/* $OpenLDAP$ */
/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
/* Portions
#include <stdio.h>
#include <ac/stdlib.h>
-
-#include <ac/ctype.h>
#include <ac/socket.h>
#include <ac/string.h>
#include <ac/time.h>
#include "ldap-int.h"
+#include "ldap_schema.h"
-#define NAME_TYPE_LDAP_RDN 0
-#define NAME_TYPE_LDAP_DN 1
-#define NAME_TYPE_DCE_DN 2
-
-static char **explode_name( const char *name, int notypes, int is_type );
-static char *dn2dn( const char *dnin, unsigned fin, unsigned fout );
-
-/* from libraries/libldap/schema.c */
-extern char * parse_numericoid(const char **sp, int *code, const int flags);
+/* extension to UFN that turns trailing "dc=value" rdns in DNS style,
+ * e.g. "ou=People,dc=openldap,dc=org" => "People, openldap.org" */
+#define DC_IN_UFN
+/* #define PRETTY_ESCAPE */
/* parsing/printing routines */
-static int str2strval( const char *str, struct berval **val,
+static int str2strval( const char *str, struct berval *val,
const char **next, unsigned flags, unsigned *retFlags );
-static int DCE2strval( const char *str, struct berval **val,
+static int DCE2strval( const char *str, struct berval *val,
const char **next, unsigned flags );
-static int IA52strval( const char *str, struct berval **val,
+static int IA52strval( const char *str, struct berval *val,
const char **next, unsigned flags );
-static int quotedIA52strval( const char *str, struct berval **val,
+static int quotedIA52strval( const char *str, struct berval *val,
const char **next, unsigned flags );
-static int hexstr2binval( const char *str, struct berval **val,
+static int hexstr2binval( const char *str, struct berval *val,
const char **next, unsigned flags );
static int hexstr2bin( const char *str, char *c );
static int byte2hexpair( const char *val, char *pair );
static int binval2hexstr( struct berval *val, char *str );
-static ber_len_t strval2strlen( struct berval *val, unsigned flags );
+static int strval2strlen( struct berval *val, unsigned flags,
+ ber_len_t *len );
static int strval2str( struct berval *val, char *str, unsigned flags,
ber_len_t *len );
-static ber_len_t strval2IA5strlen( struct berval *val, unsigned flags );
+static int strval2IA5strlen( struct berval *val, unsigned flags,
+ ber_len_t *len );
static int strval2IA5str( struct berval *val, char *str, unsigned flags,
ber_len_t *len );
-static ber_len_t strval2DCEstrlen( struct berval *val, unsigned flags );
+static int strval2DCEstrlen( struct berval *val, unsigned flags,
+ ber_len_t *len );
static int strval2DCEstr( struct berval *val, char *str, unsigned flags,
ber_len_t *len );
-static ber_len_t strval2ADstrlen( struct berval *val, unsigned flags );
+static int strval2ADstrlen( struct berval *val, unsigned flags,
+ ber_len_t *len );
static int strval2ADstr( struct berval *val, char *str, unsigned flags,
ber_len_t *len );
-static int dn2domain( LDAPDN *dn, char **str, int *iRDN );
+static int dn2domain( LDAPDN *dn, struct berval *bv, int pos, int *iRDN );
/* AVA helpers */
-static LDAPAVA * ldapava_new( const char *attr, const struct berval *val,
- unsigned flags );
-static void ldapava_free( LDAPAVA *ava );
-static LDAPRDN * ldapava_append_to_rdn( LDAPRDN *rdn, LDAPAVA *ava );
-static void ldapava_free_rdn( LDAPRDN *rdn );
-static LDAPDN * ldapava_append_to_dn( LDAPDN *dn, LDAPRDN *rdn );
-static LDAPDN * ldapava_insert_into_dn( LDAPDN *dn, LDAPRDN *rdn );
-static void ldapava_free_dn( LDAPDN *dn );
+static LDAPAVA * ldapava_new(
+ const struct berval *attr, const struct berval *val, unsigned flags );
/* Higher level helpers */
-static ber_len_t rdn2strlen( LDAPRDN *rdn );
-static int rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len );
-static ber_len_t rdn2UFNstrlen( LDAPRDN *rdn );
-static int rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len );
-
-/* ? */
-int ldap_rdn2str( LDAPRDN *rdn, char **str, unsigned flags );
+static int rdn2strlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len,
+ int ( *s2l )( struct berval *, unsigned, ber_len_t * ) );
+static int rdn2str( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len,
+ int ( *s2s )( struct berval *, char *, unsigned, ber_len_t * ));
+static int rdn2UFNstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len );
+static int rdn2UFNstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len );
+static int rdn2DCEstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len );
+static int rdn2DCEstr( LDAPRDN *rdn, char *str, unsigned flag, ber_len_t *len, int first );
+static int rdn2ADstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len );
+static int rdn2ADstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first );
/*
* RFC 1823 ldap_get_dn
char *
ldap_dn2ufn( LDAP_CONST char *dn )
{
-#ifndef USE_LDAP_DN_PARSING
- char *ufn;
- char **vals;
- int i;
-
- Debug( LDAP_DEBUG_TRACE, "ldap_dn2ufn\n", 0, 0, 0 );
-
- /* produces completely untyped UFNs */
-
- if( dn == NULL ) {
- return NULL;
- }
-
- vals = ldap_explode_dn( dn , 0 );
- if( vals == NULL ) {
- return NULL;
- }
-
- for ( i = 0; vals[i]; i++ ) {
- char **rvals;
-
- rvals = ldap_explode_rdn( vals[i] , 1 );
- if ( rvals == NULL ) {
- LDAP_VFREE( vals );
- return NULL;
- }
+ char *out = NULL;
- LDAP_FREE( vals[i] );
- vals[i] = ldap_charray2str( rvals, " + " );
- LDAP_VFREE( rvals );
- }
-
- ufn = ldap_charray2str( vals, ", " );
-
- LDAP_VFREE( vals );
- return ufn;
-#else /* USE_LDAP_DN_PARSING */
Debug( LDAP_DEBUG_TRACE, "ldap_dn2ufn\n", 0, 0, 0 );
- return dn2dn( dn, LDAP_DN_FORMAT_LDAPV3, LDAP_DN_FORMAT_UFN );
-#endif /* USE_LDAP_DN_PARSING */
+ ( void )ldap_dn_normalize( dn, LDAP_DN_FORMAT_LDAP,
+ &out, LDAP_DN_FORMAT_UFN );
+
+ return( out );
}
+/*
+ * RFC 1823 ldap_explode_dn
+ */
char **
ldap_explode_dn( LDAP_CONST char *dn, int notypes )
{
-#ifndef USE_LDAP_DN_PARSING
- Debug( LDAP_DEBUG_TRACE, "ldap_explode_dn\n", 0, 0, 0 );
-
- return explode_name( dn, notypes, NAME_TYPE_LDAP_DN );
-#else /* USE_LDAP_DN_PARSING */
LDAPDN *tmpDN;
char **values = NULL;
int iRDN;
Debug( LDAP_DEBUG_TRACE, "ldap_explode_dn\n", 0, 0, 0 );
- if ( ldap_str2dn( dn, &tmpDN, LDAP_DN_FORMAT_LDAPV3 )
+ if ( ldap_str2dn( dn, &tmpDN, LDAP_DN_FORMAT_LDAP )
!= LDAP_SUCCESS ) {
- return( NULL );
+ return NULL;
}
- for ( iRDN = 0; tmpDN[ iRDN ]; iRDN++ ) {
- char *str, **v = NULL;
-
- ldap_rdn2str( tmpDN[ iRDN ][ 0 ], &str, flag );
+ if( tmpDN == NULL ) {
+ values = LDAP_MALLOC( sizeof( char * ) );
+ if( values == NULL ) return NULL;
- v = LDAP_REALLOC( values, sizeof( char * ) * ( 2 + iRDN ) );
- if ( v == NULL ) {
- LBER_VFREE( values );
- ldapava_free_dn( tmpDN );
- return( NULL );
- }
- values = v;
- values[ iRDN ] = str;
+ values[0] = NULL;
+ return values;
}
+
+ for ( iRDN = 0; tmpDN[ 0 ][ iRDN ]; iRDN++ );
+
+ values = LDAP_MALLOC( sizeof( char * ) * ( 1 + iRDN ) );
+ if ( values == NULL ) {
+ ldap_dnfree( tmpDN );
+ return NULL;
+ }
+
+ for ( iRDN = 0; tmpDN[ 0 ][ iRDN ]; iRDN++ ) {
+ ldap_rdn2str( tmpDN[ 0 ][ iRDN ], &values[ iRDN ], flag );
+ }
+ ldap_dnfree( tmpDN );
values[ iRDN ] = NULL;
- return( values );
-#endif /* USE_LDAP_DN_PARSING */
+ return values;
}
char **
ldap_explode_rdn( LDAP_CONST char *rdn, int notypes )
{
-#ifndef USE_LDAP_DN_PARSING
- Debug( LDAP_DEBUG_TRACE, "ldap_explode_rdn\n", 0, 0, 0 );
-
- return explode_name( rdn, notypes, NAME_TYPE_LDAP_RDN );
-#else /* USE_LDAP_DN_PARSING */
- LDAPDN *tmpDN;
- char **values = NULL;
- int iAVA;
- unsigned flag = notypes ? LDAP_DN_FORMAT_UFN : LDAP_DN_FORMAT_LDAPV3;
+ LDAPRDN *tmpRDN;
+ char **values = NULL;
+ const char *p;
+ int iAVA;
Debug( LDAP_DEBUG_TRACE, "ldap_explode_rdn\n", 0, 0, 0 );
/*
- * we assume this dn is made of one rdn only
+ * we only parse the first rdn
+ * FIXME: we prefer efficiency over checking if the _ENTIRE_
+ * dn can be parsed
*/
- if ( ldap_str2dn( rdn, &tmpDN, LDAP_DN_FORMAT_LDAPV3 )
+ if ( ldap_str2rdn( rdn, &tmpRDN, (char **) &p, LDAP_DN_FORMAT_LDAP )
!= LDAP_SUCCESS ) {
return( NULL );
}
- for ( iAVA = 0; tmpDN[ 0 ][ 0 ][ iAVA ]; iAVA++ ) {
+ for ( iAVA = 0; tmpRDN[ 0 ][ iAVA ]; iAVA++ ) ;
+ values = LDAP_MALLOC( sizeof( char * ) * ( 1 + iAVA ) );
+ if ( values == NULL ) {
+ ldap_rdnfree( tmpRDN );
+ return( NULL );
+ }
+
+ for ( iAVA = 0; tmpRDN[ 0 ][ iAVA ]; iAVA++ ) {
ber_len_t l = 0, vl, al = 0;
- char *str, **v = NULL;
- LDAPAVA *ava = tmpDN[ 0 ][ 0 ][ iAVA ][ 0 ];
-
- v = LDAP_REALLOC( values, sizeof( char * ) * ( 2 + iAVA ) );
- if ( v == NULL ) {
- LBER_VFREE( values );
- ldapava_free_dn( tmpDN );
- return( NULL );
- }
- values = v;
+ char *str;
+ LDAPAVA *ava = tmpRDN[ 0 ][ iAVA ];
if ( ava->la_flags == LDAP_AVA_BINARY ) {
- vl = 1 + 2 * ava->la_value->bv_len;
+ vl = 1 + 2 * ava->la_value.bv_len;
+
} else {
- vl = strval2strlen( ava->la_value, ava->la_flags );
+ if ( strval2strlen( &ava->la_value,
+ ava->la_flags, &vl ) ) {
+ goto error_return;
+ }
}
if ( !notypes ) {
- al = strlen( ava->la_attr );
-
- l = vl + al + 1;
+ al = ava->la_attr.bv_len;
+ l = vl + ava->la_attr.bv_len + 1;
str = LDAP_MALLOC( l + 1 );
- AC_MEMCPY( str, ava->la_attr, al );
+ AC_MEMCPY( str, ava->la_attr.bv_val,
+ ava->la_attr.bv_len );
str[ al++ ] = '=';
+
} else {
l = vl;
str = LDAP_MALLOC( l + 1 );
if ( ava->la_flags == LDAP_AVA_BINARY ) {
str[ al++ ] = '#';
- binval2hexstr( ava->la_value, &str[ al ] );
+ if ( binval2hexstr( &ava->la_value, &str[ al ] ) ) {
+ goto error_return;
+ }
+
} else {
- strval2str( ava->la_value, &str[ al ],
- ava->la_flags, &vl );
+ if ( strval2str( &ava->la_value, &str[ al ],
+ ava->la_flags, &vl ) ) {
+ goto error_return;
+ }
}
str[ l ] = '\0';
}
values[ iAVA ] = NULL;
- return( values );
-#endif /* USE_LDAP_DN_PARSING */
-}
-
-char *
-ldap_dn2ad_canonical( LDAP_CONST char *dn )
-{
- Debug( LDAP_DEBUG_TRACE, "ldap_dn2ad_canonical\n", 0, 0, 0 );
-
- return dn2dn( dn, LDAP_DN_FORMAT_LDAPV3, LDAP_DN_FORMAT_AD_CANONICAL );
-}
-
-static char *
-dn2dn( const char *dnin, unsigned fin, unsigned fout )
-{
- char *dnout = NULL;
- LDAPDN *tmpDN = NULL;
-
- if( dnin == NULL ) {
- return NULL;
- }
-
- if ( ldap_str2dn( dnin , &tmpDN, fin ) != LDAP_SUCCESS ) {
- return NULL;
- }
-
- /* don't care about the result ... */
- ldap_dn2str( tmpDN, &dnout, fout );
+ ldap_rdnfree( tmpRDN );
- ldapava_free_dn( tmpDN );
+ return( values );
- return dnout;
+error_return:;
+ LBER_VFREE( values );
+ ldap_rdnfree( tmpRDN );
+ return( NULL );
}
-
char *
ldap_dn2dcedn( LDAP_CONST char *dn )
{
-#ifndef USE_LDAP_DN_PARSING
- char *dce, *q, **rdns, **p;
- int len = 0;
+ char *out = NULL;
Debug( LDAP_DEBUG_TRACE, "ldap_dn2dcedn\n", 0, 0, 0 );
- rdns = explode_name( dn, 0, NAME_TYPE_LDAP_DN );
- if ( rdns == NULL ) {
- return NULL;
- }
-
- for ( p = rdns; *p != NULL; p++ ) {
- len += strlen( *p ) + 1;
- }
-
- q = dce = LDAP_MALLOC( len + 1 );
- if ( dce == NULL ) {
- return NULL;
- }
-
- p--; /* get back past NULL */
-
- for ( ; p != rdns; p-- ) {
- strcpy( q, "/" );
- q++;
- strcpy( q, *p );
- q += strlen( *p );
- }
-
- strcpy( q, "/" );
- q++;
- strcpy( q, *p );
-
- return dce;
-#else /* USE_LDAP_DN_PARSING */
- Debug( LDAP_DEBUG_TRACE, "ldap_dn2dcedn\n", 0, 0, 0 );
+ ( void )ldap_dn_normalize( dn, LDAP_DN_FORMAT_LDAP,
+ &out, LDAP_DN_FORMAT_DCE );
- return dn2dn( dn, LDAP_DN_FORMAT_LDAPV3, LDAP_DN_FORMAT_DCE );
-#endif /* USE_LDAP_DN_PARSING */
+ return( out );
}
char *
ldap_dcedn2dn( LDAP_CONST char *dce )
{
-#ifndef USE_LDAP_DN_PARSING
- char *dn, *q, **rdns, **p;
- int len;
+ char *out = NULL;
Debug( LDAP_DEBUG_TRACE, "ldap_dcedn2dn\n", 0, 0, 0 );
- rdns = explode_name( dce, 0, NAME_TYPE_DCE_DN );
- if ( rdns == NULL ) {
- return NULL;
- }
-
- len = 0;
-
- for ( p = rdns; *p != NULL; p++ ) {
- len += strlen( *p ) + 1;
- }
-
- q = dn = LDAP_MALLOC( len );
- if ( dn == NULL ) {
- return NULL;
- }
-
- p--;
-
- for ( ; p != rdns; p-- ) {
- strcpy( q, *p );
- q += strlen( *p );
- strcpy( q, "," );
- q++;
- }
+ ( void )ldap_dn_normalize( dce, LDAP_DN_FORMAT_DCE, &out, LDAP_DN_FORMAT_LDAPV3 );
- if ( *dce == '/' ) {
- /* the name was fully qualified, thus the most-significant
- * RDN was empty. trash the last comma */
- q--;
- *q = '\0';
- } else {
- /* the name was relative. copy the most significant RDN */
- strcpy( q, *p );
- }
-
- return dn;
-#else /* USE_LDAP_DN_PARSING */
- Debug( LDAP_DEBUG_TRACE, "ldap_dcedn2dn\n", 0, 0, 0 );
-
- return dn2dn( dce, LDAP_DN_FORMAT_DCE, LDAP_DN_FORMAT_LDAPV3 );
-#endif /* USE_LDAP_DN_PARSING */
+ return( out );
}
-#define INQUOTE 1
-#define OUTQUOTE 2
-
-static char **
-explode_name( const char *name, int notypes, int is_type )
+char *
+ldap_dn2ad_canonical( LDAP_CONST char *dn )
{
- const char *p, *q, *rdn;
- char **parts = NULL;
- int offset, state, have_equals, count = 0, endquote, len;
+ char *out = NULL;
- /* safe guard */
- if(name == NULL) name = "";
-
- /* skip leading whitespace */
- while( ldap_utf8_isspace( name )) {
- LDAP_UTF8_INCR( name );
- }
-
- p = rdn = name;
- offset = 0;
- state = OUTQUOTE;
- have_equals=0;
-
- do {
- /* step forward */
- p += offset;
- offset = 1;
-
- switch ( *p ) {
- case '\\':
- if ( p[1] != '\0' ) {
- offset = LDAP_UTF8_OFFSET(++p);
- }
- break;
- case '"':
- if ( state == INQUOTE )
- state = OUTQUOTE;
- else
- state = INQUOTE;
- break;
- case '=':
- if( state == OUTQUOTE ) have_equals++;
- break;
- case '+':
- if (is_type == NAME_TYPE_LDAP_RDN)
- goto end_part;
- break;
- case '/':
- if (is_type == NAME_TYPE_DCE_DN)
- goto end_part;
- break;
- case ';':
- case ',':
- if (is_type == NAME_TYPE_LDAP_DN)
- goto end_part;
- break;
- case '\0':
- end_part:
- if ( state == OUTQUOTE ) {
- ++count;
- have_equals=0;
-
- if ( parts == NULL ) {
- if (( parts = (char **)LDAP_MALLOC( 8
- * sizeof( char *))) == NULL )
- return( NULL );
- } else if ( count >= 8 ) {
- if (( parts = (char **)LDAP_REALLOC( parts,
- (count+1) * sizeof( char *)))
- == NULL )
- return( NULL );
- }
+ Debug( LDAP_DEBUG_TRACE, "ldap_dn2ad_canonical\n", 0, 0, 0 );
- parts[ count ] = NULL;
- endquote = 0;
+ ( void )ldap_dn_normalize( dn, LDAP_DN_FORMAT_LDAP,
+ &out, LDAP_DN_FORMAT_AD_CANONICAL );
- if ( notypes ) {
- for ( q = rdn; q < p && *q != '='; ++q ) {
- /* EMPTY */;
- }
+ return( out );
+}
- if ( q < p ) {
- rdn = ++q;
- }
+/*
+ * function that changes the string representation of dnin
+ * from ( fin & LDAP_DN_FORMAT_MASK ) to ( fout & LDAP_DN_FORMAT_MASK )
+ *
+ * fin can be one of:
+ * LDAP_DN_FORMAT_LDAP (rfc 2253 and ldapbis liberal,
+ * plus some rfc 1779)
+ * LDAP_DN_FORMAT_LDAPV3 (rfc 2253 and ldapbis)
+ * LDAP_DN_FORMAT_LDAPV2 (rfc 1779)
+ * LDAP_DN_FORMAT_DCE (?)
+ *
+ * fout can be any of the above except
+ * LDAP_DN_FORMAT_LDAP
+ * plus:
+ * LDAP_DN_FORMAT_UFN (rfc 1781, partial and with extensions)
+ * LDAP_DN_FORMAT_AD_CANONICAL (?)
+ */
+int
+ldap_dn_normalize( LDAP_CONST char *dnin,
+ unsigned fin, char **dnout, unsigned fout )
+{
+ int rc;
+ LDAPDN *tmpDN = NULL;
- if ( *rdn == '"' ) {
- ++rdn;
- }
-
- if ( p[-1] == '"' ) {
- endquote = 1;
- --p;
- }
- }
+ Debug( LDAP_DEBUG_TRACE, "ldap_dn_normalize\n", 0, 0, 0 );
- len = p - rdn;
+ assert( dnout );
- if (( parts[ count-1 ] = (char *)LDAP_CALLOC( 1,
- len + 1 )) != NULL )
- {
- AC_MEMCPY( parts[ count-1 ], rdn, len );
+ *dnout = NULL;
- if( !endquote ) {
- /* skip trailing spaces */
- while( len > 0 && ldap_utf8_isspace(
- &parts[count-1][len-1] ) )
- {
- --len;
- }
- }
+ if ( dnin == NULL ) {
+ return( LDAP_SUCCESS );
+ }
- parts[ count-1 ][ len ] = '\0';
- }
+ rc = ldap_str2dn( dnin , &tmpDN, fin );
+ if ( rc != LDAP_SUCCESS ) {
+ return( rc );
+ }
- /*
- * Don't forget to increment 'p' back to where
- * it should be. If we don't, then we will
- * never get past an "end quote."
- */
- if ( endquote == 1 )
- p++;
+ rc = ldap_dn2str( tmpDN, dnout, fout );
- rdn = *p ? &p[1] : p;
- while ( ldap_utf8_isspace( rdn ) )
- ++rdn;
- } break;
- }
- } while ( *p );
+ ldap_dnfree( tmpDN );
- return( parts );
+ return( rc );
}
/* States */
#define B4AVA 0x0000
-#define B4ATTRTYPE 0x0001
+/* #define B4ATTRTYPE 0x0001 */
#define B4OIDATTRTYPE 0x0002
#define B4STRINGATTRTYPE 0x0003
#define B4IA5VALUE 0x0040
#define B4BINARYVALUE 0x0050
-/* Helpers (mostly from slapd.h; maybe it should be rewritten from this) */
+/*
+ * Helpers (mostly from slap.h)
+ * c is assumed to Unicode in an ASCII compatible format (UTF-8)
+ * Macros assume "C" Locale (ASCII)
+ */
#define LDAP_DN_ASCII_SPACE(c) \
( (c) == ' ' || (c) == '\t' || (c) == '\n' || (c) == '\r' )
-#define LDAP_DN_ASCII_LOWER(c) ( (c) >= 'a' && (c) <= 'z' )
-#define LDAP_DN_ASCII_UPPER(c) ( (c) >= 'A' && (c) <= 'Z' )
-#define LDAP_DN_ASCII_ALPHA(c) \
- ( LDAP_DN_ASCII_LOWER(c) || LDAP_DN_ASCII_UPPER(c) )
-#define LDAP_DN_ASCII_DIGIT(c) ( (c) >= '0' && (c) <= '9' )
-#define LDAP_DN_ASCII_LCASE_HEXALPHA(c) ( (c) >= 'a' && (c) <= 'f' )
-#define LDAP_DN_ASCII_UCASE_HEXALPHA(c) ( (c) >= 'A' && (c) <= 'F' )
-#define LDAP_DN_ASCII_HEXDIGIT(c) \
- ( LDAP_DN_ASCII_DIGIT(c) \
- || LDAP_DN_ASCII_LCASE_HEXALPHA(c) \
- || LDAP_DN_ASCII_UCASE_HEXALPHA(c) )
-#define LDAP_DN_ASCII_ALNUM(c) \
- ( LDAP_DN_ASCII_ALPHA(c) || LDAP_DN_ASCII_DIGIT(c) )
+#define LDAP_DN_ASCII_LOWER(c) LDAP_LOWER(c)
+#define LDAP_DN_ASCII_UPPER(c) LDAP_UPPER(c)
+#define LDAP_DN_ASCII_ALPHA(c) LDAP_ALPHA(c)
+
+#define LDAP_DN_ASCII_DIGIT(c) LDAP_DIGIT(c)
+#define LDAP_DN_ASCII_LCASE_HEXALPHA(c) LDAP_HEXLOWER(c)
+#define LDAP_DN_ASCII_UCASE_HEXALPHA(c) LDAP_HEXUPPER(c)
+#define LDAP_DN_ASCII_HEXDIGIT(c) LDAP_HEX(c)
+#define LDAP_DN_ASCII_ALNUM(c) LDAP_ALNUM(c)
#define LDAP_DN_ASCII_PRINTABLE(c) ( (c) >= ' ' && (c) <= '~' )
/* attribute type */
-#define LDAP_DN_OID_LEADCHAR(c) ( LDAP_DN_ASCII_DIGIT(c) )
-#define LDAP_DN_DESC_LEADCHAR(c) ( LDAP_DN_ASCII_ALPHA(c) )
-#define LDAP_DN_DESC_CHAR(c) ( LDAP_DN_ASCII_ALNUM(c) || (c) == '-' )
+#define LDAP_DN_OID_LEADCHAR(c) LDAP_DIGIT(c)
+#define LDAP_DN_DESC_LEADCHAR(c) LDAP_ALPHA(c)
+#define LDAP_DN_DESC_CHAR(c) LDAP_LDH(c)
#define LDAP_DN_LANG_SEP(c) ( (c) == ';' )
#define LDAP_DN_ATTRDESC_CHAR(c) \
( LDAP_DN_DESC_CHAR(c) || LDAP_DN_LANG_SEP(c) )
( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_OCTOTHORPE(c) || LDAP_DN_NE(c) )
#define LDAP_DN_NEEDESCAPE_TRAIL(c) \
( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_NEEDESCAPE(c) )
+#define LDAP_DN_WILLESCAPE_CHAR(c) \
+ ( LDAP_DN_RDN_SEP(c) || LDAP_DN_AVA_SEP(c) || LDAP_DN_ESCAPE(c) )
+#define LDAP_DN_IS_PRETTY(f) ( (f) & LDAP_DN_PRETTY )
+#define LDAP_DN_WILLESCAPE_HEX(f, c) \
+ ( ( !LDAP_DN_IS_PRETTY( f ) ) && LDAP_DN_WILLESCAPE_CHAR(c) )
/* LDAPv2 */
#define LDAP_DN_VALUE_END_V2(c) \
* Metachars: '/', ',', '=', '\'.
*
* the '\' is used to escape other metachars.
+ *
+ * Assertion: '='
+ * RDN separator: '/'
+ * AVA separator: ','
*
* Attribute types must start with alphabetic chars and can contain
* alphabetic chars and digits (FIXME: no '-'?). OIDs are allowed.
/* generics */
#define LDAP_DN_HEXPAIR(s) \
( LDAP_DN_ASCII_HEXDIGIT((s)[0]) && LDAP_DN_ASCII_HEXDIGIT((s)[1]) )
-#define LDAP_DC_ATTR "dc"
-
+/* better look at the AttributeDescription? */
+
+/* FIXME: no composite rdn or non-"dc" types, right?
+ * (what about "dc" in OID form?) */
+/* FIXME: we do not allow binary values in domain, right? */
+/* NOTE: use this macro only when ABSOLUTELY SURE rdn IS VALID! */
+/* NOTE: don't use strcasecmp() as it is locale specific! */
+#define LDAP_DC_ATTR "dc"
+#define LDAP_DC_ATTRU "DC"
+#define LDAP_DN_IS_RDN_DC( r ) \
+ ( (r) && (r)[0][0] && !(r)[0][1] \
+ && ((r)[0][0]->la_flags == LDAP_AVA_STRING) \
+ && ((r)[0][0]->la_attr.bv_len == 2) \
+ && (((r)[0][0]->la_attr.bv_val[0] == LDAP_DC_ATTR[0]) \
+ || ((r)[0][0]->la_attr.bv_val[0] == LDAP_DC_ATTRU[0])) \
+ && (((r)[0][0]->la_attr.bv_val[1] == LDAP_DC_ATTR[1]) \
+ || ((r)[0][0]->la_attr.bv_val[1] == LDAP_DC_ATTRU[1])))
+
/* Composite rules */
+#define LDAP_DN_ALLOW_ONE_SPACE(f) \
+ ( LDAP_DN_LDAPV2(f) \
+ || !( (f) & LDAP_DN_P_NOSPACEAFTERRDN ) )
#define LDAP_DN_ALLOW_SPACES(f) \
- ( ( (f) & LDAP_DN_FORMAT_LDAPV2 ) || !( (f) & LDAP_DN_PEDANTIC ) )
+ ( LDAP_DN_LDAPV2(f) \
+ || !( (f) & ( LDAP_DN_P_NOLEADTRAILSPACES | LDAP_DN_P_NOSPACEAFTERRDN ) ) )
+#define LDAP_DN_LDAP(f) \
+ ( ( (f) & LDAP_DN_FORMAT_MASK ) == LDAP_DN_FORMAT_LDAP )
#define LDAP_DN_LDAPV3(f) \
( ( (f) & LDAP_DN_FORMAT_MASK ) == LDAP_DN_FORMAT_LDAPV3 )
#define LDAP_DN_LDAPV2(f) \
#define LDAP_DN_FORMAT(f) ( (f) & LDAP_DN_FORMAT_MASK )
/*
- * LDAPAVA helpers
+ * LDAPAVA helpers (will become part of the API for operations
+ * on structural representations of DNs).
*/
-static LDAPAVA *
-ldapava_new( const char *attr, const struct berval *val, unsigned flags )
+LDAPAVA *
+ldapava_new( const struct berval *attr, const struct berval *val,
+ unsigned flags )
{
LDAPAVA *ava;
assert( attr );
assert( val );
- ava = LDAP_MALLOC( sizeof( LDAPAVA ) );
+ ava = LDAP_MALLOC( sizeof( LDAPAVA ) + attr->bv_len + 1 );
/* should we test it? */
if ( ava == NULL ) {
return( NULL );
}
- ava->la_attr = ( char * )attr;
- ava->la_value = ( struct berval * )val;
+ ava->la_attr.bv_len = attr->bv_len;
+ ava->la_attr.bv_val = (char *)(ava+1);
+ AC_MEMCPY( ava->la_attr.bv_val, attr->bv_val, attr->bv_len );
+ ava->la_attr.bv_val[attr->bv_len] = '\0';
+
+ ava->la_value = *val;
ava->la_flags = flags;
+ ava->la_private = NULL;
+
return( ava );
}
-static void
-ldapava_free( LDAPAVA *ava )
+void
+ldap_avafree( LDAPAVA *ava )
{
assert( ava );
- LDAP_FREE( ava->la_attr );
- ber_bvfree( ava->la_value );
-
- LDAP_FREE( ava );
-}
-
-static LDAPRDN *
-ldapava_append_to_rdn( LDAPRDN *rdn, LDAPAVA *ava )
-{
- LDAPRDN *newRDN;
- unsigned i = 0U;
-
- assert( ava );
+#if 0
+ /* ava's private must be freed by caller
+ * (at present let's skip this check because la_private
+ * basically holds static data) */
+ assert( ava->la_private == NULL );
+#endif
- if ( rdn != NULL ) {
- for ( i = 0U; rdn[ i ]; i++ ) {
- /* no op */
- }
- }
- newRDN = LDAP_REALLOC( rdn, ( i + 2 ) * sizeof( LDAPAVA ** ) );
- newRDN[ i ] = LDAP_MALLOC( sizeof( LDAPAVA * ) );
- newRDN[ i ][ 0 ] = ava;
- newRDN[ i + 1 ] = NULL;
+#if 0
+ /* la_attr is now contiguous with ava, not freed separately */
+ LDAP_FREE( ava->la_attr.bv_val );
+#endif
+ LDAP_FREE( ava->la_value.bv_val );
- return( newRDN );
+ LDAP_FREE( ava );
}
-static void
-ldapava_free_rdn( LDAPRDN *rdn )
+void
+ldap_rdnfree( LDAPRDN *rdn )
{
int iAVA;
return;
}
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- assert( rdn[ iAVA ][ 0 ] );
-
- ldapava_free( rdn[ iAVA ][ 0 ] );
- }
-
- LDAP_VFREE( rdn );
-}
-
-static LDAPDN *
-ldapava_append_to_dn( LDAPDN *dn, LDAPRDN *rdn )
-{
- LDAPDN *newDN;
- unsigned i = 0U;
-
- assert( rdn );
-
- if ( dn != NULL ) {
- for ( i = 0U; dn[ i ]; i++ ) {
- /* no op */
- }
- }
- newDN = LDAP_REALLOC( dn, ( i + 2 ) * sizeof( LDAPRDN ** ) );
- newDN[ i ] = LDAP_MALLOC( sizeof( LDAPRDN * ) );
- newDN[ i ][ 0 ] = rdn;
- newDN[ i + 1 ] = NULL;
-
- return( newDN );
-}
-
-static LDAPDN *
-ldapava_insert_into_dn( LDAPDN *dn, LDAPRDN *rdn )
-{
- LDAPDN *newDN;
- unsigned i = 0U;
-
- assert( rdn );
-
- if ( dn != NULL ) {
- for ( i = 0U; dn[ i ]; i++ ) {
- /* no op */
- }
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ ldap_avafree( rdn[ 0 ][ iAVA ] );
}
- newDN = LDAP_MALLOC( ( i + 2 ) * sizeof( LDAPDN ) );
- AC_MEMCPY( &newDN[ 1 ], dn, i * sizeof( LDAPDN * ) );
- LDAP_FREE( dn );
- newDN[ 0 ] = LDAP_MALLOC( sizeof( LDAPRDN * ) );
- newDN[ 0 ][ 0 ] = rdn;
- newDN[ i + 1 ] = NULL;
-
- return( newDN );
+ LDAP_FREE( rdn );
}
-static void
-ldapava_free_dn( LDAPDN *dn )
+void
+ldap_dnfree( LDAPDN *dn )
{
int iRDN;
return;
}
- for ( iRDN = 0; dn[ iRDN ]; iRDN++ ) {
- assert( dn[ iRDN ][ 0 ] );
-
- ldapava_free_rdn( dn[ iRDN ][ 0 ] );
+ for ( iRDN = 0; dn[ 0 ][ iRDN ]; iRDN++ ) {
+ ldap_rdnfree( dn[ 0 ][ iRDN ] );
}
- LDAP_VFREE( dn );
+ LDAP_FREE( dn );
}
/*
* Converts a string representation of a DN (in LDAPv3, LDAPv2 or DCE)
- * into a structured representation of the DN, by separating attribute
+ * into a structural representation of the DN, by separating attribute
* types and values encoded in the more appropriate form, which is
* string or OID for attribute types and binary form of the BER encoded
* value or Unicode string. Formats different from LDAPv3 are parsed
* experimental and will hopefully turn into something more simple
* and readable as soon as it works as expected.
*/
+
+#define TMP_SLOTS 1024
+
int
-ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags )
+ldap_str2dn( LDAP_CONST char *str, LDAPDN **dn, unsigned flags )
{
const char *p;
- int state = B4AVA;
- int rc = LDAP_INVALID_DN_SYNTAX;
- int attrTypeEncoding, attrValueEncoding;
-
- char *attrType = NULL;
- struct berval *attrValue = NULL;
+ int rc = LDAP_DECODING_ERROR;
+ int nrdns = 0;
LDAPDN *newDN = NULL;
- LDAPRDN *newRDN = NULL;
+ LDAPRDN *newRDN = NULL, *tmpDN[TMP_SLOTS];
assert( str );
assert( dn );
*dn = NULL;
switch ( LDAP_DN_FORMAT( flags ) ) {
+ case LDAP_DN_FORMAT_LDAP:
case LDAP_DN_FORMAT_LDAPV3:
case LDAP_DN_FORMAT_LDAPV2:
case LDAP_DN_FORMAT_DCE:
/* unsupported in str2dn */
case LDAP_DN_FORMAT_UFN:
case LDAP_DN_FORMAT_AD_CANONICAL:
- return( LDAP_INVALID_DN_SYNTAX );
+ return LDAP_PARAM_ERROR;
+ case LDAP_DN_FORMAT_LBER:
default:
- return( LDAP_OTHER );
+ return LDAP_PARAM_ERROR;
}
if ( str[ 0 ] == '\0' ) {
- return( LDAP_SUCCESS );
+ return LDAP_SUCCESS;
}
p = str;
goto parsing_error;
}
p++;
- }
-
- for ( ; p[ 0 ] || state == GOTAVA; ) {
+ } else if ( LDAP_DN_LDAP( flags ) ) {
/*
- * The parser in principle advances one token a time,
- * or toggles state if preferable.
+ * if dn starts with '/' let's make it a DCE dn
*/
- switch (state) {
+ if ( LDAP_DN_RDN_SEP_DCE( p[ 0 ] ) ) {
+ flags |= LDAP_DN_FORMAT_DCE;
+ p++;
+ }
+ }
- /*
- * an AttributeType can be encoded as:
- * - its string representation; in detail, implementations
- * MUST recognize AttributeType string type names listed
- * in section 2.3 of draft-ietf-ldapbis-dn-XX.txt, and
- * MAY recognize other names.
- * - its numeric OID (a dotted decimal string); in detail
- * RFC 2253 asserts that ``Implementations MUST allow
- * an oid in the attribute type to be prefixed by one
- * of the character strings "oid." or "OID."''. As soon
- * as draft-ietf-ldapbis-dn-XX.txt obsoletes RFC 2253
- * I'm not sure whether this is required or not any
- * longer; to be liberal, we still implement it.
+ for ( ; p[ 0 ]; p++ ) {
+ int err;
+
+ err = ldap_str2rdn( p, &newRDN, (char **) &p, flags );
+ if ( err != LDAP_SUCCESS ) {
+ goto parsing_error;
+ }
+
+ /*
+ * We expect a rdn separator
*/
- case B4AVA:
- if ( LDAP_DN_ASCII_SPACE( p[ 0 ] ) ) {
- if ( !LDAP_DN_ALLOW_SPACES( flags ) ) {
- /* error */
+ if ( p[ 0 ] ) {
+ switch ( LDAP_DN_FORMAT( flags ) ) {
+ case LDAP_DN_FORMAT_LDAPV3:
+ if ( !LDAP_DN_RDN_SEP( p[ 0 ] ) ) {
+ rc = LDAP_DECODING_ERROR;
goto parsing_error;
}
-
- /* whitespace is allowed (and trimmed) */
- p++;
- while ( p[ 0 ] && LDAP_DN_ASCII_SPACE( p[ 0 ] ) ) {
- p++;
+ break;
+
+ case LDAP_DN_FORMAT_LDAP:
+ case LDAP_DN_FORMAT_LDAPV2:
+ if ( !LDAP_DN_RDN_SEP_V2( p[ 0 ] ) ) {
+ rc = LDAP_DECODING_ERROR;
+ goto parsing_error;
}
-
- if ( !p[ 0 ] ) {
- /* error: we expected an AVA */
+ break;
+
+ case LDAP_DN_FORMAT_DCE:
+ if ( !LDAP_DN_RDN_SEP_DCE( p[ 0 ] ) ) {
+ rc = LDAP_DECODING_ERROR;
goto parsing_error;
}
+ break;
}
+ }
- state = B4ATTRTYPE;
- break;
- case B4ATTRTYPE:
- /* oid */
- if ( LDAP_DN_OID_LEADCHAR( p[ 0 ] ) ) {
- state = B4OIDATTRTYPE;
- break;
- }
-
+ tmpDN[nrdns++] = newRDN;
+ newRDN = NULL;
+
+#if 0
+ /*
+ * prone to attacks?
+ */
+ assert (nrdns < TMP_SLOTS);
+#else
+ /*
+ * make the static AVA array dynamically rescalable
+ */
+ if (nrdns >= TMP_SLOTS) {
+ rc = LDAP_DECODING_ERROR;
+ goto parsing_error;
+ }
+#endif
+
+ if ( p[ 0 ] == '\0' ) {
+ /*
+ * the DN is over, phew
+ */
+ newDN = (LDAPDN *)LDAP_MALLOC( sizeof(LDAPDN) +
+ sizeof(LDAPRDN *) * (nrdns+1));
+ if ( newDN == NULL ) {
+ rc = LDAP_NO_MEMORY;
+ goto parsing_error;
+ } else {
+ int i;
+
+ newDN[0] = (LDAPRDN **)(newDN+1);
+
+ if ( LDAP_DN_DCE( flags ) ) {
+ /* add in reversed order */
+ for ( i=0; i<nrdns; i++ )
+ newDN[0][i] = tmpDN[nrdns-1-i];
+ } else {
+ for ( i=0; i<nrdns; i++ )
+ newDN[0][i] = tmpDN[i];
+ }
+ newDN[0][nrdns] = NULL;
+ rc = LDAP_SUCCESS;
+ }
+ goto return_result;
+ }
+ }
+
+parsing_error:;
+ if ( newRDN ) {
+ ldap_rdnfree( newRDN );
+ }
+
+ for (nrdns-- ;nrdns>=0; nrdns-- )
+ ldap_rdnfree( tmpDN[nrdns] );
+
+return_result:;
+ Debug( LDAP_DEBUG_TRACE, "<= ldap_str2dn(%s,%u)=%d\n", str, flags, rc );
+ *dn = newDN;
+
+ return( rc );
+}
+
+/*
+ * ldap_str2rdn
+ *
+ * Parses a relative DN according to flags up to a rdn separator
+ * or to the end of str.
+ * Returns the rdn and a pointer to the string continuation, which
+ * corresponds to the rdn separator or to '\0' in case the string is over.
+ */
+int
+ldap_str2rdn( LDAP_CONST char *str, LDAPRDN **rdn,
+ char **n_in, unsigned flags )
+{
+ const char **n = (const char **) n_in;
+ const char *p;
+ int navas = 0;
+ int state = B4AVA;
+ int rc = LDAP_DECODING_ERROR;
+ int attrTypeEncoding = LDAP_AVA_STRING,
+ attrValueEncoding = LDAP_AVA_STRING;
+
+ struct berval attrType = { 0, NULL };
+ struct berval attrValue = { 0, NULL };
+
+ LDAPRDN *newRDN = NULL;
+ LDAPAVA *tmpRDN[TMP_SLOTS];
+
+ assert( str );
+ assert( rdn || flags & LDAP_DN_SKIP );
+ assert( n );
+
+ Debug( LDAP_DEBUG_TRACE, "=> ldap_str2rdn(%s,%u)\n%s", str, flags, "" );
+
+ if ( rdn ) {
+ *rdn = NULL;
+ }
+ *n = NULL;
+
+ switch ( LDAP_DN_FORMAT( flags ) ) {
+ case LDAP_DN_FORMAT_LDAP:
+ case LDAP_DN_FORMAT_LDAPV3:
+ case LDAP_DN_FORMAT_LDAPV2:
+ case LDAP_DN_FORMAT_DCE:
+ break;
+
+ /* unsupported in str2dn */
+ case LDAP_DN_FORMAT_UFN:
+ case LDAP_DN_FORMAT_AD_CANONICAL:
+ return LDAP_PARAM_ERROR;
+
+ case LDAP_DN_FORMAT_LBER:
+ default:
+ return LDAP_PARAM_ERROR;
+ }
+
+ if ( str[ 0 ] == '\0' ) {
+ return LDAP_SUCCESS;
+ }
+
+ p = str;
+ for ( ; p[ 0 ] || state == GOTAVA; ) {
+
+ /*
+ * The parser in principle advances one token a time,
+ * or toggles state if preferable.
+ */
+ switch (state) {
+
+ /*
+ * an AttributeType can be encoded as:
+ * - its string representation; in detail, implementations
+ * MUST recognize AttributeType string type names listed
+ * in section 2.3 of draft-ietf-ldapbis-dn-XX.txt, and
+ * MAY recognize other names.
+ * - its numeric OID (a dotted decimal string); in detail
+ * RFC 2253 asserts that ``Implementations MUST allow
+ * an oid in the attribute type to be prefixed by one
+ * of the character strings "oid." or "OID."''. As soon
+ * as draft-ietf-ldapbis-dn-XX.txt obsoletes RFC 2253
+ * I'm not sure whether this is required or not any
+ * longer; to be liberal, we still implement it.
+ */
+ case B4AVA:
+ if ( LDAP_DN_ASCII_SPACE( p[ 0 ] ) ) {
+ if ( !LDAP_DN_ALLOW_ONE_SPACE( flags ) ) {
+ /* error */
+ goto parsing_error;
+ }
+ p++;
+ }
+
+ if ( LDAP_DN_ASCII_SPACE( p[ 0 ] ) ) {
+ if ( !LDAP_DN_ALLOW_SPACES( flags ) ) {
+ /* error */
+ goto parsing_error;
+ }
+
+ /* whitespace is allowed (and trimmed) */
+ p++;
+ while ( p[ 0 ] && LDAP_DN_ASCII_SPACE( p[ 0 ] ) ) {
+ p++;
+ }
+
+ if ( !p[ 0 ] ) {
+ /* error: we expected an AVA */
+ goto parsing_error;
+ }
+ }
+
+ /* oid */
+ if ( LDAP_DN_OID_LEADCHAR( p[ 0 ] ) ) {
+ state = B4OIDATTRTYPE;
+ break;
+ }
+
/* else must be alpha */
if ( !LDAP_DN_DESC_LEADCHAR( p[ 0 ] ) ) {
goto parsing_error;
* "OID." or "oid."
*/
if ( flags & LDAP_DN_PEDANTIC ) {
- if ( !strncmp( p, "oid.", 4 )
- || !strncmp( p, "OID.", 4 ) ) {
+ if ( !strncmp( p, "OID.", 4 )
+ || !strncmp( p, "oid.", 4 ) ) {
p += 4;
state = B4OIDATTRTYPE;
break;
case B4OIDATTRTYPE: {
int err = LDAP_SUCCESS;
- attrType = parse_numericoid( &p, &err, 0 );
- if ( attrType == NULL ) {
+ attrType.bv_val = ldap_int_parse_numericoid( &p, &err,
+ LDAP_SCHEMA_SKIP);
+
+ if ( err != LDAP_SUCCESS ) {
goto parsing_error;
}
+ attrType.bv_len = p - attrType.bv_val;
+
attrTypeEncoding = LDAP_AVA_BINARY;
state = B4AVAEQUALS;
* the starting char has been found to be
* a LDAP_DN_DESC_LEADCHAR so we don't re-check it
* FIXME: DCE attr types seem to have a more
- * restrictive syntax
+ * restrictive syntax (no '-' ...)
*/
for ( startPos = p++; p[ 0 ]; p++ ) {
if ( LDAP_DN_DESC_CHAR( p[ 0 ] ) ) {
goto parsing_error;
}
- assert( attrType == NULL );
- attrType = LDAP_STRNDUP( startPos, len );
attrTypeEncoding = LDAP_AVA_STRING;
/*
*/
state = B4AVAEQUALS;
+
+ if ( flags & LDAP_DN_SKIP ) {
+ break;
+ }
+
+ attrType.bv_val = (char *)startPos;
+ attrType.bv_len = len;
+
break;
}
* LDAPv2 allows the attribute value to be quoted;
* also, IA5 values are expected, in principle
*/
- if ( LDAP_DN_LDAPV2( flags ) ) {
+ if ( LDAP_DN_LDAPV2( flags ) || LDAP_DN_LDAP( flags ) ) {
if ( LDAP_DN_QUOTES( p[ 0 ] ) ) {
p++;
state = B4IA5VALUEQUOTED;
break;
}
- state = B4IA5VALUE;
- break;
+ if ( LDAP_DN_LDAPV2( flags ) ) {
+ state = B4IA5VALUE;
+ break;
+ }
}
/*
* here STRING means RFC 2253 string
* FIXME: what about DCE strings?
*/
- state = B4STRINGVALUE;
+ if ( !p[ 0 ] ) {
+ /* empty value */
+ state = GOTAVA;
+ } else {
+ state = B4STRINGVALUE;
+ }
break;
case B4BINARYVALUE:
case B4STRINGVALUE:
switch ( LDAP_DN_FORMAT( flags ) ) {
+ case LDAP_DN_FORMAT_LDAP:
case LDAP_DN_FORMAT_LDAPV3:
- if ( str2strval( p, &attrValue,
- &p, flags,
+ if ( str2strval( p, &attrValue, &p, flags,
&attrValueEncoding ) ) {
goto parsing_error;
}
break;
case LDAP_DN_FORMAT_DCE:
- /* FIXME: does DCE use UTF-8? */
- if ( DCE2strval( p, &attrValue,
- &p, flags ) ) {
+ if ( DCE2strval( p, &attrValue, &p, flags ) ) {
goto parsing_error;
}
break;
break;
case GOTAVA: {
- LDAPAVA *ava;
- LDAPRDN *rdn;
int rdnsep = 0;
- /*
- * we accept empty values
- */
- ava = ldapava_new( attrType, attrValue,
- attrValueEncoding );
- if ( ava == NULL ) {
- rc = LDAP_NO_MEMORY;
- goto parsing_error;
- }
+ if ( !( flags & LDAP_DN_SKIP ) ) {
+ LDAPAVA *ava;
- rdn = ldapava_append_to_rdn( newRDN, ava );
- if ( rdn == NULL ) {
- rc = LDAP_NO_MEMORY;
- goto parsing_error;
+ /*
+ * we accept empty values
+ */
+ ava = ldapava_new( &attrType, &attrValue,
+ attrValueEncoding );
+
+ if ( ava == NULL ) {
+ rc = LDAP_NO_MEMORY;
+ goto parsing_error;
+ }
+ tmpRDN[navas++] = ava;
+
+ attrValue.bv_val = NULL;
+ attrValue.bv_len = 0;
+
+ assert(navas < TMP_SLOTS);
}
- newRDN = rdn;
/*
- * if we got an AVA separator ('+', | ',' * for DCE )
+ * if we got an AVA separator ('+', or ',' for DCE )
* we expect a new AVA for this RDN; otherwise
* we add the RDN to the DN
*/
switch ( LDAP_DN_FORMAT( flags ) ) {
+ case LDAP_DN_FORMAT_LDAP:
case LDAP_DN_FORMAT_LDAPV3:
case LDAP_DN_FORMAT_LDAPV2:
if ( !LDAP_DN_AVA_SEP( p[ 0 ] ) ) {
}
if ( rdnsep ) {
- LDAPDN *dn;
+ /*
+ * the RDN is over, phew
+ */
+ *n = p;
+ if ( !( flags & LDAP_DN_SKIP ) ) {
+ newRDN = (LDAPRDN *)LDAP_MALLOC( sizeof(LDAPRDN)
+ + sizeof(LDAPAVA *) * (navas+1) );
+ if ( newRDN == NULL ) {
+ rc = LDAP_NO_MEMORY;
+ goto parsing_error;
+ } else {
+ int i;
- if ( LDAP_DN_DCE( flags ) ) {
- /* add in reversed order */
- dn = ldapava_insert_into_dn( newDN,
- newRDN );
- } else {
- dn = ldapava_append_to_dn( newDN,
- newRDN );
- }
+ newRDN[0] = (LDAPAVA**)(newRDN+1);
- if ( dn == NULL ) {
- rc = LDAP_NO_MEMORY;
- goto parsing_error;
- }
- newDN = dn;
-
- if ( p[ 0 ] == '\0' ) {
-
- /*
- * the DN is over, phew
- */
- rc = LDAP_SUCCESS;
- goto return_result;
- }
+ for (i=0; i<navas; i++)
+ newRDN[0][i] = tmpRDN[i];
+ newRDN[0][i] = NULL;
+ }
- /* expect AVA for a new RDN */
- newRDN = NULL;
+ }
+ rc = LDAP_SUCCESS;
+ goto return_result;
}
/* they should have been used in an AVA */
- attrType = NULL;
- attrValue = NULL;
+ attrType.bv_val = NULL;
+ attrValue.bv_val = NULL;
p++;
state = B4AVA;
goto parsing_error;
}
}
+ *n = p;
parsing_error:;
/* They are set to NULL after they're used in an AVA */
- if ( attrType ) {
- LDAP_FREE( attrType );
- }
- if ( attrValue ) {
- ber_bvfree( attrValue );
+ if ( attrValue.bv_val ) {
+ free( attrValue.bv_val );
}
- if ( newRDN ) {
- ldapava_free_rdn( newRDN );
- }
-
- if ( newDN ) {
- ldapava_free_dn( newDN );
- newDN = NULL;
- }
+ for (navas-- ; navas>=0; navas-- )
+ ldap_avafree( tmpRDN[navas] );
return_result:;
- Debug( LDAP_DEBUG_TRACE, "<= ldap_str2dn(%s,%u)=%d\n", str, flags, rc );
- *dn = newDN;
+ Debug( LDAP_DEBUG_TRACE, "<= ldap_str2rdn(%*s)=%d\n",
+ p - str, str, rc );
+ if ( rdn ) {
+ *rdn = newRDN;
+ }
return( rc );
}
* '\' + HEXPAIR(p) -> unhex(p)
*/
static int
-str2strval( const char *str, struct berval **val, const char **next, unsigned flags, unsigned *retFlags )
+str2strval( const char *str, struct berval *val, const char **next, unsigned flags, unsigned *retFlags )
{
const char *p, *startPos, *endPos = NULL;
ber_len_t len, escapes, unescapes;
assert( val );
assert( next );
- *val = NULL;
*next = NULL;
for ( startPos = p = str, escapes = 0, unescapes = 0; p[ 0 ]; p++ ) {
if ( LDAP_DN_HEXPAIR( p ) ) {
char c;
-#ifdef PARSE_UTF8
- int cl;
-
- /*
- * here I guess I need to decode
- * the byte; let's also check
- * the resulting encoding is a legal
- * UTF-8 char
- */
-#endif /* PARSE_UTF8 */
hexstr2bin( p, &c );
-#ifdef PARSE_UTF8
- cl = ldap_utf8_charlen( &c );
-
- for ( escapes += 2; --cl; escapes += 2 ) {
- p += 2;
-
- /*
- * there must be another escaped
- * hexpair ...
- */
- if ( !LDAP_DN_ESCAPE( p[ 0 ] ) ) {
- return( 1 );
- }
- p++;
- if ( !LDAP_DN_HEXPAIR( p ) ) {
- return( 1 );
- }
-
- /*
- * that must be 10xxxxxx
- */
- hexstr2bin( p, &c );
- if ( ( c & 0xc0 ) != 0x80 ) {
- return( 1 );
- }
- }
-#else /* !PARSE_UTF8 */
escapes += 2;
-#endif /* !PARSE_UTF8 */
if ( !LDAP_DN_ASCII_PRINTABLE( c ) ) {
/*
* we assume the string is UTF-8
*/
- *retFlags = LDAP_AVA_PRINTABLE;
+ *retFlags = LDAP_AVA_NONPRINTABLE;
}
p++;
*/
unescapes++;
- } else if ( LDAP_DN_VALUE_END( p[ 0 ] ) ) {
+ } else if (!LDAP_DN_ASCII_PRINTABLE( p[ 0 ] ) ) {
+ *retFlags = LDAP_AVA_NONPRINTABLE;
+
+ } else if ( ( LDAP_DN_LDAP( flags ) && LDAP_DN_VALUE_END_V2( p[ 0 ] ) )
+ || ( LDAP_DN_LDAPV3( flags ) && LDAP_DN_VALUE_END( p[ 0 ] ) ) ) {
break;
} else if ( LDAP_DN_NEEDESCAPE( p[ 0 ] ) ) {
}
}
+ *next = p;
+ if ( flags & LDAP_DN_SKIP ) {
+ return( 0 );
+ }
+
/*
* FIXME: test memory?
*/
len = ( endPos ? endPos : p ) - startPos - escapes - unescapes;
- *val = LDAP_MALLOC( sizeof( struct berval ) );
- ( *val )->bv_len = len;
+ val->bv_len = len;
if ( escapes == 0 && unescapes == 0 ) {
- ( *val )->bv_val = LDAP_STRNDUP( startPos, len );
+ val->bv_val = LDAP_STRNDUP( startPos, len );
+
} else {
ber_len_t s, d;
- ( *val )->bv_val = LDAP_MALLOC( len + 1 );
+ val->bv_val = LDAP_MALLOC( len + 1 );
for ( s = 0, d = 0; d < len; ) {
if ( LDAP_DN_ESCAPE( startPos[ s ] ) ) {
s++;
if ( ( s == 0 && LDAP_DN_NEEDESCAPE_LEAD( startPos[ s ] ) )
|| ( s == len - 1 && LDAP_DN_NEEDESCAPE_TRAIL( startPos[ s ] ) )
|| LDAP_DN_NEEDESCAPE( startPos[ s ] ) ) {
- ( *val )->bv_val[ d++ ] =
+ val->bv_val[ d++ ] =
startPos[ s++ ];
+
} else if ( LDAP_DN_HEXPAIR( &startPos[ s ] ) ) {
char c;
hexstr2bin( &startPos[ s ], &c );
- ( *val )->bv_val[ d++ ] = c;
+ val->bv_val[ d++ ] = c;
s += 2;
+
} else {
/*
* we allow escaping of chars
* that do not need to
*/
- ( *val )->bv_val[ d++ ] =
+ val->bv_val[ d++ ] =
startPos[ s++ ];
}
} else {
- ( *val )->bv_val[ d++ ] = startPos[ s++ ];
+ val->bv_val[ d++ ] = startPos[ s++ ];
}
}
- ( *val )->bv_val[ d ] = '\0';
- assert( strlen( ( *val )->bv_val ) == len );
+ val->bv_val[ d ] = '\0';
+ assert( strlen( val->bv_val ) == len );
}
-
- *next = p;
-
return( 0 );
}
static int
-DCE2strval( const char *str, struct berval **val, const char **next, unsigned flags )
+DCE2strval( const char *str, struct berval *val, const char **next, unsigned flags )
{
const char *p, *startPos, *endPos = NULL;
ber_len_t len, escapes;
assert( val );
assert( next );
- *val = NULL;
*next = NULL;
for ( startPos = p = str, escapes = 0; p[ 0 ]; p++ ) {
p++;
if ( LDAP_DN_NEEDESCAPE_DCE( p[ 0 ] ) ) {
escapes++;
+
} else {
return( 1 );
}
+
} else if ( LDAP_DN_VALUE_END_DCE( p[ 0 ] ) ) {
break;
}
}
}
-
+ *next = p;
+ if ( flags & LDAP_DN_SKIP ) {
+ return( 0 );
+ }
+
len = ( endPos ? endPos : p ) - startPos - escapes;
- *val = LDAP_MALLOC( sizeof( struct berval ) );
- ( *val )->bv_len = len;
+ val->bv_len = len;
if ( escapes == 0 ){
- ( *val )->bv_val = LDAP_STRNDUP( startPos, len );
+ val->bv_val = LDAP_STRNDUP( startPos, len );
+
} else {
ber_len_t s, d;
- ( *val )->bv_val = LDAP_MALLOC( len + 1 );
+ val->bv_val = LDAP_MALLOC( len + 1 );
for ( s = 0, d = 0; d < len; ) {
/*
* This point is reached only if escapes
s++;
}
- ( *val )->bv_val[ d++ ] = startPos[ s++ ];
+ val->bv_val[ d++ ] = startPos[ s++ ];
}
- ( *val )->bv_val[ d ] = '\0';
- assert( strlen( ( *val )->bv_val ) == len );
+ val->bv_val[ d ] = '\0';
+ assert( strlen( val->bv_val ) == len );
}
- *next = p;
-
return( 0 );
}
static int
-IA52strval( const char *str, struct berval **val, const char **next, unsigned flags )
+IA52strval( const char *str, struct berval *val, const char **next, unsigned flags )
{
const char *p, *startPos, *endPos = NULL;
ber_len_t len, escapes;
assert( val );
assert( next );
- *val = NULL;
*next = NULL;
/*
/* no op */
}
- *val = LDAP_MALLOC( sizeof( struct berval ) );
+ *next = p;
+ if ( flags & LDAP_DN_SKIP ) {
+ return( 0 );
+ }
+
len = ( endPos ? endPos : p ) - startPos - escapes;
- ( *val )->bv_len = len;
+ val->bv_len = len;
if ( escapes == 0 ) {
- ( *val )->bv_val = LDAP_STRNDUP( startPos, len );
+ val->bv_val = LDAP_STRNDUP( startPos, len );
+
} else {
ber_len_t s, d;
- ( *val )->bv_val = LDAP_MALLOC( len + 1 );
+ val->bv_val = LDAP_MALLOC( len + 1 );
for ( s = 0, d = 0; d < len; ) {
if ( LDAP_DN_ESCAPE( startPos[ s ] ) ) {
s++;
}
- ( *val )->bv_val[ d++ ] = startPos[ s++ ];
+ val->bv_val[ d++ ] = startPos[ s++ ];
}
- ( *val )->bv_val[ d ] = '\0';
- assert( strlen( ( *val )->bv_val ) == len );
+ val->bv_val[ d ] = '\0';
+ assert( strlen( val->bv_val ) == len );
}
- *next = p;
return( 0 );
}
static int
-quotedIA52strval( const char *str, struct berval **val, const char **next, unsigned flags )
+quotedIA52strval( const char *str, struct berval *val, const char **next, unsigned flags )
{
const char *p, *startPos, *endPos = NULL;
ber_len_t len;
assert( val );
assert( next );
- *val = NULL;
*next = NULL;
/* initial quote already eaten */
/* no op */
}
+ *next = p;
+ if ( flags & LDAP_DN_SKIP ) {
+ return( 0 );
+ }
+
len = endPos - startPos - escapes;
assert( len >= 0 );
- *val = LDAP_MALLOC( sizeof( struct berval ) );
- ( *val )->bv_len = len;
+ val->bv_len = len;
if ( escapes == 0 ) {
- ( *val )->bv_val = LDAP_STRNDUP( startPos, len );
+ val->bv_val = LDAP_STRNDUP( startPos, len );
+
} else {
ber_len_t s, d;
- ( *val )->bv_val = LDAP_MALLOC( len + 1 );
- ( *val )->bv_len = len;
+ val->bv_val = LDAP_MALLOC( len + 1 );
+ val->bv_len = len;
for ( s = d = 0; d < len; ) {
if ( LDAP_DN_ESCAPE( str[ s ] ) ) {
s++;
}
- ( *val )->bv_val[ d++ ] = str[ s++ ];
+ val->bv_val[ d++ ] = str[ s++ ];
}
- ( *val )->bv_val[ d ] = '\0';
- assert( strlen( ( *val )->bv_val ) == len );
+ val->bv_val[ d ] = '\0';
+ assert( strlen( val->bv_val ) == len );
}
- *next = p;
-
return( 0 );
}
if ( LDAP_DN_ASCII_DIGIT( c1 ) ) {
*c = c1 - '0';
- } else {
- c1 = tolower( c1 );
- if ( LDAP_DN_ASCII_LCASE_HEXALPHA( c1 ) ) {
+ } else {
+ if ( LDAP_DN_ASCII_UCASE_HEXALPHA( c1 ) ) {
+ *c = c1 - 'A' + 10;
+ } else {
+ assert( LDAP_DN_ASCII_LCASE_HEXALPHA( c1 ) );
*c = c1 - 'a' + 10;
}
}
if ( LDAP_DN_ASCII_DIGIT( c2 ) ) {
*c += c2 - '0';
+
} else {
- c2 = tolower( c2 );
-
- if ( LDAP_DN_ASCII_LCASE_HEXALPHA( c2 ) ) {
+ if ( LDAP_DN_ASCII_UCASE_HEXALPHA( c2 ) ) {
+ *c += c2 - 'A' + 10;
+ } else {
+ assert( LDAP_DN_ASCII_LCASE_HEXALPHA( c2 ) );
*c += c2 - 'a' + 10;
}
}
}
static int
-hexstr2binval( const char *str, struct berval **val, const char **next, unsigned flags )
+hexstr2binval( const char *str, struct berval *val, const char **next, unsigned flags )
{
const char *p, *startPos, *endPos = NULL;
ber_len_t len;
assert( val );
assert( next );
- *val = NULL;
*next = NULL;
for ( startPos = p = str; p[ 0 ]; p += 2 ) {
switch ( LDAP_DN_FORMAT( flags ) ) {
case LDAP_DN_FORMAT_LDAPV3:
- case LDAP_DN_FORMAT_LDAPV2:
if ( LDAP_DN_VALUE_END( p[ 0 ] ) ) {
goto end_of_value;
}
break;
+ case LDAP_DN_FORMAT_LDAP:
+ case LDAP_DN_FORMAT_LDAPV2:
+ if ( LDAP_DN_VALUE_END_V2( p[ 0 ] ) ) {
+ goto end_of_value;
+ }
+ break;
+
case LDAP_DN_FORMAT_DCE:
if ( LDAP_DN_VALUE_END_DCE( p[ 0 ] ) ) {
goto end_of_value;
for ( ; p[ 0 ]; p++ ) {
switch ( LDAP_DN_FORMAT( flags ) ) {
case LDAP_DN_FORMAT_LDAPV3:
- case LDAP_DN_FORMAT_LDAPV2:
if ( LDAP_DN_VALUE_END( p[ 0 ] ) ) {
goto end_of_value;
}
break;
+ case LDAP_DN_FORMAT_LDAP:
+ case LDAP_DN_FORMAT_LDAPV2:
+ if ( LDAP_DN_VALUE_END_V2( p[ 0 ] ) ) {
+ goto end_of_value;
+ }
+ break;
+
case LDAP_DN_FORMAT_DCE:
if ( LDAP_DN_VALUE_END_DCE( p[ 0 ] ) ) {
goto end_of_value;
end_of_value:;
+ *next = p;
+ if ( flags & LDAP_DN_SKIP ) {
+ return( 0 );
+ }
+
len = ( ( endPos ? endPos : p ) - startPos ) / 2;
/* must be even! */
- assert( 2 * len == ( endPos ? endPos : p ) - startPos );
-
- *val = LDAP_MALLOC( sizeof( struct berval ) );
- if ( *val == NULL ) {
- return( LDAP_NO_MEMORY );
- }
+ assert( 2 * len == (ber_len_t) (( endPos ? endPos : p ) - startPos ));
- ( *val )->bv_len = len;
- ( *val )->bv_val = LDAP_MALLOC( len + 1 );
- if ( ( *val )->bv_val == NULL ) {
- LDAP_FREE( *val );
+ val->bv_len = len;
+ val->bv_val = LDAP_MALLOC( len + 1 );
+ if ( val->bv_val == NULL ) {
return( LDAP_NO_MEMORY );
}
hexstr2bin( &startPos[ s ], &c );
- ( *val )->bv_val[ d ] = c;
+ val->bv_val[ d ] = c;
}
- ( *val )->bv_val[ d ] = '\0';
- *next = p;
+ val->bv_val[ d ] = '\0';
return( 0 );
}
static int
byte2hexpair( const char *val, char *pair )
{
- static const char hexdig[] = "0123456789abcdef";
+ static const char hexdig[] = "0123456789ABCDEF";
assert( val );
assert( pair );
* Length of the string representation, accounting for escaped hex
* of UTF-8 chars
*/
-static ber_len_t
-strval2strlen( struct berval *val, unsigned flags )
+static int
+strval2strlen( struct berval *val, unsigned flags, ber_len_t *len )
{
ber_len_t l, cl = 1;
char *p;
+ int escaped_byte_len = LDAP_DN_IS_PRETTY( flags ) ? 1 : 3;
+#ifdef PRETTY_ESCAPE
+ int escaped_ascii_len = LDAP_DN_IS_PRETTY( flags ) ? 2 : 3;
+#endif /* PRETTY_ESCAPE */
assert( val );
+ assert( len );
+ *len = 0;
if ( val->bv_len == 0 ) {
return( 0 );
}
for ( l = 0, p = val->bv_val; p[ 0 ]; p += cl ) {
-#ifdef PARSE_UTF8
- cl = ldap_utf8_charlen( p );
- if ( cl > 1 ) {
- /* need to escape it */
- l += 3 * cl;
-#else /* !PARSE_UTF8 */
- if ( ( p[ 0 ] & 0x80 ) != 0x00 ) {
- /* need to escape it */
- l += 3;
-#endif /* !PARSE_UTF8 */
- } else if ( ( p == val->bv_val && LDAP_DN_NEEDESCAPE_LEAD( p[ 0 ] ) )
- || ( !p[ 1 ] && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) )
- || LDAP_DN_NEEDESCAPE( p[ 0 ] ) ) {
- l += 2;
- } else {
- l++;
- }
+ cl = LDAP_UTF8_CHARLEN( p );
+ if ( cl == 0 ) {
+ /* illegal utf-8 char! */
+ return( -1 );
+
+ } else if ( cl > 1 ) {
+ ber_len_t cnt;
+
+ for ( cnt = 1; cnt < cl; cnt++ ) {
+ if ( ( p[ cnt ] & 0x80 ) == 0x00 ) {
+ return( -1 );
+ }
+ }
+ l += escaped_byte_len * cl;
+
+ } else if ( LDAP_DN_NEEDESCAPE( p[ 0 ] )
+ || ( p == val->bv_val && LDAP_DN_NEEDESCAPE_LEAD( p[ 0 ] ) )
+ || ( !p[ 1 ] && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) ) ) {
+#ifdef PRETTY_ESCAPE
+ if ( LDAP_DN_WILLESCAPE_HEX( flags, p[ 0 ] ) ) {
+
+ /*
+ * there might be some chars we want
+ * to escape in form of a couple
+ * of hexdigits for optimization purposes
+ */
+ l += 3;
+
+ } else {
+ l += escaped_ascii_len;
+ }
+#else /* ! PRETTY_ESCAPE */
+ l += 3;
+#endif /* ! PRETTY_ESCAPE */
+
+ } else {
+ l++;
+ }
}
- return( l );
+ *len = l;
+
+ return( 0 );
}
/*
* of the value
*/
for ( s = 0, d = 0, end = val->bv_len - 1; s < val->bv_len; ) {
-#ifdef PARSE_UTF8
- ber_len_t cl = ldap_utf8_charlen( &val->bv_val[ s ] );
+ ber_len_t cl = LDAP_UTF8_CHARLEN( &val->bv_val[ s ] );
- if ( cl > 1 ) {
+ /*
+ * there might be some chars we want to escape in form
+ * of a couple of hexdigits for optimization purposes
+ */
+ if ( ( cl > 1 && !LDAP_DN_IS_PRETTY( flags ) )
+#ifdef PRETTY_ESCAPE
+ || LDAP_DN_WILLESCAPE_HEX( flags, val->bv_val[ s ] )
+#else /* ! PRETTY_ESCAPE */
+ || LDAP_DN_NEEDESCAPE( val->bv_val[ s ] )
+ || ( d == 0 && LDAP_DN_NEEDESCAPE_LEAD( val->bv_val[ s ] ) )
+ || ( s == end && LDAP_DN_NEEDESCAPE_TRAIL( val->bv_val[ s ] ) )
+
+#endif /* ! PRETTY_ESCAPE */
+ ) {
for ( ; cl--; ) {
-#else /* !PARSE_UTF8 */
- if ( ( val->bv_val[ s ] & 0x80 ) != 0x00 ) {
-#endif /* !PARSE_UTF8 */
str[ d++ ] = '\\';
byte2hexpair( &val->bv_val[ s ], &str[ d ] );
s++;
d += 2;
-#ifdef PARSE_UTF8
}
-#endif /* !PARSE_UTF8 */
+
+ } else if ( cl > 1 ) {
+ for ( ; cl--; ) {
+ str[ d++ ] = val->bv_val[ s++ ];
+ }
+
} else {
- if ( ( d == 0 && LDAP_DN_NEEDESCAPE_LEAD( val->bv_val[ s ] ) )
- || ( s == end && LDAP_DN_NEEDESCAPE_TRAIL( val->bv_val[ s ] ) )
- || LDAP_DN_NEEDESCAPE( val->bv_val[ s ] ) ) {
+#ifdef PRETTY_ESCAPE
+ if ( LDAP_DN_NEEDESCAPE( val->bv_val[ s ] )
+ || ( d == 0 && LDAP_DN_NEEDESCAPE_LEAD( val->bv_val[ s ] ) )
+ || ( s == end && LDAP_DN_NEEDESCAPE_TRAIL( val->bv_val[ s ] ) ) ) {
str[ d++ ] = '\\';
+ if ( !LDAP_DN_IS_PRETTY( flags ) ) {
+ byte2hexpair( &val->bv_val[ s ], &str[ d ] );
+ s++;
+ d += 2;
+ continue;
+ }
}
+#endif /* PRETTY_ESCAPE */
str[ d++ ] = val->bv_val[ s++ ];
}
}
/*
* Length of the IA5 string representation (no UTF-8 allowed)
*/
-static ber_len_t
-strval2IA5strlen( struct berval *val, unsigned flags )
+static int
+strval2IA5strlen( struct berval *val, unsigned flags, ber_len_t *len )
{
ber_len_t l;
char *p;
assert( val );
+ assert( len );
+ *len = 0;
if ( val->bv_len == 0 ) {
return( 0 );
}
- if ( flags & LDAP_AVA_PRINTABLE ) {
+ if ( flags & LDAP_AVA_NONPRINTABLE ) {
/*
* Turn value into a binary encoded BER
*/
- return( 0 );
+ return( -1 );
} else {
for ( l = 0, p = val->bv_val; p[ 0 ]; p++ ) {
- if ( ( p == val->bv_val && LDAP_DN_NEEDESCAPE_LEAD( p[ 0 ] ) )
- || ( !p[ 1 ] && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) )
- || LDAP_DN_NEEDESCAPE( p[ 0 ] ) ) {
+ if ( LDAP_DN_NEEDESCAPE( p[ 0 ] )
+ || ( p == val->bv_val && LDAP_DN_NEEDESCAPE_LEAD( p[ 0 ] ) )
+ || ( !p[ 1 ] && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) ) ) {
l += 2;
+
} else {
l++;
}
}
}
- return( l );
+ *len = l;
+
+ return( 0 );
}
/*
return( 0 );
}
- if ( flags & LDAP_AVA_PRINTABLE ) {
+ if ( flags & LDAP_AVA_NONPRINTABLE ) {
/*
* Turn value into a binary encoded BER
*/
*/
for ( s = 0, d = 0, end = val->bv_len - 1; s < val->bv_len; ) {
- if ( ( s == 0 && LDAP_DN_NEEDESCAPE_LEAD( val->bv_val[ s ] ) )
- || ( s == end && LDAP_DN_NEEDESCAPE_TRAIL( val->bv_val[ s ] ) )
- || LDAP_DN_NEEDESCAPE( val->bv_val[ s ] ) ) {
+ if ( LDAP_DN_NEEDESCAPE( val->bv_val[ s ] )
+ || ( s == 0 && LDAP_DN_NEEDESCAPE_LEAD( val->bv_val[ s ] ) )
+ || ( s == end && LDAP_DN_NEEDESCAPE_TRAIL( val->bv_val[ s ] ) ) ) {
str[ d++ ] = '\\';
}
str[ d++ ] = val->bv_val[ s++ ];
* Length of the (supposedly) DCE string representation,
* accounting for escaped hex of UTF-8 chars
*/
-static ber_len_t
-strval2DCEstrlen( struct berval *val, unsigned flags )
+static int
+strval2DCEstrlen( struct berval *val, unsigned flags, ber_len_t *len )
{
ber_len_t l;
char *p;
assert( val );
+ assert( len );
+ *len = 0;
if ( val->bv_len == 0 ) {
return( 0 );
}
- if ( flags & LDAP_AVA_PRINTABLE ) {
+ if ( flags & LDAP_AVA_NONPRINTABLE ) {
/*
* FIXME: Turn the value into a binary encoded BER?
*/
- return( 0 );
+ return( -1 );
} else {
for ( l = 0, p = val->bv_val; p[ 0 ]; p++ ) {
if ( LDAP_DN_NEEDESCAPE_DCE( p[ 0 ] ) ) {
l += 2;
+
} else {
l++;
}
}
}
- return( l );
+ *len = l;
+
+ return( 0 );
}
/*
return( 0 );
}
- if ( flags & LDAP_AVA_PRINTABLE ) {
+ if ( flags & LDAP_AVA_NONPRINTABLE ) {
/*
* FIXME: Turn the value into a binary encoded BER?
*/
* Length of the (supposedly) AD canonical string representation,
* accounting for escaped hex of UTF-8 chars
*/
-static ber_len_t
-strval2ADstrlen( struct berval *val, unsigned flags )
+static int
+strval2ADstrlen( struct berval *val, unsigned flags, ber_len_t *len )
{
ber_len_t l;
char *p;
assert( val );
+ assert( len );
+ *len = 0;
if ( val->bv_len == 0 ) {
return( 0 );
}
- if ( flags & LDAP_AVA_PRINTABLE ) {
+ if ( flags & LDAP_AVA_NONPRINTABLE ) {
/*
* FIXME: Turn the value into a binary encoded BER?
*/
- return( 0 );
+ return( -1 );
} else {
for ( l = 0, p = val->bv_val; p[ 0 ]; p++ ) {
if ( LDAP_DN_NEEDESCAPE_AD( p[ 0 ] ) ) {
l += 2;
+
} else {
l++;
}
}
}
- return( l );
+ *len = l;
+
+ return( 0 );
}
/*
static int
strval2ADstr( struct berval *val, char *str, unsigned flags, ber_len_t *len )
{
- ber_len_t s, d, cl;
+ ber_len_t s, d;
assert( val );
assert( str );
return( 0 );
}
- if ( flags & LDAP_AVA_PRINTABLE ) {
+ if ( flags & LDAP_AVA_NONPRINTABLE ) {
/*
* FIXME: Turn the value into a binary encoded BER?
*/
/*
* If the DN is terminated by single-AVA RDNs with attribute type of "dc",
- * the forst part of the AD representation of the DN is written in DNS
+ * the first part of the AD representation of the DN is written in DNS
* form, i.e. dot separated domain name components (as suggested
* by Luke Howard, http://www.padl.com/~lukeh)
*/
static int
-dn2domain( LDAPDN *dn, char **str, int *iRDN )
+dn2domain( LDAPDN *dn, struct berval *bv, int pos, int *iRDN )
{
int i;
int domain = 0, first = 1;
ber_len_t l = 1; /* we move the null also */
+ char *str;
/* we are guaranteed there's enough memory in str */
/* sanity */
assert( dn );
- assert( str );
- assert( *str );
+ assert( bv );
assert( iRDN );
- assert( *iRDN > 0 );
+ assert( *iRDN >= 0 );
+
+ str = bv->bv_val + pos;
for ( i = *iRDN; i >= 0; i-- ) {
LDAPRDN *rdn;
LDAPAVA *ava;
- assert( dn[ i ][ 0 ] );
- rdn = dn[ i ][ 0 ];
+ assert( dn[ 0 ][ i ] );
+ rdn = dn[ 0 ][ i ];
assert( rdn[ 0 ][ 0 ] );
ava = rdn[ 0 ][ 0 ];
- /* FIXME: no composite rdn or non-"dc" types, right? */
- /* FIXME: we do not allow binary values in domain, right? */
- if ( rdn[ 1 ] || strcasecmp( ava->la_attr, LDAP_DC_ATTR )
- || ava->la_flags != LDAP_AVA_STRING ) {
+ if ( !LDAP_DN_IS_RDN_DC( rdn ) ) {
break;
}
if ( first ) {
first = 0;
- AC_MEMCPY( *str, ava->la_value->bv_val,
- ava->la_value->bv_len + 1);
- l += ava->la_value->bv_len;
+ AC_MEMCPY( str, ava->la_value.bv_val,
+ ava->la_value.bv_len + 1);
+ l += ava->la_value.bv_len;
+
} else {
- AC_MEMCPY( *str + ava->la_value->bv_len + 1, *str, l);
- AC_MEMCPY( *str, ava->la_value->bv_val,
- ava->la_value->bv_len );
- ( *str )[ ava->la_value->bv_len ] = '.';
- l += ava->la_value->bv_len + 1;
+ AC_MEMCPY( str + ava->la_value.bv_len + 1, bv->bv_val + pos, l);
+ AC_MEMCPY( str, ava->la_value.bv_val,
+ ava->la_value.bv_len );
+ str[ ava->la_value.bv_len ] = '.';
+ l += ava->la_value.bv_len + 1;
}
}
*iRDN = i;
+ bv->bv_len = pos + l - 1;
return( domain );
}
-static ber_len_t
-rdn2strlen( LDAPRDN *rdn )
+static int
+rdn2strlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len,
+ int ( *s2l )( struct berval *v, unsigned f, ber_len_t *l ) )
{
int iAVA;
- ber_len_t len = 0;
+ ber_len_t l = 0;
+
+ *len = 0;
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
/* len(type) + '=' + '+' | ',' */
- len += strlen( ava->la_attr ) + 2;
+ l += ava->la_attr.bv_len + 2;
if ( ava->la_flags & LDAP_AVA_BINARY ) {
/* octothorpe + twice the length */
- len += 1 + 2 * ava->la_value->bv_len;
+ l += 1 + 2 * ava->la_value.bv_len;
+
} else {
- len += strval2strlen( ava->la_value, ava->la_flags );
+ ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
+
+ if ( ( *s2l )( &ava->la_value, f, &vl ) ) {
+ return( -1 );
+ }
+ l += vl;
}
}
- return( len );
+ *len = l;
+
+ return( 0 );
}
static int
-rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len )
+rdn2str( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len,
+ int ( *s2s ) ( struct berval *v, char * s, unsigned f, ber_len_t *l ) )
{
int iAVA;
ber_len_t l = 0;
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
- ber_len_t al = strlen( ava->la_attr );
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
- AC_MEMCPY( &str[ l ], ava->la_attr, al );
- l += al;
+ AC_MEMCPY( &str[ l ], ava->la_attr.bv_val,
+ ava->la_attr.bv_len );
+ l += ava->la_attr.bv_len;
str[ l++ ] = '=';
if ( ava->la_flags & LDAP_AVA_BINARY ) {
str[ l++ ] = '#';
- binval2hexstr( ava->la_value, &str[ l ] );
- l += 2 * ava->la_value->bv_len;
+ if ( binval2hexstr( &ava->la_value, &str[ l ] ) ) {
+ return( -1 );
+ }
+ l += 2 * ava->la_value.bv_len;
+
} else {
ber_len_t vl;
- strval2str( ava->la_value, &str[ l ],
- ava->la_flags, &vl );
+ unsigned f = flags | ava->la_flags;
+
+ if ( ( *s2s )( &ava->la_value, &str[ l ], f, &vl ) ) {
+ return( -1 );
+ }
l += vl;
}
- str[ l++ ] = ( rdn[ iAVA + 1 ] ? '+' : ',' );
+ str[ l++ ] = ( rdn[ 0 ][ iAVA + 1 ] ? '+' : ',' );
}
*len = l;
return( 0 );
}
-static ber_len_t
-rdn2UFNstrlen( LDAPRDN *rdn )
+static int
+rdn2DCEstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len )
{
int iAVA;
- ber_len_t len = 0;
+ ber_len_t l = 0;
+
+ *len = 0;
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
+
+ /* len(type) + '=' + ',' | '/' */
+ l += ava->la_attr.bv_len + 2;
+
+ switch ( ava->la_flags ) {
+ case LDAP_AVA_BINARY:
+ /* octothorpe + twice the length */
+ l += 1 + 2 * ava->la_value.bv_len;
+ break;
+
+ case LDAP_AVA_STRING: {
+ ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
+
+ if ( strval2DCEstrlen( &ava->la_value, f, &vl ) ) {
+ return( -1 );
+ }
+ l += vl;
+ break;
+ }
+
+ default:
+ return( -1 );
+ }
+ }
+
+ *len = l;
+
+ return( 0 );
+}
+
+static int
+rdn2DCEstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first )
+{
+ int iAVA;
+ ber_len_t l = 0;
+
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
+
+ if ( first ) {
+ first = 0;
+ } else {
+ str[ l++ ] = ( iAVA ? ',' : '/' );
+ }
+
+ AC_MEMCPY( &str[ l ], ava->la_attr.bv_val,
+ ava->la_attr.bv_len );
+ l += ava->la_attr.bv_len;
+
+ str[ l++ ] = '=';
+
+ switch ( ava->la_flags ) {
+ case LDAP_AVA_BINARY:
+ str[ l++ ] = '#';
+ if ( binval2hexstr( &ava->la_value, &str[ l ] ) ) {
+ return( -1 );
+ }
+ l += 2 * ava->la_value.bv_len;
+ break;
+
+ case LDAP_AVA_STRING: {
+ ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
+
+ if ( strval2DCEstr( &ava->la_value, &str[ l ], f, &vl ) ) {
+ return( -1 );
+ }
+ l += vl;
+ break;
+ }
+
+ default:
+ return( -1 );
+ }
+ }
+
+ *len = l;
+
+ return( 0 );
+}
+
+static int
+rdn2UFNstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len )
+{
+ int iAVA;
+ ber_len_t l = 0;
+
+ assert( rdn );
+ assert( len );
+
+ *len = 0;
+
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
/* ' + ' | ', ' */
- len += ( rdn[ iAVA + 1 ] ? 3 : 2 );
+ l += ( rdn[ 0 ][ iAVA + 1 ] ? 3 : 2 );
/* FIXME: are binary values allowed in UFN? */
if ( ava->la_flags & LDAP_AVA_BINARY ) {
/* octothorpe + twice the value */
- len += 1 + 2 * ava->la_value->bv_len;
+ l += 1 + 2 * ava->la_value.bv_len;
+
} else {
- len += strval2strlen( ava->la_value, ava->la_flags );
+ ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
+
+ if ( strval2strlen( &ava->la_value, f, &vl ) ) {
+ return( -1 );
+ }
+ l += vl;
}
}
- return( len );
+ *len = l;
+
+ return( 0 );
}
static int
-rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len )
+rdn2UFNstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len )
{
int iAVA;
ber_len_t l = 0;
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
if ( ava->la_flags & LDAP_AVA_BINARY ) {
str[ l++ ] = '#';
- binval2hexstr( ava->la_value, &str[ l ] );
- l += 2 * ava->la_value->bv_len;
+ if ( binval2hexstr( &ava->la_value, &str[ l ] ) ) {
+ return( -1 );
+ }
+ l += 2 * ava->la_value.bv_len;
+
} else {
ber_len_t vl;
- strval2str( ava->la_value, &str[ l ],
- ava->la_flags, &vl );
+ unsigned f = flags | ava->la_flags;
+
+ if ( strval2str( &ava->la_value, &str[ l ], f, &vl ) ) {
+ return( -1 );
+ }
l += vl;
}
- if ( rdn[ iAVA + 1 ]) {
+ if ( rdn[ 0 ][ iAVA + 1 ]) {
AC_MEMCPY( &str[ l ], " + ", 3 );
l += 3;
+
} else {
AC_MEMCPY( &str[ l ], ", ", 2 );
l += 2;
return( 0 );
}
+static int
+rdn2ADstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len )
+{
+ int iAVA;
+ ber_len_t l = 0;
+
+ assert( rdn );
+ assert( len );
+
+ *len = 0;
+
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
+
+ /* ',' | '/' */
+ l++;
+
+ /* FIXME: are binary values allowed in UFN? */
+ switch ( ava->la_flags ) {
+ case LDAP_AVA_BINARY:
+ /* octothorpe + twice the value */
+ l += 1 + 2 * ava->la_value.bv_len;
+ break;
+
+ case LDAP_AVA_STRING: {
+ ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
+
+ if ( strval2ADstrlen( &ava->la_value, f, &vl ) ) {
+ return( -1 );
+ }
+ l += vl;
+ break;
+ }
+
+ default:
+ return( -1 );
+ }
+ }
+
+ *len = l;
+
+ return( 0 );
+}
+
+static int
+rdn2ADstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first )
+{
+ int iAVA;
+ ber_len_t l = 0;
+
+ for ( iAVA = 0; rdn[ 0 ][ iAVA ]; iAVA++ ) {
+ LDAPAVA *ava = rdn[ 0 ][ iAVA ];
+
+ if ( first ) {
+ first = 0;
+ } else {
+ str[ l++ ] = ( iAVA ? ',' : '/' );
+ }
+
+ switch ( ava->la_flags ) {
+ case LDAP_AVA_BINARY:
+ str[ l++ ] = '#';
+ if ( binval2hexstr( &ava->la_value, &str[ l ] ) ) {
+ return( -1 );
+ }
+ l += 2 * ava->la_value.bv_len;
+ break;
+
+ case LDAP_AVA_STRING: {
+ ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
+
+ if ( strval2ADstr( &ava->la_value, &str[ l ], f, &vl ) ) {
+ return( -1 );
+ }
+ l += vl;
+ break;
+ }
+
+ default:
+ return( -1 );
+ }
+ }
+
+ *len = l;
+
+ return( 0 );
+}
+
+/*
+ * ldap_rdn2str
+ *
+ * Returns in str a string representation of rdn based on flags.
+ * There is some duplication of code between this and ldap_dn2str;
+ * this is wanted to reduce the allocation of temporary buffers.
+ */
int
ldap_rdn2str( LDAPRDN *rdn, char **str, unsigned flags )
+{
+ struct berval bv;
+ int rc;
+
+ assert( str );
+
+ if((flags & LDAP_DN_FORMAT_MASK) == LDAP_DN_FORMAT_LBER) {
+ return LDAP_PARAM_ERROR;
+ }
+
+ rc = ldap_rdn2bv( rdn, &bv, flags );
+ *str = bv.bv_val;
+ return rc;
+}
+
+int
+ldap_rdn2bv( LDAPRDN *rdn, struct berval *bv, unsigned flags )
{
int rc, back;
ber_len_t l;
- assert( str );
+ assert( bv );
+
+ bv->bv_len = 0;
+ bv->bv_val = NULL;
if ( rdn == NULL ) {
- *str = LDAP_STRDUP( "" );
+ bv->bv_val = LDAP_STRDUP( "" );
return( LDAP_SUCCESS );
}
+ /*
+ * This routine wastes "back" bytes at the end of the string
+ */
+
switch ( LDAP_DN_FORMAT( flags ) ) {
case LDAP_DN_FORMAT_LDAPV3:
- l = rdn2strlen( rdn );
+ if ( rdn2strlen( rdn, flags, &l, strval2strlen ) ) {
+ return LDAP_DECODING_ERROR;
+ }
+ break;
+
+ case LDAP_DN_FORMAT_LDAPV2:
+ if ( rdn2strlen( rdn, flags, &l, strval2IA5strlen ) ) {
+ return LDAP_DECODING_ERROR;
+ }
break;
case LDAP_DN_FORMAT_UFN:
- l = rdn2UFNstrlen( rdn );
+ if ( rdn2UFNstrlen( rdn, flags, &l ) ) {
+ return LDAP_DECODING_ERROR;
+ }
+ break;
+
+ case LDAP_DN_FORMAT_DCE:
+ if ( rdn2DCEstrlen( rdn, flags, &l ) ) {
+ return LDAP_DECODING_ERROR;
+ }
+ break;
+
+ case LDAP_DN_FORMAT_AD_CANONICAL:
+ if ( rdn2ADstrlen( rdn, flags, &l ) ) {
+ return LDAP_DECODING_ERROR;
+ }
break;
default:
- return( LDAP_OTHER );
+ return( LDAP_PARAM_ERROR );
}
- *str = LDAP_MALLOC( l + 1 );
+ bv->bv_val = LDAP_MALLOC( l + 1 );
switch ( LDAP_DN_FORMAT( flags ) ) {
case LDAP_DN_FORMAT_LDAPV3:
- rc = rdn2str( rdn, *str, &l );
+ rc = rdn2str( rdn, bv->bv_val, flags, &l, strval2str );
+ back = 1;
+ break;
+
+ case LDAP_DN_FORMAT_LDAPV2:
+ rc = rdn2str( rdn, bv->bv_val, flags, &l, strval2IA5str );
back = 1;
break;
case LDAP_DN_FORMAT_UFN:
- rc = rdn2UFNstr( rdn, *str, &l );
+ rc = rdn2UFNstr( rdn, bv->bv_val, flags, &l );
back = 2;
break;
+
+ case LDAP_DN_FORMAT_DCE:
+ rc = rdn2DCEstr( rdn, bv->bv_val, flags, &l, 1 );
+ back = 0;
+ break;
+
+ case LDAP_DN_FORMAT_AD_CANONICAL:
+ rc = rdn2ADstr( rdn, bv->bv_val, flags, &l, 1 );
+ back = 0;
+ break;
+
+ default:
+ /* need at least one of the previous */
+ return LDAP_PARAM_ERROR;
}
if ( rc ) {
- ldap_memfree( *str );
- return( LDAP_OTHER );
+ ldap_memfree( bv->bv_val );
+ return rc;
}
- ( *str )[ l - back ] = '\0';
+ bv->bv_len = l - back;
+ bv->bv_val[ bv->bv_len ] = '\0';
- return( LDAP_SUCCESS );
+ return LDAP_SUCCESS;
}
/*
*/
int ldap_dn2str( LDAPDN *dn, char **str, unsigned flags )
{
- int iRDN, iAVA;
- int rc = LDAP_OTHER;
- ber_len_t len, l;
+ struct berval bv;
+ int rc;
- ber_len_t ( *s2l )( struct berval *, unsigned );
- int ( *s2s )( struct berval *, char *, unsigned, ber_len_t * );
-
assert( str );
- Debug( LDAP_DEBUG_TRACE, "=> ldap_dn2str(%u)\n%s%s", flags, "", "" );
+ if((flags & LDAP_DN_FORMAT_MASK) == LDAP_DN_FORMAT_LBER) {
+ return LDAP_PARAM_ERROR;
+ }
+
+ rc = ldap_dn2bv( dn, &bv, flags );
+ *str = bv.bv_val;
+ return rc;
+}
- *str = NULL;
+int ldap_dn2bv( LDAPDN *dn, struct berval *bv, unsigned flags )
+{
+ int iRDN;
+ int rc = LDAP_ENCODING_ERROR;
+ ber_len_t len, l;
+
+ /* stringifying helpers for LDAPv3/LDAPv2 */
+ int ( *sv2l ) ( struct berval *v, unsigned f, ber_len_t *l );
+ int ( *sv2s ) ( struct berval *v, char *s, unsigned f, ber_len_t *l );
+
+ assert( bv );
+ bv->bv_len = 0;
+ bv->bv_val = NULL;
+
+ Debug( LDAP_DEBUG_TRACE, "=> ldap_dn2bv(%u)\n%s%s", flags, "", "" );
+
+ /*
+ * a null dn means an empty dn string
+ * FIXME: better raise an error?
+ */
if ( dn == NULL ) {
- *str = LDAP_STRDUP( "" );
+ bv->bv_val = LDAP_STRDUP( "" );
return( LDAP_SUCCESS );
}
switch ( LDAP_DN_FORMAT( flags ) ) {
case LDAP_DN_FORMAT_LDAPV3:
- s2l = strval2strlen;
- s2s = strval2str;
-
- /*
- * LDAPv3 uses helpers
- */
- for ( iRDN = 0, len = 0; dn[ iRDN ]; iRDN++ ) {
- len += rdn2strlen( dn[ iRDN ][ 0 ] );
- }
-
- if ( ( *str = LDAP_MALLOC( len + 1 ) ) == NULL ) {
- rc = LDAP_NO_MEMORY;
- break;
- }
-
- for ( l = 0, iRDN = 0; dn[ iRDN ]; iRDN++ ) {
- ber_len_t vl;
- rdn2str( dn[ iRDN ][ 0 ], &( *str )[ l ], &vl );
- l += vl;
- }
-
- assert( l == len );
-
- /*
- * trim the last ',' (the allocated memory
- * is one byte longer than required)
- */
- ( *str )[ len - 1 ] = '\0';
-
- rc = LDAP_SUCCESS;
- break;
+ sv2l = strval2strlen;
+ sv2s = strval2str;
+ goto got_funcs;
case LDAP_DN_FORMAT_LDAPV2:
- s2l = strval2IA5strlen;
- s2s = strval2IA5str;
-
- /*
- * LDAPv2 follows the regular path
- */
- for ( iRDN = 0, len = 0; dn[ iRDN ]; iRDN++ ) {
- LDAPRDN *rdn = dn[ iRDN ][ 0 ];
-
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
-
- /* len(type) + '=' + '+' | ',' */
- len += strlen( ava->la_attr ) + 2;
-
- if ( ava->la_flags & LDAP_AVA_BINARY ) {
- /* octothorpe + twice the length */
- len += 1 + 2 * ava->la_value->bv_len;
- } else {
- len += ( *s2l )( ava->la_value,
- ava->la_flags );
- }
+ sv2l = strval2IA5strlen;
+ sv2s = strval2IA5str;
+got_funcs:
+
+ for ( iRDN = 0, len = 0; dn[ 0 ][ iRDN ]; iRDN++ ) {
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2strlen( rdn, flags, &rdnl, sv2l ) ) {
+ goto return_results;
}
+
+ len += rdnl;
}
- if ( ( *str = LDAP_MALLOC( len + 1 ) ) == NULL ) {
+ if ( ( bv->bv_val = LDAP_MALLOC( len + 1 ) ) == NULL ) {
rc = LDAP_NO_MEMORY;
break;
}
- for ( l = 0, iRDN = 0; dn[ iRDN ]; iRDN++ ) {
- LDAPRDN *rdn = dn[ iRDN ][ 0 ];
-
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
- ber_len_t al = strlen( ava->la_attr );
-
- AC_MEMCPY( &( *str )[ l ], ava->la_attr, al );
- l += al;
-
- ( *str )[ l++ ] = '=';
-
- if ( ava->la_flags & LDAP_AVA_BINARY ) {
- ( *str )[ l++ ] = '#';
- binval2hexstr( ava->la_value,
- &( *str )[ l ] );
- l += 2 * ava->la_value->bv_len;
- } else {
- ber_len_t vl;
- ( *s2s )( ava->la_value,
- &( *str )[ l ],
- ava->la_flags, &vl );
- l += vl;
- }
- ( *str )[ l++ ] =
- ( rdn[ iAVA + 1 ] ? '+' : ',' );
+ for ( l = 0, iRDN = 0; dn[ 0 ][ iRDN ]; iRDN++ ) {
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2str( rdn, &bv->bv_val[ l ], flags,
+ &rdnl, sv2s ) ) {
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ goto return_results;
}
+ l += rdnl;
}
+ assert( l == len );
+
/*
* trim the last ',' (the allocated memory
* is one byte longer than required)
*/
- ( *str )[ len - 1 ] = '\0';
+ bv->bv_len = len - 1;
+ bv->bv_val[ bv->bv_len ] = '\0';
rc = LDAP_SUCCESS;
break;
- case LDAP_DN_FORMAT_UFN:
+ case LDAP_DN_FORMAT_UFN: {
/*
* FIXME: quoting from RFC 1781:
omitted, unless they are after an Organisation attribute or
the first attribute is of type OrganisationalUnit.
- * this should be the pedantic implementation.
+ * this should be the pedantic implementation.
+ *
+ * Here the standard implementation reflects
+ * the one historically provided by OpenLDAP
+ * (and UMIch, I presume), with the variant
+ * of spaces and plusses (' + ') separating
+ * rdn components.
+ *
* A non-standard but nice implementation could
* be to turn the final "dc" attributes into a
* dot-separated domain.
+ *
* Other improvements could involve the use of
* friendly country names and so.
*/
+#ifdef DC_IN_UFN
+ int leftmost_dc = -1;
+ int last_iRDN = -1;
+#endif /* DC_IN_UFN */
+
+ for ( iRDN = 0, len = 0; dn[ 0 ][ iRDN ]; iRDN++ ) {
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2UFNstrlen( rdn, flags, &rdnl ) ) {
+ goto return_results;
+ }
+ len += rdnl;
- for ( iRDN = 0, len = 0; dn[ iRDN ]; iRDN++ ) {
- len += rdn2UFNstrlen( dn[ iRDN ][ 0 ] );
+#ifdef DC_IN_UFN
+ if ( LDAP_DN_IS_RDN_DC( rdn ) ) {
+ if ( leftmost_dc == -1 ) {
+ leftmost_dc = iRDN;
+ }
+ } else {
+ leftmost_dc = -1;
+ }
+#endif /* DC_IN_UFN */
}
- if ( ( *str = LDAP_MALLOC( len + 1 ) ) == NULL ) {
+ if ( ( bv->bv_val = LDAP_MALLOC( len + 1 ) ) == NULL ) {
rc = LDAP_NO_MEMORY;
break;
}
- for ( l = 0, iRDN = 0; dn[ iRDN ]; iRDN++ ) {
- ber_len_t vl;
- rdn2UFNstr( dn[ iRDN ][ 0 ], &( *str )[ l ], &vl );
- l += vl;
- }
+#ifdef DC_IN_UFN
+ if ( leftmost_dc == -1 ) {
+#endif /* DC_IN_UFN */
+ for ( l = 0, iRDN = 0; dn[ 0 ][ iRDN ]; iRDN++ ) {
+ ber_len_t vl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2UFNstr( rdn, &bv->bv_val[ l ],
+ flags, &vl ) ) {
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ goto return_results;
+ }
+ l += vl;
+ }
- /*
- * trim the last ', ' (the allocated memory
- * is two bytes longer than required)
- */
- ( *str )[ len - 2 ] = '\0';
+ /*
+ * trim the last ', ' (the allocated memory
+ * is two bytes longer than required)
+ */
+ bv->bv_len = len - 2;
+ bv->bv_val[ bv->bv_len ] = '\0';
+#ifdef DC_IN_UFN
+ } else {
+ last_iRDN = iRDN - 1;
+ for ( l = 0, iRDN = 0; iRDN < leftmost_dc; iRDN++ ) {
+ ber_len_t vl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2UFNstr( rdn, &bv->bv_val[ l ],
+ flags, &vl ) ) {
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ goto return_results;
+ }
+ l += vl;
+ }
+
+ if ( !dn2domain( dn, bv, l, &last_iRDN ) ) {
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ goto return_results;
+ }
+
+ /* the string is correctly terminated by dn2domain */
+ }
+#endif /* DC_IN_UFN */
+
rc = LDAP_SUCCESS;
break;
+ }
case LDAP_DN_FORMAT_DCE:
- for ( iRDN = 0, len = 0; dn[ iRDN ]; iRDN++ ) {
- LDAPRDN *rdn = dn[ iRDN ][ 0 ];
-
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
-
- /* len(type) + '=' + ( ',' || '/' ) */
- len += strlen( ava->la_attr ) + 2;
- /* FIXME: are binary values allowed in DCE? */
- if ( ava->la_flags & LDAP_AVA_BINARY ) {
- /* octothorpe + twice the value */
- len += 1 + 2 * ava->la_value->bv_len;
- } else {
- len += strval2DCEstrlen( ava->la_value,
- ava->la_flags );
- }
+ for ( iRDN = 0, len = 0; dn[ 0 ][ iRDN ]; iRDN++ ) {
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2DCEstrlen( rdn, flags, &rdnl ) ) {
+ goto return_results;
}
+
+ len += rdnl;
}
- if ( ( *str = LDAP_MALLOC( len + 1 ) ) == NULL ) {
+ if ( ( bv->bv_val = LDAP_MALLOC( len + 1 ) ) == NULL ) {
rc = LDAP_NO_MEMORY;
break;
}
for ( l = 0; iRDN--; ) {
- LDAPRDN *rdn = dn[ iRDN ][ 0 ];
-
- /*
- * DCE uses ',' for composite RDNs
- */
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
- ber_len_t al = strlen( ava->la_attr );
-
- ( *str )[ l++ ] = ( iAVA ? ',' : '/' );
- AC_MEMCPY( &( *str )[ l ], ava->la_attr, al );
- l += al;
- ( *str )[ l++ ] = '=';
- if ( ava->la_flags & LDAP_AVA_BINARY ) {
- ( *str )[ l++ ]= '#';
- binval2hexstr( ava->la_value,
- &( *str )[ l ] );
- l += 2 * ava->la_value->bv_len;
- } else {
- ber_len_t vl;
- strval2DCEstr( ava->la_value,
- &( *str )[ l ],
- ava->la_flags, &vl );
- l += vl;
- }
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2DCEstr( rdn, &bv->bv_val[ l ], flags,
+ &rdnl, 0 ) ) {
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ goto return_results;
}
+ l += rdnl;
}
- ( *str )[ len ] = '\0';
+ assert( l == len );
+
+ bv->bv_len = len;
+ bv->bv_val[ bv->bv_len ] = '\0';
rc = LDAP_SUCCESS;
break;
case LDAP_DN_FORMAT_AD_CANONICAL: {
- for ( iRDN = 0, len = -1; dn[ iRDN ]; iRDN++ ) {
- LDAPRDN *rdn = dn[ iRDN ][ 0 ];
-
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
-
- /* ',' || '/' || '.' */
- len += 1;
-
- /* FIXME: are binary values allowed in AD? */
- if ( ava->la_flags & LDAP_AVA_BINARY ) {
- /* octothorpe + twice the value */
- len += 1 + 2 * ava->la_value->bv_len;
- } else {
- len += strval2ADstrlen( ava->la_value,
- ava->la_flags );
- }
+
+ /*
+ * Sort of UFN for DCE DNs: a slash ('/') separated
+ * global->local DN with no types; strictly speaking,
+ * the naming context should be a domain, which is
+ * written in DNS-style, e.g. dot-deparated.
+ *
+ * Example:
+ *
+ * "givenName=Bill+sn=Gates,ou=People,dc=microsoft,dc=com"
+ *
+ * will read
+ *
+ * "microsoft.com/People/Bill,Gates"
+ */
+ for ( iRDN = 0, len = -1; dn[ 0 ][ iRDN ]; iRDN++ ) {
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2ADstrlen( rdn, flags, &rdnl ) ) {
+ goto return_results;
}
+
+ len += rdnl;
}
- if ( ( *str = LDAP_MALLOC( len + 1 ) ) == NULL ) {
+ if ( ( bv->bv_val = LDAP_MALLOC( len + 1 ) ) == NULL ) {
rc = LDAP_NO_MEMORY;
break;
}
iRDN--;
- if ( iRDN && dn2domain( dn, str, &iRDN ) ) {
- for ( l = strlen( *str ); iRDN >= 0 ; iRDN-- ) {
- LDAPRDN *rdn = dn[ iRDN ][ 0 ];
-
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
-
- ( *str)[ l++ ] = ( iAVA ? ',' : '/' );
- if ( ava->la_flags & LDAP_AVA_BINARY ) {
- ( *str )[ l++ ] = '#';
- binval2hexstr( ava->la_value,
- &( *str )[ l ] );
- l += 2 * ava->la_value->bv_len;
- } else {
- ber_len_t vl;
- strval2ADstr( ava->la_value,
- &( *str )[ l ],
- ava->la_flags,
- &vl );
- l += vl;
- }
+ if ( iRDN && dn2domain( dn, bv, 0, &iRDN ) ) {
+ for ( l = bv->bv_len; iRDN >= 0 ; iRDN-- ) {
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2ADstr( rdn, &bv->bv_val[ l ],
+ flags, &rdnl, 0 ) ) {
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ goto return_results;
}
+ l += rdnl;
}
+
} else {
int first = 1;
* i.e. terminated by a domain component
*/
if ( flags & LDAP_DN_PEDANTIC ) {
- LDAP_FREE( *str );
- *str = NULL;
- rc = LDAP_INVALID_DN_SYNTAX;
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ rc = LDAP_ENCODING_ERROR;
break;
}
for ( l = 0; iRDN >= 0 ; iRDN-- ) {
- LDAPRDN *rdn = dn[ iRDN ][ 0 ];
-
- for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
- LDAPAVA *ava = rdn[ iAVA ][ 0 ];
-
- if ( first ) {
- first = 0;
- } else {
- ( *str )[ l++ ] =
- ( iAVA ? ',' : '/' );
- }
- if ( ava->la_flags & LDAP_AVA_BINARY ) {
- ( *str )[ l++ ] = '#';
- binval2hexstr( ava->la_value,
- &( *str )[ l ] );
- l += 2 * ava->la_value->bv_len;
- } else {
- ber_len_t vl;
- strval2ADstr( ava->la_value,
- &( *str )[ l ],
- ava->la_flags,
- &vl );
- l += vl;
- }
+ ber_len_t rdnl;
+ LDAPRDN *rdn = dn[ 0 ][ iRDN ];
+
+ if ( rdn2ADstr( rdn, &bv->bv_val[ l ],
+ flags, &rdnl, first ) ) {
+ LDAP_FREE( bv->bv_val );
+ bv->bv_val = NULL;
+ goto return_results;
+ }
+ if ( first ) {
+ first = 0;
}
+ l += rdnl;
}
}
- ( *str )[ len ] = '\0';
+ bv->bv_len = len;
+ bv->bv_val[ bv->bv_len ] = '\0';
rc = LDAP_SUCCESS;
break;
}
default:
- assert( 0 );
-
+ return LDAP_PARAM_ERROR;
}
- Debug( LDAP_DEBUG_TRACE, "<= ldap_dn2str(%s,%u)=%d\n", *str, flags, rc );
-
+ Debug( LDAP_DEBUG_TRACE, "<= ldap_dn2bv(%s,%u)=%d\n",
+ bv->bv_val, flags, rc );
+return_results:;
return( rc );
}