+int
+ldap_back_filter_map_rewrite(
+ dncookie *dc,
+ Filter *f,
+ struct berval *fstr,
+ int remap )
+{
+ int rc;
+ dncookie fdc;
+ struct berval ftmp;
+
+ rc = ldap_back_int_filter_map_rewrite( dc, f, fstr, remap );
+
+#ifdef ENABLE_REWRITE
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ fdc = *dc;
+ ftmp = *fstr;
+
+ fdc.ctx = "searchFilter";
+
+ switch ( rewrite_session( fdc.rwmap->rwm_rw, fdc.ctx,
+ ( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : "" ),
+ fdc.conn, &fstr->bv_val ) )
+ {
+ case REWRITE_REGEXEC_OK:
+ if ( !BER_BVISNULL( fstr ) ) {
+ fstr->bv_len = strlen( fstr->bv_val );
+ } else {
+ *fstr = ftmp;
+ }
+ Debug( LDAP_DEBUG_ARGS,
+ "[rw] %s: \"%s\" -> \"%s\"\n",
+ fdc.ctx, ftmp.bv_val, fstr->bv_val );
+ rc = LDAP_SUCCESS;
+ break;
+
+ case REWRITE_REGEXEC_UNWILLING:
+ if ( fdc.rs ) {
+ fdc.rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ fdc.rs->sr_text = "Operation not allowed";
+ }
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ break;
+
+ case REWRITE_REGEXEC_ERR:
+ if ( fdc.rs ) {
+ fdc.rs->sr_err = LDAP_OTHER;
+ fdc.rs->sr_text = "Rewrite error";
+ }
+ rc = LDAP_OTHER;
+ break;
+ }
+#endif /* ENABLE_REWRITE */
+
+ return rc;
+}
+
+int
+ldap_back_referral_result_rewrite(
+ dncookie *dc,
+ BerVarray a_vals
+)
+{
+ int i, last;
+
+ assert( dc );
+ assert( a_vals );
+
+ for ( last = 0; !BER_BVISNULL( &a_vals[ last ] ); last++ )
+ ;
+ last--;
+
+ for ( i = 0; !BER_BVISNULL( &a_vals[ i ] ); i++ ) {
+ struct berval dn, olddn;
+ int rc;
+ LDAPURLDesc *ludp;
+
+ rc = ldap_url_parse( a_vals[ i ].bv_val, &ludp );
+ if ( rc != LDAP_URL_SUCCESS ) {
+ /* leave attr untouched if massage failed */
+ continue;
+ }
+
+ ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
+
+ rc = ldap_back_dn_massage( dc, &olddn, &dn );
+ switch ( rc ) {
+ case LDAP_UNWILLING_TO_PERFORM:
+ /*
+ * FIXME: need to check if it may be considered
+ * legal to trim values when adding/modifying;
+ * it should be when searching (e.g. ACLs).
+ */
+ LBER_FREE( a_vals[ i ].bv_val );
+ if ( last > i ) {
+ a_vals[ i ] = a_vals[ last ];
+ }
+ BER_BVZERO( &a_vals[ last ] );
+ last--;
+ i--;
+ break;
+
+ default:
+ /* leave attr untouched if massage failed */
+ if ( !BER_BVISNULL( &dn ) && olddn.bv_val != dn.bv_val )
+ {
+ char *newurl;
+
+ ludp->lud_dn = dn.bv_val;
+ newurl = ldap_url_desc2str( ludp );
+ if ( newurl == NULL ) {
+ /* FIXME: leave attr untouched
+ * even if ldap_url_desc2str failed... */
+ break;
+ }
+
+ LBER_FREE( a_vals[ i ].bv_val );
+ ber_str2bv( newurl, 0, 1, &a_vals[ i ] );
+ LDAP_FREE( newurl );
+ ludp->lud_dn = olddn.bv_val;
+ }
+ break;
+ }
+
+ ldap_free_urldesc( ludp );
+ }
+
+ return 0;
+}
+