Fix pkiUser

[openldap] / servers / slapd / schema_init.c

diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index 85e9f2526fc379d8fc47d5b49dcf0c8cad9152e7..f0ad77cb51a3daab777728a7a8a8e0c6735e00a0 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -274,7 +274,7 @@ nameUIDValidate(
 
        rc = dnValidate( NULL, &dn );
 
-       ber_memfree( &dn );
+       ber_memfree( dn.bv_val );
        return rc;
 }
 
@@ -2797,6 +2797,7 @@ static int caseIgnoreIA5Indexer(
        BerVarray *keysp )
 {
        int i;
+       int rc = LDAP_SUCCESS;
        size_t slen, mlen;
        BerVarray keys;
        HASH_CONTEXT   HASHcontext;
@@ -2819,7 +2820,21 @@ static int caseIgnoreIA5Indexer(
 
        for( i=0; values[i].bv_val != NULL; i++ ) {
                struct berval value;
-               ber_dupbv( &value, &values[i] );
+
+               if( mr->smr_normalize ) {
+                       rc = (mr->smr_normalize)( use, syntax, mr, &values[i], &value );
+                       if( rc != LDAP_SUCCESS ) {
+                               break;
+                       }
+               } else if ( mr->smr_syntax->ssyn_normalize ) {
+                       rc = (mr->smr_syntax->ssyn_normalize)( syntax, &values[i], &value );
+                       if( rc != LDAP_SUCCESS ) {
+                               break;
+                       }
+               } else {
+                       ber_dupbv( &value, &values[i] );
+               }
+
                ldap_pvt_str2lower( value.bv_val );
 
                HASH_Init( &HASHcontext );
@@ -2841,8 +2856,12 @@ static int caseIgnoreIA5Indexer(
        }
 
        keys[i].bv_val = NULL;
+       if( rc != LDAP_SUCCESS ) {
+               ber_bvarray_free( keys );
+               keys = NULL;
+       }
        *keysp = keys;
-       return LDAP_SUCCESS;
+       return rc;
 }
 
 /* Index generation function */
@@ -3480,16 +3499,6 @@ asn1_integer2str(ASN1_INTEGER *a, struct berval *bv)
        return ber_str2bv( p, 0, 1, bv );
 }
 
-/* Get a DN in RFC2253 format from a X509_NAME internal struct */
-int
-dn_openssl2ldap(X509_NAME *name, struct berval *out)
-{
-       char buf[2048], *p;
-
-       p = X509_NAME_oneline( name, buf, sizeof( buf ) );
-       return dnDCEnormalize( p, out );
-}
-
 /*
  * Given a certificate in DER format, extract the corresponding
  * assertion value for certificateExactMatch
@@ -3522,7 +3531,7 @@ certificateExactConvert(
                X509_free(xcert);
                return LDAP_INVALID_SYNTAX;
        }
-       if ( dn_openssl2ldap(X509_get_issuer_name(xcert), &issuer_dn ) != LDAP_SUCCESS ) {
+       if ( dnX509normalize(X509_get_issuer_name(xcert), &issuer_dn ) != LDAP_SUCCESS ) {
                X509_free(xcert);
                ber_memfree(serial.bv_val);
                return LDAP_INVALID_SYNTAX;
@@ -3636,7 +3645,7 @@ certificateExactMatch(
        }
 
        asn1_integer2str(xcert->cert_info->serialNumber, &serial);
-       dn_openssl2ldap(X509_get_issuer_name(xcert), &issuer_dn);
+       dnX509normalize(X509_get_issuer_name(xcert), &issuer_dn);
 
        X509_free(xcert);