should have at least one value at this point */
897 assert( values != NULL && values[0] != NULL );
900 for( i=0; values[i] != NULL; i++ ) {
901 /* count number of indices to generate */
902 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
906 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
907 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
908 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
909 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
911 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
915 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
916 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
917 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
921 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
922 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
923 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
924 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
926 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
932 /* no keys to generate */
937 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
939 slen = strlen( syntax->ssyn_oid );
940 mlen = strlen( mr->smr_oid );
943 for( i=0; values[i] != NULL; i++ ) {
945 struct berval *value;
948 if( value->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
950 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
951 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
953 char pre = SLAP_INDEX_SUBSTR_PREFIX;
954 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
956 for( j=0; j<max; j++ ) {
957 lutil_MD5Init( &MD5context );
958 if( prefix != NULL && prefix->bv_len > 0 ) {
959 lutil_MD5Update( &MD5context,
960 prefix->bv_val, prefix->bv_len );
963 lutil_MD5Update( &MD5context,
964 &pre, sizeof( pre ) );
965 lutil_MD5Update( &MD5context,
966 syntax->ssyn_oid, slen );
967 lutil_MD5Update( &MD5context,
969 lutil_MD5Update( &MD5context,
971 SLAP_INDEX_SUBSTR_MAXLEN );
972 lutil_MD5Final( MD5digest, &MD5context );
974 keys[nkeys++] = ber_bvdup( &digest );
978 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
979 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
981 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
984 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
985 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
986 lutil_MD5Init( &MD5context );
987 if( prefix != NULL && prefix->bv_len > 0 ) {
988 lutil_MD5Update( &MD5context,
989 prefix->bv_val, prefix->bv_len );
991 lutil_MD5Update( &MD5context,
992 &pre, sizeof( pre ) );
993 lutil_MD5Update( &MD5context,
994 syntax->ssyn_oid, slen );
995 lutil_MD5Update( &MD5context,
997 lutil_MD5Update( &MD5context,
999 lutil_MD5Final( MD5digest, &MD5context );
1001 keys[nkeys++] = ber_bvdup( &digest );
1004 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
1005 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1006 lutil_MD5Init( &MD5context );
1007 if( prefix != NULL && prefix->bv_len > 0 ) {
1008 lutil_MD5Update( &MD5context,
1009 prefix->bv_val, prefix->bv_len );
1011 lutil_MD5Update( &MD5context,
1012 &pre, sizeof( pre ) );
1013 lutil_MD5Update( &MD5context,
1014 syntax->ssyn_oid, slen );
1015 lutil_MD5Update( &MD5context,
1016 mr->smr_oid, mlen );
1017 lutil_MD5Update( &MD5context,
1018 &value->bv_val[value->bv_len-j], j );
1019 lutil_MD5Final( MD5digest, &MD5context );
1021 keys[nkeys++] = ber_bvdup( &digest );
1035 return LDAP_SUCCESS;
1038 int caseExactSubstringsFilter(
1043 struct berval *prefix,
1045 struct berval ***keysp )
1047 SubstringsAssertion *sa = assertValue;
1049 ber_len_t nkeys = 0;
1050 size_t slen, mlen, klen;
1051 struct berval **keys;
1052 lutil_MD5_CTX MD5context;
1053 unsigned char MD5digest[LUTIL_MD5_BYTES];
1054 struct berval *value;
1055 struct berval digest;
1057 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
1058 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1063 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
1065 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1066 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1067 /* don't bother accounting for stepping */
1068 nkeys += sa->sa_any[i]->bv_len -
1069 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
1074 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
1075 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1082 return LDAP_SUCCESS;
1085 digest.bv_val = MD5digest;
1086 digest.bv_len = sizeof(MD5digest);
1088 slen = strlen( syntax->ssyn_oid );
1089 mlen = strlen( mr->smr_oid );
1091 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
1094 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
1095 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1097 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
1098 value = sa->sa_initial;
1100 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1101 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1103 lutil_MD5Init( &MD5context );
1104 if( prefix != NULL && prefix->bv_len > 0 ) {
1105 lutil_MD5Update( &MD5context,
1106 prefix->bv_val, prefix->bv_len );
1108 lutil_MD5Update( &MD5context,
1109 &pre, sizeof( pre ) );
1110 lutil_MD5Update( &MD5context,
1111 syntax->ssyn_oid, slen );
1112 lutil_MD5Update( &MD5context,
1113 mr->smr_oid, mlen );
1114 lutil_MD5Update( &MD5context,
1115 value->bv_val, klen );
1116 lutil_MD5Final( MD5digest, &MD5context );
1118 keys[nkeys++] = ber_bvdup( &digest );
1121 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
1123 pre = SLAP_INDEX_SUBSTR_PREFIX;
1124 klen = SLAP_INDEX_SUBSTR_MAXLEN;
1126 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1127 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
1131 value = sa->sa_any[i];
1134 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
1135 j += SLAP_INDEX_SUBSTR_STEP )
1137 lutil_MD5Init( &MD5context );
1138 if( prefix != NULL && prefix->bv_len > 0 ) {
1139 lutil_MD5Update( &MD5context,
1140 prefix->bv_val, prefix->bv_len );
1142 lutil_MD5Update( &MD5context,
1143 &pre, sizeof( pre ) );
1144 lutil_MD5Update( &MD5context,
1145 syntax->ssyn_oid, slen );
1146 lutil_MD5Update( &MD5context,
1147 mr->smr_oid, mlen );
1148 lutil_MD5Update( &MD5context,
1149 &value->bv_val[j], klen );
1150 lutil_MD5Final( MD5digest, &MD5context );
1152 keys[nkeys++] = ber_bvdup( &digest );
1157 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
1158 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1160 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1161 value = sa->sa_final;
1163 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1164 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1166 lutil_MD5Init( &MD5context );
1167 if( prefix != NULL && prefix->bv_len > 0 ) {
1168 lutil_MD5Update( &MD5context,
1169 prefix->bv_val, prefix->bv_len );
1171 lutil_MD5Update( &MD5context,
1172 &pre, sizeof( pre ) );
1173 lutil_MD5Update( &MD5context,
1174 syntax->ssyn_oid, slen );
1175 lutil_MD5Update( &MD5context,
1176 mr->smr_oid, mlen );
1177 lutil_MD5Update( &MD5context,
1178 &value->bv_val[value->bv_len-klen], klen );
1179 lutil_MD5Final( MD5digest, &MD5context );
1181 keys[nkeys++] = ber_bvdup( &digest );
1192 return LDAP_SUCCESS;
1201 struct berval *value,
1202 void *assertedValue )
1205 *matchp = UTF8casecmp( value, (struct berval *) assertedValue );
1207 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
1210 match = strncasecmp( value->bv_val,
1211 ((struct berval *) assertedValue)->bv_val,
1217 return LDAP_SUCCESS;
1221 caseIgnoreSubstringsMatch(
1226 struct berval *value,
1227 void *assertedValue )
1230 SubstringsAssertion *sub = assertedValue;
1231 struct berval left = *value;
1235 /* Add up asserted input length */
1236 if( sub->sa_initial ) {
1237 inlen += sub->sa_initial->bv_len;
1240 for(i=0; sub->sa_any[i] != NULL; i++) {
1241 inlen += sub->sa_any[i]->bv_len;
1244 if( sub->sa_final ) {
1245 inlen += sub->sa_final->bv_len;
1248 if( sub->sa_initial ) {
1249 if( inlen > left.bv_len ) {
1254 match = strncasecmp( sub->sa_initial->bv_val, left.bv_val,
1255 sub->sa_initial->bv_len );
1261 left.bv_val += sub->sa_initial->bv_len;
1262 left.bv_len -= sub->sa_initial->bv_len;
1263 inlen -= sub->sa_initial->bv_len;
1266 if( sub->sa_final ) {
1267 if( inlen > left.bv_len ) {
1272 match = strncasecmp( sub->sa_final->bv_val,
1273 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
1274 sub->sa_final->bv_len );
1280 left.bv_len -= sub->sa_final->bv_len;
1281 inlen -= sub->sa_final->bv_len;
1285 for(i=0; sub->sa_any[i]; i++) {
1290 if( inlen > left.bv_len ) {
1291 /* not enough length */
1296 if( sub->sa_any[i]->bv_len == 0 ) {
1300 p = strcasechr( left.bv_val, *sub->sa_any[i]->bv_val );
1307 idx = p - left.bv_val;
1308 assert( idx < left.bv_len );
1310 if( idx >= left.bv_len ) {
1311 /* this shouldn't happen */
1318 if( sub->sa_any[i]->bv_len > left.bv_len ) {
1319 /* not enough left */
1324 match = strncasecmp( left.bv_val,
1325 sub->sa_any[i]->bv_val,
1326 sub->sa_any[i]->bv_len );
1335 left.bv_val += sub->sa_any[i]->bv_len;
1336 left.bv_len -= sub->sa_any[i]->bv_len;
1337 inlen -= sub->sa_any[i]->bv_len;
1343 return LDAP_SUCCESS;
1346 /* Index generation function */
1347 int caseIgnoreIndexer(
1352 struct berval *prefix,
1353 struct berval **values,
1354 struct berval ***keysp )
1358 struct berval **keys;
1359 lutil_MD5_CTX MD5context;
1360 unsigned char MD5digest[16];
1361 struct berval digest;
1362 digest.bv_val = MD5digest;
1363 digest.bv_len = sizeof(MD5digest);
1365 /* we should have at least one value at this point */
1366 assert( values != NULL && values[0] != NULL );
1368 for( i=0; values[i] != NULL; i++ ) {
1369 /* just count them */
1372 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
1374 slen = strlen( syntax->ssyn_oid );
1375 mlen = strlen( mr->smr_oid );
1377 for( i=0; values[i] != NULL; i++ ) {
1378 struct berval *value = ber_bvdup( values[i] );
1379 ldap_pvt_str2upper( value->bv_val );
1381 lutil_MD5Init( &MD5context );
1382 if( prefix != NULL && prefix->bv_len > 0 ) {
1383 lutil_MD5Update( &MD5context,
1384 prefix->bv_val, prefix->bv_len );
1386 lutil_MD5Update( &MD5context,
1387 syntax->ssyn_oid, slen );
1388 lutil_MD5Update( &MD5context,
1389 mr->smr_oid, mlen );
1390 lutil_MD5Update( &MD5context,
1391 value->bv_val, value->bv_len );
1392 lutil_MD5Final( MD5digest, &MD5context );
1394 ber_bvfree( value );
1396 keys[i] = ber_bvdup( &digest );
1401 return LDAP_SUCCESS;
1404 /* Index generation function */
1405 int caseIgnoreFilter(
1410 struct berval *prefix,
1412 struct berval ***keysp )
1415 struct berval **keys;
1416 lutil_MD5_CTX MD5context;
1417 unsigned char MD5digest[LUTIL_MD5_BYTES];
1418 struct berval *value;
1419 struct berval digest;
1420 digest.bv_val = MD5digest;
1421 digest.bv_len = sizeof(MD5digest);
1423 slen = strlen( syntax->ssyn_oid );
1424 mlen = strlen( mr->smr_oid );
1426 value = ber_bvdup( (struct berval *) assertValue );
1427 ldap_pvt_str2upper( value->bv_val );
1429 keys = ch_malloc( sizeof( struct berval * ) * 2 );
1431 lutil_MD5Init( &MD5context );
1432 if( prefix != NULL && prefix->bv_len > 0 ) {
1433 lutil_MD5Update( &MD5context,
1434 prefix->bv_val, prefix->bv_len );
1436 lutil_MD5Update( &MD5context,
1437 syntax->ssyn_oid, slen );
1438 lutil_MD5Update( &MD5context,
1439 mr->smr_oid, mlen );
1440 lutil_MD5Update( &MD5context,
1441 value->bv_val, value->bv_len );
1442 lutil_MD5Final( MD5digest, &MD5context );
1444 keys[0] = ber_bvdup( &digest );
1447 ber_bvfree( value );
1451 return LDAP_SUCCESS;
1454 /* Substrings Index generation function */
1455 int caseIgnoreSubstringsIndexer(
1460 struct berval *prefix,
1461 struct berval **values,
1462 struct berval ***keysp )
1466 struct berval **keys;
1467 lutil_MD5_CTX MD5context;
1468 unsigned char MD5digest[16];
1469 struct berval digest;
1470 digest.bv_val = MD5digest;
1471 digest.bv_len = sizeof(MD5digest);
1473 /* we should have at least one value at this point */
1474 assert( values != NULL && values[0] != NULL );
1477 for( i=0; values[i] != NULL; i++ ) {
1478 /* count number of indices to generate */
1479 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
1483 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
1484 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1485 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
1486 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
1488 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
1492 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
1493 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1494 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
1498 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
1499 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1500 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
1501 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
1503 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
1509 /* no keys to generate */
1511 return LDAP_SUCCESS;
1514 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
1516 slen = strlen( syntax->ssyn_oid );
1517 mlen = strlen( mr->smr_oid );
1520 for( i=0; values[i] != NULL; i++ ) {
1522 struct berval *value;
1524 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
1526 value = ber_bvdup( values[i] );
1527 ldap_pvt_str2upper( value->bv_val );
1529 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
1530 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
1532 char pre = SLAP_INDEX_SUBSTR_PREFIX;
1533 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
1535 for( j=0; j<max; j++ ) {
1536 lutil_MD5Init( &MD5context );
1537 if( prefix != NULL && prefix->bv_len > 0 ) {
1538 lutil_MD5Update( &MD5context,
1539 prefix->bv_val, prefix->bv_len );
1542 lutil_MD5Update( &MD5context,
1543 &pre, sizeof( pre ) );
1544 lutil_MD5Update( &MD5context,
1545 syntax->ssyn_oid, slen );
1546 lutil_MD5Update( &MD5context,
1547 mr->smr_oid, mlen );
1548 lutil_MD5Update( &MD5context,
1550 SLAP_INDEX_SUBSTR_MAXLEN );
1551 lutil_MD5Final( MD5digest, &MD5context );
1553 keys[nkeys++] = ber_bvdup( &digest );
1557 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1558 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1560 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
1563 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
1564 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
1565 lutil_MD5Init( &MD5context );
1566 if( prefix != NULL && prefix->bv_len > 0 ) {
1567 lutil_MD5Update( &MD5context,
1568 prefix->bv_val, prefix->bv_len );
1570 lutil_MD5Update( &MD5context,
1571 &pre, sizeof( pre ) );
1572 lutil_MD5Update( &MD5context,
1573 syntax->ssyn_oid, slen );
1574 lutil_MD5Update( &MD5context,
1575 mr->smr_oid, mlen );
1576 lutil_MD5Update( &MD5context,
1578 lutil_MD5Final( MD5digest, &MD5context );
1580 keys[nkeys++] = ber_bvdup( &digest );
1583 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
1584 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1585 lutil_MD5Init( &MD5context );
1586 if( prefix != NULL && prefix->bv_len > 0 ) {
1587 lutil_MD5Update( &MD5context,
1588 prefix->bv_val, prefix->bv_len );
1590 lutil_MD5Update( &MD5context,
1591 &pre, sizeof( pre ) );
1592 lutil_MD5Update( &MD5context,
1593 syntax->ssyn_oid, slen );
1594 lutil_MD5Update( &MD5context,
1595 mr->smr_oid, mlen );
1596 lutil_MD5Update( &MD5context,
1597 &value->bv_val[value->bv_len-j], j );
1598 lutil_MD5Final( MD5digest, &MD5context );
1600 keys[nkeys++] = ber_bvdup( &digest );
1605 ber_bvfree( value );
1616 return LDAP_SUCCESS;
1619 int caseIgnoreSubstringsFilter(
1624 struct berval *prefix,
1626 struct berval ***keysp )
1628 SubstringsAssertion *sa = assertValue;
1630 ber_len_t nkeys = 0;
1631 size_t slen, mlen, klen;
1632 struct berval **keys;
1633 lutil_MD5_CTX MD5context;
1634 unsigned char MD5digest[LUTIL_MD5_BYTES];
1635 struct berval *value;
1636 struct berval digest;
1638 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
1639 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1644 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
1646 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1647 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1648 /* don't bother accounting for stepping */
1649 nkeys += sa->sa_any[i]->bv_len -
1650 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
1655 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
1656 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1663 return LDAP_SUCCESS;
1666 digest.bv_val = MD5digest;
1667 digest.bv_len = sizeof(MD5digest);
1669 slen = strlen( syntax->ssyn_oid );
1670 mlen = strlen( mr->smr_oid );
1672 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
1675 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
1676 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1678 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
1679 value = ber_bvdup( sa->sa_initial );
1680 ldap_pvt_str2upper( value->bv_val );
1682 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1683 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1685 lutil_MD5Init( &MD5context );
1686 if( prefix != NULL && prefix->bv_len > 0 ) {
1687 lutil_MD5Update( &MD5context,
1688 prefix->bv_val, prefix->bv_len );
1690 lutil_MD5Update( &MD5context,
1691 &pre, sizeof( pre ) );
1692 lutil_MD5Update( &MD5context,
1693 syntax->ssyn_oid, slen );
1694 lutil_MD5Update( &MD5context,
1695 mr->smr_oid, mlen );
1696 lutil_MD5Update( &MD5context,
1697 value->bv_val, klen );
1698 lutil_MD5Final( MD5digest, &MD5context );
1700 ber_bvfree( value );
1701 keys[nkeys++] = ber_bvdup( &digest );
1704 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
1706 pre = SLAP_INDEX_SUBSTR_PREFIX;
1707 klen = SLAP_INDEX_SUBSTR_MAXLEN;
1709 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1710 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
1714 value = ber_bvdup( sa->sa_any[i] );
1715 ldap_pvt_str2upper( value->bv_val );
1718 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
1719 j += SLAP_INDEX_SUBSTR_STEP )
1721 lutil_MD5Init( &MD5context );
1722 if( prefix != NULL && prefix->bv_len > 0 ) {
1723 lutil_MD5Update( &MD5context,
1724 prefix->bv_val, prefix->bv_len );
1726 lutil_MD5Update( &MD5context,
1727 &pre, sizeof( pre ) );
1728 lutil_MD5Update( &MD5context,
1729 syntax->ssyn_oid, slen );
1730 lutil_MD5Update( &MD5context,
1731 mr->smr_oid, mlen );
1732 lutil_MD5Update( &MD5context,
1733 &value->bv_val[j], klen );
1734 lutil_MD5Final( MD5digest, &MD5context );
1736 keys[nkeys++] = ber_bvdup( &digest );
1739 ber_bvfree( value );
1743 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
1744 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1746 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1747 value = ber_bvdup( sa->sa_final );
1748 ldap_pvt_str2upper( value->bv_val );
1750 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1751 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1753 lutil_MD5Init( &MD5context );
1754 if( prefix != NULL && prefix->bv_len > 0 ) {
1755 lutil_MD5Update( &MD5context,
1756 prefix->bv_val, prefix->bv_len );
1758 lutil_MD5Update( &MD5context,
1759 &pre, sizeof( pre ) );
1760 lutil_MD5Update( &MD5context,
1761 syntax->ssyn_oid, slen );
1762 lutil_MD5Update( &MD5context,
1763 mr->smr_oid, mlen );
1764 lutil_MD5Update( &MD5context,
1765 &value->bv_val[value->bv_len-klen], klen );
1766 lutil_MD5Final( MD5digest, &MD5context );
1768 ber_bvfree( value );
1769 keys[nkeys++] = ber_bvdup( &digest );
1780 return LDAP_SUCCESS;
1786 struct berval *val )
1790 if( val->bv_len == 0 ) return 0;
1792 if( OID_LEADCHAR(val->bv_val[0]) ) {
1794 for(i=1; i < val->bv_len; i++) {
1795 if( OID_SEPARATOR( val->bv_val[i] ) ) {
1796 if( dot++ ) return 1;
1797 } else if ( OID_CHAR( val->bv_val[i] ) ) {
1800 return LDAP_INVALID_SYNTAX;
1804 return !dot ? LDAP_SUCCESS : LDAP_INVALID_SYNTAX;
1806 } else if( DESC_LEADCHAR(val->bv_val[0]) ) {
1807 for(i=1; i < val->bv_len; i++) {
1808 if( !DESC_CHAR(val->bv_val[i] ) ) {
1809 return LDAP_INVALID_SYNTAX;
1813 return LDAP_SUCCESS;
1816 return LDAP_INVALID_SYNTAX;
1822 struct berval *val )
1826 if( !val->bv_len ) return LDAP_INVALID_SYNTAX;
1828 if( val->bv_val[0] == '+' || val->bv_val[0] == '-' ) {
1829 if( val->bv_len < 2 ) return LDAP_INVALID_SYNTAX;
1830 } else if( !ASCII_DIGIT(val->bv_val[0]) ) {
1831 return LDAP_INVALID_SYNTAX;
1834 for(i=1; i < val->bv_len; i++) {
1835 if( !ASCII_DIGIT(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX;
1838 return LDAP_SUCCESS;
1845 struct berval **normalized )
1848 struct berval *newval;
1854 negative = ( *p == '-' );
1855 if( *p == '-' || *p == '+' ) p++;
1857 /* Ignore leading zeros */
1858 while ( *p == '0' ) p++;
1860 newval = (struct berval *) ch_malloc( sizeof(struct berval) );
1863 newval->bv_val = ch_strdup("0");
1868 newval->bv_val = ch_malloc( val->bv_len + 1 );
1872 newval->bv_val[newval->bv_len++] = '-';
1875 for( ; *p != '\0'; p++ ) {
1876 newval->bv_val[newval->bv_len++] = *p;
1880 *normalized = newval;
1881 return LDAP_SUCCESS;
1885 printableStringValidate(
1887 struct berval *val )
1891 if( !val->bv_len ) return LDAP_INVALID_SYNTAX;
1893 for(i=0; i < val->bv_len; i++) {
1894 if( !isprint(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX;
1897 return LDAP_SUCCESS;
1903 struct berval *val )
1907 if( !val->bv_len ) return LDAP_INVALID_SYNTAX;
1909 for(i=0; i < val->bv_len; i++) {
1910 if( !isascii(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX;
1913 return LDAP_SUCCESS;
1920 struct berval **normalized )
1922 struct berval *newval;
1925 newval = ch_malloc( sizeof( struct berval ) );
1929 /* Ignore initial whitespace */
1930 while ( ASCII_SPACE( *p ) ) {
1936 return LDAP_INVALID_SYNTAX;
1939 newval->bv_val = ch_strdup( p );
1940 p = q = newval->bv_val;
1943 if ( ASCII_SPACE( *p ) ) {
1946 /* Ignore the extra whitespace */
1947 while ( ASCII_SPACE( *p ) ) {
1955 assert( *newval->bv_val );
1956 assert( newval->bv_val < p );
1959 /* cannot start with a space */
1960 assert( !ASCII_SPACE(*newval->bv_val) );
1963 * If the string ended in space, backup the pointer one
1964 * position. One is enough because the above loop collapsed
1965 * all whitespace to a single space.
1968 if ( ASCII_SPACE( q[-1] ) ) {
1972 /* cannot end with a space */
1973 assert( !ASCII_SPACE( q[-1] ) );
1975 /* null terminate */
1978 newval->bv_len = q - newval->bv_val;
1979 *normalized = newval;
1981 return LDAP_SUCCESS;
1990 struct berval *value,
1991 void *assertedValue )
1993 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
1996 match = strncmp( value->bv_val,
1997 ((struct berval *) assertedValue)->bv_val,
2002 return LDAP_SUCCESS;
2006 caseExactIA5SubstringsMatch(
2011 struct berval *value,
2012 void *assertedValue )
2015 SubstringsAssertion *sub = assertedValue;
2016 struct berval left = *value;
2020 /* Add up asserted input length */
2021 if( sub->sa_initial ) {
2022 inlen += sub->sa_initial->bv_len;
2025 for(i=0; sub->sa_any[i] != NULL; i++) {
2026 inlen += sub->sa_any[i]->bv_len;
2029 if( sub->sa_final ) {
2030 inlen += sub->sa_final->bv_len;
2033 if( sub->sa_initial ) {
2034 if( inlen > left.bv_len ) {
2039 match = strncmp( sub->sa_initial->bv_val, left.bv_val,
2040 sub->sa_initial->bv_len );
2046 left.bv_val += sub->sa_initial->bv_len;
2047 left.bv_len -= sub->sa_initial->bv_len;
2048 inlen -= sub->sa_initial->bv_len;
2051 if( sub->sa_final ) {
2052 if( inlen > left.bv_len ) {
2057 match = strncmp( sub->sa_final->bv_val,
2058 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
2059 sub->sa_final->bv_len );
2065 left.bv_len -= sub->sa_final->bv_len;
2066 inlen -= sub->sa_final->bv_len;
2070 for(i=0; sub->sa_any[i]; i++) {
2075 if( inlen > left.bv_len ) {
2076 /* not enough length */
2081 if( sub->sa_any[i]->bv_len == 0 ) {
2085 p = strchr( left.bv_val, *sub->sa_any[i]->bv_val );
2092 idx = p - left.bv_val;
2093 assert( idx < left.bv_len );
2095 if( idx >= left.bv_len ) {
2096 /* this shouldn't happen */
2103 if( sub->sa_any[i]->bv_len > left.bv_len ) {
2104 /* not enough left */
2109 match = strncmp( left.bv_val,
2110 sub->sa_any[i]->bv_val,
2111 sub->sa_any[i]->bv_len );
2119 left.bv_val += sub->sa_any[i]->bv_len;
2120 left.bv_len -= sub->sa_any[i]->bv_len;
2121 inlen -= sub->sa_any[i]->bv_len;
2127 return LDAP_SUCCESS;
2130 /* Index generation function */
2131 int caseExactIA5Indexer(
2136 struct berval *prefix,
2137 struct berval **values,
2138 struct berval ***keysp )
2142 struct berval **keys;
2143 lutil_MD5_CTX MD5context;
2144 unsigned char MD5digest[16];
2145 struct berval digest;
2146 digest.bv_val = MD5digest;
2147 digest.bv_len = sizeof(MD5digest);
2149 /* we should have at least one value at this point */
2150 assert( values != NULL && values[0] != NULL );
2152 for( i=0; values[i] != NULL; i++ ) {
2153 /* just count them */
2156 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
2158 slen = strlen( syntax->ssyn_oid );
2159 mlen = strlen( mr->smr_oid );
2161 for( i=0; values[i] != NULL; i++ ) {
2162 struct berval *value = values[i];
2164 lutil_MD5Init( &MD5context );
2165 if( prefix != NULL && prefix->bv_len > 0 ) {
2166 lutil_MD5Update( &MD5context,
2167 prefix->bv_val, prefix->bv_len );
2169 lutil_MD5Update( &MD5context,
2170 syntax->ssyn_oid, slen );
2171 lutil_MD5Update( &MD5context,
2172 mr->smr_oid, mlen );
2173 lutil_MD5Update( &MD5context,
2174 value->bv_val, value->bv_len );
2175 lutil_MD5Final( MD5digest, &MD5context );
2177 keys[i] = ber_bvdup( &digest );
2182 return LDAP_SUCCESS;
2185 /* Index generation function */
2186 int caseExactIA5Filter(
2191 struct berval *prefix,
2193 struct berval ***keysp )
2196 struct berval **keys;
2197 lutil_MD5_CTX MD5context;
2198 unsigned char MD5digest[LUTIL_MD5_BYTES];
2199 struct berval *value;
2200 struct berval digest;
2201 digest.bv_val = MD5digest;
2202 digest.bv_len = sizeof(MD5digest);
2204 slen = strlen( syntax->ssyn_oid );
2205 mlen = strlen( mr->smr_oid );
2207 value = (struct berval *) assertValue;
2209 keys = ch_malloc( sizeof( struct berval * ) * 2 );
2211 lutil_MD5Init( &MD5context );
2212 if( prefix != NULL && prefix->bv_len > 0 ) {
2213 lutil_MD5Update( &MD5context,
2214 prefix->bv_val, prefix->bv_len );
2216 lutil_MD5Update( &MD5context,
2217 syntax->ssyn_oid, slen );
2218 lutil_MD5Update( &MD5context,
2219 mr->smr_oid, mlen );
2220 lutil_MD5Update( &MD5context,
2221 value->bv_val, value->bv_len );
2222 lutil_MD5Final( MD5digest, &MD5context );
2224 keys[0] = ber_bvdup( &digest );
2228 return LDAP_SUCCESS;
2231 /* Substrings Index generation function */
2232 int caseExactIA5SubstringsIndexer(
2237 struct berval *prefix,
2238 struct berval **values,
2239 struct berval ***keysp )
2243 struct berval **keys;
2244 lutil_MD5_CTX MD5context;
2245 unsigned char MD5digest[16];
2246 struct berval digest;
2247 digest.bv_val = MD5digest;
2248 digest.bv_len = sizeof(MD5digest);
2250 /* we should have at least one value at this point */
2251 assert( values != NULL && values[0] != NULL );
2254 for( i=0; values[i] != NULL; i++ ) {
2255 /* count number of indices to generate */
2256 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
2260 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2261 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2262 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2263 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2265 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2269 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
2270 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2271 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
2275 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2276 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2277 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2278 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2280 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2286 /* no keys to generate */
2288 return LDAP_SUCCESS;
2291 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
2293 slen = strlen( syntax->ssyn_oid );
2294 mlen = strlen( mr->smr_oid );
2297 for( i=0; values[i] != NULL; i++ ) {
2299 struct berval *value;
2302 if( value->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
2304 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
2305 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
2307 char pre = SLAP_INDEX_SUBSTR_PREFIX;
2308 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
2310 for( j=0; j<max; j++ ) {
2311 lutil_MD5Init( &MD5context );
2312 if( prefix != NULL && prefix->bv_len > 0 ) {
2313 lutil_MD5Update( &MD5context,
2314 prefix->bv_val, prefix->bv_len );
2317 lutil_MD5Update( &MD5context,
2318 &pre, sizeof( pre ) );
2319 lutil_MD5Update( &MD5context,
2320 syntax->ssyn_oid, slen );
2321 lutil_MD5Update( &MD5context,
2322 mr->smr_oid, mlen );
2323 lutil_MD5Update( &MD5context,
2325 SLAP_INDEX_SUBSTR_MAXLEN );
2326 lutil_MD5Final( MD5digest, &MD5context );
2328 keys[nkeys++] = ber_bvdup( &digest );
2332 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2333 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2335 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
2338 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2339 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
2340 lutil_MD5Init( &MD5context );
2341 if( prefix != NULL && prefix->bv_len > 0 ) {
2342 lutil_MD5Update( &MD5context,
2343 prefix->bv_val, prefix->bv_len );
2345 lutil_MD5Update( &MD5context,
2346 &pre, sizeof( pre ) );
2347 lutil_MD5Update( &MD5context,
2348 syntax->ssyn_oid, slen );
2349 lutil_MD5Update( &MD5context,
2350 mr->smr_oid, mlen );
2351 lutil_MD5Update( &MD5context,
2353 lutil_MD5Final( MD5digest, &MD5context );
2355 keys[nkeys++] = ber_bvdup( &digest );
2358 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2359 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
2360 lutil_MD5Init( &MD5context );
2361 if( prefix != NULL && prefix->bv_len > 0 ) {
2362 lutil_MD5Update( &MD5context,
2363 prefix->bv_val, prefix->bv_len );
2365 lutil_MD5Update( &MD5context,
2366 &pre, sizeof( pre ) );
2367 lutil_MD5Update( &MD5context,
2368 syntax->ssyn_oid, slen );
2369 lutil_MD5Update( &MD5context,
2370 mr->smr_oid, mlen );
2371 lutil_MD5Update( &MD5context,
2372 &value->bv_val[value->bv_len-j], j );
2373 lutil_MD5Final( MD5digest, &MD5context );
2375 keys[nkeys++] = ber_bvdup( &digest );
2389 return LDAP_SUCCESS;
2392 int caseExactIA5SubstringsFilter(
2397 struct berval *prefix,
2399 struct berval ***keysp )
2401 SubstringsAssertion *sa = assertValue;
2403 ber_len_t nkeys = 0;
2404 size_t slen, mlen, klen;
2405 struct berval **keys;
2406 lutil_MD5_CTX MD5context;
2407 unsigned char MD5digest[LUTIL_MD5_BYTES];
2408 struct berval *value;
2409 struct berval digest;
2411 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
2412 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2417 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
2419 for( i=0; sa->sa_any[i] != NULL; i++ ) {
2420 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2421 /* don't bother accounting for stepping */
2422 nkeys += sa->sa_any[i]->bv_len -
2423 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
2428 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
2429 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2436 return LDAP_SUCCESS;
2439 digest.bv_val = MD5digest;
2440 digest.bv_len = sizeof(MD5digest);
2442 slen = strlen( syntax->ssyn_oid );
2443 mlen = strlen( mr->smr_oid );
2445 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
2448 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
2449 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2451 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
2452 value = sa->sa_initial;
2454 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2455 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2457 lutil_MD5Init( &MD5context );
2458 if( prefix != NULL && prefix->bv_len > 0 ) {
2459 lutil_MD5Update( &MD5context,
2460 prefix->bv_val, prefix->bv_len );
2462 lutil_MD5Update( &MD5context,
2463 &pre, sizeof( pre ) );
2464 lutil_MD5Update( &MD5context,
2465 syntax->ssyn_oid, slen );
2466 lutil_MD5Update( &MD5context,
2467 mr->smr_oid, mlen );
2468 lutil_MD5Update( &MD5context,
2469 value->bv_val, klen );
2470 lutil_MD5Final( MD5digest, &MD5context );
2472 keys[nkeys++] = ber_bvdup( &digest );
2475 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
2477 pre = SLAP_INDEX_SUBSTR_PREFIX;
2478 klen = SLAP_INDEX_SUBSTR_MAXLEN;
2480 for( i=0; sa->sa_any[i] != NULL; i++ ) {
2481 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
2485 value = sa->sa_any[i];
2488 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
2489 j += SLAP_INDEX_SUBSTR_STEP )
2491 lutil_MD5Init( &MD5context );
2492 if( prefix != NULL && prefix->bv_len > 0 ) {
2493 lutil_MD5Update( &MD5context,
2494 prefix->bv_val, prefix->bv_len );
2496 lutil_MD5Update( &MD5context,
2497 &pre, sizeof( pre ) );
2498 lutil_MD5Update( &MD5context,
2499 syntax->ssyn_oid, slen );
2500 lutil_MD5Update( &MD5context,
2501 mr->smr_oid, mlen );
2502 lutil_MD5Update( &MD5context,
2503 &value->bv_val[j], klen );
2504 lutil_MD5Final( MD5digest, &MD5context );
2506 keys[nkeys++] = ber_bvdup( &digest );
2511 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
2512 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2514 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
2515 value = sa->sa_final;
2517 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2518 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2520 lutil_MD5Init( &MD5context );
2521 if( prefix != NULL && prefix->bv_len > 0 ) {
2522 lutil_MD5Update( &MD5context,
2523 prefix->bv_val, prefix->bv_len );
2525 lutil_MD5Update( &MD5context,
2526 &pre, sizeof( pre ) );
2527 lutil_MD5Update( &MD5context,
2528 syntax->ssyn_oid, slen );
2529 lutil_MD5Update( &MD5context,
2530 mr->smr_oid, mlen );
2531 lutil_MD5Update( &MD5context,
2532 &value->bv_val[value->bv_len-klen], klen );
2533 lutil_MD5Final( MD5digest, &MD5context );
2535 keys[nkeys++] = ber_bvdup( &digest );
2546 return LDAP_SUCCESS;
2555 struct berval *value,
2556 void *assertedValue )
2558 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
2561 match = strncasecmp( value->bv_val,
2562 ((struct berval *) assertedValue)->bv_val,
2567 return LDAP_SUCCESS;
2571 caseIgnoreIA5SubstringsMatch(
2576 struct berval *value,
2577 void *assertedValue )
2580 SubstringsAssertion *sub = assertedValue;
2581 struct berval left = *value;
2585 /* Add up asserted input length */
2586 if( sub->sa_initial ) {
2587 inlen += sub->sa_initial->bv_len;
2590 for(i=0; sub->sa_any[i] != NULL; i++) {
2591 inlen += sub->sa_any[i]->bv_len;
2594 if( sub->sa_final ) {
2595 inlen += sub->sa_final->bv_len;
2598 if( sub->sa_initial ) {
2599 if( inlen > left.bv_len ) {
2604 match = strncasecmp( sub->sa_initial->bv_val, left.bv_val,
2605 sub->sa_initial->bv_len );
2611 left.bv_val += sub->sa_initial->bv_len;
2612 left.bv_len -= sub->sa_initial->bv_len;
2613 inlen -= sub->sa_initial->bv_len;
2616 if( sub->sa_final ) {
2617 if( inlen > left.bv_len ) {
2622 match = strncasecmp( sub->sa_final->bv_val,
2623 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
2624 sub->sa_final->bv_len );
2630 left.bv_len -= sub->sa_final->bv_len;
2631 inlen -= sub->sa_final->bv_len;
2635 for(i=0; sub->sa_any[i]; i++) {
2640 if( inlen > left.bv_len ) {
2641 /* not enough length */
2646 if( sub->sa_any[i]->bv_len == 0 ) {
2650 p = strcasechr( left.bv_val, *sub->sa_any[i]->bv_val );
2657 idx = p - left.bv_val;
2658 assert( idx < left.bv_len );
2660 if( idx >= left.bv_len ) {
2661 /* this shouldn't happen */
2668 if( sub->sa_any[i]->bv_len > left.bv_len ) {
2669 /* not enough left */
2674 match = strncasecmp( left.bv_val,
2675 sub->sa_any[i]->bv_val,
2676 sub->sa_any[i]->bv_len );
2685 left.bv_val += sub->sa_any[i]->bv_len;
2686 left.bv_len -= sub->sa_any[i]->bv_len;
2687 inlen -= sub->sa_any[i]->bv_len;
2693 return LDAP_SUCCESS;
2696 /* Index generation function */
2697 int caseIgnoreIA5Indexer(
2702 struct berval *prefix,
2703 struct berval **values,
2704 struct berval ***keysp )
2708 struct berval **keys;
2709 lutil_MD5_CTX MD5context;
2710 unsigned char MD5digest[16];
2711 struct berval digest;
2712 digest.bv_val = MD5digest;
2713 digest.bv_len = sizeof(MD5digest);
2715 /* we should have at least one value at this point */
2716 assert( values != NULL && values[0] != NULL );
2718 for( i=0; values[i] != NULL; i++ ) {
2719 /* just count them */
2722 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
2724 slen = strlen( syntax->ssyn_oid );
2725 mlen = strlen( mr->smr_oid );
2727 for( i=0; values[i] != NULL; i++ ) {
2728 struct berval *value = ber_bvdup( values[i] );
2729 ldap_pvt_str2upper( value->bv_val );
2731 lutil_MD5Init( &MD5context );
2732 if( prefix != NULL && prefix->bv_len > 0 ) {
2733 lutil_MD5Update( &MD5context,
2734 prefix->bv_val, prefix->bv_len );
2736 lutil_MD5Update( &MD5context,
2737 syntax->ssyn_oid, slen );
2738 lutil_MD5Update( &MD5context,
2739 mr->smr_oid, mlen );
2740 lutil_MD5Update( &MD5context,
2741 value->bv_val, value->bv_len );
2742 lutil_MD5Final( MD5digest, &MD5context );
2744 ber_bvfree( value );
2746 keys[i] = ber_bvdup( &digest );
2751 return LDAP_SUCCESS;
2754 /* Index generation function */
2755 int caseIgnoreIA5Filter(
2760 struct berval *prefix,
2762 struct berval ***keysp )
2765 struct berval **keys;
2766 lutil_MD5_CTX MD5context;
2767 unsigned char MD5digest[LUTIL_MD5_BYTES];
2768 struct berval *value;
2769 struct berval digest;
2770 digest.bv_val = MD5digest;
2771 digest.bv_len = sizeof(MD5digest);
2773 slen = strlen( syntax->ssyn_oid );
2774 mlen = strlen( mr->smr_oid );
2776 value = ber_bvdup( (struct berval *) assertValue );
2777 ldap_pvt_str2upper( value->bv_val );
2779 keys = ch_malloc( sizeof( struct berval * ) * 2 );
2781 lutil_MD5Init( &MD5context );
2782 if( prefix != NULL && prefix->bv_len > 0 ) {
2783 lutil_MD5Update( &MD5context,
2784 prefix->bv_val, prefix->bv_len );
2786 lutil_MD5Update( &MD5context,
2787 syntax->ssyn_oid, slen );
2788 lutil_MD5Update( &MD5context,
2789 mr->smr_oid, mlen );
2790 lutil_MD5Update( &MD5context,
2791 value->bv_val, value->bv_len );
2792 lutil_MD5Final( MD5digest, &MD5context );
2794 keys[0] = ber_bvdup( &digest );
2797 ber_bvfree( value );
2801 return LDAP_SUCCESS;
2804 /* Substrings Index generation function */
2805 int caseIgnoreIA5SubstringsIndexer(
2810 struct berval *prefix,
2811 struct berval **values,
2812 struct berval ***keysp )
2816 struct berval **keys;
2817 lutil_MD5_CTX MD5context;
2818 unsigned char MD5digest[16];
2819 struct berval digest;
2820 digest.bv_val = MD5digest;
2821 digest.bv_len = sizeof(MD5digest);
2823 /* we should have at least one value at this point */
2824 assert( values != NULL && values[0] != NULL );
2827 for( i=0; values[i] != NULL; i++ ) {
2828 /* count number of indices to generate */
2829 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
2833 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2834 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2835 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2836 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2838 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2842 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
2843 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2844 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
2848 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2849 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2850 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2851 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2853 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2859 /* no keys to generate */
2861 return LDAP_SUCCESS;
2864 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
2866 slen = strlen( syntax->ssyn_oid );
2867 mlen = strlen( mr->smr_oid );
2870 for( i=0; values[i] != NULL; i++ ) {
2872 struct berval *value;
2874 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
2876 value = ber_bvdup( values[i] );
2877 ldap_pvt_str2upper( value->bv_val );
2879 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
2880 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
2882 char pre = SLAP_INDEX_SUBSTR_PREFIX;
2883 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
2885 for( j=0; j<max; j++ ) {
2886 lutil_MD5Init( &MD5context );
2887 if( prefix != NULL && prefix->bv_len > 0 ) {
2888 lutil_MD5Update( &MD5context,
2889 prefix->bv_val, prefix->bv_len );
2892 lutil_MD5Update( &MD5context,
2893 &pre, sizeof( pre ) );
2894 lutil_MD5Update( &MD5context,
2895 syntax->ssyn_oid, slen );
2896 lutil_MD5Update( &MD5context,
2897 mr->smr_oid, mlen );
2898 lutil_MD5Update( &MD5context,
2900 SLAP_INDEX_SUBSTR_MAXLEN );
2901 lutil_MD5Final( MD5digest, &MD5context );
2903 keys[nkeys++] = ber_bvdup( &digest );
2907 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2908 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2910 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
2913 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2914 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
2915 lutil_MD5Init( &MD5context );
2916 if( prefix != NULL && prefix->bv_len > 0 ) {
2917 lutil_MD5Update( &MD5context,
2918 prefix->bv_val, prefix->bv_len );
2920 lutil_MD5Update( &MD5context,
2921 &pre, sizeof( pre ) );
2922 lutil_MD5Update( &MD5context,
2923 syntax->ssyn_oid, slen );
2924 lutil_MD5Update( &MD5context,
2925 mr->smr_oid, mlen );
2926 lutil_MD5Update( &MD5context,
2928 lutil_MD5Final( MD5digest, &MD5context );
2930 keys[nkeys++] = ber_bvdup( &digest );
2933 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2934 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
2935 lutil_MD5Init( &MD5context );
2936 if( prefix != NULL && prefix->bv_len > 0 ) {
2937 lutil_MD5Update( &MD5context,
2938 prefix->bv_val, prefix->bv_len );
2940 lutil_MD5Update( &MD5context,
2941 &pre, sizeof( pre ) );
2942 lutil_MD5Update( &MD5context,
2943 syntax->ssyn_oid, slen );
2944 lutil_MD5Update( &MD5context,
2945 mr->smr_oid, mlen );
2946 lutil_MD5Update( &MD5context,
2947 &value->bv_val[value->bv_len-j], j );
2948 lutil_MD5Final( MD5digest, &MD5context );
2950 keys[nkeys++] = ber_bvdup( &digest );
2955 ber_bvfree( value );
2966 return LDAP_SUCCESS;
2969 int caseIgnoreIA5SubstringsFilter(
2974 struct berval *prefix,
2976 struct berval ***keysp )
2978 SubstringsAssertion *sa = assertValue;
2980 ber_len_t nkeys = 0;
2981 size_t slen, mlen, klen;
2982 struct berval **keys;
2983 lutil_MD5_CTX MD5context;
2984 unsigned char MD5digest[LUTIL_MD5_BYTES];
2985 struct berval *value;
2986 struct berval digest;
2988 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
2989 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2994 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
2996 for( i=0; sa->sa_any[i] != NULL; i++ ) {
2997 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2998 /* don't bother accounting for stepping */
2999 nkeys += sa->sa_any[i]->bv_len -
3000 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
3005 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
3006 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
3013 return LDAP_SUCCESS;
3016 digest.bv_val = MD5digest;
3017 digest.bv_len = sizeof(MD5digest);
3019 slen = strlen( syntax->ssyn_oid );
3020 mlen = strlen( mr->smr_oid );
3022 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
3025 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
3026 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
3028 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
3029 value = ber_bvdup( sa->sa_initial );
3030 ldap_pvt_str2upper( value->bv_val );
3032 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
3033 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
3035 lutil_MD5Init( &MD5context );
3036 if( prefix != NULL && prefix->bv_len > 0 ) {
3037 lutil_MD5Update( &MD5context,
3038 prefix->bv_val, prefix->bv_len );
3040 lutil_MD5Update( &MD5context,
3041 &pre, sizeof( pre ) );
3042 lutil_MD5Update( &MD5context,
3043 syntax->ssyn_oid, slen );
3044 lutil_MD5Update( &MD5context,
3045 mr->smr_oid, mlen );
3046 lutil_MD5Update( &MD5context,
3047 value->bv_val, klen );
3048 lutil_MD5Final( MD5digest, &MD5context );
3050 ber_bvfree( value );
3051 keys[nkeys++] = ber_bvdup( &digest );
3054 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
3056 pre = SLAP_INDEX_SUBSTR_PREFIX;
3057 klen = SLAP_INDEX_SUBSTR_MAXLEN;
3059 for( i=0; sa->sa_any[i] != NULL; i++ ) {
3060 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
3064 value = ber_bvdup( sa->sa_any[i] );
3065 ldap_pvt_str2upper( value->bv_val );
3068 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
3069 j += SLAP_INDEX_SUBSTR_STEP )
3071 lutil_MD5Init( &MD5context );
3072 if( prefix != NULL && prefix->bv_len > 0 ) {
3073 lutil_MD5Update( &MD5context,
3074 prefix->bv_val, prefix->bv_len );
3076 lutil_MD5Update( &MD5context,
3077 &pre, sizeof( pre ) );
3078 lutil_MD5Update( &MD5context,
3079 syntax->ssyn_oid, slen );
3080 lutil_MD5Update( &MD5context,
3081 mr->smr_oid, mlen );
3082 lutil_MD5Update( &MD5context,
3083 &value->bv_val[j], klen );
3084 lutil_MD5Final( MD5digest, &MD5context );
3086 keys[nkeys++] = ber_bvdup( &digest );
3089 ber_bvfree( value );
3093 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
3094 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
3096 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
3097 value = ber_bvdup( sa->sa_final );
3098 ldap_pvt_str2upper( value->bv_val );
3100 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
3101 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
3103 lutil_MD5Init( &MD5context );
3104 if( prefix != NULL && prefix->bv_len > 0 ) {
3105 lutil_MD5Update( &MD5context,
3106 prefix->bv_val, prefix->bv_len );
3108 lutil_MD5Update( &MD5context,
3109 &pre, sizeof( pre ) );
3110 lutil_MD5Update( &MD5context,
3111 syntax->ssyn_oid, slen );
3112 lutil_MD5Update( &MD5context,
3113 mr->smr_oid, mlen );
3114 lutil_MD5Update( &MD5context,
3115 &value->bv_val[value->bv_len-klen], klen );
3116 lutil_MD5Final( MD5digest, &MD5context );
3118 ber_bvfree( value );
3119 keys[nkeys++] = ber_bvdup( &digest );
3130 return LDAP_SUCCESS;
3134 numericStringNormalize(
3137 struct berval **normalized )
3139 /* similiar to IA5StringNormalize except removes all spaces */
3140 struct berval *newval;
3143 newval = ch_malloc( sizeof( struct berval ) );
3147 /* Ignore initial whitespace */
3148 while ( ASCII_SPACE( *p ) ) {
3154 return LDAP_INVALID_SYNTAX;
3157 newval->bv_val = ch_strdup( p );
3158 p = q = newval->bv_val;
3161 if ( ASCII_SPACE( *p ) ) {
3162 /* Ignore whitespace */
3169 assert( *newval->bv_val );
3170 assert( newval->bv_val < p );
3173 /* cannot start with a space */
3174 assert( !ASCII_SPACE(*newval->bv_val) );
3176 /* cannot end with a space */
3177 assert( !ASCII_SPACE( q[-1] ) );
3179 /* null terminate */
3182 newval->bv_len = q - newval->bv_val;
3183 *normalized = newval;
3185 return LDAP_SUCCESS;
3189 objectIdentifierFirstComponentMatch(
3194 struct berval *value,
3195 void *assertedValue )
3197 int rc = LDAP_SUCCESS;
3199 struct berval *asserted = (struct berval *) assertedValue;
3203 if( value->bv_len == 0 || value->bv_val[0] != '(' /*')'*/ ) {
3204 return LDAP_INVALID_SYNTAX;
3207 /* trim leading white space */
3208 for( i=1; ASCII_SPACE(value->bv_val[i]) && i < value->bv_len; i++ ) {
3212 /* grab next word */
3213 oid.bv_val = &value->bv_val[i];
3214 oid.bv_len = value->bv_len - i;
3215 for( i=1; ASCII_SPACE(value->bv_val[i]) && i < oid.bv_len; i++ ) {
3220 /* insert attributeTypes, objectclass check here */
3221 if( OID_LEADCHAR(asserted->bv_val[0]) ) {
3222 rc = objectIdentifierMatch( &match, flags, syntax, mr, &oid, asserted );
3225 char *stored = ch_malloc( oid.bv_len + 1 );
3226 AC_MEMCPY( stored, oid.bv_val, oid.bv_len );
3227 stored[oid.bv_len] = '\0';
3229 if ( !strcmp( syntax->ssyn_oid, SLAP_SYNTAX_MATCHINGRULES_OID ) ) {
3230 MatchingRule *asserted_mr = mr_find( asserted->bv_val );
3231 MatchingRule *stored_mr = mr_find( stored );
3233 if( asserted_mr == NULL ) {
3234 rc = SLAPD_COMPARE_UNDEFINED;
3236 match = asserted_mr != stored_mr;
3239 } else if ( !strcmp( syntax->ssyn_oid,
3240 SLAP_SYNTAX_ATTRIBUTETYPES_OID ) )
3242 AttributeType *asserted_at = at_find( asserted->bv_val );
3243 AttributeType *stored_at = at_find( stored );
3245 if( asserted_at == NULL ) {
3246 rc = SLAPD_COMPARE_UNDEFINED;
3248 match = asserted_at != stored_at;
3251 } else if ( !strcmp( syntax->ssyn_oid,
3252 SLAP_SYNTAX_OBJECTCLASSES_OID ) )
3254 ObjectClass *asserted_oc = oc_find( asserted->bv_val );
3255 ObjectClass *stored_oc = oc_find( stored );
3257 if( asserted_oc == NULL ) {
3258 rc = SLAPD_COMPARE_UNDEFINED;
3260 match = asserted_oc != stored_oc;
3267 Debug( LDAP_DEBUG_ARGS, "objectIdentifierFirstComponentMatch "
3268 "%d\n\t\"%s\"\n\t\"%s\"\n",
3269 match, value->bv_val, asserted->bv_val );
3271 if( rc == LDAP_SUCCESS ) *matchp = match;
3276 check_time_syntax (struct berval *val,
3280 static int ceiling[9] = { 99, 99, 11, 30, 23, 59, 59, 12, 59 };
3281 static int mdays[2][12] = {
3282 /* non-leap years */
3283 { 30, 27, 30, 29, 30, 29, 30, 30, 29, 30, 29, 30 },
3285 { 30, 28, 30, 29, 30, 29, 30, 30, 29, 30, 29, 30 }
3288 int part, c, tzoffset, leapyear = 0 ;
3290 if( val->bv_len == 0 ) {
3291 return LDAP_INVALID_SYNTAX;
3294 p = (char *)val->bv_val;
3295 e = p + val->bv_len;
3297 /* Ignore initial whitespace */
3298 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3302 if (e - p < 13 - (2 * start)) {
3303 return LDAP_INVALID_SYNTAX;
3306 for (part = 0; part < 9; part++) {
3310 for (part = start; part < 7; part++) {
3312 if ((part == 6) && (c == 'Z' || c == '+' || c == '-')) {
3319 return LDAP_INVALID_SYNTAX;
3321 if (c < 0 || c > 9) {
3322 return LDAP_INVALID_SYNTAX;
3328 return LDAP_INVALID_SYNTAX;
3330 if (c < 0 || c > 9) {
3331 return LDAP_INVALID_SYNTAX;
3336 if (part == 2 || part == 3) {
3339 if (parts[part] < 0) {
3340 return LDAP_INVALID_SYNTAX;
3342 if (parts[part] > ceiling[part]) {
3343 return LDAP_INVALID_SYNTAX;
3347 /* leapyear check for the Gregorian calendar (year>1581) */
3348 if (((parts[1] % 4 == 0) && (parts[1] != 0)) ||
3349 ((parts[0] % 4 == 0) && (parts[1] == 0)))
3354 if (parts[3] > mdays[leapyear][parts[2]]) {
3355 return LDAP_INVALID_SYNTAX;
3360 tzoffset = 0; /* UTC */
3361 } else if (c != '+' && c != '-') {
3362 return LDAP_INVALID_SYNTAX;
3366 } else /* c == '+' */ {
3371 return LDAP_INVALID_SYNTAX;
3374 for (part = 7; part < 9; part++) {
3376 if (c < 0 || c > 9) {
3377 return LDAP_INVALID_SYNTAX;
3382 if (c < 0 || c > 9) {
3383 return LDAP_INVALID_SYNTAX;
3387 if (parts[part] < 0 || parts[part] > ceiling[part]) {
3388 return LDAP_INVALID_SYNTAX;
3393 /* Ignore trailing whitespace */
3394 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3398 return LDAP_INVALID_SYNTAX;
3401 switch ( tzoffset ) {
3402 case -1: /* negativ offset to UTC, ie west of Greenwich */
3403 parts[4] += parts[7];
3404 parts[5] += parts[8];
3405 for (part = 6; --part > 0; ) { /* offset is just hhmm, no seconds */
3409 c = mdays[leapyear][parts[2]];
3411 if (parts[part] > c) {
3412 parts[part] -= c + 1;
3417 case 1: /* positive offset to UTC, ie east of Greenwich */
3418 parts[4] -= parts[7];
3419 parts[5] -= parts[8];
3420 for (part = 6; --part > 0; ) {
3424 /* first arg to % needs to be non negativ */
3425 c = mdays[leapyear][(parts[2] - 1 + 12) % 12];
3427 if (parts[part] < 0) {
3428 parts[part] += c + 1;
3433 case 0: /* already UTC */
3437 return LDAP_SUCCESS;
3444 struct berval **normalized )
3449 rc = check_time_syntax(val, 1, parts);
3450 if (rc != LDAP_SUCCESS) {
3455 out = ch_malloc( sizeof(struct berval) );
3457 return LBER_ERROR_MEMORY;
3460 out->bv_val = ch_malloc( 14 );
3461 if ( out->bv_val == NULL ) {
3463 return LBER_ERROR_MEMORY;
3466 sprintf( out->bv_val, "%02ld%02ld%02ld%02ld%02ld%02ldZ",
3467 parts[1], parts[2] + 1, parts[3] + 1,
3468 parts[4], parts[5], parts[6] );
3472 return LDAP_SUCCESS;
3482 return check_time_syntax(in, 1, parts);
3486 generalizedTimeValidate(
3492 return check_time_syntax(in, 0, parts);
3496 generalizedTimeNormalize(
3499 struct berval **normalized )
3504 rc = check_time_syntax(val, 0, parts);
3505 if (rc != LDAP_SUCCESS) {
3510 out = ch_malloc( sizeof(struct berval) );
3512 return LBER_ERROR_MEMORY;
3515 out->bv_val = ch_malloc( 16 );
3516 if ( out->bv_val == NULL ) {
3518 return LBER_ERROR_MEMORY;
3521 sprintf( out->bv_val, "%02ld%02ld%02ld%02ld%02ld%02ld%02ldZ",
3522 parts[0], parts[1], parts[2] + 1, parts[3] + 1,
3523 parts[4], parts[5], parts[6] );
3527 return LDAP_SUCCESS;
3531 nisNetgroupTripleValidate(
3533 struct berval *val )
3538 if ( val->bv_len == 0 ) {
3539 return LDAP_INVALID_SYNTAX;
3542 p = (char *)val->bv_val;
3543 e = p + val->bv_len;
3546 /* syntax does not allow leading white space */
3547 /* Ignore initial whitespace */
3548 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3553 if ( *p != '(' /*')'*/ ) {
3554 return LDAP_INVALID_SYNTAX;
3557 for ( p++; ( p < e ) && ( *p != ')' ); p++ ) {
3561 return LDAP_INVALID_SYNTAX;
3564 } else if ( !ATTR_CHAR( *p ) ) {
3565 return LDAP_INVALID_SYNTAX;
3569 if ( ( commas != 2 ) || ( *p != /*'('*/ ')' ) ) {
3570 return LDAP_INVALID_SYNTAX;
3576 /* syntax does not allow trailing white space */
3577 /* Ignore trailing whitespace */
3578 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3584 return LDAP_INVALID_SYNTAX;
3587 return LDAP_SUCCESS;
3591 bootParameterValidate(
3593 struct berval *val )
3597 if ( val->bv_len == 0 ) {
3598 return LDAP_INVALID_SYNTAX;
3601 p = (char *)val->bv_val;
3602 e = p + val->bv_len;
3605 for (; ( p < e ) && ( *p != '=' ); p++ ) {
3606 if ( !ATTR_CHAR( *p ) ) {
3607 return LDAP_INVALID_SYNTAX;
3612 return LDAP_INVALID_SYNTAX;
3616 for ( p++; ( p < e ) && ( *p != ':' ); p++ ) {
3617 if ( !ATTR_CHAR( *p ) ) {
3618 return LDAP_INVALID_SYNTAX;
3623 return LDAP_INVALID_SYNTAX;
3627 for ( p++; p < e; p++ ) {
3628 if ( !ATTR_CHAR( *p ) ) {
3629 return LDAP_INVALID_SYNTAX;
3633 return LDAP_SUCCESS;
3636 struct syntax_defs_rec {
3639 slap_syntax_validate_func *sd_validate;
3640 slap_syntax_transform_func *sd_normalize;
3641 slap_syntax_transform_func *sd_pretty;
3642 #ifdef SLAPD_BINARY_CONVERSION
3643 slap_syntax_transform_func *sd_ber2str;
3644 slap_syntax_transform_func *sd_str2ber;
3648 #define X_HIDE "X-HIDE 'TRUE' "
3649 #define X_BINARY "X-BINARY-TRANSFER-REQUIRED 'TRUE' "
3650 #define X_NOT_H_R "X-NOT-HUMAN-READABLE 'TRUE' "
3652 struct syntax_defs_rec syntax_defs[] = {
3653 {"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' " X_BINARY X_NOT_H_R ")",
3654 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL, NULL},
3655 {"( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' " X_NOT_H_R ")",
3656 0, NULL, NULL, NULL},
3657 {"( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type Description' )",
3658 0, NULL, NULL, NULL},
3659 {"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' " X_NOT_H_R ")",
3660 SLAP_SYNTAX_BLOB, blobValidate, NULL, NULL},
3661 {"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' " X_BINARY X_NOT_H_R ")",
3662 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3663 {"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )",
3664 0, bitStringValidate, NULL, NULL },
3665 {"( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )",
3666 0, booleanValidate, NULL, NULL},
3667 {"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' "
3668 X_BINARY X_NOT_H_R ")",
3669 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3670 {"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' "
3671 X_BINARY X_NOT_H_R ")",
3672 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3673 {"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' "
3674 X_BINARY X_NOT_H_R ")",
3675 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3676 {"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )",
3677 0, NULL, NULL, NULL},
3678 {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )",
3679 0, dnValidate, dnNormalize, dnPretty},
3680 {"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )",
3681 0, NULL, NULL, NULL},
3682 {"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )",
3683 0, NULL, NULL, NULL},
3684 {"( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )",
3685 0, UTF8StringValidate, UTF8StringNormalize, NULL},
3686 {"( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule Description' )",
3687 0, NULL, NULL, NULL},
3688 {"( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure Rule Description' )",
3689 0, NULL, NULL, NULL},
3690 {"( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )",
3691 0, NULL, NULL, NULL},
3692 {"( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )",
3693 0, NULL, NULL, NULL},
3694 {"( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )",
3695 0, NULL, NULL, NULL},
3696 {"( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )",
3697 0, IA5StringValidate, faxNumberNormalize, NULL},
3698 {"( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' " X_NOT_H_R ")",
3699 SLAP_SYNTAX_BLOB, NULL, NULL, NULL},
3700 {"( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )",
3701 0, generalizedTimeValidate, generalizedTimeNormalize, NULL},
3702 {"( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )",
3703 0, NULL, NULL, NULL},
3704 {"( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )",
3705 0, IA5StringValidate, IA5StringNormalize, NULL},
3706 {"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )",
3707 0, integerValidate, integerNormalize, integerPretty},
3708 {"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' " X_NOT_H_R ")",
3709 SLAP_SYNTAX_BLOB, blobValidate, NULL, NULL},
3710 {"( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Access Points' )",
3711 0, NULL, NULL, NULL},
3712 {"( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Description' )",
3713 0, NULL, NULL, NULL},
3714 {"( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use Description' )",
3715 0, NULL, NULL, NULL},
3716 {"( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' )",
3717 0, NULL, NULL, NULL},
3718 {"( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' )",
3719 0, NULL, NULL, NULL},
3720 {"( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )",
3721 0, nameUIDValidate, nameUIDNormalize, NULL},
3722 {"( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' )",
3723 0, NULL, NULL, NULL},
3724 {"( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )",
3725 0, IA5StringValidate, numericStringNormalize, NULL},
3726 {"( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Description' )",
3727 0, NULL, NULL, NULL},
3728 {"( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )",
3729 0, oidValidate, NULL, NULL},
3730 {"( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )",
3731 0, NULL, NULL, NULL},
3732 {"( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )",
3733 0, blobValidate, NULL, NULL},
3734 {"( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )",
3735 0, blobValidate, NULL, NULL},
3736 {"( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol Information' )",
3737 0, NULL, NULL, NULL},
3738 {"( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation Address' )",
3739 0, NULL, NULL, NULL},
3740 {"( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )",
3741 0, printableStringValidate, NULL, NULL},
3742 {"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' "
3743 X_BINARY X_NOT_H_R ")",
3744 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3745 {"( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )",
3746 0, IA5StringValidate, phoneNumberNormalize, NULL},
3747 {"( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )",
3748 0, NULL, NULL, NULL},
3749 {"( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )",
3750 0, IA5StringValidate, telexNumberNormalize, NULL},
3751 {"( 1.3.6.1.4.1.1466.115.121.1.53 DESC 'UTC Time' )",
3752 0, utcTimeValidate, utcTimeNormalize, NULL},
3753 {"( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax Description' )",
3754 0, NULL, NULL, NULL},
3755 {"( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )",
3756 0, NULL, NULL, NULL},
3757 {"( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema Definition' )",
3758 0, NULL, NULL, NULL},
3759 {"( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema Description' )",
3760 0, NULL, NULL, NULL},
3761 {"( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring Assertion' )",
3762 0, NULL, NULL, NULL},
3764 /* RFC 2307 NIS Syntaxes */
3765 {"( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )",
3766 0, nisNetgroupTripleValidate, NULL, NULL},
3767 {"( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )",
3768 0, bootParameterValidate, NULL, NULL},
3770 /* OpenLDAP Experimental Syntaxes */
3771 {"( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental ACI' )",
3772 0, IA5StringValidate /* THIS WILL CHANGE FOR NEW ACI SYNTAX */,
3774 {"( 1.3.6.1.4.1.4203.666.2.2 DESC 'OpenLDAP authPassword' )",
3775 0, NULL, NULL, NULL},
3777 /* OpenLDAP Void Syntax */
3778 {"( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' " X_HIDE ")" ,
3779 SLAP_SYNTAX_HIDE, inValidate, NULL, NULL},
3780 {NULL, 0, NULL, NULL, NULL}
3783 struct mrule_defs_rec {
3785 slap_mask_t mrd_usage;
3786 slap_mr_convert_func * mrd_convert;
3787 slap_mr_normalize_func * mrd_normalize;
3788 slap_mr_match_func * mrd_match;
3789 slap_mr_indexer_func * mrd_indexer;
3790 slap_mr_filter_func * mrd_filter;
3792 char * mrd_associated;
3796 * Other matching rules in X.520 that we do not use (yet):
3798 * 2.5.13.9 numericStringOrderingMatch
3799 * 2.5.13.15 integerOrderingMatch
3800 * 2.5.13.18 octetStringOrderingMatch
3801 * 2.5.13.19 octetStringSubstringsMatch
3802 * 2.5.13.25 uTCTimeMatch
3803 * 2.5.13.26 uTCTimeOrderingMatch
3804 * 2.5.13.31 directoryStringFirstComponentMatch
3805 * 2.5.13.32 wordMatch
3806 * 2.5.13.33 keywordMatch
3807 * 2.5.13.34 certificateExactMatch
3808 * 2.5.13.35 certificateMatch
3809 * 2.5.13.36 certificatePairExactMatch
3810 * 2.5.13.37 certificatePairMatch
3811 * 2.5.13.38 certificateListExactMatch
3812 * 2.5.13.39 certificateListMatch
3813 * 2.5.13.40 algorithmIdentifierMatch
3814 * 2.5.13.41 storedPrefixMatch
3815 * 2.5.13.42 attributeCertificateMatch
3816 * 2.5.13.43 readerAndKeyIDMatch
3817 * 2.5.13.44 attributeIntegrityMatch
3820 struct mrule_defs_rec mrule_defs[] = {
3822 * EQUALITY matching rules must be listed after associated APPROX
3823 * matching rules. So, we list all APPROX matching rules first.
3825 {"( " directoryStringApproxMatchOID " NAME 'directoryStringApproxMatch' "
3826 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3827 SLAP_MR_EQUALITY_APPROX | SLAP_MR_EXT,
3829 directoryStringApproxMatch, NULL, NULL,
3832 {"( " IA5StringApproxMatchOID " NAME 'IA5StringApproxMatch' "
3833 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
3834 SLAP_MR_EQUALITY_APPROX | SLAP_MR_EXT,
3836 IA5StringApproxMatch, NULL, NULL,
3840 * Other matching rules
3843 {"( 2.5.13.0 NAME 'objectIdentifierMatch' "
3844 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )",
3845 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3847 objectIdentifierMatch, caseIgnoreIA5Indexer, caseIgnoreIA5Filter,
3850 {"( 2.5.13.1 NAME 'distinguishedNameMatch' "
3851 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
3852 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3854 dnMatch, dnIndexer, dnFilter,
3857 {"( 2.5.13.2 NAME 'caseIgnoreMatch' "
3858 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3859 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3861 caseIgnoreMatch, caseIgnoreIndexer, caseIgnoreFilter,
3862 directoryStringApproxMatchOID },
3864 {"( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' "
3865 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3868 caseIgnoreOrderingMatch, NULL, NULL,
3871 {"( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' "
3872 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3873 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3875 caseIgnoreSubstringsMatch,
3876 caseIgnoreSubstringsIndexer,
3877 caseIgnoreSubstringsFilter,
3880 {"( 2.5.13.5 NAME 'caseExactMatch' "
3881 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3882 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3884 caseExactMatch, caseExactIndexer, caseExactFilter,
3885 directoryStringApproxMatchOID },
3887 {"( 2.5.13.6 NAME 'caseExactOrderingMatch' "
3888 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3891 caseExactOrderingMatch, NULL, NULL,
3894 {"( 2.5.13.7 NAME 'caseExactSubstringsMatch' "
3895 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3896 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3898 caseExactSubstringsMatch,
3899 caseExactSubstringsIndexer,
3900 caseExactSubstringsFilter,
3903 {"( 2.5.13.8 NAME 'numericStringMatch' "
3904 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )",
3905 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3907 caseIgnoreIA5Match, NULL, NULL,
3910 {"( 2.5.13.10 NAME 'numericStringSubstringsMatch' "
3911 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3912 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3914 caseIgnoreIA5SubstringsMatch,
3915 caseIgnoreIA5SubstringsIndexer,
3916 caseIgnoreIA5SubstringsFilter,
3919 {"( 2.5.13.11 NAME 'caseIgnoreListMatch' "
3920 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )",
3921 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3923 caseIgnoreListMatch, NULL, NULL,
3926 {"( 2.5.13.12 NAME 'caseIgnoreListSubstringsMatch' "
3927 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3928 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3930 caseIgnoreListSubstringsMatch, NULL, NULL,
3933 {"( 2.5.13.13 NAME 'booleanMatch' "
3934 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )",
3935 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3937 booleanMatch, NULL, NULL,
3940 {"( 2.5.13.14 NAME 'integerMatch' "
3941 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
3942 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3944 integerMatch, integerIndexer, integerFilter,
3947 {"( 2.5.13.16 NAME 'bitStringMatch' "
3948 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )",
3949 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3951 bitStringMatch, NULL, NULL,
3954 {"( 2.5.13.17 NAME 'octetStringMatch' "
3955 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
3956 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3958 octetStringMatch, octetStringIndexer, octetStringFilter,
3961 {"( 2.5.13.20 NAME 'telephoneNumberMatch' "
3962 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )",
3963 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3965 telephoneNumberMatch, NULL, NULL,
3968 {"( 2.5.13.21 NAME 'telephoneNumberSubstringsMatch' "
3969 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3970 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3972 telephoneNumberSubstringsMatch, NULL, NULL,
3975 {"( 2.5.13.22 NAME 'presentationAddressMatch' "
3976 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 )",
3977 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3979 presentationAddressMatch, NULL, NULL,
3982 {"( 2.5.13.23 NAME 'uniqueMemberMatch' "
3983 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )",
3984 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3986 uniqueMemberMatch, NULL, NULL,
3989 {"( 2.5.13.24 NAME 'protocolInformationMatch' "
3990 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )",
3991 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3993 protocolInformationMatch, NULL, NULL,
3996 {"( 2.5.13.27 NAME 'generalizedTimeMatch' "
3997 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )",
3998 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4000 generalizedTimeMatch, NULL, NULL,
4003 {"( 2.5.13.28 NAME 'generalizedTimeOrderingMatch' "
4004 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )",
4007 generalizedTimeOrderingMatch, NULL, NULL,
4010 {"( 2.5.13.29 NAME 'integerFirstComponentMatch' "
4011 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
4012 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4014 integerFirstComponentMatch, NULL, NULL,
4017 {"( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' "
4018 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )",
4019 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4021 objectIdentifierFirstComponentMatch, NULL, NULL,
4024 {"( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' "
4025 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4026 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4028 caseExactIA5Match, caseExactIA5Indexer, caseExactIA5Filter,
4029 IA5StringApproxMatchOID },
4031 {"( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' "
4032 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4033 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4035 caseIgnoreIA5Match, caseExactIA5Indexer, caseExactIA5Filter,
4036 IA5StringApproxMatchOID },
4038 {"( 1.3.6.1.4.1.1466.109.114.3 NAME 'caseIgnoreIA5SubstringsMatch' "
4039 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4042 caseIgnoreIA5SubstringsMatch,
4043 caseIgnoreIA5SubstringsIndexer,
4044 caseIgnoreIA5SubstringsFilter,
4047 {"( 1.3.6.1.4.1.4203.1.2.1 NAME 'caseExactIA5SubstringsMatch' "
4048 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4051 caseExactIA5SubstringsMatch,
4052 caseExactIA5SubstringsIndexer,
4053 caseExactIA5SubstringsFilter,
4056 {"( 1.3.6.1.4.1.4203.666.4.1 NAME 'authPasswordMatch' "
4057 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
4060 authPasswordMatch, NULL, NULL,
4063 {"( 1.3.6.1.4.1.4203.666.4.2 NAME 'OpenLDAPaciMatch' "
4064 "SYNTAX 1.3.6.1.4.1.4203.666.2.1 )",
4067 OpenLDAPaciMatch, NULL, NULL,
4070 {NULL, SLAP_MR_NONE, NULL, NULL, NULL, NULL}
4079 /* we should only be called once (from main) */
4080 assert( schema_init_done == 0 );
4082 for ( i=0; syntax_defs[i].sd_desc != NULL; i++ ) {
4083 res = register_syntax( syntax_defs[i].sd_desc,
4084 syntax_defs[i].sd_flags,
4085 syntax_defs[i].sd_validate,
4086 syntax_defs[i].sd_normalize,
4087 syntax_defs[i].sd_pretty
4088 #ifdef SLAPD_BINARY_CONVERSION
4090 syntax_defs[i].sd_ber2str,
4091 syntax_defs[i].sd_str2ber
4096 fprintf( stderr, "schema_init: Error registering syntax %s\n",
4097 syntax_defs[i].sd_desc );
4102 for ( i=0; mrule_defs[i].mrd_desc != NULL; i++ ) {
4103 if( mrule_defs[i].mrd_usage == SLAP_MR_NONE ) {
4105 "schema_init: Ingoring unusable matching rule %s\n",
4106 mrule_defs[i].mrd_desc );
4110 res = register_matching_rule(
4111 mrule_defs[i].mrd_desc,
4112 mrule_defs[i].mrd_usage,
4113 mrule_defs[i].mrd_convert,
4114 mrule_defs[i].mrd_normalize,
4115 mrule_defs[i].mrd_match,
4116 mrule_defs[i].mrd_indexer,
4117 mrule_defs[i].mrd_filter,
4118 mrule_defs[i].mrd_associated );
4122 "schema_init: Error registering matching rule %s\n",
4123 mrule_defs[i].mrd_desc );
4127 schema_init_done = 1;
4128 return LDAP_SUCCESS;