/* limits.c - routines to handle regex-based size and time limits */
/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
if ( ndn->bv_len == 0 ) {
break;
}
- if ( strcmp( lm[0]->lm_dn_pat->bv_val, ndn->bv_val ) == 0 ) {
+ if ( dn_match( &lm[0]->lm_dn_pat, ndn ) ) {
*limit = &lm[0]->lm_limits;
return( 0 );
}
break;
}
- d = ndn->bv_len - lm[0]->lm_dn_pat->bv_len;
/* ndn shorter than dn_pat */
- if ( d < 0 ) {
+ if ( ndn->bv_len < lm[0]->lm_dn_pat.bv_len ) {
break;
}
+ d = ndn->bv_len - lm[0]->lm_dn_pat.bv_len;
/* allow exact match for SUBTREE only */
if ( d == 0 ) {
}
} else {
/* check for unescaped rdn separator */
- if ( !DN_SEPARATOR( ndn->bv_val[d-1] ) || DN_ESCAPE( ndn->bv_val[d-2] ) ) {
+ if ( !DN_SEPARATOR( ndn->bv_val[d-1] ) ) {
break;
}
}
/* in case of (sub)match ... */
- if ( strcmp( lm[0]->lm_dn_pat->bv_val, &ndn->bv_val[d] ) == 0 ) {
+ if ( lm[0]->lm_dn_pat.bv_len == ( ndn->bv_len - d )
+ && strcmp( lm[0]->lm_dn_pat.bv_val, &ndn->bv_val[d] ) == 0 ) {
/* check for exactly one rdn in case of ONE */
if ( lm[0]->lm_type == SLAP_LIMITS_ONE ) {
/*
* if ndn is more that one rdn
* below dn_pat, continue
*/
- if ( (size_t) dn_rdnlen( NULL, ndn->bv_val ) != d - 1 ) {
+ if ( (size_t) dn_rdnlen( NULL, ndn ) != d - 1 ) {
break;
}
}
if ( ndn->bv_len == 0 ) {
break;
}
- if ( regexec( &lm[0]->lm_dn_regex, ndn->bv_val, 0, NULL, 0 ) == 0 ) {
+ if ( regexec( &lm[0]->lm_dn_regex, ndn->bv_val, 0, NULL, 0 )
+ == 0 )
+ {
*limit = &lm[0]->lm_limits;
return( 0 );
}
}
break;
+ case SLAP_LIMITS_ANY:
+ *limit = &lm[0]->lm_limits;
+ return( 0 );
+
default:
assert( 0 ); /* unreachable */
return( -1 );
return( 0 );
}
-int
+static int
add_limits(
Backend *be,
int type,
case SLAP_LIMITS_SUBTREE:
case SLAP_LIMITS_CHILDREN:
lm->lm_type = type;
- lm->lm_dn_pat = ber_bvstrdup( pattern );
- if ( dn_normalize( lm->lm_dn_pat->bv_val ) == NULL ) {
- ber_bvfree( lm->lm_dn_pat );
- ch_free( lm );
- return( -1 );
+ {
+ int rc;
+ struct berval bv;
+ bv.bv_val = (char *) pattern;
+ bv.bv_len = strlen( pattern );
+
+ rc = dnNormalize2( NULL, &bv, &lm->lm_dn_pat );
+ if ( rc != LDAP_SUCCESS ) {
+ ch_free( lm );
+ return( -1 );
+ }
}
break;
case SLAP_LIMITS_REGEX:
case SLAP_LIMITS_UNDEFINED:
lm->lm_type = SLAP_LIMITS_REGEX;
- lm->lm_dn_pat = ber_bvstrdup( pattern );
- if ( regcomp( &lm->lm_dn_regex, lm->lm_dn_pat->bv_val,
+ ber_str2bv( pattern, 0, 1, &lm->lm_dn_pat );
+ if ( regcomp( &lm->lm_dn_regex, lm->lm_dn_pat.bv_val,
REG_EXTENDED | REG_ICASE ) ) {
- ber_bvfree( lm->lm_dn_pat );
+ free( lm->lm_dn_pat.bv_val );
ch_free( lm );
return( -1 );
}
case SLAP_LIMITS_ANONYMOUS:
case SLAP_LIMITS_USERS:
+ case SLAP_LIMITS_ANY:
lm->lm_type = type;
- lm->lm_dn_pat = NULL;
+ lm->lm_dn_pat.bv_val = NULL;
+ lm->lm_dn_pat.bv_len = 0;
break;
}
if ( argc < 3 ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
+ LDAP_LOG( CONFIG, CRIT,
"%s : line %d: missing arg(s) in "
- "\"limits <pattern> <limits>\" line.\n",
- fname, lineno ));
+ "\"limits <pattern> <limits>\" line.\n", fname, lineno, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: missing arg(s) in "
*/
pattern = argv[1];
- if ( strcasecmp( pattern, "anonymous" ) == 0 ) {
+ if ( strcmp( pattern, "*" ) == 0) {
+ type = SLAP_LIMITS_ANY;
+
+ } else if ( strcasecmp( pattern, "anonymous" ) == 0 ) {
type = SLAP_LIMITS_ANONYMOUS;
} else if ( strcasecmp( pattern, "users" ) == 0 ) {
default:
if ( pattern[0] != '=' ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
+ LDAP_LOG( CONFIG, CRIT,
"%s : line %d: missing '=' in "
"\"dn[.{exact|base|one|subtree"
- "|children|regex|anonymous}]"
- "=<pattern>\" in "
- "\"limits <pattern> <limits>\" line.\n",
- fname, lineno ));
+ "|children|regex|anonymous}]" "=<pattern>\" in "
+ "\"limits <pattern> <limits>\" line.\n", fname, lineno, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: missing '=' in "
/* skip '=' (required) */
pattern++;
+
+ /* trim obvious cases */
+ if ( strcmp( pattern, "*" ) == 0 ) {
+ type = SLAP_LIMITS_ANY;
+ pattern = NULL;
+
+ } else if ( ( type == SLAP_LIMITS_REGEX || type == SLAP_LIMITS_UNDEFINED )
+ && strcmp( pattern, ".*" ) == 0 ) {
+ type = SLAP_LIMITS_ANY;
+ pattern = NULL;
+ }
}
}
if ( parse_limit( argv[i], &limit ) ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
+ LDAP_LOG( CONFIG, CRIT,
"%s : line %d: unknown limit type \"%s\" in "
"\"limits <pattern> <limits>\" line.\n",
- fname, lineno, argv[i] ));
+ fname, lineno, argv[i] );
#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: unknown limit type \"%s\" in "
}
} else if ( arg[0] == '=' ) {
+ arg++;
limit->lms_t_soft = atoi( arg );
limit->lms_t_hard = 0;
}
} else if ( arg[0] == '=' ) {
+ arg++;
limit->lms_s_soft = atoi( arg );
limit->lms_s_hard = 0;