X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foc.c;h=b31defeaef19610d784a8d705591721c062bae33;hb=ee66a01b8c7dc0c1bd7838c0f6137fad03595ad1;hp=c2a5c510d55a5601fe51fd1326ee004b52fb3181;hpb=eb70b602ee13015d44d3ecbccb614fd07a0bf5bc;p=openldap
diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c
index c2a5c510d5..b31defeaef 100644
--- a/servers/slapd/oc.c
+++ b/servers/slapd/oc.c
@@ -1,8 +1,17 @@
/* oc.c - object class routines */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2004 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
*/
#include "portable.h"
@@ -17,21 +26,28 @@
#include "ldap_pvt.h"
int is_object_subclass(
- ObjectClass *sub,
- ObjectClass *sup )
+ ObjectClass *sup,
+ ObjectClass *sub )
{
int i;
+ if( sub == NULL || sup == NULL ) return 0;
+
+#if 0
+ Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n",
+ sup->soc_oid, sub->soc_oid, sup == sub );
+#endif
+
if( sup == sub ) {
return 1;
}
- if( sup->soc_sups == NULL ) {
+ if( sub->soc_sups == NULL ) {
return 0;
}
- for( i=0; sup->soc_sups[i] != NULL; i++ ) {
- if( is_object_subclass( sup->soc_sups[i], sup ) ) {
+ for( i=0; sub->soc_sups[i] != NULL; i++ ) {
+ if( is_object_subclass( sup, sub->soc_sups[i] ) ) {
return 1;
}
}
@@ -41,224 +57,114 @@ int is_object_subclass(
int is_entry_objectclass(
Entry* e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- ObjectClass *oc
-#else
- const char* oc
-#endif
-)
+ ObjectClass *oc,
+ int set_flags )
{
+ /*
+ * set_flags should only be true if oc is one of operational
+ * object classes which we support objectClass flags for
+ * (e.g., referral, alias, ...). See .
+ */
+
Attribute *attr;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- int i;
+ struct berval *bv;
AttributeDescription *objectClass = slap_schema.si_ad_objectClass;
+
assert(!( e == NULL || oc == NULL ));
-#else
- struct berval bv;
- static const char *objectClass = "objectclass";
- assert(!( e == NULL || oc == NULL || *oc == '\0' ));
-#endif
- if( e == NULL || oc == NULL
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- || *oc == '\0'
-#endif
- ) {
+ if( e == NULL || oc == NULL ) {
return 0;
}
+ if( set_flags && ( e->e_ocflags & SLAP_OC__END )) {
+ /* flags are set, use them */
+ return (e->e_ocflags & oc->soc_flags & SLAP_OC__MASK) != 0;
+ }
+
/*
* find objectClass attribute
*/
attr = attr_find(e->e_attrs, objectClass);
-
if( attr == NULL ) {
/* no objectClass attribute */
Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") "
"no objectClass attribute\n",
- e->e_dn == NULL ? "" : e->e_dn, oc, 0 );
+ e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid, 0 );
return 0;
}
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- for( i=0; attr->a_vals[i]; i++ ) {
- ObjectClass *objectClass = oc_find( attr->a_vals[i]->bv_val );
+ for( bv=attr->a_vals; bv->bv_val; bv++ ) {
+ ObjectClass *objectClass = oc_bvfind( bv );
- if( objectClass == oc ) {
+ if ( !set_flags && objectClass == oc ) {
return 1;
}
+
+ if ( objectClass != NULL ) {
+ e->e_ocflags |= objectClass->soc_flags;
+ }
}
- return 0;
-
-#else
- bv.bv_val = (char *) oc;
- bv.bv_len = strlen( bv.bv_val );
-
- if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
- /* entry is not of this objectclass */
- return 0;
- }
+ /* mark flags as set */
+ e->e_ocflags |= SLAP_OC__END;
- return 1;
-#endif
+ return (e->e_ocflags & oc->soc_flags & SLAP_OC__MASK) != 0;
}
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- /* these shouldn't be hardcoded */
-
-static char *oc_op_usermod_attrs[] = {
- /*
- * these are operational attributes which are
- * not defined as NO-USER_MODIFICATION and
- * which slapd supports modification of.
- *
- * Currently none.
- * Likely candidate, "OpenLDAPaci"
- */
- NULL
-};
-
-static char *oc_op_attrs[] = {
- /*
- * these are operational attributes
- * most could be user modifiable
- */
- "objectClasses",
- "attributeTypes",
- "matchingRules",
- "matchingRuleUse",
- "dITStructureRules",
- "dITContentRules",
- "nameForms",
- "ldapSyntaxes",
- "namingContexts",
- "supportedExtension",
- "supportedControl",
- "supportedSASLMechanisms",
- "supportedLDAPversion",
- "subschemaSubentry", /* NO USER MOD */
- NULL
-
-};
-
-/* this list should be extensible */
-static char *oc_op_no_usermod_attrs[] = {
- /*
- * Operational and 'no user modification' attributes
- * which are STORED in the directory server.
- */
-
- /* RFC2252, 3.2.1 */
- "creatorsName",
- "createTimestamp",
- "modifiersName",
- "modifyTimestamp",
-
- NULL
-};
-
-
-/*
- * check to see if attribute is 'operational' or not.
- */
-int
-oc_check_op_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_attrs, type )
- || charray_inlist( oc_op_usermod_attrs, type )
- || charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_usage != LDAP_SCHEMA_USER_APPLICATIONS;
-#endif
-}
-
-/*
- * check to see if attribute can be user modified or not.
- */
-int
-oc_check_op_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_usermod_attrs, type );
-#else
- /* not (yet) in schema */
- return 0;
-#endif
-}
-
-/*
- * check to see if attribute is 'no user modification' or not.
- */
-int
-oc_check_op_no_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_no_user_mod;
-#endif
-}
-#endif
-
-
struct oindexrec {
- char *oir_name;
+ struct berval oir_name;
ObjectClass *oir_oc;
};
static Avlnode *oc_index = NULL;
-static ObjectClass *oc_list = NULL;
+static LDAP_SLIST_HEAD(OCList, slap_object_class) oc_list
+ = LDAP_SLIST_HEAD_INITIALIZER(&oc_list);
static int
oc_index_cmp(
- struct oindexrec *oir1,
- struct oindexrec *oir2
-)
+ const void *v_oir1,
+ const void *v_oir2 )
{
- assert( oir1->oir_name );
- assert( oir1->oir_oc );
- assert( oir2->oir_name );
- assert( oir2->oir_oc );
-
- return (strcasecmp( oir1->oir_name, oir2->oir_name ));
+ const struct oindexrec *oir1 = v_oir1, *oir2 = v_oir2;
+ int i = oir1->oir_name.bv_len - oir2->oir_name.bv_len;
+ if (i) return i;
+ return strcasecmp( oir1->oir_name.bv_val, oir2->oir_name.bv_val );
}
static int
oc_index_name_cmp(
- char *name,
- struct oindexrec *oir
-)
+ const void *v_name,
+ const void *v_oir )
{
- assert( oir->oir_name );
- assert( oir->oir_oc );
-
- return (strcasecmp( name, oir->oir_name ));
+ const struct berval *name = v_name;
+ const struct oindexrec *oir = v_oir;
+ int i = name->bv_len - oir->oir_name.bv_len;
+ if (i) return i;
+ return strncasecmp( name->bv_val, oir->oir_name.bv_val, name->bv_len );
}
ObjectClass *
oc_find( const char *ocname )
+{
+ struct berval bv;
+
+ bv.bv_val = (char *)ocname;
+ bv.bv_len = strlen( ocname );
+
+ return( oc_bvfind( &bv ) );
+}
+
+ObjectClass *
+oc_bvfind( struct berval *ocname )
{
struct oindexrec *oir;
- oir = (struct oindexrec *) avl_find( oc_index, ocname,
- (AVL_CMP) oc_index_name_cmp );
+ oir = avl_find( oc_index, ocname, oc_index_name_cmp );
if ( oir != NULL ) {
- assert( oir->oir_name );
- assert( oir->oir_oc );
-
return( oir->oir_oc );
}
@@ -269,8 +175,8 @@ static int
oc_create_required(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ int *op,
+ const char **err )
{
char **attrs1;
AttributeType *sat;
@@ -285,6 +191,9 @@ oc_create_required(
*err = *attrs1;
return SLAP_SCHERR_ATTR_NOT_FOUND;
}
+
+ if( is_at_operational( sat )) (*op)++;
+
if ( at_find_in_list(sat, soc->soc_required) < 0) {
if ( at_append_to_list(sat, &soc->soc_required) ) {
*err = *attrs1;
@@ -308,8 +217,8 @@ static int
oc_create_allowed(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ int *op,
+ const char **err )
{
char **attrs1;
AttributeType *sat;
@@ -322,6 +231,9 @@ oc_create_allowed(
*err = *attrs1;
return SLAP_SCHERR_ATTR_NOT_FOUND;
}
+
+ if( is_at_operational( sat )) (*op)++;
+
if ( at_find_in_list(sat, soc->soc_required) < 0 &&
at_find_in_list(sat, soc->soc_allowed) < 0 ) {
if ( at_append_to_list(sat, &soc->soc_allowed) ) {
@@ -338,30 +250,30 @@ oc_create_allowed(
static int
oc_add_sups(
ObjectClass *soc,
- char **sups,
- const char **err
-)
+ char **sups,
+ int *op,
+ const char **err )
{
int code;
ObjectClass *soc1;
int nsups;
- char **sups1;
+ char **sups1;
int add_sups = 0;
if ( sups ) {
if ( !soc->soc_sups ) {
/* We are at the first recursive level */
add_sups = 1;
- nsups = 0;
+ nsups = 1;
sups1 = sups;
while ( *sups1 ) {
nsups++;
sups1++;
}
- nsups++;
soc->soc_sups = (ObjectClass **)ch_calloc(nsups,
sizeof(ObjectClass *));
}
+
nsups = 0;
sups1 = sups;
while ( *sups1 ) {
@@ -371,88 +283,117 @@ oc_add_sups(
return SLAP_SCHERR_CLASS_NOT_FOUND;
}
- if ( add_sups )
+ /* check object class usage
+ * abstract classes can only sup abstract classes
+ * structural classes can not sup auxiliary classes
+ * auxiliary classes can not sup structural classes
+ */
+ if( soc->soc_kind != soc1->soc_kind
+ && soc1->soc_kind != LDAP_SCHEMA_ABSTRACT )
+ {
+ *err = *sups1;
+ return SLAP_SCHERR_CLASS_BAD_SUP;
+ }
+
+ if( soc1->soc_obsolete && !soc->soc_obsolete ) {
+ *err = *sups1;
+ return SLAP_SCHERR_CLASS_BAD_SUP;
+ }
+
+ if( soc->soc_flags & SLAP_OC_OPERATIONAL ) (*op)++;
+
+ if ( add_sups ) {
soc->soc_sups[nsups] = soc1;
+ }
- code = oc_add_sups(soc,soc1->soc_sup_oids, err);
- if ( code )
- return code;
+ code = oc_add_sups( soc, soc1->soc_sup_oids, op, err );
+ if ( code ) return code;
- code = oc_create_required(soc,soc1->soc_at_oids_must,err);
- if ( code )
- return code;
- code = oc_create_allowed(soc,soc1->soc_at_oids_may,err);
- if ( code )
- return code;
+ code = oc_create_required( soc, soc1->soc_at_oids_must, op, err );
+ if ( code ) return code;
+
+ code = oc_create_allowed( soc, soc1->soc_at_oids_may, op, err );
+ if ( code ) return code;
nsups++;
sups1++;
}
}
+
return 0;
}
+void
+oc_destroy( void )
+{
+ ObjectClass *o;
+
+ avl_free(oc_index, ldap_memfree);
+ while( !LDAP_SLIST_EMPTY(&oc_list) ) {
+ o = LDAP_SLIST_FIRST(&oc_list);
+ LDAP_SLIST_REMOVE_HEAD(&oc_list, soc_next);
+
+ if (o->soc_sups) ldap_memfree(o->soc_sups);
+ if (o->soc_required) ldap_memfree(o->soc_required);
+ if (o->soc_allowed) ldap_memfree(o->soc_allowed);
+ ldap_objectclass_free((LDAPObjectClass *)o);
+ }
+}
+
static int
oc_insert(
ObjectClass *soc,
- const char **err
-)
+ const char **err )
{
- ObjectClass **ocp;
struct oindexrec *oir;
char **names;
- ocp = &oc_list;
- while ( *ocp != NULL ) {
- ocp = &(*ocp)->soc_next;
- }
- *ocp = soc;
+ LDAP_SLIST_NEXT( soc, soc_next ) = NULL;
+ LDAP_SLIST_INSERT_HEAD( &oc_list, soc, soc_next );
if ( soc->soc_oid ) {
oir = (struct oindexrec *)
ch_calloc( 1, sizeof(struct oindexrec) );
- oir->oir_name = soc->soc_oid;
+ oir->oir_name.bv_val = soc->soc_oid;
+ oir->oir_name.bv_len = strlen( soc->soc_oid );
oir->oir_oc = soc;
- assert( oir->oir_name );
+ assert( oir->oir_name.bv_val );
assert( oir->oir_oc );
if ( avl_insert( &oc_index, (caddr_t) oir,
- (AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) )
+ oc_index_cmp, avl_dup_error ) )
{
*err = soc->soc_oid;
- ldap_memfree(oir->oir_name);
ldap_memfree(oir);
- return SLAP_SCHERR_DUP_CLASS;
+ return SLAP_SCHERR_CLASS_DUP;
}
/* FIX: temporal consistency check */
- assert( oc_find(oir->oir_name) != NULL );
+ assert( oc_bvfind(&oir->oir_name) != NULL );
}
if ( (names = soc->soc_names) ) {
while ( *names ) {
oir = (struct oindexrec *)
ch_calloc( 1, sizeof(struct oindexrec) );
- oir->oir_name = ch_strdup(*names);
+ oir->oir_name.bv_val = *names;
+ oir->oir_name.bv_len = strlen( *names );
oir->oir_oc = soc;
- assert( oir->oir_name );
+ assert( oir->oir_name.bv_val );
assert( oir->oir_oc );
if ( avl_insert( &oc_index, (caddr_t) oir,
- (AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) )
+ oc_index_cmp, avl_dup_error ) )
{
*err = *names;
- ldap_memfree(oir->oir_name);
ldap_memfree(oir);
- return SLAP_SCHERR_DUP_CLASS;
+ return SLAP_SCHERR_CLASS_DUP;
}
/* FIX: temporal consistency check */
- assert( oc_find(oir->oir_name) != NULL );
+ assert( oc_bvfind(&oir->oir_name) != NULL );
names++;
}
@@ -463,85 +404,98 @@ oc_insert(
int
oc_add(
- LDAP_OBJECT_CLASS *oc,
- const char **err
-)
+ LDAPObjectClass *oc,
+ int user,
+ const char **err )
{
ObjectClass *soc;
int code;
+ int op = 0;
- soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
- memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS));
- if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 )
- return code;
- if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 )
- return code;
- if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 )
- return code;
- code = oc_insert(soc,err);
- return code;
-}
+ if ( oc->oc_names != NULL ) {
+ int i;
-#ifdef LDAP_DEBUG
+ for( i=0; oc->oc_names[i]; i++ ) {
+ if( !slap_valid_descr( oc->oc_names[i] ) ) {
+ return SLAP_SCHERR_BAD_DESCR;
+ }
+ }
+ }
-static void
-oc_print( ObjectClass *oc )
-{
- int i;
- const char *mid;
-
- printf( "objectclass %s\n", ldap_objectclass2name( &oc->soc_oclass ) );
- if ( oc->soc_required != NULL ) {
- mid = "\trequires ";
- for ( i = 0; oc->soc_required[i] != NULL; i++, mid = "," )
- printf( "%s%s", mid,
- ldap_attributetype2name( &oc->soc_required[i]->sat_atype ) );
- printf( "\n" );
+ if ( !OID_LEADCHAR( oc->oc_oid[0] )) {
+ /* Expand OID macros */
+ char *oid = oidm_find( oc->oc_oid );
+ if ( !oid ) {
+ *err = oc->oc_oid;
+ return SLAP_SCHERR_OIDM;
+ }
+ if ( oid != oc->oc_oid ) {
+ ldap_memfree( oc->oc_oid );
+ oc->oc_oid = oid;
+ }
}
- if ( oc->soc_allowed != NULL ) {
- mid = "\tallows ";
- for ( i = 0; oc->soc_allowed[i] != NULL; i++, mid = "," )
- printf( "%s%s", mid,
- ldap_attributetype2name( &oc->soc_allowed[i]->sat_atype ) );
- printf( "\n" );
+
+ soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
+ AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) );
+
+ if( oc->oc_names != NULL ) {
+ soc->soc_cname.bv_val = soc->soc_names[0];
+ } else {
+ soc->soc_cname.bv_val = soc->soc_oid;
+ }
+ soc->soc_cname.bv_len = strlen( soc->soc_cname.bv_val );
+
+ if( soc->soc_sup_oids == NULL &&
+ soc->soc_kind == LDAP_SCHEMA_STRUCTURAL )
+ {
+ /* structural object classes implicitly inherit from 'top' */
+ static char *top_oids[] = { SLAPD_TOP_OID, NULL };
+ code = oc_add_sups( soc, top_oids, &op, err );
+ } else {
+ code = oc_add_sups( soc, soc->soc_sup_oids, &op, err );
}
-}
-#endif
+ if ( code != 0 ) return code;
+ if( user && op ) return SLAP_SCHERR_CLASS_BAD_SUP;
+ code = oc_create_required( soc, soc->soc_at_oids_must, &op, err );
+ if ( code != 0 ) return code;
-#if defined( SLAPD_SCHEMA_DN )
+ code = oc_create_allowed( soc, soc->soc_at_oids_may, &op, err );
+ if ( code != 0 ) return code;
+
+ if( user && op ) return SLAP_SCHERR_CLASS_BAD_USAGE;
+
+ code = oc_insert(soc,err);
+ return code;
+}
int
oc_schema_info( Entry *e )
{
- struct berval val;
- struct berval *vals[2];
- ObjectClass *oc;
-
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *ad_objectClasses = slap_schema.si_ad_objectClasses;
-#else
- char *ad_objectClasses = "objectClasses";
-#endif
+ ObjectClass *oc;
+ struct berval val;
+ struct berval nval;
- vals[0] = &val;
- vals[1] = NULL;
+ LDAP_SLIST_FOREACH( oc, &oc_list, soc_next ) {
+ if( oc->soc_flags & SLAP_OC_HIDE ) continue;
- for ( oc = oc_list; oc; oc = oc->soc_next ) {
- val.bv_val = ldap_objectclass2str( &oc->soc_oclass );
- if ( val.bv_val == NULL ) {
+ if ( ldap_objectclass2bv( &oc->soc_oclass, &val ) == NULL ) {
return -1;
}
- val.bv_len = strlen( val.bv_val );
+
+ nval = oc->soc_cname;
+
#if 0
- Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s\n",
- (long) val.bv_len, val.bv_val, 0 );
+ Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s (%s)\n",
+ (long) val.bv_len, val.bv_val, nval.bv_val );
#endif
- attr_merge( e, ad_objectClasses, vals );
+
+ if( attr_merge_one( e, ad_objectClasses, &val, &nval ) ) {
+ return -1;
+ }
ldap_memfree( val.bv_val );
}
return 0;
}
-
-#endif