X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fdn.c;h=e898942501035a726be802284612330158e4ff05;hb=1adee08e8912c1f47c7b170fe62bebdd9797921f;hp=98eeebc41761f8308d833ce16ac6a08a83cdb23f;hpb=a4e3706e1f1c49ee8a461ee4433fb0f4d7ee1bfb;p=openldap diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c index 98eeebc417..e898942501 100644 --- a/servers/slapd/dn.c +++ b/servers/slapd/dn.c @@ -2,7 +2,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 1998-2008 The OpenLDAP Foundation. + * Copyright 1998-2010 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -220,10 +220,7 @@ rdnValidate( /* * AVA sorting inside a RDN * - * rule: sort attributeTypes in alphabetical order; in case of multiple - * occurrences of the same attributeType, sort values in byte order - * (use memcmp, which implies alphabetical order in case of IA5 value; - * this should guarantee the repeatability of the operation). + * Rule: sort attributeTypes in alphabetical order. * * Note: the sorting can be slightly improved by sorting first * by attribute type length, then by alphabetical order. @@ -250,21 +247,8 @@ AVA_Sort( LDAPRDN rdn, int nAVAs ) ava_j = rdn[ j ]; a = strcmp( ava_i->la_attr.bv_val, ava_j->la_attr.bv_val ); - if ( a == 0 ) { - int d; - - d = ava_i->la_value.bv_len - ava_j->la_value.bv_len; - - a = memcmp( ava_i->la_value.bv_val, - ava_j->la_value.bv_val, - d <= 0 ? ava_i->la_value.bv_len - : ava_j->la_value.bv_len ); - - if ( a == 0 ) { - a = d; - } - } - /* Duplicates are not allowed */ + /* RFC4512 does not allow multiple AVAs + * with the same attribute type in RDN (ITS#5968) */ if ( a == 0 ) return LDAP_INVALID_DN_SYNTAX; @@ -980,8 +964,8 @@ dnParent( /* one-level dn */ if ( p == NULL ) { - pdn->bv_len = 0; pdn->bv_val = dn->bv_val + dn->bv_len; + pdn->bv_len = 0; return; } @@ -1213,6 +1197,70 @@ dnIsSuffix( return( strcmp( dn->bv_val + d, suffix->bv_val ) == 0 ); } +/* + * In place; assumes: + * - ndn is normalized + * - nbase is normalized + * - dnIsSuffix( ndn, nbase ) == TRUE + * - LDAP_SCOPE_DEFAULT == LDAP_SCOPE_SUBTREE + */ +int +dnIsWithinScope( struct berval *ndn, struct berval *nbase, int scope ) +{ + assert( ndn != NULL ); + assert( nbase != NULL ); + assert( !BER_BVISNULL( ndn ) ); + assert( !BER_BVISNULL( nbase ) ); + + switch ( scope ) { + case LDAP_SCOPE_DEFAULT: + case LDAP_SCOPE_SUBTREE: + break; + + case LDAP_SCOPE_BASE: + if ( ndn->bv_len != nbase->bv_len ) { + return 0; + } + break; + + case LDAP_SCOPE_ONELEVEL: { + struct berval pndn; + dnParent( ndn, &pndn ); + if ( pndn.bv_len != nbase->bv_len ) { + return 0; + } + } break; + + case LDAP_SCOPE_SUBORDINATE: + if ( ndn->bv_len == nbase->bv_len ) { + return 0; + } + break; + + /* unknown scope */ + default: + return -1; + } + + return 1; +} + +/* + * In place; assumes: + * - ndn is normalized + * - nbase is normalized + * - LDAP_SCOPE_DEFAULT == LDAP_SCOPE_SUBTREE + */ +int +dnIsSuffixScope( struct berval *ndn, struct berval *nbase, int scope ) +{ + if ( !dnIsSuffix( ndn, nbase ) ) { + return 0; + } + + return dnIsWithinScope( ndn, nbase, scope ); +} + int dnIsOneLevelRDN( struct berval *rdn ) {