/* dn.c - routines for dealing with distinguished names */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
#include "portable.h"
#include <ac/string.h>
#include <ac/time.h>
+#include "ldap_pvt.h"
+
#include "slap.h"
-#define B4TYPE 0
-#define INTYPE 1
-#define B4EQUAL 2
-#define B4VALUE 3
-#define INVALUE 4
-#define INQUOTEDVALUE 5
-#define B4SEPARATOR 6
+#define B4LEADTYPE 0
+#define B4TYPE 1
+#define INOIDTYPE 2
+#define INKEYTYPE 3
+#define B4EQUAL 4
+#define B4VALUE 5
+#define INVALUE 6
+#define INQUOTEDVALUE 7
+#define B4SEPARATOR 8
/*
- * dn_normalize - put dn into a canonical format. the dn is
- * normalized in place, as well as returned.
+ * dn_validate - validate and compress dn. the dn is
+ * compressed in place are returned if valid.
*/
char *
-dn_normalize( char *dn )
+dn_validate( char *dn_in )
{
+#ifdef USE_LDAP_DN_PARSING
+ struct berval val, *normalized;
+ int rc;
+
+ if ( dn_in == NULL || dn_in[ 0 ] == '\0' ) {
+ return( dn_in );
+ }
+
+ val.bv_val = dn_in;
+ val.bv_len = strlen( dn_in );
+
+ rc = dnPretty( NULL, &val, &normalized );
+ if ( rc != LDAP_SUCCESS ) {
+ return( NULL );
+ }
+
+ if ( val.bv_len < normalized->bv_len ) {
+ ber_bvfree( normalized );
+ return( NULL );
+ }
+
+ AC_MEMCPY( dn_in, normalized->bv_val, normalized->bv_len + 1 );
+ ber_bvfree( normalized );
+
+ return( dn_in );
+
+#else /* !USE_LDAP_DN_PARSING */
char *d, *s;
int state, gotesc;
-
- /* Debug( LDAP_DEBUG_TRACE, "=> dn_normalize \"%s\"\n", dn, 0, 0 ); */
+ char *dn = dn_in;
gotesc = 0;
- state = B4TYPE;
+ state = B4LEADTYPE;
for ( d = s = dn; *s; s++ ) {
switch ( state ) {
+ case B4LEADTYPE:
case B4TYPE:
- if ( ! SPACE( *s ) ) {
- state = INTYPE;
+ if ( OID_LEADCHAR(*s) ) {
+ state = INOIDTYPE;
+ *d++ = *s;
+ } else if ( ATTR_LEADCHAR(*s) ) {
+ state = INKEYTYPE;
+ *d++ = *s;
+ } else if ( ! ASCII_SPACE( *s ) ) {
+ dn = NULL;
+ state = INKEYTYPE;
*d++ = *s;
}
break;
- case INTYPE:
- if ( *s == '=' ) {
+
+ case INOIDTYPE:
+ if ( OID_CHAR(*s) ) {
+ *d++ = *s;
+ } else if ( *s == '=' ) {
state = B4VALUE;
*d++ = *s;
- } else if ( SPACE( *s ) ) {
+ } else if ( ASCII_SPACE( *s ) ) {
state = B4EQUAL;
} else {
+ dn = NULL;
*d++ = *s;
}
break;
+
+ case INKEYTYPE:
+ if ( ATTR_CHAR(*s) ) {
+ *d++ = *s;
+ } else if ( *s == '=' ) {
+ state = B4VALUE;
+ *d++ = *s;
+ } else if ( ASCII_SPACE( *s ) ) {
+ state = B4EQUAL;
+ } else {
+ dn = NULL;
+ *d++ = *s;
+ }
+ break;
+
case B4EQUAL:
if ( *s == '=' ) {
state = B4VALUE;
*d++ = *s;
- } else if ( ! SPACE( *s ) ) {
+ } else if ( ! ASCII_SPACE( *s ) ) {
/* not a valid dn - but what can we do here? */
*d++ = *s;
+ dn = NULL;
}
break;
+
case B4VALUE:
if ( *s == '"' ) {
state = INQUOTEDVALUE;
*d++ = *s;
- } else if ( ! SPACE( *s ) ) {
+ } else if ( ! ASCII_SPACE( *s ) ) {
state = INVALUE;
*d++ = *s;
}
break;
+
case INVALUE:
- if ( !gotesc && SEPARATOR( *s ) ) {
- while ( SPACE( *(d - 1) ) )
+ if ( !gotesc && RDN_SEPARATOR( *s ) ) {
+ while ( ASCII_SPACE( *(d - 1) ) )
d--;
state = B4TYPE;
if ( *s == '+' ) {
} else {
*d++ = ',';
}
- } else if ( gotesc && !NEEDSESCAPE( *s ) &&
- !SEPARATOR( *s ) ) {
+ } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) &&
+ !RDN_SEPARATOR( *s ) )
+ {
*--d = *s;
d++;
- } else {
+ } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) {
*d++ = *s;
}
break;
+
case INQUOTEDVALUE:
if ( !gotesc && *s == '"' ) {
state = B4SEPARATOR;
*d++ = *s;
- } else if ( gotesc && !NEEDSESCAPE( *s ) ) {
+ } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) ) {
*--d = *s;
d++;
- } else {
+ } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) {
*d++ = *s;
}
break;
+
case B4SEPARATOR:
- if ( SEPARATOR( *s ) ) {
+ if ( RDN_SEPARATOR( *s ) ) {
state = B4TYPE;
*d++ = *s;
+ } else if ( !ASCII_SPACE( *s ) ) {
+ dn = NULL;
}
break;
+
default:
+ dn = NULL;
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "dn_validate: unknown state %d for dn \"%s\".\n",
+ state, dn_in ));
+#else
Debug( LDAP_DEBUG_ANY,
- "dn_normalize - unknown state %d\n", state, 0, 0 );
+ "dn_validate - unknown state %d\n", state, 0, 0 );
+#endif
break;
}
+
if ( *s == '\\' ) {
gotesc = 1;
} else {
gotesc = 0;
}
}
+
+ /* trim trailing spaces */
+ while( d > dn_in && ASCII_SPACE( *(d-1) ) ) {
+ --d;
+ }
*d = '\0';
- /* Debug( LDAP_DEBUG_TRACE, "<= dn_normalize \"%s\"\n", dn, 0, 0 ); */
+ if( gotesc ) {
+ /* shouldn't be left in escape */
+ dn = NULL;
+ }
+
+ /* check end state */
+ switch( state ) {
+ case B4LEADTYPE: /* looking for first type */
+ case B4SEPARATOR: /* looking for separator */
+ case INVALUE: /* inside value */
+ break;
+ default:
+ dn = NULL;
+ }
+
return( dn );
+#endif /* !USE_LDAP_DN_PARSING */
}
/*
- * dn_normalize_case - put dn into a canonical form suitable for storing
- * in a hash database. this involves normalizing the case as well as
- * the format. the dn is normalized in place as well as returned.
+ * dn_normalize - put dn into a canonical form suitable for storing
+ * in a hash database. this involves normalizing the case as well as
+ * the format. the dn is normalized in place as well as returned if valid.
*/
char *
-dn_normalize_case( char *dn )
+dn_normalize( char *dn )
+{
+#ifdef USE_LDAP_DN_PARSING
+ struct berval val, *normalized;
+ int rc;
+
+ if ( dn == NULL || dn[ 0 ] == '\0' ) {
+ return( dn );
+ }
+
+ val.bv_val = dn;
+ val.bv_len = strlen( dn );
+
+ rc = dnNormalize( NULL, &val, &normalized );
+ if ( rc != LDAP_SUCCESS ) {
+ return( NULL );
+ }
+
+ if ( val.bv_len < normalized->bv_len ) {
+ ber_bvfree( normalized );
+ return( NULL );
+ }
+
+ AC_MEMCPY( dn, normalized->bv_val, normalized->bv_len + 1 );
+ ber_bvfree( normalized );
+
+ return( dn );
+
+#else /* !USE_LDAP_DN_PARSING */
+ char *out;
+ struct berval *bvdn, *nbvdn;
+
+ out = NULL;
+ bvdn = ber_bvstr( dn );
+
+ if ( dnNormalize( NULL, bvdn, &nbvdn ) == LDAP_SUCCESS ) {
+ if ( nbvdn->bv_len <= bvdn->bv_len ) {
+ out = dn;
+ strcpy( out, nbvdn->bv_val );
+ }
+ ber_bvfree( nbvdn );
+ }
+ bvdn->bv_val = NULL; /* prevent bvfree from freeing dn */
+ ber_bvfree( bvdn );
+
+ return( out );
+#endif /* !USE_LDAP_DN_PARSING */
+}
+
+int
+dn_match( const char *val, const char *asserted )
{
- /* normalize format */
- dn_normalize( dn );
+ struct berval bval, basserted;
+
+ if ( val == NULL || asserted == NULL ) {
+ return 0;
+ }
+
+ bval.bv_val = ( char * )val;
+ bval.bv_len = strlen( val );
+
+ basserted.bv_val = ( char * )asserted;
+ basserted.bv_len = strlen( asserted);
- /* and upper case it */
- return( str2upper( dn ) );
+ return dnMatch( NULL, 0, NULL, NULL, &bval, &basserted);
}
/*
char *
dn_parent(
- Backend *be,
- char *dn
+ Backend *be,
+ const char *dn
)
{
- char *s;
+ const char *s;
int inquote;
if( dn == NULL ) {
return NULL;
}
- while(*dn && SPACE(*dn)) {
+ while(*dn != '\0' && ASCII_SPACE(*dn)) {
dn++;
}
if( *dn == '\0' ) {
- return( NULL );
+ return NULL;
}
if ( be != NULL && be_issuffix( be, dn ) ) {
- return( NULL );
- }
-
- /*
- * no =, assume it is a dns name, like blah@some.domain.name
- * if the blah@ part is there, return some.domain.name. if
- * it's just some.domain.name, return domain.name.
- */
- if ( strchr( dn, '=' ) == NULL ) {
- if ( (s = strchr( dn, '@' )) == NULL ) {
- if ( (s = strchr( dn, '.' )) == NULL ) {
- return( NULL );
- }
- }
- if ( *(s + 1) == '\0' ) {
- return( NULL );
- } else {
- return( ch_strdup( &s[1] ) );
- }
+ return NULL;
}
/*
- * else assume it is an X.500-style name, which looks like
+ * assume it is an X.500-style name, which looks like
* foo=bar,sha=baz,...
*/
} else {
if ( *s == '"' ) {
inquote = 1;
- } else if ( DNSEPARATOR( *s ) ) {
- return( ch_strdup( &s[1] ) );
+ } else if ( DN_SEPARATOR( *s ) ) {
+ return ch_strdup( &s[1] );
}
}
}
- return( ch_strdup( "" ) );
+ return ch_strdup( "" );
}
-char * dn_rdn(
- Backend *be,
- char *dn )
+char * dn_rdn(
+ Backend *be,
+ const char *dn_in )
{
- char *s;
+ char *dn, *s;
int inquote;
- if( dn == NULL ) {
+ if( dn_in == NULL ) {
return NULL;
}
- while(*dn && SPACE(*dn)) {
- dn++;
+ while(*dn_in && ASCII_SPACE(*dn_in)) {
+ dn_in++;
}
- if( *dn == '\0' ) {
+ if( *dn_in == '\0' ) {
return( NULL );
}
- if ( be != NULL && be_issuffix( be, dn ) ) {
+ if ( be != NULL && be_issuffix( be, dn_in ) ) {
return( NULL );
}
- dn = ch_strdup( dn );
-
- /*
- * no =, assume it is a dns name, like blah@some.domain.name
- * if the blah@ part is there, return some.domain.name. if
- * it's just some.domain.name, return domain.name.
- */
- if ( strchr( dn, '=' ) == NULL ) {
- if ( (s = strchr( dn, '@' )) == NULL ) {
- if ( (s = strchr( dn, '.' )) == NULL ) {
- return( dn );
- }
- }
- *s = '\0';
- return( dn );
- }
-
- /*
- * else assume it is an X.500-style name, which looks like
- * foo=bar,sha=baz,...
- */
+ dn = ch_strdup( dn_in );
inquote = 0;
} else {
if ( *s == '"' ) {
inquote = 1;
- } else if ( DNSEPARATOR( *s ) ) {
+ } else if ( DN_SEPARATOR( *s ) ) {
*s = '\0';
return( dn );
}
return( dn );
}
+
+/*
+ * return a charray of all subtrees to which the DN resides in
+ */
+char **dn_subtree(
+ Backend *be,
+ const char *dn )
+{
+ char *child, *parent;
+ char **subtree = NULL;
+
+ child = ch_strdup( dn );
+
+ do {
+ charray_add( &subtree, child );
+
+ parent = dn_parent( be, child );
+
+ free( child );
+
+ child = parent;
+ } while ( child != NULL );
+
+ return subtree;
+}
+
+
/*
- * dn_issuffix - tells whether suffix is a suffix of dn. both dn
+ * dn_issuffix - tells whether suffix is a suffix of dn. Both dn
* and suffix must be normalized.
*/
int
dn_issuffix(
- char *dn,
- char *suffix
+ const char *dn,
+ const char *suffix
)
{
int dnlen, suffixlen;
return( strcmp( dn + dnlen - suffixlen, suffix ) == 0 );
}
-/*
- * dn_type - tells whether the given dn is an X.500 thing or DNS thing
- * returns (defined in slap.h): DN_DNS dns-style thing
- * DN_X500 x500-style thing
- */
-
-int
-dn_type( char *dn )
-{
- return( strchr( dn, '=' ) == NULL ? DN_DNS : DN_X500 );
-}
-
-char *
-str2upper( char *str )
-{
- char *s;
-
- /* normalize case */
- for ( s = str; *s; s++ ) {
- *s = TOUPPER( (unsigned char) *s );
- }
-
- return( str );
-}
-
-char *
-str2lower( char *str )
-{
- char *s;
-
- /* normalize case */
- for ( s = str; *s; s++ ) {
- *s = TOLOWER( (unsigned char) *s );
- }
-
- return( str );
-}
-
-
/*
* get_next_substring(), rdn_attr_type(), rdn_attr_value(), and
* build_new_dn().
- *
+ *
* Copyright 1999, Juan C. Gomez, All rights reserved.
- * This software is not subject to any license of Silicon Graphics
+ * This software is not subject to any license of Silicon Graphics
* Inc. or Purdue University.
*
* Redistribution and use in source and binary forms are permitted
/* get_next_substring:
*
- * Gets next substring in s, using d (or the end of the string '\0') as a
- * string delimiter, and places it in a duplicated memory space. Leading
+ * Gets next substring in s, using d (or the end of the string '\0') as a
+ * string delimiter, and places it in a duplicated memory space. Leading
* spaces are ignored. String s **must** be null-terminated.
- */
+ */
-static char *
-get_next_substring( char * s, char d )
+static char *
+get_next_substring( const char * s, char d )
{
char *str, *r;
/* Skip leading spaces */
- while ( *s && SPACE(*s) ) {
-
+ while ( *s && ASCII_SPACE(*s) ) {
s++;
-
- }/* while ( *s && SPACE(*s) ) */
+ }
/* Copy word */
*/
*str++ = *s++;
-
- }/* while ( *s && (*s != d) ) */
+ }
*str = '\0';
return r;
-}/* char * get_word() */
+}
/* rdn_attr_type:
*
* Given a string (i.e. an rdn) of the form:
* "attribute_type = attribute_value"
- * this function returns the type of an attribute, that is the
- * string "attribute_type" which is placed in newly allocated
+ * this function returns the type of an attribute, that is the
+ * string "attribute_type" which is placed in newly allocated
* memory. The returned string will be null-terminated.
*/
-char * rdn_attr_type( char * s )
+char * rdn_attr_type( const char * s )
{
-
return get_next_substring( s, '=' );
-
-}/* char * rdn_attr_type() */
+}
/* rdn_attr_value:
*
* Given a string (i.e. an rdn) of the form:
* "attribute_type = attribute_value"
- * this function returns "attribute_type" which is placed in newly allocated
- * memory. The returned string will be null-terminated and may contain
+ * this function returns "attribute_type" which is placed in newly allocated
+ * memory. The returned string will be null-terminated and may contain
* spaces (i.e. "John Doe\0").
*/
-char *
-rdn_attr_value( char * rdn )
+char *
+rdn_attr_value( const char * rdn )
{
- char *str;
+ const char *str;
if ( (str = strchr( rdn, '=' )) != NULL ) {
-
return get_next_substring(++str, '\0');
-
- }/* if ( (str = strpbrk( rdn, "=" )) != NULL ) */
+ }
return NULL;
-}/* char * rdn_attr_value() */
+}
-/* build_new_dn:
+/* rdn_attrs:
*
- * Used by ldbm/bdb2_back_modrdn to create the new dn of entries being
- * renamed.
+ * Given a string (i.e. an rdn) of the form:
+ * "attribute_type=attribute_value[+attribute_type=attribute_value[...]]"
+ * this function stores the types of the attributes in ptypes, that is the
+ * array of strings "attribute_type" which is placed in newly allocated
+ * memory, and the values of the attributes in pvalues, that is the
+ * array of strings "attribute_value" which is placed in newly allocated
+ * memory. Returns 0 on success, -1 on failure.
*
- * new_dn = parent (p_dn) + separator(s) + rdn (newrdn) + null.
+ * note: got part of the code from dn_validate
*/
-void
-build_new_dn( char ** new_dn, char *e_dn, char * p_dn, char * newrdn )
+int
+rdn_attrs( const char * rdn_in, char ***ptypes, char ***pvalues)
{
+ char **parts, **p;
+
+ *ptypes = NULL;
+ *pvalues = NULL;
+
+ /*
+ * explode the rdn in parts
+ */
+ parts = ldap_explode_rdn( rdn_in, 0 );
- if ( p_dn == NULL ) {
+ if ( parts == NULL ) {
+ return( -1 );
+ }
- *new_dn = ch_strdup( newrdn );
- return;
+ for ( p = parts; p[0]; p++ ) {
+ char *s, *e, *d;
+
+ /* split each rdn part in type value */
+ s = strchr( p[0], '=' );
+ if ( s == NULL ) {
+ charray_free( *ptypes );
+ charray_free( *pvalues );
+ charray_free( parts );
+ return( -1 );
+ }
+
+ /* type should be fine */
+ charray_add_n( ptypes, p[0], ( s-p[0] ) );
+
+ /* value needs to be unescaped
+ * (maybe this should be moved to ldap_explode_rdn?) */
+ for ( e = d = s + 1; e[0]; e++ ) {
+ if ( *e != '\\' ) {
+ *d++ = *e;
+ }
+ }
+ d[0] = '\0';
+ charray_add( pvalues, s + 1 );
+ }
- }
-
- *new_dn = (char *) ch_malloc( strlen( p_dn ) + strlen( newrdn ) + 3 );
+ /* free array */
+ charray_free( parts );
- if ( dn_type( e_dn ) == DN_X500 ) {
+ return( 0 );
+}
- strcpy( *new_dn, newrdn );
- strcat( *new_dn, "," );
- strcat( *new_dn, p_dn );
- } else {
+/* rdn_validate:
+ *
+ * 1 if rdn is a legal rdn;
+ * 0 otherwise (including a sequence of rdns)
+ *
+ * note: got it from dn_rdn; it should be rewritten
+ * according to dn_validate
+ */
+int
+rdn_validate( const char * rdn )
+{
+ int inquote;
- char *s;
- char sep[2];
+ if ( rdn == NULL ) {
+ return( 0 );
+ }
- strcpy( *new_dn, newrdn );
- s = strchr( newrdn, '\0' );
- s--;
+ if ( strchr( rdn, '=' ) == NULL ) {
+ return( 0 );
+ }
- if ( (*s != '.') && (*s != '@') ) {
+ while ( *rdn && ASCII_SPACE( *rdn ) ) {
+ rdn++;
+ }
- if ( (s = strpbrk( e_dn, ".@" )) != NULL ) {
+ if( *rdn == '\0' ) {
+ return( 0 );
+ }
- sep[0] = *s;
- sep[1] = '\0';
- strcat( *new_dn, sep );
+ inquote = 0;
- }/* if ( (s = strpbrk( dn, ".@" )) != NULL ) */
+ for ( ; *rdn; rdn++ ) {
+ if ( *rdn == '\\' ) {
+ if ( *(rdn + 1) ) {
+ rdn++;
+ }
+ continue;
+ }
+ if ( inquote ) {
+ if ( *rdn == '"' ) {
+ inquote = 0;
+ }
+ } else {
+ if ( *rdn == '"' ) {
+ inquote = 1;
+ } else if ( DN_SEPARATOR( *rdn ) ) {
+ return( 0 );
+ }
+ }
+ }
- }/* if ( *s != '.' && *s != '@' ) */
+ return( 1 );
+}
- strcat( *new_dn, p_dn );
- }/* if ( dn_type( e_dn ) == DN_X500 ) {}else */
-
-}/* void build_new_dn() */
+/* build_new_dn:
+ *
+ * Used by ldbm/bdb2 back_modrdn to create the new dn of entries being
+ * renamed.
+ *
+ * new_dn = parent (p_dn) + separator(s) + rdn (newrdn) + null.
+ */
+
+void
+build_new_dn( char ** new_dn,
+ const char *e_dn,
+ const char * p_dn,
+ const char * newrdn )
+{
+
+ if ( p_dn == NULL ) {
+ *new_dn = ch_strdup( newrdn );
+ return;
+ }
+
+ *new_dn = (char *) ch_malloc( strlen( p_dn ) + strlen( newrdn ) + 3 );
+
+ strcpy( *new_dn, newrdn );
+ strcat( *new_dn, "," );
+ strcat( *new_dn, p_dn );
+}