+/* mra.c - routines for dealing with extensible matching rule assertions */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2007 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
*/
-/* mra.c - routines for dealing with extensible matching rule assertions */
#include "portable.h"
#include "slap.h"
+#ifdef LDAP_COMP_MATCH
+#include "component.h"
+#endif
void
mra_free(
- MatchingRuleAssertion *mra,
- int freeit
-)
+ Operation *op,
+ MatchingRuleAssertion *mra,
+ int freeit )
{
- ad_free( mra->ma_desc, 1 );
- ch_free( mra->ma_rule_text );
- ber_bvfree( mra->ma_value );
- if ( freeit ) {
- ch_free( (char *) mra );
+#ifdef LDAP_COMP_MATCH
+ /* free component assertion */
+ if ( mra->ma_rule->smr_usage & SLAP_MR_COMPONENT && mra->ma_cf ) {
+ component_free( mra->ma_cf );
}
+#endif
+ /* op->o_tmpfree( mra->ma_value.bv_val, op->o_tmpmemctx ); */
+ ch_free( mra->ma_value.bv_val );
+ if ( freeit ) op->o_tmpfree( (char *) mra, op->o_tmpmemctx );
}
int
get_mra(
- BerElement *ber,
- MatchingRuleAssertion **mra,
- const char **text
-)
+ Operation *op,
+ BerElement *ber,
+ MatchingRuleAssertion **mra,
+ const char **text )
{
- int rc, tag;
+ int rc;
+ ber_tag_t tag, rtag;
ber_len_t length;
- struct berval type, value, *nvalue;
- MatchingRuleAssertion *ma;
-
- ma = ch_malloc( sizeof( MatchingRuleAssertion ) );
- ma->ma_rule = NULL;
- ma->ma_rule_text = NULL;
- ma->ma_desc = NULL;
- ma->ma_dnattrs = 0;
- ma->ma_value = NULL;
-
- rc = ber_scanf( ber, "{t", &tag );
-
- if( rc == LBER_ERROR ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf (\"{t\") failure\n" ));
-#else
- Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
+ struct berval type = BER_BVNULL;
+ struct berval value = BER_BVNULL;
+ struct berval rule_text = BER_BVNULL;
+ MatchingRuleAssertion ma = { 0 };
+#ifdef LDAP_COMP_MATCH
+ AttributeAliasing* aa = NULL;
#endif
+ rtag = ber_scanf( ber, "{t" /*"}"*/, &tag );
+
+ if( rtag == LBER_ERROR ) {
+ Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
+
*text = "Error parsing matching rule assertion";
- mra_free( ma, 1 );
return SLAPD_DISCONNECT;
}
if ( tag == LDAP_FILTER_EXT_OID ) {
- rc = ber_scanf( ber, "a", &ma->ma_rule_text );
- if ( rc == LBER_ERROR ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf(\"a\") failure.\n" ));
-#else
+ rtag = ber_scanf( ber, "m", &rule_text );
+ if ( rtag == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for mr\n", 0, 0, 0 );
-#endif
*text = "Error parsing matching rule in matching rule assertion";
- mra_free( ma, 1 );
return SLAPD_DISCONNECT;
}
- ma->ma_rule = mr_find( ma->ma_rule_text );
- rc = ber_scanf( ber, "t", &tag );
-
- if( rc == LBER_ERROR ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf (\"t\") failure\n" ));
-#else
+ rtag = ber_scanf( ber, "t", &tag );
+ if( rtag == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
-#endif
*text = "Error parsing matching rule assertion";
- mra_free( ma, 1 );
return SLAPD_DISCONNECT;
}
}
if ( tag == LDAP_FILTER_EXT_TYPE ) {
- rc = ber_scanf( ber, "o", &type );
- if ( rc == LBER_ERROR ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf (\"o\") failure.\n" ));
-#else
+ rtag = ber_scanf( ber, "m", &type );
+ if ( rtag == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for ad\n", 0, 0, 0 );
-#endif
*text = "Error parsing attribute description in matching rule assertion";
return SLAPD_DISCONNECT;
}
- rc = slap_bv2ad( &type, &ma->ma_desc, text );
- ch_free( type.bv_val );
-
- if( rc != LDAP_SUCCESS ) {
- ch_free( value.bv_val );
- mra_free( ma, 1 );
- return rc;
- }
-
- rc = ber_scanf( ber, "t", &tag );
-
- if( rc == LBER_ERROR ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf (\"t\") failure.\n" ));
-#else
+ rtag = ber_scanf( ber, "t", &tag );
+ if( rtag == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
-#endif
*text = "Error parsing matching rule assertion";
- mra_free( ma, 1 );
return SLAPD_DISCONNECT;
}
}
if ( tag != LDAP_FILTER_EXT_VALUE ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf missing value\n" ));
-#else
Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf missing value\n", 0, 0, 0 );
-#endif
*text = "Missing value in matching rule assertion";
- mra_free( ma, 1 );
return SLAPD_DISCONNECT;
}
- rc = ber_scanf( ber, "o", &value );
+ rtag = ber_scanf( ber, "m", &value );
- if( rc == LBER_ERROR ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf (\"o\") failure.\n" ));
-#else
+ if( rtag == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
-#endif
*text = "Error decoding value in matching rule assertion";
- mra_free( ma, 1 );
return SLAPD_DISCONNECT;
}
- /*
- * OK, if no matching rule, normalize for equality, otherwise
- * normalize for the matching rule.
- */
- rc = value_normalize( ma->ma_desc, SLAP_MR_EQUALITY, &value, &nvalue, text );
- ch_free( value.bv_val );
-
- if( rc != LDAP_SUCCESS ) {
- mra_free( ma, 1 );
- return rc;
- }
-
- ma->ma_value = nvalue;
-
tag = ber_peek_tag( ber, &length );
if ( tag == LDAP_FILTER_EXT_DNATTRS ) {
- rc = ber_scanf( ber, "b}", &ma->ma_dnattrs );
+ rtag = ber_scanf( ber, /*"{"*/ "b}", &ma.ma_dnattrs );
} else {
- rc = ber_scanf( ber, "}" );
- ma->ma_dnattrs = 0;
+ rtag = ber_scanf( ber, /*"{"*/ "}" );
}
- if( rc == LBER_ERROR ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "get_mra: ber_scanf failure\n"));
-#else
+ if( rtag == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 );
-#endif
*text = "Error decoding dnattrs matching rule assertion";
- mra_free( ma, 1 );
return SLAPD_DISCONNECT;
}
- *mra = ma;
+ if( type.bv_val != NULL ) {
+ rc = slap_bv2ad( &type, &ma.ma_desc, text );
+ if( rc != LDAP_SUCCESS ) {
+ rc = slap_bv2undef_ad( &type, &ma.ma_desc, text,
+ SLAP_AD_PROXIED|SLAP_AD_NOINSERT );
+
+ if( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+ }
+ }
+
+ if( rule_text.bv_val != NULL ) {
+ ma.ma_rule = mr_bvfind( &rule_text );
+ if( ma.ma_rule == NULL ) {
+ *text = "matching rule not recognized";
+ return LDAP_INAPPROPRIATE_MATCHING;
+ }
+ }
+
+ if ( ma.ma_rule == NULL ) {
+ /*
+ * Need either type or rule ...
+ */
+ if ( ma.ma_desc == NULL ) {
+ *text = "no matching rule or type";
+ return LDAP_INAPPROPRIATE_MATCHING;
+ }
+
+ if ( ma.ma_desc->ad_type->sat_equality != NULL &&
+ ma.ma_desc->ad_type->sat_equality->smr_usage & SLAP_MR_EXT )
+ {
+ /* no matching rule was provided, use the attribute's
+ equality rule if it supports extensible matching. */
+ ma.ma_rule = ma.ma_desc->ad_type->sat_equality;
+
+ } else {
+ *text = "no appropriate rule to use for type";
+ return LDAP_INAPPROPRIATE_MATCHING;
+ }
+ }
+
+ if ( ma.ma_desc != NULL ) {
+ if( !mr_usable_with_at( ma.ma_rule, ma.ma_desc->ad_type ) ) {
+ *text = "matching rule use with this attribute not appropriate";
+ return LDAP_INAPPROPRIATE_MATCHING;
+ }
+
+ }
+
+ /*
+ * Normalize per matching rule
+ */
+ rc = asserted_value_validate_normalize( ma.ma_desc,
+ ma.ma_rule,
+ SLAP_MR_EXT|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
+ &value, &ma.ma_value, text, op->o_tmpmemctx );
+
+ if( rc != LDAP_SUCCESS ) return rc;
+
+#ifdef LDAP_COMP_MATCH
+ /* Check If this attribute is aliased */
+ if ( is_aliased_attribute && ma.ma_desc && ( aa = is_aliased_attribute ( ma.ma_desc ) ) ) {
+ rc = get_aliased_filter ( op, &ma, aa, text );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ }
+ else if ( ma.ma_rule && ma.ma_rule->smr_usage & SLAP_MR_COMPONENT ) {
+ /* Matching Rule for Component Matching */
+ rc = get_comp_filter( op, &ma.ma_value, &ma.ma_cf, text );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ }
+#endif
+
+ length = sizeof(ma);
+ /* Append rule_text to end of struct */
+ if (rule_text.bv_val) length += rule_text.bv_len + 1;
+ *mra = op->o_tmpalloc( length, op->o_tmpmemctx );
+ **mra = ma;
+ if (rule_text.bv_val) {
+ (*mra)->ma_rule_text.bv_len = rule_text.bv_len;
+ (*mra)->ma_rule_text.bv_val = (char *)(*mra+1);
+ AC_MEMCPY((*mra)->ma_rule_text.bv_val, rule_text.bv_val,
+ rule_text.bv_len+1);
+ }
return LDAP_SUCCESS;
}
-
projects / openldap / blobdiff