X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Ffilterentry.c;h=af513e29c565ca7035d0529a0ca3db57d1ab9c12;hb=62139b6ef3634529c6d1ff726c337e685ea38cf8;hp=7011299eb74d99e829a1f5e68f43a1b57614b65b;hpb=a2ba804e47bd501d2cc8378ba4eb28c8d3a3bf0a;p=openldap diff --git a/servers/slapd/filterentry.c b/servers/slapd/filterentry.c index 7011299eb7..af513e29c5 100644 --- a/servers/slapd/filterentry.c +++ b/servers/slapd/filterentry.c @@ -1,7 +1,7 @@ /* filterentry.c - apply a filter to an entry */ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -15,8 +15,6 @@ #include "slap.h" -#define SLAPD_EXT_FILTERS 1 - static int test_filter_and( Backend *be, Connection *conn, Operation *op, Entry *e, Filter *flist ); @@ -186,7 +184,6 @@ test_filter( } break; -#ifdef SLAPD_EXT_FILTERS case LDAP_FILTER_EXT: #ifdef NEW_LOGGING LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1, @@ -197,7 +194,6 @@ test_filter( rc = test_mra_filter( be, conn, op, e, f->f_mra ); break; -#endif default: #ifdef NEW_LOGGING @@ -229,44 +225,34 @@ static int test_mra_filter( Entry *e, MatchingRuleAssertion *mra ) { - int i; Attribute *a; if( !access_allowed( be, conn, op, e, - mra->ma_desc, mra->ma_value, ACL_SEARCH ) ) + mra->ma_desc, &mra->ma_value, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; } - if( strcmp(mra->ma_rule->smr_syntax->ssyn_oid, - mra->ma_desc->ad_type->sat_syntax->ssyn_oid) != 0) - { - return LDAP_INVALID_SYNTAX; - } - - if( mra->ma_rule == NULL ) - { - return LDAP_INAPPROPRIATE_MATCHING; - } - for(a = attrs_find( e->e_attrs, mra->ma_desc ); a != NULL; a = attrs_find( a->a_next, mra->ma_desc ) ) { - for ( i = 0; a->a_vals[i] != NULL; i++ ) { + struct berval *bv; + for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) { int ret; int rc; const char *text; - rc = value_match( &ret, a->a_desc, mra->ma_rule, 0, - a->a_vals[i], mra->ma_value, + rc = value_match( &ret, a->a_desc, mra->ma_rule, + SLAP_MR_ASSERTION_SYNTAX_MATCH, + bv, &mra->ma_value, &text ); if( rc != LDAP_SUCCESS ) { return rc; } - if ( ret ) { + if ( ret == 0 ) { return LDAP_COMPARE_TRUE; } } @@ -285,11 +271,10 @@ test_ava_filter( int type ) { - int i; Attribute *a; if ( !access_allowed( be, conn, op, e, - ava->aa_desc, ava->aa_value, ACL_SEARCH ) ) + ava->aa_desc, &ava->aa_value, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; } @@ -299,6 +284,7 @@ test_ava_filter( a = attrs_find( a->a_next, ava->aa_desc ) ) { MatchingRule *mr; + struct berval *bv; switch ( type ) { case LDAP_FILTER_APPROX: @@ -324,14 +310,14 @@ test_ava_filter( continue; } - for ( i = 0; a->a_vals[i] != NULL; i++ ) { + for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) { int ret; int rc; const char *text; - rc = value_match( &ret, a->a_desc, mr, 0, - a->a_vals[i], ava->aa_value, - &text ); + rc = value_match( &ret, a->a_desc, mr, + SLAP_MR_ASSERTION_SYNTAX_MATCH, + bv, &ava->aa_value, &text ); if( rc != LDAP_SUCCESS ) { return rc; @@ -373,7 +359,7 @@ test_presence_filter( AttributeDescription *desc ) { - if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_SEARCH ) ) + if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; } @@ -494,7 +480,7 @@ test_substrings_filter( if ( !access_allowed( be, conn, op, e, - f->f_sub_desc, NULL, ACL_SEARCH ) ) + f->f_sub_desc, NULL, ACL_SEARCH, NULL ) ) { return LDAP_INSUFFICIENT_ACCESS; } @@ -503,21 +489,21 @@ test_substrings_filter( a != NULL; a = attrs_find( a->a_next, f->f_sub_desc ) ) { - int i; MatchingRule *mr = a->a_desc->ad_type->sat_substr; + struct berval *bv; if( mr == NULL ) { continue; } - for ( i = 0; a->a_vals[i] != NULL; i++ ) { + for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) { int ret; int rc; const char *text; - rc = value_match( &ret, a->a_desc, mr, 0, - a->a_vals[i], f->f_sub, - &text ); + rc = value_match( &ret, a->a_desc, mr, + SLAP_MR_ASSERTION_SYNTAX_MATCH, + bv, f->f_sub, &text ); if( rc != LDAP_SUCCESS ) { return rc;