X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fad.c;h=2a083cf0070b913535b47d0939b17b2bb2485892;hb=b3c3d89140dadff2de0bf987d48b1dfe77035811;hp=c690d2efdbd33f4b4501dbcdb3b474558e0503bc;hpb=04e499e28c5e5e17de82bac1a73198aa11ad134f;p=openldap
diff --git a/servers/slapd/ad.c b/servers/slapd/ad.c
index c690d2efdb..2a083cf007 100644
--- a/servers/slapd/ad.c
+++ b/servers/slapd/ad.c
@@ -2,7 +2,7 @@
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software .
*
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2012 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -27,6 +27,10 @@
#include "slap.h"
#include "lutil.h"
+static struct berval bv_no_attrs = BER_BVC( LDAP_NO_ATTRS );
+static struct berval bv_all_user_attrs = BER_BVC( "*" );
+static struct berval bv_all_operational_attrs = BER_BVC( "+" );
+
static AttributeName anlist_no_attrs[] = {
{ BER_BVC( LDAP_NO_ATTRS ), NULL, 0, NULL },
{ BER_BVNULL, NULL, 0, NULL }
@@ -53,20 +57,28 @@ AttributeName *slap_anlist_all_user_attributes = anlist_all_user_attributes;
AttributeName *slap_anlist_all_operational_attributes = anlist_all_operational_attributes;
AttributeName *slap_anlist_all_attributes = anlist_all_attributes;
+struct berval * slap_bv_no_attrs = &bv_no_attrs;
+struct berval * slap_bv_all_user_attrs = &bv_all_user_attrs;
+struct berval * slap_bv_all_operational_attrs = &bv_all_operational_attrs;
+
typedef struct Attr_option {
struct berval name; /* option name or prefix */
int prefix; /* NAME is a tag and range prefix */
} Attr_option;
-static Attr_option lang_option = { { sizeof("lang-")-1, "lang-" }, 1 };
+static Attr_option lang_option = { BER_BVC("lang-"), 1 };
/* Options sorted by name, and number of options */
static Attr_option *options = &lang_option;
static int option_count = 1;
+static int msad_range_hack = 0;
+
+static int ad_count;
+
static Attr_option *ad_find_option_definition( const char *opt, int optlen );
-static int ad_keystring(
+int ad_keystring(
struct berval *bv )
{
ber_len_t i;
@@ -76,7 +88,9 @@ static int ad_keystring(
}
for( i=1; ibv_len; i++ ) {
- if( !AD_CHAR( bv->bv_val[i] ) ) {
+ if( !AD_CHAR( bv->bv_val[i] )) {
+ if ( msad_range_hack && bv->bv_val[i] == '=' )
+ continue;
return 1;
}
}
@@ -124,20 +138,21 @@ int slap_str2ad(
}
static char *strchrlen(
- const char *p,
+ const char *beg,
+ const char *end,
const char ch,
int *len )
{
- int i;
+ const char *p;
- for( i=0; p[i]; i++ ) {
- if( p[i] == ch ) {
- *len = i;
- return (char *) &p[i];
+ for( p=beg; *p && p < end; p++ ) {
+ if( *p == ch ) {
+ *len = p - beg;
+ return (char *) p;
}
}
- *len = i;
+ *len = p - beg;
return NULL;
}
@@ -148,7 +163,7 @@ int slap_bv2ad(
{
int rtn = LDAP_UNDEFINED_TYPE;
AttributeDescription desc, *d2;
- char *name, *options;
+ char *name, *options, *optn;
char *opt, *next;
int ntags;
int tagslen;
@@ -174,12 +189,16 @@ int slap_bv2ad(
}
/* find valid base attribute type; parse in place */
- memset( &desc, 0, sizeof( desc ));
desc.ad_cname = *bv;
+ desc.ad_flags = 0;
+ BER_BVZERO( &desc.ad_tags );
name = bv->bv_val;
- options = strchr(name, ';');
- if( options != NULL ) {
+ options = ber_bvchr( bv, ';' );
+ if ( options != NULL && (unsigned) ( options - name ) < bv->bv_len ) {
+ /* don't go past the end of the berval! */
desc.ad_cname.bv_len = options - name;
+ } else {
+ options = NULL;
}
desc.ad_type = at_bvfind( &desc.ad_cname );
if( desc.ad_type == NULL ) {
@@ -196,20 +215,20 @@ int slap_bv2ad(
* parse options in place
*/
ntags = 0;
- memset( tags, 0, sizeof( tags ));
tagslen = 0;
+ optn = bv->bv_val + bv->bv_len;
for( opt=options; opt != NULL; opt=next ) {
int optlen;
opt++;
- next = strchrlen( opt, ';', &optlen );
+ next = strchrlen( opt, optn, ';', &optlen );
if( optlen == 0 ) {
*text = "zero length option is invalid";
return rtn;
- } else if ( optlen == sizeof("binary")-1 &&
- strncasecmp( opt, "binary", sizeof("binary")-1 ) == 0 )
+ } else if ( optlen == STRLENOF("binary") &&
+ strncasecmp( opt, "binary", STRLENOF("binary") ) == 0 )
{
/* binary option */
if( slap_ad_is_binary( &desc ) ) {
@@ -229,7 +248,8 @@ int slap_bv2ad(
} else if ( ad_find_option_definition( opt, optlen ) ) {
int i;
- if( opt[optlen-1] == '-' ) {
+ if( opt[optlen-1] == '-' ||
+ ( opt[optlen-1] == '=' && msad_range_hack )) {
desc.ad_flags |= SLAP_DESC_TAG_RANGE;
}
@@ -247,7 +267,7 @@ int slap_bv2ad(
rc = strncasecmp( opt, tags[i].bv_val,
(unsigned) optlen < tags[i].bv_len
- ? optlen : tags[i].bv_len );
+ ? (unsigned) optlen : tags[i].bv_len );
if( rc == 0 && (unsigned)optlen == tags[i].bv_len ) {
/* duplicate (ignore) */
@@ -351,10 +371,10 @@ done:;
if (desc.ad_tags.bv_len || desc.ad_flags != SLAP_DESC_NONE) {
dlen = desc.ad_type->sat_cname.bv_len + 1;
if (desc.ad_tags.bv_len) {
- dlen += 1+desc.ad_tags.bv_len;
+ dlen += 1 + desc.ad_tags.bv_len;
}
- if( slap_ad_is_binary( &desc ) ) {
- dlen += sizeof(";binary")+desc.ad_tags.bv_len;
+ if ( slap_ad_is_binary( &desc ) ) {
+ dlen += 1 + STRLENOF(";binary") + desc.ad_tags.bv_len;
}
}
@@ -364,6 +384,9 @@ done:;
d2->ad_flags = desc.ad_flags;
d2->ad_cname.bv_len = desc.ad_type->sat_cname.bv_len;
d2->ad_tags.bv_len = desc.ad_tags.bv_len;
+ ldap_pvt_thread_mutex_lock( &ad_index_mutex );
+ d2->ad_index = ++ad_count;
+ ldap_pvt_thread_mutex_unlock( &ad_index_mutex );
if (dlen == 0) {
d2->ad_cname.bv_val = d2->ad_type->sat_cname.bv_val;
@@ -379,13 +402,13 @@ done:;
lp = NULL;
if( desc.ad_tags.bv_len ) {
lp = desc.ad_tags.bv_val;
- while( strncasecmp(lp, "binary", sizeof("binary")-1) < 0
+ while( strncasecmp(lp, "binary", STRLENOF("binary")) < 0
&& (lp = strchr( lp, ';' )) != NULL )
++lp;
if( lp != desc.ad_tags.bv_val ) {
*cp++ = ';';
j = (lp
- ? lp - desc.ad_tags.bv_val - 1
+ ? (unsigned) (lp - desc.ad_tags.bv_val - 1)
: strlen( desc.ad_tags.bv_val ));
cp = lutil_strncopy(cp, desc.ad_tags.bv_val, j);
}
@@ -440,19 +463,21 @@ static int is_ad_subtags(
struct berval *subtagsbv,
struct berval *suptagsbv )
{
- const char *suptags, *supp, *supdelimp;
- const char *subtags, *subp, *subdelimp;
+ const char *suptags, *supp, *supdelimp, *supn;
+ const char *subtags, *subp, *subdelimp, *subn;
int suplen, sublen;
subtags =subtagsbv->bv_val;
suptags =suptagsbv->bv_val;
+ subn = subtags + subtagsbv->bv_len;
+ supn = suptags + suptagsbv->bv_len;
for( supp=suptags ; supp; supp=supdelimp ) {
- supdelimp = strchrlen( supp, ';', &suplen );
+ supdelimp = strchrlen( supp, supn, ';', &suplen );
if( supdelimp ) supdelimp++;
for( subp=subtags ; subp; subp=subdelimp ) {
- subdelimp = strchrlen( subp, ';', &sublen );
+ subdelimp = strchrlen( subp, subn, ';', &sublen );
if( subdelimp ) subdelimp++;
if ( suplen > sublen
@@ -554,35 +579,53 @@ int ad_inlist(
continue;
}
+ if ( ber_bvccmp( &attrs->an_name, '*' ) ) {
+ if ( !is_at_operational( desc->ad_type ) ) {
+ return 1;
+ }
+ continue;
+ }
+
+ if ( ber_bvccmp( &attrs->an_name, '+' ) ) {
+ if ( is_at_operational( desc->ad_type ) ) {
+ return 1;
+ }
+ continue;
+ }
+
/*
* EXTENSION: see if requested description is @objectClass
* if so, return attributes which the class requires/allows
* else if requested description is !objectClass, return
* attributes which the class does not require/allow
*/
- oc = attrs->an_oc;
- if( oc == NULL && attrs->an_name.bv_val ) {
- switch( attrs->an_name.bv_val[0] ) {
- case '@': /* @objectClass */
- case '+': /* +objectClass (deprecated) */
- case '!': { /* exclude */
- struct berval ocname;
- ocname.bv_len = attrs->an_name.bv_len - 1;
- ocname.bv_val = &attrs->an_name.bv_val[1];
- oc = oc_bvfind( &ocname );
- attrs->an_oc_exclude = 0;
- if ( oc && attrs->an_name.bv_val[0] == '!' ) {
- attrs->an_oc_exclude = 1;
- }
- } break;
+ if ( !( attrs->an_flags & SLAP_AN_OCINITED )) {
+ if( attrs->an_name.bv_val ) {
+ switch( attrs->an_name.bv_val[0] ) {
+ case '@': /* @objectClass */
+ case '+': /* +objectClass (deprecated) */
+ case '!': { /* exclude */
+ struct berval ocname;
+ ocname.bv_len = attrs->an_name.bv_len - 1;
+ ocname.bv_val = &attrs->an_name.bv_val[1];
+ oc = oc_bvfind( &ocname );
+ if ( oc && attrs->an_name.bv_val[0] == '!' ) {
+ attrs->an_flags |= SLAP_AN_OCEXCLUDE;
+ } else {
+ attrs->an_flags &= ~SLAP_AN_OCEXCLUDE;
+ }
+ } break;
- default: /* old (deprecated) way */
- oc = oc_bvfind( &attrs->an_name );
+ default: /* old (deprecated) way */
+ oc = oc_bvfind( &attrs->an_name );
+ }
+ attrs->an_oc = oc;
}
- attrs->an_oc = oc;
+ attrs->an_flags |= SLAP_AN_OCINITED;
}
+ oc = attrs->an_oc;
if( oc != NULL ) {
- if ( attrs->an_oc_exclude ) {
+ if ( attrs->an_flags & SLAP_AN_OCEXCLUDE ) {
if ( oc == slap_schema.si_oc_extensibleObject ) {
/* extensibleObject allows the return of anything */
return 0;
@@ -647,15 +690,12 @@ int ad_inlist(
}
} else {
- /* short-circuit this search next time around */
- if (!slap_schema.si_at_undefined->sat_ad) {
- const char *text;
- slap_bv2undef_ad(&attrs->an_name,
- &attrs->an_desc, &text);
- } else {
- attrs->an_desc =
- slap_schema.si_at_undefined->sat_ad;
- }
+ const char *text;
+
+ /* give it a chance of being retrieved by a proxy... */
+ (void)slap_bv2undef_ad( &attrs->an_name,
+ &attrs->an_desc, &text,
+ SLAP_AD_PROXIED|SLAP_AD_NOINSERT );
}
}
@@ -666,21 +706,24 @@ int ad_inlist(
int slap_str2undef_ad(
const char *str,
AttributeDescription **ad,
- const char **text )
+ const char **text,
+ unsigned flags )
{
struct berval bv;
bv.bv_val = (char *) str;
bv.bv_len = strlen( str );
- return slap_bv2undef_ad( &bv, ad, text );
+ return slap_bv2undef_ad( &bv, ad, text, flags );
}
int slap_bv2undef_ad(
struct berval *bv,
AttributeDescription **ad,
- const char **text )
+ const char **text,
+ unsigned flags )
{
AttributeDescription *desc;
+ AttributeType *at;
assert( ad != NULL );
@@ -695,23 +738,33 @@ int slap_bv2undef_ad(
return LDAP_UNDEFINED_TYPE;
}
- for( desc = slap_schema.si_at_undefined->sat_ad; desc;
- desc=desc->ad_next )
- {
+ /* use the appropriate type */
+ if ( flags & SLAP_AD_PROXIED ) {
+ at = slap_schema.si_at_proxied;
+
+ } else {
+ at = slap_schema.si_at_undefined;
+ }
+
+ for( desc = at->sat_ad; desc; desc=desc->ad_next ) {
if( desc->ad_cname.bv_len == bv->bv_len &&
- !strcasecmp( desc->ad_cname.bv_val, bv->bv_val ))
+ !strcasecmp( desc->ad_cname.bv_val, bv->bv_val ) )
{
break;
}
}
-
+
if( !desc ) {
+ if ( flags & SLAP_AD_NOINSERT ) {
+ *text = NULL;
+ return LDAP_UNDEFINED_TYPE;
+ }
+
desc = ch_malloc(sizeof(AttributeDescription) + 1 +
bv->bv_len);
desc->ad_flags = SLAP_DESC_NONE;
- desc->ad_tags.bv_val = NULL;
- desc->ad_tags.bv_len = 0;
+ BER_BVZERO( &desc->ad_tags );
desc->ad_cname.bv_len = bv->bv_len;
desc->ad_cname.bv_val = (char *)(desc+1);
@@ -720,9 +773,18 @@ int slap_bv2undef_ad(
/* canonical to upper case */
ldap_pvt_str2upper( desc->ad_cname.bv_val );
- desc->ad_type = slap_schema.si_at_undefined;
+ /* shouldn't we protect this for concurrency? */
+ desc->ad_type = at;
+ desc->ad_index = 0;
+ ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
desc->ad_next = desc->ad_type->sat_ad;
desc->ad_type->sat_ad = desc;
+ ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
+
+ Debug( LDAP_DEBUG_ANY,
+ "%s attributeDescription \"%s\" inserted.\n",
+ ( flags & SLAP_AD_PROXIED ) ? "PROXIED" : "UNKNOWN",
+ desc->ad_cname.bv_val, 0 );
}
if( !*ad ) {
@@ -734,6 +796,83 @@ int slap_bv2undef_ad(
return LDAP_SUCCESS;
}
+AttributeDescription *
+slap_bv2tmp_ad(
+ struct berval *bv,
+ void *memctx )
+{
+ AttributeDescription *ad =
+ slap_sl_mfuncs.bmf_malloc( sizeof(AttributeDescription) +
+ bv->bv_len + 1, memctx );
+
+ ad->ad_cname.bv_val = (char *)(ad+1);
+ strncpy( ad->ad_cname.bv_val, bv->bv_val, bv->bv_len+1 );
+ ad->ad_cname.bv_len = bv->bv_len;
+ ad->ad_flags = SLAP_DESC_TEMPORARY;
+ ad->ad_type = slap_schema.si_at_undefined;
+
+ return ad;
+}
+
+static int
+undef_promote(
+ AttributeType *at,
+ char *name,
+ AttributeType *nat )
+{
+ AttributeDescription **u_ad, **n_ad;
+
+ /* Get to last ad on the new type */
+ for ( n_ad = &nat->sat_ad; *n_ad; n_ad = &(*n_ad)->ad_next ) ;
+
+ for ( u_ad = &at->sat_ad; *u_ad; ) {
+ struct berval bv;
+
+ ber_str2bv( name, 0, 0, &bv );
+
+ /* remove iff undef == name or undef == name;tag */
+ if ( (*u_ad)->ad_cname.bv_len >= bv.bv_len
+ && strncasecmp( (*u_ad)->ad_cname.bv_val, bv.bv_val, bv.bv_len ) == 0
+ && ( (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == '\0'
+ || (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == ';' ) )
+ {
+ AttributeDescription *tmp = *u_ad;
+
+ *u_ad = (*u_ad)->ad_next;
+
+ tmp->ad_type = nat;
+ tmp->ad_next = NULL;
+ /* ad_cname was contiguous, no leak here */
+ tmp->ad_cname = nat->sat_cname;
+ *n_ad = tmp;
+ n_ad = &tmp->ad_next;
+ } else {
+ u_ad = &(*u_ad)->ad_next;
+ }
+ }
+
+ return 0;
+}
+
+int
+slap_ad_undef_promote(
+ char *name,
+ AttributeType *at )
+{
+ int rc;
+
+ ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
+
+ rc = undef_promote( slap_schema.si_at_undefined, name, at );
+ if ( rc == 0 ) {
+ rc = undef_promote( slap_schema.si_at_proxied, name, at );
+ }
+
+ ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
+
+ return rc;
+}
+
int
an_find(
AttributeName *a,
@@ -775,13 +914,17 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
AttributeName *anew;
/* find last element in list */
- for (i = 0; an && an[i].an_name.bv_val; i++);
+ i = 0;
+ if ( an != NULL ) {
+ for ( i = 0; !BER_BVISNULL( &an[ i ].an_name ) ; i++)
+ ;
+ }
/* protect the input string from strtok */
str = ch_strdup( in );
/* Count words in string */
- j=1;
+ j = 1;
for ( s = str; *s; s++ ) {
if ( strchr( brkstr, *s ) != NULL ) {
j++;
@@ -789,15 +932,17 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
}
an = ch_realloc( an, ( i + j + 1 ) * sizeof( AttributeName ) );
- BER_BVZERO( &an[i + j].an_name );
anew = an + i;
for ( s = ldap_pvt_strtok( str, brkstr, &lasts );
s != NULL;
s = ldap_pvt_strtok( NULL, brkstr, &lasts ) )
{
+ /* put a stop mark */
+ BER_BVZERO( &anew[1].an_name );
+
anew->an_desc = NULL;
anew->an_oc = NULL;
- anew->an_oc_exclude = 0;
+ anew->an_flags = 0;
ber_str2bv(s, 0, 1, &anew->an_name);
slap_bv2ad(&anew->an_name, &anew->an_desc, &text);
if ( !anew->an_desc ) {
@@ -824,7 +969,7 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
}
if ( anew->an_name.bv_val[0] == '!' ) {
- anew->an_oc_exclude = 1;
+ anew->an_flags |= SLAP_AN_OCEXCLUDE;
}
} break;
@@ -836,18 +981,17 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
}
}
}
+ anew->an_flags |= SLAP_AN_OCINITED;
anew++;
}
- anew->an_name.bv_val = NULL;
+ BER_BVZERO( &anew->an_name );
free( str );
return( an );
reterr:
- for ( i = 0; an[i].an_name.bv_val; i++ ) {
- free( an[i].an_name.bv_val );
- }
- free( an );
+ anlist_free( an, 1, NULL );
+
/*
* overwrites input string
* on error!
@@ -857,6 +1001,24 @@ reterr:
return NULL;
}
+void
+anlist_free( AttributeName *an, int freename, void *ctx )
+{
+ if ( an == NULL ) {
+ return;
+ }
+
+ if ( freename ) {
+ int i;
+
+ for ( i = 0; an[i].an_name.bv_val; i++ ) {
+ ber_memfree_x( an[i].an_name.bv_val, ctx );
+ }
+ }
+
+ ber_memfree_x( an, ctx );
+}
+
char **anlist2charray_x( AttributeName *an, int dup, void *ctx )
{
char **attrs;
@@ -893,8 +1055,9 @@ anlist2attrs( AttributeName * anlist )
char **attrs;
ObjectClass *oc;
- attrs = anlist2charray( anlist, 1 );
-
+ if ( anlist == NULL )
+ return NULL;
+
for ( i = 0; anlist[i].an_name.bv_val; i++ ) {
if ( ( oc = anlist[i].an_oc ) ) {
for ( j = 0; oc->soc_required && oc->soc_required[j]; j++ ) ;
@@ -907,6 +1070,8 @@ anlist2attrs( AttributeName * anlist )
if ( i == 0 )
return NULL;
+ attrs = anlist2charray( anlist, 1 );
+
n = i;
if ( k )
@@ -931,9 +1096,8 @@ anlist2attrs( AttributeName * anlist )
i = 0;
while ( attrs && attrs[i] ) {
if ( *attrs[i] == '@' ) {
+ ch_free( attrs[i] );
for ( j = i; attrs[j]; j++ ) {
- if ( j == i )
- ch_free( attrs[i] );
attrs[j] = attrs[j+1];
}
} else {
@@ -945,9 +1109,8 @@ anlist2attrs( AttributeName * anlist )
j = i + 1;
while ( attrs && attrs[j] ) {
if ( !strcmp( attrs[i], attrs[j] )) {
+ ch_free( attrs[j] );
for ( k = j; attrs && attrs[k]; k++ ) {
- if ( k == j )
- ch_free( attrs[j] );
attrs[k] = attrs[k+1];
}
} else {
@@ -1013,7 +1176,7 @@ file2anlist( AttributeName *an, const char *fname, const char *brkstr )
}
an = str2anlist( an, line, brkstr );
if ( an == NULL )
- return NULL;
+ break;
lcur = line;
}
ch_free( line );
@@ -1039,6 +1202,11 @@ ad_define_option( const char *name, const char *fname, int lineno )
optlen = 0;
do {
if ( !DESC_CHAR( name[optlen] ) ) {
+ /* allow trailing '=', same as '-' */
+ if ( name[optlen] == '=' && !name[optlen+1] ) {
+ msad_range_hack = 1;
+ continue;
+ }
Debug( LDAP_DEBUG_ANY,
"%s: line %d: illegal option name \"%s\"\n",
fname, lineno, name );
@@ -1065,7 +1233,8 @@ ad_define_option( const char *name, const char *fname, int lineno )
options[i].name.bv_val = ch_strdup( name );
options[i].name.bv_len = optlen;
- options[i].prefix = (name[optlen-1] == '-');
+ options[i].prefix = (name[optlen-1] == '-') ||
+ (name[optlen-1] == '=');
if ( i != option_count &&
options[i].prefix &&
@@ -1081,6 +1250,15 @@ ad_define_option( const char *name, const char *fname, int lineno )
return 0;
}
+void
+ad_unparse_options( BerVarray *res )
+{
+ int i;
+ for ( i = 0; i < option_count; i++ ) {
+ value_add_one( res, &options[i].name );
+ }
+}
+
/* Find the definition of the option name or prefix matching the arguments */
static Attr_option *
ad_find_option_definition( const char *opt, int optlen )