/* schema_init.c - init builtin schema */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2004 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
*/
#include "portable.h"
static int certificateValidate( Syntax *syntax, struct berval *in )
{
X509 *xcert=NULL;
- unsigned char *p = in->bv_val;
+ unsigned char *p = (unsigned char *)in->bv_val;
xcert = d2i_X509(NULL, &p, in->bv_len);
if ( !xcert ) return LDAP_INVALID_SYNTAX;
HASH_CONTEXT HASHcontext;
unsigned char HASHdigest[HASH_BYTES];
struct berval digest;
- digest.bv_val = HASHdigest;
+ digest.bv_val = (char *)HASHdigest;
digest.bv_len = sizeof(HASHdigest);
for( i=0; values[i].bv_val != NULL; i++ ) {
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val,
+ prefix->bv_len );
}
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- values[i].bv_val, values[i].bv_len );
+ (unsigned char *)values[i].bv_val, values[i].bv_len );
HASH_Final( HASHdigest, &HASHcontext );
ber_dupbv_x( &keys[i], &digest, ctx );
unsigned char HASHdigest[HASH_BYTES];
struct berval *value = (struct berval *) assertedValue;
struct berval digest;
- digest.bv_val = HASHdigest;
+ digest.bv_val = (char *)HASHdigest;
digest.bv_len = sizeof(HASHdigest);
slen = syntax->ssyn_oidlen;
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val, prefix->bv_len );
}
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- value->bv_val, value->bv_len );
+ (unsigned char *)value->bv_val, value->bv_len );
HASH_Final( HASHdigest, &HASHcontext );
ber_dupbv_x( keys, &digest, ctx );
HASH_CONTEXT HASHcontext;
unsigned char HASHdigest[HASH_BYTES];
struct berval digest;
- digest.bv_val = HASHdigest;
+ digest.bv_val = (char *)HASHdigest;
digest.bv_len = sizeof(HASHdigest);
nkeys=0;
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val, prefix->bv_len );
}
HASH_Update( &HASHcontext,
- &pre, sizeof( pre ) );
+ (unsigned char *)&pre, sizeof( pre ) );
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- &values[i].bv_val[j],
+ (unsigned char *)&values[i].bv_val[j],
SLAP_INDEX_SUBSTR_MAXLEN );
HASH_Final( HASHdigest, &HASHcontext );
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val, prefix->bv_len );
}
HASH_Update( &HASHcontext,
- &pre, sizeof( pre ) );
+ (unsigned char *)&pre, sizeof( pre ) );
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- values[i].bv_val, j );
+ (unsigned char *)values[i].bv_val, j );
HASH_Final( HASHdigest, &HASHcontext );
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val, prefix->bv_len );
}
HASH_Update( &HASHcontext,
- &pre, sizeof( pre ) );
+ (unsigned char *)&pre, sizeof( pre ) );
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- &values[i].bv_val[values[i].bv_len-j], j );
+ (unsigned char *)&values[i].bv_val[values[i].bv_len-j], j );
HASH_Final( HASHdigest, &HASHcontext );
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
return LDAP_SUCCESS;
}
- digest.bv_val = HASHdigest;
+ digest.bv_val = (char *)HASHdigest;
digest.bv_len = sizeof(HASHdigest);
slen = syntax->ssyn_oidlen;
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val, prefix->bv_len );
}
HASH_Update( &HASHcontext,
- &pre, sizeof( pre ) );
+ (unsigned char *)&pre, sizeof( pre ) );
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- value->bv_val, klen );
+ (unsigned char *)value->bv_val, klen );
HASH_Final( HASHdigest, &HASHcontext );
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val, prefix->bv_len );
}
HASH_Update( &HASHcontext,
- &pre, sizeof( pre ) );
+ (unsigned char *)&pre, sizeof( pre ) );
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- &value->bv_val[j], klen );
+ (unsigned char *)&value->bv_val[j], klen );
HASH_Final( HASHdigest, &HASHcontext );
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
HASH_Init( &HASHcontext );
if( prefix != NULL && prefix->bv_len > 0 ) {
HASH_Update( &HASHcontext,
- prefix->bv_val, prefix->bv_len );
+ (unsigned char *)prefix->bv_val, prefix->bv_len );
}
HASH_Update( &HASHcontext,
- &pre, sizeof( pre ) );
+ (unsigned char *)&pre, sizeof( pre ) );
HASH_Update( &HASHcontext,
- syntax->ssyn_oid, slen );
+ (unsigned char *)syntax->ssyn_oid, slen );
HASH_Update( &HASHcontext,
- mr->smr_oid, mlen );
+ (unsigned char *)mr->smr_oid, mlen );
HASH_Update( &HASHcontext,
- &value->bv_val[value->bv_len-klen], klen );
+ (unsigned char *)&value->bv_val[value->bv_len-klen], klen );
HASH_Final( HASHdigest, &HASHcontext );
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
struct berval out;
int rc;
+ assert( SLAP_MR_IS_VALUE_OF_SYNTAX( usage ));
+
ber_dupbv( &out, val );
if( out.bv_len != 0 ) {
struct berval uid = { 0, NULL };
{
ber_len_t count;
int len;
- unsigned char *u = in->bv_val;
+ unsigned char *u = (unsigned char *)in->bv_val;
if( in->bv_len == 0 && syntax == slap_schema.si_syn_directoryString ) {
/* directory strings cannot be empty */
/* make sure len corresponds with the offset
to the next character */
- if( LDAP_UTF8_OFFSET( u ) != len ) return LDAP_INVALID_SYNTAX;
+ if( LDAP_UTF8_OFFSET( (char *)u ) != len ) return LDAP_INVALID_SYNTAX;
}
if( count != 0 ) {
int flags;
int i, wasspace;
+ assert( SLAP_MR_IS_VALUE_OF_SYNTAX( use ));
+
if( val->bv_val == NULL ) {
/* assume we're dealing with a syntax (e.g., UTF8String)
* which allows empty strings
{
char *p, *q;
+ assert( SLAP_MR_IS_VALUE_OF_SYNTAX( usage ));
+
/* validator should have refused an empty string */
assert( val->bv_len );
void *ctx )
{
char *p, *q;
- int casefold = SLAP_MR_ASSOCIATED(mr, slap_schema.si_mr_caseExactIA5Match);
+ int casefold = !SLAP_MR_ASSOCIATED(mr, slap_schema.si_mr_caseExactIA5Match);
assert( val->bv_len );
+ assert( SLAP_MR_IS_VALUE_OF_SYNTAX( use ));
+
p = val->bv_val;
/* Ignore initial whitespace */
return LDAP_SUCCESS;
}
+static int
+UUIDValidate(
+ Syntax *syntax,
+ struct berval *in )
+{
+ int i;
+ if( in->bv_len != 36 ) {
+ assert(0);
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ for( i=0; i<36; i++ ) {
+ switch(i) {
+ case 8:
+ case 13:
+ case 18:
+ case 23:
+ if( in->bv_val[i] != '-' ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+ break;
+ default:
+ if( !ASCII_HEX( in->bv_val[i]) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+ }
+ }
+
+ return LDAP_SUCCESS;
+}
+
+static int
+UUIDNormalize(
+ slap_mask_t usage,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *val,
+ struct berval *normalized,
+ void *ctx )
+{
+ unsigned char octet = '\0';
+ int i;
+ int j;
+ normalized->bv_len = 16;
+ normalized->bv_val = sl_malloc( normalized->bv_len+1, ctx );
+
+ for( i=0, j=0; i<36; i++ ) {
+ unsigned char nibble;
+ if( val->bv_val[i] == '-' ) {
+ continue;
+
+ } else if( ASCII_DIGIT( val->bv_val[i] ) ) {
+ nibble = val->bv_val[i] - '0';
+
+ } else if( ASCII_HEXLOWER( val->bv_val[i] ) ) {
+ nibble = val->bv_val[i] - ('a'-10);
+
+ } else if( ASCII_HEXUPPER( val->bv_val[i] ) ) {
+ nibble = val->bv_val[i] - ('A'-10);
+
+ } else {
+ sl_free( normalized->bv_val, ctx );
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ if( j & 1 ) {
+ octet |= nibble;
+ normalized->bv_val[j>>1] = octet;
+ } else {
+ octet = nibble << 4;
+ }
+ j++;
+ }
+
+ normalized->bv_val[normalized->bv_len] = 0;
+ return LDAP_SUCCESS;
+}
+
+
+
static int
numericStringValidate(
Syntax *syntax,
if( val->bv_len == 0 ) goto done;
- if( val->bv_val[0] != LBER_SEQUENCE ) {
- /* assume serialNumberAndIssuer */
- return serialNumberAndIssuerNormalize(0,NULL,NULL,val,normalized,NULL);
+ if( SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX(usage) ) {
+ return serialNumberAndIssuerNormalize(0,NULL,NULL,val,normalized,ctx);
}
- p = val->bv_val;
+ assert( SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX(usage) );
+
+ p = (unsigned char *)val->bv_val;
xcert = d2i_X509( NULL, &p, val->bv_len);
if( xcert == NULL ) goto done;
if( rc != LDAP_SUCCESS ) goto done;
normalized->bv_len = seriallen + issuer_dn.bv_len + 1;
- p = normalized->bv_val = ch_malloc(normalized->bv_len+1);
+ normalized->bv_val = ch_malloc(normalized->bv_len+1);
+ p = (unsigned char *)normalized->bv_val;
AC_MEMCPY(p, serial, seriallen);
p += seriallen;
*p++ = '$';
SLAP_SYNTAX_HIDE, NULL, NULL},
#endif
+ {"( 1.3.6.1.4.1.4203.666.2.6 DESC 'UUID' )",
+ SLAP_SYNTAX_HIDE, UUIDValidate, NULL},
+
/* OpenLDAP Void Syntax */
{"( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )" ,
SLAP_SYNTAX_HIDE, inValidate, NULL},
* 2.5.13.31 directoryStringFirstComponentMatch
* 2.5.13.32 wordMatch
* 2.5.13.33 keywordMatch
- * 2.5.13.35 certificateMatch
* 2.5.13.36 certificatePairExactMatch
* 2.5.13.37 certificatePairMatch
* 2.5.13.38 certificateListExactMatch
{"( 2.5.13.8 NAME 'numericStringMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
- NULL, numericStringNormalize, octetStringSubstringsMatch,
- octetStringSubstringsIndexer, octetStringSubstringsFilter,
+ NULL, numericStringNormalize, octetStringMatch,
+ octetStringIndexer, octetStringFilter,
NULL },
{"( 2.5.13.10 NAME 'numericStringSubstringsMatch' "
#endif
NULL },
+ {"( 2.5.13.35 NAME 'certificateMatch' "
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )",
+ SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
+#ifdef HAVE_TLS
+ NULL, NULL, octetStringMatch,
+ octetStringIndexer, octetStringFilter,
+#else
+ NULL, NULL, NULL, NULL, NULL,
+#endif
+ NULL },
+
{"( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
NULL, NULL,
"integerMatch" },
+ {"( 1.3.6.1.4.1.4203.666.4.6 NAME 'UUIDMatch' "
+ "SYNTAX 1.3.6.1.4.1.4203.666.2.6 )",
+ SLAP_MR_HIDE | SLAP_MR_EQUALITY, NULL,
+ NULL, UUIDNormalize, octetStringMatch,
+ octetStringIndexer, octetStringFilter,
+ NULL},
+
+ {"( 1.3.6.1.4.1.4203.666.4.7 NAME 'UUIDOrderingMatch' "
+ "SYNTAX 1.3.6.1.4.1.4203.666.2.6 )",
+ SLAP_MR_HIDE | SLAP_MR_ORDERING, NULL,
+ NULL, UUIDNormalize, octetStringOrderingMatch,
+ octetStringIndexer, octetStringFilter,
+ "UUIDMatch"},
+
{NULL, SLAP_MR_NONE, NULL,
NULL, NULL, NULL, NULL, NULL,
NULL }