/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1999-2004 The OpenLDAP Foundation.
+ * Copyright 1999-2012 The OpenLDAP Foundation.
* Portions Copyright 1999-2003 Howard Chu.
* Portions Copyright 2000-2003 Pierangelo Masarati.
* All rights reserved.
* <http://www.OpenLDAP.org/license.html>.
*/
/* ACKNOWLEDGEMENTS:
- * This work was initially developed by the Howard Chu for inclusion
+ * This work was initially developed by Howard Chu for inclusion
* in OpenLDAP Software and subsequently enhanced by Pierangelo
* Masarati.
*/
/* FIXME: after rewriting, we should also remap attributes ... */
-#ifdef ENABLE_REWRITE
+/*
+ * massages "in" and normalizes it into "ndn"
+ *
+ * "ndn" may be untouched if no massaging occurred and its value was not null
+ */
int
-rwm_dn_massage(
+rwm_dn_massage_normalize(
dncookie *dc,
struct berval *in,
- struct berval *dn,
- struct berval *ndn
-)
+ struct berval *ndn )
{
- int rc = 0;
- struct berval mdn;
-
- assert( in );
+ int rc;
+ struct berval mdn = BER_BVNULL;
+
+ /* massage and normalize a DN */
+ rc = rwm_dn_massage( dc, in, &mdn );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
- if ( dn == NULL && ndn == NULL ) {
- return LDAP_OTHER;
+ if ( mdn.bv_val == in->bv_val && !BER_BVISNULL( ndn ) ) {
+ return rc;
}
- rc = rewrite_session( dc->rwmap->rwm_rw, dc->ctx,
- ( in->bv_len ? in->bv_val : "" ),
- dc->conn, &mdn.bv_val );
- switch ( rc ) {
- case REWRITE_REGEXEC_OK:
- if ( !BER_BVISNULL( &mdn ) ) {
+ rc = dnNormalize( 0, NULL, NULL, &mdn, ndn, NULL );
- mdn.bv_len = strlen( mdn.bv_val );
-
- if ( dn != NULL && ndn != NULL ) {
- rc = dnPrettyNormal( NULL, &mdn, dn, ndn, NULL );
+ if ( mdn.bv_val != in->bv_val ) {
+ ch_free( mdn.bv_val );
+ }
- } else if ( dn != NULL ) {
- rc = dnPretty( NULL, &mdn, dn, NULL );
+ return rc;
+}
- } else if ( ndn != NULL) {
- rc = dnNormalize( 0, NULL, NULL, &mdn, ndn, NULL );
- }
+/*
+ * massages "in" and prettifies it into "pdn"
+ *
+ * "pdn" may be untouched if no massaging occurred and its value was not null
+ */
+int
+rwm_dn_massage_pretty(
+ dncookie *dc,
+ struct berval *in,
+ struct berval *pdn )
+{
+ int rc;
+ struct berval mdn = BER_BVNULL;
+
+ /* massage and pretty a DN */
+ rc = rwm_dn_massage( dc, in, &mdn );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
- if ( mdn.bv_val != in->bv_val ) {
- ch_free( mdn.bv_val );
- }
+ if ( mdn.bv_val == in->bv_val && !BER_BVISNULL( pdn ) ) {
+ return rc;
+ }
- } else {
- /* we assume the input string is already in pretty form,
- * and that the normalized version is already available */
- if ( dn ) {
- *dn = *in;
- if ( ndn ) {
- BER_BVZERO( ndn );
- }
- } else {
- *ndn = *in;
- }
- rc = LDAP_SUCCESS;
- }
+ rc = dnPretty( NULL, &mdn, pdn, NULL );
- Debug( LDAP_DEBUG_ARGS,
- "[rw] %s: \"%s\" -> \"%s\"\n",
- dc->ctx, in->bv_val, dn ? dn->bv_val : ndn->bv_val );
- break;
-
- case REWRITE_REGEXEC_UNWILLING:
- if ( dc->rs ) {
- dc->rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
- dc->rs->sr_text = "Operation not allowed";
- }
- rc = LDAP_UNWILLING_TO_PERFORM;
- break;
-
- case REWRITE_REGEXEC_ERR:
- if ( dc->rs ) {
- dc->rs->sr_err = LDAP_OTHER;
- dc->rs->sr_text = "Rewrite error";
- }
- rc = LDAP_OTHER;
- break;
+ if ( mdn.bv_val != in->bv_val ) {
+ ch_free( mdn.bv_val );
}
return rc;
}
-#else
/*
- * rwm_dn_massage
- *
- * Aliases the suffix; based on suffix_alias (servers/slapd/suffixalias.c).
+ * massages "in" and prettifies and normalizes it into "pdn" and "ndn"
+ *
+ * "pdn" may be untouched if no massaging occurred and its value was not null;
+ * "ndn" may be untouched if no massaging occurred and its value was not null;
+ * if no massage occurred and "ndn" value was not null, it is filled
+ * with the normaized value of "pdn", much like ndn = dnNormalize( pdn )
*/
int
-rwm_dn_massage(
+rwm_dn_massage_pretty_normalize(
dncookie *dc,
- struct berval *tmpin,
- struct berval *dn,
- struct berval *ndn
-)
+ struct berval *in,
+ struct berval *pdn,
+ struct berval *ndn )
{
- int i, src, dst;
- struct berval pretty = BER_BVNULL,
- normal = BER_BVNULL,
- *in = tmpin;
-
- if ( dn == NULL && ndn == NULL ) {
- return LDAP_OTHER;
+ int rc;
+ struct berval mdn = BER_BVNULL;
+
+ /* massage, pretty and normalize a DN */
+ rc = rwm_dn_massage( dc, in, &mdn );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
}
- if ( in == NULL || BER_BVISNULL( in ) ) {
- if ( dn ) {
- BER_BVZERO( dn );
- }
- if ( ndn ) {
- BER_BVZERO( ndn );
+ if ( mdn.bv_val == in->bv_val && !BER_BVISNULL( pdn ) ) {
+ if ( BER_BVISNULL( ndn ) ) {
+ rc = dnNormalize( 0, NULL, NULL, &mdn, ndn, NULL );
}
- return LDAP_SUCCESS;
+ return rc;
}
- if ( dc->rwmap == NULL || dc->rwmap->rwm_suffix_massage == NULL ) {
- if ( dn ) {
- *dn = *in;
- if ( ndn ) {
- BER_BVZERO( ndn );
- }
- } else {
- *ndn = *in;
- }
- return LDAP_SUCCESS;
- }
+ rc = dnPrettyNormal( NULL, &mdn, pdn, ndn, NULL );
- if ( dc->tofrom ) {
- src = 0 + dc->normalized;
- dst = 2 + dc->normalized;
+ if ( mdn.bv_val != in->bv_val ) {
+ ch_free( mdn.bv_val );
+ }
- } else {
- int rc;
+ return rc;
+}
- src = 2 + dc->normalized;
- dst = 0 + dc->normalized;
+/*
+ * massages "in" into "dn"
+ *
+ * "dn" may contain the value of "in" if no massage occurred
+ */
+int
+rwm_dn_massage(
+ dncookie *dc,
+ struct berval *in,
+ struct berval *dn
+)
+{
+ int rc = 0;
+ struct berval mdn;
+ static char *dmy = "";
+ char *in_val;
- /* DN from remote server may be in arbitrary form.
- * Pretty it so we can parse reliably.
- */
- if ( dc->normalized && dn == NULL ) {
- rc = dnNormalize( 0, NULL, NULL, in, &normal, NULL );
+ assert( dc != NULL );
+ assert( in != NULL );
+ assert( dn != NULL );
- } else if ( !dc->normalized && ndn == NULL ) {
- rc = dnPretty( NULL, in, &pretty, NULL );
+ /* protect from NULL berval */
+ in_val = in->bv_val ? in->bv_val : dmy;
+ rc = rewrite_session( dc->rwmap->rwm_rw, dc->ctx,
+ in_val, dc->conn, &mdn.bv_val );
+ switch ( rc ) {
+ case REWRITE_REGEXEC_OK:
+ if ( !BER_BVISNULL( &mdn ) && mdn.bv_val != in_val ) {
+ mdn.bv_len = strlen( mdn.bv_val );
+ *dn = mdn;
} else {
- rc = dnPrettyNormal( NULL, in, &pretty, &normal, NULL );
+ dn->bv_len = in->bv_len;
+ dn->bv_val = in_val;
}
+ rc = LDAP_SUCCESS;
- if ( rc != LDAP_SUCCESS ) {
- return rc;
- }
-
- if ( dc->normalized && !BER_BVISNULL( &normal ) ) {
- in = &normal;
-
- } else if ( !dc->normalized && !BER_BVISNULL( &pretty ) ) {
- in = &pretty;
- }
- }
-
- for ( i = 0;
- dc->rwmap->rwm_suffix_massage[i].bv_val != NULL;
- i += 4 ) {
- int aliasLength = dc->rwmap->rwm_suffix_massage[i+src].bv_len;
- int diff = in->bv_len - aliasLength;
-
- if ( diff < 0 ) {
- /* alias is longer than dn */
- continue;
-
- } else if ( diff > 0 && ( !DN_SEPARATOR(in->bv_val[diff-1]))) {
- /* FIXME: DN_SEPARATOR() is intended to work
- * on a normalized/pretty DN, so that ';'
- * is never used as a DN separator */
- continue;
- /* At a DN Separator */
+ Debug( LDAP_DEBUG_ARGS,
+ "[rw] %s: \"%s\" -> \"%s\"\n",
+ dc->ctx, in_val, dn->bv_val );
+ break;
+
+ case REWRITE_REGEXEC_UNWILLING:
+ if ( dc->rs ) {
+ dc->rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ dc->rs->sr_text = "Operation not allowed";
}
-
- if ( !strcmp( dc->rwmap->rwm_suffix_massage[i+src].bv_val, &in->bv_val[diff] ) ) {
- struct berval *out;
-
- if ( dn ) {
- out = dn;
- } else {
- out = ndn;
- }
- out->bv_len = diff + dc->rwmap->rwm_suffix_massage[i+dst].bv_len;
- out->bv_val = ch_malloc( out->bv_len + 1 );
- strncpy( out->bv_val, in->bv_val, diff );
- strcpy( &out->bv_val[diff], dc->rwmap->rwm_suffix_massage[i+dst].bv_val );
- Debug( LDAP_DEBUG_ARGS,
- "rwm_dn_massage:"
- " converted \"%s\" to \"%s\"\n",
- in->bv_val, out->bv_val, 0 );
- if ( dn && ndn ) {
- rc = dnNormalize( 0, NULL, NULL, dn, ndn, NULL );
- }
-
- break;
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ break;
+
+ case REWRITE_REGEXEC_ERR:
+ if ( dc->rs ) {
+ dc->rs->sr_err = LDAP_OTHER;
+ dc->rs->sr_text = "Rewrite error";
}
+ rc = LDAP_OTHER;
+ break;
}
- if ( !BER_BVISNULL( &pretty ) ) {
- ch_free( pretty.bv_val );
- }
-
- if ( !BER_BVISNULL( &normal ) ) {
- ch_free( normal.bv_val );
+ if ( mdn.bv_val == dmy ) {
+ BER_BVZERO( &mdn );
}
- in = tmpin;
-
- /* Nothing matched, just return the original DN */
- if ( dc->normalized && BER_BVISNULL( ndn ) ) {
- *ndn = *in;
-
- } else if ( !dc->normalized && BER_BVISNULL( dn ) ) {
- *dn = *in;
+ if ( dn->bv_val == dmy ) {
+ BER_BVZERO( dn );
}
- return LDAP_SUCCESS;
+ return rc;
}
-#endif /* !ENABLE_REWRITE */
#endif /* SLAPD_OVER_RWM */