X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fad.c;h=34f8cb4f20402b88c3e2d66371f6095d902b590f;hb=60339c7f774099c3e497ad18efcd8304324c30c6;hp=569e995ccbc5f5ecbb7afd319c0fe74caa919f24;hpb=088eecc34d715e1762b257ca9b8b3736e804ec1f;p=openldap
diff --git a/servers/slapd/ad.c b/servers/slapd/ad.c
index 569e995ccb..34f8cb4f20 100644
--- a/servers/slapd/ad.c
+++ b/servers/slapd/ad.c
@@ -1,9 +1,18 @@
+/* ad.c - routines for dealing with attribute descriptions */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
*/
-/* ad.c - routines for dealing with attribute descriptions */
#include "portable.h"
@@ -15,10 +24,35 @@
#include
#include
-#include "ldap_pvt.h"
#include "slap.h"
#include "lutil.h"
+static AttributeName anlist_no_attrs[] = {
+ { BER_BVC( LDAP_NO_ATTRS ), NULL, 0, NULL },
+ { BER_BVNULL, NULL, 0, NULL }
+};
+
+static AttributeName anlist_all_user_attributes[] = {
+ { BER_BVC( LDAP_ALL_USER_ATTRIBUTES ), NULL, 0, NULL },
+ { BER_BVNULL, NULL, 0, NULL }
+};
+
+static AttributeName anlist_all_operational_attributes[] = {
+ { BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES ), NULL, 0, NULL },
+ { BER_BVNULL, NULL, 0, NULL }
+};
+
+static AttributeName anlist_all_attributes[] = {
+ { BER_BVC( LDAP_ALL_USER_ATTRIBUTES ), NULL, 0, NULL },
+ { BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES ), NULL, 0, NULL },
+ { BER_BVNULL, NULL, 0, NULL }
+};
+
+AttributeName *slap_anlist_no_attrs = anlist_no_attrs;
+AttributeName *slap_anlist_all_user_attributes = anlist_all_user_attributes;
+AttributeName *slap_anlist_all_operational_attributes = anlist_all_operational_attributes;
+AttributeName *slap_anlist_all_attributes = anlist_all_attributes;
+
typedef struct Attr_option {
struct berval name; /* option name or prefix */
int prefix; /* NAME is a tag and range prefix */
@@ -37,7 +71,7 @@ static int ad_keystring(
{
ber_len_t i;
- if( !AD_CHAR( bv->bv_val[0] ) ) {
+ if( !AD_LEADCHAR( bv->bv_val[0] ) ) {
return 1;
}
@@ -128,14 +162,14 @@ int slap_bv2ad(
assert( ad != NULL );
assert( *ad == NULL ); /* temporary */
- if( bv == NULL || bv->bv_len == 0 ) {
- *text = "empty attribute description";
+ if( bv == NULL || BER_BVISNULL( bv ) || BER_BVISEMPTY( bv ) ) {
+ *text = "empty AttributeDescription";
return rtn;
}
/* make sure description is IA5 */
if( ad_keystring( bv ) ) {
- *text = "attribute description contains inappropriate characters";
+ *text = "AttributeDescription contains inappropriate characters";
return rtn;
}
@@ -222,10 +256,10 @@ int slap_bv2ad(
} else if ( rc > 0 ||
( rc == 0 && (unsigned)optlen > tags[i].bv_len ))
{
- AC_MEMCPY( &tags[i+1], &tags[i],
- (ntags-i)*sizeof(struct berval) );
- tags[i].bv_val = opt;
- tags[i].bv_len = optlen;
+ AC_MEMCPY( &tags[i+2], &tags[i+1],
+ (ntags-i-1)*sizeof(struct berval) );
+ tags[i+1].bv_val = opt;
+ tags[i+1].bv_len = optlen;
goto done;
}
}
@@ -410,9 +444,6 @@ static int is_ad_subtags(
const char *subtags, *subp, *subdelimp;
int suplen, sublen;
- if( suptagsbv->bv_len == 0 ) return 1;
- if( subtagsbv->bv_len == 0 ) return 0;
-
subtags =subtagsbv->bv_val;
suptags =suptagsbv->bv_val;
@@ -445,9 +476,13 @@ int is_ad_subtype(
AttributeDescription *super
)
{
+ AttributeType *a;
int lr;
- if( !is_at_subtype( sub->ad_type, super->ad_type ) ) {
+ for ( a = sub->ad_type; a; a=a->sat_sup ) {
+ if ( a == super->ad_type ) break;
+ }
+ if( !a ) {
return 0;
}
@@ -458,11 +493,12 @@ int is_ad_subtype(
}
/* check for tagging options */
- if ( !is_ad_subtags( &sub->ad_tags, &super->ad_tags )) {
+ if ( super->ad_tags.bv_len == 0 )
+ return 1;
+ if ( sub->ad_tags.bv_len == 0 )
return 0;
- }
- return 1;
+ return is_ad_subtags( &sub->ad_tags, &super->ad_tags );
}
int ad_inlist(
@@ -472,46 +508,117 @@ int ad_inlist(
if (! attrs ) return 0;
for( ; attrs->an_name.bv_val; attrs++ ) {
+ AttributeType *a;
ObjectClass *oc;
int rc;
if ( attrs->an_desc ) {
+ int lr;
+
if ( desc == attrs->an_desc ) {
return 1;
}
/*
- * EXTENSION: if requested description is preceeded by an
+ * EXTENSION: if requested description is preceeded by
* a '-' character, do not match on subtypes.
*/
- if ( attrs->an_name.bv_val[0] != '-' &&
- is_ad_subtype( desc, attrs->an_desc ))
- {
+ if ( attrs->an_name.bv_val[0] == '-' ) {
+ continue;
+ }
+
+ /* Is this a subtype of the requested attr? */
+ for (a = desc->ad_type; a; a=a->sat_sup) {
+ if ( a == attrs->an_desc->ad_type )
+ break;
+ }
+ if ( !a ) {
+ continue;
+ }
+ /* Does desc support all the requested flags? */
+ lr = desc->ad_tags.bv_len ? SLAP_DESC_TAG_RANGE : 0;
+ if(( attrs->an_desc->ad_flags & (desc->ad_flags | lr))
+ != attrs->an_desc->ad_flags ) {
+ continue;
+ }
+ /* Do the descs have compatible tags? */
+ if ( attrs->an_desc->ad_tags.bv_len == 0 ) {
+ return 1;
+ }
+ if ( desc->ad_tags.bv_len == 0) {
+ continue;
+ }
+ if ( is_ad_subtags( &desc->ad_tags,
+ &attrs->an_desc->ad_tags ) ) {
return 1;
}
-
continue;
}
/*
- * EXTENSION: see if requested description is +objectClass
+ * EXTENSION: see if requested description is @objectClass
* if so, return attributes which the class requires/allows
+ * else if requested description is !objectClass, return
+ * attributes which the class does not require/allow
*/
oc = attrs->an_oc;
if( oc == NULL && attrs->an_name.bv_val ) {
switch( attrs->an_name.bv_val[0] ) {
- case '+': { /* new way */
+ case '@': /* @objectClass */
+ case '+': /* +objectClass (deprecated) */
+ case '!': { /* exclude */
struct berval ocname;
ocname.bv_len = attrs->an_name.bv_len - 1;
ocname.bv_val = &attrs->an_name.bv_val[1];
oc = oc_bvfind( &ocname );
+ attrs->an_oc_exclude = 0;
+ if ( oc && attrs->an_name.bv_val[0] == '!' ) {
+ attrs->an_oc_exclude = 1;
+ }
} break;
+
default: /* old (deprecated) way */
oc = oc_bvfind( &attrs->an_name );
}
attrs->an_oc = oc;
}
if( oc != NULL ) {
+ if ( attrs->an_oc_exclude ) {
+ int gotit = 0;
+
+ if ( oc == slap_schema.si_oc_extensibleObject ) {
+ /* extensibleObject allows the return of anything */
+ return 0;
+ }
+
+ if( oc->soc_required ) {
+ /* allow return of required attributes */
+ int i;
+
+ for ( i = 0; oc->soc_required[i] != NULL; i++ ) {
+ for (a = desc->ad_type; a; a=a->sat_sup) {
+ if ( a == oc->soc_required[i] ) {
+ return 0;
+ }
+ }
+ }
+ }
+
+ if( oc->soc_allowed ) {
+ /* allow return of allowed attributes */
+ int i;
+ for ( i = 0; oc->soc_allowed[i] != NULL; i++ ) {
+ for (a = desc->ad_type; a; a=a->sat_sup) {
+ if ( a == oc->soc_allowed[i] ) {
+ return 0;
+ }
+ }
+ }
+ }
+
+ return 1;
+ }
+
if ( oc == slap_schema.si_oc_extensibleObject ) {
/* extensibleObject allows the return of anything */
return 1;
@@ -520,10 +627,13 @@ int ad_inlist(
if( oc->soc_required ) {
/* allow return of required attributes */
int i;
+
for ( i = 0; oc->soc_required[i] != NULL; i++ ) {
- rc = is_at_subtype( desc->ad_type,
- oc->soc_required[i] );
- if( rc ) return 1;
+ for (a = desc->ad_type; a; a=a->sat_sup) {
+ if ( a == oc->soc_required[i] ) {
+ return 1;
+ }
+ }
}
}
@@ -531,9 +641,11 @@ int ad_inlist(
/* allow return of allowed attributes */
int i;
for ( i = 0; oc->soc_allowed[i] != NULL; i++ ) {
- rc = is_at_subtype( desc->ad_type,
- oc->soc_allowed[i] );
- if( rc ) return 1;
+ for (a = desc->ad_type; a; a=a->sat_sup) {
+ if ( a == oc->soc_allowed[i] ) {
+ return 1;
+ }
+ }
}
}
@@ -576,13 +688,13 @@ int slap_bv2undef_ad(
assert( ad != NULL );
if( bv == NULL || bv->bv_len == 0 ) {
- *text = "empty attribute description";
+ *text = "empty AttributeDescription";
return LDAP_UNDEFINED_TYPE;
}
/* make sure description is IA5 */
if( ad_keystring( bv ) ) {
- *text = "attribute description contains inappropriate characters";
+ *text = "AttributeDescription contains inappropriate characters";
return LDAP_UNDEFINED_TYPE;
}
@@ -644,15 +756,16 @@ an_find(
}
/*
- * Convert a delimited string into a list of AttributeNames;
- * add on to an existing list if it was given. If the string
- * is not a valid attribute name, if a '-' is prepended it is
- * skipped and the remaining name is tried again; if a '+' is
- * prepended, an objectclass name is searched instead.
+ * Convert a delimited string into a list of AttributeNames; add
+ * on to an existing list if it was given. If the string is not
+ * a valid attribute name, if a '-' is prepended it is skipped
+ * and the remaining name is tried again; if a '@' (or '+') is
+ * prepended, an objectclass name is searched instead; if a '!'
+ * is prepended, the objectclass name is negated.
*
- * NOTE: currently, if a valid attribute name is not found,
- * the same string is also checked as valid objectclass name;
- * however, this behavior is deprecated.
+ * NOTE: currently, if a valid attribute name is not found, the
+ * same string is also checked as valid objectclass name; however,
+ * this behavior is deprecated.
*/
AttributeName *
str2anlist( AttributeName *an, char *in, const char *brkstr )
@@ -679,6 +792,7 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
}
an = ch_realloc( an, ( i + j + 1 ) * sizeof( AttributeName ) );
+ BER_BVZERO( &an[i + j].an_name );
anew = an + i;
for ( s = ldap_pvt_strtok( str, brkstr, &lasts );
s != NULL;
@@ -686,6 +800,7 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
{
anew->an_desc = NULL;
anew->an_oc = NULL;
+ anew->an_oc_exclude = 0;
ber_str2bv(s, 0, 1, &anew->an_name);
slap_bv2ad(&anew->an_name, &anew->an_desc, &text);
if ( !anew->an_desc ) {
@@ -696,29 +811,23 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
adname.bv_val = &anew->an_name.bv_val[1];
slap_bv2ad(&adname, &anew->an_desc, &text);
if ( !anew->an_desc ) {
- free( an );
- /*
- * overwrites input string
- * on error!
- */
- strcpy( in, s );
- return NULL;
+ goto reterr;
}
} break;
- case '+': {
+ case '@':
+ case '+': /* (deprecated) */
+ case '!': {
struct berval ocname;
ocname.bv_len = anew->an_name.bv_len - 1;
ocname.bv_val = &anew->an_name.bv_val[1];
anew->an_oc = oc_bvfind( &ocname );
if ( !anew->an_oc ) {
- free( an );
- /*
- * overwrites input string
- * on error!
- */
- strcpy( in, s );
- return NULL;
+ goto reterr;
+ }
+
+ if ( anew->an_name.bv_val[0] == '!' ) {
+ anew->an_oc_exclude = 1;
}
} break;
@@ -726,10 +835,7 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
/* old (deprecated) way */
anew->an_oc = oc_bvfind( &anew->an_name );
if ( !anew->an_oc ) {
- free( an );
- /* overwrites input string on error! */
- strcpy( in, s );
- return NULL;
+ goto reterr;
}
}
}
@@ -739,8 +845,187 @@ str2anlist( AttributeName *an, char *in, const char *brkstr )
anew->an_name.bv_val = NULL;
free( str );
return( an );
+
+reterr:
+ for ( i = 0; an[i].an_name.bv_val; i++ ) {
+ free( an[i].an_name.bv_val );
+ }
+ free( an );
+ /*
+ * overwrites input string
+ * on error!
+ */
+ strcpy( in, s );
+ free( str );
+ return NULL;
+}
+
+char **anlist2charray_x( AttributeName *an, int dup, void *ctx )
+{
+ char **attrs;
+ int i;
+
+ if ( an != NULL ) {
+ for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ )
+ ;
+ attrs = (char **) slap_sl_malloc( (i + 1) * sizeof(char *), ctx );
+ for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
+ if ( dup )
+ attrs[i] = ch_strdup( an[i].an_name.bv_val );
+ else
+ attrs[i] = an[i].an_name.bv_val;
+ }
+ attrs[i] = NULL;
+ } else {
+ attrs = NULL;
+ }
+
+ return attrs;
}
+char **anlist2charray( AttributeName *an, int dup )
+{
+ return anlist2charray_x( an, dup, NULL );
+}
+
+char**
+anlist2attrs( AttributeName * anlist )
+{
+ int i, j, k = 0;
+ int n;
+ char **attrs;
+ ObjectClass *oc;
+
+ attrs = anlist2charray( anlist, 1 );
+
+ for ( i = 0; anlist[i].an_name.bv_val; i++ ) {
+ if ( ( oc = anlist[i].an_oc ) ) {
+ for ( j = 0; oc->soc_required && oc->soc_required[j]; j++ ) ;
+ k += j;
+ for ( j = 0; oc->soc_allowed && oc->soc_allowed[j]; j++ ) ;
+ k += j;
+ }
+ }
+
+ if ( i == 0 )
+ return NULL;
+
+ n = i;
+
+ if ( k )
+ attrs = (char **) ch_realloc( attrs, (i + k + 1) * sizeof( char * ));
+
+ for ( i = 0; anlist[i].an_name.bv_val; i++ ) {
+ if ( ( oc = anlist[i].an_oc ) ) {
+ for ( j = 0; oc->soc_required && oc->soc_required[j]; j++ ) {
+ attrs[n++] = ch_strdup(
+ oc->soc_required[j]->sat_cname.bv_val );
+ }
+ for ( j = 0; oc->soc_allowed && oc->soc_allowed[j]; j++ ) {
+ attrs[n++] = ch_strdup(
+ oc->soc_allowed[j]->sat_cname.bv_val );
+ }
+ }
+ }
+
+ if ( attrs )
+ attrs[n] = NULL;
+
+ i = 0;
+ while ( attrs && attrs[i] ) {
+ if ( *attrs[i] == '@' ) {
+ for ( j = i; attrs[j]; j++ ) {
+ if ( j == i )
+ ch_free( attrs[i] );
+ attrs[j] = attrs[j+1];
+ }
+ } else {
+ i++;
+ }
+ }
+
+ for ( i = 0; attrs && attrs[i]; i++ ) {
+ j = i + 1;
+ while ( attrs && attrs[j] ) {
+ if ( !strcmp( attrs[i], attrs[j] )) {
+ for ( k = j; attrs && attrs[k]; k++ ) {
+ if ( k == j )
+ ch_free( attrs[j] );
+ attrs[k] = attrs[k+1];
+ }
+ } else {
+ j++;
+ }
+ }
+ }
+
+ if ( i != n )
+ attrs = (char **) ch_realloc( attrs, (i+1) * sizeof( char * ));
+
+ return attrs;
+}
+
+#define LBUFSIZ 80
+AttributeName*
+file2anlist( AttributeName *an, const char *fname, const char *brkstr )
+{
+ FILE *fp;
+ char *line = NULL;
+ char *lcur = NULL;
+ char *c;
+ size_t lmax = LBUFSIZ;
+
+ fp = fopen( fname, "r" );
+ if ( fp == NULL ) {
+ Debug( LDAP_DEBUG_ANY,
+ "get_attrs_from_file: failed to open attribute list file "
+ "\"%s\": %s\n", fname, strerror(errno), 0 );
+ return NULL;
+ }
+
+ lcur = line = (char *) ch_malloc( lmax );
+ if ( !line ) {
+ Debug( LDAP_DEBUG_ANY,
+ "get_attrs_from_file: could not allocate memory\n",
+ 0, 0, 0 );
+ fclose(fp);
+ return NULL;
+ }
+
+ while ( fgets( lcur, LBUFSIZ, fp ) != NULL ) {
+ char *str, *s, *next;
+ const char *delimstr = brkstr;
+ if ( ( c = strchr( lcur, '\n' ) ) ) {
+ if ( c == line ) {
+ *c = '\0';
+ } else if ( *(c-1) == '\r' ) {
+ *(c-1) = '\0';
+ } else {
+ *c = '\0';
+ }
+ } else {
+ lmax += LBUFSIZ;
+ line = (char *) ch_realloc( line, lmax );
+ if ( !line ) {
+ Debug( LDAP_DEBUG_ANY,
+ "get_attrs_from_file: could not allocate memory\n",
+ 0, 0, 0 );
+ fclose(fp);
+ return NULL;
+ }
+ lcur = line + strlen( line );
+ continue;
+ }
+ an = str2anlist( an, line, brkstr );
+ if ( an == NULL )
+ return NULL;
+ lcur = line;
+ }
+ ch_free( line );
+ fclose(fp);
+ return an;
+}
+#undef LBUFSIZ
/* Define an attribute option. */
int
@@ -759,15 +1044,9 @@ ad_define_option( const char *name, const char *fname, int lineno )
optlen = 0;
do {
if ( !DESC_CHAR( name[optlen] ) ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: illegal option name \"%s\"\n",
- fname, lineno, name );
-#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: illegal option name \"%s\"\n",
fname, lineno, name );
-#endif
return 1;
}
} while ( name[++optlen] );
@@ -777,15 +1056,9 @@ ad_define_option( const char *name, const char *fname, int lineno )
if ( strcasecmp( name, "binary" ) == 0
|| ad_find_option_definition( name, optlen ) ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: option \"%s\" is already defined\n",
- fname, lineno, name );
-#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: option \"%s\" is already defined\n",
fname, lineno, name );
-#endif
return 1;
}
@@ -803,15 +1076,9 @@ ad_define_option( const char *name, const char *fname, int lineno )
options[i].prefix &&
optlen < options[i+1].name.bv_len &&
strncasecmp( name, options[i+1].name.bv_val, optlen ) == 0 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: option \"%s\" overrides previous option\n",
- fname, lineno, name );
-#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: option \"%s\" overrides previous option\n",
fname, lineno, name );
-#endif
return 1;
}