#include "slap.h"
#include "back-ldap.h"
-/*
- * ldap_back_dn_massage
- *
- * Aliases the suffix; based on suffix_alias (servers/slapd/suffixalias.c).
- */
-char *
+#ifdef ENABLE_REWRITE
+int
ldap_back_dn_massage(
- struct ldapinfo *li,
- char *dn,
- int normalized
+ dncookie *dc,
+ struct berval *dn,
+ struct berval *res
)
{
- int i, dnLength;
-
- if ( dn == NULL ) {
- return NULL;
- }
- if ( li == NULL ) {
- return dn;
+ int rc = 0;
+
+ switch (rewrite_session( dc->rwmap->rwm_rw, dc->ctx, (dn->bv_len ? dn->bv_val : ""), dc->conn,
+ &res->bv_val )) {
+ case REWRITE_REGEXEC_OK:
+ if ( res->bv_val != NULL ) {
+ res->bv_len = strlen( res->bv_val );
+ } else {
+ *res = *dn;
+ }
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDAP, DETAIL1,
+ "[rw] %s: \"%s\" -> \"%s\"\n", dc->ctx, dn->bv_val, res->bv_val );
+#else /* !NEW_LOGGING */
+ Debug( LDAP_DEBUG_ARGS,
+ "[rw] %s: \"%s\" -> \"%s\"\n", dc->ctx, dn->bv_val, res->bv_val );
+#endif /* !NEW_LOGGING */
+ rc = LDAP_SUCCESS;
+ break;
+
+ case REWRITE_REGEXEC_UNWILLING:
+ if ( dc->rs ) {
+ dc->rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ dc->rs->sr_text = "Operation not allowed";
+ }
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ break;
+
+ case REWRITE_REGEXEC_ERR:
+ if ( dc->rs ) {
+ dc->rs->sr_err = LDAP_OTHER;
+ dc->rs->sr_text = "Rewrite error";
+ }
+ rc = LDAP_OTHER;
+ break;
}
-
- dnLength = strlen ( dn );
-
- for ( i = 0;
- li->suffix_massage != NULL && li->suffix_massage[i] != NULL;
- i += 4 ) {
- int aliasLength = strlen( li->suffix_massage[i+normalized] );
- int diff = dnLength - aliasLength;
-
- if ( diff < 0 ) {
- /* alias is longer than dn */
- continue;
- } else if ( diff > 0 ) {
- if ( normalized && ( ! DN_SEPARATOR(dn[diff-1]) ) ) {
- /* boundary is not at a DN separator */
- continue;
- }
- /* At a DN Separator */
- /* XXX or an escaped separator... oh well */
- }
-
- if ( !strcmp( li->suffix_massage[i+normalized], &dn[diff] ) ) {
- char *oldDN = dn;
- dn = ch_malloc( diff + strlen( li->suffix_massage[i+2+normalized] ) + 1 );
- strncpy( dn, oldDN, diff );
- strcpy( &dn[diff], li->suffix_massage[i+2+normalized] );
- Debug( LDAP_DEBUG_ARGS,
- "ldap_back_dn_massage:"
- " converted \"%s\" to \"%s\"\n",
- oldDN, dn, 0 );
- free( oldDN );
- break;
- }
- }
-
- return dn;
+ return rc;
}
+#else
/*
- * ldap_back_dn_restore
+ * ldap_back_dn_massage
*
- * Restores the original suffix;
- * based on suffix_alias (servers/slapd/suffixalias.c).
+ * Aliases the suffix; based on suffix_alias (servers/slapd/suffixalias.c).
*/
-char *
-ldap_back_dn_restore(
- struct ldapinfo *li,
- char *dn,
- int normalized
- )
+int
+ldap_back_dn_massage(
+ dncookie *dc,
+ struct berval *odn,
+ struct berval *res
+)
{
- int i, dnLength;
-
- if ( dn == NULL ) {
- return NULL;
- }
- if ( li == NULL ) {
- return dn;
- }
+ int i, src, dst;
+ struct berval pretty = {0,NULL}, *dn = odn;
- dnLength = strlen ( dn );
+ assert( res );
- for ( i = 0;
- li->suffix_massage != NULL && li->suffix_massage[i] != NULL;
- i += 4 ) {
- int aliasLength = strlen( li->suffix_massage[i+2+normalized] );
- int diff = dnLength - aliasLength;
-
- if ( diff < 0 ) {
- /* alias is longer than dn */
- continue;
+ if ( dn == NULL ) {
+ res->bv_val = NULL;
+ res->bv_len = 0;
+ return 0;
+ }
+ if ( dc->rwmap == NULL || dc->rwmap->rwm_suffix_massage == NULL ) {
+ *res = *dn;
+ return 0;
+ }
- } else if ( diff > 0 ) {
- if ( normalized && ( ! DN_SEPARATOR(dn[diff-1]) ) ) {
- /* boundary is not at a DN separator */
- continue;
- }
- /* At a DN Separator */
- /* XXX or an escaped separator... oh well */
- }
+ if ( dc->tofrom ) {
+ src = 0 + dc->normalized;
+ dst = 2 + dc->normalized;
+ } else {
+ src = 2 + dc->normalized;
+ dst = 0 + dc->normalized;
+ /* DN from remote server may be in arbitrary form.
+ * Pretty it so we can parse reliably.
+ */
+ dnPretty2( NULL, dn, &pretty, NULL );
+ if (pretty.bv_val) dn = &pretty;
+ }
- if ( !strcmp( li->suffix_massage[i+2+normalized], &dn[diff] ) ) {
- char *oldDN = dn;
- dn = ch_malloc( diff + strlen( li->suffix_massage[i+normalized] ) + 1 );
- strncpy( dn, oldDN, diff );
- strcpy( &dn[diff], li->suffix_massage[i+normalized] );
+ for ( i = 0;
+ dc->rwmap->rwm_suffix_massage[i].bv_val != NULL;
+ i += 4 ) {
+ int aliasLength = dc->rwmap->rwm_suffix_massage[i+src].bv_len;
+ int diff = dn->bv_len - aliasLength;
+
+ if ( diff < 0 ) {
+ /* alias is longer than dn */
+ continue;
+ } else if ( diff > 0 && ( !DN_SEPARATOR(dn->bv_val[diff-1]))) {
+ /* boundary is not at a DN separator */
+ continue;
+ /* At a DN Separator */
+ }
+
+ if ( !strcmp( dc->rwmap->rwm_suffix_massage[i+src].bv_val, &dn->bv_val[diff] ) ) {
+ res->bv_len = diff + dc->rwmap->rwm_suffix_massage[i+dst].bv_len;
+ res->bv_val = ch_malloc( res->bv_len + 1 );
+ strncpy( res->bv_val, dn->bv_val, diff );
+ strcpy( &res->bv_val[diff], dc->rwmap->rwm_suffix_massage[i+dst].bv_val );
+#ifdef NEW_LOGGING
+ LDAP_LOG ( BACK_LDAP, ARGS,
+ "ldap_back_dn_massage: converted \"%s\" to \"%s\"\n",
+ dn->bv_val, res->bv_val, 0 );
+#else
Debug( LDAP_DEBUG_ARGS,
- "ldap_back_dn_restore:"
- " converted \"%s\" to \"%s\"\n",
- oldDN, dn, 0 );
- free( oldDN );
- break;
- }
- }
+ "ldap_back_dn_massage:"
+ " converted \"%s\" to \"%s\"\n",
+ dn->bv_val, res->bv_val, 0 );
+#endif
+ break;
+ }
+ }
+ if (pretty.bv_val) {
+ ch_free(pretty.bv_val);
+ dn = odn;
+ }
+ /* Nothing matched, just return the original DN */
+ if (res->bv_val == NULL) {
+ *res = *dn;
+ }
- return dn;
+ return 0;
}
-
+#endif /* !ENABLE_REWRITE */