+ filter_escape_value_x( &f->f_av_value, &tmp, op->o_tmpmemctx );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(=)") - 1 );
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ break;
+
+ case LDAP_FILTER_GE:
+ filter_escape_value_x( &f->f_av_value, &tmp, op->o_tmpmemctx );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(>=)") - 1 );
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s>=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ break;
+
+ case LDAP_FILTER_LE:
+ filter_escape_value_x( &f->f_av_value, &tmp, op->o_tmpmemctx );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(<=)") - 1 );
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s<=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ break;
+
+ case LDAP_FILTER_APPROX:
+ filter_escape_value_x( &f->f_av_value, &tmp, op->o_tmpmemctx );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(~=)") - 1 );
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s~=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ break;
+
+ case LDAP_FILTER_SUBSTRINGS:
+ fstr->bv_len = f->f_sub_desc->ad_cname.bv_len +
+ ( sizeof("(=*)") - 1 );
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
+ f->f_sub_desc->ad_cname.bv_val );
+
+ if ( f->f_sub_initial.bv_val != NULL ) {
+ len = fstr->bv_len;
+
+ filter_escape_value_x( &f->f_sub_initial, &tmp, op->o_tmpmemctx );
+
+ fstr->bv_len += tmp.bv_len;
+ fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( &fstr->bv_val[len-2], tmp.bv_len+3,
+ /* "(attr=" */ "%s*)",
+ tmp.bv_val );
+
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ }
+
+ if ( f->f_sub_any != NULL ) {
+ for ( i = 0; f->f_sub_any[i].bv_val != NULL; i++ ) {
+ len = fstr->bv_len;
+ filter_escape_value_x( &f->f_sub_any[i], &tmp, op->o_tmpmemctx );
+
+ fstr->bv_len += tmp.bv_len + 1;
+ fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( &fstr->bv_val[len-1], tmp.bv_len+3,
+ /* "(attr=[init]*[any*]" */ "%s*)",
+ tmp.bv_val );
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ }
+ }
+
+ if ( f->f_sub_final.bv_val != NULL ) {
+ len = fstr->bv_len;
+
+ filter_escape_value_x( &f->f_sub_final, &tmp, op->o_tmpmemctx );
+
+ fstr->bv_len += tmp.bv_len;
+ fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( &fstr->bv_val[len-1], tmp.bv_len+3,
+ /* "(attr=[init*][any*]" */ "%s)",
+ tmp.bv_val );
+
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ }
+
+ break;
+
+ case LDAP_FILTER_PRESENT:
+ fstr->bv_len = f->f_desc->ad_cname.bv_len +
+ ( sizeof("(=*)") - 1 );
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
+ f->f_desc->ad_cname.bv_val );
+ break;
+
+ case LDAP_FILTER_AND:
+ case LDAP_FILTER_OR:
+ case LDAP_FILTER_NOT:
+ fstr->bv_len = sizeof("(%)") - 1;
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%c)",
+ f->f_choice == LDAP_FILTER_AND ? '&' :
+ f->f_choice == LDAP_FILTER_OR ? '|' : '!' );
+
+ for ( p = f->f_list; p != NULL; p = p->f_next ) {
+ len = fstr->bv_len;
+
+ filter2bv_x( op, p, &tmp );
+
+ fstr->bv_len += tmp.bv_len;
+ fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( &fstr->bv_val[len-1], tmp.bv_len + 2,
+ /*"("*/ "%s)", tmp.bv_val );
+
+ op->o_tmpfree( tmp.bv_val, op->o_tmpmemctx );
+ }
+
+ break;
+
+ case LDAP_FILTER_EXT: {
+ struct berval ad;
+ filter_escape_value_x( &f->f_mr_value, &tmp, op->o_tmpmemctx );
+
+ if ( f->f_mr_desc ) {
+ ad = f->f_mr_desc->ad_cname;
+ } else {
+ ad.bv_len = 0;
+ ad.bv_val = "";
+ }
+
+ fstr->bv_len = ad.bv_len +
+ ( f->f_mr_dnattrs ? sizeof(":dn")-1 : 0 ) +
+ ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len+1 : 0 ) +
+ tmp.bv_len + ( sizeof("(:=)") - 1 );
+ fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)",
+ ad.bv_val,
+ f->f_mr_dnattrs ? ":dn" : "",
+ f->f_mr_rule_text.bv_len ? ":" : "",
+ f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_val : "",
+ tmp.bv_val );
+ ber_memfree_x( tmp.bv_val, op->o_tmpmemctx );
+ } break;
+
+ case SLAPD_FILTER_COMPUTED:
+ ber_str2bv_x(
+ f->f_result == LDAP_COMPARE_FALSE ? "(?=false)" :
+ f->f_result == LDAP_COMPARE_TRUE ? "(?=true)" :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? "(?=undefined)" :
+ "(?=error)",
+ f->f_result == LDAP_COMPARE_FALSE ? sizeof("(?=false)")-1 :
+ f->f_result == LDAP_COMPARE_TRUE ? sizeof("(?=true)")-1 :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? sizeof("(?=undefined)")-1 :
+ sizeof("(?=error)")-1,
+ 1, fstr, op->o_tmpmemctx );
+ break;
+
+ default:
+ ber_str2bv_x( "(?=unknown)", sizeof("(?=unknown)")-1,
+ 1, fstr, op->o_tmpmemctx );
+ break;
+ }
+}
+
+void
+filter2bv( Filter *f, struct berval *fstr )
+{
+ Operation op;
+ op.o_tmpmemctx = NULL;
+ op.o_tmpmfuncs = &ch_mfuncs;
+
+ filter2bv_x( &op, f, fstr );
+}
+
+int
+filter_escape_value_x(
+ struct berval *in,
+ struct berval *out,
+ void *ctx )
+{
+ ber_len_t i;
+ assert( in );
+ assert( out );
+
+ i = in->bv_len * 3 + 1;
+ out->bv_val = ctx ? sl_malloc( i, ctx ) : ch_malloc( i );
+ out->bv_len = 0;
+
+ for( i=0; i < in->bv_len ; i++ ) {
+ if( FILTER_ESCAPE(in->bv_val[i]) ) {
+ out->bv_val[out->bv_len++] = SLAP_ESCAPE_CHAR;
+ out->bv_val[out->bv_len++] = SLAP_ESCAPE_HI( in->bv_val[i] );
+ out->bv_val[out->bv_len++] = SLAP_ESCAPE_LO( in->bv_val[i] );
+ } else {
+ out->bv_val[out->bv_len++] = in->bv_val[i];
+ }
+ }
+
+ out->bv_val[out->bv_len] = '\0';
+ return LDAP_SUCCESS;
+}
+
+int
+filter_escape_value(
+ struct berval *in,
+ struct berval *out )
+{
+ return filter_escape_value_x( in, out, NULL );
+}
+
+static int
+get_simple_vrFilter(
+ Operation *op,
+ BerElement *ber,
+ ValuesReturnFilter **filt,
+ const char **text )
+{
+ ber_tag_t tag;
+ ber_len_t len;
+ int err;
+ ValuesReturnFilter vrf;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG( FILTER, ENTRY,
+ "get_simple_vrFilter: conn %d\n", op->o_connid, 0, 0 );