1 /* schema_init.c - init builtin schema */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
13 #include <ac/string.h>
14 #include <ac/socket.h>
18 #include "lutil_md5.h"
20 /* recycled validatation routines */
21 #define berValidate blobValidate
23 /* recycled normalization routines */
24 #define faxNumberNormalize numericStringNormalize
25 #define phoneNumberNormalize numericStringNormalize
26 #define telexNumberNormalize numericStringNormalize
28 /* unimplemented normalizers */
29 #define bitStringNormalize NULL
31 /* unimplemented pretters */
33 #define integerPretty NULL
35 /* recycled matching routines */
36 #define bitStringMatch octetStringMatch
37 #define integerMatch caseIgnoreIA5Match
38 #define numericStringMatch caseIgnoreMatch
39 #define objectIdentifierMatch numericStringMatch
40 #define telephoneNumberMatch numericStringMatch
41 #define telephoneNumberSubstringsMatch caseIgnoreIA5SubstringsMatch
42 #define generalizedTimeMatch numericStringMatch
43 #define generalizedTimeOrderingMatch numericStringMatch
44 #define uniqueMemberMatch dnMatch
46 /* approx matching rules */
47 #define directoryStringApproxMatchOID "1.3.6.1.4.1.4203.666.4.4"
48 #define directoryStringApproxMatch NULL
49 #define IA5StringApproxMatchOID "1.3.6.1.4.1.4203.666.4.5"
50 #define IA5StringApproxMatch NULL
52 /* orderring matching rules */
53 #define caseIgnoreOrderingMatch caseIgnoreMatch
54 #define caseExactOrderingMatch caseExactMatch
56 /* unimplemented matching routines */
57 #define caseIgnoreListMatch NULL
58 #define caseIgnoreListSubstringsMatch NULL
59 #define presentationAddressMatch NULL
60 #define protocolInformationMatch NULL
61 #define integerFirstComponentMatch NULL
63 #define OpenLDAPaciMatch NULL
64 #define authPasswordMatch NULL
66 /* recycled indexing/filtering routines */
67 #define dnIndexer caseIgnoreIndexer
68 #define dnFilter caseIgnoreFilter
69 #define integerIndexer caseIgnoreIA5Indexer
70 #define integerFilter caseIgnoreIA5Filter
72 static char *strcasechr( const char *str, int c )
74 char *lower = strchr( str, TOLOWER(c) );
75 char *upper = strchr( str, TOUPPER(c) );
77 if( lower && upper ) {
78 return lower < upper ? lower : upper;
95 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
98 match = memcmp( value->bv_val,
99 ((struct berval *) assertedValue)->bv_val,
107 /* Index generation function */
108 int octetStringIndexer(
113 struct berval *prefix,
114 struct berval **values,
115 struct berval ***keysp )
119 struct berval **keys;
120 lutil_MD5_CTX MD5context;
121 unsigned char MD5digest[16];
122 struct berval digest;
123 digest.bv_val = MD5digest;
124 digest.bv_len = sizeof(MD5digest);
126 for( i=0; values[i] != NULL; i++ ) {
127 /* just count them */
132 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
134 slen = strlen( syntax->ssyn_oid );
135 mlen = strlen( mr->smr_oid );
137 for( i=0; values[i] != NULL; i++ ) {
138 lutil_MD5Init( &MD5context );
139 if( prefix != NULL && prefix->bv_len > 0 ) {
140 lutil_MD5Update( &MD5context,
141 prefix->bv_val, prefix->bv_len );
143 lutil_MD5Update( &MD5context,
144 syntax->ssyn_oid, slen );
145 lutil_MD5Update( &MD5context,
147 lutil_MD5Update( &MD5context,
148 values[i]->bv_val, values[i]->bv_len );
149 lutil_MD5Final( MD5digest, &MD5context );
151 keys[i] = ber_bvdup( &digest );
161 /* Index generation function */
162 int octetStringFilter(
167 struct berval *prefix,
169 struct berval ***keysp )
172 struct berval **keys;
173 lutil_MD5_CTX MD5context;
174 unsigned char MD5digest[LUTIL_MD5_BYTES];
175 struct berval *value = (struct berval *) assertValue;
176 struct berval digest;
177 digest.bv_val = MD5digest;
178 digest.bv_len = sizeof(MD5digest);
180 slen = strlen( syntax->ssyn_oid );
181 mlen = strlen( mr->smr_oid );
183 keys = ch_malloc( sizeof( struct berval * ) * 2 );
185 lutil_MD5Init( &MD5context );
186 if( prefix != NULL && prefix->bv_len > 0 ) {
187 lutil_MD5Update( &MD5context,
188 prefix->bv_val, prefix->bv_len );
190 lutil_MD5Update( &MD5context,
191 syntax->ssyn_oid, slen );
192 lutil_MD5Update( &MD5context,
194 lutil_MD5Update( &MD5context,
195 value->bv_val, value->bv_len );
196 lutil_MD5Final( MD5digest, &MD5context );
198 keys[0] = ber_bvdup( &digest );
214 if( in->bv_len == 0 ) return LDAP_SUCCESS;
216 dn = ch_strdup( in->bv_val );
218 rc = dn_validate( dn ) == NULL
219 ? LDAP_INVALID_SYNTAX : LDAP_SUCCESS;
229 struct berval **normalized )
231 struct berval *out = ber_bvdup( val );
233 if( out->bv_len != 0 ) {
235 #ifdef USE_DN_NORMALIZE
236 dn = dn_normalize( out->bv_val );
238 dn = dn_validate( out->bv_val );
243 return LDAP_INVALID_SYNTAX;
247 out->bv_len = strlen( dn );
260 struct berval *value,
261 void *assertedValue )
264 struct berval *asserted = (struct berval *) assertedValue;
266 match = value->bv_len - asserted->bv_len;
269 #ifdef USE_DN_NORMALIZE
270 match = strcmp( value->bv_val, asserted->bv_val );
272 match = strcasecmp( value->bv_val, asserted->bv_val );
276 Debug( LDAP_DEBUG_ARGS, "dnMatch %d\n\t\"%s\"\n\t\"%s\"\n",
277 match, value->bv_val, asserted->bv_val );
291 if( in->bv_len == 0 ) return LDAP_SUCCESS;
293 dn = ber_bvdup( in );
295 if( dn->bv_val[dn->bv_len-1] == '\'' ) {
296 /* assume presence of optional UID */
299 for(i=dn->bv_len-2; i>2; i--) {
300 if( dn->bv_val[i] != '0' && dn->bv_val[i] != '1' ) {
304 if( dn->bv_val[i] != '\'' ) {
305 return LDAP_INVALID_SYNTAX;
307 if( dn->bv_val[i-1] != 'B' ) {
308 return LDAP_INVALID_SYNTAX;
310 if( dn->bv_val[i-2] != '#' ) {
311 return LDAP_INVALID_SYNTAX;
314 /* trim the UID to allow use of dn_validate */
315 dn->bv_val[i-2] = '\0';
318 rc = dn_validate( dn->bv_val ) == NULL
319 ? LDAP_INVALID_SYNTAX : LDAP_SUCCESS;
329 struct berval **normalized )
331 struct berval *out = ber_bvdup( val );
333 if( out->bv_len != 0 ) {
337 ber_len_t uidlen = 0;
339 if( out->bv_val[out->bv_len-1] == '\'' ) {
340 /* assume presence of optional UID */
341 uid = strrchr( out->bv_val, '#' );
345 return LDAP_INVALID_SYNTAX;
348 uidlen = out->bv_len - (out->bv_val - uid);
349 /* temporarily trim the UID */
353 #ifdef USE_DN_NORMALIZE
354 dn = dn_normalize( out->bv_val );
356 dn = dn_validate( out->bv_val );
361 return LDAP_INVALID_SYNTAX;
367 /* restore the separator */
370 SAFEMEMCPY( &dn[dnlen], uid, uidlen );
374 out->bv_len = dnlen + uidlen;
386 /* any value allowed */
395 /* any value allowed */
406 /* very unforgiving validation, requires no normalization
407 * before simplistic matching
409 if( in->bv_len < 3 ) {
410 return LDAP_INVALID_SYNTAX;
412 if( in->bv_val[0] != 'B' ||
413 in->bv_val[1] != '\'' ||
414 in->bv_val[in->bv_len-1] != '\'' )
416 return LDAP_INVALID_SYNTAX;
419 for( i=in->bv_len-2; i>1; i-- ) {
420 if( in->bv_val[i] != '0' && in->bv_val[i] != '1' ) {
421 return LDAP_INVALID_SYNTAX;
429 * Handling boolean syntax and matching is quite rigid.
430 * A more flexible approach would be to allow a variety
431 * of strings to be normalized and prettied into TRUE
439 /* very unforgiving validation, requires no normalization
440 * before simplistic matching
443 if( in->bv_len == 4 ) {
444 if( !memcmp( in->bv_val, "TRUE", 4 ) ) {
447 } else if( in->bv_len == 5 ) {
448 if( !memcmp( in->bv_val, "FALSE", 5 ) ) {
453 return LDAP_INVALID_SYNTAX;
462 struct berval *value,
463 void *assertedValue )
465 /* simplistic matching allowed by rigid validation */
466 struct berval *asserted = (struct berval *) assertedValue;
467 *matchp = value->bv_len != asserted->bv_len;
474 struct berval *right,
475 struct berval *left )
479 ldap_unicode_t ru, lu;
480 ldap_unicode_t ruu, luu;
483 r < right->bv_len && l < left->bv_len;
487 * XXYYZ: we convert to ucs4 even though -llunicode
488 * expects ucs2 in an unsigned long
490 ru = ldap_utf8_to_ucs4( &right->bv_val[r] );
491 if( ru == LDAP_UCS4_INVALID ) {
495 lu = ldap_utf8_to_ucs4( &left->bv_val[l] );
496 if( lu == LDAP_UCS4_INVALID ) {
500 ruu = uctoupper( ru );
501 luu = uctoupper( lu );
505 } else if( luu > ruu ) {
509 rlen = LDAP_UTF8_CHARLEN( &right->bv_val[r] );
510 llen = LDAP_UTF8_CHARLEN( &left->bv_val[l] );
513 if( r < right->bv_len ) {
518 if( l < left->bv_len ) {
534 unsigned char *u = in->bv_val;
536 if( !in->bv_len ) return LDAP_INVALID_SYNTAX;
538 for( count = in->bv_len; count > 0; count-=len, u+=len ) {
539 /* get the length indicated by the first byte */
540 len = LDAP_UTF8_CHARLEN( u );
542 /* should not be zero */
543 if( len == 0 ) return LDAP_INVALID_SYNTAX;
545 /* make sure len corresponds with the offset
546 to the next character */
547 if( LDAP_UTF8_OFFSET( u ) != len ) return LDAP_INVALID_SYNTAX;
550 if( count != 0 ) return LDAP_INVALID_SYNTAX;
559 struct berval **normalized )
561 struct berval *newval;
564 newval = ch_malloc( sizeof( struct berval ) );
568 /* Ignore initial whitespace */
569 while ( ldap_utf8_isspace( p ) ) {
575 return LDAP_INVALID_SYNTAX;
578 newval->bv_val = ch_strdup( p );
579 p = q = newval->bv_val;
585 if ( ldap_utf8_isspace( p ) ) {
586 len = LDAP_UTF8_COPY(q,p);
591 /* Ignore the extra whitespace */
592 while ( ldap_utf8_isspace( p ) ) {
596 len = LDAP_UTF8_COPY(q,p);
603 assert( *newval->bv_val );
604 assert( newval->bv_val < p );
607 /* cannot start with a space */
608 assert( !ldap_utf8_isspace(newval->bv_val) );
611 * If the string ended in space, backup the pointer one
612 * position. One is enough because the above loop collapsed
613 * all whitespace to a single space.
620 /* cannot end with a space */
621 assert( !ldap_utf8_isspace( LDAP_UTF8_PREV(q) ) );
626 newval->bv_len = q - newval->bv_val;
627 *normalized = newval;
638 struct berval *value,
639 void *assertedValue )
641 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
644 match = strncmp( value->bv_val,
645 ((struct berval *) assertedValue)->bv_val,
654 caseExactSubstringsMatch(
659 struct berval *value,
660 void *assertedValue )
663 SubstringsAssertion *sub = assertedValue;
664 struct berval left = *value;
668 /* Add up asserted input length */
669 if( sub->sa_initial ) {
670 inlen += sub->sa_initial->bv_len;
673 for(i=0; sub->sa_any[i] != NULL; i++) {
674 inlen += sub->sa_any[i]->bv_len;
677 if( sub->sa_final ) {
678 inlen += sub->sa_final->bv_len;
681 if( sub->sa_initial ) {
682 if( inlen > left.bv_len ) {
687 match = strncmp( sub->sa_initial->bv_val, left.bv_val,
688 sub->sa_initial->bv_len );
694 left.bv_val += sub->sa_initial->bv_len;
695 left.bv_len -= sub->sa_initial->bv_len;
696 inlen -= sub->sa_initial->bv_len;
699 if( sub->sa_final ) {
700 if( inlen > left.bv_len ) {
705 match = strncmp( sub->sa_final->bv_val,
706 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
707 sub->sa_final->bv_len );
713 left.bv_len -= sub->sa_final->bv_len;
714 inlen -= sub->sa_final->bv_len;
718 for(i=0; sub->sa_any[i]; i++) {
723 if( inlen > left.bv_len ) {
724 /* not enough length */
729 if( sub->sa_any[i]->bv_len == 0 ) {
733 p = strchr( left.bv_val, *sub->sa_any[i]->bv_val );
740 idx = p - left.bv_val;
741 assert( idx < left.bv_len );
743 if( idx >= left.bv_len ) {
744 /* this shouldn't happen */
751 if( sub->sa_any[i]->bv_len > left.bv_len ) {
752 /* not enough left */
757 match = strncmp( left.bv_val,
758 sub->sa_any[i]->bv_val,
759 sub->sa_any[i]->bv_len );
767 left.bv_val += sub->sa_any[i]->bv_len;
768 left.bv_len -= sub->sa_any[i]->bv_len;
769 inlen -= sub->sa_any[i]->bv_len;
778 /* Index generation function */
779 int caseExactIndexer(
784 struct berval *prefix,
785 struct berval **values,
786 struct berval ***keysp )
790 struct berval **keys;
791 lutil_MD5_CTX MD5context;
792 unsigned char MD5digest[16];
793 struct berval digest;
794 digest.bv_val = MD5digest;
795 digest.bv_len = sizeof(MD5digest);
797 for( i=0; values[i] != NULL; i++ ) {
798 /* just count them */
803 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
805 slen = strlen( syntax->ssyn_oid );
806 mlen = strlen( mr->smr_oid );
808 for( i=0; values[i] != NULL; i++ ) {
809 struct berval *value = values[i];
811 lutil_MD5Init( &MD5context );
812 if( prefix != NULL && prefix->bv_len > 0 ) {
813 lutil_MD5Update( &MD5context,
814 prefix->bv_val, prefix->bv_len );
816 lutil_MD5Update( &MD5context,
817 syntax->ssyn_oid, slen );
818 lutil_MD5Update( &MD5context,
820 lutil_MD5Update( &MD5context,
821 value->bv_val, value->bv_len );
822 lutil_MD5Final( MD5digest, &MD5context );
824 keys[i] = ber_bvdup( &digest );
832 /* Index generation function */
838 struct berval *prefix,
840 struct berval ***keysp )
843 struct berval **keys;
844 lutil_MD5_CTX MD5context;
845 unsigned char MD5digest[LUTIL_MD5_BYTES];
846 struct berval *value;
847 struct berval digest;
848 digest.bv_val = MD5digest;
849 digest.bv_len = sizeof(MD5digest);
851 slen = strlen( syntax->ssyn_oid );
852 mlen = strlen( mr->smr_oid );
854 value = (struct berval *) assertValue;
856 keys = ch_malloc( sizeof( struct berval * ) * 2 );
858 lutil_MD5Init( &MD5context );
859 if( prefix != NULL && prefix->bv_len > 0 ) {
860 lutil_MD5Update( &MD5context,
861 prefix->bv_val, prefix->bv_len );
863 lutil_MD5Update( &MD5context,
864 syntax->ssyn_oid, slen );
865 lutil_MD5Update( &MD5context,
867 lutil_MD5Update( &MD5context,
868 value->bv_val, value->bv_len );
869 lutil_MD5Final( MD5digest, &MD5context );
871 keys[0] = ber_bvdup( &digest );
878 /* Substrings Index generation function */
879 int caseExactSubstringsIndexer(
884 struct berval *prefix,
885 struct berval **values,
886 struct berval ***keysp )
890 struct berval **keys;
891 lutil_MD5_CTX MD5context;
892 unsigned char MD5digest[16];
893 struct berval digest;
894 digest.bv_val = MD5digest;
895 digest.bv_len = sizeof(MD5digest);
898 for( i=0; values[i] != NULL; i++ ) {
899 /* count number of indices to generate */
900 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
904 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
905 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
906 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
907 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
909 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
913 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
914 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
915 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
919 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
920 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
921 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
922 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
924 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
931 /* no keys to generate */
936 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
938 slen = strlen( syntax->ssyn_oid );
939 mlen = strlen( mr->smr_oid );
942 for( i=0; values[i] != NULL; i++ ) {
944 struct berval *value;
947 if( value->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
949 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
950 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
952 char pre = SLAP_INDEX_SUBSTR_PREFIX;
953 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
955 for( j=0; j<max; j++ ) {
956 lutil_MD5Init( &MD5context );
957 if( prefix != NULL && prefix->bv_len > 0 ) {
958 lutil_MD5Update( &MD5context,
959 prefix->bv_val, prefix->bv_len );
962 lutil_MD5Update( &MD5context,
963 &pre, sizeof( pre ) );
964 lutil_MD5Update( &MD5context,
965 syntax->ssyn_oid, slen );
966 lutil_MD5Update( &MD5context,
968 lutil_MD5Update( &MD5context,
970 SLAP_INDEX_SUBSTR_MAXLEN );
971 lutil_MD5Final( MD5digest, &MD5context );
973 keys[nkeys++] = ber_bvdup( &digest );
977 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
978 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
980 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
983 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
984 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
985 lutil_MD5Init( &MD5context );
986 if( prefix != NULL && prefix->bv_len > 0 ) {
987 lutil_MD5Update( &MD5context,
988 prefix->bv_val, prefix->bv_len );
990 lutil_MD5Update( &MD5context,
991 &pre, sizeof( pre ) );
992 lutil_MD5Update( &MD5context,
993 syntax->ssyn_oid, slen );
994 lutil_MD5Update( &MD5context,
996 lutil_MD5Update( &MD5context,
998 lutil_MD5Final( MD5digest, &MD5context );
1000 keys[nkeys++] = ber_bvdup( &digest );
1003 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
1004 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1005 lutil_MD5Init( &MD5context );
1006 if( prefix != NULL && prefix->bv_len > 0 ) {
1007 lutil_MD5Update( &MD5context,
1008 prefix->bv_val, prefix->bv_len );
1010 lutil_MD5Update( &MD5context,
1011 &pre, sizeof( pre ) );
1012 lutil_MD5Update( &MD5context,
1013 syntax->ssyn_oid, slen );
1014 lutil_MD5Update( &MD5context,
1015 mr->smr_oid, mlen );
1016 lutil_MD5Update( &MD5context,
1017 &value->bv_val[value->bv_len-j], j );
1018 lutil_MD5Final( MD5digest, &MD5context );
1020 keys[nkeys++] = ber_bvdup( &digest );
1034 return LDAP_SUCCESS;
1037 int caseExactSubstringsFilter(
1042 struct berval *prefix,
1044 struct berval ***keysp )
1046 SubstringsAssertion *sa = assertValue;
1048 ber_len_t nkeys = 0;
1049 size_t slen, mlen, klen;
1050 struct berval **keys;
1051 lutil_MD5_CTX MD5context;
1052 unsigned char MD5digest[LUTIL_MD5_BYTES];
1053 struct berval *value;
1054 struct berval digest;
1056 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
1057 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1062 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
1064 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1065 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1066 /* don't bother accounting for stepping */
1067 nkeys += sa->sa_any[i]->bv_len -
1068 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
1073 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
1074 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1081 return LDAP_SUCCESS;
1084 digest.bv_val = MD5digest;
1085 digest.bv_len = sizeof(MD5digest);
1087 slen = strlen( syntax->ssyn_oid );
1088 mlen = strlen( mr->smr_oid );
1090 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
1093 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
1094 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1096 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
1097 value = sa->sa_initial;
1099 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1100 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1102 lutil_MD5Init( &MD5context );
1103 if( prefix != NULL && prefix->bv_len > 0 ) {
1104 lutil_MD5Update( &MD5context,
1105 prefix->bv_val, prefix->bv_len );
1107 lutil_MD5Update( &MD5context,
1108 &pre, sizeof( pre ) );
1109 lutil_MD5Update( &MD5context,
1110 syntax->ssyn_oid, slen );
1111 lutil_MD5Update( &MD5context,
1112 mr->smr_oid, mlen );
1113 lutil_MD5Update( &MD5context,
1114 value->bv_val, klen );
1115 lutil_MD5Final( MD5digest, &MD5context );
1117 keys[nkeys++] = ber_bvdup( &digest );
1120 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
1122 pre = SLAP_INDEX_SUBSTR_PREFIX;
1123 klen = SLAP_INDEX_SUBSTR_MAXLEN;
1125 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1126 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
1130 value = sa->sa_any[i];
1133 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
1134 j += SLAP_INDEX_SUBSTR_STEP )
1136 lutil_MD5Init( &MD5context );
1137 if( prefix != NULL && prefix->bv_len > 0 ) {
1138 lutil_MD5Update( &MD5context,
1139 prefix->bv_val, prefix->bv_len );
1141 lutil_MD5Update( &MD5context,
1142 &pre, sizeof( pre ) );
1143 lutil_MD5Update( &MD5context,
1144 syntax->ssyn_oid, slen );
1145 lutil_MD5Update( &MD5context,
1146 mr->smr_oid, mlen );
1147 lutil_MD5Update( &MD5context,
1148 &value->bv_val[j], klen );
1149 lutil_MD5Final( MD5digest, &MD5context );
1151 keys[nkeys++] = ber_bvdup( &digest );
1156 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
1157 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1159 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1160 value = sa->sa_final;
1162 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1163 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1165 lutil_MD5Init( &MD5context );
1166 if( prefix != NULL && prefix->bv_len > 0 ) {
1167 lutil_MD5Update( &MD5context,
1168 prefix->bv_val, prefix->bv_len );
1170 lutil_MD5Update( &MD5context,
1171 &pre, sizeof( pre ) );
1172 lutil_MD5Update( &MD5context,
1173 syntax->ssyn_oid, slen );
1174 lutil_MD5Update( &MD5context,
1175 mr->smr_oid, mlen );
1176 lutil_MD5Update( &MD5context,
1177 &value->bv_val[value->bv_len-klen], klen );
1178 lutil_MD5Final( MD5digest, &MD5context );
1180 keys[nkeys++] = ber_bvdup( &digest );
1191 return LDAP_SUCCESS;
1200 struct berval *value,
1201 void *assertedValue )
1204 *matchp = UTF8casecmp( value, (struct berval *) assertedValue );
1206 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
1209 match = strncasecmp( value->bv_val,
1210 ((struct berval *) assertedValue)->bv_val,
1216 return LDAP_SUCCESS;
1220 caseIgnoreSubstringsMatch(
1225 struct berval *value,
1226 void *assertedValue )
1229 SubstringsAssertion *sub = assertedValue;
1230 struct berval left = *value;
1234 /* Add up asserted input length */
1235 if( sub->sa_initial ) {
1236 inlen += sub->sa_initial->bv_len;
1239 for(i=0; sub->sa_any[i] != NULL; i++) {
1240 inlen += sub->sa_any[i]->bv_len;
1243 if( sub->sa_final ) {
1244 inlen += sub->sa_final->bv_len;
1247 if( sub->sa_initial ) {
1248 if( inlen > left.bv_len ) {
1253 match = strncasecmp( sub->sa_initial->bv_val, left.bv_val,
1254 sub->sa_initial->bv_len );
1260 left.bv_val += sub->sa_initial->bv_len;
1261 left.bv_len -= sub->sa_initial->bv_len;
1262 inlen -= sub->sa_initial->bv_len;
1265 if( sub->sa_final ) {
1266 if( inlen > left.bv_len ) {
1271 match = strncasecmp( sub->sa_final->bv_val,
1272 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
1273 sub->sa_final->bv_len );
1279 left.bv_len -= sub->sa_final->bv_len;
1280 inlen -= sub->sa_final->bv_len;
1284 for(i=0; sub->sa_any[i]; i++) {
1289 if( inlen > left.bv_len ) {
1290 /* not enough length */
1295 if( sub->sa_any[i]->bv_len == 0 ) {
1299 p = strcasechr( left.bv_val, *sub->sa_any[i]->bv_val );
1306 idx = p - left.bv_val;
1307 assert( idx < left.bv_len );
1309 if( idx >= left.bv_len ) {
1310 /* this shouldn't happen */
1317 if( sub->sa_any[i]->bv_len > left.bv_len ) {
1318 /* not enough left */
1323 match = strncasecmp( left.bv_val,
1324 sub->sa_any[i]->bv_val,
1325 sub->sa_any[i]->bv_len );
1334 left.bv_val += sub->sa_any[i]->bv_len;
1335 left.bv_len -= sub->sa_any[i]->bv_len;
1336 inlen -= sub->sa_any[i]->bv_len;
1342 return LDAP_SUCCESS;
1345 /* Index generation function */
1346 int caseIgnoreIndexer(
1351 struct berval *prefix,
1352 struct berval **values,
1353 struct berval ***keysp )
1357 struct berval **keys;
1358 lutil_MD5_CTX MD5context;
1359 unsigned char MD5digest[16];
1360 struct berval digest;
1361 digest.bv_val = MD5digest;
1362 digest.bv_len = sizeof(MD5digest);
1364 for( i=0; values[i] != NULL; i++ ) {
1365 /* just count them */
1370 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
1372 slen = strlen( syntax->ssyn_oid );
1373 mlen = strlen( mr->smr_oid );
1375 for( i=0; values[i] != NULL; i++ ) {
1376 struct berval *value = ber_bvdup( values[i] );
1377 ldap_pvt_str2upper( value->bv_val );
1379 lutil_MD5Init( &MD5context );
1380 if( prefix != NULL && prefix->bv_len > 0 ) {
1381 lutil_MD5Update( &MD5context,
1382 prefix->bv_val, prefix->bv_len );
1384 lutil_MD5Update( &MD5context,
1385 syntax->ssyn_oid, slen );
1386 lutil_MD5Update( &MD5context,
1387 mr->smr_oid, mlen );
1388 lutil_MD5Update( &MD5context,
1389 value->bv_val, value->bv_len );
1390 lutil_MD5Final( MD5digest, &MD5context );
1392 ber_bvfree( value );
1394 keys[i] = ber_bvdup( &digest );
1399 return LDAP_SUCCESS;
1402 /* Index generation function */
1403 int caseIgnoreFilter(
1408 struct berval *prefix,
1410 struct berval ***keysp )
1413 struct berval **keys;
1414 lutil_MD5_CTX MD5context;
1415 unsigned char MD5digest[LUTIL_MD5_BYTES];
1416 struct berval *value;
1417 struct berval digest;
1418 digest.bv_val = MD5digest;
1419 digest.bv_len = sizeof(MD5digest);
1421 slen = strlen( syntax->ssyn_oid );
1422 mlen = strlen( mr->smr_oid );
1424 value = ber_bvdup( (struct berval *) assertValue );
1425 ldap_pvt_str2upper( value->bv_val );
1427 keys = ch_malloc( sizeof( struct berval * ) * 2 );
1429 lutil_MD5Init( &MD5context );
1430 if( prefix != NULL && prefix->bv_len > 0 ) {
1431 lutil_MD5Update( &MD5context,
1432 prefix->bv_val, prefix->bv_len );
1434 lutil_MD5Update( &MD5context,
1435 syntax->ssyn_oid, slen );
1436 lutil_MD5Update( &MD5context,
1437 mr->smr_oid, mlen );
1438 lutil_MD5Update( &MD5context,
1439 value->bv_val, value->bv_len );
1440 lutil_MD5Final( MD5digest, &MD5context );
1442 keys[0] = ber_bvdup( &digest );
1445 ber_bvfree( value );
1449 return LDAP_SUCCESS;
1452 /* Substrings Index generation function */
1453 int caseIgnoreSubstringsIndexer(
1458 struct berval *prefix,
1459 struct berval **values,
1460 struct berval ***keysp )
1464 struct berval **keys;
1465 lutil_MD5_CTX MD5context;
1466 unsigned char MD5digest[16];
1467 struct berval digest;
1468 digest.bv_val = MD5digest;
1469 digest.bv_len = sizeof(MD5digest);
1472 for( i=0; values[i] != NULL; i++ ) {
1473 /* count number of indices to generate */
1474 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
1478 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
1479 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1480 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
1481 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
1483 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
1487 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
1488 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1489 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
1493 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
1494 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1495 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
1496 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
1498 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
1505 /* no keys to generate */
1507 return LDAP_SUCCESS;
1510 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
1512 slen = strlen( syntax->ssyn_oid );
1513 mlen = strlen( mr->smr_oid );
1516 for( i=0; values[i] != NULL; i++ ) {
1518 struct berval *value;
1520 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
1522 value = ber_bvdup( values[i] );
1523 ldap_pvt_str2upper( value->bv_val );
1525 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
1526 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
1528 char pre = SLAP_INDEX_SUBSTR_PREFIX;
1529 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
1531 for( j=0; j<max; j++ ) {
1532 lutil_MD5Init( &MD5context );
1533 if( prefix != NULL && prefix->bv_len > 0 ) {
1534 lutil_MD5Update( &MD5context,
1535 prefix->bv_val, prefix->bv_len );
1538 lutil_MD5Update( &MD5context,
1539 &pre, sizeof( pre ) );
1540 lutil_MD5Update( &MD5context,
1541 syntax->ssyn_oid, slen );
1542 lutil_MD5Update( &MD5context,
1543 mr->smr_oid, mlen );
1544 lutil_MD5Update( &MD5context,
1546 SLAP_INDEX_SUBSTR_MAXLEN );
1547 lutil_MD5Final( MD5digest, &MD5context );
1549 keys[nkeys++] = ber_bvdup( &digest );
1553 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1554 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1556 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
1559 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
1560 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
1561 lutil_MD5Init( &MD5context );
1562 if( prefix != NULL && prefix->bv_len > 0 ) {
1563 lutil_MD5Update( &MD5context,
1564 prefix->bv_val, prefix->bv_len );
1566 lutil_MD5Update( &MD5context,
1567 &pre, sizeof( pre ) );
1568 lutil_MD5Update( &MD5context,
1569 syntax->ssyn_oid, slen );
1570 lutil_MD5Update( &MD5context,
1571 mr->smr_oid, mlen );
1572 lutil_MD5Update( &MD5context,
1574 lutil_MD5Final( MD5digest, &MD5context );
1576 keys[nkeys++] = ber_bvdup( &digest );
1579 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
1580 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1581 lutil_MD5Init( &MD5context );
1582 if( prefix != NULL && prefix->bv_len > 0 ) {
1583 lutil_MD5Update( &MD5context,
1584 prefix->bv_val, prefix->bv_len );
1586 lutil_MD5Update( &MD5context,
1587 &pre, sizeof( pre ) );
1588 lutil_MD5Update( &MD5context,
1589 syntax->ssyn_oid, slen );
1590 lutil_MD5Update( &MD5context,
1591 mr->smr_oid, mlen );
1592 lutil_MD5Update( &MD5context,
1593 &value->bv_val[value->bv_len-j], j );
1594 lutil_MD5Final( MD5digest, &MD5context );
1596 keys[nkeys++] = ber_bvdup( &digest );
1601 ber_bvfree( value );
1612 return LDAP_SUCCESS;
1615 int caseIgnoreSubstringsFilter(
1620 struct berval *prefix,
1622 struct berval ***keysp )
1624 SubstringsAssertion *sa = assertValue;
1626 ber_len_t nkeys = 0;
1627 size_t slen, mlen, klen;
1628 struct berval **keys;
1629 lutil_MD5_CTX MD5context;
1630 unsigned char MD5digest[LUTIL_MD5_BYTES];
1631 struct berval *value;
1632 struct berval digest;
1634 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
1635 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1640 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
1642 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1643 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
1644 /* don't bother accounting for stepping */
1645 nkeys += sa->sa_any[i]->bv_len -
1646 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
1651 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
1652 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1659 return LDAP_SUCCESS;
1662 digest.bv_val = MD5digest;
1663 digest.bv_len = sizeof(MD5digest);
1665 slen = strlen( syntax->ssyn_oid );
1666 mlen = strlen( mr->smr_oid );
1668 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
1671 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
1672 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1674 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
1675 value = ber_bvdup( sa->sa_initial );
1676 ldap_pvt_str2upper( value->bv_val );
1678 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1679 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1681 lutil_MD5Init( &MD5context );
1682 if( prefix != NULL && prefix->bv_len > 0 ) {
1683 lutil_MD5Update( &MD5context,
1684 prefix->bv_val, prefix->bv_len );
1686 lutil_MD5Update( &MD5context,
1687 &pre, sizeof( pre ) );
1688 lutil_MD5Update( &MD5context,
1689 syntax->ssyn_oid, slen );
1690 lutil_MD5Update( &MD5context,
1691 mr->smr_oid, mlen );
1692 lutil_MD5Update( &MD5context,
1693 value->bv_val, klen );
1694 lutil_MD5Final( MD5digest, &MD5context );
1696 ber_bvfree( value );
1697 keys[nkeys++] = ber_bvdup( &digest );
1700 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
1702 pre = SLAP_INDEX_SUBSTR_PREFIX;
1703 klen = SLAP_INDEX_SUBSTR_MAXLEN;
1705 for( i=0; sa->sa_any[i] != NULL; i++ ) {
1706 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
1710 value = ber_bvdup( sa->sa_any[i] );
1711 ldap_pvt_str2upper( value->bv_val );
1714 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
1715 j += SLAP_INDEX_SUBSTR_STEP )
1717 lutil_MD5Init( &MD5context );
1718 if( prefix != NULL && prefix->bv_len > 0 ) {
1719 lutil_MD5Update( &MD5context,
1720 prefix->bv_val, prefix->bv_len );
1722 lutil_MD5Update( &MD5context,
1723 &pre, sizeof( pre ) );
1724 lutil_MD5Update( &MD5context,
1725 syntax->ssyn_oid, slen );
1726 lutil_MD5Update( &MD5context,
1727 mr->smr_oid, mlen );
1728 lutil_MD5Update( &MD5context,
1729 &value->bv_val[j], klen );
1730 lutil_MD5Final( MD5digest, &MD5context );
1732 keys[nkeys++] = ber_bvdup( &digest );
1735 ber_bvfree( value );
1739 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
1740 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
1742 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
1743 value = ber_bvdup( sa->sa_final );
1744 ldap_pvt_str2upper( value->bv_val );
1746 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
1747 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
1749 lutil_MD5Init( &MD5context );
1750 if( prefix != NULL && prefix->bv_len > 0 ) {
1751 lutil_MD5Update( &MD5context,
1752 prefix->bv_val, prefix->bv_len );
1754 lutil_MD5Update( &MD5context,
1755 &pre, sizeof( pre ) );
1756 lutil_MD5Update( &MD5context,
1757 syntax->ssyn_oid, slen );
1758 lutil_MD5Update( &MD5context,
1759 mr->smr_oid, mlen );
1760 lutil_MD5Update( &MD5context,
1761 &value->bv_val[value->bv_len-klen], klen );
1762 lutil_MD5Final( MD5digest, &MD5context );
1764 ber_bvfree( value );
1765 keys[nkeys++] = ber_bvdup( &digest );
1776 return LDAP_SUCCESS;
1782 struct berval *val )
1786 if( val->bv_len == 0 ) return 0;
1788 if( OID_LEADCHAR(val->bv_val[0]) ) {
1790 for(i=1; i < val->bv_len; i++) {
1791 if( OID_SEPARATOR( val->bv_val[i] ) ) {
1792 if( dot++ ) return 1;
1793 } else if ( OID_CHAR( val->bv_val[i] ) ) {
1796 return LDAP_INVALID_SYNTAX;
1800 return !dot ? LDAP_SUCCESS : LDAP_INVALID_SYNTAX;
1802 } else if( DESC_LEADCHAR(val->bv_val[0]) ) {
1803 for(i=1; i < val->bv_len; i++) {
1804 if( !DESC_CHAR(val->bv_val[i] ) ) {
1805 return LDAP_INVALID_SYNTAX;
1809 return LDAP_SUCCESS;
1812 return LDAP_INVALID_SYNTAX;
1818 struct berval *val )
1822 if( !val->bv_len ) return LDAP_INVALID_SYNTAX;
1824 if( val->bv_val[0] == '+' || val->bv_val[0] == '-' ) {
1825 if( val->bv_len < 2 ) return LDAP_INVALID_SYNTAX;
1826 } else if( !ASCII_DIGIT(val->bv_val[0]) ) {
1827 return LDAP_INVALID_SYNTAX;
1830 for(i=1; i < val->bv_len; i++) {
1831 if( !ASCII_DIGIT(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX;
1834 return LDAP_SUCCESS;
1841 struct berval **normalized )
1844 struct berval *newval;
1850 negative = ( *p == '-' );
1851 if( *p == '-' || *p == '+' ) p++;
1853 /* Ignore leading zeros */
1854 while ( *p == '0' ) p++;
1856 newval = (struct berval *) ch_malloc( sizeof(struct berval) );
1859 newval->bv_val = ch_strdup("0");
1864 newval->bv_val = ch_malloc( val->bv_len + 1 );
1868 newval->bv_val[newval->bv_len++] = '-';
1871 for( ; *p != '\0'; p++ ) {
1872 newval->bv_val[newval->bv_len++] = *p;
1876 *normalized = newval;
1877 return LDAP_SUCCESS;
1881 printableStringValidate(
1883 struct berval *val )
1887 if( !val->bv_len ) return LDAP_INVALID_SYNTAX;
1889 for(i=0; i < val->bv_len; i++) {
1890 if( !isprint(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX;
1893 return LDAP_SUCCESS;
1899 struct berval *val )
1903 if( !val->bv_len ) return LDAP_INVALID_SYNTAX;
1905 for(i=0; i < val->bv_len; i++) {
1906 if( !isascii(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX;
1909 return LDAP_SUCCESS;
1916 struct berval **normalized )
1918 struct berval *newval;
1921 newval = ch_malloc( sizeof( struct berval ) );
1925 /* Ignore initial whitespace */
1926 while ( ASCII_SPACE( *p ) ) {
1932 return LDAP_INVALID_SYNTAX;
1935 newval->bv_val = ch_strdup( p );
1936 p = q = newval->bv_val;
1939 if ( ASCII_SPACE( *p ) ) {
1942 /* Ignore the extra whitespace */
1943 while ( ASCII_SPACE( *p ) ) {
1951 assert( *newval->bv_val );
1952 assert( newval->bv_val < p );
1955 /* cannot start with a space */
1956 assert( !ASCII_SPACE(*newval->bv_val) );
1959 * If the string ended in space, backup the pointer one
1960 * position. One is enough because the above loop collapsed
1961 * all whitespace to a single space.
1964 if ( ASCII_SPACE( q[-1] ) ) {
1968 /* cannot end with a space */
1969 assert( !ASCII_SPACE( q[-1] ) );
1971 /* null terminate */
1974 newval->bv_len = q - newval->bv_val;
1975 *normalized = newval;
1977 return LDAP_SUCCESS;
1986 struct berval *value,
1987 void *assertedValue )
1989 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
1992 match = strncmp( value->bv_val,
1993 ((struct berval *) assertedValue)->bv_val,
1998 return LDAP_SUCCESS;
2002 caseExactIA5SubstringsMatch(
2007 struct berval *value,
2008 void *assertedValue )
2011 SubstringsAssertion *sub = assertedValue;
2012 struct berval left = *value;
2016 /* Add up asserted input length */
2017 if( sub->sa_initial ) {
2018 inlen += sub->sa_initial->bv_len;
2021 for(i=0; sub->sa_any[i] != NULL; i++) {
2022 inlen += sub->sa_any[i]->bv_len;
2025 if( sub->sa_final ) {
2026 inlen += sub->sa_final->bv_len;
2029 if( sub->sa_initial ) {
2030 if( inlen > left.bv_len ) {
2035 match = strncmp( sub->sa_initial->bv_val, left.bv_val,
2036 sub->sa_initial->bv_len );
2042 left.bv_val += sub->sa_initial->bv_len;
2043 left.bv_len -= sub->sa_initial->bv_len;
2044 inlen -= sub->sa_initial->bv_len;
2047 if( sub->sa_final ) {
2048 if( inlen > left.bv_len ) {
2053 match = strncmp( sub->sa_final->bv_val,
2054 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
2055 sub->sa_final->bv_len );
2061 left.bv_len -= sub->sa_final->bv_len;
2062 inlen -= sub->sa_final->bv_len;
2066 for(i=0; sub->sa_any[i]; i++) {
2071 if( inlen > left.bv_len ) {
2072 /* not enough length */
2077 if( sub->sa_any[i]->bv_len == 0 ) {
2081 p = strchr( left.bv_val, *sub->sa_any[i]->bv_val );
2088 idx = p - left.bv_val;
2089 assert( idx < left.bv_len );
2091 if( idx >= left.bv_len ) {
2092 /* this shouldn't happen */
2099 if( sub->sa_any[i]->bv_len > left.bv_len ) {
2100 /* not enough left */
2105 match = strncmp( left.bv_val,
2106 sub->sa_any[i]->bv_val,
2107 sub->sa_any[i]->bv_len );
2115 left.bv_val += sub->sa_any[i]->bv_len;
2116 left.bv_len -= sub->sa_any[i]->bv_len;
2117 inlen -= sub->sa_any[i]->bv_len;
2123 return LDAP_SUCCESS;
2126 /* Index generation function */
2127 int caseExactIA5Indexer(
2132 struct berval *prefix,
2133 struct berval **values,
2134 struct berval ***keysp )
2138 struct berval **keys;
2139 lutil_MD5_CTX MD5context;
2140 unsigned char MD5digest[16];
2141 struct berval digest;
2142 digest.bv_val = MD5digest;
2143 digest.bv_len = sizeof(MD5digest);
2145 for( i=0; values[i] != NULL; i++ ) {
2146 /* just count them */
2151 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
2153 slen = strlen( syntax->ssyn_oid );
2154 mlen = strlen( mr->smr_oid );
2156 for( i=0; values[i] != NULL; i++ ) {
2157 struct berval *value = values[i];
2159 lutil_MD5Init( &MD5context );
2160 if( prefix != NULL && prefix->bv_len > 0 ) {
2161 lutil_MD5Update( &MD5context,
2162 prefix->bv_val, prefix->bv_len );
2164 lutil_MD5Update( &MD5context,
2165 syntax->ssyn_oid, slen );
2166 lutil_MD5Update( &MD5context,
2167 mr->smr_oid, mlen );
2168 lutil_MD5Update( &MD5context,
2169 value->bv_val, value->bv_len );
2170 lutil_MD5Final( MD5digest, &MD5context );
2172 keys[i] = ber_bvdup( &digest );
2177 return LDAP_SUCCESS;
2180 /* Index generation function */
2181 int caseExactIA5Filter(
2186 struct berval *prefix,
2188 struct berval ***keysp )
2191 struct berval **keys;
2192 lutil_MD5_CTX MD5context;
2193 unsigned char MD5digest[LUTIL_MD5_BYTES];
2194 struct berval *value;
2195 struct berval digest;
2196 digest.bv_val = MD5digest;
2197 digest.bv_len = sizeof(MD5digest);
2199 slen = strlen( syntax->ssyn_oid );
2200 mlen = strlen( mr->smr_oid );
2202 value = (struct berval *) assertValue;
2204 keys = ch_malloc( sizeof( struct berval * ) * 2 );
2206 lutil_MD5Init( &MD5context );
2207 if( prefix != NULL && prefix->bv_len > 0 ) {
2208 lutil_MD5Update( &MD5context,
2209 prefix->bv_val, prefix->bv_len );
2211 lutil_MD5Update( &MD5context,
2212 syntax->ssyn_oid, slen );
2213 lutil_MD5Update( &MD5context,
2214 mr->smr_oid, mlen );
2215 lutil_MD5Update( &MD5context,
2216 value->bv_val, value->bv_len );
2217 lutil_MD5Final( MD5digest, &MD5context );
2219 keys[0] = ber_bvdup( &digest );
2223 return LDAP_SUCCESS;
2226 /* Substrings Index generation function */
2227 int caseExactIA5SubstringsIndexer(
2232 struct berval *prefix,
2233 struct berval **values,
2234 struct berval ***keysp )
2238 struct berval **keys;
2239 lutil_MD5_CTX MD5context;
2240 unsigned char MD5digest[16];
2241 struct berval digest;
2242 digest.bv_val = MD5digest;
2243 digest.bv_len = sizeof(MD5digest);
2246 for( i=0; values[i] != NULL; i++ ) {
2247 /* count number of indices to generate */
2248 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
2252 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2253 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2254 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2255 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2257 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2261 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
2262 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2263 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
2267 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2268 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2269 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2270 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2272 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2279 /* no keys to generate */
2281 return LDAP_SUCCESS;
2284 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
2286 slen = strlen( syntax->ssyn_oid );
2287 mlen = strlen( mr->smr_oid );
2290 for( i=0; values[i] != NULL; i++ ) {
2292 struct berval *value;
2295 if( value->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
2297 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
2298 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
2300 char pre = SLAP_INDEX_SUBSTR_PREFIX;
2301 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
2303 for( j=0; j<max; j++ ) {
2304 lutil_MD5Init( &MD5context );
2305 if( prefix != NULL && prefix->bv_len > 0 ) {
2306 lutil_MD5Update( &MD5context,
2307 prefix->bv_val, prefix->bv_len );
2310 lutil_MD5Update( &MD5context,
2311 &pre, sizeof( pre ) );
2312 lutil_MD5Update( &MD5context,
2313 syntax->ssyn_oid, slen );
2314 lutil_MD5Update( &MD5context,
2315 mr->smr_oid, mlen );
2316 lutil_MD5Update( &MD5context,
2318 SLAP_INDEX_SUBSTR_MAXLEN );
2319 lutil_MD5Final( MD5digest, &MD5context );
2321 keys[nkeys++] = ber_bvdup( &digest );
2325 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2326 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2328 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
2331 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2332 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
2333 lutil_MD5Init( &MD5context );
2334 if( prefix != NULL && prefix->bv_len > 0 ) {
2335 lutil_MD5Update( &MD5context,
2336 prefix->bv_val, prefix->bv_len );
2338 lutil_MD5Update( &MD5context,
2339 &pre, sizeof( pre ) );
2340 lutil_MD5Update( &MD5context,
2341 syntax->ssyn_oid, slen );
2342 lutil_MD5Update( &MD5context,
2343 mr->smr_oid, mlen );
2344 lutil_MD5Update( &MD5context,
2346 lutil_MD5Final( MD5digest, &MD5context );
2348 keys[nkeys++] = ber_bvdup( &digest );
2351 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2352 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
2353 lutil_MD5Init( &MD5context );
2354 if( prefix != NULL && prefix->bv_len > 0 ) {
2355 lutil_MD5Update( &MD5context,
2356 prefix->bv_val, prefix->bv_len );
2358 lutil_MD5Update( &MD5context,
2359 &pre, sizeof( pre ) );
2360 lutil_MD5Update( &MD5context,
2361 syntax->ssyn_oid, slen );
2362 lutil_MD5Update( &MD5context,
2363 mr->smr_oid, mlen );
2364 lutil_MD5Update( &MD5context,
2365 &value->bv_val[value->bv_len-j], j );
2366 lutil_MD5Final( MD5digest, &MD5context );
2368 keys[nkeys++] = ber_bvdup( &digest );
2382 return LDAP_SUCCESS;
2385 int caseExactIA5SubstringsFilter(
2390 struct berval *prefix,
2392 struct berval ***keysp )
2394 SubstringsAssertion *sa = assertValue;
2396 ber_len_t nkeys = 0;
2397 size_t slen, mlen, klen;
2398 struct berval **keys;
2399 lutil_MD5_CTX MD5context;
2400 unsigned char MD5digest[LUTIL_MD5_BYTES];
2401 struct berval *value;
2402 struct berval digest;
2404 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
2405 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2410 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
2412 for( i=0; sa->sa_any[i] != NULL; i++ ) {
2413 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2414 /* don't bother accounting for stepping */
2415 nkeys += sa->sa_any[i]->bv_len -
2416 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
2421 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
2422 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2429 return LDAP_SUCCESS;
2432 digest.bv_val = MD5digest;
2433 digest.bv_len = sizeof(MD5digest);
2435 slen = strlen( syntax->ssyn_oid );
2436 mlen = strlen( mr->smr_oid );
2438 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
2441 if( flags & SLAP_INDEX_SUBSTR_INITIAL && sa->sa_initial != NULL &&
2442 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2444 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
2445 value = sa->sa_initial;
2447 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2448 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2450 lutil_MD5Init( &MD5context );
2451 if( prefix != NULL && prefix->bv_len > 0 ) {
2452 lutil_MD5Update( &MD5context,
2453 prefix->bv_val, prefix->bv_len );
2455 lutil_MD5Update( &MD5context,
2456 &pre, sizeof( pre ) );
2457 lutil_MD5Update( &MD5context,
2458 syntax->ssyn_oid, slen );
2459 lutil_MD5Update( &MD5context,
2460 mr->smr_oid, mlen );
2461 lutil_MD5Update( &MD5context,
2462 value->bv_val, klen );
2463 lutil_MD5Final( MD5digest, &MD5context );
2465 keys[nkeys++] = ber_bvdup( &digest );
2468 if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
2470 pre = SLAP_INDEX_SUBSTR_PREFIX;
2471 klen = SLAP_INDEX_SUBSTR_MAXLEN;
2473 for( i=0; sa->sa_any[i] != NULL; i++ ) {
2474 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
2478 value = sa->sa_any[i];
2481 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
2482 j += SLAP_INDEX_SUBSTR_STEP )
2484 lutil_MD5Init( &MD5context );
2485 if( prefix != NULL && prefix->bv_len > 0 ) {
2486 lutil_MD5Update( &MD5context,
2487 prefix->bv_val, prefix->bv_len );
2489 lutil_MD5Update( &MD5context,
2490 &pre, sizeof( pre ) );
2491 lutil_MD5Update( &MD5context,
2492 syntax->ssyn_oid, slen );
2493 lutil_MD5Update( &MD5context,
2494 mr->smr_oid, mlen );
2495 lutil_MD5Update( &MD5context,
2496 &value->bv_val[j], klen );
2497 lutil_MD5Final( MD5digest, &MD5context );
2499 keys[nkeys++] = ber_bvdup( &digest );
2504 if( flags & SLAP_INDEX_SUBSTR_FINAL && sa->sa_final != NULL &&
2505 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2507 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
2508 value = sa->sa_final;
2510 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2511 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2513 lutil_MD5Init( &MD5context );
2514 if( prefix != NULL && prefix->bv_len > 0 ) {
2515 lutil_MD5Update( &MD5context,
2516 prefix->bv_val, prefix->bv_len );
2518 lutil_MD5Update( &MD5context,
2519 &pre, sizeof( pre ) );
2520 lutil_MD5Update( &MD5context,
2521 syntax->ssyn_oid, slen );
2522 lutil_MD5Update( &MD5context,
2523 mr->smr_oid, mlen );
2524 lutil_MD5Update( &MD5context,
2525 &value->bv_val[value->bv_len-klen], klen );
2526 lutil_MD5Final( MD5digest, &MD5context );
2528 keys[nkeys++] = ber_bvdup( &digest );
2539 return LDAP_SUCCESS;
2548 struct berval *value,
2549 void *assertedValue )
2551 int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
2554 match = strncasecmp( value->bv_val,
2555 ((struct berval *) assertedValue)->bv_val,
2560 return LDAP_SUCCESS;
2564 caseIgnoreIA5SubstringsMatch(
2569 struct berval *value,
2570 void *assertedValue )
2573 SubstringsAssertion *sub = assertedValue;
2574 struct berval left = *value;
2578 /* Add up asserted input length */
2579 if( sub->sa_initial ) {
2580 inlen += sub->sa_initial->bv_len;
2583 for(i=0; sub->sa_any[i] != NULL; i++) {
2584 inlen += sub->sa_any[i]->bv_len;
2587 if( sub->sa_final ) {
2588 inlen += sub->sa_final->bv_len;
2591 if( sub->sa_initial ) {
2592 if( inlen > left.bv_len ) {
2597 match = strncasecmp( sub->sa_initial->bv_val, left.bv_val,
2598 sub->sa_initial->bv_len );
2604 left.bv_val += sub->sa_initial->bv_len;
2605 left.bv_len -= sub->sa_initial->bv_len;
2606 inlen -= sub->sa_initial->bv_len;
2609 if( sub->sa_final ) {
2610 if( inlen > left.bv_len ) {
2615 match = strncasecmp( sub->sa_final->bv_val,
2616 &left.bv_val[left.bv_len - sub->sa_final->bv_len],
2617 sub->sa_final->bv_len );
2623 left.bv_len -= sub->sa_final->bv_len;
2624 inlen -= sub->sa_final->bv_len;
2628 for(i=0; sub->sa_any[i]; i++) {
2633 if( inlen > left.bv_len ) {
2634 /* not enough length */
2639 if( sub->sa_any[i]->bv_len == 0 ) {
2643 p = strcasechr( left.bv_val, *sub->sa_any[i]->bv_val );
2650 idx = p - left.bv_val;
2651 assert( idx < left.bv_len );
2653 if( idx >= left.bv_len ) {
2654 /* this shouldn't happen */
2661 if( sub->sa_any[i]->bv_len > left.bv_len ) {
2662 /* not enough left */
2667 match = strncasecmp( left.bv_val,
2668 sub->sa_any[i]->bv_val,
2669 sub->sa_any[i]->bv_len );
2678 left.bv_val += sub->sa_any[i]->bv_len;
2679 left.bv_len -= sub->sa_any[i]->bv_len;
2680 inlen -= sub->sa_any[i]->bv_len;
2686 return LDAP_SUCCESS;
2689 /* Index generation function */
2690 int caseIgnoreIA5Indexer(
2695 struct berval *prefix,
2696 struct berval **values,
2697 struct berval ***keysp )
2701 struct berval **keys;
2702 lutil_MD5_CTX MD5context;
2703 unsigned char MD5digest[16];
2704 struct berval digest;
2705 digest.bv_val = MD5digest;
2706 digest.bv_len = sizeof(MD5digest);
2708 for( i=0; values[i] != NULL; i++ ) {
2709 /* just count them */
2714 keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
2716 slen = strlen( syntax->ssyn_oid );
2717 mlen = strlen( mr->smr_oid );
2719 for( i=0; values[i] != NULL; i++ ) {
2720 struct berval *value = ber_bvdup( values[i] );
2721 ldap_pvt_str2upper( value->bv_val );
2723 lutil_MD5Init( &MD5context );
2724 if( prefix != NULL && prefix->bv_len > 0 ) {
2725 lutil_MD5Update( &MD5context,
2726 prefix->bv_val, prefix->bv_len );
2728 lutil_MD5Update( &MD5context,
2729 syntax->ssyn_oid, slen );
2730 lutil_MD5Update( &MD5context,
2731 mr->smr_oid, mlen );
2732 lutil_MD5Update( &MD5context,
2733 value->bv_val, value->bv_len );
2734 lutil_MD5Final( MD5digest, &MD5context );
2736 ber_bvfree( value );
2738 keys[i] = ber_bvdup( &digest );
2743 return LDAP_SUCCESS;
2746 /* Index generation function */
2747 int caseIgnoreIA5Filter(
2752 struct berval *prefix,
2754 struct berval ***keysp )
2757 struct berval **keys;
2758 lutil_MD5_CTX MD5context;
2759 unsigned char MD5digest[LUTIL_MD5_BYTES];
2760 struct berval *value;
2761 struct berval digest;
2762 digest.bv_val = MD5digest;
2763 digest.bv_len = sizeof(MD5digest);
2765 slen = strlen( syntax->ssyn_oid );
2766 mlen = strlen( mr->smr_oid );
2768 value = ber_bvdup( (struct berval *) assertValue );
2769 ldap_pvt_str2upper( value->bv_val );
2771 keys = ch_malloc( sizeof( struct berval * ) * 2 );
2773 lutil_MD5Init( &MD5context );
2774 if( prefix != NULL && prefix->bv_len > 0 ) {
2775 lutil_MD5Update( &MD5context,
2776 prefix->bv_val, prefix->bv_len );
2778 lutil_MD5Update( &MD5context,
2779 syntax->ssyn_oid, slen );
2780 lutil_MD5Update( &MD5context,
2781 mr->smr_oid, mlen );
2782 lutil_MD5Update( &MD5context,
2783 value->bv_val, value->bv_len );
2784 lutil_MD5Final( MD5digest, &MD5context );
2786 keys[0] = ber_bvdup( &digest );
2789 ber_bvfree( value );
2793 return LDAP_SUCCESS;
2796 /* Substrings Index generation function */
2797 int caseIgnoreIA5SubstringsIndexer(
2802 struct berval *prefix,
2803 struct berval **values,
2804 struct berval ***keysp )
2808 struct berval **keys;
2809 lutil_MD5_CTX MD5context;
2810 unsigned char MD5digest[16];
2811 struct berval digest;
2812 digest.bv_val = MD5digest;
2813 digest.bv_len = sizeof(MD5digest);
2816 for( i=0; values[i] != NULL; i++ ) {
2817 /* count number of indices to generate */
2818 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) {
2822 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2823 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2824 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2825 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2827 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2831 if( flags & SLAP_INDEX_SUBSTR_ANY ) {
2832 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2833 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
2837 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2838 if( values[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2839 nkeys += SLAP_INDEX_SUBSTR_MAXLEN -
2840 ( SLAP_INDEX_SUBSTR_MINLEN - 1);
2842 nkeys += values[i]->bv_len - ( SLAP_INDEX_SUBSTR_MINLEN - 1 );
2849 /* no keys to generate */
2851 return LDAP_SUCCESS;
2854 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
2856 slen = strlen( syntax->ssyn_oid );
2857 mlen = strlen( mr->smr_oid );
2860 for( i=0; values[i] != NULL; i++ ) {
2862 struct berval *value;
2864 if( values[i]->bv_len < SLAP_INDEX_SUBSTR_MINLEN ) continue;
2866 value = ber_bvdup( values[i] );
2867 ldap_pvt_str2upper( value->bv_val );
2869 if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
2870 ( value->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) )
2872 char pre = SLAP_INDEX_SUBSTR_PREFIX;
2873 max = value->bv_len - ( SLAP_INDEX_SUBSTR_MAXLEN - 1);
2875 for( j=0; j<max; j++ ) {
2876 lutil_MD5Init( &MD5context );
2877 if( prefix != NULL && prefix->bv_len > 0 ) {
2878 lutil_MD5Update( &MD5context,
2879 prefix->bv_val, prefix->bv_len );
2882 lutil_MD5Update( &MD5context,
2883 &pre, sizeof( pre ) );
2884 lutil_MD5Update( &MD5context,
2885 syntax->ssyn_oid, slen );
2886 lutil_MD5Update( &MD5context,
2887 mr->smr_oid, mlen );
2888 lutil_MD5Update( &MD5context,
2890 SLAP_INDEX_SUBSTR_MAXLEN );
2891 lutil_MD5Final( MD5digest, &MD5context );
2893 keys[nkeys++] = ber_bvdup( &digest );
2897 max = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
2898 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
2900 for( j=SLAP_INDEX_SUBSTR_MINLEN; j<=max; j++ ) {
2903 if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
2904 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
2905 lutil_MD5Init( &MD5context );
2906 if( prefix != NULL && prefix->bv_len > 0 ) {
2907 lutil_MD5Update( &MD5context,
2908 prefix->bv_val, prefix->bv_len );
2910 lutil_MD5Update( &MD5context,
2911 &pre, sizeof( pre ) );
2912 lutil_MD5Update( &MD5context,
2913 syntax->ssyn_oid, slen );
2914 lutil_MD5Update( &MD5context,
2915 mr->smr_oid, mlen );
2916 lutil_MD5Update( &MD5context,
2918 lutil_MD5Final( MD5digest, &MD5context );
2920 keys[nkeys++] = ber_bvdup( &digest );
2923 if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
2924 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
2925 lutil_MD5Init( &MD5context );
2926 if( prefix != NULL && prefix->bv_len > 0 ) {
2927 lutil_MD5Update( &MD5context,
2928 prefix->bv_val, prefix->bv_len );
2930 lutil_MD5Update( &MD5context,
2931 &pre, sizeof( pre ) );
2932 lutil_MD5Update( &MD5context,
2933 syntax->ssyn_oid, slen );
2934 lutil_MD5Update( &MD5context,
2935 mr->smr_oid, mlen );
2936 lutil_MD5Update( &MD5context,
2937 &value->bv_val[value->bv_len-j], j );
2938 lutil_MD5Final( MD5digest, &MD5context );
2940 keys[nkeys++] = ber_bvdup( &digest );
2945 ber_bvfree( value );
2956 return LDAP_SUCCESS;
2959 int caseIgnoreIA5SubstringsFilter(
2964 struct berval *prefix,
2966 struct berval ***keysp )
2968 SubstringsAssertion *sa = assertValue;
2970 ber_len_t nkeys = 0;
2971 size_t slen, mlen, klen;
2972 struct berval **keys;
2973 lutil_MD5_CTX MD5context;
2974 unsigned char MD5digest[LUTIL_MD5_BYTES];
2975 struct berval *value;
2976 struct berval digest;
2978 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
2979 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
2984 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
2986 for( i=0; sa->sa_any[i] != NULL; i++ ) {
2987 if( sa->sa_any[i]->bv_len >= SLAP_INDEX_SUBSTR_MAXLEN ) {
2988 /* don't bother accounting for stepping */
2989 nkeys += sa->sa_any[i]->bv_len -
2990 ( SLAP_INDEX_SUBSTR_MAXLEN - 1 );
2995 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
2996 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
3003 return LDAP_SUCCESS;
3006 digest.bv_val = MD5digest;
3007 digest.bv_len = sizeof(MD5digest);
3009 slen = strlen( syntax->ssyn_oid );
3010 mlen = strlen( mr->smr_oid );
3012 keys = ch_malloc( sizeof( struct berval * ) * (nkeys+1) );
3015 if((flags & SLAP_INDEX_SUBSTR_INITIAL) && sa->sa_initial != NULL &&
3016 sa->sa_initial->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
3018 pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
3019 value = ber_bvdup( sa->sa_initial );
3020 ldap_pvt_str2upper( value->bv_val );
3022 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
3023 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
3025 lutil_MD5Init( &MD5context );
3026 if( prefix != NULL && prefix->bv_len > 0 ) {
3027 lutil_MD5Update( &MD5context,
3028 prefix->bv_val, prefix->bv_len );
3030 lutil_MD5Update( &MD5context,
3031 &pre, sizeof( pre ) );
3032 lutil_MD5Update( &MD5context,
3033 syntax->ssyn_oid, slen );
3034 lutil_MD5Update( &MD5context,
3035 mr->smr_oid, mlen );
3036 lutil_MD5Update( &MD5context,
3037 value->bv_val, klen );
3038 lutil_MD5Final( MD5digest, &MD5context );
3040 ber_bvfree( value );
3041 keys[nkeys++] = ber_bvdup( &digest );
3044 if((flags & SLAP_INDEX_SUBSTR_ANY) && sa->sa_any != NULL ) {
3046 pre = SLAP_INDEX_SUBSTR_PREFIX;
3047 klen = SLAP_INDEX_SUBSTR_MAXLEN;
3049 for( i=0; sa->sa_any[i] != NULL; i++ ) {
3050 if( sa->sa_any[i]->bv_len < SLAP_INDEX_SUBSTR_MAXLEN ) {
3054 value = ber_bvdup( sa->sa_any[i] );
3055 ldap_pvt_str2upper( value->bv_val );
3058 j <= value->bv_len - SLAP_INDEX_SUBSTR_MAXLEN;
3059 j += SLAP_INDEX_SUBSTR_STEP )
3061 lutil_MD5Init( &MD5context );
3062 if( prefix != NULL && prefix->bv_len > 0 ) {
3063 lutil_MD5Update( &MD5context,
3064 prefix->bv_val, prefix->bv_len );
3066 lutil_MD5Update( &MD5context,
3067 &pre, sizeof( pre ) );
3068 lutil_MD5Update( &MD5context,
3069 syntax->ssyn_oid, slen );
3070 lutil_MD5Update( &MD5context,
3071 mr->smr_oid, mlen );
3072 lutil_MD5Update( &MD5context,
3073 &value->bv_val[j], klen );
3074 lutil_MD5Final( MD5digest, &MD5context );
3076 keys[nkeys++] = ber_bvdup( &digest );
3079 ber_bvfree( value );
3083 if((flags & SLAP_INDEX_SUBSTR_FINAL) && sa->sa_final != NULL &&
3084 sa->sa_final->bv_len >= SLAP_INDEX_SUBSTR_MINLEN )
3086 pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
3087 value = ber_bvdup( sa->sa_final );
3088 ldap_pvt_str2upper( value->bv_val );
3090 klen = SLAP_INDEX_SUBSTR_MAXLEN < value->bv_len
3091 ? SLAP_INDEX_SUBSTR_MAXLEN : value->bv_len;
3093 lutil_MD5Init( &MD5context );
3094 if( prefix != NULL && prefix->bv_len > 0 ) {
3095 lutil_MD5Update( &MD5context,
3096 prefix->bv_val, prefix->bv_len );
3098 lutil_MD5Update( &MD5context,
3099 &pre, sizeof( pre ) );
3100 lutil_MD5Update( &MD5context,
3101 syntax->ssyn_oid, slen );
3102 lutil_MD5Update( &MD5context,
3103 mr->smr_oid, mlen );
3104 lutil_MD5Update( &MD5context,
3105 &value->bv_val[value->bv_len-klen], klen );
3106 lutil_MD5Final( MD5digest, &MD5context );
3108 ber_bvfree( value );
3109 keys[nkeys++] = ber_bvdup( &digest );
3120 return LDAP_SUCCESS;
3124 numericStringNormalize(
3127 struct berval **normalized )
3129 /* similiar to IA5StringNormalize except removes all spaces */
3130 struct berval *newval;
3133 newval = ch_malloc( sizeof( struct berval ) );
3137 /* Ignore initial whitespace */
3138 while ( ASCII_SPACE( *p ) ) {
3144 return LDAP_INVALID_SYNTAX;
3147 newval->bv_val = ch_strdup( p );
3148 p = q = newval->bv_val;
3151 if ( ASCII_SPACE( *p ) ) {
3152 /* Ignore whitespace */
3159 assert( *newval->bv_val );
3160 assert( newval->bv_val < p );
3163 /* cannot start with a space */
3164 assert( !ASCII_SPACE(*newval->bv_val) );
3166 /* cannot end with a space */
3167 assert( !ASCII_SPACE( q[-1] ) );
3169 /* null terminate */
3172 newval->bv_len = q - newval->bv_val;
3173 *normalized = newval;
3175 return LDAP_SUCCESS;
3179 objectIdentifierFirstComponentMatch(
3184 struct berval *value,
3185 void *assertedValue )
3187 int rc = LDAP_SUCCESS;
3189 struct berval *asserted = (struct berval *) assertedValue;
3193 if( value->bv_len == 0 || value->bv_val[0] != '(' /*')'*/ ) {
3194 return LDAP_INVALID_SYNTAX;
3197 /* trim leading white space */
3198 for( i=1; ASCII_SPACE(value->bv_val[i]) && i < value->bv_len; i++ ) {
3202 /* grab next word */
3203 oid.bv_val = &value->bv_val[i];
3204 oid.bv_len = value->bv_len - i;
3205 for( i=1; ASCII_SPACE(value->bv_val[i]) && i < oid.bv_len; i++ ) {
3210 /* insert attributeTypes, objectclass check here */
3211 if( OID_LEADCHAR(asserted->bv_val[0]) ) {
3212 rc = objectIdentifierMatch( &match, flags, syntax, mr, &oid, asserted );
3215 char *stored = ch_malloc( oid.bv_len + 1 );
3216 AC_MEMCPY( stored, oid.bv_val, oid.bv_len );
3217 stored[oid.bv_len] = '\0';
3219 if ( !strcmp( syntax->ssyn_oid, SLAP_SYNTAX_MATCHINGRULES_OID ) ) {
3220 MatchingRule *asserted_mr = mr_find( asserted->bv_val );
3221 MatchingRule *stored_mr = mr_find( stored );
3223 if( asserted_mr == NULL ) {
3224 rc = SLAPD_COMPARE_UNDEFINED;
3226 match = asserted_mr != stored_mr;
3229 } else if ( !strcmp( syntax->ssyn_oid,
3230 SLAP_SYNTAX_ATTRIBUTETYPES_OID ) )
3232 AttributeType *asserted_at = at_find( asserted->bv_val );
3233 AttributeType *stored_at = at_find( stored );
3235 if( asserted_at == NULL ) {
3236 rc = SLAPD_COMPARE_UNDEFINED;
3238 match = asserted_at != stored_at;
3241 } else if ( !strcmp( syntax->ssyn_oid,
3242 SLAP_SYNTAX_OBJECTCLASSES_OID ) )
3244 ObjectClass *asserted_oc = oc_find( asserted->bv_val );
3245 ObjectClass *stored_oc = oc_find( stored );
3247 if( asserted_oc == NULL ) {
3248 rc = SLAPD_COMPARE_UNDEFINED;
3250 match = asserted_oc != stored_oc;
3257 Debug( LDAP_DEBUG_ARGS, "objectIdentifierFirstComponentMatch "
3258 "%d\n\t\"%s\"\n\t\"%s\"\n",
3259 match, value->bv_val, asserted->bv_val );
3261 if( rc == LDAP_SUCCESS ) *matchp = match;
3266 check_time_syntax (struct berval *val,
3270 static int ceiling[9] = { 99, 99, 11, 30, 23, 59, 59, 12, 59 };
3271 static int mdays[2][12] = {
3272 /* non-leap years */
3273 { 30, 27, 30, 29, 30, 29, 30, 30, 29, 30, 29, 30 },
3275 { 30, 28, 30, 29, 30, 29, 30, 30, 29, 30, 29, 30 }
3278 int part, c, tzoffset, leapyear = 0 ;
3280 if( val->bv_len == 0 ) {
3281 return LDAP_INVALID_SYNTAX;
3284 p = (char *)val->bv_val;
3285 e = p + val->bv_len;
3287 /* Ignore initial whitespace */
3288 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3292 if (e - p < 13 - (2 * start)) {
3293 return LDAP_INVALID_SYNTAX;
3296 for (part = 0; part < 9; part++) {
3300 for (part = start; part < 7; part++) {
3302 if ((part == 6) && (c == 'Z' || c == '+' || c == '-')) {
3309 return LDAP_INVALID_SYNTAX;
3311 if (c < 0 || c > 9) {
3312 return LDAP_INVALID_SYNTAX;
3318 return LDAP_INVALID_SYNTAX;
3320 if (c < 0 || c > 9) {
3321 return LDAP_INVALID_SYNTAX;
3326 if (part == 2 || part == 3) {
3329 if (parts[part] < 0) {
3330 return LDAP_INVALID_SYNTAX;
3332 if (parts[part] > ceiling[part]) {
3333 return LDAP_INVALID_SYNTAX;
3337 /* leapyear check for the Gregorian calendar (year>1581) */
3338 if (((parts[1] % 4 == 0) && (parts[1] != 0)) ||
3339 ((parts[0] % 4 == 0) && (parts[1] == 0)))
3344 if (parts[3] > mdays[leapyear][parts[2]]) {
3345 return LDAP_INVALID_SYNTAX;
3350 tzoffset = 0; /* UTC */
3351 } else if (c != '+' && c != '-') {
3352 return LDAP_INVALID_SYNTAX;
3356 } else /* c == '+' */ {
3361 return LDAP_INVALID_SYNTAX;
3364 for (part = 7; part < 9; part++) {
3366 if (c < 0 || c > 9) {
3367 return LDAP_INVALID_SYNTAX;
3372 if (c < 0 || c > 9) {
3373 return LDAP_INVALID_SYNTAX;
3377 if (parts[part] < 0 || parts[part] > ceiling[part]) {
3378 return LDAP_INVALID_SYNTAX;
3383 /* Ignore trailing whitespace */
3384 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3388 return LDAP_INVALID_SYNTAX;
3391 switch ( tzoffset ) {
3392 case -1: /* negativ offset to UTC, ie west of Greenwich */
3393 parts[4] += parts[7];
3394 parts[5] += parts[8];
3395 for (part = 6; --part > 0; ) { /* offset is just hhmm, no seconds */
3399 c = mdays[leapyear][parts[2]];
3401 if (parts[part] > c) {
3402 parts[part] -= c + 1;
3407 case 1: /* positive offset to UTC, ie east of Greenwich */
3408 parts[4] -= parts[7];
3409 parts[5] -= parts[8];
3410 for (part = 6; --part > 0; ) {
3414 /* first arg to % needs to be non negativ */
3415 c = mdays[leapyear][(parts[2] - 1 + 12) % 12];
3417 if (parts[part] < 0) {
3418 parts[part] += c + 1;
3423 case 0: /* already UTC */
3427 return LDAP_SUCCESS;
3434 struct berval **normalized )
3439 rc = check_time_syntax(val, 1, parts);
3440 if (rc != LDAP_SUCCESS) {
3445 out = ch_malloc( sizeof(struct berval) );
3447 return LBER_ERROR_MEMORY;
3450 out->bv_val = ch_malloc( 14 );
3451 if ( out->bv_val == NULL ) {
3453 return LBER_ERROR_MEMORY;
3456 sprintf( out->bv_val, "%02ld%02ld%02ld%02ld%02ld%02ldZ",
3457 parts[1], parts[2] + 1, parts[3] + 1,
3458 parts[4], parts[5], parts[6] );
3462 return LDAP_SUCCESS;
3472 return check_time_syntax(in, 1, parts);
3476 generalizedTimeValidate(
3482 return check_time_syntax(in, 0, parts);
3486 generalizedTimeNormalize(
3489 struct berval **normalized )
3494 rc = check_time_syntax(val, 0, parts);
3495 if (rc != LDAP_SUCCESS) {
3500 out = ch_malloc( sizeof(struct berval) );
3502 return LBER_ERROR_MEMORY;
3505 out->bv_val = ch_malloc( 16 );
3506 if ( out->bv_val == NULL ) {
3508 return LBER_ERROR_MEMORY;
3511 sprintf( out->bv_val, "%02ld%02ld%02ld%02ld%02ld%02ld%02ldZ",
3512 parts[0], parts[1], parts[2] + 1, parts[3] + 1,
3513 parts[4], parts[5], parts[6] );
3517 return LDAP_SUCCESS;
3521 nisNetgroupTripleValidate(
3523 struct berval *val )
3528 if ( val->bv_len == 0 ) {
3529 return LDAP_INVALID_SYNTAX;
3532 p = (char *)val->bv_val;
3533 e = p + val->bv_len;
3536 /* syntax does not allow leading white space */
3537 /* Ignore initial whitespace */
3538 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3543 if ( *p != '(' /*')'*/ ) {
3544 return LDAP_INVALID_SYNTAX;
3547 for ( p++; ( p < e ) && ( *p != ')' ); p++ ) {
3551 return LDAP_INVALID_SYNTAX;
3554 } else if ( !ATTR_CHAR( *p ) ) {
3555 return LDAP_INVALID_SYNTAX;
3559 if ( ( commas != 2 ) || ( *p != /*'('*/ ')' ) ) {
3560 return LDAP_INVALID_SYNTAX;
3566 /* syntax does not allow trailing white space */
3567 /* Ignore trailing whitespace */
3568 while ( ( p < e ) && ASCII_SPACE( *p ) ) {
3574 return LDAP_INVALID_SYNTAX;
3577 return LDAP_SUCCESS;
3581 bootParameterValidate(
3583 struct berval *val )
3587 if ( val->bv_len == 0 ) {
3588 return LDAP_INVALID_SYNTAX;
3591 p = (char *)val->bv_val;
3592 e = p + val->bv_len;
3595 for (; ( p < e ) && ( *p != '=' ); p++ ) {
3596 if ( !ATTR_CHAR( *p ) ) {
3597 return LDAP_INVALID_SYNTAX;
3602 return LDAP_INVALID_SYNTAX;
3606 for ( p++; ( p < e ) && ( *p != ':' ); p++ ) {
3607 if ( !ATTR_CHAR( *p ) ) {
3608 return LDAP_INVALID_SYNTAX;
3613 return LDAP_INVALID_SYNTAX;
3617 for ( p++; p < e; p++ ) {
3618 if ( !ATTR_CHAR( *p ) ) {
3619 return LDAP_INVALID_SYNTAX;
3623 return LDAP_SUCCESS;
3626 struct syntax_defs_rec {
3629 slap_syntax_validate_func *sd_validate;
3630 slap_syntax_transform_func *sd_normalize;
3631 slap_syntax_transform_func *sd_pretty;
3632 #ifdef SLAPD_BINARY_CONVERSION
3633 slap_syntax_transform_func *sd_ber2str;
3634 slap_syntax_transform_func *sd_str2ber;
3638 #define X_HIDE "X-HIDE 'TRUE' "
3639 #define X_BINARY "X-BINARY-TRANSFER-REQUIRED 'TRUE' "
3640 #define X_NOT_H_R "X-NOT-HUMAN-READABLE 'TRUE' "
3642 struct syntax_defs_rec syntax_defs[] = {
3643 {"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' " X_BINARY X_NOT_H_R ")",
3644 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL, NULL},
3645 {"( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' " X_NOT_H_R ")",
3646 0, NULL, NULL, NULL},
3647 {"( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type Description' )",
3648 0, NULL, NULL, NULL},
3649 {"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' " X_NOT_H_R ")",
3650 SLAP_SYNTAX_BLOB, blobValidate, NULL, NULL},
3651 {"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' " X_BINARY X_NOT_H_R ")",
3652 SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3653 {"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )",
3654 0, bitStringValidate, NULL, NULL },
3655 {"( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )",
3656 0, booleanValidate, NULL, NULL},
3657 {"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' "
3658 X_BINARY X_NOT_H_R ")",
3659 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3660 {"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' "
3661 X_BINARY X_NOT_H_R ")",
3662 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3663 {"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' "
3664 X_BINARY X_NOT_H_R ")",
3665 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3666 {"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )",
3667 0, NULL, NULL, NULL},
3668 {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )",
3669 0, dnValidate, dnNormalize, dnPretty},
3670 {"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )",
3671 0, NULL, NULL, NULL},
3672 {"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )",
3673 0, NULL, NULL, NULL},
3674 {"( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )",
3675 0, UTF8StringValidate, UTF8StringNormalize, NULL},
3676 {"( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule Description' )",
3677 0, NULL, NULL, NULL},
3678 {"( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure Rule Description' )",
3679 0, NULL, NULL, NULL},
3680 {"( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )",
3681 0, NULL, NULL, NULL},
3682 {"( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )",
3683 0, NULL, NULL, NULL},
3684 {"( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )",
3685 0, NULL, NULL, NULL},
3686 {"( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )",
3687 0, IA5StringValidate, faxNumberNormalize, NULL},
3688 {"( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' " X_NOT_H_R ")",
3689 SLAP_SYNTAX_BLOB, NULL, NULL, NULL},
3690 {"( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )",
3691 0, generalizedTimeValidate, generalizedTimeNormalize, NULL},
3692 {"( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )",
3693 0, NULL, NULL, NULL},
3694 {"( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )",
3695 0, IA5StringValidate, IA5StringNormalize, NULL},
3696 {"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )",
3697 0, integerValidate, integerNormalize, integerPretty},
3698 {"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' " X_NOT_H_R ")",
3699 SLAP_SYNTAX_BLOB, blobValidate, NULL, NULL},
3700 {"( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Access Points' )",
3701 0, NULL, NULL, NULL},
3702 {"( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Description' )",
3703 0, NULL, NULL, NULL},
3704 {"( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use Description' )",
3705 0, NULL, NULL, NULL},
3706 {"( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' )",
3707 0, NULL, NULL, NULL},
3708 {"( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' )",
3709 0, NULL, NULL, NULL},
3710 {"( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )",
3711 0, nameUIDValidate, nameUIDNormalize, NULL},
3712 {"( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' )",
3713 0, NULL, NULL, NULL},
3714 {"( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )",
3715 0, IA5StringValidate, numericStringNormalize, NULL},
3716 {"( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Description' )",
3717 0, NULL, NULL, NULL},
3718 {"( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )",
3719 0, oidValidate, NULL, NULL},
3720 {"( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )",
3721 0, NULL, NULL, NULL},
3722 {"( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )",
3723 0, blobValidate, NULL, NULL},
3724 {"( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )",
3725 0, blobValidate, NULL, NULL},
3726 {"( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol Information' )",
3727 0, NULL, NULL, NULL},
3728 {"( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation Address' )",
3729 0, NULL, NULL, NULL},
3730 {"( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )",
3731 0, printableStringValidate, NULL, NULL},
3732 {"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' "
3733 X_BINARY X_NOT_H_R ")",
3734 SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
3735 {"( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )",
3736 0, IA5StringValidate, phoneNumberNormalize, NULL},
3737 {"( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )",
3738 0, NULL, NULL, NULL},
3739 {"( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )",
3740 0, IA5StringValidate, telexNumberNormalize, NULL},
3741 {"( 1.3.6.1.4.1.1466.115.121.1.53 DESC 'UTC Time' )",
3742 0, utcTimeValidate, utcTimeNormalize, NULL},
3743 {"( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax Description' )",
3744 0, NULL, NULL, NULL},
3745 {"( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )",
3746 0, NULL, NULL, NULL},
3747 {"( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema Definition' )",
3748 0, NULL, NULL, NULL},
3749 {"( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema Description' )",
3750 0, NULL, NULL, NULL},
3751 {"( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring Assertion' )",
3752 0, NULL, NULL, NULL},
3754 /* RFC 2307 NIS Syntaxes */
3755 {"( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )",
3756 0, nisNetgroupTripleValidate, NULL, NULL},
3757 {"( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )",
3758 0, bootParameterValidate, NULL, NULL},
3760 /* OpenLDAP Experimental Syntaxes */
3761 {"( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental ACI' )",
3762 0, IA5StringValidate /* THIS WILL CHANGE FOR NEW ACI SYNTAX */,
3764 {"( 1.3.6.1.4.1.4203.666.2.2 DESC 'OpenLDAP authPassword' )",
3765 0, NULL, NULL, NULL},
3767 /* OpenLDAP Void Syntax */
3768 {"( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' " X_HIDE ")" ,
3769 SLAP_SYNTAX_HIDE, inValidate, NULL, NULL},
3770 {NULL, 0, NULL, NULL, NULL}
3773 struct mrule_defs_rec {
3775 slap_mask_t mrd_usage;
3776 slap_mr_convert_func * mrd_convert;
3777 slap_mr_normalize_func * mrd_normalize;
3778 slap_mr_match_func * mrd_match;
3779 slap_mr_indexer_func * mrd_indexer;
3780 slap_mr_filter_func * mrd_filter;
3782 char * mrd_associated;
3786 * Other matching rules in X.520 that we do not use (yet):
3788 * 2.5.13.9 numericStringOrderingMatch
3789 * 2.5.13.15 integerOrderingMatch
3790 * 2.5.13.18 octetStringOrderingMatch
3791 * 2.5.13.19 octetStringSubstringsMatch
3792 * 2.5.13.25 uTCTimeMatch
3793 * 2.5.13.26 uTCTimeOrderingMatch
3794 * 2.5.13.31 directoryStringFirstComponentMatch
3795 * 2.5.13.32 wordMatch
3796 * 2.5.13.33 keywordMatch
3797 * 2.5.13.34 certificateExactMatch
3798 * 2.5.13.35 certificateMatch
3799 * 2.5.13.36 certificatePairExactMatch
3800 * 2.5.13.37 certificatePairMatch
3801 * 2.5.13.38 certificateListExactMatch
3802 * 2.5.13.39 certificateListMatch
3803 * 2.5.13.40 algorithmIdentifierMatch
3804 * 2.5.13.41 storedPrefixMatch
3805 * 2.5.13.42 attributeCertificateMatch
3806 * 2.5.13.43 readerAndKeyIDMatch
3807 * 2.5.13.44 attributeIntegrityMatch
3810 struct mrule_defs_rec mrule_defs[] = {
3812 * EQUALITY matching rules must be listed after associated APPROX
3813 * matching rules. So, we list all APPROX matching rules first.
3815 {"( " directoryStringApproxMatchOID " NAME 'directoryStringApproxMatch' "
3816 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3817 SLAP_MR_EQUALITY_APPROX | SLAP_MR_EXT,
3819 directoryStringApproxMatch, NULL, NULL,
3822 {"( " IA5StringApproxMatchOID " NAME 'IA5StringApproxMatch' "
3823 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
3824 SLAP_MR_EQUALITY_APPROX | SLAP_MR_EXT,
3826 IA5StringApproxMatch, NULL, NULL,
3830 * Other matching rules
3833 {"( 2.5.13.0 NAME 'objectIdentifierMatch' "
3834 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )",
3835 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3837 objectIdentifierMatch, caseIgnoreIA5Indexer, caseIgnoreIA5Filter,
3840 {"( 2.5.13.1 NAME 'distinguishedNameMatch' "
3841 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
3842 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3844 dnMatch, dnIndexer, dnFilter,
3847 {"( 2.5.13.2 NAME 'caseIgnoreMatch' "
3848 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3849 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3851 caseIgnoreMatch, caseIgnoreIndexer, caseIgnoreFilter,
3852 directoryStringApproxMatchOID },
3854 {"( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' "
3855 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3858 caseIgnoreOrderingMatch, NULL, NULL,
3861 {"( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' "
3862 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3863 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3865 caseIgnoreSubstringsMatch,
3866 caseIgnoreSubstringsIndexer,
3867 caseIgnoreSubstringsFilter,
3870 {"( 2.5.13.5 NAME 'caseExactMatch' "
3871 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3872 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3874 caseExactMatch, caseExactIndexer, caseExactFilter,
3875 directoryStringApproxMatchOID },
3877 {"( 2.5.13.6 NAME 'caseExactOrderingMatch' "
3878 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
3881 caseExactOrderingMatch, NULL, NULL,
3884 {"( 2.5.13.7 NAME 'caseExactSubstringsMatch' "
3885 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3886 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3888 caseExactSubstringsMatch,
3889 caseExactSubstringsIndexer,
3890 caseExactSubstringsFilter,
3893 {"( 2.5.13.8 NAME 'numericStringMatch' "
3894 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )",
3895 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3897 caseIgnoreIA5Match, NULL, NULL,
3900 {"( 2.5.13.10 NAME 'numericStringSubstringsMatch' "
3901 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3902 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3904 caseIgnoreIA5SubstringsMatch,
3905 caseIgnoreIA5SubstringsIndexer,
3906 caseIgnoreIA5SubstringsFilter,
3909 {"( 2.5.13.11 NAME 'caseIgnoreListMatch' "
3910 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )",
3911 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3913 caseIgnoreListMatch, NULL, NULL,
3916 {"( 2.5.13.12 NAME 'caseIgnoreListSubstringsMatch' "
3917 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3918 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3920 caseIgnoreListSubstringsMatch, NULL, NULL,
3923 {"( 2.5.13.13 NAME 'booleanMatch' "
3924 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )",
3925 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3927 booleanMatch, NULL, NULL,
3930 {"( 2.5.13.14 NAME 'integerMatch' "
3931 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
3932 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3934 integerMatch, integerIndexer, integerFilter,
3937 {"( 2.5.13.16 NAME 'bitStringMatch' "
3938 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )",
3939 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3941 bitStringMatch, NULL, NULL,
3944 {"( 2.5.13.17 NAME 'octetStringMatch' "
3945 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
3946 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3948 octetStringMatch, octetStringIndexer, octetStringFilter,
3951 {"( 2.5.13.20 NAME 'telephoneNumberMatch' "
3952 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )",
3953 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3955 telephoneNumberMatch, NULL, NULL,
3958 {"( 2.5.13.21 NAME 'telephoneNumberSubstringsMatch' "
3959 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
3960 SLAP_MR_SUBSTR | SLAP_MR_EXT,
3962 telephoneNumberSubstringsMatch, NULL, NULL,
3965 {"( 2.5.13.22 NAME 'presentationAddressMatch' "
3966 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 )",
3967 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3969 presentationAddressMatch, NULL, NULL,
3972 {"( 2.5.13.23 NAME 'uniqueMemberMatch' "
3973 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )",
3974 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3976 uniqueMemberMatch, NULL, NULL,
3979 {"( 2.5.13.24 NAME 'protocolInformationMatch' "
3980 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )",
3981 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3983 protocolInformationMatch, NULL, NULL,
3986 {"( 2.5.13.27 NAME 'generalizedTimeMatch' "
3987 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )",
3988 SLAP_MR_EQUALITY | SLAP_MR_EXT,
3990 generalizedTimeMatch, NULL, NULL,
3993 {"( 2.5.13.28 NAME 'generalizedTimeOrderingMatch' "
3994 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )",
3997 generalizedTimeOrderingMatch, NULL, NULL,
4000 {"( 2.5.13.29 NAME 'integerFirstComponentMatch' "
4001 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
4002 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4004 integerFirstComponentMatch, NULL, NULL,
4007 {"( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' "
4008 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )",
4009 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4011 objectIdentifierFirstComponentMatch, NULL, NULL,
4014 {"( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' "
4015 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4016 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4018 caseExactIA5Match, caseExactIA5Indexer, caseExactIA5Filter,
4019 IA5StringApproxMatchOID },
4021 {"( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' "
4022 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4023 SLAP_MR_EQUALITY | SLAP_MR_EXT,
4025 caseIgnoreIA5Match, caseExactIA5Indexer, caseExactIA5Filter,
4026 IA5StringApproxMatchOID },
4028 {"( 1.3.6.1.4.1.1466.109.114.3 NAME 'caseIgnoreIA5SubstringsMatch' "
4029 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4032 caseIgnoreIA5SubstringsMatch,
4033 caseIgnoreIA5SubstringsIndexer,
4034 caseIgnoreIA5SubstringsFilter,
4037 {"( 1.3.6.1.4.1.4203.1.2.1 NAME 'caseExactIA5SubstringsMatch' "
4038 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
4041 caseExactIA5SubstringsMatch,
4042 caseExactIA5SubstringsIndexer,
4043 caseExactIA5SubstringsFilter,
4046 {"( 1.3.6.1.4.1.4203.666.4.1 NAME 'authPasswordMatch' "
4047 "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
4050 authPasswordMatch, NULL, NULL,
4053 {"( 1.3.6.1.4.1.4203.666.4.2 NAME 'OpenLDAPaciMatch' "
4054 "SYNTAX 1.3.6.1.4.1.4203.666.2.1 )",
4057 OpenLDAPaciMatch, NULL, NULL,
4060 {NULL, SLAP_MR_NONE, NULL, NULL, NULL, NULL}
4069 /* we should only be called once (from main) */
4070 assert( schema_init_done == 0 );
4072 for ( i=0; syntax_defs[i].sd_desc != NULL; i++ ) {
4073 res = register_syntax( syntax_defs[i].sd_desc,
4074 syntax_defs[i].sd_flags,
4075 syntax_defs[i].sd_validate,
4076 syntax_defs[i].sd_normalize,
4077 syntax_defs[i].sd_pretty
4078 #ifdef SLAPD_BINARY_CONVERSION
4080 syntax_defs[i].sd_ber2str,
4081 syntax_defs[i].sd_str2ber
4086 fprintf( stderr, "schema_init: Error registering syntax %s\n",
4087 syntax_defs[i].sd_desc );
4092 for ( i=0; mrule_defs[i].mrd_desc != NULL; i++ ) {
4093 if( mrule_defs[i].mrd_usage == SLAP_MR_NONE ) {
4095 "schema_init: Ingoring unusable matching rule %s\n",
4096 mrule_defs[i].mrd_desc );
4100 res = register_matching_rule(
4101 mrule_defs[i].mrd_desc,
4102 mrule_defs[i].mrd_usage,
4103 mrule_defs[i].mrd_convert,
4104 mrule_defs[i].mrd_normalize,
4105 mrule_defs[i].mrd_match,
4106 mrule_defs[i].mrd_indexer,
4107 mrule_defs[i].mrd_filter,
4108 mrule_defs[i].mrd_associated );
4112 "schema_init: Error registering matching rule %s\n",
4113 mrule_defs[i].mrd_desc );
4117 schema_init_done = 1;
4118 return LDAP_SUCCESS;