goto exit;
}
+ if ( be->be_nsuffix == NULL ) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ),
+ "suffix must be set" );
+ Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n",
+ c->cr_msg, NULL, NULL );
+ rc = ARG_BAD_CONF;
+ goto exit;
+ }
+
if ( !dnIsSuffix ( &uri->ndn, &be->be_nsuffix[0] ) ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ),
"dn <%s> is not a suffix of backend base dn <%s>",
}
if (url_desc->lud_filter) {
- Filter * f;
- ber_str2bv( url_desc->lud_filter, 0, 1, &uri->filter );
- f = str2filter( uri->filter.bv_val );
+ Filter *f = str2filter( url_desc->lud_filter );
+ char *ptr;
if ( !f ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ),
"unique: bad filter");
rc = ARG_BAD_CONF;
goto exit;
}
+ /* make sure the strfilter is in normal form (ITS#5581) */
+ filter2bv( f, &uri->filter );
filter_free( f );
+ ptr = strstr( uri->filter.bv_val, "(?=" /*)*/ );
+ if ( ptr != NULL && ptr <= ( uri->filter.bv_val - STRLENOF( "(?=" /*)*/ ) + uri->filter.bv_len ) )
+ {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ),
+ "unique: bad filter");
+ rc = ARG_BAD_CONF;
+ goto exit;
+ }
}
exit:
- if ( bv.bv_val ) ber_memfree ( bv.bv_val );
uri->next = *urip;
*urip = uri;
if ( rc ) {
rc = ARG_BAD_CONF;
break;
}
+ if ( be->be_nsuffix == NULL ) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ),
+ "suffix must be set" );
+ Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n",
+ c->cr_msg, NULL, NULL );
+ rc = ARG_BAD_CONF;
+ break;
+ }
if ( !dnIsSuffix ( &c->value_ndn,
&be->be_nsuffix[0] ) ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ),
unique_counter uq = { NULL, 0 };
int rc;
- Debug(LDAP_DEBUG_TRACE, "==> unique_search %s\n", key, 0, 0);
+ Debug(LDAP_DEBUG_TRACE, "==> unique_search %s\n", key->bv_val, 0, 0);
nop->ors_filter = str2filter_x(nop, key->bv_val);
+ if(nop->ors_filter == NULL) {
+ op->o_bd->bd_info = (BackendInfo *) on->on_info;
+ send_ldap_error(op, rs, LDAP_OTHER,
+ "unique_search invalid filter");
+ return(rs->sr_err);
+ }
+
nop->ors_filterstr = *key;
cb.sc_response = (slap_response*)count_attr_cb;
nop->o_bd = on->on_info->oi_origdb;
rc = nop->o_bd->be_search(nop, &nrs);
- filter_free_x(nop, nop->ors_filter);
+ filter_free_x(nop, nop->ors_filter, 1);
op->o_tmpfree( key->bv_val, op->o_tmpmemctx );
if(rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT) {
domain = domain->next )
{
unique_domain_uri *uri;
- int ks = 0;
+ int ks = STRLENOF("(|)");
for ( uri = domain->uri;
uri;
/* skip this domain-uri if it isn't involved */
if ( !ks ) continue;
+ /* terminating NUL */
+ ks++;
+
if ( uri->filter.bv_val && uri->filter.bv_len )
ks += uri->filter.bv_len + STRLENOF ("(&)");
kp = key = op->o_tmpalloc(ks, op->o_tmpmemctx);
domain = domain->next )
{
unique_domain_uri *uri;
- int ks = 0;
+ int ks = STRLENOF("(|)");
for ( uri = domain->uri;
uri;
/* skip this domain-uri if it isn't involved */
if ( !ks ) continue;
+ /* terminating NUL */
+ ks++;
+
if ( uri->filter.bv_val && uri->filter.bv_len )
ks += uri->filter.bv_len + STRLENOF ("(&)");
kp = key = op->o_tmpalloc(ks, op->o_tmpmemctx);
domain = domain->next )
{
unique_domain_uri *uri;
- int ks = 0;
+ int ks = STRLENOF("(|)");
for ( uri = domain->uri;
uri;
/* skip this domain if it isn't involved */
if ( !ks ) continue;
+ /* terminating NUL */
+ ks++;
+
if ( uri->filter.bv_val && uri->filter.bv_len )
ks += uri->filter.bv_len + STRLENOF ("(&)");
kp = key = op->o_tmpalloc(ks, op->o_tmpmemctx);
projects / openldap / blobdiff