X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fmra.c;h=5276c546e6700f1ac32a1411c2e6fc67dd8b941b;hb=956f1d16aa522da6f6506d9c8fe9ce0d9867678a;hp=81db86ae7687473872714cc5460984a353f91f45;hpb=26b99bc35dd1616cb986890bfe3fb130ffb9a8a4;p=openldap diff --git a/servers/slapd/mra.c b/servers/slapd/mra.c index 81db86ae76..5276c546e6 100644 --- a/servers/slapd/mra.c +++ b/servers/slapd/mra.c @@ -14,7 +14,6 @@ #include "slap.h" - void mra_free( MatchingRuleAssertion *mra, @@ -53,8 +52,8 @@ get_mra( if( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf (\"{t\") failure\n" )); + LDAP_LOG( OPERATION, ERR, + "get_mra: ber_scanf (\"{t\") failure\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 ); #endif @@ -68,8 +67,8 @@ get_mra( rtag = ber_scanf( ber, "m", &ma->ma_rule_text ); if ( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf(\"o\") failure.\n" )); + LDAP_LOG( OPERATION, ERR, + "get_mra: ber_scanf(\"o\") failure.\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for mr\n", 0, 0, 0 ); #endif @@ -82,8 +81,8 @@ get_mra( rtag = ber_scanf( ber, "t", &tag ); if( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf (\"t\") failure\n" )); + LDAP_LOG( OPERATION, ERR, + "get_mra: ber_scanf (\"t\") failure\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 ); #endif @@ -98,8 +97,8 @@ get_mra( rtag = ber_scanf( ber, "m", &type ); if ( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf (\"o\") failure.\n" )); + LDAP_LOG( OPERATION, ERR, + "get_mra: ber_scanf (\"o\") failure.\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf for ad\n", 0, 0, 0 ); #endif @@ -111,8 +110,8 @@ get_mra( rtag = ber_scanf( ber, "t", &tag ); if( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf (\"t\") failure.\n" )); + LDAP_LOG( OPERATION, ERR, + "get_mra: ber_scanf (\"t\") failure.\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 ); #endif @@ -125,8 +124,8 @@ get_mra( if ( tag != LDAP_FILTER_EXT_VALUE ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf missing value\n" )); + LDAP_LOG( OPERATION, ERR, + "get_mra: ber_scanf missing value\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf missing value\n", 0, 0, 0 ); #endif @@ -140,8 +139,8 @@ get_mra( if( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf (\"o\") failure.\n" )); + LDAP_LOG( OPERATION, ERR, + "get_mra: ber_scanf (\"o\") failure.\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 ); #endif @@ -161,8 +160,7 @@ get_mra( if( rtag == LBER_ERROR ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "get_mra: ber_scanf failure\n")); + LDAP_LOG( OPERATION, ERR, "get_mra: ber_scanf failure\n", 0, 0, 0); #else Debug( LDAP_DEBUG_ANY, " get_mra ber_scanf\n", 0, 0, 0 ); #endif @@ -172,21 +170,12 @@ get_mra( return SLAPD_DISCONNECT; } - if( ma->ma_dnattrs ) { - *text = "matching with \":dn\" not supported"; - return LDAP_INAPPROPRIATE_MATCHING; - } - if( type.bv_val != NULL ) { rc = slap_bv2ad( &type, &ma->ma_desc, text ); if( rc != LDAP_SUCCESS ) { mra_free( ma, 1 ); return rc; } - - } else { - *text = "matching without attribute description rule not supported"; - return LDAP_INAPPROPRIATE_MATCHING; } if( ma->ma_rule_text.bv_val != NULL ) { @@ -198,36 +187,53 @@ get_mra( } } - if( ma->ma_desc != NULL && - ma->ma_desc->ad_type->sat_equality != NULL && - ma->ma_desc->ad_type->sat_equality->smr_usage & SLAP_MR_EXT ) - { - /* no matching rule was provided, use the attribute's - equality rule if it supports extensible matching. */ - ma->ma_rule = ma->ma_desc->ad_type->sat_equality; + if ( ma->ma_rule == NULL ) { + /* + * Need either type or rule ... + */ + if ( ma->ma_desc == NULL ) { + mra_free( ma, 1 ); + *text = "no matching rule or type"; + return LDAP_INAPPROPRIATE_MATCHING; + } - } else { - mra_free( ma, 1 ); - return LDAP_INAPPROPRIATE_MATCHING; - } + if ( ma->ma_desc->ad_type->sat_equality != NULL && + ma->ma_desc->ad_type->sat_equality->smr_usage & SLAP_MR_EXT ) + { + /* no matching rule was provided, use the attribute's + equality rule if it supports extensible matching. */ + ma->ma_rule = ma->ma_desc->ad_type->sat_equality; - /* check to see if the matching rule is appropriate for - the syntax of the attribute. This check will need - to be extended to support other kinds of extensible - matching rules */ - if( strcmp( ma->ma_rule->smr_syntax->ssyn_oid, - ma->ma_desc->ad_type->sat_syntax->ssyn_oid ) != 0 ) - { - mra_free( ma, 1 ); - return LDAP_INAPPROPRIATE_MATCHING; + } else { + *text = "no appropriate rule to use for type"; + mra_free( ma, 1 ); + return LDAP_INAPPROPRIATE_MATCHING; + } } - /* - * OK, if no matching rule, normalize for equality, otherwise - * normalize for the matching rule. - */ - rc = value_validate_normalize( ma->ma_desc, SLAP_MR_EQUALITY, - &value, &ma->ma_value, text ); + if ( ma->ma_desc != NULL ) { + if( !mr_usable_with_at( ma->ma_rule, ma->ma_desc->ad_type ) ) { + mra_free( ma, 1 ); + *text = "matching rule use with this attribute not appropriate"; + return LDAP_INAPPROPRIATE_MATCHING; + } + + /* + * OK, if no matching rule, normalize for equality, otherwise + * normalize for the matching rule. + */ + rc = value_validate_normalize( ma->ma_desc, SLAP_MR_EQUALITY, + &value, &ma->ma_value, text ); + } else { + /* + * Need to normalize, but how? + */ + rc = value_validate( ma->ma_rule, &value, text ); + if ( rc == LDAP_SUCCESS ) { + ber_dupbv( &ma->ma_value, &value ); + } + + } if( rc != LDAP_SUCCESS ) { mra_free( ma, 1 );