]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/schema_init.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Import ITS#2007 and ITS#2009 bug fixes from HEAD
[openldap] / servers / slapd / schema_init.c
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index 85e9f2526fc379d8fc47d5b49dcf0c8cad9152e7..4e8ac815f89ddbca06df111e1f86e83718c8cfd8 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -274,7 +274,7 @@ nameUIDValidate(
 
        rc = dnValidate( NULL, &dn );
 
-       ber_memfree( &dn );
+       ber_memfree( dn.bv_val );
        return rc;
 }
 
@@ -2797,6 +2797,7 @@ static int caseIgnoreIA5Indexer(
        BerVarray *keysp )
 {
        int i;
+       int rc = LDAP_SUCCESS;
        size_t slen, mlen;
        BerVarray keys;
        HASH_CONTEXT   HASHcontext;
@@ -2819,7 +2820,21 @@ static int caseIgnoreIA5Indexer(
 
        for( i=0; values[i].bv_val != NULL; i++ ) {
                struct berval value;
-               ber_dupbv( &value, &values[i] );
+
+               if( mr->smr_normalize ) {
+                       rc = (mr->smr_normalize)( use, syntax, mr, &values[i], &value );
+                       if( rc != LDAP_SUCCESS ) {
+                               break;
+                       }
+               } else if ( mr->smr_syntax->ssyn_normalize ) {
+                       rc = (mr->smr_syntax->ssyn_normalize)( syntax, &values[i], &value );
+                       if( rc != LDAP_SUCCESS ) {
+                               break;
+                       }
+               } else {
+                       ber_dupbv( &value, &values[i] );
+               }
+
                ldap_pvt_str2lower( value.bv_val );
 
                HASH_Init( &HASHcontext );
@@ -2841,8 +2856,12 @@ static int caseIgnoreIA5Indexer(
        }
 
        keys[i].bv_val = NULL;
+       if( rc != LDAP_SUCCESS ) {
+               ber_bvarray_free( keys );
+               keys = NULL;
+       }
        *keysp = keys;
-       return LDAP_SUCCESS;
+       return rc;
 }
 
 /* Index generation function */
@@ -3348,9 +3367,9 @@ objectIdentifierFirstComponentMatch(
        }
 
 #ifdef NEW_LOGGING
-       LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-                  "objectIdentifierFirstComponentMatch: %d\n    %s\n    %s\n",
-                  match, value->bv_val, asserted->bv_val ));
+       LDAP_LOG( CONFIG, ENTRY, 
+               "objectIdentifierFirstComponentMatch: %d\n %s\n %s\n",
+               match, value->bv_val, asserted->bv_val );
 #else
        Debug( LDAP_DEBUG_ARGS, "objectIdentifierFirstComponentMatch "
                "%d\n\t\"%s\"\n\t\"%s\"\n",
@@ -3480,16 +3499,6 @@ asn1_integer2str(ASN1_INTEGER *a, struct berval *bv)
        return ber_str2bv( p, 0, 1, bv );
 }
 
-/* Get a DN in RFC2253 format from a X509_NAME internal struct */
-int
-dn_openssl2ldap(X509_NAME *name, struct berval *out)
-{
-       char buf[2048], *p;
-
-       p = X509_NAME_oneline( name, buf, sizeof( buf ) );
-       return dnDCEnormalize( p, out );
-}
-
 /*
  * Given a certificate in DER format, extract the corresponding
  * assertion value for certificateExactMatch
@@ -3507,9 +3516,9 @@ certificateExactConvert(
        xcert = d2i_X509(NULL, &p, in->bv_len);
        if ( !xcert ) {
 #ifdef NEW_LOGGING
-               LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-                          "certificateExactConvert: error parsing cert: %s\n",
-                          ERR_error_string(ERR_get_error(),NULL)));
+               LDAP_LOG( CONFIG, ENTRY, 
+                       "certificateExactConvert: error parsing cert: %s\n",
+                       ERR_error_string(ERR_get_error(),NULL), 0, 0 );
 #else
                Debug( LDAP_DEBUG_ARGS, "certificateExactConvert: "
                       "error parsing cert: %s\n",
@@ -3522,7 +3531,7 @@ certificateExactConvert(
                X509_free(xcert);
                return LDAP_INVALID_SYNTAX;
        }
-       if ( dn_openssl2ldap(X509_get_issuer_name(xcert), &issuer_dn ) != LDAP_SUCCESS ) {
+       if ( dnX509normalize(X509_get_issuer_name(xcert), &issuer_dn ) != LDAP_SUCCESS ) {
                X509_free(xcert);
                ber_memfree(serial.bv_val);
                return LDAP_INVALID_SYNTAX;
@@ -3542,9 +3551,8 @@ certificateExactConvert(
        *p++ = '\0';
 
 #ifdef NEW_LOGGING
-       LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-                  "certificateExactConvert: \n %s\n",
-                  out->bv_val));
+       LDAP_LOG( CONFIG, ARGS, 
+               "certificateExactConvert: \n    %s\n", out->bv_val, 0, 0 );
 #else
        Debug( LDAP_DEBUG_ARGS, "certificateExactConvert "
                "\n\t\"%s\"\n",
@@ -3624,9 +3632,9 @@ certificateExactMatch(
        xcert = d2i_X509(NULL, &p, value->bv_len);
        if ( !xcert ) {
 #ifdef NEW_LOGGING
-               LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-                          "certificateExactMatch: error parsing cert: %s\n",
-                          ERR_error_string(ERR_get_error(),NULL)));
+               LDAP_LOG( CONFIG, ENTRY, 
+                       "certificateExactMatch: error parsing cert: %s\n",
+                       ERR_error_string(ERR_get_error(),NULL), 0, 0 );
 #else
                Debug( LDAP_DEBUG_ARGS, "certificateExactMatch: "
                       "error parsing cert: %s\n",
@@ -3636,7 +3644,7 @@ certificateExactMatch(
        }
 
        asn1_integer2str(xcert->cert_info->serialNumber, &serial);
-       dn_openssl2ldap(X509_get_issuer_name(xcert), &issuer_dn);
+       dnX509normalize(X509_get_issuer_name(xcert), &issuer_dn);
 
        X509_free(xcert);
 
@@ -3665,10 +3673,12 @@ certificateExactMatch(
        }
 
 #ifdef NEW_LOGGING
-       LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-                  "certificateExactMatch: %d\n  %s $ %s\n       %s $   %s\n",
-                  *matchp, serial.bv_val, issuer_dn.bv_val,
-                  asserted_serial.bv_val, asserted_issuer_dn.bv_val));
+       LDAP_LOG( CONFIG, ARGS, "certificateExactMatch "
+               "%d\n\t\"%s $ %s\"\n",
+               *matchp, serial.bv_val, issuer_dn.bv_val );
+       LDAP_LOG( CONFIG, ARGS, "\t\"%s $ %s\"\n",
+               asserted_serial.bv_val, asserted_issuer_dn.bv_val,
+               0 );
 #else
        Debug( LDAP_DEBUG_ARGS, "certificateExactMatch "
                "%d\n\t\"%s $ %s\"\n",
@@ -3720,9 +3730,9 @@ static int certificateExactIndexer(
                xcert = d2i_X509(NULL, &p, values[i].bv_len);
                if ( !xcert ) {
 #ifdef NEW_LOGGING
-                       LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-                           "certificateExactIndexer: error parsing cert: %s\n",
-                               ERR_error_string(ERR_get_error(),NULL)));
+                       LDAP_LOG( CONFIG, ENTRY, 
+                               "certificateExactIndexer: error parsing cert: %s\n",
+                               ERR_error_string(ERR_get_error(),NULL), 0, 0);
 #else
                        Debug( LDAP_DEBUG_ARGS, "certificateExactIndexer: "
                               "error parsing cert: %s\n",
@@ -3740,9 +3750,8 @@ static int certificateExactIndexer(
                                  &keys[i] );
                ber_memfree(serial.bv_val);
 #ifdef NEW_LOGGING
-               LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-                          "certificateExactIndexer: returning: %s\n",
-                          keys[i].bv_val));
+               LDAP_LOG( CONFIG, ENTRY, 
+                       "certificateExactIndexer: returning: %s\n", keys[i].bv_val, 0, 0);
 #else
                Debug( LDAP_DEBUG_ARGS, "certificateExactIndexer: "
                       "returning: %s\n",
@@ -4051,7 +4060,7 @@ nisNetgroupTripleValidate(
                                return LDAP_INVALID_SYNTAX;
                        }
 
-               } else if ( !ATTR_CHAR( *p ) ) {
+               } else if ( !AD_CHAR( *p ) ) {
                        return LDAP_INVALID_SYNTAX;
                }
        }
@@ -4085,7 +4094,7 @@ bootParameterValidate(
 
        /* key */
        for (; ( p < e ) && ( *p != '=' ); p++ ) {
-               if ( !ATTR_CHAR( *p ) ) {
+               if ( !AD_CHAR( *p ) ) {
                        return LDAP_INVALID_SYNTAX;
                }
        }
@@ -4096,7 +4105,7 @@ bootParameterValidate(
 
        /* server */
        for ( p++; ( p < e ) && ( *p != ':' ); p++ ) {
-               if ( !ATTR_CHAR( *p ) ) {
+               if ( !AD_CHAR( *p ) ) {
                        return LDAP_INVALID_SYNTAX;
                }
        }
@@ -4107,7 +4116,7 @@ bootParameterValidate(
 
        /* path */
        for ( p++; p < e; p++ ) {
-               if ( !ATTR_CHAR( *p ) ) {
+               if ( !SLAP_PRINTABLE( *p ) ) {
                        return LDAP_INVALID_SYNTAX;
                }
        }
@@ -4618,7 +4627,7 @@ int
 slap_schema_init( void )
 {
        int             res;
-       int             i;
+       int             i = 0;
 
        /* we should only be called once (from main) */
        assert( schema_init_done == 0 );
Cloned from git://git.openldap.org/openldap.git