+void
+ldap_contentrule_free(LDAPContentRule * cr)
+{
+ if (!cr) return;
+ LDAP_FREE(cr->cr_oid);
+ if (cr->cr_names) LDAP_VFREE(cr->cr_names);
+ if (cr->cr_desc) LDAP_FREE(cr->cr_desc);
+ if (cr->cr_oc_oids_aux) LDAP_VFREE(cr->cr_oc_oids_aux);
+ if (cr->cr_at_oids_must) LDAP_VFREE(cr->cr_at_oids_must);
+ if (cr->cr_at_oids_may) LDAP_VFREE(cr->cr_at_oids_may);
+ if (cr->cr_at_oids_not) LDAP_VFREE(cr->cr_at_oids_not);
+ free_extensions(cr->cr_extensions);
+ LDAP_FREE(cr);
+}
+
+LDAPContentRule *
+ldap_str2contentrule( LDAP_CONST char * s,
+ int * code,
+ LDAP_CONST char ** errp,
+ LDAP_CONST unsigned flags )
+{
+ tk_t kind;
+ const char * ss = s;
+ char * sval;
+ int seen_name = 0;
+ int seen_desc = 0;
+ int seen_obsolete = 0;
+ int seen_aux = 0;
+ int seen_must = 0;
+ int seen_may = 0;
+ int seen_not = 0;
+ LDAPContentRule * cr;
+ char ** ext_vals;
+ const char * savepos;
+
+ if ( !s ) {
+ *code = LDAP_SCHERR_EMPTY;
+ *errp = "";
+ return NULL;
+ }
+
+ *errp = s;
+ cr = LDAP_CALLOC(1,sizeof(LDAPContentRule));
+
+ if ( !cr ) {
+ *code = LDAP_SCHERR_OUTOFMEM;
+ return NULL;
+ }
+
+ kind = get_token(&ss,&sval);
+ if ( kind != TK_LEFTPAREN ) {
+ *code = LDAP_SCHERR_NOLEFTPAREN;
+ LDAP_FREE(sval);
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+
+ /*
+ * Definitions MUST begin with an OID in the numericoid format.
+ */
+ parse_whsp(&ss);
+ savepos = ss;
+ cr->cr_oid = ldap_int_parse_numericoid(&ss,code,0);
+ if ( !cr->cr_oid ) {
+ if ( (flags & LDAP_SCHEMA_ALLOW_ALL) && (ss == savepos) ) {
+ /* Backtracking */
+ ss = savepos;
+ kind = get_token(&ss,&sval);
+ if ( kind == TK_BAREWORD ) {
+ if ( !strcasecmp(sval, "NAME") ||
+ !strcasecmp(sval, "DESC") ||
+ !strcasecmp(sval, "OBSOLETE") ||
+ !strcasecmp(sval, "AUX") ||
+ !strcasecmp(sval, "MUST") ||
+ !strcasecmp(sval, "MAY") ||
+ !strcasecmp(sval, "NOT") ||
+ !strncasecmp(sval, "X-", 2) ) {
+ /* Missing OID, backtrack */
+ ss = savepos;
+ } else if ( flags &
+ LDAP_SCHEMA_ALLOW_OID_MACRO ) {
+ /* Non-numerical OID, ignore */
+ int len = ss-savepos;
+ cr->cr_oid = LDAP_MALLOC(len+1);
+ strncpy(cr->cr_oid, savepos, len);
+ cr->cr_oid[len] = 0;
+ }
+ }
+ LDAP_FREE(sval);
+ } else {
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ }
+ parse_whsp(&ss);
+
+ /*
+ * Beyond this point we will be liberal an accept the items
+ * in any order.
+ */
+ while (1) {
+ kind = get_token(&ss,&sval);
+ switch (kind) {
+ case TK_EOS:
+ *code = LDAP_SCHERR_NORIGHTPAREN;
+ *errp = EndOfInput;
+ ldap_contentrule_free(cr);
+ return NULL;
+ case TK_RIGHTPAREN:
+ return cr;
+ case TK_BAREWORD:
+ if ( !strcasecmp(sval,"NAME") ) {
+ LDAP_FREE(sval);
+ if ( seen_name ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return(NULL);
+ }
+ seen_name = 1;
+ cr->cr_names = parse_qdescrs(&ss,code);
+ if ( !cr->cr_names ) {
+ if ( *code != LDAP_SCHERR_OUTOFMEM )
+ *code = LDAP_SCHERR_BADNAME;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ } else if ( !strcasecmp(sval,"DESC") ) {
+ LDAP_FREE(sval);
+ if ( seen_desc ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return(NULL);
+ }
+ seen_desc = 1;
+ parse_whsp(&ss);
+ kind = get_token(&ss,&sval);
+ if ( kind != TK_QDSTRING ) {
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ cr->cr_desc = sval;
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"OBSOLETE") ) {
+ LDAP_FREE(sval);
+ if ( seen_obsolete ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return(NULL);
+ }
+ seen_obsolete = 1;
+ cr->cr_obsolete = LDAP_SCHEMA_YES;
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"AUX") ) {
+ LDAP_FREE(sval);
+ if ( seen_aux ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return(NULL);
+ }
+ seen_aux = 1;
+ cr->cr_oc_oids_aux = parse_oids(&ss,code,0);
+ if ( !cr->cr_oc_oids_aux ) {
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"MUST") ) {
+ LDAP_FREE(sval);
+ if ( seen_must ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return(NULL);
+ }
+ seen_must = 1;
+ cr->cr_at_oids_must = parse_oids(&ss,code,0);
+ if ( !cr->cr_at_oids_must && *code != LDAP_SUCCESS ) {
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"MAY") ) {
+ LDAP_FREE(sval);
+ if ( seen_may ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return(NULL);
+ }
+ seen_may = 1;
+ cr->cr_at_oids_may = parse_oids(&ss,code,0);
+ if ( !cr->cr_at_oids_may && *code != LDAP_SUCCESS ) {
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"NOT") ) {
+ LDAP_FREE(sval);
+ if ( seen_not ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return(NULL);
+ }
+ seen_not = 1;
+ cr->cr_at_oids_not = parse_oids(&ss,code,0);
+ if ( !cr->cr_at_oids_not && *code != LDAP_SUCCESS ) {
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ parse_whsp(&ss);
+ } else if ( sval[0] == 'X' && sval[1] == '-' ) {
+ /* Should be parse_qdstrings */
+ ext_vals = parse_qdescrs(&ss, code);
+ if ( !ext_vals ) {
+ *errp = ss;
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ if ( add_extension(&cr->cr_extensions,
+ sval, ext_vals) ) {
+ *code = LDAP_SCHERR_OUTOFMEM;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ } else {
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ break;
+ default:
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_contentrule_free(cr);
+ return NULL;
+ }
+ }
+}
+
+void
+ldap_structurerule_free(LDAPStructureRule * sr)
+{
+ if (!sr) return;
+ if (sr->sr_names) LDAP_VFREE(sr->sr_names);
+ if (sr->sr_desc) LDAP_FREE(sr->sr_desc);
+ if (sr->sr_nameform) LDAP_FREE(sr->sr_nameform);
+ if (sr->sr_sup_ruleids) LDAP_FREE(sr->sr_sup_ruleids);
+ free_extensions(sr->sr_extensions);
+ LDAP_FREE(sr);
+}
+
+LDAPStructureRule *
+ldap_str2structurerule( LDAP_CONST char * s,
+ int * code,
+ LDAP_CONST char ** errp,
+ LDAP_CONST unsigned flags )
+{
+ tk_t kind;
+ int ret;
+ const char * ss = s;
+ char * sval;
+ int seen_name = 0;
+ int seen_desc = 0;
+ int seen_obsolete = 0;
+ int seen_nameform = 0;
+ LDAPStructureRule * sr;
+ char ** ext_vals;
+ const char * savepos;
+
+ if ( !s ) {
+ *code = LDAP_SCHERR_EMPTY;
+ *errp = "";
+ return NULL;
+ }
+
+ *errp = s;
+ sr = LDAP_CALLOC(1,sizeof(LDAPStructureRule));
+
+ if ( !sr ) {
+ *code = LDAP_SCHERR_OUTOFMEM;
+ return NULL;
+ }
+
+ kind = get_token(&ss,&sval);
+ if ( kind != TK_LEFTPAREN ) {
+ *code = LDAP_SCHERR_NOLEFTPAREN;
+ LDAP_FREE(sval);
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+
+ /*
+ * Definitions MUST begin with a ruleid.
+ */
+ parse_whsp(&ss);
+ savepos = ss;
+ ret = ldap_int_parse_ruleid(&ss,code,0,&sr->sr_ruleid);
+ if ( ret ) {
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ parse_whsp(&ss);
+
+ /*
+ * Beyond this point we will be liberal an accept the items
+ * in any order.
+ */
+ while (1) {
+ kind = get_token(&ss,&sval);
+ switch (kind) {
+ case TK_EOS:
+ *code = LDAP_SCHERR_NORIGHTPAREN;
+ *errp = EndOfInput;
+ ldap_structurerule_free(sr);
+ return NULL;
+ case TK_RIGHTPAREN:
+ if( !seen_nameform ) {
+ *code = LDAP_SCHERR_MISSING;
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ return sr;
+ case TK_BAREWORD:
+ if ( !strcasecmp(sval,"NAME") ) {
+ LDAP_FREE(sval);
+ if ( seen_name ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return(NULL);
+ }
+ seen_name = 1;
+ sr->sr_names = parse_qdescrs(&ss,code);
+ if ( !sr->sr_names ) {
+ if ( *code != LDAP_SCHERR_OUTOFMEM )
+ *code = LDAP_SCHERR_BADNAME;
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ } else if ( !strcasecmp(sval,"DESC") ) {
+ LDAP_FREE(sval);
+ if ( seen_desc ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return(NULL);
+ }
+ seen_desc = 1;
+ parse_whsp(&ss);
+ kind = get_token(&ss,&sval);
+ if ( kind != TK_QDSTRING ) {
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ sr->sr_desc = sval;
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"OBSOLETE") ) {
+ LDAP_FREE(sval);
+ if ( seen_obsolete ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return(NULL);
+ }
+ seen_obsolete = 1;
+ sr->sr_obsolete = LDAP_SCHEMA_YES;
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"FORM") ) {
+ LDAP_FREE(sval);
+ if ( seen_nameform ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return(NULL);
+ }
+ seen_nameform = 1;
+ sr->sr_nameform = parse_woid(&ss,code);
+ if ( !sr->sr_nameform ) {
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ parse_whsp(&ss);
+ } else if ( sval[0] == 'X' && sval[1] == '-' ) {
+ /* Should be parse_qdstrings */
+ ext_vals = parse_qdescrs(&ss, code);
+ if ( !ext_vals ) {
+ *errp = ss;
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ if ( add_extension(&sr->sr_extensions,
+ sval, ext_vals) ) {
+ *code = LDAP_SCHERR_OUTOFMEM;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ } else {
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ break;
+ default:
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_structurerule_free(sr);
+ return NULL;
+ }
+ }
+}
+
+void
+ldap_nameform_free(LDAPNameForm * nf)
+{
+ if (!nf) return;
+ LDAP_FREE(nf->nf_oid);
+ if (nf->nf_names) LDAP_VFREE(nf->nf_names);
+ if (nf->nf_desc) LDAP_FREE(nf->nf_desc);
+ if (nf->nf_objectclass) LDAP_FREE(nf->nf_objectclass);
+ if (nf->nf_at_oids_must) LDAP_VFREE(nf->nf_at_oids_must);
+ if (nf->nf_at_oids_may) LDAP_VFREE(nf->nf_at_oids_may);
+ free_extensions(nf->nf_extensions);
+ LDAP_FREE(nf);
+}
+
+LDAPNameForm *
+ldap_str2nameform( LDAP_CONST char * s,
+ int * code,
+ LDAP_CONST char ** errp,
+ LDAP_CONST unsigned flags )
+{
+ tk_t kind;
+ const char * ss = s;
+ char * sval;
+ int seen_name = 0;
+ int seen_desc = 0;
+ int seen_obsolete = 0;
+ int seen_class = 0;
+ int seen_must = 0;
+ int seen_may = 0;
+ LDAPNameForm * nf;
+ char ** ext_vals;
+ const char * savepos;
+
+ if ( !s ) {
+ *code = LDAP_SCHERR_EMPTY;
+ *errp = "";
+ return NULL;
+ }
+
+ *errp = s;
+ nf = LDAP_CALLOC(1,sizeof(LDAPNameForm));
+
+ if ( !nf ) {
+ *code = LDAP_SCHERR_OUTOFMEM;
+ return NULL;
+ }
+
+ kind = get_token(&ss,&sval);
+ if ( kind != TK_LEFTPAREN ) {
+ *code = LDAP_SCHERR_NOLEFTPAREN;
+ LDAP_FREE(sval);
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+
+ /*
+ * Definitions MUST begin with an OID in the numericoid format.
+ * However, this routine is used by clients to parse the response
+ * from servers and very well known servers will provide an OID
+ * in the wrong format or even no OID at all. We do our best to
+ * extract info from those servers.
+ */
+ parse_whsp(&ss);
+ savepos = ss;
+ nf->nf_oid = ldap_int_parse_numericoid(&ss,code,0);
+ if ( !nf->nf_oid ) {
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ parse_whsp(&ss);
+
+ /*
+ * Beyond this point we will be liberal an accept the items
+ * in any order.
+ */
+ while (1) {
+ kind = get_token(&ss,&sval);
+ switch (kind) {
+ case TK_EOS:
+ *code = LDAP_SCHERR_NORIGHTPAREN;
+ *errp = EndOfInput;
+ ldap_nameform_free(nf);
+ return NULL;
+ case TK_RIGHTPAREN:
+ if( !seen_class || !seen_must ) {
+ *code = LDAP_SCHERR_MISSING;
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ return nf;
+ case TK_BAREWORD:
+ if ( !strcasecmp(sval,"NAME") ) {
+ LDAP_FREE(sval);
+ if ( seen_name ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return(NULL);
+ }
+ seen_name = 1;
+ nf->nf_names = parse_qdescrs(&ss,code);
+ if ( !nf->nf_names ) {
+ if ( *code != LDAP_SCHERR_OUTOFMEM )
+ *code = LDAP_SCHERR_BADNAME;
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ } else if ( !strcasecmp(sval,"DESC") ) {
+ LDAP_FREE(sval);
+ if ( seen_desc ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return(NULL);
+ }
+ seen_desc = 1;
+ parse_whsp(&ss);
+ kind = get_token(&ss,&sval);
+ if ( kind != TK_QDSTRING ) {
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ nf->nf_desc = sval;
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"OBSOLETE") ) {
+ LDAP_FREE(sval);
+ if ( seen_obsolete ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return(NULL);
+ }
+ seen_obsolete = 1;
+ nf->nf_obsolete = LDAP_SCHEMA_YES;
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"OC") ) {
+ LDAP_FREE(sval);
+ if ( seen_class ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return(NULL);
+ }
+ seen_class = 1;
+ nf->nf_objectclass = parse_woid(&ss,code);
+ if ( !nf->nf_objectclass ) {
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ } else if ( !strcasecmp(sval,"MUST") ) {
+ LDAP_FREE(sval);
+ if ( seen_must ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return(NULL);
+ }
+ seen_must = 1;
+ nf->nf_at_oids_must = parse_oids(&ss,code,0);
+ if ( !nf->nf_at_oids_must && *code != LDAP_SUCCESS ) {
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ parse_whsp(&ss);
+ } else if ( !strcasecmp(sval,"MAY") ) {
+ LDAP_FREE(sval);
+ if ( seen_may ) {
+ *code = LDAP_SCHERR_DUPOPT;
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return(NULL);
+ }
+ seen_may = 1;
+ nf->nf_at_oids_may = parse_oids(&ss,code,0);
+ if ( !nf->nf_at_oids_may && *code != LDAP_SUCCESS ) {
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ parse_whsp(&ss);
+ } else if ( sval[0] == 'X' && sval[1] == '-' ) {
+ /* Should be parse_qdstrings */
+ ext_vals = parse_qdescrs(&ss, code);
+ if ( !ext_vals ) {
+ *errp = ss;
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ if ( add_extension(&nf->nf_extensions,
+ sval, ext_vals) ) {
+ *code = LDAP_SCHERR_OUTOFMEM;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ } else {
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ break;
+ default:
+ *code = LDAP_SCHERR_UNEXPTOKEN;
+ *errp = ss;
+ LDAP_FREE(sval);
+ ldap_nameform_free(nf);
+ return NULL;
+ }
+ }
+}
+