X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foverlays%2Frwmmap.c;h=95eec2f92229c7e92ca114740b7b5fca98773546;hb=8bdfd2edbb7a09f5bfe96b2bca043680f731237a;hp=c5c9142090add4b970eaccd8922dad65dfddcc0b;hpb=4cf03ca277ffb2b3f08aa4b913dbcbcfc4b0cb6f;p=openldap

diff --git a/servers/slapd/overlays/rwmmap.c b/servers/slapd/overlays/rwmmap.c
index c5c9142090..95eec2f922 100644
--- a/servers/slapd/overlays/rwmmap.c
+++ b/servers/slapd/overlays/rwmmap.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1999-2007 The OpenLDAP Foundation.
+ * Copyright 1999-2009 The OpenLDAP Foundation.
  * Portions Copyright 1999-2003 Howard Chu.
  * Portions Copyright 2000-2003 Pierangelo Masarati.
  * All rights reserved.
@@ -32,7 +32,6 @@
 
 #include "slap.h"
 #include "rwm.h"
-#include "lutil.h"
 
 #undef ldap_debug	/* silence a warning in ldap-int.h */
 #include "../../../libraries/libldap/ldap-int.h"
@@ -82,7 +81,9 @@ rwm_map_init( struct ldapmap *lm, struct ldapmapping **m )
 		return LDAP_NO_MEMORY;
 	}
 
-	/* FIXME: I don't think this is needed any more... */
+	/* NOTE: this is needed to make sure that
+	 *	rwm-map attribute *
+	 * does not  filter out all attributes including objectClass */
 	rc = slap_str2ad( "objectClass", &mapping[0].m_src_ad, &text );
 	if ( rc != LDAP_SUCCESS ) {
 		ch_free( mapping );
@@ -120,6 +121,15 @@ rwm_mapping( struct ldapmap *map, struct berval *s, struct ldapmapping **m, int
 
 	assert( m != NULL );
 
+	/* let special attrnames slip through (ITS#5760) */
+	if ( bvmatch( s, slap_bv_no_attrs )
+		|| bvmatch( s, slap_bv_all_user_attrs )
+		|| bvmatch( s, slap_bv_all_operational_attrs ) )
+	{
+		*m = NULL;
+		return 0;
+	}
+
 	if ( remap == RWM_REMAP ) {
 		tree = map->remap;
 
@@ -311,7 +321,7 @@ rwm_map_attrnames(
 
 	if ( j == 0 && i != 0 ) {
 		memset( &(*anp)[0], 0, sizeof( AttributeName ) );
-		BER_BVSTR( &(*anp)[0].an_name, LDAP_NO_ATTRS );
+		(*anp)[0].an_name = *slap_bv_no_attrs;
 		j = 1;
 	}
 	memset( &(*anp)[j], 0, sizeof( AttributeName ) );
@@ -380,7 +390,6 @@ map_attr_value(
 {
 	struct berval		vtmp = BER_BVNULL;
 	int			freeval = 0;
-	char			uuid[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
 	AttributeDescription	*ad = *adp;
 	struct ldapmapping	*mapping = NULL;
 
@@ -422,13 +431,14 @@ map_attr_value(
 				return -1;
 			}
 
-		} else if ( ad->ad_type->sat_syntax == slap_schema.si_ad_entryUUID->ad_type->sat_syntax ) {
-			vtmp.bv_len = lutil_uuidstr_from_normalized( value->bv_val,
-				value->bv_len, uuid, LDAP_LUTIL_UUIDSTR_BUFSIZE );
-			if ( vtmp.bv_len < 0 ) {
+		} else if ( ad->ad_type->sat_equality->smr_usage & SLAP_MR_MUTATION_NORMALIZER ) {
+			if ( ad->ad_type->sat_equality->smr_normalize(
+				(SLAP_MR_DENORMALIZE|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX),
+				NULL, NULL, value, &vtmp, NULL ) )
+			{
 				return -1;
 			}
-			vtmp.bv_val = uuid;
+			freeval = 1;
 
 		} else if ( ad == slap_schema.si_ad_objectClass
 				|| ad == slap_schema.si_ad_structuralObjectClass )
@@ -494,6 +504,10 @@ rwm_int_filter_map_rewrite(
 		return LDAP_OTHER;
 	}
 
+	if ( f->f_choice & SLAPD_FILTER_UNDEFINED ) {
+		goto computed;
+	}
+
 	switch ( f->f_choice & SLAPD_FILTER_MASK ) {
 	case LDAP_FILTER_EQUALITY:
 		ad = f->f_av_desc;
@@ -705,7 +719,7 @@ rwm_int_filter_map_rewrite(
 
 	case -1:
 computed:;
-		filter_free_x( op, f );
+		filter_free_x( op, f, 0 );
 		f->f_choice = SLAPD_FILTER_COMPUTED;
 		f->f_result = SLAPD_COMPARE_UNDEFINED;
 		/* fallthru */
@@ -1173,7 +1187,8 @@ rwm_referral_result_rewrite(
 int
 rwm_dnattr_result_rewrite(
 	dncookie		*dc,
-	BerVarray		a_vals )
+	BerVarray		a_vals,
+	BerVarray		a_nvals )
 {
 	int		i, last;
 
@@ -1181,11 +1196,11 @@ rwm_dnattr_result_rewrite(
 	last--;
 
 	for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
-		struct berval	dn;
+		struct berval	pdn, ndn = BER_BVNULL;
 		int		rc;
 		
-		dn = a_vals[i];
-		rc = rwm_dn_massage_pretty( dc, &a_vals[i], &dn );
+		pdn = a_vals[i];
+		rc = rwm_dn_massage_pretty_normalize( dc, &a_vals[i], &pdn, &ndn );
 		switch ( rc ) {
 		case LDAP_UNWILLING_TO_PERFORM:
 			/*
@@ -1193,19 +1208,27 @@ rwm_dnattr_result_rewrite(
 			 * legal to trim values when adding/modifying;
 			 * it should be when searching (e.g. ACLs).
 			 */
+			assert( a_vals[i].bv_val != a_nvals[i].bv_val );
 			ch_free( a_vals[i].bv_val );
+			ch_free( a_nvals[i].bv_val );
 			if ( last > i ) {
 				a_vals[i] = a_vals[last];
+				a_nvals[i] = a_nvals[last];
 			}
 			BER_BVZERO( &a_vals[last] );
+			BER_BVZERO( &a_nvals[last] );
 			last--;
 			break;
 
 		default:
 			/* leave attr untouched if massage failed */
-			if ( !BER_BVISNULL( &dn ) && a_vals[i].bv_val != dn.bv_val ) {
+			if ( !BER_BVISNULL( &pdn ) && a_vals[i].bv_val != pdn.bv_val ) {
 				ch_free( a_vals[i].bv_val );
-				a_vals[i] = dn;
+				a_vals[i] = pdn;
+			}
+			if ( !BER_BVISNULL( &ndn ) && a_nvals[i].bv_val != ndn.bv_val ) {
+				ch_free( a_nvals[i].bv_val );
+				a_nvals[i] = ndn;
 			}
 			break;
 		}