+ rc = (mr->smr_syntax->ssyn_validate)( mr->smr_syntax, in );
+
+ if( rc != LDAP_SUCCESS ) {
+ *text = "value is invalid";
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ /* we only support equality matching of binary attributes */
+ /* This is suspect, flexible certificate matching will hit this */
+ if( slap_ad_is_binary( ad ) && usage != SLAP_MR_EQUALITY ) {
+ *text = "inappropriate binary matching";
+ return LDAP_INAPPROPRIATE_MATCHING;
+ }
+
+ if( mr->smr_normalize ) {
+ rc = (mr->smr_normalize)( usage,
+ ad->ad_type->sat_syntax,
+ mr, in, out );
+
+ if( rc != LDAP_SUCCESS ) {
+ *text = "unable to normalize value";
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ } else if ( mr->smr_syntax->ssyn_normalize ) {
+ rc = (mr->smr_syntax->ssyn_normalize)(
+ ad->ad_type->sat_syntax,
+ in, out );
+
+ if( rc != LDAP_SUCCESS ) {
+ *text = "unable to normalize value";
+ return LDAP_INVALID_SYNTAX;