]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/dn.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Quick merge: everything from HEAD
[openldap] / servers / slapd / dn.c
diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c
index 5da22ac6a44a6f834e4c42eb5bbc03e8d93a3415..509adb76e3ac3272a8c6bfda8706b6bdcda4a01f 100644 (file)
--- a/servers/slapd/dn.c
+++ b/servers/slapd/dn.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2007 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -53,32 +53,46 @@
 
 #define        AVA_PRIVATE( ava ) ( ( AttributeDescription * )(ava)->la_private )
 
+int slap_DN_strict = SLAP_AD_NOINSERT;
+
 static int
 LDAPRDN_validate( LDAPRDN rdn )
 {
        int             iAVA;
        int             rc;
 
-       assert( rdn );
+       assert( rdn != NULL );
 
        for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
                LDAPAVA                 *ava = rdn[ iAVA ];
                AttributeDescription    *ad;
                slap_syntax_validate_func *validate = NULL;
 
-               assert( ava );
+               assert( ava != NULL );
                
                if ( ( ad = AVA_PRIVATE( ava ) ) == NULL ) {
                        const char      *text = NULL;
 
                        rc = slap_bv2ad( &ava->la_attr, &ad, &text );
                        if ( rc != LDAP_SUCCESS ) {
-                               return LDAP_INVALID_SYNTAX;
+                               rc = slap_bv2undef_ad( &ava->la_attr,
+                                       &ad, &text,
+                                       SLAP_AD_PROXIED|slap_DN_strict );
+                               if ( rc != LDAP_SUCCESS ) {
+                                       return LDAP_INVALID_SYNTAX;
+                               }
                        }
 
                        ava->la_private = ( void * )ad;
                }
 
+               /*
+                * Do not allow X-ORDERED 'VALUES' naming attributes
+                */
+               if ( ad->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
+                       return LDAP_INVALID_SYNTAX;
+               }
+
                /* 
                 * Replace attr oid/name with the canonical name
                 */
@@ -112,50 +126,12 @@ LDAPDN_validate( LDAPDN dn )
        int             iRDN;
        int             rc;
 
-       assert( dn );
+       assert( dn != NULL );
 
        for ( iRDN = 0; dn[ iRDN ]; iRDN++ ) {
-               LDAPRDN         rdn = dn[ iRDN ];
-               int             iAVA;
-
-               assert( rdn );
-
-               for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
-                       LDAPAVA                 *ava = rdn[ iAVA ];
-                       AttributeDescription    *ad;
-                       slap_syntax_validate_func *validate = NULL;
-
-                       assert( ava );
-                       
-                       if ( ( ad = AVA_PRIVATE( ava ) ) == NULL ) {
-                               const char      *text = NULL;
-
-                               rc = slap_bv2ad( &ava->la_attr, &ad, &text );
-                               if ( rc != LDAP_SUCCESS ) {
-                                       return LDAP_INVALID_SYNTAX;
-                               }
-
-                               ava->la_private = ( void * )ad;
-                       }
-
-                       /* 
-                        * Replace attr oid/name with the canonical name
-                        */
-                       ava->la_attr = ad->ad_cname;
-
-                       validate = ad->ad_type->sat_syntax->ssyn_validate;
-
-                       if ( validate ) {
-                               /*
-                                * validate value by validate function
-                                */
-                               rc = ( *validate )( ad->ad_type->sat_syntax,
-                                       &ava->la_value );
-                       
-                               if ( rc != LDAP_SUCCESS ) {
-                                       return LDAP_INVALID_SYNTAX;
-                               }
-                       }
+               rc = LDAPRDN_validate( dn[ iRDN ] );
+               if ( rc != LDAP_SUCCESS ) {
+                       return rc;
                }
        }
 
@@ -173,7 +149,7 @@ dnValidate(
        int             rc;
        LDAPDN          dn = NULL;
 
-       assert( in );
+       assert( in != NULL );
 
        if ( in->bv_len == 0 ) {
                return LDAP_SUCCESS;
@@ -211,7 +187,7 @@ rdnValidate(
        LDAPRDN         rdn;
        char*           p;
 
-       assert( in );
+       assert( in != NULL );
        if ( in->bv_len == 0 ) {
                return LDAP_SUCCESS;
 
@@ -261,14 +237,14 @@ AVA_Sort( LDAPRDN rdn, int iAVA )
        int             i;
        LDAPAVA         *ava_in = rdn[ iAVA ];
 
-       assert( rdn );
-       assert( ava_in );
+       assert( rdn != NULL );
+       assert( ava_in != NULL );
        
        for ( i = 0; i < iAVA; i++ ) {
                LDAPAVA         *ava = rdn[ i ];
                int             a, j;
 
-               assert( ava );
+               assert( ava != NULL );
 
                a = strcmp( ava_in->la_attr.bv_val, ava->la_attr.bv_val );
 
@@ -337,14 +313,19 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ctx )
                struct berval           bv = BER_BVNULL;
                int                     do_sort = 0;
 
-               assert( ava );
+               assert( ava != NULL );
 
                if ( ( ad = AVA_PRIVATE( ava ) ) == NULL ) {
                        const char      *text = NULL;
 
                        rc = slap_bv2ad( &ava->la_attr, &ad, &text );
                        if ( rc != LDAP_SUCCESS ) {
-                               return LDAP_INVALID_SYNTAX;
+                               rc = slap_bv2undef_ad( &ava->la_attr,
+                                       &ad, &text,
+                                       SLAP_AD_PROXIED|slap_DN_strict );
+                               if ( rc != LDAP_SUCCESS ) {
+                                       return LDAP_INVALID_SYNTAX;
+                               }
                        }
                        
                        ava->la_private = ( void * )ad;
@@ -362,6 +343,10 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ctx )
                                return LDAP_INVALID_SYNTAX;
                        }
 
+                       /* Do not allow X-ORDERED 'VALUES' naming attributes */
+               } else if( ad->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
+                       return LDAP_INVALID_SYNTAX;
+
                        /* AVA is binary encoded, don't muck with it */
                } else if( flags & SLAP_LDAPDN_PRETTY ) {
                        transf = ad->ad_type->sat_syntax->ssyn_pretty;
@@ -371,7 +356,9 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ctx )
                } else { /* normalization */
                        validf = ad->ad_type->sat_syntax->ssyn_validate;
                        mr = ad->ad_type->sat_equality;
-                       if( mr ) normf = mr->smr_normalize;
+                       if( mr && (!( mr->smr_usage & SLAP_MR_MUTATION_NORMALIZER ))) {
+                               normf = mr->smr_normalize;
+                       }
                }
 
                if ( validf ) {
@@ -444,117 +431,12 @@ LDAPDN_rewrite( LDAPDN dn, unsigned flags, void *ctx )
        int             iRDN;
        int             rc;
 
-       assert( dn );
+       assert( dn != NULL );
 
        for ( iRDN = 0; dn[ iRDN ]; iRDN++ ) {
-               LDAPRDN         rdn = dn[ iRDN ];
-               int             iAVA;
-
-               assert( rdn );
-
-               for ( iAVA = 0; rdn[ iAVA ]; iAVA++ ) {
-                       LDAPAVA                 *ava = rdn[ iAVA ];
-                       AttributeDescription    *ad;
-                       slap_syntax_validate_func *validf = NULL;
-                       slap_mr_normalize_func *normf = NULL;
-                       slap_syntax_transform_func *transf = NULL;
-                       MatchingRule *mr = NULL;
-                       struct berval           bv = BER_BVNULL;
-                       int                     do_sort = 0;
-
-                       assert( ava );
-
-                       if ( ( ad = AVA_PRIVATE( ava ) ) == NULL ) {
-                               const char      *text = NULL;
-
-                               rc = slap_bv2ad( &ava->la_attr, &ad, &text );
-                               if ( rc != LDAP_SUCCESS ) {
-                                       return LDAP_INVALID_SYNTAX;
-                               }
-                               
-                               ava->la_private = ( void * )ad;
-                               do_sort = 1;
-                       }
-
-                       /* 
-                        * Replace attr oid/name with the canonical name
-                        */
-                       ava->la_attr = ad->ad_cname;
-
-                       if( ava->la_flags & LDAP_AVA_BINARY ) {
-                               if( ava->la_value.bv_len == 0 ) {
-                                       /* BER encoding is empty */
-                                       return LDAP_INVALID_SYNTAX;
-                               }
-
-                               /* AVA is binary encoded, don't muck with it */
-                       } else if( flags & SLAP_LDAPDN_PRETTY ) {
-                               transf = ad->ad_type->sat_syntax->ssyn_pretty;
-                               if( !transf ) {
-                                       validf = ad->ad_type->sat_syntax->ssyn_validate;
-                               }
-                       } else { /* normalization */
-                               validf = ad->ad_type->sat_syntax->ssyn_validate;
-                               mr = ad->ad_type->sat_equality;
-                               if( mr ) normf = mr->smr_normalize;
-                       }
-
-                       if ( validf ) {
-                               /* validate value before normalization */
-                               rc = ( *validf )( ad->ad_type->sat_syntax,
-                                       ava->la_value.bv_len
-                                               ? &ava->la_value
-                                               : (struct berval *) &slap_empty_bv );
-
-                               if ( rc != LDAP_SUCCESS ) {
-                                       return LDAP_INVALID_SYNTAX;
-                               }
-                       }
-
-                       if ( transf ) {
-                               /*
-                                * transform value by pretty function
-                                *      if value is empty, use empty_bv
-                                */
-                               rc = ( *transf )( ad->ad_type->sat_syntax,
-                                       ava->la_value.bv_len
-                                               ? &ava->la_value
-                                               : (struct berval *) &slap_empty_bv,
-                                       &bv, ctx );
-                       
-                               if ( rc != LDAP_SUCCESS ) {
-                                       return LDAP_INVALID_SYNTAX;
-                               }
-                       }
-
-                       if ( normf ) {
-                               /*
-                                * normalize value
-                                *      if value is empty, use empty_bv
-                                */
-                               rc = ( *normf )(
-                                       SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
-                                       ad->ad_type->sat_syntax,
-                                       mr,
-                                       ava->la_value.bv_len
-                                               ? &ava->la_value
-                                               : (struct berval *) &slap_empty_bv,
-                                       &bv, ctx );
-                       
-                               if ( rc != LDAP_SUCCESS ) {
-                                       return LDAP_INVALID_SYNTAX;
-                               }
-                       }
-
-
-                       if( bv.bv_val ) {
-                               if ( ava->la_flags & LDAP_AVA_FREE_VALUE )
-                                       ber_memfree_x( ava->la_value.bv_val, ctx );
-                               ava->la_value = bv;
-                               ava->la_flags |= LDAP_AVA_FREE_VALUE;
-                       }
-
-                       if( do_sort ) AVA_Sort( rdn, iAVA );
+               rc = LDAPRDN_rewrite( dn[ iRDN ], flags, ctx );
+               if ( rc != LDAP_SUCCESS ) {
+                       return rc;
                }
        }
 
@@ -570,8 +452,8 @@ dnNormalize(
     struct berval *out,
     void *ctx)
 {
-       assert( val );
-       assert( out );
+       assert( val != NULL );
+       assert( out != NULL );
 
        Debug( LDAP_DEBUG_TRACE, ">>> dnNormalize: <%s>\n", val->bv_val, 0, 0 );
 
@@ -626,8 +508,8 @@ rdnNormalize(
     struct berval *out,
     void *ctx)
 {
-       assert( val );
-       assert( out );
+       assert( val != NULL );
+       assert( out != NULL );
 
        Debug( LDAP_DEBUG_TRACE, ">>> dnNormalize: <%s>\n", val->bv_val, 0, 0 );
        if ( val->bv_len != 0 ) {
@@ -682,8 +564,8 @@ dnPretty(
        struct berval *out,
        void *ctx)
 {
-       assert( val );
-       assert( out );
+       assert( val != NULL );
+       assert( out != NULL );
 
        Debug( LDAP_DEBUG_TRACE, ">>> dnPretty: <%s>\n", val->bv_val, 0, 0 );
 
@@ -739,8 +621,8 @@ rdnPretty(
        struct berval *out,
        void *ctx)
 {
-       assert( val );
-       assert( out );
+       assert( val != NULL );
+       assert( out != NULL );
 
        Debug( LDAP_DEBUG_TRACE, ">>> dnPretty: <%s>\n", val->bv_val, 0, 0 );
 
@@ -800,8 +682,8 @@ dnPrettyNormalDN(
        int flags,
        void *ctx )
 {
-       assert( val );
-       assert( dn );
+       assert( val != NULL );
+       assert( dn != NULL );
 
        Debug( LDAP_DEBUG_TRACE, ">>> dn%sDN: <%s>\n", 
                        flags == SLAP_LDAPDN_PRETTY ? "Pretty" : "Normal", 
@@ -854,9 +736,9 @@ dnPrettyNormal(
 {
        Debug( LDAP_DEBUG_TRACE, ">>> dnPrettyNormal: <%s>\n", val->bv_val, 0, 0 );
 
-       assert( val );
-       assert( pretty );
-       assert( normal );
+       assert( val != NULL );
+       assert( pretty != NULL );
+       assert( normal != NULL );
 
        if ( val->bv_len == 0 ) {
                ber_dupbv_x( pretty, val, ctx );
@@ -940,9 +822,9 @@ dnMatch(
        int match;
        struct berval *asserted = (struct berval *) assertedValue;
 
-       assert( matchp );
-       assert( value );
-       assert( assertedValue );
+       assert( matchp != NULL );
+       assert( value != NULL );
+       assert( assertedValue != NULL );
        assert( !BER_BVISNULL( value ) );
        assert( !BER_BVISNULL( asserted ) );
        
@@ -975,9 +857,9 @@ dnRelativeMatch(
        int match;
        struct berval *asserted = (struct berval *) assertedValue;
 
-       assert( matchp );
-       assert( value );
-       assert( assertedValue );
+       assert( matchp != NULL );
+       assert( value != NULL );
+       assert( assertedValue != NULL );
        assert( !BER_BVISNULL( value ) );
        assert( !BER_BVISNULL( asserted ) );
 
@@ -996,7 +878,7 @@ dnRelativeMatch(
                                        asserted->bv_val, 
                                        asserted->bv_len );
                        } else {
-                               return 1;
+                               match = 1;
                        }
                }
 
@@ -1022,7 +904,7 @@ dnRelativeMatch(
                                        asserted->bv_val, 
                                        asserted->bv_len );
                        } else {
-                               return 1;
+                               match = 1;
                        }
                }
 
@@ -1049,7 +931,7 @@ dnRelativeMatch(
                                        match = dnIsOneLevelRDN( &rdn ) ? 0 : 1;
                                }
                        } else {
-                               return 1;
+                               match = 1;
                        }
                }
 
@@ -1074,9 +956,9 @@ rdnMatch(
        int match;
        struct berval *asserted = (struct berval *) assertedValue;
 
-       assert( matchp );
-       assert( value );
-       assert( assertedValue );
+       assert( matchp != NULL );
+       assert( value != NULL );
+       assert( assertedValue != NULL );
        
        match = value->bv_len - asserted->bv_len;
 
@@ -1109,7 +991,7 @@ dnParent(
 {
        char    *p;
 
-       p = strchr( dn->bv_val, ',' );
+       p = ber_bvchr( dn, ',' );
 
        /* one-level dn */
        if ( p == NULL ) {
@@ -1141,7 +1023,7 @@ dnRdn(
        char    *p;
 
        *rdn = *dn;
-       p = strchr( dn->bv_val, ',' );
+       p = ber_bvchr( dn, ',' );
 
        /* one-level dn */
        if ( p == NULL ) {
@@ -1165,8 +1047,8 @@ dnExtractRdn(
        const char      *p;
        int             rc;
 
-       assert( dn );
-       assert( rdn );
+       assert( dn != NULL );
+       assert( rdn != NULL );
 
        if( dn->bv_len == 0 ) {
                return LDAP_OTHER;
@@ -1187,14 +1069,14 @@ dnExtractRdn(
 /*
  * We can assume the input is a prettied or normalized DN
  */
-int 
+ber_len_t
 dn_rdnlen(
        Backend         *be,
        struct berval   *dn_in )
 {
        const char      *p;
 
-       assert( dn_in );
+       assert( dn_in != NULL );
 
        if ( dn_in == NULL ) {
                return 0;
@@ -1208,7 +1090,7 @@ dn_rdnlen(
                return 0;
        }
 
-       p = strchr( dn_in->bv_val, ',' );
+       p = ber_bvchr( dn_in, ',' );
 
        return p ? p - dn_in->bv_val : dn_in->bv_len;
 }
@@ -1232,7 +1114,7 @@ rdn_validate( struct berval *rdn )
        {
                return LDAP_INVALID_SYNTAX;
        }
-       return strchr( rdn->bv_val, ',' ) == NULL
+       return ber_bvchr( rdn, ',' ) == NULL
                ? LDAP_SUCCESS : LDAP_INVALID_SYNTAX;
 
 #else
@@ -1280,7 +1162,7 @@ rdn_validate( struct berval *rdn )
 
 /* build_new_dn:
  *
- * Used by ldbm/bdb2 back_modrdn to create the new dn of entries being
+ * Used by back-bdb back_modrdn to create the new dn of entries being
  * renamed.
  *
  * new_dn = parent (p_dn) + separator + rdn (newrdn) + null.
@@ -1295,7 +1177,7 @@ build_new_dn( struct berval * new_dn,
        char *ptr;
 
        if ( parent_dn == NULL || parent_dn->bv_len == 0 ) {
-               ber_dupbv( new_dn, newrdn );
+               ber_dupbv_x( new_dn, newrdn, memctx );
                return;
        }
 
@@ -1319,8 +1201,8 @@ dnIsSuffix(
 {
        int     d = dn->bv_len - suffix->bv_len;
 
-       assert( dn );
-       assert( suffix );
+       assert( dn != NULL );
+       assert( suffix != NULL );
 
        /* empty suffix matches any dn */
        if ( suffix->bv_len == 0 ) {
@@ -1386,7 +1268,8 @@ dnX509normalize( void *x509_name, struct berval *out )
        int rc = ldap_X509dn2bv( x509_name, out, LDAPDN_rewrite, 0 );
 
        Debug( LDAP_DEBUG_TRACE,
-               "dnX509Normalize: <%s>\n", out->bv_val, 0, 0 );
+               "dnX509Normalize: <%s> (%d)\n",
+               BER_BVISNULL( out ) ? "(null)" : out->bv_val, rc, 0 );
 
        return rc;
 }
Cloned from git://git.openldap.org/openldap.git