unsigned char octet = '\0';
int i;
int j;
+
+ if ( SLAP_MR_IS_DENORMALIZE( usage ) ) {
+ /* NOTE: must be a normalized UUID */
+ assert( val->bv_len == 16 );
+
+ normalized->bv_val = slap_sl_malloc( LDAP_LUTIL_UUIDSTR_BUFSIZE, ctx );
+ normalized->bv_len = lutil_uuidstr_from_normalized( val->bv_val,
+ val->bv_len, normalized->bv_val, LDAP_LUTIL_UUIDSTR_BUFSIZE );
+ assert( normalized->bv_len == STRLENOF( "BADBADBA-DBAD-0123-4567-BADBADBADBAD" ) );
+
+ return LDAP_SUCCESS;
+ }
+
normalized->bv_len = 16;
normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx );
for( ; (x.bv_val[0] == ' ') && x.bv_len; x.bv_val++, x.bv_len--) {
/* empty */;
}
-
+
+ /* For backward compatibility, this part is optional */
+ if( !strncasecmp( x.bv_val, "rdnSequence:", STRLENOF("rdnSequence:"))) {
+ x.bv_val += STRLENOF("rdnSequence:");
+ x.bv_len -= STRLENOF("rdnSequence:");
+ }
+
if( x.bv_val[0] != '"' ) return LDAP_INVALID_SYNTAX;
x.bv_val++; x.bv_len--;
for( ; (x.bv_val[0] == ' ') && x.bv_len; x.bv_val++, x.bv_len--) {
/* empty */;
}
-
+
+ /* For backward compatibility, this part is optional */
+ if( !strncasecmp( x.bv_val, "rdnSequence:", STRLENOF("rdnSequence:"))) {
+ x.bv_val += STRLENOF("rdnSequence:");
+ x.bv_len -= STRLENOF("rdnSequence:");
+ }
+
if( x.bv_val[0] != '"' ) return LDAP_INVALID_SYNTAX;
x.bv_val++; x.bv_len--;
if( rc ) return LDAP_INVALID_SYNTAX;
/* make room from sn + "$" */
- out->bv_len = STRLENOF("{ serialNumber , issuer \"\" }")
+ out->bv_len = STRLENOF("{ serialNumber , issuer rdnSequence:\"\" }")
+ sn.bv_len + ni.bv_len;
out->bv_val = slap_sl_malloc( out->bv_len + 1, ctx );
AC_MEMCPY( &out->bv_val[n], sn.bv_val, sn.bv_len );
n += sn.bv_len;
- AC_MEMCPY( &out->bv_val[n], ", issuer \"", STRLENOF(", issuer \""));
- n += STRLENOF(", issuer \"");
+ AC_MEMCPY( &out->bv_val[n], ", issuer rdnSequence:\"", STRLENOF(", issuer rdnSequence:\""));
+ n += STRLENOF(", issuer rdnSequence:\"");
AC_MEMCPY( &out->bv_val[n], ni.bv_val, ni.bv_len );
n += ni.bv_len;
}
/* make room for sn + "$" */
- out->bv_len = STRLENOF( "{ serialNumber , issuer \"\" }" )
+ out->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" )
+ ( sn2.bv_len * 2 + 3 ) + ni.bv_len;
out->bv_val = slap_sl_malloc( out->bv_len + 1, ctx );
unsigned char *v = sn2.bv_val;
out->bv_val[n++] = '\'';
for ( j = 0; j < sn2.bv_len; j++ ) {
- sprintf( &out->bv_val[n], "%02x", v[j] );
+ sprintf( &out->bv_val[n], "%02X", v[j] );
n += 2;
}
out->bv_val[n++] = '\'';
out->bv_val[n++] = 'H';
}
- AC_MEMCPY( &out->bv_val[n], ", issuer \"", STRLENOF( ", issuer \"" ));
- n += STRLENOF( ", issuer \"" );
+ AC_MEMCPY( &out->bv_val[n], ", issuer rdnSequence:\"", STRLENOF( ", issuer rdnSequence:\"" ));
+ n += STRLENOF( ", issuer rdnSequence:\"" );
AC_MEMCPY( &out->bv_val[n], ni.bv_val, ni.bv_len );
n += ni.bv_len;
ber_skip_data( ber, len );
/* Check for minimal encodings */
- if ( ptr[0] & 0x80 ) {
- if (( ptr[0] == 0xff ) && ( ptr[1] & 0x80 ))
- return LDAP_INVALID_SYNTAX;
- } else if ( ptr[0] == 0 ) {
- if (!( ptr[1] & 0x80 ))
- return LDAP_INVALID_SYNTAX;
- ptr++;
- len--;
+ if ( len > 1 ) {
+ if ( ptr[0] & 0x80 ) {
+ if (( ptr[0] == 0xff ) && ( ptr[1] & 0x80 ))
+ return LDAP_INVALID_SYNTAX;
+ } else if ( ptr[0] == 0 ) {
+ if (!( ptr[1] & 0x80 ))
+ return LDAP_INVALID_SYNTAX;
+ }
}
seriallen = len * 2 + 4; /* quotes, H, NUL */
sptr = serial;
*sptr++ = '\'';
for ( i = 0; i<len; i++ ) {
- sprintf( sptr, "%02x", ptr[i] );
+ sprintf( sptr, "%02X", ptr[i] );
sptr += 2;
}
*sptr++ = '\'';
rc = dnX509normalize( &bvdn, &issuer_dn );
if( rc != LDAP_SUCCESS ) goto done;
- normalized->bv_len = STRLENOF( "{ serialNumber , issuer \"\" }" )
+ normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" )
+ seriallen + issuer_dn.bv_len;
normalized->bv_val = ch_malloc(normalized->bv_len+1);
AC_MEMCPY(p, serial, seriallen);
p += seriallen;
- AC_MEMCPY(p, ", issuer \"", STRLENOF( ", issuer \"" ));
- p += STRLENOF( ", issuer \"" );
+ AC_MEMCPY(p, ", issuer rdnSequence:\"", STRLENOF( ", issuer rdnSequence:\"" ));
+ p += STRLENOF( ", issuer rdnSequence:\"" );
AC_MEMCPY(p, issuer_dn.bv_val, issuer_dn.bv_len);
p += issuer_dn.bv_len;