/* referral.c - muck with referrals */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2007 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
*/
#include "portable.h"
#include <ac/socket.h>
#include <ac/errno.h>
-#include <ac/signal.h>
#include <ac/string.h>
#include <ac/ctype.h>
#include <ac/time.h>
#include <ac/unistd.h>
-#include <ldap_pvt.h>
-
#include "slap.h"
/*
*/
static char * referral_dn_muck(
const char * refDN,
- const char * baseDN,
- const char * targetDN )
+ struct berval * baseDN,
+ struct berval * targetDN )
{
- char *tmp;
- char *nrefDN = NULL;
- char *nbaseDN = NULL;
- char *ntargetDN = NULL;
+ int rc;
+ struct berval bvin;
+ struct berval nrefDN = BER_BVNULL;
+ struct berval nbaseDN = BER_BVNULL;
+ struct berval ntargetDN = BER_BVNULL;
if( !baseDN ) {
/* no base, return target */
- return targetDN ? ch_strdup( targetDN ) : NULL;
+ return targetDN ? ch_strdup( targetDN->bv_val ) : NULL;
}
if( refDN ) {
- nrefDN = dn_validate( tmp = ch_strdup( refDN ) );
- if( !nrefDN ) {
+ bvin.bv_val = (char *)refDN;
+ bvin.bv_len = strlen( refDN );
+
+ rc = dnPretty( NULL, &bvin, &nrefDN, NULL );
+ if( rc != LDAP_SUCCESS ) {
/* Invalid refDN */
- ch_free( tmp );
return NULL;
}
}
* if refDN present return refDN
* else return baseDN
*/
- return nrefDN ? nrefDN : ch_strdup( baseDN );
+ return nrefDN.bv_len ? nrefDN.bv_val : ch_strdup( baseDN->bv_val );
}
- ntargetDN = dn_validate( tmp = ch_strdup( targetDN ) );
- if( !ntargetDN ) {
- ch_free( tmp );
- ch_free( nrefDN );
+ rc = dnPretty( NULL, targetDN, &ntargetDN, NULL );
+ if( rc != LDAP_SUCCESS ) {
+ /* Invalid targetDN */
+ ch_free( nrefDN.bv_val );
return NULL;
}
- if( nrefDN ) {
- nbaseDN = dn_validate( tmp = ch_strdup( baseDN ) );
- if( !nbaseDN ) {
+ if( nrefDN.bv_len ) {
+ rc = dnPretty( NULL, baseDN, &nbaseDN, NULL );
+ if( rc != LDAP_SUCCESS ) {
/* Invalid baseDN */
- ch_free( ntargetDN );
- ch_free( nrefDN );
- ch_free( tmp );
+ ch_free( nrefDN.bv_val );
+ ch_free( ntargetDN.bv_val );
return NULL;
}
- if( strcasecmp( nbaseDN, nrefDN ) == 0 ) {
- ch_free( nrefDN );
- ch_free( nbaseDN );
- return ntargetDN;
+ if( dn_match( &nbaseDN, &nrefDN ) ) {
+ ch_free( nrefDN.bv_val );
+ ch_free( nbaseDN.bv_val );
+ return ntargetDN.bv_val;
}
{
- /*
- * FIXME: string based mucking
- */
- char *muck;
- size_t reflen, baselen, targetlen, mucklen;
-
- reflen = strlen( nrefDN );
- baselen = strlen( nbaseDN );
- targetlen = strlen( ntargetDN );
-
- if( targetlen < baselen ) {
- ch_free( nrefDN );
- ch_free( nbaseDN );
- return ntargetDN;
+ struct berval muck;
+
+ if( ntargetDN.bv_len < nbaseDN.bv_len ) {
+ ch_free( nrefDN.bv_val );
+ ch_free( nbaseDN.bv_val );
+ return ntargetDN.bv_val;
}
- if( strcasecmp( &ntargetDN[targetlen-baselen], nbaseDN ) ) {
+ rc = strcasecmp(
+ &ntargetDN.bv_val[ntargetDN.bv_len-nbaseDN.bv_len],
+ nbaseDN.bv_val );
+ if( rc ) {
/* target not subordinate to base */
- ch_free( nrefDN );
- ch_free( nbaseDN );
- return ntargetDN;
+ ch_free( nrefDN.bv_val );
+ ch_free( nbaseDN.bv_val );
+ return ntargetDN.bv_val;
}
- mucklen = targetlen + reflen - baselen;
- muck = ch_malloc( 1 + mucklen );
+ muck.bv_len = ntargetDN.bv_len + nrefDN.bv_len - nbaseDN.bv_len;
+ muck.bv_val = ch_malloc( muck.bv_len + 1 );
- strncpy( muck, ntargetDN, targetlen-baselen );
- strcpy( &muck[targetlen-baselen], nrefDN );
+ strncpy( muck.bv_val, ntargetDN.bv_val,
+ ntargetDN.bv_len-nbaseDN.bv_len );
+ strcpy( &muck.bv_val[ntargetDN.bv_len-nbaseDN.bv_len],
+ nrefDN.bv_val );
- ch_free( nrefDN );
- ch_free( nbaseDN );
- ch_free( ntargetDN );
+ ch_free( nrefDN.bv_val );
+ ch_free( nbaseDN.bv_val );
+ ch_free( ntargetDN.bv_val );
- return muck;
+ return muck.bv_val;
}
}
- return ntargetDN;
+ ch_free( nrefDN.bv_val );
+ return ntargetDN.bv_val;
}
default:
/* other error, bail */
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "referral: invalid URL (%s): %s (%d)\n",
- url, "" /* ldap_url_error2str(rc) */, rc ));
-#else
Debug( LDAP_DEBUG_ANY,
"referral: invalid URL (%s): %s (%d)\n",
url, "" /* ldap_url_error2str(rc) */, rc );
-#endif
return 1;
}
rc = 0;
if( lurl->lud_dn && *lurl->lud_dn ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "referral: URL (%s): contains DN\n",
- url ));
-#else
Debug( LDAP_DEBUG_ANY,
"referral: URL (%s): contains DN\n",
url, 0, 0 );
-#endif
rc = 1;
} else if( lurl->lud_attrs ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "referral: URL (%s): requests attributes\n",
- url ));
-#else
Debug( LDAP_DEBUG_ANY,
"referral: URL (%s): requests attributes\n",
url, 0, 0 );
-#endif
rc = 1;
} else if( lurl->lud_scope != LDAP_SCOPE_DEFAULT ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "referral: URL (%s): contains explicit scope\n",
- url ));
-#else
Debug( LDAP_DEBUG_ANY,
"referral: URL (%s): contains explicit scope\n",
url, 0, 0 );
-#endif
rc = 1;
} else if( lurl->lud_filter ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "referral: URL (%s): contains explicit filter\n",
- url ));
-#else
Debug( LDAP_DEBUG_ANY,
"referral: URL (%s): contains explicit filter\n",
url, 0, 0 );
-#endif
rc = 1;
}
return rc;
}
-BVarray referral_rewrite(
- BVarray in,
+BerVarray referral_rewrite(
+ BerVarray in,
struct berval *base,
struct berval *target,
int scope )
{
- int i;
- BVarray refs;
- struct berval *iv, *jv;
+ int i;
+ BerVarray refs;
+ struct berval *iv, *jv;
- if( in == NULL ) return NULL;
+ if ( in == NULL ) {
+ return NULL;
+ }
- for( i=0; in[i].bv_val != NULL ; i++ ) {
+ for ( i = 0; !BER_BVISNULL( &in[i] ); i++ ) {
/* just count them */
}
- if( i < 1 ) return NULL;
-
- refs = ch_malloc( (i+1) * sizeof( struct berval ) );
+ if ( i < 1 ) {
+ return NULL;
+ }
- for( iv=in,jv=refs; iv->bv_val != NULL ; iv++ ) {
- LDAPURLDesc *url;
- int rc = ldap_url_parse_ext( iv->bv_val, &url );
+ refs = ch_malloc( ( i + 1 ) * sizeof( struct berval ) );
- if( rc == LDAP_URL_ERR_BADSCHEME ) {
+ for ( iv = in, jv = refs; !BER_BVISNULL( iv ); iv++ ) {
+ LDAPURLDesc *url;
+ char *dn;
+ int rc;
+
+ rc = ldap_url_parse_ext( iv->bv_val, &url );
+ if ( rc == LDAP_URL_ERR_BADSCHEME ) {
ber_dupbv( jv++, iv );
continue;
- } else if( rc != LDAP_URL_SUCCESS ) {
+ } else if ( rc != LDAP_URL_SUCCESS ) {
continue;
}
- {
- char *dn = url->lud_dn;
- url->lud_dn = referral_dn_muck(
- ( dn && *dn ) ? dn : NULL,
- base ? base->bv_val : NULL,
- target ? target->bv_val : NULL );
-
- ldap_memfree( dn );
- }
+ dn = url->lud_dn;
+ url->lud_dn = referral_dn_muck( ( dn && *dn ) ? dn : NULL,
+ base, target );
+ ldap_memfree( dn );
- if( url->lud_scope == LDAP_SCOPE_DEFAULT ) {
+ if ( url->lud_scope == LDAP_SCOPE_DEFAULT ) {
url->lud_scope = scope;
}
jv->bv_val = ldap_url_desc2str( url );
- jv->bv_len = strlen( jv->bv_val );
+ if ( jv->bv_val != NULL ) {
+ jv->bv_len = strlen( jv->bv_val );
- ldap_free_urldesc( url );
+ } else {
+ ber_dupbv( jv, iv );
+ }
jv++;
+
+ ldap_free_urldesc( url );
}
- if( jv == refs ) {
+ if ( jv == refs ) {
ch_free( refs );
refs = NULL;
} else {
- jv->bv_val = NULL;
+ BER_BVZERO( jv );
}
return refs;
}
-BVarray get_entry_referrals(
- Backend *be,
- Connection *conn,
+BerVarray get_entry_referrals(
Operation *op,
Entry *e )
{
Attribute *attr;
- BVarray refs;
+ BerVarray refs;
unsigned i;
struct berval *iv, *jv;
/* trim the label */
for( k=0; k<jv->bv_len; k++ ) {
- if( isspace(jv->bv_val[k]) ) {
+ if( isspace( (unsigned char) jv->bv_val[k] ) ) {
jv->bv_val[k] = '\0';
jv->bv_len = k;
break;
return refs;
}
+
+int get_alias_dn(
+ Entry *e,
+ struct berval *ndn,
+ int *err,
+ const char **text )
+{
+ Attribute *a;
+ AttributeDescription *aliasedObjectName
+ = slap_schema.si_ad_aliasedObjectName;
+
+ a = attr_find( e->e_attrs, aliasedObjectName );
+
+ if( a == NULL ) {
+ /*
+ * there was an aliasedobjectname defined but no data.
+ */
+ *err = LDAP_ALIAS_PROBLEM;
+ *text = "alias missing aliasedObjectName attribute";
+ return -1;
+ }
+
+ /*
+ * aliasedObjectName should be SINGLE-VALUED with a single value.
+ */
+ if ( a->a_vals[0].bv_val == NULL ) {
+ /*
+ * there was an aliasedobjectname defined but no data.
+ */
+ *err = LDAP_ALIAS_PROBLEM;
+ *text = "alias missing aliasedObjectName value";
+ return -1;
+ }
+
+ if( a->a_nvals[1].bv_val != NULL ) {
+ *err = LDAP_ALIAS_PROBLEM;
+ *text = "alias has multivalued aliasedObjectName";
+ return -1;
+ }
+
+ *ndn = a->a_nvals[0];
+
+ return 0;
+}
+
projects / openldap / blobdiff