/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
return LDAP_SUCCESS;
}
+/* 10**Chop < 256**Chopbytes and Chop > Chopbytes<<1 (for sign bit and itmp) */
#define INDEX_INTLEN_CHOP 7
+#define INDEX_INTLEN_CHOPBYTES 3
static int
integerVal2Key(
- struct berval val,
+ struct berval *in,
struct berval *key,
- struct berval itmp
-)
+ struct berval *tmp,
+ void *ctx )
{
/* index format:
- * only if too large: one's complement <sign*length of chopped bytes>,
+ * only if too large: one's complement <sign*exponent (chopped bytes)>,
* two's complement value (sign-extended or chopped as needed),
- * with 1st byte of the above adjusted as follows:
- * inverse sign in the top <number of length-bytes + 1> bits,
- * then the sign bit as delimiter.
+ * however the top <number of exponent-bytes + 1> bits of first byte
+ * above is the inverse sign. The next bit is the sign as delimiter.
*/
- ber_slen_t k = index_intlen_strlen, chop = 0;
- unsigned char neg = 0xff, signmask = 0x80;
- unsigned char lenbuf[sizeof(k) + 2], *lenp;
+ ber_slen_t k = index_intlen_strlen;
+ ber_len_t chop = 0;
+ unsigned signmask = ~0x7fU;
+ unsigned char lenbuf[sizeof(k) + 2], *lenp, neg = 0xff;
+ struct berval val = *in, itmp = *tmp;
if ( val.bv_val[0] != '-' ) {
neg = 0;
}
/* Chop least significant digits, increase length instead */
- if ( val.bv_len > k ) {
- chop = (val.bv_len - k + 2) / 7; /* 2 fewer digits */
+ if ( val.bv_len > (ber_len_t) k ) {
+ chop = (val.bv_len-k+2)/INDEX_INTLEN_CHOP; /* 2 fewer digits */
val.bv_len -= chop * INDEX_INTLEN_CHOP; /* #digits chopped */
- chop *= 3; /* >#key bytes chopped: 256**3 > 10**7 */
- if ( chop > 0x7fffffff ) {
- memset( key->bv_val, neg ^ 0xff, index_intlen );
- return 0;
- }
+ chop *= INDEX_INTLEN_CHOPBYTES; /* #bytes added */
}
- if ( lutil_str2bin( &val, &itmp )) {
+ if ( lutil_str2bin( &val, &itmp, ctx )) {
return LDAP_INVALID_SYNTAX;
}
itmp.bv_len--;
}
- k = (ber_slen_t) index_intlen - ((ber_slen_t) itmp.bv_len + chop);
+ k = (ber_slen_t) index_intlen - (ber_slen_t) (itmp.bv_len + chop);
if ( k > 0 ) {
assert( chop == 0 );
memset( key->bv_val, neg, k ); /* sign-extend */
} else if ( k != 0 || ((itmp.bv_val[0] ^ neg) & 0xc0) ) {
lenp = lenbuf + sizeof(lenbuf);
- k = -k;
+ chop = - (ber_len_t) k;
do {
- *--lenp = k ^ neg;
+ *--lenp = ((unsigned char) chop & 0xff) ^ neg;
signmask >>= 1;
- } while ( (k >>= 8) != 0 || (signmask >> 1) <= (*lenp ^ neg) );
- /* With n bytes used in lenbuf, the top n+1 bits of signmask
- * are 1, and the top n+2 bits of *lenp are the sign bit. */
+ } while ( (chop >>= 8) != 0 || (signmask >> 1) & (*lenp ^ neg) );
+ /* With n bytes in lenbuf, the top n+1 bits of (signmask&0xff)
+ * are 1, and the top n+2 bits of lenp[] are the sign bit. */
k = (lenbuf + sizeof(lenbuf)) - lenp;
- if ( k > index_intlen )
+ if ( k > (ber_slen_t) index_intlen )
k = index_intlen;
memcpy( key->bv_val, lenp, k );
itmp.bv_len = index_intlen - k;
}
memcpy( key->bv_val + k, itmp.bv_val, itmp.bv_len );
- key->bv_val[0] ^= (unsigned char) -signmask & 0xff; /* invert sign */
+ key->bv_val[0] ^= (unsigned char) signmask & 0xff; /* invert sign */
return 0;
}
else if ( itmp.bv_len > maxstrlen )
itmp.bv_len = maxstrlen;
}
- rc = integerVal2Key( values[i], &keys[i], itmp );
+ rc = integerVal2Key( &values[i], &keys[i], &itmp, ctx );
if ( rc )
- goto leave;
+ goto func_leave;
}
*keysp = keys;
-leave:
+func_leave:
if ( itmp.bv_val != ibuf ) {
slap_sl_free( itmp.bv_val, ctx );
}
keys[0].bv_len = index_intlen;
keys[0].bv_val = slap_sl_malloc( index_intlen, ctx );
+ keys[1].bv_len = 0;
+ keys[1].bv_val = NULL;
iv.bv_len = value->bv_len < index_intlen_strlen + INDEX_INTLEN_CHOP-1
? value->bv_len : index_intlen_strlen + INDEX_INTLEN_CHOP-1;
iv.bv_len = sizeof(ibuf);
}
- rc = integerVal2Key( *value, keys, iv );
+ rc = integerVal2Key( value, keys, &iv, ctx );
if ( rc == 0 )
*keysp = keys;
} else {
/* Parse GSER format */
- int havesn=0,haveissuer=0;
+ int havesn = 0, haveissuer = 0, numdquotes = 0;
struct berval x = *in;
struct berval ni;
x.bv_val++;
STRLENOF("serialNumber")) == 0 )
{
/* parse serialNumber */
- int neg=0;
+ int neg = 0;
+ char first = '\0';
+ int extra = 0;
+
x.bv_val += STRLENOF("serialNumber");
x.bv_len -= STRLENOF("serialNumber");
}
if ( sn->bv_val[0] == '0' && ( sn->bv_val[1] == 'x' ||
- sn->bv_val[1] == 'X' )) {
+ sn->bv_val[1] == 'X' ))
+ {
is_hex = 1;
+ first = sn->bv_val[2];
+ extra = 2;
+
+ sn->bv_len += STRLENOF("0x");
for( ; sn->bv_len < x.bv_len; sn->bv_len++ ) {
if ( !ASCII_HEX( sn->bv_val[sn->bv_len] )) break;
}
+
} else if ( sn->bv_val[0] == '\'' ) {
+ first = sn->bv_val[1];
+ extra = 3;
+
+ sn->bv_len += STRLENOF("'");
+
for( ; sn->bv_len < x.bv_len; sn->bv_len++ ) {
if ( !ASCII_HEX( sn->bv_val[sn->bv_len] )) break;
}
if ( sn->bv_val[sn->bv_len] == '\'' &&
- sn->bv_val[sn->bv_len+1] == 'H' )
+ sn->bv_val[sn->bv_len + 1] == 'H' )
+ {
+ sn->bv_len += STRLENOF("'H");
is_hex = 1;
- else
+
+ } else {
return LDAP_INVALID_SYNTAX;
- sn->bv_len += 2;
+ }
+
} else {
+ first = sn->bv_val[0];
for( ; sn->bv_len < x.bv_len; sn->bv_len++ ) {
if ( !ASCII_DIGIT( sn->bv_val[sn->bv_len] )) break;
}
}
if (!( sn->bv_len > neg )) return LDAP_INVALID_SYNTAX;
- if (( sn->bv_len > 1+neg ) && ( sn->bv_val[neg] == '0' )) {
+ if (( sn->bv_len > extra+1+neg ) && ( first == '0' )) {
return LDAP_INVALID_SYNTAX;
}
}
if ( is->bv_val[is->bv_len+1] == '"' ) {
/* double dquote */
+ numdquotes++;
is->bv_len+=2;
continue;
}
/* should have no characters left... */
if( x.bv_len ) return LDAP_INVALID_SYNTAX;
- ber_dupbv_x( &ni, is, ctx );
- *is = ni;
+ if ( numdquotes == 0 ) {
+ ber_dupbv_x( &ni, is, ctx );
+ } else {
+ ber_int_t src, dst;
- /* need to handle double dquotes here */
+ ni.bv_len = is->bv_len - numdquotes;
+ ni.bv_val = ber_memalloc_x( ni.bv_len + 1, ctx );
+ for ( src = 0, dst = 0; src < is->bv_len; src++, dst++ ) {
+ if ( is->bv_val[src] == '"' ) {
+ src++;
+ }
+ ni.bv_val[dst] = is->bv_val[src];
+ }
+ ni.bv_val[dst] = '\0';
+ }
+
+ *is = ni;
}
+
return 0;
}
}
sn2.bv_val = stmp;
sn2.bv_len = sn.bv_len;
- if ( lutil_str2bin( &sn, &sn2 )) {
+ if ( lutil_str2bin( &sn, &sn2, ctx )) {
rc = LDAP_INVALID_SYNTAX;
- goto leave;
+ goto func_leave;
}
/* make room for sn + "$" */
out->bv_len = 0;
slap_sl_free( ni.bv_val, ctx );
rc = LDAP_OTHER;
- goto leave;
+ goto func_leave;
}
n = 0;
Debug( LDAP_DEBUG_TRACE, "<<< serialNumberAndIssuerNormalize: <%s>\n",
out->bv_val, 0, 0 );
-leave:
+func_leave:
if ( stmp != sbuf )
slap_sl_free( stmp, ctx );
slap_sl_free( ni.bv_val, ctx );
return hexValidate( NULL, &bv );
}
+/* Normalize a CSN in OpenLDAP 2.1 format */
+static int
+csnNormalize21(
+ slap_mask_t usage,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *val,
+ struct berval *normalized,
+ void *ctx )
+{
+ struct berval gt, cnt, sid, mod;
+ struct berval bv;
+ char buf[ STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss" ) + 1 ];
+ char *ptr;
+ int i;
+
+ assert( SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) != 0 );
+ assert( !BER_BVISEMPTY( val ) );
+
+ gt = *val;
+
+ ptr = ber_bvchr( >, '#' );
+ if ( ptr == NULL || ptr - gt.bv_val == gt.bv_len ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ gt.bv_len = ptr - gt.bv_val;
+ if ( gt.bv_len != STRLENOF( "YYYYmmddHH:MM:SSZ" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ if ( gt.bv_val[ 10 ] != ':' || gt.bv_val[ 13 ] != ':' ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ cnt.bv_val = ptr + 1;
+ cnt.bv_len = val->bv_len - ( cnt.bv_val - val->bv_val );
+
+ ptr = ber_bvchr( &cnt, '#' );
+ if ( ptr == NULL || ptr - val->bv_val == val->bv_len ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ cnt.bv_len = ptr - cnt.bv_val;
+ if ( cnt.bv_len != STRLENOF( "0x0000" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ if ( strncmp( cnt.bv_val, "0x", STRLENOF( "0x" ) ) != 0 ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ cnt.bv_val += STRLENOF( "0x" );
+ cnt.bv_len -= STRLENOF( "0x" );
+
+ sid.bv_val = ptr + 1;
+ sid.bv_len = val->bv_len - ( sid.bv_val - val->bv_val );
+
+ ptr = ber_bvchr( &sid, '#' );
+ if ( ptr == NULL || ptr - val->bv_val == val->bv_len ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ sid.bv_len = ptr - sid.bv_val;
+ if ( sid.bv_len != STRLENOF( "0" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ mod.bv_val = ptr + 1;
+ mod.bv_len = val->bv_len - ( mod.bv_val - val->bv_val );
+ if ( mod.bv_len != STRLENOF( "0000" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ bv.bv_len = STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss" );
+ bv.bv_val = buf;
+
+ ptr = bv.bv_val;
+ ptr = lutil_strncopy( ptr, gt.bv_val, STRLENOF( "YYYYmmddHH" ) );
+ ptr = lutil_strncopy( ptr, >.bv_val[ STRLENOF( "YYYYmmddHH:" ) ],
+ STRLENOF( "MM" ) );
+ ptr = lutil_strncopy( ptr, >.bv_val[ STRLENOF( "YYYYmmddHH:MM:" ) ],
+ STRLENOF( "SS" ) );
+ ptr = lutil_strcopy( ptr, ".000000Z#00" );
+ ptr = lutil_strncopy( ptr, cnt.bv_val, cnt.bv_len );
+ *ptr++ = '#';
+ *ptr++ = '0';
+ *ptr++ = '0';
+ *ptr++ = sid.bv_val[ 0 ];
+ *ptr++ = '#';
+ *ptr++ = '0';
+ *ptr++ = '0';
+ for ( i = 0; i < mod.bv_len; i++ ) {
+ *ptr++ = TOLOWER( mod.bv_val[ i ] );
+ }
+ *ptr = '\0';
+
+ assert( ptr - bv.bv_val == bv.bv_len );
+
+ if ( csnValidate( syntax, &bv ) != LDAP_SUCCESS ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ ber_dupbv_x( normalized, &bv, ctx );
+
+ return LDAP_SUCCESS;
+}
+
/* Normalize a CSN in OpenLDAP 2.3 format */
static int
csnNormalize23(
void *ctx )
{
struct berval gt, cnt, sid, mod;
+ struct berval bv;
+ char buf[ STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss" ) + 1 ];
char *ptr;
int i;
}
gt.bv_len = ptr - gt.bv_val;
- assert( gt.bv_len == STRLENOF( "YYYYmmddHHMMSSZ" ) );
+ if ( gt.bv_len != STRLENOF( "YYYYmmddHHMMSSZ" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
cnt.bv_val = ptr + 1;
cnt.bv_len = val->bv_len - ( cnt.bv_val - val->bv_val );
}
cnt.bv_len = ptr - cnt.bv_val;
- assert( cnt.bv_len == STRLENOF( "000000" ) );
+ if ( cnt.bv_len != STRLENOF( "000000" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
sid.bv_val = ptr + 1;
sid.bv_len = val->bv_len - ( sid.bv_val - val->bv_val );
}
sid.bv_len = ptr - sid.bv_val;
- assert( sid.bv_len == STRLENOF( "00" ) );
+ if ( sid.bv_len != STRLENOF( "00" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
mod.bv_val = ptr + 1;
mod.bv_len = val->bv_len - ( mod.bv_val - val->bv_val );
- assert( mod.bv_len == STRLENOF( "000000" ) );
+ if ( mod.bv_len != STRLENOF( "000000" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
- normalized->bv_len = STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss" );
- normalized->bv_val = ber_memalloc_x( normalized->bv_len + 1, ctx );
+ bv.bv_len = STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss" );
+ bv.bv_val = buf;
- ptr = normalized->bv_val;
+ ptr = bv.bv_val;
ptr = lutil_strncopy( ptr, gt.bv_val, gt.bv_len - 1 );
ptr = lutil_strcopy( ptr, ".000000Z#" );
ptr = lutil_strncopy( ptr, cnt.bv_val, cnt.bv_len );
}
*ptr = '\0';
- assert( ptr - normalized->bv_val == normalized->bv_len );
+ assert( ptr - bv.bv_val == bv.bv_len );
+ if ( csnValidate( syntax, &bv ) != LDAP_SUCCESS ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ ber_dupbv_x( normalized, &bv, ctx );
return LDAP_SUCCESS;
}
return csnNormalize23( usage, syntax, mr, val, normalized, ctx );
}
- assert( val->bv_len == STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss" ) );
+ if ( val->bv_len == STRLENOF( "YYYYmmddHH:MM:SSZ#0xSSSS#I#ssss" ) ) {
+ /* Openldap 2.1 */
+
+ return csnNormalize21( usage, syntax, mr, val, normalized, ctx );
+ }
+
+ if ( val->bv_len != STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
ptr = ber_bvchr( val, '#' );
if ( ptr == NULL || ptr - val->bv_val == val->bv_len ) {
return LDAP_INVALID_SYNTAX;
}
- assert( ptr - val->bv_val == STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ" ) );
+ if ( ptr - val->bv_val != STRLENOF( "YYYYmmddHHMMSS.uuuuuuZ" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
cnt.bv_val = ptr + 1;
cnt.bv_len = val->bv_len - ( cnt.bv_val - val->bv_val );
return LDAP_INVALID_SYNTAX;
}
- assert( ptr - cnt.bv_val == STRLENOF( "000000" ) );
+ if ( ptr - cnt.bv_val != STRLENOF( "000000" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
sid.bv_val = ptr + 1;
sid.bv_len = val->bv_len - ( sid.bv_val - val->bv_val );
}
sid.bv_len = ptr - sid.bv_val;
- assert( sid.bv_len == STRLENOF( "000" ) );
+ if ( sid.bv_len != STRLENOF( "000" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
mod.bv_val = ptr + 1;
mod.bv_len = val->bv_len - ( mod.bv_val - val->bv_val );
- assert( mod.bv_len == STRLENOF( "000000" ) );
+ if ( mod.bv_len != STRLENOF( "000000" ) ) {
+ return LDAP_INVALID_SYNTAX;
+ }
ber_dupbv_x( normalized, val, ctx );
if( val->bv_len < 3 ) return LDAP_INVALID_SYNTAX;
- if( val->bv_val[0] != '(' /*')'*/ &&
- val->bv_val[0] != '{' /*'}'*/ )
+ if( ! ( val->bv_val[0] == '(' /*')'*/
+ && val->bv_val[val->bv_len - 1] == /*'('*/ ')' )
+ && ! ( val->bv_val[0] == '{' /*'}'*/
+ && val->bv_val[val->bv_len - 1] == /*'('*/ '}' ) )
{
return LDAP_INVALID_SYNTAX;
}
/* grab next word */
comp.bv_val = &val->bv_val[len];
- len = val->bv_len - len;
+ len = val->bv_len - len - STRLENOF(/*"{"*/ "}");
for( comp.bv_len = 0;
!ASCII_SPACE(comp.bv_val[comp.bv_len]) && comp.bv_len < len;
comp.bv_len++ )
projects / openldap / blobdiff