#include "slap.h"
#include "ldap_pvt.h"
+#include "lutil_md5.h"
+
+static int
+octetStringMatch(
+ int *matchp,
+ unsigned use,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *value,
+ void *assertedValue )
+{
+ int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;
+
+ if( match == 0 ) {
+ match = memcmp( value->bv_val,
+ ((struct berval *) assertedValue)->bv_val,
+ value->bv_len );
+ }
+
+ *matchp = match;
+ return LDAP_SUCCESS;
+}
+
+/* Index generation function */
+int octetStringIndexer(
+ unsigned use,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *prefix,
+ struct berval **values,
+ struct berval ***keysp )
+{
+ int i;
+ size_t slen, mlen;
+ struct berval **keys;
+ lutil_MD5_CTX MD5context;
+ unsigned char MD5digest[16];
+ struct berval digest;
+ digest.bv_val = MD5digest;
+ digest.bv_len = sizeof(MD5digest);
+
+ for( i=0; values[i] != NULL; i++ ) {
+ /* just count them */
+ }
+
+ assert( i > 0 );
+
+ keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
+
+ slen = strlen( syntax->ssyn_oid );
+ mlen = strlen( mr->smr_oid );
+
+ for( i=0; values[i] != NULL; i++ ) {
+ lutil_MD5Init( &MD5context );
+ if( prefix != NULL && prefix->bv_len > 0 ) {
+ lutil_MD5Update( &MD5context,
+ prefix->bv_val, prefix->bv_len );
+ }
+ lutil_MD5Update( &MD5context,
+ syntax->ssyn_oid, slen );
+ lutil_MD5Update( &MD5context,
+ mr->smr_oid, mlen );
+ lutil_MD5Update( &MD5context,
+ values[i]->bv_val, values[i]->bv_len );
+ lutil_MD5Final( MD5digest, &MD5context );
+
+ keys[i] = ber_bvdup( &digest );
+ }
+
+ keys[i] = NULL;
+
+ *keysp = keys;
+
+ return LDAP_SUCCESS;
+}
+
+/* Index generation function */
+int octetStringFilter(
+ unsigned use,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *prefix,
+ void * assertValue,
+ struct berval ***keysp )
+{
+ size_t slen, mlen;
+ struct berval **keys;
+ lutil_MD5_CTX MD5context;
+ unsigned char MD5digest[LUTIL_MD5_BYTES];
+ struct berval *value = (struct berval *) assertValue;
+ struct berval digest;
+ digest.bv_val = MD5digest;
+ digest.bv_len = sizeof(MD5digest);
+
+ slen = strlen( syntax->ssyn_oid );
+ mlen = strlen( mr->smr_oid );
+
+ keys = ch_malloc( sizeof( struct berval * ) * 2 );
+
+ lutil_MD5Init( &MD5context );
+ if( prefix != NULL && prefix->bv_len > 0 ) {
+ lutil_MD5Update( &MD5context,
+ prefix->bv_val, prefix->bv_len );
+ }
+ lutil_MD5Update( &MD5context,
+ syntax->ssyn_oid, slen );
+ lutil_MD5Update( &MD5context,
+ mr->smr_oid, mlen );
+ lutil_MD5Update( &MD5context,
+ value->bv_val, value->bv_len );
+ lutil_MD5Final( MD5digest, &MD5context );
+
+ keys[0] = ber_bvdup( &digest );
+ keys[1] = NULL;
+
+ *keysp = keys;
+
+ return LDAP_SUCCESS;
+}
+
+static int
+dnValidate(
+ Syntax *syntax,
+ struct berval *in )
+{
+ int rc;
+ char *dn;
+
+ if( in->bv_len == 0 ) return LDAP_SUCCESS;
+
+ dn = ch_strdup( in->bv_val );
+
+ rc = dn_validate( dn ) == NULL
+ ? LDAP_INVALID_SYNTAX : LDAP_SUCCESS;
+
+ ch_free( dn );
+ return rc;
+}
+
+static int
+dnNormalize(
+ Syntax *syntax,
+ struct berval *val,
+ struct berval **normalized )
+{
+ struct berval *out = ber_bvdup( val );
+
+ if( out->bv_len != 0 ) {
+ char *dn;
+#ifdef USE_DN_NORMALIZE
+ dn = dn_normalize( out->bv_val );
+#else
+ dn = dn_validate( out->bv_val );
+#endif
+
+ if( dn == NULL ) {
+ ber_bvfree( out );
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ out->bv_val = dn;
+ out->bv_len = strlen( dn );
+ }
+
+ *normalized = out;
+ return LDAP_SUCCESS;
+}
+
+static int
+dnMatch(
+ int *matchp,
+ unsigned use,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *value,
+ void *assertedValue )
+{
+ int match;
+ struct berval *asserted = (struct berval *) assertedValue;
+
+ match = value->bv_len - asserted->bv_len;
+
+ if( match == 0 ) {
+#ifdef USE_DN_NORMALIZE
+ match = strcmp( value->bv_val, asserted->bv_val );
+#else
+ match = strcasecmp( value->bv_val, asserted->bv_val );
+#endif
+ }
+
+ Debug( LDAP_DEBUG_ARGS, "dnMatch %d\n\t\"%s\"\n\t\"%s\"\n",
+ match, value->bv_val, asserted->bv_val );
+
+ *matchp = match;
+ return LDAP_SUCCESS;
+}
+
+static int
+inValidate(
+ Syntax *syntax,
+ struct berval *in )
+{
+ /* any value allowed */
+ return LDAP_OTHER;
+}
-#define berValidate blobValidate
static int
blobValidate(
Syntax *syntax,
return LDAP_SUCCESS;
}
+#define berValidate blobValidate
+
static int
UTF8StringValidate(
Syntax *syntax,
/* EMPTY */ ;
}
- if( *p ) {
+ if( *p != '\0' ) {
ch_free( newval );
return LDAP_INVALID_SYNTAX;
}
return LDAP_SUCCESS;
}
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+static int
+caseExactIA5SubstringsMatch(
+ int *matchp,
+ unsigned use,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *value,
+ void *assertedValue )
+{
+ int match = 0;
+ SubstringsAssertion *sub = assertedValue;
+ struct berval left = *value;
+ int i;
+ ber_len_t inlen=0;
+
+ if( sub->sa_initial ) {
+ inlen += sub->sa_initial->bv_len;
+ }
+ if( sub->sa_any ) {
+ for(i=0; sub->sa_any[i]; i++) {
+ inlen += sub->sa_final->bv_len;
+ }
+ }
+ if( sub->sa_final ) {
+ inlen += sub->sa_final->bv_len;
+ }
+
+ if( inlen > value->bv_len ) {
+ match = 1;
+ goto done;
+ }
+
+ if( sub->sa_initial ) {
+ match = strncmp( sub->sa_initial->bv_val, left.bv_val,
+ sub->sa_initial->bv_len );
+
+ if( match != 0 ) {
+ goto done;
+ }
+
+ left.bv_val += sub->sa_initial->bv_len;
+ left.bv_len -= sub->sa_initial->bv_len;
+ inlen -= sub->sa_initial->bv_len;
+ }
+
+ if( sub->sa_final ) {
+ match = strncmp( sub->sa_final->bv_val,
+ &left.bv_val[left.bv_len - sub->sa_final->bv_len],
+ sub->sa_final->bv_len );
+
+ if( match != 0 ) {
+ goto done;
+ }
+
+ left.bv_len -= sub->sa_final->bv_len;
+ inlen -= sub->sa_initial->bv_len;
+ }
+
+ if( sub->sa_any ) {
+ for(i=0; sub->sa_any[i]; i++) {
+ ber_len_t idx;
+ char *p;
+
+retry:
+ if( inlen < left.bv_len ) {
+ /* not enough length */
+ match = 1;
+ goto done;
+ }
+
+ if( sub->sa_any[i]->bv_len == 0 ) {
+ continue;
+ }
+
+ p = strchr( left.bv_val, *sub->sa_any[i]->bv_val );
+
+ if( p == NULL ) {
+ match = 1;
+ goto done;
+ }
+
+ idx = p - left.bv_val;
+ assert( idx < left.bv_len );
+
+ if( idx >= left.bv_len ) {
+ /* this shouldn't happen */
+ return LDAP_OTHER;
+ }
+
+ left.bv_val = p;
+ left.bv_len -= idx;
+
+ if( sub->sa_any[i]->bv_len > left.bv_len ) {
+ /* not enough left */
+ match = 1;
+ goto done;
+ }
+
+ match = strncmp( left.bv_val,
+ sub->sa_any[i]->bv_val,
+ sub->sa_any[i]->bv_len );
+
+
+ if( match != 0 ) {
+ goto retry;
+ }
+
+ left.bv_val += sub->sa_any[i]->bv_len;
+ left.bv_len -= sub->sa_any[i]->bv_len;
+ }
+ }
+
+done:
+ *matchp = match;
+ return LDAP_SUCCESS;
+}
+#endif
+
static int
caseIgnoreIA5Match(
int *match,
return LDAP_SUCCESS;
}
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+static char *strcasechr( const char *str, int c )
+{
+ char *lower = strchr( str, TOLOWER(c) );
+ char *upper = strchr( str, TOUPPER(c) );
+
+ if( lower && upper ) {
+ return lower < upper ? lower : upper;
+ } else if ( lower ) {
+ return lower;
+ } else {
+ return upper;
+ }
+}
+
static int
-objectClassMatch(
- int *match,
+caseIgnoreIA5SubstringsMatch(
+ int *matchp,
unsigned use,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
void *assertedValue )
{
- ObjectClass *oc = oc_find( value->bv_val );
- ObjectClass *asserted = oc_find( ((struct berval *) assertedValue)->bv_val );
+ int match = 0;
+ SubstringsAssertion *sub = assertedValue;
+ struct berval left = *value;
+ int i;
+ ber_len_t inlen=0;
+
+ if( sub->sa_initial ) {
+ inlen += sub->sa_initial->bv_len;
+ }
+ if( sub->sa_any ) {
+ for(i=0; sub->sa_any[i]; i++) {
+ inlen += sub->sa_final->bv_len;
+ }
+ }
+ if( sub->sa_final ) {
+ inlen += sub->sa_final->bv_len;
+ }
+
+ if( inlen > value->bv_len ) {
+ match = 1;
+ goto done;
+ }
+
+ if( sub->sa_initial ) {
+ match = strncasecmp( sub->sa_initial->bv_val, left.bv_val,
+ sub->sa_initial->bv_len );
+
+ if( match != 0 ) {
+ goto done;
+ }
+
+ left.bv_val += sub->sa_initial->bv_len;
+ left.bv_len -= sub->sa_initial->bv_len;
+ }
+
+ if( sub->sa_final ) {
+ match = strncasecmp( sub->sa_final->bv_val,
+ &left.bv_val[left.bv_len - sub->sa_final->bv_len],
+ sub->sa_final->bv_len );
+
+ if( match != 0 ) {
+ goto done;
+ }
+
+ left.bv_len -= sub->sa_final->bv_len;
+ }
+
+ if( sub->sa_any ) {
+ for(i=0; sub->sa_any[i]; i++) {
+ ber_len_t idx;
+ char *p;
+
+retry:
+ if( inlen < left.bv_len ) {
+ /* not enough length */
+ match = 1;
+ goto done;
+ }
+
+ if( sub->sa_any[i]->bv_len == 0 ) {
+ continue;
+ }
+
+ p = strcasechr( left.bv_val, *sub->sa_any[i]->bv_val );
+
+ if( p == NULL ) {
+ match = 1;
+ goto done;
+ }
+
+ idx = p - left.bv_val;
+ assert( idx < left.bv_len );
+
+ if( idx >= left.bv_len ) {
+ /* this shouldn't happen */
+ return LDAP_OTHER;
+ }
+
+ left.bv_val = p;
+ left.bv_len -= idx;
+
+ if( sub->sa_any[i]->bv_len > left.bv_len ) {
+ /* not enough left */
+ match = 1;
+ goto done;
+ }
+
+ match = strncasecmp( left.bv_val,
+ sub->sa_any[i]->bv_val,
+ sub->sa_any[i]->bv_len );
+
+
+ if( match != 0 ) {
+ goto retry;
+ }
+
+ left.bv_val += sub->sa_any[i]->bv_len;
+ left.bv_len -= sub->sa_any[i]->bv_len;
+ }
+ }
+
+done:
+ *matchp = match;
+ return LDAP_SUCCESS;
+}
+#endif
+
+/* Index generation function */
+int caseIgnoreIA5Indexer(
+ unsigned use,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *prefix,
+ struct berval **values,
+ struct berval ***keysp )
+{
+ int i;
+ size_t slen, mlen;
+ struct berval **keys;
+ lutil_MD5_CTX MD5context;
+ unsigned char MD5digest[16];
+ struct berval digest;
+ digest.bv_val = MD5digest;
+ digest.bv_len = sizeof(MD5digest);
+
+ for( i=0; values[i] != NULL; i++ ) {
+ /* just count them */
+ }
+
+ assert( i > 0 );
+
+ keys = ch_malloc( sizeof( struct berval * ) * (i+1) );
+
+ slen = strlen( syntax->ssyn_oid );
+ mlen = strlen( mr->smr_oid );
+
+ for( i=0; values[i] != NULL; i++ ) {
+ struct berval *value = ber_bvdup( values[i] );
+ ldap_pvt_str2upper( value->bv_val );
+
+ lutil_MD5Init( &MD5context );
+ if( prefix != NULL && prefix->bv_len > 0 ) {
+ lutil_MD5Update( &MD5context,
+ prefix->bv_val, prefix->bv_len );
+ }
+ lutil_MD5Update( &MD5context,
+ syntax->ssyn_oid, slen );
+ lutil_MD5Update( &MD5context,
+ mr->smr_oid, mlen );
+ lutil_MD5Update( &MD5context,
+ value->bv_val, value->bv_len );
+ lutil_MD5Final( MD5digest, &MD5context );
+
+ ber_bvfree( value );
+
+ keys[i] = ber_bvdup( &digest );
+ }
+
+ keys[i] = NULL;
+ *keysp = keys;
+ return LDAP_SUCCESS;
+}
+
+/* Index generation function */
+int caseIgnoreIA5Filter(
+ unsigned use,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *prefix,
+ void * assertValue,
+ struct berval ***keysp )
+{
+ size_t slen, mlen;
+ struct berval **keys;
+ lutil_MD5_CTX MD5context;
+ unsigned char MD5digest[LUTIL_MD5_BYTES];
+ struct berval *value;
+ struct berval digest;
+ digest.bv_val = MD5digest;
+ digest.bv_len = sizeof(MD5digest);
+
+ slen = strlen( syntax->ssyn_oid );
+ mlen = strlen( mr->smr_oid );
+
+ value = ber_bvdup( (struct berval *) assertValue );
+ ldap_pvt_str2upper( value->bv_val );
+
+ keys = ch_malloc( sizeof( struct berval * ) * 2 );
+
+ lutil_MD5Init( &MD5context );
+ if( prefix != NULL && prefix->bv_len > 0 ) {
+ lutil_MD5Update( &MD5context,
+ prefix->bv_val, prefix->bv_len );
+ }
+ lutil_MD5Update( &MD5context,
+ syntax->ssyn_oid, slen );
+ lutil_MD5Update( &MD5context,
+ mr->smr_oid, mlen );
+ lutil_MD5Update( &MD5context,
+ value->bv_val, value->bv_len );
+ lutil_MD5Final( MD5digest, &MD5context );
+
+ keys[0] = ber_bvdup( &digest );
+ keys[1] = NULL;
+
+ ber_bvfree( value );
+
+ *keysp = keys;
+ return LDAP_SUCCESS;
+}
+
+static int
+NumericStringNormalize(
+ Syntax *syntax,
+ struct berval *val,
+ struct berval **normalized )
+{
+ /* similiar to IA5StringNormalize except removes all spaces */
+ struct berval *newval;
+ char *p, *q;
+
+ newval = ch_malloc( sizeof( struct berval ) );
+
+ p = val->bv_val;
+
+ /* Ignore initial whitespace */
+ while ( isspace( *p++ ) ) {
+ /* EMPTY */ ;
+ }
+
+ if( *p != '\0' ) {
+ ch_free( newval );
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ newval->bv_val = ch_strdup( p );
+ p = q = newval->bv_val;
+
+ while ( *p ) {
+ if ( isspace( *p ) ) {
+ /* Ignore whitespace */
+ p++;
+ } else {
+ *q++ = *p++;
+ }
+ }
+
+ assert( *newval->bv_val );
+ assert( newval->bv_val < p );
+ assert( p <= q );
+
+ /* cannot start with a space */
+ assert( !isspace(*newval->bv_val) );
+
+ /* cannot end with a space */
+ assert( !isspace( q[-1] ) );
+
+ /* null terminate */
+ *q = '\0';
+
+ newval->bv_len = q - newval->bv_val;
+ *normalized = newval;
- *match = ( oc == NULL || oc != asserted );
return LDAP_SUCCESS;
}
#endif
};
+#define X_HIDE "X-HIDE 'TRUE' "
#define X_BINARY "X-BINARY-TRANSFER-REQUIRED 'TRUE' "
#define X_NOT_H_R "X-NOT-HUMAN-READABLE 'TRUE' "
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )",
0, NULL, NULL, NULL},
- {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'DN' )",
- 0, blobValidate, NULL, NULL},
+ {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )",
+ 0, dnValidate, dnNormalize, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )",
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )",
{"( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' )",
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )",
- 0, NULL, NULL, NULL},
+ 0, IA5StringValidate, NumericStringNormalize, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Description' )",
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )",
0, NULL, NULL, NULL},
/* OpenLDAP Experimental Syntaxes */
- {"( " SLAPD_OID_ACI_SYNTAX " DESC 'OpenLDAP Experimental ACI' )",
+ {"( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental ACI' )",
+ 0, NULL, NULL, NULL},
+ {"( 1.3.6.1.4.1.4203.666.2.2 DESC 'OpenLDAP authPassword' )",
0, NULL, NULL, NULL},
+ {"( 1.3.6.1.4.1.4203.666.2.3 DESC 'OpenLDAP void' " X_HIDE ")" ,
+ SLAP_SYNTAX_HIDE, inValidate, NULL, NULL},
+#if 0 /* not needed */
+ {"( 1.3.6.1.4.1.4203.666.2.4 DESC 'OpenLDAP DN' " X_HIDE ")" ,
+ SLAP_SYNTAX_HIDE, inValidate, NULL, NULL},
+#endif
{NULL, 0, NULL, NULL, NULL}
};
* 2.5.13.44 attributeIntegrityMatch
*/
+#ifndef SLAPD_SCHEMA_NOT_COMPAT
+#define caseIgnoreIA5SubstringsMatch NULL
+#define caseExactIA5SubstringsMatch NULL
+#endif
+
/* recycled matching functions */
#define caseIgnoreMatch caseIgnoreIA5Match
+#define caseIgnoreOrderingMatch caseIgnoreMatch
+#define caseIgnoreSubstringsMatch caseIgnoreIA5SubstringsMatch
#define caseExactMatch caseExactIA5Match
+#define caseExactOrderingMatch caseExactMatch
+#define caseExactSubstringsMatch caseExactIA5SubstringsMatch
/* unimplemented matching functions */
#define objectIdentifierMatch NULL
-#define distinguishedNameMatch NULL
-#define caseIgnoreOrderingMatch NULL
-#define caseIgnoreSubstringsMatch NULL
-#define caseExactOrderingMatch NULL
-#define caseExactSubstringsMatch NULL
-#define numericStringMatch NULL
-#define numericStringSubstringsMatch NULL
#define caseIgnoreListMatch NULL
#define caseIgnoreListSubstringsMatch NULL
#define integerMatch NULL
#define generalizedTimeOrderingMatch NULL
#define integerFirstComponentMatch NULL
#define objectIdentifierFirstComponentMatch NULL
-#define caseIgnoreIA5SubstringsMatch NULL
+
+#define OpenLDAPaciMatch NULL
+#define authPasswordMatch NULL
+
+/* unimplied indexer/filter routines */
+#define dnIndexer NULL
+#define dnFilter NULL
+
+#define caseIgnoreIndexer caseIgnoreIA5Indexer
+#define caseIgnoreFilter caseIgnoreIA5Filter
+#define caseExactIndexer caseExactIA5Indexer
+#define caseExactFilter caseExactIA5Filter
+#define caseExactIA5Indexer caseIgnoreIA5Indexer
+#define caseExactIA5Filter caseIgnoreIA5Filter
struct mrule_defs_rec mrule_defs[] = {
{"( 2.5.13.0 NAME 'objectIdentifierMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, objectIdentifierMatch, NULL, NULL},
+ NULL, NULL, objectIdentifierMatch,
+ caseIgnoreIA5Indexer, caseIgnoreIA5Filter},
{"( 2.5.13.1 NAME 'distinguishedNameMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, distinguishedNameMatch, NULL, NULL},
+ NULL, NULL, dnMatch, dnIndexer, dnFilter},
{"( 2.5.13.2 NAME 'caseIgnoreMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, caseIgnoreMatch, NULL, NULL},
+ NULL, NULL, caseIgnoreMatch, caseIgnoreIndexer, caseIgnoreFilter},
{"( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
{"( 2.5.13.5 NAME 'caseExactMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, caseExactMatch, NULL, NULL},
+ NULL, NULL, caseExactMatch, caseExactIndexer, caseExactFilter},
{"( 2.5.13.6 NAME 'caseExactOrderingMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
{"( 2.5.13.8 NAME 'numericStringMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, numericStringMatch, NULL, NULL},
+ NULL, NULL, caseIgnoreIA5Match, NULL, NULL},
{"( 2.5.13.10 NAME 'numericStringSubstringsMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
SLAP_MR_SUBSTR | SLAP_MR_EXT,
- NULL, NULL, numericStringSubstringsMatch, NULL, NULL},
+ NULL, NULL, caseIgnoreIA5SubstringsMatch, NULL, NULL},
{"( 2.5.13.11 NAME 'caseIgnoreListMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )",
{"( 2.5.13.17 NAME 'octetStringMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, octetStringMatch, NULL, NULL},
+ NULL, NULL, octetStringMatch, octetStringIndexer, octetStringFilter},
{"( 2.5.13.20 NAME 'telephoneNumberMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )",
{"( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, caseExactIA5Match, NULL, NULL},
+ NULL, NULL, caseExactIA5Match, caseExactIA5Indexer, caseExactIA5Filter},
{"( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
SLAP_MR_EQUALITY | SLAP_MR_EXT,
- NULL, NULL, caseIgnoreIA5Match, NULL, NULL},
+ NULL, NULL, caseIgnoreIA5Match, caseExactIA5Indexer, caseExactIA5Filter},
{"( 1.3.6.1.4.1.1466.109.114.3 NAME 'caseIgnoreIA5SubstringsMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
SLAP_MR_SUBSTR,
NULL, NULL, caseIgnoreIA5SubstringsMatch, NULL, NULL},
+ {"( 1.3.6.1.4.1.4203.666.4.1 NAME 'authPasswordMatch' "
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
+ SLAP_MR_EQUALITY,
+ NULL, NULL, authPasswordMatch, NULL, NULL},
+
+ {"( 1.3.6.1.4.1.4203.666.4.2 NAME 'OpenLDAPaciMatch' "
+ "SYNTAX 1.3.6.1.4.1.4203.666.2.1 )",
+ SLAP_MR_EQUALITY,
+ NULL, NULL, OpenLDAPaciMatch, NULL, NULL},
+
{NULL, SLAP_MR_NONE, NULL, NULL, NULL}
};
-static int schema_init_done = 0;
-
int
schema_init( void )
{
schema_init_done = 1;
return LDAP_SUCCESS;
}
-
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-struct slap_internal_schema slap_schema;
-
-struct slap_schema_oc_map {
- char *ssom_name;
- size_t ssom_offset;
-} oc_map[] = {
- { "alias", offsetof(struct slap_internal_schema, si_oc_alias) },
- { "referral", offsetof(struct slap_internal_schema, si_oc_referral) },
- { NULL, 0 }
-};
-
-struct slap_schema_ad_map {
- char *ssam_name;
- slap_mr_match_func *ssam_match;
- size_t ssam_offset;
-} ad_map[] = {
- { "objectClass", objectClassMatch,
- offsetof(struct slap_internal_schema, si_ad_objectClass) },
-
- { "creatorsName", NULL,
- offsetof(struct slap_internal_schema, si_ad_creatorsName) },
- { "createTimestamp", NULL,
- offsetof(struct slap_internal_schema, si_ad_createTimestamp) },
- { "modifiersName", NULL,
- offsetof(struct slap_internal_schema, si_ad_modifiersName) },
- { "modifyTimestamp", NULL,
- offsetof(struct slap_internal_schema, si_ad_modifyTimestamp) },
-
- { "subschemaSubentry", NULL,
- offsetof(struct slap_internal_schema, si_ad_subschemaSubentry) },
-
- { "namingContexts", NULL,
- offsetof(struct slap_internal_schema, si_ad_namingContexts) },
- { "supportedControl", NULL,
- offsetof(struct slap_internal_schema, si_ad_supportedControl) },
- { "supportedExtension", NULL,
- offsetof(struct slap_internal_schema, si_ad_supportedExtension) },
- { "supportedLDAPVersion", NULL,
- offsetof(struct slap_internal_schema, si_ad_supportedLDAPVersion) },
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- { "supportedACIMechanisms", NULL,
- offsetof(struct slap_internal_schema, si_ad_supportedACIMechanisms) },
-
-#endif
- { "supportedSASLMechanisms", NULL,
- offsetof(struct slap_internal_schema, si_ad_supportedSASLMechanisms) },
-
- { "attributeTypes", NULL,
- offsetof(struct slap_internal_schema, si_ad_attributeTypes) },
- { "ldapSyntaxes", NULL,
- offsetof(struct slap_internal_schema, si_ad_ldapSyntaxes) },
- { "matchingRules", NULL,
- offsetof(struct slap_internal_schema, si_ad_matchingRules) },
- { "objectClasses", NULL,
- offsetof(struct slap_internal_schema, si_ad_objectClasses) },
-
- { "ref", NULL,
- offsetof(struct slap_internal_schema, si_ad_ref) },
-
- { "entry", NULL,
- offsetof(struct slap_internal_schema, si_ad_entry) },
- { "children", NULL,
- offsetof(struct slap_internal_schema, si_ad_children) },
-
- { "userPassword", NULL,
- offsetof(struct slap_internal_schema, si_ad_userPassword) },
- { "authPassword", NULL,
- offsetof(struct slap_internal_schema, si_ad_authPassword) },
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- { "krbName", NULL,
- offsetof(struct slap_internal_schema, si_ad_krbName) },
-#endif
-
- { NULL, NULL, 0 }
-};
-
-#endif
-
-int
-schema_prep( void )
-{
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- int i;
-#endif
- /* we should only be called once after schema_init() was called */
- assert( schema_init_done == 1 );
-
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- for( i=0; oc_map[i].ssom_name; i++ ) {
- ObjectClass ** ocp = (ObjectClass **)
- &(((char *) &slap_schema)[oc_map[i].ssom_offset]);
-
- *ocp = oc_find( oc_map[i].ssom_name );
-
- if( *ocp == NULL ) {
- fprintf( stderr,
- "No objectClass \"%s\" defined in schema\n",
- oc_map[i].ssom_name );
- return LDAP_OBJECT_CLASS_VIOLATION;
- }
- }
-
- for( i=0; ad_map[i].ssam_name; i++ ) {
- int rc;
- const char *text;
-
- AttributeDescription ** adp = (AttributeDescription **)
- &(((char *) &slap_schema)[ad_map[i].ssam_offset]);
-
- *adp = NULL;
-
- rc = slap_str2ad( ad_map[i].ssam_name, adp, &text );
-
- if( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
- "No attribute \"%s\" defined in schema\n",
- ad_map[i].ssam_name );
- return rc;
- }
-
- if( ad_map[i].ssam_match ) {
- /* install custom matching routine */
- (*adp)->ad_type->sat_equality->smr_match = ad_map[i].ssam_match;
- }
- }
-#endif
-
- ++schema_init_done;
- return LDAP_SUCCESS;
-}