X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fvalue.c;h=a1e081664d1d40f043fc7f1d652bf7c1cc186b08;hb=ed471a4d53b9bcd2cc89410743ffb4bd58b5fc05;hp=37d0e7b6dc7d0f15d5d194ab18ad18eedb2e512f;hpb=e9b1012fb1e572ea93b355f15c946b8b431e0160;p=openldap diff --git a/servers/slapd/value.c b/servers/slapd/value.c index 37d0e7b6dc..a1e081664d 100644 --- a/servers/slapd/value.c +++ b/servers/slapd/value.c @@ -1,7 +1,7 @@ /* value.c - routines for dealing with values */ /* $OpenLDAP$ */ /* - * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -19,162 +19,407 @@ #include "slap.h" int -value_add_fast( - struct berval ***vals, - struct berval **addvals, - int nvals, - int naddvals, - int *maxvals +value_add( + BerVarray *vals, + BerVarray addvals ) { - int need, i, j; + int n, nn; + BerVarray v2; - if ( *maxvals == 0 ) { - *maxvals = 1; - } - need = nvals + naddvals + 1; - while ( *maxvals < need ) { - *maxvals *= 2; - *vals = (struct berval **) ch_realloc( (char *) *vals, - *maxvals * sizeof(struct berval *) ); - } + for ( nn = 0; addvals != NULL && addvals[nn].bv_val != NULL; nn++ ) + ; /* NULL */ - for ( i = 0, j = 0; i < naddvals; i++ ) { - if ( addvals[i]->bv_len > 0 ) { - (*vals)[nvals + j] = ber_bvdup( addvals[i] ); - if( (*vals)[nvals + j] != NULL ) j++; + if ( *vals == NULL ) { + *vals = (BerVarray) SLAP_MALLOC( (nn + 1) + * sizeof(struct berval) ); + if( *vals == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "value_add: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#else + Debug(LDAP_DEBUG_TRACE, + "value_add: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#endif + return LBER_ERROR_MEMORY; } + n = 0; + } else { + for ( n = 0; (*vals)[n].bv_val != NULL; n++ ) { + ; /* Empty */ + } + *vals = (BerVarray) SLAP_REALLOC( (char *) *vals, + (n + nn + 1) * sizeof(struct berval) ); + if( *vals == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "value_add: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#else + Debug(LDAP_DEBUG_TRACE, + "value_add: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#endif + return LBER_ERROR_MEMORY; + } + } + + v2 = *vals + n; + for ( ; addvals->bv_val; v2++, addvals++ ) { + ber_dupbv(v2, addvals); + if (v2->bv_val == NULL) break; } - (*vals)[nvals + j] = NULL; + v2->bv_val = NULL; + v2->bv_len = 0; - return( 0 ); + return LDAP_SUCCESS; } int -value_add( - struct berval ***vals, - struct berval **addvals +value_add_one( + BerVarray *vals, + struct berval *addval ) { - int n, nn, i, j; - - for ( nn = 0; addvals != NULL && addvals[nn] != NULL; nn++ ) - ; /* NULL */ + int n; + BerVarray v2; if ( *vals == NULL ) { - *vals = (struct berval **) ch_malloc( (nn + 1) - * sizeof(struct berval *) ); + *vals = (BerVarray) SLAP_MALLOC( 2 * sizeof(struct berval) ); + if( *vals == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "value_add_one: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#else + Debug(LDAP_DEBUG_TRACE, + "value_add_one: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#endif + return LBER_ERROR_MEMORY; + } n = 0; } else { - for ( n = 0; (*vals)[n] != NULL; n++ ) - ; /* NULL */ - *vals = (struct berval **) ch_realloc( (char *) *vals, - (n + nn + 1) * sizeof(struct berval *) ); + for ( n = 0; (*vals)[n].bv_val != NULL; n++ ) { + ; /* Empty */ + } + *vals = (BerVarray) SLAP_REALLOC( (char *) *vals, + (n + 2) * sizeof(struct berval) ); + if( *vals == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "value_add_one: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#else + Debug(LDAP_DEBUG_TRACE, + "value_add_one: SLAP_MALLOC failed.\n", 0, 0, 0 ); +#endif + return LBER_ERROR_MEMORY; + } } - for ( i = 0, j = 0; i < nn; i++ ) { - if ( addvals[i]->bv_len > 0 ) { - (*vals)[n + j] = ber_bvdup( addvals[i] ); - if( (*vals)[n + j++] == NULL ) break; - } + v2 = *vals + n; + ber_dupbv(v2, addval); + + v2++; + v2->bv_val = NULL; + v2->bv_len = 0; + + return LDAP_SUCCESS; +} + +int +value_validate( + MatchingRule *mr, + struct berval *in, + const char **text ) +{ + int rc; + + if( mr == NULL ) { + *text = "inappropriate matching request"; + return LDAP_INAPPROPRIATE_MATCHING; + } + + if( mr->smr_syntax == NULL ) { + *text = "no assertion syntax"; + return LDAP_INVALID_SYNTAX; + } + + if( ! mr->smr_syntax->ssyn_validate ) { + *text = "no syntax validator"; + return LDAP_INVALID_SYNTAX; } - (*vals)[n + j] = NULL; - return( 0 ); + rc = (mr->smr_syntax->ssyn_validate)( mr->smr_syntax, in ); + + if( rc != LDAP_SUCCESS ) { + *text = "value is invalid"; + return LDAP_INVALID_SYNTAX; + } + + return LDAP_SUCCESS; } -#ifdef SLAPD_SCHEMA_COMPAT -void +int value_normalize( - char *s, - int syntax -) + AttributeDescription *ad, + unsigned usage, + struct berval *in, + struct berval *out, + const char **text ) { - char *d, *save; + int rc; + MatchingRule *mr; - if ( ! (syntax & SYNTAX_CIS) ) { - return; + switch( usage & SLAP_MR_TYPE_MASK ) { + case SLAP_MR_NONE: + case SLAP_MR_EQUALITY: + mr = ad->ad_type->sat_equality; + break; + case SLAP_MR_ORDERING: + mr = ad->ad_type->sat_ordering; + break; + case SLAP_MR_SUBSTR: + mr = ad->ad_type->sat_substr; + break; + case SLAP_MR_EXT: + default: + assert( 0 ); + *text = "internal error"; + return LDAP_OTHER; + } + + if( mr == NULL ) { + *text = "inappropriate matching request"; + return LDAP_INAPPROPRIATE_MATCHING; } - if ( syntax & SYNTAX_DN ) { - (void) dn_normalize( s ); - return; + /* we only support equality matching of binary attributes */ + /* This is suspect, flexible certificate matching will hit this */ + if( slap_ad_is_binary( ad ) && usage != SLAP_MR_EQUALITY ) { + *text = "inappropriate binary matching"; + return LDAP_INAPPROPRIATE_MATCHING; } - save = s; - for ( d = s; *s; s++ ) { - if ( (syntax & SYNTAX_TEL) && (*s == ' ' || *s == '-') ) { - continue; + if( mr->smr_normalize ) { + rc = (mr->smr_normalize)( usage, + ad->ad_type->sat_syntax, + mr, in, out ); + + if( rc != LDAP_SUCCESS ) { + *text = "unable to normalize value"; + return LDAP_INVALID_SYNTAX; + } + + } else if ( mr->smr_syntax->ssyn_normalize ) { + rc = (mr->smr_syntax->ssyn_normalize)( + ad->ad_type->sat_syntax, + in, out ); + + if( rc != LDAP_SUCCESS ) { + *text = "unable to normalize value"; + return LDAP_INVALID_SYNTAX; } - *d++ = TOUPPER( (unsigned char) *s ); + + } else { + ber_dupbv( out, in ); } - *d = '\0'; + + return LDAP_SUCCESS; } int -value_cmp( - struct berval *v1, - struct berval *v2, - int syntax, - int normalize /* 1 => arg 1; 2 => arg 2; 3 => both */ -) +value_validate_normalize( + AttributeDescription *ad, + unsigned usage, + struct berval *in, + struct berval *out, + const char **text ) { - int rc; + int rc; + MatchingRule *mr; - if ( normalize & 1 ) { - v1 = ber_bvdup( v1 ); - value_normalize( v1->bv_val, syntax ); + switch( usage & SLAP_MR_TYPE_MASK ) { + case SLAP_MR_NONE: + case SLAP_MR_EQUALITY: + mr = ad->ad_type->sat_equality; + break; + case SLAP_MR_ORDERING: + mr = ad->ad_type->sat_ordering; + break; + case SLAP_MR_SUBSTR: + mr = ad->ad_type->sat_substr; + break; + case SLAP_MR_EXT: + default: + assert( 0 ); + *text = "internal error"; + return LDAP_OTHER; } - if ( normalize & 2 ) { - v2 = ber_bvdup( v2 ); - value_normalize( v2->bv_val, syntax ); + + if( mr == NULL ) { + *text = "inappropriate matching request"; + return LDAP_INAPPROPRIATE_MATCHING; } - switch ( syntax ) { - case SYNTAX_CIS: - case (SYNTAX_CIS | SYNTAX_TEL): - case (SYNTAX_CIS | SYNTAX_DN): - rc = strcasecmp( v1->bv_val, v2->bv_val ); - break; + if( mr->smr_syntax == NULL ) { + *text = "no assertion syntax"; + return LDAP_INVALID_SYNTAX; + } - case SYNTAX_CES: - rc = strcmp( v1->bv_val, v2->bv_val ); - break; + if( ! mr->smr_syntax->ssyn_validate ) { + *text = "no syntax validator"; + return LDAP_INVALID_SYNTAX; + } - default: /* Unknown syntax */ - case SYNTAX_BIN: - rc = (v1->bv_len == v2->bv_len - ? memcmp( v1->bv_val, v2->bv_val, v1->bv_len ) - : v1->bv_len > v2->bv_len ? 1 : -1); - break; + rc = (mr->smr_syntax->ssyn_validate)( mr->smr_syntax, in ); + + if( rc != LDAP_SUCCESS ) { + *text = "value is invalid"; + return LDAP_INVALID_SYNTAX; } - if ( normalize & 1 ) { - ber_bvfree( v1 ); + /* we only support equality matching of binary attributes */ + /* This is suspect, flexible certificate matching will hit this */ + if( slap_ad_is_binary( ad ) && usage != SLAP_MR_EQUALITY ) { + *text = "inappropriate binary matching"; + return LDAP_INAPPROPRIATE_MATCHING; } - if ( normalize & 2 ) { - ber_bvfree( v2 ); + + if( mr->smr_normalize ) { + rc = (mr->smr_normalize)( usage, + ad->ad_type->sat_syntax, + mr, in, out ); + + if( rc != LDAP_SUCCESS ) { + *text = "unable to normalize value"; + return LDAP_INVALID_SYNTAX; + } + + } else if ( mr->smr_syntax->ssyn_normalize ) { + rc = (mr->smr_syntax->ssyn_normalize)( + ad->ad_type->sat_syntax, + in, out ); + + if( rc != LDAP_SUCCESS ) { + *text = "unable to normalize value"; + return LDAP_INVALID_SYNTAX; + } + + } else { + ber_dupbv( out, in ); } - return( rc ); + return LDAP_SUCCESS; } + int -value_find( - struct berval **vals, - struct berval *v, - int syntax, - int normalize -) +value_match( + int *match, + AttributeDescription *ad, + MatchingRule *mr, + unsigned flags, + struct berval *v1, /* stored value */ + void *v2, /* assertion */ + const char ** text ) +{ + int rc; + struct berval nv1 = { 0, NULL }; + struct berval nv2 = { 0, NULL }; + + assert( mr != NULL ); + + if( !mr->smr_match ) { + return LDAP_INAPPROPRIATE_MATCHING; + } + + if( ad->ad_type->sat_syntax->ssyn_normalize ) { + rc = ad->ad_type->sat_syntax->ssyn_normalize( + ad->ad_type->sat_syntax, v1, &nv1 ); + + if( rc != LDAP_SUCCESS ) { + return LDAP_INAPPROPRIATE_MATCHING; + } + } + + if ( SLAP_IS_MR_VALUE_SYNTAX_NONCONVERTED_MATCH( flags ) && + mr->smr_convert ) + { + rc = (mr->smr_convert)( v2, &nv2 ); + if ( rc != LDAP_SUCCESS ) { + return LDAP_INVALID_SYNTAX; + } + + /* let smr_match know we've converted the value */ + flags |= SLAP_MR_VALUE_SYNTAX_CONVERTED_MATCH; + } + + rc = (mr->smr_match)( match, flags, + ad->ad_type->sat_syntax, + mr, + nv1.bv_val != NULL ? &nv1 : v1, + nv2.bv_val != NULL ? &nv2 : v2 ); + + if (nv1.bv_val ) free( nv1.bv_val ); + if (nv2.bv_val ) free( nv2.bv_val ); + return rc; +} + + +int value_find_ex( + AttributeDescription *ad, + unsigned flags, + BerVarray vals, + struct berval *val ) { int i; + int rc; + struct berval nval = { 0, NULL }; + MatchingRule *mr = ad->ad_type->sat_equality; + + if( mr == NULL || !mr->smr_match ) { + return LDAP_INAPPROPRIATE_MATCHING; + } - for ( i = 0; vals[i] != NULL; i++ ) { - if ( value_cmp( vals[i], v, syntax, normalize ) == 0 ) { - return( 0 ); + /* Take care of this here or ssyn_normalize later will hurt */ + if ( SLAP_IS_MR_VALUE_SYNTAX_NONCONVERTED_MATCH( flags ) + && mr->smr_convert ) + { + rc = (mr->smr_convert)( val, &nval ); + if ( rc != LDAP_SUCCESS ) { + return LDAP_INVALID_SYNTAX; + } + + /* let value_match know we've done the version */ + flags |= SLAP_MR_VALUE_SYNTAX_CONVERTED_MATCH; + } + + if( !(flags & SLAP_MR_VALUE_NORMALIZED_MATCH) && + mr->smr_syntax->ssyn_normalize ) { + struct berval nval_tmp = { 0, NULL }; + + rc = mr->smr_syntax->ssyn_normalize( + mr->smr_syntax, + nval.bv_val == NULL ? val : &nval, &nval_tmp ); + + free(nval.bv_val); + nval = nval_tmp; + if( rc != LDAP_SUCCESS ) { + free(nval.bv_val); + return LDAP_INAPPROPRIATE_MATCHING; } } - return( 1 ); + for ( i = 0; vals[i].bv_val != NULL; i++ ) { + int match; + const char *text; + + rc = value_match( &match, ad, mr, flags, + &vals[i], nval.bv_val == NULL ? val : &nval, &text ); + + if( rc == LDAP_SUCCESS && match == 0 ) { + free( nval.bv_val ); + return LDAP_SUCCESS; + } + } + + free( nval.bv_val ); + return LDAP_NO_SUCH_ATTRIBUTE; } -#endif