X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fgetdn.c;h=f3c60465fd42b44a6bca5f3f58fe3164b1d50d24;hb=959edd88c0dc0ad558d9ebc423996c7a9d0f8cbc;hp=c632f3ae6046364b7f46cf2357a425c2fa6a6a7b;hpb=1d4e2342d2c49ff7ded8f0a8ce72e44ad5db4793;p=openldap diff --git a/libraries/libldap/getdn.c b/libraries/libldap/getdn.c index c632f3ae60..f3c60465fd 100644 --- a/libraries/libldap/getdn.c +++ b/libraries/libldap/getdn.c @@ -1,6 +1,6 @@ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ /* Portions @@ -25,7 +25,7 @@ /* extension to UFN that turns trailing "dc=value" rdns in DNS style, * e.g. "ou=People,dc=openldap,dc=org" => "People, openldap.org" */ #define DC_IN_UFN -/* #define PRETTY_ESCAPE */ +#define PRETTY_ESCAPE /* parsing/printing routines */ static int str2strval( const char *str, struct berval *val, @@ -174,7 +174,7 @@ ldap_explode_rdn( LDAP_CONST char *rdn, int notypes ) * FIXME: we prefer efficiency over checking if the _ENTIRE_ * dn can be parsed */ - if ( ldap_str2rdn( rdn, &tmpRDN, &p, LDAP_DN_FORMAT_LDAP ) + if ( ldap_str2rdn( rdn, &tmpRDN, (char **) &p, LDAP_DN_FORMAT_LDAP ) != LDAP_SUCCESS ) { return( NULL ); } @@ -299,7 +299,8 @@ ldap_dn2ad_canonical( LDAP_CONST char *dn ) * LDAP_DN_FORMAT_AD_CANONICAL (?) */ int -ldap_dn_normalize( const char *dnin, unsigned fin, char **dnout, unsigned fout ) +ldap_dn_normalize( LDAP_CONST char *dnin, + unsigned fin, char **dnout, unsigned fout ) { int rc; LDAPDN *tmpDN = NULL; @@ -383,10 +384,12 @@ ldap_dn_normalize( const char *dnin, unsigned fin, char **dnout, unsigned fout ) #define LDAP_DN_NE(c) \ ( LDAP_DN_RDN_SEP_V2(c) || LDAP_DN_AVA_SEP(c) \ || LDAP_DN_QUOTES(c) || (c) == '<' || (c) == '>' ) +#define LDAP_DN_MAYESCAPE(c) \ + ( LDAP_DN_ESCAPE(c) || LDAP_DN_NE(c) \ + || LDAP_DN_ASCII_SPACE(c) || LDAP_DN_OCTOTHORPE(c) ) #define LDAP_DN_NEEDESCAPE(c) \ ( LDAP_DN_ESCAPE(c) || LDAP_DN_NE(c) ) -#define LDAP_DN_NEEDESCAPE_LEAD(c) \ - ( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_OCTOTHORPE(c) || LDAP_DN_NE(c) ) +#define LDAP_DN_NEEDESCAPE_LEAD(c) LDAP_DN_MAYESCAPE(c) #define LDAP_DN_NEEDESCAPE_TRAIL(c) \ ( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_NEEDESCAPE(c) ) #define LDAP_DN_WILLESCAPE_CHAR(c) \ @@ -533,9 +536,9 @@ ldap_avafree( LDAPAVA *ava ) #if 0 /* la_attr is now contiguous with ava, not freed separately */ - free( ava->la_attr.bv_val ); + LDAP_FREE( ava->la_attr.bv_val ); #endif - free( ava->la_value.bv_val ); + LDAP_FREE( ava->la_value.bv_val ); LDAP_FREE( ava ); } @@ -586,17 +589,42 @@ ldap_dnfree( LDAPDN *dn ) * and readable as soon as it works as expected. */ -#define TMP_SLOTS 1024 +/* + * Default sizes of AVA and RDN static working arrays; if required + * the are dynamically resized. The values can be tuned in case + * of special requirements (e.g. very deep DN trees or high number + * of AVAs per RDN). + */ +#define TMP_AVA_SLOTS 8 +#define TMP_RDN_SLOTS 32 + +int +ldap_bv2dn( struct berval *bv, LDAPDN **dn, unsigned flags ) +{ + assert( bv ); + assert( dn ); + + /* + * FIXME: ldap_bv2dn() and ldap_str2dn() will be swapped, + * i.e. ldap_str2dn() will become a wrapper for ldap_bv2dn() + */ + if ( bv->bv_len != strlen( bv->bv_val ) ) { + return LDAP_INVALID_DN_SYNTAX; + } + + return ldap_str2dn( bv->bv_val, dn, flags ); +} int -ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags ) +ldap_str2dn( LDAP_CONST char *str, LDAPDN **dn, unsigned flags ) { const char *p; int rc = LDAP_DECODING_ERROR; int nrdns = 0; LDAPDN *newDN = NULL; - LDAPRDN *newRDN = NULL, *tmpDN[TMP_SLOTS]; + LDAPRDN *newRDN = NULL, *tmpDN_[TMP_RDN_SLOTS], **tmpDN = tmpDN_; + int num_slots = TMP_RDN_SLOTS; assert( str ); assert( dn ); @@ -637,7 +665,12 @@ ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags ) goto parsing_error; } p++; - + + /* + * actually we do not want to accept by default the DCE form, + * we do not want to auto-detect it + */ +#if 0 } else if ( LDAP_DN_LDAP( flags ) ) { /* * if dn starts with '/' let's make it a DCE dn @@ -646,12 +679,13 @@ ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags ) flags |= LDAP_DN_FORMAT_DCE; p++; } +#endif } for ( ; p[ 0 ]; p++ ) { int err; - err = ldap_str2rdn( p, &newRDN, &p, flags ); + err = ldap_str2rdn( p, &newRDN, (char **) &p, flags ); if ( err != LDAP_SUCCESS ) { goto parsing_error; } @@ -689,7 +723,31 @@ ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags ) tmpDN[nrdns++] = newRDN; newRDN = NULL; - assert (nrdns < TMP_SLOTS); + /* + * make the static RDN array dynamically rescalable + */ + if ( nrdns == num_slots ) { + LDAPRDN **tmp; + + if ( tmpDN == tmpDN_ ) { + tmp = LDAP_MALLOC( num_slots * 2 * sizeof( LDAPRDN * ) ); + if ( tmp == NULL ) { + rc = LDAP_NO_MEMORY; + goto parsing_error; + } + AC_MEMCPY( tmp, tmpDN, num_slots * sizeof( LDAPRDN * ) ); + + } else { + tmp = LDAP_REALLOC( tmpDN, num_slots * 2 * sizeof( LDAPRDN * ) ); + if ( tmp == NULL ) { + rc = LDAP_NO_MEMORY; + goto parsing_error; + } + } + + tmpDN = tmp; + num_slots *= 2; + } if ( p[ 0 ] == '\0' ) { /* @@ -725,10 +783,16 @@ parsing_error:; ldap_rdnfree( newRDN ); } - for (nrdns-- ;nrdns>=0; nrdns-- ) + for ( nrdns-- ;nrdns >= 0; nrdns-- ) { ldap_rdnfree( tmpDN[nrdns] ); + } return_result:; + + if ( tmpDN != tmpDN_ ) { + LDAP_FREE( tmpDN ); + } + Debug( LDAP_DEBUG_TRACE, "<= ldap_str2dn(%s,%u)=%d\n", str, flags, rc ); *dn = newDN; @@ -744,8 +808,10 @@ return_result:; * corresponds to the rdn separator or to '\0' in case the string is over. */ int -ldap_str2rdn( const char *str, LDAPRDN **rdn, const char **n, unsigned flags ) +ldap_str2rdn( LDAP_CONST char *str, LDAPRDN **rdn, + char **n_in, unsigned flags ) { + const char **n = (const char **) n_in; const char *p; int navas = 0; int state = B4AVA; @@ -757,13 +823,16 @@ ldap_str2rdn( const char *str, LDAPRDN **rdn, const char **n, unsigned flags ) struct berval attrValue = { 0, NULL }; LDAPRDN *newRDN = NULL; - LDAPAVA *tmpRDN[TMP_SLOTS]; + LDAPAVA *tmpRDN_[TMP_AVA_SLOTS], **tmpRDN = tmpRDN_; + int num_slots = TMP_AVA_SLOTS; assert( str ); assert( rdn || flags & LDAP_DN_SKIP ); assert( n ); +#if 0 Debug( LDAP_DEBUG_TRACE, "=> ldap_str2rdn(%s,%u)\n%s", str, flags, "" ); +#endif if ( rdn ) { *rdn = NULL; @@ -1037,7 +1106,12 @@ ldap_str2rdn( const char *str, LDAPRDN **rdn, const char **n, unsigned flags ) * here STRING means RFC 2253 string * FIXME: what about DCE strings? */ - state = B4STRINGVALUE; + if ( !p[ 0 ] ) { + /* empty value */ + state = GOTAVA; + } else { + state = B4STRINGVALUE; + } break; case B4BINARYVALUE: @@ -1101,13 +1175,41 @@ ldap_str2rdn( const char *str, LDAPRDN **rdn, const char **n, unsigned flags ) */ ava = ldapava_new( &attrType, &attrValue, attrValueEncoding ); + if ( ava == NULL ) { rc = LDAP_NO_MEMORY; goto parsing_error; } tmpRDN[navas++] = ava; - assert(navas < TMP_SLOTS); + attrValue.bv_val = NULL; + attrValue.bv_len = 0; + + /* + * prepare room for new AVAs if needed + */ + if (navas == num_slots) { + LDAPAVA **tmp; + + if ( tmpRDN == tmpRDN_ ) { + tmp = LDAP_MALLOC( num_slots * 2 * sizeof( LDAPAVA * ) ); + if ( tmp == NULL ) { + rc = LDAP_NO_MEMORY; + goto parsing_error; + } + AC_MEMCPY( tmp, tmpRDN, num_slots * sizeof( LDAPAVA * ) ); + + } else { + tmp = LDAP_REALLOC( tmpRDN, num_slots * 2 * sizeof( LDAPAVA * ) ); + if ( tmp == NULL ) { + rc = LDAP_NO_MEMORY; + goto parsing_error; + } + } + + tmpRDN = tmp; + num_slots *= 2; + } } /* @@ -1180,13 +1282,21 @@ parsing_error:; free( attrValue.bv_val ); } - for (navas-- ; navas>=0; navas-- ) + for ( navas-- ; navas >= 0; navas-- ) { ldap_avafree( tmpRDN[navas] ); + } return_result:; + if ( tmpRDN != tmpRDN_ ) { + LDAP_FREE( tmpRDN ); + } + +#if 0 Debug( LDAP_DEBUG_TRACE, "<= ldap_str2rdn(%*s)=%d\n", p - str, str, rc ); +#endif + if ( rdn ) { *rdn = newRDN; } @@ -1203,7 +1313,7 @@ static int str2strval( const char *str, struct berval *val, const char **next, unsigned flags, unsigned *retFlags ) { const char *p, *startPos, *endPos = NULL; - ber_len_t len, escapes, unescapes; + ber_len_t len, escapes; assert( str ); assert( val ); @@ -1211,15 +1321,13 @@ str2strval( const char *str, struct berval *val, const char **next, unsigned fla *next = NULL; - for ( startPos = p = str, escapes = 0, unescapes = 0; p[ 0 ]; p++ ) { + for ( startPos = p = str, escapes = 0; p[ 0 ]; p++ ) { if ( LDAP_DN_ESCAPE( p[ 0 ] ) ) { p++; if ( p[ 0 ] == '\0' ) { return( 1 ); } - if ( ( p == startPos + 1 && LDAP_DN_NEEDESCAPE_LEAD( p[ 0 ] ) ) - || ( LDAP_DN_VALUE_END( p[ 1 ] ) && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) ) - || LDAP_DN_NEEDESCAPE( p[ 0 ] ) ) { + if ( LDAP_DN_MAYESCAPE( p[ 0 ] ) ) { escapes++; continue; } @@ -1246,14 +1354,15 @@ str2strval( const char *str, struct berval *val, const char **next, unsigned fla return( 1 ); } /* - * FIXME: we allow escaping + * we do not allow escaping * of chars that don't need * to and do not belong to - * HEXDIGITS (we also allow - * single hexdigit; maybe we - * shouldn't). + * HEXDIGITS */ - unescapes++; + return( 1 ); + + } else if (!LDAP_DN_ASCII_PRINTABLE( p[ 0 ] ) ) { + *retFlags = LDAP_AVA_NONPRINTABLE; } else if ( ( LDAP_DN_LDAP( flags ) && LDAP_DN_VALUE_END_V2( p[ 0 ] ) ) || ( LDAP_DN_LDAPV3( flags ) && LDAP_DN_VALUE_END( p[ 0 ] ) ) ) { @@ -1296,10 +1405,10 @@ str2strval( const char *str, struct berval *val, const char **next, unsigned fla /* * FIXME: test memory? */ - len = ( endPos ? endPos : p ) - startPos - escapes - unescapes; + len = ( endPos ? endPos : p ) - startPos - escapes; val->bv_len = len; - if ( escapes == 0 && unescapes == 0 ) { + if ( escapes == 0 ) { val->bv_val = LDAP_STRNDUP( startPos, len ); } else { @@ -1309,9 +1418,7 @@ str2strval( const char *str, struct berval *val, const char **next, unsigned fla for ( s = 0, d = 0; d < len; ) { if ( LDAP_DN_ESCAPE( startPos[ s ] ) ) { s++; - if ( ( s == 0 && LDAP_DN_NEEDESCAPE_LEAD( startPos[ s ] ) ) - || ( s == len - 1 && LDAP_DN_NEEDESCAPE_TRAIL( startPos[ s ] ) ) - || LDAP_DN_NEEDESCAPE( startPos[ s ] ) ) { + if ( LDAP_DN_MAYESCAPE( startPos[ s ] ) ) { val->bv_val[ d++ ] = startPos[ s++ ]; @@ -1323,12 +1430,8 @@ str2strval( const char *str, struct berval *val, const char **next, unsigned fla s += 2; } else { - /* - * we allow escaping of chars - * that do not need to - */ - val->bv_val[ d++ ] = - startPos[ s++ ]; + /* we should never get here */ + assert( 0 ); } } else { @@ -1337,7 +1440,7 @@ str2strval( const char *str, struct berval *val, const char **next, unsigned fla } val->bv_val[ d ] = '\0'; - assert( strlen( val->bv_val ) == len ); + assert( d == len ); } return( 0 ); @@ -1807,8 +1910,18 @@ strval2strlen( struct berval *val, unsigned flags, ber_len_t *len ) return( 0 ); } - for ( l = 0, p = val->bv_val; p[ 0 ]; p += cl ) { - cl = LDAP_UTF8_CHARLEN( p ); + for ( l = 0, p = val->bv_val; p < val->bv_val + val->bv_len; p += cl ) { + + /* + * escape '%x00' + */ + if ( p[ 0 ] == '\0' ) { + cl = 1; + l += 3; + continue; + } + + cl = LDAP_UTF8_CHARLEN2( p, cl ); if ( cl == 0 ) { /* illegal utf-8 char! */ return( -1 ); @@ -1817,7 +1930,7 @@ strval2strlen( struct berval *val, unsigned flags, ber_len_t *len ) ber_len_t cnt; for ( cnt = 1; cnt < cl; cnt++ ) { - if ( ( p[ cnt ] & 0x80 ) == 0x00 ) { + if ( ( p[ cnt ] & 0xc0 ) != 0x80 ) { return( -1 ); } } @@ -1827,7 +1940,11 @@ strval2strlen( struct berval *val, unsigned flags, ber_len_t *len ) || ( p == val->bv_val && LDAP_DN_NEEDESCAPE_LEAD( p[ 0 ] ) ) || ( !p[ 1 ] && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) ) ) { #ifdef PRETTY_ESCAPE +#if 0 if ( LDAP_DN_WILLESCAPE_HEX( flags, p[ 0 ] ) ) { +#else + if ( LDAP_DN_WILLESCAPE_CHAR( p[ 0 ] ) ) { +#endif /* * there might be some chars we want @@ -1876,7 +1993,26 @@ strval2str( struct berval *val, char *str, unsigned flags, ber_len_t *len ) * of the value */ for ( s = 0, d = 0, end = val->bv_len - 1; s < val->bv_len; ) { - ber_len_t cl = LDAP_UTF8_CHARLEN( &val->bv_val[ s ] ); + ber_len_t cl; + + /* + * escape '%x00' + */ + if ( val->bv_val[ s ] == '\0' ) { + cl = 1; + str[ d++ ] = '\\'; + str[ d++ ] = '0'; + str[ d++ ] = '0'; + s++; + continue; + } + + /* + * The length was checked in strval2strlen(); + * LDAP_UTF8_CHARLEN() should suffice + */ + cl = LDAP_UTF8_CHARLEN2( &val->bv_val[ s ], cl ); + assert( cl > 0 ); /* * there might be some chars we want to escape in form @@ -1884,7 +2020,11 @@ strval2str( struct berval *val, char *str, unsigned flags, ber_len_t *len ) */ if ( ( cl > 1 && !LDAP_DN_IS_PRETTY( flags ) ) #ifdef PRETTY_ESCAPE +#if 0 || LDAP_DN_WILLESCAPE_HEX( flags, val->bv_val[ s ] ) +#else + || LDAP_DN_WILLESCAPE_CHAR( val->bv_val[ s ] ) +#endif #else /* ! PRETTY_ESCAPE */ || LDAP_DN_NEEDESCAPE( val->bv_val[ s ] ) || ( d == 0 && LDAP_DN_NEEDESCAPE_LEAD( val->bv_val[ s ] ) ) @@ -2233,7 +2373,7 @@ dn2domain( LDAPDN *dn, struct berval *bv, int pos, int *iRDN ) l += ava->la_value.bv_len; } else { - AC_MEMCPY( str + ava->la_value.bv_len + 1, bv->bv_val, l); + AC_MEMCPY( str + ava->la_value.bv_len + 1, bv->bv_val + pos, l); AC_MEMCPY( str, ava->la_value.bv_val, ava->la_value.bv_len ); str[ ava->la_value.bv_len ] = '.'; @@ -2745,7 +2885,6 @@ int ldap_dn2bv( LDAPDN *dn, struct berval *bv, unsigned flags ) int ( *sv2s ) ( struct berval *v, char *s, unsigned f, ber_len_t *l ); assert( bv ); - bv->bv_len = 0; bv->bv_val = NULL; @@ -2764,13 +2903,13 @@ int ldap_dn2bv( LDAPDN *dn, struct berval *bv, unsigned flags ) case LDAP_DN_FORMAT_LDAPV3: sv2l = strval2strlen; sv2s = strval2str; - goto got_funcs; + if( 0 ) { case LDAP_DN_FORMAT_LDAPV2: - sv2l = strval2IA5strlen; - sv2s = strval2IA5str; -got_funcs: - + sv2l = strval2IA5strlen; + sv2s = strval2IA5str; + } + for ( iRDN = 0, len = 0; dn[ 0 ][ iRDN ]; iRDN++ ) { ber_len_t rdnl; LDAPRDN *rdn = dn[ 0 ][ iRDN ]; @@ -2813,7 +2952,6 @@ got_funcs: break; case LDAP_DN_FORMAT_UFN: { - /* * FIXME: quoting from RFC 1781: * @@ -2928,11 +3066,10 @@ got_funcs: #endif /* DC_IN_UFN */ rc = LDAP_SUCCESS; - break; - } - case LDAP_DN_FORMAT_DCE: + } break; + case LDAP_DN_FORMAT_DCE: for ( iRDN = 0, len = 0; dn[ 0 ][ iRDN ]; iRDN++ ) { ber_len_t rdnl; LDAPRDN *rdn = dn[ 0 ][ iRDN ]; @@ -2971,7 +3108,6 @@ got_funcs: break; case LDAP_DN_FORMAT_AD_CANONICAL: { - /* * Sort of UFN for DCE DNs: a slash ('/') separated * global->local DN with no types; strictly speaking, @@ -3053,8 +3189,7 @@ got_funcs: bv->bv_val[ bv->bv_len ] = '\0'; rc = LDAP_SUCCESS; - break; - } + } break; default: return LDAP_PARAM_ERROR; @@ -3062,6 +3197,7 @@ got_funcs: Debug( LDAP_DEBUG_TRACE, "<= ldap_dn2bv(%s,%u)=%d\n", bv->bv_val, flags, rc ); + return_results:; return( rc ); }