rc = dnValidate( NULL, &dn );
- ber_memfree( &dn );
+ ber_memfree( dn.bv_val );
return rc;
}
BerVarray *keysp )
{
int i;
+ int rc = LDAP_SUCCESS;
size_t slen, mlen;
BerVarray keys;
HASH_CONTEXT HASHcontext;
for( i=0; values[i].bv_val != NULL; i++ ) {
struct berval value;
- ber_dupbv( &value, &values[i] );
+
+ if( mr->smr_normalize ) {
+ rc = (mr->smr_normalize)( use, syntax, mr, &values[i], &value );
+ if( rc != LDAP_SUCCESS ) {
+ break;
+ }
+ } else if ( mr->smr_syntax->ssyn_normalize ) {
+ rc = (mr->smr_syntax->ssyn_normalize)( syntax, &values[i], &value );
+ if( rc != LDAP_SUCCESS ) {
+ break;
+ }
+ } else {
+ ber_dupbv( &value, &values[i] );
+ }
+
ldap_pvt_str2lower( value.bv_val );
HASH_Init( &HASHcontext );
}
keys[i].bv_val = NULL;
+ if( rc != LDAP_SUCCESS ) {
+ ber_bvarray_free( keys );
+ keys = NULL;
+ }
*keysp = keys;
- return LDAP_SUCCESS;
+ return rc;
}
/* Index generation function */
}
#ifdef NEW_LOGGING
- LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
- "objectIdentifierFirstComponentMatch: %d\n %s\n %s\n",
- match, value->bv_val, asserted->bv_val ));
+ LDAP_LOG( CONFIG, ENTRY,
+ "objectIdentifierFirstComponentMatch: %d\n %s\n %s\n",
+ match, value->bv_val, asserted->bv_val );
#else
Debug( LDAP_DEBUG_ARGS, "objectIdentifierFirstComponentMatch "
"%d\n\t\"%s\"\n\t\"%s\"\n",
return ber_str2bv( p, 0, 1, bv );
}
-/* Get a DN in RFC2253 format from a X509_NAME internal struct */
-int
-dn_openssl2ldap(X509_NAME *name, struct berval *out)
-{
- char buf[2048], *p;
-
- p = X509_NAME_oneline( name, buf, sizeof( buf ) );
- return dnDCEnormalize( p, out );
-}
-
/*
* Given a certificate in DER format, extract the corresponding
* assertion value for certificateExactMatch
xcert = d2i_X509(NULL, &p, in->bv_len);
if ( !xcert ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
- "certificateExactConvert: error parsing cert: %s\n",
- ERR_error_string(ERR_get_error(),NULL)));
+ LDAP_LOG( CONFIG, ENTRY,
+ "certificateExactConvert: error parsing cert: %s\n",
+ ERR_error_string(ERR_get_error(),NULL), 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS, "certificateExactConvert: "
"error parsing cert: %s\n",
X509_free(xcert);
return LDAP_INVALID_SYNTAX;
}
- if ( dn_openssl2ldap(X509_get_issuer_name(xcert), &issuer_dn ) != LDAP_SUCCESS ) {
+ if ( dnX509normalize(X509_get_issuer_name(xcert), &issuer_dn ) != LDAP_SUCCESS ) {
X509_free(xcert);
ber_memfree(serial.bv_val);
return LDAP_INVALID_SYNTAX;
*p++ = '\0';
#ifdef NEW_LOGGING
- LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
- "certificateExactConvert: \n %s\n",
- out->bv_val));
+ LDAP_LOG( CONFIG, ARGS,
+ "certificateExactConvert: \n %s\n", out->bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS, "certificateExactConvert "
"\n\t\"%s\"\n",
xcert = d2i_X509(NULL, &p, value->bv_len);
if ( !xcert ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
- "certificateExactMatch: error parsing cert: %s\n",
- ERR_error_string(ERR_get_error(),NULL)));
+ LDAP_LOG( CONFIG, ENTRY,
+ "certificateExactMatch: error parsing cert: %s\n",
+ ERR_error_string(ERR_get_error(),NULL), 0, 0 );
#else
Debug( LDAP_DEBUG_ARGS, "certificateExactMatch: "
"error parsing cert: %s\n",
}
asn1_integer2str(xcert->cert_info->serialNumber, &serial);
- dn_openssl2ldap(X509_get_issuer_name(xcert), &issuer_dn);
+ dnX509normalize(X509_get_issuer_name(xcert), &issuer_dn);
X509_free(xcert);
}
#ifdef NEW_LOGGING
- LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
- "certificateExactMatch: %d\n %s $ %s\n %s $ %s\n",
- *matchp, serial.bv_val, issuer_dn.bv_val,
- asserted_serial.bv_val, asserted_issuer_dn.bv_val));
+ LDAP_LOG( CONFIG, ARGS, "certificateExactMatch "
+ "%d\n\t\"%s $ %s\"\n",
+ *matchp, serial.bv_val, issuer_dn.bv_val );
+ LDAP_LOG( CONFIG, ARGS, "\t\"%s $ %s\"\n",
+ asserted_serial.bv_val, asserted_issuer_dn.bv_val,
+ 0 );
#else
Debug( LDAP_DEBUG_ARGS, "certificateExactMatch "
"%d\n\t\"%s $ %s\"\n",
xcert = d2i_X509(NULL, &p, values[i].bv_len);
if ( !xcert ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
- "certificateExactIndexer: error parsing cert: %s\n",
- ERR_error_string(ERR_get_error(),NULL)));
+ LDAP_LOG( CONFIG, ENTRY,
+ "certificateExactIndexer: error parsing cert: %s\n",
+ ERR_error_string(ERR_get_error(),NULL), 0, 0);
#else
Debug( LDAP_DEBUG_ARGS, "certificateExactIndexer: "
"error parsing cert: %s\n",
&keys[i] );
ber_memfree(serial.bv_val);
#ifdef NEW_LOGGING
- LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
- "certificateExactIndexer: returning: %s\n",
- keys[i].bv_val));
+ LDAP_LOG( CONFIG, ENTRY,
+ "certificateExactIndexer: returning: %s\n", keys[i].bv_val, 0, 0);
#else
Debug( LDAP_DEBUG_ARGS, "certificateExactIndexer: "
"returning: %s\n",
return LDAP_INVALID_SYNTAX;
}
- } else if ( !ATTR_CHAR( *p ) ) {
+ } else if ( !AD_CHAR( *p ) ) {
return LDAP_INVALID_SYNTAX;
}
}
/* key */
for (; ( p < e ) && ( *p != '=' ); p++ ) {
- if ( !ATTR_CHAR( *p ) ) {
+ if ( !AD_CHAR( *p ) ) {
return LDAP_INVALID_SYNTAX;
}
}
/* server */
for ( p++; ( p < e ) && ( *p != ':' ); p++ ) {
- if ( !ATTR_CHAR( *p ) ) {
+ if ( !AD_CHAR( *p ) ) {
return LDAP_INVALID_SYNTAX;
}
}
/* path */
for ( p++; p < e; p++ ) {
- if ( !ATTR_CHAR( *p ) ) {
+ if ( !SLAP_PRINTABLE( *p ) ) {
return LDAP_INVALID_SYNTAX;
}
}
slap_schema_init( void )
{
int res;
- int i;
+ int i = 0;
/* we should only be called once (from main) */
assert( schema_init_done == 0 );