SLAPD_SCHEMA_NOT_COMPAT: numerous changes to syntax flags, mostly minor

author Kurt Zeilenga <kurt@openldap.org>

Thu, 18 May 2000 17:21:42 +0000 (17:21 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Thu, 18 May 2000 17:21:42 +0000 (17:21 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Thu, 18 May 2000 17:21:42 +0000 (17:21 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Thu, 18 May 2000 17:21:42 +0000 (17:21 +0000)
diff --git a/servers/slapd/ad.c b/servers/slapd/ad.c

index ff076944fc1053f55c8d86ed206d7280cb452a1c..9b9d636c8940bc1feb0a87396dae392e92bcfccc 100644 (file)
--- a/servers/slapd/ad.c
+++ b/servers/slapd/ad.c
@@ -130,14 +130,12 @@ int slap_bv2ad(
  
         for( i=1; tokens[i] != NULL; i++ ) {
                 if( strcasecmp( tokens[i], "binary" ) == 0 ) {
-                       if( desc.ad_flags & SLAP_DESC_BINARY ) {
+                       if( slap_ad_is_binary( &desc ) ) {
                                 *text = "option \"binary\" specified multiple times";
                                 goto done;
                         }
  
-                       if(!( desc.ad_type->sat_syntax->ssyn_flags
-                               & SLAP_SYNTAX_BINARY ))
-                       {
+                       if( !slap_syntax_is_binary( desc.ad_type->sat_syntax )) {
                                 /* not stored in binary, disallow option */
                                 *text = "option \"binary\" with type not supported";
                                 goto done;
@@ -166,7 +164,7 @@ int slap_bv2ad(
         desc.ad_cname = ch_malloc( sizeof( struct berval ) );
  
         desc.ad_cname->bv_len = strlen( desc.ad_type->sat_cname );
-       if( desc.ad_flags & SLAP_DESC_BINARY ) {
+       if( slap_ad_is_binary( &desc ) ) {
                 desc.ad_cname->bv_len += sizeof("binary");
         }
         if( desc.ad_lang != NULL ) {
@@ -176,7 +174,7 @@ int slap_bv2ad(
         desc.ad_cname->bv_val = ch_malloc( desc.ad_cname->bv_len + 1 );
  
         strcpy( desc.ad_cname->bv_val, desc.ad_type->sat_cname );
-       if( desc.ad_flags & SLAP_DESC_BINARY ) {
+       if( slap_ad_is_binary( &desc ) ) {
                 strcat( desc.ad_cname->bv_val, ";binary" );
         }
  
diff --git a/servers/slapd/ava.c b/servers/slapd/ava.c

index 35fba72bfd1307b5cc2f6155d757b14e93aae3ae..6e87c07af5a562eb7d4e76882dc6e1457cf8bcfe 100644 (file)
--- a/servers/slapd/ava.c
+++ b/servers/slapd/ava.c
@@ -38,10 +38,10 @@ get_ava(
  )
  {
         int rc;
-       struct berval type, *value;
+       struct berval type, value, *nvalue;
         AttributeAssertion *aa;
  
-       rc = ber_scanf( ber, "{oO}", &type, &value );
+       rc = ber_scanf( ber, "{oo}", &type, &value );
  
         if( rc == LBER_ERROR ) {
                 Debug( LDAP_DEBUG_ANY, "  get_ava ber_scanf\n", 0, 0, 0 );
@@ -56,22 +56,22 @@ get_ava(
  
         if( rc != LDAP_SUCCESS ) {
                 ch_free( type.bv_val );
-               ber_bvfree( value );
+               ch_free( value.bv_val );
                 ch_free( aa );
                 return rc;
         }
  
-       rc = value_normalize( aa->aa_desc, usage, value, text );
+       rc = value_normalize( aa->aa_desc, usage, &value, &nvalue, text );
+       ch_free( value.bv_val );
  
         if( rc != LDAP_SUCCESS ) {
                 ch_free( type.bv_val );
-               ber_bvfree( value );
                 ad_free( aa->aa_desc, 1 );
                 ch_free( aa );
                 return rc;
         }
  
-       aa->aa_value = value;
+       aa->aa_value = nvalue;
         *ava = aa;
  
         return LDAP_SUCCESS;
diff --git a/servers/slapd/back-ldbm/attr.c b/servers/slapd/back-ldbm/attr.c

index 95d47c2f9cd9a3055cdec43e6e5ed8c03cd873af..7e90bee13dbaa9c351e702e2f69889440595ac6c 100644 (file)
--- a/servers/slapd/back-ldbm/attr.c
+++ b/servers/slapd/back-ldbm/attr.c
@@ -109,39 +109,50 @@ attr_index_config(
                 if ( argc == 1 ) {
                         a->ai_indexmask = (
                                 SLAP_INDEX_PRESENCE | SLAP_INDEX_EQUALITY |
-                           SLAP_INDEX_APPROX | SLAP_INDEX_SUB);
+                           SLAP_INDEX_APPROX | SLAP_INDEX_SUBSTR);
                 } else {
                         a->ai_indexmask = 0;
                         for ( j = 0; indexes[j] != NULL; j++ ) {
-                               if ( strncasecmp( indexes[j], "pres", 4 )
-                                   == 0 ) {
+                               if ( strncasecmp( indexes[j],
+                                       "pres", sizeof("pres")-1 ) == 0 )
+                               {
                                         a->ai_indexmask |= SLAP_INDEX_PRESENCE;
-                               } else if ( strncasecmp( indexes[j], "eq", 2 )
-                                   == 0 ) {
+
+                               } else if ( strncasecmp( indexes[j],
+                                       "eq", sizeof("eq")-1 ) == 0 )
+                               {
                                         a->ai_indexmask |= SLAP_INDEX_EQUALITY;
-                               } else if ( strncasecmp( indexes[j], "approx",
-                                   6 ) == 0 ) {
+
+                               } else if ( strncasecmp( indexes[j],
+                                       "approx", sizeof("approx")-1 ) == 0 )
+                               {
                                         a->ai_indexmask |= SLAP_INDEX_APPROX;
-                               } else if ( strncasecmp( indexes[j], "sub", 3 )
-                                   == 0 ) {
-                                       a->ai_indexmask |= SLAP_INDEX_SUB;
-                               } else if ( strncasecmp( indexes[j], "none", 4 )
-                                   == 0 ) {
+
+                               } else if ( strncasecmp( indexes[j],
+                                       "sub", sizeof("sub")-1 ) == 0 )
+                               {
+                                       a->ai_indexmask |= SLAP_INDEX_SUBSTR;
+
+                               } else if ( strncasecmp( indexes[j],
+                                       "none", sizeof("none")-1 ) == 0 )
+                               {
                                         if ( a->ai_indexmask != 0 ) {
-                                               fprintf( stderr,
-"%s: line %d: index type \"none\" cannot be combined with other types\n",
+                                               fprintf( stderr, "%s: line %d: "
+                                                       "index type \"none\" cannot be combined with other types\n",
                                                     fname, lineno );
                                         }
                                         a->ai_indexmask = 0;
+
                                 } else {
-                                       fprintf( stderr,
-                       "%s: line %d: unknown index type \"%s\" (ignored)\n",
+                                       fprintf( stderr, "%s: line %d: "
+                                               "unknown index type \"%s\" (ignored)\n",
                                             fname, lineno, indexes[j] );
-                                       fprintf( stderr,
-       "valid index types are \"pres\", \"eq\", \"approx\", or \"sub\"\n" );
+                                       fprintf( stderr, "\tvalid index types are "
+                                               "\"pres\", \"eq\", \"approx\", or \"sub\"\n" );
                                 }
                         }
                 }
+
                 if ( init ) {
                         a->ai_indexmask |= SLAP_INDEX_FROMINIT;
                 }
diff --git a/servers/slapd/back-ldbm/filterindex.c b/servers/slapd/back-ldbm/filterindex.c

index c733f85952372c861456e6965959907f6274dc93..e75d7ebe3a5a25af97053c9bdb7813985646d7b2 100644 (file)
--- a/servers/slapd/back-ldbm/filterindex.c
+++ b/servers/slapd/back-ldbm/filterindex.c
@@ -333,7 +333,7 @@ substring_comp_candidates(
                 }
                 buf[SUBLEN] = '\0';
  
-               if ( (idl = index_read( be, type, SLAP_INDEX_SUB, buf )) == NULL ) {
+               if ( (idl = index_read( be, type, SLAP_INDEX_SUBSTR, buf )) == NULL ) {
                         return( NULL );
                 }
         } else if ( prepost == '$' ) {
@@ -344,7 +344,7 @@ substring_comp_candidates(
                 buf[SUBLEN - 1] = '$';
                 buf[SUBLEN] = '\0';
  
-               if ( (idl = index_read( be, type, SLAP_INDEX_SUB, buf )) == NULL ) {
+               if ( (idl = index_read( be, type, SLAP_INDEX_SUBSTR, buf )) == NULL ) {
                         return( NULL );
                 }
         }
@@ -355,7 +355,7 @@ substring_comp_candidates(
                 }
                 buf[SUBLEN] = '\0';
  
-               if ( (tmp = index_read( be, type, SLAP_INDEX_SUB, buf )) == NULL ) {
+               if ( (tmp = index_read( be, type, SLAP_INDEX_SUBSTR, buf )) == NULL ) {
                         idl_free( idl );
                         return( NULL );
                 }
diff --git a/servers/slapd/back-ldbm/index.c b/servers/slapd/back-ldbm/index.c

index 05afcf2dccc180e6a6ae480a734d9e56cedb9527..27ecee0222dccb711d1e9648e686016f3a7d2340 100644 (file)
--- a/servers/slapd/back-ldbm/index.c
+++ b/servers/slapd/back-ldbm/index.c
@@ -371,7 +371,7 @@ index_change_values(
                 /*
                  * substrings index entry
                  */
-               if ( indexmask & SLAP_INDEX_SUB ) {
+               if ( indexmask & SLAP_INDEX_SUBSTR ) {
                         /* leading and trailing */
                         if ( len > SUBLEN - 2 ) {
                                 buf[0] = '^';
@@ -380,7 +380,7 @@ index_change_values(
                                 }
                                 buf[SUBLEN] = '\0';
  
-                               change_value( be, db, at_cn, SLAP_INDEX_SUB,
+                               change_value( be, db, at_cn, SLAP_INDEX_SUBSTR,
                                               buf, id, idl_funct );
  
                                 p = val + len - SUBLEN + 1;
@@ -390,7 +390,7 @@ index_change_values(
                                 buf[SUBLEN - 1] = '$';
                                 buf[SUBLEN] = '\0';
  
-                               change_value( be, db, at_cn, SLAP_INDEX_SUB,
+                               change_value( be, db, at_cn, SLAP_INDEX_SUBSTR,
                                               buf, id, idl_funct );
                         }
  
@@ -401,7 +401,7 @@ index_change_values(
                                 }
                                 buf[SUBLEN] = '\0';
  
-                               change_value( be, db, at_cn, SLAP_INDEX_SUB,
+                               change_value( be, db, at_cn, SLAP_INDEX_SUBSTR,
                                               buf, id, idl_funct );
                         }
                 }
@@ -430,7 +430,7 @@ index2prefix( int indextype )
         case SLAP_INDEX_APPROX:
                 prefix = APPROX_PREFIX;
                 break;
-       case SLAP_INDEX_SUB:
+       case SLAP_INDEX_SUBSTR:
                 prefix = SUB_PREFIX;
                 break;
         default:
diff --git a/servers/slapd/compare.c b/servers/slapd/compare.c

index 4e228a618c4030c87d01f790b1c9b080261567af..ae91f7631d89909507e4c55c543b04f4608f6e63 100644 (file)
--- a/servers/slapd/compare.c
+++ b/servers/slapd/compare.c
@@ -33,15 +33,15 @@ do_compare(
         char    *dn = NULL, *ndn=NULL;
         struct berval desc;
         struct berval value;
-       Backend *be;
-       int rc = LDAP_SUCCESS;
-       char *text = NULL;
  #ifdef SLAPD_SCHEMA_NOT_COMPAT
+       struct berval *nvalue;
         AttributeAssertion ava;
-       ava.aa_desc = NULL;
  #else
         Ava     ava;
  #endif
+       Backend *be;
+       int rc = LDAP_SUCCESS;
+       char *text = NULL;
  
         desc.bv_val = NULL;
         value.bv_val = NULL;
@@ -106,7 +106,7 @@ do_compare(
                 goto cleanup;
         }
  
-       rc = value_normalize( ava.aa_desc, SLAP_MR_EQUALITY, &value, &text );
+       rc = value_normalize( ava.aa_desc, SLAP_MR_EQUALITY, &value, &nvalue, &text );
  
         if( rc != LDAP_SUCCESS ) {
                 send_ldap_result( conn, op, rc, NULL,
@@ -114,7 +114,7 @@ do_compare(
                 goto cleanup;
         }
  
-       ava.aa_value = &value;
+       ava.aa_value = nvalue;
  
         Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
             dn, ava.aa_desc->ad_cname, ava.aa_value->bv_val );
diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c

index 56d0947c8285a68b3a5e9664752ad94465be3d29..dc3ae72ac06b013e20b3e123e8936a3a0cbeb676 100644 (file)
--- a/servers/slapd/entry.c
+++ b/servers/slapd/entry.c
@@ -121,6 +121,7 @@ str2entry( char *s )
  
                 bval.bv_val = value;
                 bval.bv_len = vlen;
+
  #ifdef SLAPD_SCHEMA_NOT_COMPAT
                 /* not yet implemented */
  #else
diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c

index 7157aa3d9805f5fbfc116098a292f62fc6114c49..2f83a3fd1f61db73f1f7c2c13eab4f110062d47f 100644 (file)
--- a/servers/slapd/filter.c
+++ b/servers/slapd/filter.c
@@ -230,7 +230,7 @@ get_filter(
                 Debug( LDAP_DEBUG_FILTER, "APPROX\n", 0, 0, 0 );
  
  #ifdef SLAPD_SCHEMA_NOT_COMPAT
-               err = get_ava( ber, &f->f_ava, SLAP_MR_APPROX, text );
+               err = get_ava( ber, &f->f_ava, SLAP_MR_EQUALITY_APPROX, text );
  #else
                 err = get_ava( ber, &f->f_ava, text );
  #endif
@@ -374,7 +374,8 @@ get_substring_filter(
         ber_tag_t       tag;
         ber_len_t       len;
         ber_tag_t       rc;
-       struct berval *val;
+       struct berval *value;
+       struct berval *nvalue;
         char            *last;
         struct berval type;
  #ifndef SLAPD_SCHEMA_NOT_COMPAT
@@ -431,14 +432,14 @@ get_substring_filter(
         {
                 unsigned usage;
  
-               rc = ber_scanf( ber, "O", &val );
+               rc = ber_scanf( ber, "O", &value );
                 if ( rc == LBER_ERROR ) {
                         rc = SLAPD_DISCONNECT;
                         goto return_error;
                 }
  
-               if ( val == NULL || val->bv_len == 0 ) {
-                       ber_bvfree( val );
+               if ( value == NULL || value->bv_len == 0 ) {
+                       ber_bvfree( value );
                         rc = LDAP_INVALID_SYNTAX;
                         goto return_error;
                 } 
@@ -464,22 +465,24 @@ get_substring_filter(
                                 "  unknown substring choice=%ld\n",
                                 (long) tag, 0, 0 );
  
-                       ber_bvfree( val );
+                       ber_bvfree( value );
                         goto return_error;
                 }
  
-               rc = value_normalize( f->f_sub_desc, usage, val, text );
+               rc = value_normalize( f->f_sub_desc, usage, value, &nvalue, text );
+               ber_bvfree( value );
  
                 if( rc != LDAP_SUCCESS ) {
-                       ber_bvfree( val );
                         goto return_error;
                 }
+
+               value = nvalue;
  #else
  
                 /* we should call a substring syntax normalization routine */
-               value_normalize( val->bv_val, syntax );
+               value_normalize( value->bv_val, syntax );
                 /* this is bogus, value_normalize should take a berval */
-               val->bv_len = strlen( val->bv_val );
+               value->bv_len = strlen( value->bv_val );
  #endif
  
                 rc = LDAP_PROTOCOL_ERROR;
@@ -488,48 +491,47 @@ get_substring_filter(
                 case LDAP_SUBSTRING_INITIAL:
                         Debug( LDAP_DEBUG_FILTER, "  INITIAL\n", 0, 0, 0 );
                         if ( f->f_sub_initial != NULL ) {
-                               ber_bvfree( val );
+                               ber_bvfree( value );
                                 goto return_error;
                         }
  
-
-                       f->f_sub_initial = val;
+                       f->f_sub_initial = value;
  
                         if( fstr ) {
                                 *fstr = ch_realloc( *fstr,
-                                       strlen( *fstr ) + val->bv_len + 1 );
-                               strcat( *fstr, val->bv_val );
+                                       strlen( *fstr ) + value->bv_len + 1 );
+                               strcat( *fstr, value->bv_val );
                         }
                         break;
  
                 case LDAP_SUBSTRING_ANY:
                         Debug( LDAP_DEBUG_FILTER, "  ANY\n", 0, 0, 0 );
-                       if( ber_bvecadd( &f->f_sub_any, val ) < 0 ) {
-                               ber_bvfree( val );
+                       if( ber_bvecadd( &f->f_sub_any, value ) < 0 ) {
+                               ber_bvfree( value );
                                 goto return_error;
                         }
  
                         if( fstr ) {
                                 *fstr = ch_realloc( *fstr,
-                                       strlen( *fstr ) + val->bv_len + 2 );
+                                       strlen( *fstr ) + value->bv_len + 2 );
                                 strcat( *fstr, "*" );
-                               strcat( *fstr, val->bv_val );
+                               strcat( *fstr, value->bv_val );
                         }
                         break;
  
                 case LDAP_SUBSTRING_FINAL:
                         Debug( LDAP_DEBUG_FILTER, "  FINAL\n", 0, 0, 0 );
                         if ( f->f_sub_final != NULL ) {
-                               ber_bvfree( val );
+                               ber_bvfree( value );
                                 goto return_error;
                         }
-                       f->f_sub_final = val;
+                       f->f_sub_final = value;
  
                         if( fstr ) {
                                 *fstr = ch_realloc( *fstr,
-                                       strlen( *fstr ) + val->bv_len + 2 );
+                                       strlen( *fstr ) + value->bv_len + 2 );
                                 strcat( *fstr, "*" );
-                               strcat( *fstr, val->bv_val );
+                               strcat( *fstr, value->bv_val );
                         }
                         break;
  
@@ -538,7 +540,7 @@ get_substring_filter(
                                 "  unknown substring type=%ld\n",
                                 (long) tag, 0, 0 );
  
-                       ber_bvfree( val );
+                       ber_bvfree( value );
  
  return_error:
                         Debug( LDAP_DEBUG_FILTER, "  error=%ld\n",
diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c

index 181ccd8150886c3fd2bfe646159cd90e83395f86..8c96cb2abb1eeb322baf8cb3ee8e48ab8e36b962 100644 (file)
--- a/servers/slapd/modify.c
+++ b/servers/slapd/modify.c
@@ -313,8 +313,8 @@ int slap_modlist2mods(
                         return rc;
                 }
  
-               if((ad->ad_type->sat_syntax->ssyn_flags & SLAP_SYNTAX_BINARY)
-                       && !( ad->ad_flags & SLAP_DESC_BINARY ))
+               if( slap_syntax_is_binary( ad->ad_type->sat_syntax )
+                       && !slap_ad_is_binary( ad ))
                 {
                         /* attribute requires binary transfer */
                         slap_mods_free( mod );
@@ -322,6 +322,15 @@ int slap_modlist2mods(
                         return LDAP_UNDEFINED_TYPE;
                 }
  
+               if( !slap_syntax_is_binary( ad->ad_type->sat_syntax )
+                       && slap_ad_is_binary( ad ))
+               {
+                       /* attribute requires binary transfer */
+                       slap_mods_free( mod );
+                       *text = "attribute disallows ;binary transfer";
+                       return LDAP_UNDEFINED_TYPE;
+               }
+
                 if (!update && is_at_no_user_mod( ad->ad_type )) {
                         /* user modification disallowed */
                         slap_mods_free( mod );
@@ -378,7 +387,6 @@ int slap_mods_opattrs(
         Modifications **modtail,
         char **text )
  {
-       int rc;
         struct berval name, timestamp;
         time_t now = slap_get_time();
         char timebuf[22];
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h

index 8c017551575b9f7e5e8caac21f0da7d132636aa9..8229f22ee20e90783be0e6f4b4d6f2bb34cbccfa 100644 (file)
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -569,7 +569,9 @@ LIBSLAPD_F (int) oc_add LDAP_P((LDAP_OBJECT_CLASS *oc, const char **err));
  
  LIBSLAPD_F (Syntax *) syn_find LDAP_P((const char *synname));
  LIBSLAPD_F (Syntax *) syn_find_desc LDAP_P((const char *syndesc, int *slen));
-LIBSLAPD_F (int) syn_add LDAP_P((LDAP_SYNTAX *syn, int flags,
+LIBSLAPD_F (int) syn_add LDAP_P((
+       LDAP_SYNTAX *syn,
+       unsigned flags,
         slap_syntax_validate_func *validate,
         slap_syntax_transform_func *ber2str,
         slap_syntax_transform_func *str2ber,
@@ -585,12 +587,15 @@ LIBSLAPD_F (int) mr_add LDAP_P((LDAP_MATCHING_RULE *mr,
         slap_mr_filter_func *filter,
         const char **err));
  
-LIBSLAPD_F (int) register_syntax LDAP_P((char *desc, int flags,
+LIBSLAPD_F (int) register_syntax LDAP_P((
+       char *desc,
+       unsigned flags,
         slap_syntax_validate_func *validate,
         slap_syntax_transform_func *ber2str,
         slap_syntax_transform_func *str2ber ));
  
-LIBSLAPD_F (int) register_matching_rule LDAP_P((char * desc,
+LIBSLAPD_F (int) register_matching_rule LDAP_P((
+       char * desc,
         unsigned usage,
         slap_mr_convert_func *convert,
         slap_mr_normalize_func *normalize,
@@ -667,15 +672,16 @@ LIBSLAPD_F (char *) suffix_alias LDAP_P(( Backend *be, char *ndn ));
  LIBSLAPD_F (int) value_normalize LDAP_P((
         AttributeDescription *ad,
         unsigned usage,
-       struct berval *val,
+       struct berval *in,
+       struct berval **out,
         char ** text ));
  #else
  LIBSLAPD_F (int) value_add_fast LDAP_P(( struct berval ***vals, struct berval **addvals, int nvals, int naddvals, int *maxvals ));
-LIBSLAPD_F (int) value_add LDAP_P(( struct berval ***vals, struct berval **addvals ));
  LIBSLAPD_F (void) value_normalize LDAP_P(( char *s, int syntax ));
  LIBSLAPD_F (int) value_cmp LDAP_P(( struct berval *v1, struct berval *v2, int syntax, int normalize ));
  LIBSLAPD_F (int) value_find LDAP_P(( struct berval **vals, struct berval *v, int syntax, int normalize ));
  #endif
+LIBSLAPD_F (int) value_add LDAP_P(( struct berval ***vals, struct berval **addvals ));
  
  /*
   * user.c
diff --git a/servers/slapd/schema/core.schema b/servers/slapd/schema/core.schema

index 40b7bf0bcc6e968ba0888392386cdcb2cc13c67c..06cfe644b13302b1a7eff7807534c92e42d7b487 100644 (file)
--- a/servers/slapd/schema/core.schema
+++ b/servers/slapd/schema/core.schema
@@ -82,14 +82,6 @@ attributetype ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms'
  attributetype ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion'
       SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation )
  
-attributetype ( supportedACIMechanismsOID NAME 'supportedACIMechanisms'
-     DESC 'list of access control mechanisms supported by this directory server'
-     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38  USAGE dSAOperation )
-
-attributetype ( aCIMechanismOID NAME 'aCIMechanism'
-     DESC 'list of access control mechanism supported in this subtree'
-     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38  USAGE dSAOperation )
-
  # LDAP Subschema Atrribute from RFC2252
  
  attributetype ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
@@ -588,3 +580,20 @@ objectclass ( 1.3.6.1.4.1.4203.666.3.2
         NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' )
         DESC 'OpenLDAP Root DSE object'
         SUP top STRUCTURAL MAY cn )
+
+#
+# IETF LDAPext WG Access Control Model
+#      likely to change!
+attributetype ( supportedACIMechanismsOID NAME 'supportedACIMechanisms'
+     DESC 'list of access control mechanisms supported by this directory server'
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38  USAGE dSAOperation )
+
+attributetype ( aCIMechanismOID NAME 'aCIMechanism'
+     DESC 'list of access control mechanism supported in this subtree'
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38  USAGE dSAOperation )
+
+attributetype ( ldapACIOID NAME 'ldapACI'
+       DESC 'LDAP access control information'
+       EQUALITY caseIgnoreMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+       USAGE directoryOperation )
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c

index abbdfc8caa3f9245f2789c2aec2e4686fbd95441..c6ec2dda3978cddbdfe853c2f8c2643a3f564738 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -16,8 +16,9 @@
  #include "slap.h"
  #include "ldap_pvt.h"
  
+#define berValidate blobValidate
  static int
-octetStringValidate(
+blobValidate(
         Syntax *syntax,
         struct berval *in )
  {
@@ -150,18 +151,21 @@ IA5StringConvert(
         struct berval *in,
         struct berval **out )
  {
-       ber_len_t i;
+       ldap_unicode_t *u;
+       ber_len_t i, len = in->bv_len;
         struct berval *bv = ch_malloc( sizeof(struct berval) );
-       bv->bv_len = (in->bv_len+1) * sizeof( ldap_unicode_t );
-       bv->bv_val = ch_malloc( bv->bv_len );
  
-       for(i=0; i < in->bv_len; i++ ) {
+       bv->bv_len = len * sizeof( ldap_unicode_t );
+       bv->bv_val = (char *) u = ch_malloc( bv->bv_len + sizeof( ldap_unicode_t ) );;
+
+       for(i=0; i < len; i++ ) {
                 /*
                  * IA5StringValidate should have been called to ensure
                  * input is limited to IA5.
                  */
-               bv->bv_val[i] = in->bv_val[i];
+               u[i] = in->bv_val[i];
         }
+       u[i] = 0;
  
         *out = bv;
         return 0;
@@ -269,27 +273,33 @@ struct syntax_defs_rec {
         slap_syntax_transform_func *sd_str2ber;
  };
  
+#define X_BINARY ""
+#define X_NOT_H_R ""
+
  struct syntax_defs_rec syntax_defs[] = {
-       {"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' " X_BINARY X_NOT_H_R ")",
+               SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' " X_NOT_H_R ")",
+               0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type Description' )",
                 0, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' " X_NOT_H_R ")",
+               SLAP_SYNTAX_BLOB, blobValidate, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' " X_BINARY X_NOT_H_R ")",
+               SLAP_SYNTAX_BER, berValidate, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )",
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )",
                 0, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' "
+               X_BINARY X_NOT_H_R ")",
+               SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' "
+               X_BINARY X_NOT_H_R ")",
+               SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair'
+               " X_BINARY X_NOT_H_R ")",
+               SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )",
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'DN' )",
@@ -312,8 +322,8 @@ struct syntax_defs_rec syntax_defs[] = {
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )",
                 0, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' " X_NOT_H_R ")",
+               SLAP_SYNTAX_BLOB, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )",
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )",
@@ -322,8 +332,8 @@ struct syntax_defs_rec syntax_defs[] = {
                 0, IA5StringValidate, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )",
                 0, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' " X_NOT_H_R ")",
+               SLAP_SYNTAX_BLOB, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Access Points' )",
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Description' )",
@@ -347,7 +357,7 @@ struct syntax_defs_rec syntax_defs[] = {
         {"( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )",
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )",
-               0, octetStringValidate, NULL, NULL},
+               NULL, blobValidate, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )",
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol Information' )",
@@ -356,8 +366,9 @@ struct syntax_defs_rec syntax_defs[] = {
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )",
                 0, NULL, NULL, NULL},
-       {"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' )",
-               SLAP_SYNTAX_BINARY, NULL, NULL, NULL},
+       {"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' "
+               X_BINARY X_NOT_H_R ")",
+               SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )",
                 0, NULL, NULL, NULL},
         {"( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )",
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h

index 69b541c53710b9957f54470329fa5434563ad562..69e08bf0dc32ded50d3c50a2723df6285a3e9e6b 100644 (file)
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -105,7 +105,7 @@ LIBSLAPD_F (int) slap_debug;
  #define SLAP_INDEX_PRESENCE      0x0001U
  #define SLAP_INDEX_EQUALITY      0x0002U
  #define SLAP_INDEX_APPROX        0x0004U
-#define SLAP_INDEX_SUB           0x0008U
+#define SLAP_INDEX_SUBSTR        0x0008U
  #define SLAP_INDEX_EXTENDED             0x0010U
  #define SLAP_INDEX_UNDEFINED     0x1000U
  #define SLAP_INDEX_FROMINIT      0x8000U       /* psuedo type */
@@ -147,22 +147,32 @@ typedef int slap_syntax_transform_func LDAP_P((
  
  typedef struct slap_syntax {
         LDAP_SYNTAX                     ssyn_syn;
+#define ssyn_oid               ssyn_syn.syn_oid
+#define ssyn_desc              ssyn_syn.syn_desc
+
         unsigned        ssyn_flags;
  
  #define SLAP_SYNTAX_NONE       0x0U
-#define SLAP_SYNTAX_BINARY     0x1U
+#define SLAP_SYNTAX_BLOB       0x1U /* syntax treated as blob (audio) */
+#define SLAP_SYNTAX_BINARY     0x2U /* binary transfer required (certificate) */
+#define SLAP_SYNTAX_BER                0x4U /* stored using BER encoding (binary,certificate) */
  
         slap_syntax_validate_func       *ssyn_validate;
  
+#ifdef SLAPD_BINARY_CONVERSION
         /* convert to and from binary */
         slap_syntax_transform_func      *ssyn_ber2str;
         slap_syntax_transform_func      *ssyn_str2ber;
+#endif
  
         struct slap_syntax              *ssyn_next;
-#define ssyn_oid                       ssyn_syn.syn_oid
-#define ssyn_desc                      ssyn_syn.syn_desc
  } Syntax;
  
+#define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0)
+#define slap_syntax_is_blob(s)         slap_syntax_is_flag((s),SLAP_SYNTAX_BLOB)
+#define slap_syntax_is_binary(s)       slap_syntax_is_flag((s),SLAP_SYNTAX_BINARY)
+#define slap_syntax_is_ber(s)          slap_syntax_is_flag((s),SLAP_SYNTAX_BER)
+
  /* XXX -> UCS-2 Converter */
  typedef int slap_mr_convert_func LDAP_P((
         struct berval * in,
@@ -211,14 +221,15 @@ typedef struct slap_matching_rule {
  
  #define SLAP_MR_NONE                   0x0000U
  #define SLAP_MR_EQUALITY               0x0100U
-#define SLAP_MR_APPROX                 0x0200U
-#define SLAP_MR_ORDERING               0x0400U
-#define SLAP_MR_SUBSTR                 0x0800U
-#define SLAP_MR_EXT                            0x1000U
+#define SLAP_MR_ORDERING               0x0200U
+#define SLAP_MR_SUBSTR                 0x0400U
+#define SLAP_MR_EXT                            0x0800U
  
-#define SLAP_MR_SUBSTR_INITIAL (SLAP_MR_SUBSTR | 0x0001U )
-#define SLAP_MR_SUBSTR_ANY             (SLAP_MR_SUBSTR | 0x0002U )
-#define SLAP_MR_SUBSTR_FINAL   (SLAP_MR_SUBSTR | 0x0004U )
+#define SLAP_MR_EQUALITY_APPROX        ( SLAP_MR_EQUALITY | 0x0001U )
+
+#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0001U )
+#define SLAP_MR_SUBSTR_ANY             ( SLAP_MR_SUBSTR | 0x0002U )
+#define SLAP_MR_SUBSTR_FINAL   ( SLAP_MR_SUBSTR | 0x0004U )
  
         Syntax                                  *smr_syntax;
         slap_mr_convert_func    *smr_convert;
@@ -300,6 +311,8 @@ typedef struct slap_attr_desc {
  #define SLAP_DESC_BINARY       0x1U
  } AttributeDescription;
  
+#define slap_ad_is_binary(ad)  ( (int)((ad)->ad_flags & SLAP_DESC_BINARY) ? 1 : 0 )
+
  /*
   * pointers to schema elements used internally
   */
diff --git a/servers/slapd/syntax.c b/servers/slapd/syntax.c

index 3d151a9a514b83f751900af92c3cd8ab2514d12f..ef968fb189682767f25a8c5680bfe4714fae4618 100644 (file)
--- a/servers/slapd/syntax.c
+++ b/servers/slapd/syntax.c
@@ -102,7 +102,7 @@ syn_insert(
  int
  syn_add(
      LDAP_SYNTAX                *syn,
-       int flags,
+       unsigned flags,
      slap_syntax_validate_func  *validate,
      slap_syntax_transform_func *ber2str,
      slap_syntax_transform_func *str2ber,
@@ -113,20 +113,27 @@ syn_add(
         int             code;
  
         ssyn = (Syntax *) ch_calloc( 1, sizeof(Syntax) );
-       memcpy( &ssyn->ssyn_syn, syn, sizeof(LDAP_SYNTAX));
+
+       memcpy( &ssyn->ssyn_syn, syn, sizeof(LDAP_SYNTAX) );
+
+       ssyn->ssyn_next = NULL;
  
         ssyn->ssyn_flags = flags;
         ssyn->ssyn_validate = validate;
+
+#ifdef SLAPD_BINARY_CONVERSION
         ssyn->ssyn_ber2str = ber2str;
         ssyn->ssyn_str2ber = str2ber;
+#endif
  
-       code = syn_insert(ssyn,err);
+       code = syn_insert(ssyn, err);
         return code;
  }
  
  int
  register_syntax(
-       char * desc, int flags,
+       char * desc,
+       unsigned flags,
         slap_syntax_validate_func *validate,
         slap_syntax_transform_func *ber2str,
         slap_syntax_transform_func *str2ber )
diff --git a/servers/slapd/value.c b/servers/slapd/value.c

index cc42578a64db6516812e03abdf457c10c9166762..9c922607015d6a971fcf08d7c62b07c37f648396 100644 (file)
--- a/servers/slapd/value.c
+++ b/servers/slapd/value.c
@@ -92,10 +92,51 @@ int
  value_normalize(
         AttributeDescription *ad,
         unsigned usage,
-       struct berval *val,
+       struct berval *in,
+       struct berval **out,
         char **text )
  {
-       /* not yet implemented */
+       int rc;
+       MatchingRule *mr;
+
+       switch( usage & SLAP_MR_TYPE_MASK ) {
+       case SLAP_MR_NONE:
+       case SLAP_MR_EQUALITY:
+               mr = ad->ad_type->sat_equality;
+               break;
+       case SLAP_MR_ORDERING:
+               mr = ad->ad_type->sat_ordering;
+               break;
+       case SLAP_MR_SUBSTR:
+               mr = ad->ad_type->sat_substr;
+               break;
+       case SLAP_MR_EXT:
+       default:
+               assert( 0 );
+               *text = "internal error";
+               return LDAP_OTHER;
+       }
+
+       if( mr == NULL ) {
+               *text = "inappropriate matching request";
+               return LDAP_INAPPROPRIATE_MATCHING;
+       }
+
+       /* we only support equality matching of binary attributes */
+       if( slap_ad_is_binary( ad ) && usage != SLAP_MR_EQUALITY ) {
+               *text = "inappropriate binary matching";
+               return LDAP_INAPPROPRIATE_MATCHING;
+       }
+
+       rc = (mr->smr_normalize)( usage,
+               ad->ad_type->sat_syntax,
+               mr, in, out );
+
+       if( rc != LDAP_SUCCESS ) {
+               *text = "unable to normalize value";
+               return LDAP_INVALID_SYNTAX;
+       }
+
         return LDAP_SUCCESS;
  }
author	Kurt Zeilenga <kurt@openldap.org>
	Thu, 18 May 2000 17:21:42 +0000 (17:21 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Thu, 18 May 2000 17:21:42 +0000 (17:21 +0000)
servers/slapd/ad.c		patch \| blob \| history
servers/slapd/ava.c		patch \| blob \| history
servers/slapd/back-ldbm/attr.c		patch \| blob \| history
servers/slapd/back-ldbm/filterindex.c		patch \| blob \| history
servers/slapd/back-ldbm/index.c		patch \| blob \| history
servers/slapd/compare.c		patch \| blob \| history
servers/slapd/entry.c		patch \| blob \| history
servers/slapd/filter.c		patch \| blob \| history
servers/slapd/modify.c		patch \| blob \| history
servers/slapd/proto-slap.h		patch \| blob \| history
servers/slapd/schema/core.schema		patch \| blob \| history
servers/slapd/schema_init.c		patch \| blob \| history
servers/slapd/slap.h		patch \| blob \| history
servers/slapd/syntax.c		patch \| blob \| history
servers/slapd/value.c		patch \| blob \| history