X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fschema_prep.c;h=5813aa52c09e56f855cc48cdae4e3da09eae74e8;hb=ef3d895cb80a5b0830817ffaa5dc0a92edd93723;hp=d5c7abf505a7a47daef9fa9c02837e54ba1a8f24;hpb=7826020e97db152176d098b01436d2c66371636c;p=openldap diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c index d5c7abf505..5813aa52c0 100644 --- a/servers/slapd/schema_prep.c +++ b/servers/slapd/schema_prep.c @@ -34,6 +34,17 @@ objectClassMatch( ObjectClass *oc = oc_bvfind( value ); ObjectClass *asserted = oc_bvfind( a ); +#if 1 +#ifdef NEW_LOGGING + LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY, + "> objectClassMatch(%s, %s)\n", + value->bv_val, a->bv_val )); +#else + Debug( LDAP_DEBUG_TRACE, "> objectClassMatch(%s,%s)\n", + value->bv_val, a->bv_val, 0 ); +#endif +#endif + if( asserted == NULL ) { if( OID_LEADCHAR( *a->bv_val ) ) { /* OID form, return FALSE */ @@ -56,13 +67,13 @@ objectClassMatch( *matchp = !is_object_subclass( asserted, oc ); } -#if 0 +#if 1 #ifdef NEW_LOGGING LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY, - "objectClassMatch(%s, %s) = %d\n", + "< objectClassMatch(%s, %s) = %d\n", value->bv_val, a->bv_val, *matchp )); #else - Debug( LDAP_DEBUG_TRACE, "objectClassMatch(%s,%s) = %d\n", + Debug( LDAP_DEBUG_TRACE, "< objectClassMatch(%s,%s) = %d\n", value->bv_val, a->bv_val, *matchp ); #endif #endif @@ -70,6 +81,9 @@ objectClassMatch( return LDAP_SUCCESS; } +#if 1 +#define structuralObjectClassMatch objectClassMatch +#else static int structuralObjectClassMatch( int *matchp, @@ -83,6 +97,17 @@ structuralObjectClassMatch( ObjectClass *oc = oc_bvfind( value ); ObjectClass *asserted = oc_bvfind( a ); +#if 1 +#ifdef NEW_LOGGING + LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY, + "> structuralObjectClassMatch(%s, %s)\n", + value->bv_val, a->bv_val )); +#else + Debug( LDAP_DEBUG_TRACE, "> structuralObjectClassMatch(%s,%s)\n", + value->bv_val, a->bv_val, 0 ); +#endif +#endif + if( asserted == NULL ) { if( OID_LEADCHAR( *a->bv_val ) ) { /* OID form, return FALSE */ @@ -101,19 +126,20 @@ structuralObjectClassMatch( *matchp = ( asserted != oc ); -#if 0 +#if 1 #ifdef NEW_LOGGING LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY, - "structuralObjectClassMatch( %s, %s ) = %d\n", + "< structuralObjectClassMatch( %s, %s ) = %d\n", value->bv_val, a->bv_val, *matchp )); #else - Debug( LDAP_DEBUG_TRACE, "structuralObjectClassMatch(%s,%s) = %d\n", + Debug( LDAP_DEBUG_TRACE, "< structuralObjectClassMatch(%s,%s) = %d\n", value->bv_val, a->bv_val, *matchp ); #endif #endif return LDAP_SUCCESS; } +#endif static ObjectClassSchemaCheckFN rootDseObjectClass; static ObjectClassSchemaCheckFN aliasObjectClass; @@ -136,28 +162,29 @@ static struct slap_schema_oc_map { "NAME 'extensibleObject' " "DESC 'RFC2252: extensible object' " "SUP top AUXILIARY )", - 0, 0, offsetof(struct slap_internal_schema, si_oc_extensibleObject) }, + 0, SLAP_OC_OPERATIONAL, + offsetof(struct slap_internal_schema, si_oc_extensibleObject) }, { "alias", "( 2.5.6.1 NAME 'alias' " "DESC 'RFC2256: an alias' " "SUP top STRUCTURAL " "MUST aliasedObjectName )", - aliasObjectClass, 0, + aliasObjectClass, SLAP_OC_ALIAS|SLAP_OC_OPERATIONAL, offsetof(struct slap_internal_schema, si_oc_alias) }, { "referral", "( 2.16.840.1.113730.3.2.6 NAME 'referral' " "DESC 'namedref: named subordinate referral' " "SUP top STRUCTURAL MUST ref )", - referralObjectClass, 0, + referralObjectClass, SLAP_OC_REFERRAL|SLAP_OC_OPERATIONAL, offsetof(struct slap_internal_schema, si_oc_referral) }, { "LDAProotDSE", "( 1.3.6.1.4.1.4203.1.4.1 " "NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' ) " "DESC 'OpenLDAP Root DSE object' " "SUP top STRUCTURAL MAY cn )", - rootDseObjectClass, 0, + rootDseObjectClass, SLAP_OC_OPERATIONAL, offsetof(struct slap_internal_schema, si_oc_rootdse) }, { "subentry", "( 2.5.20.0 NAME 'subentry' " "SUP top STRUCTURAL " "MUST ( cn $ subtreeSpecification ) )", - subentryObjectClass, 0, + subentryObjectClass, SLAP_OC_SUBENTRY|SLAP_OC_OPERATIONAL, offsetof(struct slap_internal_schema, si_oc_subentry) }, { "subschema", "( 2.5.20.1 NAME 'subschema' " "DESC 'RFC2252: controlling subschema (sub)entry' " @@ -165,23 +192,25 @@ static struct slap_schema_oc_map { "MAY ( dITStructureRules $ nameForms $ ditContentRules $ " "objectClasses $ attributeTypes $ matchingRules $ " "matchingRuleUse ) )", - subentryObjectClass, + subentryObjectClass, SLAP_OC_OPERATIONAL, offsetof(struct slap_internal_schema, si_oc_subschema) }, { "monitor", "( 1.3.6.1.4.1.4203.666.3.2 NAME 'monitor' " "DESC 'OpenLDAP system monitoring' " "STRUCTURAL " "MUST cn )", - 0, 0, offsetof(struct slap_internal_schema, si_oc_monitor) }, - { "collectiveAttributes", "( 2.5.20.2 " - "NAME 'collectiveAttributes' " + 0, SLAP_OC_OPERATIONAL, + offsetof(struct slap_internal_schema, si_oc_monitor) }, + { "collectiveAttributeSubentry", "( 2.5.20.2 " + "NAME 'collectiveAttributeSubentry' " "AUXILIARY )", - subentryObjectClass, 0, - offsetof(struct slap_internal_schema, si_oc_collectiveAttributes) }, + subentryObjectClass, + SLAP_OC_COLLECTIVEATTRIBUTESUBENTRY|SLAP_OC_OPERATIONAL|SLAP_OC_HIDE, + offsetof(struct slap_internal_schema, si_oc_collectiveAttributeSubentry) }, { "dynamicObject", "( 1.3.6.1.4.1.1466.101.119.2 " "NAME 'dynamicObject' " "DESC 'RFC2589: Dynamic Object' " "SUP top AUXILIARY )", - dynamicObjectClass, 0, + dynamicObjectClass, SLAP_OC_DYNAMICOBJECT, offsetof(struct slap_internal_schema, si_oc_dynamicObject) }, { NULL, NULL, NULL, 0, 0 } }; @@ -190,6 +219,7 @@ static AttributeTypeSchemaCheckFN rootDseAttribute; static AttributeTypeSchemaCheckFN aliasAttribute; static AttributeTypeSchemaCheckFN referralAttribute; static AttributeTypeSchemaCheckFN subentryAttribute; +static AttributeTypeSchemaCheckFN administrativeRoleAttribute; static AttributeTypeSchemaCheckFN dynamicAttribute; static struct slap_schema_ad_map { @@ -206,8 +236,7 @@ static struct slap_schema_ad_map { "DESC 'RFC2256: object classes of the entity' " "EQUALITY objectIdentifierMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )", - NULL, 0, - objectClassMatch, NULL, NULL, + NULL, SLAP_AT_FINAL, objectClassMatch, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_objectClass) }, /* user entry operational attributes */ @@ -215,7 +244,7 @@ static struct slap_schema_ad_map { "DESC 'X.500(93): structural object class of entry' " "EQUALITY objectIdentifierMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 " - "NO-USER-MODIFICATION SINGLE-VALUE USAGE directoryOperation )", + "SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )", NULL, 0, structuralObjectClassMatch, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_structuralObjectClass) }, { "createTimestamp", "( 2.5.18.1 NAME 'createTimestamp' " @@ -258,22 +287,22 @@ static struct slap_schema_ad_map { { "subschemaSubentry", "( 2.5.18.10 NAME 'subschemaSubentry' " "DESC 'RFC2252: name of controlling subschema entry' " "EQUALITY distinguishedNameMatch " - "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION " - "SINGLE-VALUE USAGE directoryOperation )", + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE " + "NO-USER-MODIFICATION USAGE directoryOperation )", NULL, 0, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_subschemaSubentry) }, - { "collectiveAttributeSubentry", "( 2.5.18.12 " - "NAME 'collectiveAttributeSubentry' " + { "collectiveAttributeSubentries", "( 2.5.18.12 " + "NAME 'collectiveAttributeSubentries' " "EQUALITY distinguishedNameMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 " - "USAGE directoryOperation NO-USER-MODIFICATION )", - NULL, 0, NULL, NULL, NULL, - offsetof(struct slap_internal_schema, si_ad_collectiveSubentry) }, + "NO-USER-MODIFICATION USAGE directoryOperation )", + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, + offsetof(struct slap_internal_schema, si_ad_collectiveSubentries) }, { "collectiveExclusions", "( 2.5.18.7 NAME 'collectiveExclusions' " "EQUALITY objectIdentifierMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 " "USAGE directoryOperation )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_collectiveExclusions) }, { "entryUUID", "( 1.3.6.1.4.1.4203.666.1.6 NAME 'entryUUID' " @@ -281,14 +310,14 @@ static struct slap_schema_ad_map { "EQUALITY octetStringMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{64} " "SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_entryUUID) }, { "entryCSN", "( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' " "DESC 'LCUP/LDUP: change sequence number' " "EQUALITY octetStringMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{64} " "SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_entryCSN) }, /* root DSE attributes */ @@ -305,8 +334,8 @@ static struct slap_schema_ad_map { offsetof(struct slap_internal_schema, si_ad_namingContexts) }, { "supportedControl", "( 1.3.6.1.4.1.1466.101.120.13 " "NAME 'supportedControl' " - "DESC 'RFC2252: supported controls' " - "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )", + "DESC 'RFC2252: supported controls' " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )", rootDseAttribute, 0, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedControl) }, { "supportedExtension", "( 1.3.6.1.4.1.1466.101.120.7 " @@ -335,6 +364,15 @@ static struct slap_schema_ad_map { "USAGE dSAOperation )", rootDseAttribute, 0, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedFeatures) }, + { "monitorContext", "( 1.3.6.1.4.1.4203.666.1.10 " + "NAME 'monitorContext' " + "DESC 'monitor context' " + "EQUALITY objectIdentifierMatch " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 " + "SINGLE-VALUE NO-USER-MODIFICATION " + "USAGE dSAOperation )", + rootDseAttribute, SLAP_AT_HIDE, NULL, NULL, NULL, + offsetof(struct slap_internal_schema, si_ad_monitorContext) }, { "vendorName", "( 1.3.6.1.1.4 NAME 'vendorName' " "DESC 'RFC3045: name of implementation vendor' " "EQUALITY 1.3.6.1.4.1.1466.109.114.1 " @@ -357,13 +395,13 @@ static struct slap_schema_ad_map { "EQUALITY objectIdentifierMatch " "USAGE directoryOperation " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )", - NULL, 0, NULL, NULL, NULL, + administrativeRoleAttribute, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_administrativeRole) }, { "subtreeSpecification", "( 2.5.18.6 NAME 'subtreeSpecification' " "SINGLE-VALUE " "USAGE directoryOperation " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 )", - subentryAttribute, 0, NULL, NULL, NULL, + subentryAttribute, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_subtreeSpecification) }, /* subschema subentry attributes */ @@ -372,13 +410,13 @@ static struct slap_schema_ad_map { "EQUALITY integerFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 " "USAGE directoryOperation ) ", - subentryAttribute, 0, NULL, NULL, NULL, + subentryAttribute, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ditStructureRules) }, { "ditContentRules", "( 2.5.21.2 NAME 'dITContentRules' " "DESC 'RFC2252: DIT content rules' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation )", - subentryAttribute, 0, NULL, NULL, NULL, + subentryAttribute, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ditContentRules) }, { "matchingRules", "( 2.5.21.4 NAME 'matchingRules' " "DESC 'RFC2252: matching rules' " @@ -402,13 +440,13 @@ static struct slap_schema_ad_map { "DESC 'RFC2252: name forms ' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation )", - subentryAttribute, 0, NULL, NULL, NULL, + subentryAttribute, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_nameForms) }, { "matchingRuleUse", "( 2.5.21.8 NAME 'matchingRuleUse' " "DESC 'RFC2252: matching rule uses' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )", - subentryAttribute, 0, NULL, NULL, NULL, + subentryAttribute, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_matchingRuleUse) }, { "ldapSyntaxes", "( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' " @@ -424,7 +462,7 @@ static struct slap_schema_ad_map { "DESC 'RFC2256: name of aliased object' " "EQUALITY distinguishedNameMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )", - aliasAttribute, 0, NULL, NULL, NULL, + aliasAttribute, SLAP_AT_FINAL, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_aliasedObjectName) }, { "ref", "( 2.16.840.1.113730.3.1.34 NAME 'ref' " "DESC 'namedref: subordinate referral URL' " @@ -440,15 +478,31 @@ static struct slap_schema_ad_map { "DESC 'OpenLDAP ACL entry pseudo-attribute' " "SYNTAX 1.3.6.1.4.1.4203.1.1.1 " "SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_entry) }, { "children", "( 1.3.6.1.4.1.4203.1.3.2 " "NAME 'children' " "DESC 'OpenLDAP ACL children pseudo-attribute' " "SYNTAX 1.3.6.1.4.1.4203.1.1.1 " "SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_children) }, + { "saslAuthzTo", "( 1.3.6.1.4.1.4203.666.1.8 " + "NAME 'saslAuthzTo' " + "DESC 'SASL proxy authorization targets' " + "EQUALITY caseExactMatch " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " + "USAGE distributedOperation )", + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, + offsetof(struct slap_internal_schema, si_ad_saslAuthzTo) }, + { "saslAuthzFrom", "( 1.3.6.1.4.1.4203.666.1.9 " + "NAME 'saslAuthzFrom' " + "DESC 'SASL proxy authorization sources' " + "EQUALITY caseExactMatch " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " + "USAGE distributedOperation )", + NULL, SLAP_AT_HIDE, NULL, NULL, NULL, + offsetof(struct slap_internal_schema, si_ad_saslAuthzFrom) }, #ifdef SLAPD_ACI_ENABLED { "OpenLDAPaci", "( 1.3.6.1.4.1.4203.666.1.5 " "NAME 'OpenLDAPaci' " @@ -479,14 +533,14 @@ static struct slap_schema_ad_map { "DESC 'RFC2256: common supertype of DN attributes' " "EQUALITY distinguishedNameMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_ABSTRACT, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_distinguishedName) }, { "name", "( 2.5.4.41 NAME 'name' " "DESC 'RFC2256: common supertype of name attributes' " "EQUALITY caseIgnoreMatch " "SUBSTR caseIgnoreSubstringsMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_ABSTRACT, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_name) }, { "cn", "( 2.5.4.3 NAME ( 'cn' 'commonName' ) " "DESC 'RFC2256: common name(s) for which the entity is known by' " @@ -519,7 +573,12 @@ static struct slap_schema_ad_map { offsetof(struct slap_internal_schema, si_ad_authPassword) }, #endif #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - { "krbName", NULL, + { "krbName", "( 1.3.6.1.4.1.250.1.32 " + "NAME ( 'krbName' 'kerberosName' ) " + "DESC 'Kerberos principal associated with object' " + "EQUALITY caseIgnoreIA5Match " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 " + "SINGLE-VALUE )", NULL, 0, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_krbName) }, #endif @@ -536,7 +595,8 @@ static AttributeType slap_at_undefined = { NULL, /* subtypes */ NULL, NULL, NULL, NULL, /* matching rules */ NULL, /* syntax (this may need to be defined) */ - (AttributeTypeSchemaCheckFN *) 0, 0, /* schema check function/mask */ + (AttributeTypeSchemaCheckFN *) 0, /* schema check function */ + SLAP_AT_ABSTRACT|SLAP_AT_FINAL, /* mask */ NULL, /* next */ NULL /* attribute description */ /* mutex (don't know how to initialize it :) */ @@ -557,6 +617,8 @@ static struct slap_schema_syn_map { char *sssm_name; size_t sssm_offset; } syn_map[] = { + { "1.3.6.1.4.1.1466.115.121.1.40", + offsetof(struct slap_internal_schema, si_syn_octetString) }, { "1.3.6.1.4.1.1466.115.121.1.12", offsetof(struct slap_internal_schema, si_syn_distinguishedName) }, { "1.3.6.1.4.1.1466.115.121.1.27", @@ -568,8 +630,42 @@ int slap_schema_load( void ) { int i; + + for( i=0; syn_map[i].sssm_name; i++ ) { + Syntax ** synp = (Syntax **) + &(((char *) &slap_schema)[syn_map[i].sssm_offset]); + + assert( *synp == NULL ); + + *synp = syn_find( syn_map[i].sssm_name ); + + if( *synp == NULL ) { + fprintf( stderr, "slap_schema_check: " + "No syntax \"%s\" defined in schema\n", + syn_map[i].sssm_name ); + return LDAP_INVALID_SYNTAX; + } + } + + for( i=0; mr_map[i].ssmm_name; i++ ) { + MatchingRule ** mrp = (MatchingRule **) + &(((char *) &slap_schema)[mr_map[i].ssmm_offset]); + + assert( *mrp == NULL ); + + *mrp = mr_find( mr_map[i].ssmm_name ); + + if( *mrp == NULL ) { + fprintf( stderr, "slap_schema_check: " + "No matching rule \"%s\" defined in schema\n", + mr_map[i].ssmm_name ); + return LDAP_INAPPROPRIATE_MATCHING; + } + } + for( i=0; ad_map[i].ssam_name; i++ ) { - if( ad_map[i].ssam_defn != NULL ) { + assert( ad_map[i].ssam_defn != NULL ); + { LDAPAttributeType *at; int code; const char *err; @@ -599,10 +695,40 @@ slap_schema_load( void ) } ldap_memfree( at ); } + { + int rc; + const char *text; + + AttributeDescription ** adp = (AttributeDescription **) + &(((char *) &slap_schema)[ad_map[i].ssam_offset]); + + assert( *adp == NULL ); + + rc = slap_str2ad( ad_map[i].ssam_name, adp, &text ); + if( rc != LDAP_SUCCESS ) { + fprintf( stderr, "slap_schema_check: " + "No attribute \"%s\" defined in schema\n", + ad_map[i].ssam_name ); + return rc; + } + + if( ad_map[i].ssam_check ) { + /* install check routine */ + (*adp)->ad_type->sat_check = ad_map[i].ssam_check; + } + /* install flags */ + (*adp)->ad_type->sat_flags |= ad_map[i].ssam_flags; + + if( ad_map[i].ssam_match ) { + /* install custom matching routine */ + (*adp)->ad_type->sat_equality->smr_match = ad_map[i].ssam_match; + } + } } for( i=0; oc_map[i].ssom_name; i++ ) { - if( oc_map[i].ssom_defn != NULL ) { + assert( oc_map[i].ssom_defn != NULL ); + { LDAPObjectClass *oc; int code; const char *err; @@ -623,7 +749,7 @@ slap_schema_load( void ) return LDAP_OTHER; } - code = oc_add(oc,&err); + code = oc_add(oc,0,&err); if ( code ) { fprintf( stderr, "slap_schema_load: " "%s: %s: \"%s\"\n", @@ -633,110 +759,41 @@ slap_schema_load( void ) ldap_memfree(oc); } + { + ObjectClass ** ocp = (ObjectClass **) + &(((char *) &slap_schema)[oc_map[i].ssom_offset]); + + assert( *ocp == NULL ); + + *ocp = oc_find( oc_map[i].ssom_name ); + if( *ocp == NULL ) { + fprintf( stderr, "slap_schema_check: " + "No objectClass \"%s\" defined in schema\n", + oc_map[i].ssom_name ); + return LDAP_OBJECT_CLASS_VIOLATION; + } + + if( oc_map[i].ssom_check ) { + /* install check routine */ + (*ocp)->soc_check = oc_map[i].ssom_check; + } + /* install flags */ + (*ocp)->soc_flags |= oc_map[i].ssom_flags; + } } + slap_at_undefined.sat_syntax = slap_schema.si_syn_distinguishedName; + slap_schema.si_at_undefined = &slap_at_undefined; + return LDAP_SUCCESS; } int slap_schema_check( void ) { - int i; /* we should only be called once after schema_init() was called */ assert( schema_init_done == 1 ); - for( i=0; syn_map[i].sssm_name; i++ ) { - Syntax ** synp = (Syntax **) - &(((char *) &slap_schema)[syn_map[i].sssm_offset]); - - assert( *synp == NULL ); - - *synp = syn_find( syn_map[i].sssm_name ); - - if( *synp == NULL ) { - fprintf( stderr, "slap_schema_check: " - "No syntax \"%s\" defined in schema\n", - syn_map[i].sssm_name ); - return LDAP_INVALID_SYNTAX; - } - } - - for( i=0; mr_map[i].ssmm_name; i++ ) { - MatchingRule ** mrp = (MatchingRule **) - &(((char *) &slap_schema)[mr_map[i].ssmm_offset]); - - assert( *mrp == NULL ); - - *mrp = mr_find( mr_map[i].ssmm_name ); - - if( *mrp == NULL ) { - fprintf( stderr, "slap_schema_check: " - "No matching rule \"%s\" defined in schema\n", - mr_map[i].ssmm_name ); - return LDAP_INAPPROPRIATE_MATCHING; - } - } - - slap_at_undefined.sat_syntax = syn_find( SLAPD_OCTETSTRING_SYNTAX ); - if( slap_at_undefined.sat_syntax == NULL ) { - fprintf( stderr, "slap_schema_check: " - "No octetString syntax \"" SLAPD_OCTETSTRING_SYNTAX "\"\n" ); - return LDAP_INVALID_SYNTAX; - } - slap_schema.si_at_undefined = &slap_at_undefined; - - for( i=0; ad_map[i].ssam_name; i++ ) { - int rc; - const char *text; - - AttributeDescription ** adp = (AttributeDescription **) - &(((char *) &slap_schema)[ad_map[i].ssam_offset]); - - assert( *adp == NULL ); - - rc = slap_str2ad( ad_map[i].ssam_name, adp, &text ); - if( rc != LDAP_SUCCESS ) { - fprintf( stderr, "slap_schema_check: " - "No attribute \"%s\" defined in schema\n", - ad_map[i].ssam_name ); - return rc; - } - - if( ad_map[i].ssam_check ) { - /* install check routine */ - (*adp)->ad_type->sat_check = ad_map[i].ssam_check; - } - /* install flags */ - (*adp)->ad_type->sat_flags |= ad_map[i].ssam_flags; - - if( ad_map[i].ssam_match ) { - /* install custom matching routine */ - (*adp)->ad_type->sat_equality->smr_match = ad_map[i].ssam_match; - } - } - - for( i=0; oc_map[i].ssom_name; i++ ) { - ObjectClass ** ocp = (ObjectClass **) - &(((char *) &slap_schema)[oc_map[i].ssom_offset]); - - assert( *ocp == NULL ); - - *ocp = oc_find( oc_map[i].ssom_name ); - if( *ocp == NULL ) { - fprintf( stderr, "slap_schema_check: " - "No objectClass \"%s\" defined in schema\n", - oc_map[i].ssom_name ); - return LDAP_OBJECT_CLASS_VIOLATION; - } - - if( oc_map[i].ssom_check ) { - /* install check routine */ - (*ocp)->sco_check = oc_map[i].ssom_check; - } - /* install flags */ - (*ocp)->sco_flags |= oc_map[i].ssom_flags; - } - ++schema_init_done; return LDAP_SUCCESS; } @@ -944,6 +1001,28 @@ static int subentryAttribute ( return LDAP_SUCCESS; } +static int administrativeRoleAttribute ( + Backend *be, + Entry *e, + Attribute *attr, + const char** text, + char *textbuf, size_t textlen ) +{ + *text = textbuf; + + if( !SLAP_SUBENTRIES(be) ) { + snprintf( textbuf, textlen, + "attribute \"%s\" not supported in context", + attr->a_desc->ad_cname.bv_val ); + return LDAP_OBJECT_CLASS_VIOLATION; + } + + snprintf( textbuf, textlen, + "attribute \"%s\" not supported!", + attr->a_desc->ad_cname.bv_val ); + return LDAP_OBJECT_CLASS_VIOLATION; +} + static int dynamicAttribute ( Backend *be, Entry *e,