Fixup bdb_entry_release now that entry_decode uses two memory blocks

[openldap] / servers / slapd / value.c

diff --git a/servers/slapd/value.c b/servers/slapd/value.c
index 4a34fc09833a92eb953dad2e82adddfd3b8070b9..88768204bd93005a6f42dcad654a17ca07f7d5c4 100644 (file)
--- a/servers/slapd/value.c
+++ b/servers/slapd/value.c
@@ -87,6 +87,7 @@ value_normalize(
        }
 
        /* we only support equality matching of binary attributes */
+       /* This is suspect, flexible certificate matching will hit this */
        if( slap_ad_is_binary( ad ) && usage != SLAP_MR_EQUALITY ) {
                *text = "inappropriate binary matching";
                return LDAP_INAPPROPRIATE_MATCHING;
@@ -133,7 +134,6 @@ value_match(
        int rc;
        struct berval *nv1 = NULL;
        struct berval *nv2 = NULL;
-       Syntax *syntax;
 
        if( !mr->smr_match ) {
                return LDAP_INAPPROPRIATE_MATCHING;
@@ -148,12 +148,16 @@ value_match(
                }
        }
 
-       if ( !(flags & SLAP_MR_VALUE_IS_IN_MR_SYNTAX) &&
-            mr->smr_convert ) {
-               rc = (mr->smr_convert)(v2,&nv2);
+       if ( SLAP_IS_MR_VALUE_SYNTAX_NONCONVERTED_MATCH( flags ) &&
+               mr->smr_convert )
+       {
+               rc = (mr->smr_convert)( v2, &nv2 );
                if ( rc != LDAP_SUCCESS ) {
-                 return LDAP_INVALID_SYNTAX;
+                       return LDAP_INVALID_SYNTAX;
                }
+
+               /* let smr_match know we've converted the value */
+               flags |= SLAP_MR_VALUE_SYNTAX_CONVERTED_MATCH;
        }
 
        rc = (mr->smr_match)( match, flags,
@@ -168,25 +172,43 @@ value_match(
 }
 
 
-int value_find(
+int value_find_ex(
        AttributeDescription *ad,
+       unsigned flags,
        struct berval **vals,
        struct berval *val )
 {
        int     i;
        int rc;
        struct berval *nval = NULL;
+       struct berval *nval_tmp = NULL;
        MatchingRule *mr = ad->ad_type->sat_equality;
 
        if( mr == NULL || !mr->smr_match ) {
                return LDAP_INAPPROPRIATE_MATCHING;
        }
 
+       /* Take care of this here or ssyn_normalize later will hurt */
+       if ( SLAP_IS_MR_VALUE_SYNTAX_NONCONVERTED_MATCH( flags )
+               && mr->smr_convert )
+       {
+               rc = (mr->smr_convert)( val, &nval );
+               if ( rc != LDAP_SUCCESS ) {
+                       return LDAP_INVALID_SYNTAX;
+               }
+
+               /* let value_match know we've done the version */
+               flags |= SLAP_MR_VALUE_SYNTAX_CONVERTED_MATCH;
+       }
+
        if( mr->smr_syntax->ssyn_normalize ) {
                rc = mr->smr_syntax->ssyn_normalize(
-                       mr->smr_syntax, val, &nval );
+                       mr->smr_syntax, nval == NULL ? val : nval, &nval_tmp );
 
+               ber_bvfree(nval);
+               nval = nval_tmp;
                if( rc != LDAP_SUCCESS ) {
+                       ber_bvfree(nval);
                        return LDAP_INAPPROPRIATE_MATCHING;
                }
        }
@@ -195,7 +217,7 @@ int value_find(
                int match;
                const char *text;
 
-               rc = value_match( &match, ad, mr, 0,
+               rc = value_match( &match, ad, mr, flags,
                        vals[i], nval == NULL ? val : nval, &text );
 
                if( rc == LDAP_SUCCESS && match == 0 ) {