/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2011 The OpenLDAP Foundation.
+ * Copyright 1998-2015 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#include "lutil.h"
#include "lutil_hash.h"
+
+#ifdef LUTIL_HASH64_BYTES
+#define HASH_BYTES LUTIL_HASH64_BYTES
+#define HASH_LEN hashlen
+static void (*hashinit)(lutil_HASH_CTX *ctx) = lutil_HASHInit;
+static void (*hashupdate)(lutil_HASH_CTX *ctx,unsigned char const *buf, ber_len_t len) = lutil_HASHUpdate;
+static void (*hashfinal)(unsigned char digest[HASH_BYTES], lutil_HASH_CTX *ctx) = lutil_HASHFinal;
+static int hashlen = LUTIL_HASH_BYTES;
+#define HASH_Init(c) hashinit(c)
+#define HASH_Update(c,buf,len) hashupdate(c,buf,len)
+#define HASH_Final(d,c) hashfinal(d,c)
+
+/* Toggle between 32 and 64 bit hashing, default to 32 for compatibility
+ -1 to query, returns 1 if 64 bit, 0 if 32.
+ 0/1 to set 32/64, returns 0 on success, -1 on failure */
+int slap_hash64( int onoff )
+{
+ if ( onoff < 0 ) {
+ return hashlen == LUTIL_HASH64_BYTES;
+ } else if ( onoff ) {
+ hashinit = lutil_HASH64Init;
+ hashupdate = lutil_HASH64Update;
+ hashfinal = lutil_HASH64Final;
+ hashlen = LUTIL_HASH64_BYTES;
+ } else {
+ hashinit = lutil_HASHInit;
+ hashupdate = lutil_HASHUpdate;
+ hashfinal = lutil_HASHFinal;
+ hashlen = LUTIL_HASH_BYTES;
+ }
+ return 0;
+}
+
+#else
#define HASH_BYTES LUTIL_HASH_BYTES
-#define HASH_CONTEXT lutil_HASH_CTX
+#define HASH_LEN HASH_BYTES
#define HASH_Init(c) lutil_HASHInit(c)
#define HASH_Update(c,buf,len) lutil_HASHUpdate(c,buf,len)
#define HASH_Final(d,c) lutil_HASHFinal(d,c)
+int slap_has64( int onoff )
+{
+ if ( onoff < 0 )
+ return 0;
+ else
+ return onoff ? -1 : 0;
+}
+
+#endif
+#define HASH_CONTEXT lutil_HASH_CTX
+
/* approx matching rules */
#define directoryStringApproxMatchOID "1.3.6.1.4.1.4203.666.4.4"
#define directoryStringApproxMatch approxMatch
unsigned char HASHdigest[HASH_BYTES];
struct berval digest;
digest.bv_val = (char *)HASHdigest;
- digest.bv_len = sizeof(HASHdigest);
+ digest.bv_len = HASH_LEN;
for( i=0; !BER_BVISNULL( &values[i] ); i++ ) {
/* just count them */
struct berval *value = (struct berval *) assertedValue;
struct berval digest;
digest.bv_val = (char *)HASHdigest;
- digest.bv_len = sizeof(HASHdigest);
+ digest.bv_len = HASH_LEN;
slen = syntax->ssyn_oidlen;
mlen = mr->smr_oidlen;
unsigned char HASHdigest[HASH_BYTES];
struct berval digest;
digest.bv_val = (char *)HASHdigest;
- digest.bv_len = sizeof(HASHdigest);
+ digest.bv_len = HASH_LEN;
nkeys = 0;
}
digest.bv_val = (char *)HASHdigest;
- digest.bv_len = sizeof(HASHdigest);
+ digest.bv_len = HASH_LEN;
slen = syntax->ssyn_oidlen;
mlen = mr->smr_oidlen;
Syntax *syntax,
struct berval *in )
{
- ber_len_t count;
int len;
- unsigned char *u = (unsigned char *)in->bv_val;
+ unsigned char *u = (unsigned char *)in->bv_val, *end = in->bv_val + in->bv_len;
if( BER_BVISEMPTY( in ) && syntax == slap_schema.si_syn_directoryString ) {
/* directory strings cannot be empty */
return LDAP_INVALID_SYNTAX;
}
- for( count = in->bv_len; count > 0; count -= len, u += len ) {
+ for( ; u < end; u += len ) {
/* get the length indicated by the first byte */
len = LDAP_UTF8_CHARLEN2( u, len );
if( LDAP_UTF8_OFFSET( (char *)u ) != len ) return LDAP_INVALID_SYNTAX;
}
- if( count != 0 ) {
+ if( u > end ) {
return LDAP_INVALID_SYNTAX;
}
}
nvalue.bv_val[nvalue.bv_len] = '\0';
- } else {
+ } else if ( tmp.bv_len ) {
/* string of all spaces is treated as one space */
nvalue.bv_val[0] = ' ';
nvalue.bv_val[1] = '\0';
nvalue.bv_len = 1;
- }
+ } /* should never be entered with 0-length val */
*normalized = nvalue;
return LDAP_SUCCESS;
len = strlen( c );
if( len < SLAPD_APPROX_WORDLEN ) continue;
ber_str2bv( phonetic( c ), 0, 0, &keys[keycount] );
- keycount++;
+ if( keys[keycount].bv_len ) {
+ keycount++;
+ } else {
+ ch_free( keys[keycount].bv_val );
+ }
i++;
}
}
lines[l].bv_len = &val->bv_val[c] - lines[l].bv_val;
- normalized->bv_len = l;
+ normalized->bv_len = c = l;
- for ( l = 0; !BER_BVISNULL( &lines[l] ); l++ ) {
+ for ( l = 0; l <= c; l++ ) {
/* NOTE: we directly normalize each line,
* without unescaping the values, since the special
* values '\24' ('$') and '\5C' ('\') are not affected
* by normalization */
+ if ( !lines[l].bv_len ) {
+ nlines[l].bv_len = 0;
+ nlines[l].bv_val = NULL;
+ continue;
+ }
rc = UTF8StringNormalize( usage, NULL, xmr, &lines[l], &nlines[l], ctx );
if ( rc != LDAP_SUCCESS ) {
rc = LDAP_INVALID_SYNTAX;
normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx );
p = normalized->bv_val;
- for ( l = 0; !BER_BVISNULL( &nlines[l] ); l++ ) {
+ for ( l = 0; l <= c ; l++ ) {
p = lutil_strbvcopy( p, &nlines[l] );
*p++ = '$';
}
itmp.bv_len = maxstrlen;
}
rc = integerVal2Key( &values[i], &keys[i], &itmp, ctx );
- if ( rc )
+ if ( rc ) {
+ slap_sl_free( keys, ctx );
goto func_leave;
+ }
}
*keysp = keys;
func_leave:
}
rc = integerVal2Key( value, keys, &iv, ctx );
- if ( rc == 0 )
- *keysp = keys;
if ( iv.bv_val != ibuf ) {
slap_sl_free( iv.bv_val, ctx );
}
+
+ if ( rc == 0 )
+ *keysp = keys;
+ else
+ slap_sl_free( keys, ctx );
+
return rc;
}
}
if ( is->bv_val[is->bv_len+1] == '"' ) {
/* double dquote */
+ numdquotes++;
is->bv_len += 2;
continue;
}
tag = ber_skip_tag( ber, &len ); /* SignatureAlg */
ber_skip_data( ber, len );
tag = ber_peek_tag( ber, &len ); /* IssuerDN */
- len = ber_ptrlen( ber );
- bvdn.bv_val = val->bv_val + len;
- bvdn.bv_len = val->bv_len - len;
+ if ( len ) {
+ len = ber_ptrlen( ber );
+ bvdn.bv_val = val->bv_val + len;
+ bvdn.bv_len = val->bv_len - len;
- rc = dnX509normalize( &bvdn, &issuer_dn );
- if ( rc != LDAP_SUCCESS ) goto done;
+ rc = dnX509normalize( &bvdn, &issuer_dn );
+ if ( rc != LDAP_SUCCESS ) goto done;
+ }
normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" )
+ sn2.bv_len + issuer_dn.bv_len;
}
if ( is->bv_val[is->bv_len+1] == '"' ) {
/* double dquote */
+ numdquotes++;
is->bv_len += 2;
continue;
}
}
if ( is->bv_val[is->bv_len + 1] == '"' ) {
/* double dquote */
+ numdquotes++;
is->bv_len += 2;
continue;
}
#endif
char *directoryStringSyntaxes[] = {
+ "1.3.6.1.4.1.1466.115.121.1.11" /* countryString */,
"1.3.6.1.4.1.1466.115.121.1.44" /* printableString */,
+ "1.3.6.1.4.1.1466.115.121.1.50" /* telephoneNumber */,
NULL
};
char *integerFirstComponentMatchSyntaxes[] = {