use dnPretty instead of dn_pretty

diff --git a/servers/slapd/add.c b/servers/slapd/add.c
index 15018e1cb499eef038ff57035df4edd37dc1572d..35710236ca0174866e8a780013958fb1ebe42bd5 100644 (file)
--- a/servers/slapd/add.c
+++ b/servers/slapd/add.c
@@ -35,7 +35,7 @@ do_add( Connection *conn, Operation *op )
 {
        BerElement      *ber = op->o_ber;
        char            *last;
-       struct berval dn;
+       struct berval dn = { 0, NULL };
        ber_len_t       len;
        ber_tag_t       tag;
        Entry           *e;
@@ -79,30 +79,58 @@ do_add( Connection *conn, Operation *op )
        }
 
        e = (Entry *) ch_calloc( 1, sizeof(Entry) );
-
-       e->e_dn = dn_pretty( dn.bv_val );
-       e->e_ndn = dn_normalize( dn.bv_val );
+       e->e_dn = NULL;
+       e->e_ndn = NULL;
        e->e_attrs = NULL;
        e->e_private = NULL;
 
-       if ( e->e_ndn == NULL ) {
+       {
+               struct berval *pdn;
+               rc = dnPretty( NULL, &dn, &pdn );
+
+               if( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
-               LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
-                       "do_add: conn %d         invalid dn (%s)\n", conn->c_connid,
-                       dn.bv_val ));
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                               "do_add: conn %d invalid dn (%s)\n", conn->c_connid,
+                               dn.bv_val ));
 #else
-               Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 );
+                       Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 );
 #endif
-               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
-                   "invalid DN", NULL, NULL );
-               goto done;
+                       send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                           "invalid DN", NULL, NULL );
+                       goto done;
+               }
+
+               e->e_dn = pdn->bv_val;
+               free( pdn );
+       }
+
+       {
+               struct berval *ndn;
+               rc = dnNormalize( NULL, &dn, &ndn );
+
+               if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                               "do_add: conn %d invalid dn (%s)\n", conn->c_connid,
+                               dn.bv_val ));
+#else
+                       Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 );
+#endif
+                       send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                           "invalid DN", NULL, NULL );
+                       goto done;
+               }
+
+               e->e_ndn = ndn->bv_val;
+               free( ndn );
        }
 
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
-               "do_add: conn %d  ndn (%s)\n", conn->c_connid, e->e_ndn ));
+               "do_add: conn %d  dn (%s)\n", conn->c_connid, e->e_dn ));
 #else
-       Debug( LDAP_DEBUG_ARGS, "do_add: ndn (%s)\n", e->e_ndn, 0, 0 );
+       Debug( LDAP_DEBUG_ARGS, "do_add: dn (%s)\n", e->e_dn, 0, 0 );
 #endif
 
        /* get the attrs */
@@ -132,8 +160,8 @@ do_add( Connection *conn, Operation *op )
                if ( mod->ml_bvalues == NULL ) {
 #ifdef NEW_LOGGING
                        LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                                  "do_add: conn %d      no values for type %s\n",
-                                  conn->c_connid, mod->ml_type ));
+                               "do_add: conn %d         no values for type %s\n",
+                               conn->c_connid, mod->ml_type ));
 #else
                        Debug( LDAP_DEBUG_ANY, "no values for type %s\n",
                                mod->ml_type, 0, 0 );
@@ -152,7 +180,7 @@ do_add( Connection *conn, Operation *op )
        if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
-                          "do_add: conn %d      ber_scanf failed\n", conn->c_connid ));
+                       "do_add: conn %d ber_scanf failed\n", conn->c_connid ));
 #else
                Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 );
 #endif
@@ -165,7 +193,7 @@ do_add( Connection *conn, Operation *op )
        if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                          "do_add: conn %d      get_ctrls failed\n", conn->c_connid ));
+                       "do_add: conn %d get_ctrls failed\n", conn->c_connid ));
 #else
                Debug( LDAP_DEBUG_ANY, "do_add: get_ctrls failed\n", 0, 0, 0 );
 #endif
@@ -179,7 +207,7 @@ do_add( Connection *conn, Operation *op )
        }
 
        Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d ADD dn=\"%s\"\n",
-           op->o_connid, op->o_opid, e->e_ndn, 0, 0 );
+           op->o_connid, op->o_opid, e->e_dn, 0, 0 );
 
        if( e->e_ndn == NULL || *e->e_ndn == '\0' ) {
                /* protocolError may be a more appropriate error */
@@ -190,7 +218,6 @@ do_add( Connection *conn, Operation *op )
 
 #if defined( SLAPD_SCHEMA_DN )
        } else if ( strcasecmp( e->e_ndn, SLAPD_SCHEMA_DN ) == 0 ) {
-               /* protocolError may be a more appropriate error */
                send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS,
                        NULL, "subschema subentry already exists",
                        NULL, NULL );
@@ -320,6 +347,8 @@ do_add( Connection *conn, Operation *op )
        }
 
 done:
+       free( dn.bv_val );
+
        if( modlist != NULL ) {
                slap_modlist_free( modlist );
        }

diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index 6d2b83563e327dc683229dd193e4d1b6af0c0fc9..d2747a0b67e16469e516b39cd189f2239eca83ee 100644 (file)
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -33,17 +33,18 @@ do_bind(
     Operation  *op
 )
 {
-       BerElement      *ber = op->o_ber;
-       ber_int_t               version;
+       BerElement *ber = op->o_ber;
+       ber_int_t version;
        ber_tag_t method;
-       char            *mech;
+       char *mech = NULL;
        struct berval dn = { 0, NULL };
-       char *ndn;
-       ber_tag_t       tag;
-       int                     rc = LDAP_SUCCESS;
-       const char      *text;
-       struct berval   cred;
-       Backend         *be;
+       struct berval *pdn = NULL;
+       struct berval *ndn = NULL;
+       ber_tag_t tag;
+       int     rc = LDAP_SUCCESS;
+       const char *text;
+       struct berval cred = { 0, NULL };
+       Backend *be;
 
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
@@ -52,10 +53,6 @@ do_bind(
        Debug( LDAP_DEBUG_TRACE, "do_bind\n", 0, 0, 0 );
 #endif
 
-       ndn = NULL;
-       mech = NULL;
-       cred.bv_val = NULL;
-
        /*
         * Force to connection to "anonymous" until bind succeeds.
         */
@@ -152,9 +149,23 @@ do_bind(
                goto cleanup;
        } 
 
-       ndn = ch_strdup( dn.bv_val );
+       rc = dnPretty( NULL, &dn, &pdn );
+       if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_bind: conn %d  invalid dn (%s)\n",
+                       conn->c_connid, dn.bv_val ));
+#else
+               Debug( LDAP_DEBUG_ANY, "bind: invalid dn (%s)\n",
+                       dn.bv_val, 0, 0 );
+#endif
+               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                   "invalid DN", NULL, NULL );
+               goto cleanup;
+       }
 
-       if ( dn_normalize( ndn ) == NULL ) {
+       rc = dnNormalize( NULL, &dn, &ndn );
+       if ( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
                        "do_bind: conn %d  invalid dn (%s)\n",
@@ -172,27 +183,28 @@ do_bind(
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation",  LDAP_LEVEL_DETAIL1,
                        "do_sasl_bind: conn %d  dn (%s) mech %s\n", conn->c_connid,
-                       dn.bv_val, mech ));
+                       pdn->bv_val, mech ));
 #else
                Debug( LDAP_DEBUG_TRACE, "do_sasl_bind: dn (%s) mech %s\n",
-                       dn.bv_val, mech, NULL );
+                       pdn->bv_val, mech, NULL );
 #endif
+
        } else {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1,
                        "do_bind: conn %d  version=%ld dn=\"%s\" method=%ld\n",
                        conn->c_connid, (unsigned long) version,
-                       dn.bv_val, (unsigned long)method ));
+                       pdn->bv_val, (unsigned long)method ));
 #else
                Debug( LDAP_DEBUG_TRACE,
                        "do_bind: version=%ld dn=\"%s\" method=%ld\n",
                        (unsigned long) version,
-                       dn.bv_val, (unsigned long) method );
+                       pdn->bv_val, (unsigned long) method );
 #endif
        }
 
        Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d BIND dn=\"%s\" method=%ld\n",
-           op->o_connid, op->o_opid, ndn, (unsigned long) method, 0 );
+           op->o_connid, op->o_opid, pdn->bv_val, (unsigned long) method, 0 );
 
        if ( version < LDAP_VERSION_MIN || version > LDAP_VERSION_MAX ) {
 #ifdef NEW_LOGGING
@@ -277,7 +289,9 @@ do_bind(
                ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
 
                edn = NULL;
-               rc = slap_sasl_bind( conn, op, dn.bv_val, ndn, &cred, &edn, &ssf );
+               rc = slap_sasl_bind( conn, op,
+                       pdn->bv_val, ndn->bv_val,
+                       &cred, &edn, &ssf );
 
                ldap_pvt_thread_mutex_lock( &conn->c_mutex );
                if( rc == LDAP_SUCCESS ) {
@@ -331,7 +345,7 @@ do_bind(
 
        if ( method == LDAP_AUTH_SIMPLE ) {
                /* accept "anonymous" binds */
-               if ( cred.bv_len == 0 || ndn == NULL || *ndn == '\0' ) {
+               if ( cred.bv_len == 0 || ndn->bv_len == 0 ) {
                        rc = LDAP_SUCCESS;
                        text = NULL;
 
@@ -341,7 +355,7 @@ do_bind(
                                /* cred is not empty, disallow */
                                rc = LDAP_INVALID_CREDENTIALS;
 
-                       } else if ( ndn != NULL && *ndn != '\0' &&
+                       } else if ( ndn->bv_len &&
                                !( global_allows & SLAP_ALLOW_BIND_ANON_DN ))
                        {
                                /* DN is not empty, disallow */
@@ -437,10 +451,10 @@ do_bind(
         * if we don't hold it.
         */
 
-       if ( (be = select_backend( ndn, 0, 0 )) == NULL ) {
+       if ( (be = select_backend( ndn->bv_val, 0, 0 )) == NULL ) {
                if ( default_referral ) {
                        struct berval **ref = referral_rewrite( default_referral,
-                               NULL, dn.bv_val, LDAP_SCOPE_DEFAULT );
+                               NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT );
 
                        send_ldap_result( conn, op, rc = LDAP_REFERRAL,
                                NULL, NULL, ref ? ref : default_referral, NULL );
@@ -472,15 +486,17 @@ do_bind(
                char *edn = NULL;
 
                /* deref suffix alias if appropriate */
-               ndn = suffix_alias( be, ndn );
+               ndn->bv_val = suffix_alias( be, ndn->bv_val );
+               ndn->bv_len = strlen( ndn->bv_val );
 
-               ret = (*be->be_bind)( be, conn, op, dn.bv_val, ndn,
+               ret = (*be->be_bind)( be, conn, op,
+                       pdn->bv_val, ndn->bv_val,
                        method, &cred, &edn );
 
                if ( ret == 0 ) {
                        ldap_pvt_thread_mutex_lock( &conn->c_mutex );
 
-                       conn->c_cdn = dn.bv_val;
+                       conn->c_cdn = pdn->bv_val;
                        dn.bv_val = NULL;
                        dn.bv_len = 0;
 
@@ -489,8 +505,9 @@ do_bind(
                        } else {
                                conn->c_dn = ch_strdup( conn->c_cdn );
                        }
-                       conn->c_ndn = ndn;
-                       ndn = NULL;
+                       conn->c_ndn = ndn->bv_val;
+                       ndn->bv_val = NULL;
+                       ndn->bv_len = 0;
 
                        if( conn->c_dn != NULL ) {
                                ber_len_t max = sockbuf_max_incoming;
@@ -503,7 +520,8 @@ do_bind(
                                "do_bind: conn %d  v%d bind: \"%s\" to \"%s\" \n",
                                conn->c_connid, version, conn->c_cdn, conn->c_dn ));
 #else
-                       Debug( LDAP_DEBUG_TRACE, "do_bind: v%d bind: \"%s\" to \"%s\"\n",
+                       Debug( LDAP_DEBUG_TRACE,
+                               "do_bind: v%d bind: \"%s\" to \"%s\"\n",
                                version, conn->c_cdn, conn->c_dn );
 #endif
 
@@ -519,13 +537,17 @@ do_bind(
 
        } else {
                send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-                       NULL, "operation not supported within namingContext", NULL, NULL );
+                       NULL, "operation not supported within namingContext",
+                       NULL, NULL );
        }
 
 cleanup:
        free( dn.bv_val );
+       if( pdn != NULL ) {
+               ber_bvfree( pdn );
+       }
        if( ndn != NULL ) {
-               free( ndn );
+               ber_bvfree( ndn );
        }
        if ( mech != NULL ) {
                free( mech );

diff --git a/servers/slapd/compare.c b/servers/slapd/compare.c
index e751f4fb1fcb5cc2115057c27c972995b75b62ca..686457b4120ba1577f7bf5b9eeb3a79b555cba42 100644 (file)
--- a/servers/slapd/compare.c
+++ b/servers/slapd/compare.c
@@ -37,9 +37,10 @@ do_compare(
 {
        Entry *entry = NULL;
        struct berval dn = { 0, NULL };
-       char *ndn = NULL;
-       struct berval desc;
-       struct berval value;
+       struct berval *pdn = NULL;
+       struct berval *ndn = NULL;
+       struct berval desc = { 0, NULL };
+       struct berval value = { 0, NULL };
        struct berval *nvalue;
        AttributeAssertion ava;
        Backend *be;
@@ -48,8 +49,6 @@ do_compare(
        int manageDSAit;
 
        ava.aa_desc = NULL;
-       desc.bv_val = NULL;
-       value.bv_val = NULL;
 
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
@@ -117,9 +116,23 @@ do_compare(
                goto cleanup;
        } 
 
-       ndn = ch_strdup( dn.bv_val );
+       rc = dnPretty( NULL, &dn, &pdn );
+       if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_compare: conn %d  invalid dn (%s)\n",
+                       conn->c_connid, dn.bv_val ));
+#else
+               Debug( LDAP_DEBUG_ANY,
+                       "do_compare: invalid dn (%s)\n", dn.bv_val, 0, 0 );
+#endif
+               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                   "invalid DN", NULL, NULL );
+               goto cleanup;
+       }
 
-       if( dn_normalize( ndn ) == NULL ) {
+       rc = dnNormalize( NULL, &dn, &ndn );
+       if( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
                        "do_compare: conn %d  invalid dn (%s)\n",
@@ -147,20 +160,20 @@ do_compare(
 
        ava.aa_value = nvalue;
 
-       if( strcasecmp( ndn, LDAP_ROOT_DSE ) == 0 ) {
+       if( strcasecmp( ndn->bv_val, LDAP_ROOT_DSE ) == 0 ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
                        "do_compare: conn %d  dn (%s) attr(%s) value (%s)\n",
-                       conn->c_connid, dn.bv_val, ava.aa_desc->ad_cname.bv_val,
-                       ava.aa_value->bv_val ));
+                       conn->c_connid, pdn->bv_val,
+                       ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val ));
 #else
                Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
-                       dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val );
+                       pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val );
 #endif
 
                Statslog( LDAP_DEBUG_STATS,
                        "conn=%ld op=%d CMP dn=\"%s\" attr=\"%s\"\n",
-                       op->o_connid, op->o_opid, dn.bv_val,
+                       op->o_connid, op->o_opid, pdn->bv_val,
                        ava.aa_desc->ad_cname.bv_val, 0 );
 
                rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
@@ -175,20 +188,20 @@ do_compare(
                        goto cleanup;
                }
 
-       } else if ( strcasecmp( ndn, SLAPD_SCHEMA_DN ) == 0 ) {
+       } else if ( strcasecmp( ndn->bv_val, SLAPD_SCHEMA_DN ) == 0 ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
                        "do_compare: conn %d  dn (%s) attr(%s) value (%s)\n",
-                       conn->c_connid, dn.bv_val, ava.aa_desc->ad_cname.bv_val,
+                       conn->c_connid, pdn->bv_val, ava.aa_desc->ad_cname.bv_val,
                        ava.aa_value->bv_val ));
 #else
                Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
-                       dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val );
+                       pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val );
 #endif
 
                Statslog( LDAP_DEBUG_STATS,
                        "conn=%ld op=%d CMP dn=\"%s\" attr=\"%s\"\n",
-                       op->o_connid, op->o_opid, dn.bv_val,
+                       op->o_connid, op->o_opid, pdn->bv_val,
                        ava.aa_desc->ad_cname.bv_val, 0 );
 
                rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
@@ -226,9 +239,9 @@ do_compare(
         * appropriate one, or send a referral to our "referral server"
         * if we don't hold it.
         */
-       if ( (be = select_backend( ndn, manageDSAit, 0 )) == NULL ) {
+       if ( (be = select_backend( ndn->bv_val, manageDSAit, 0 )) == NULL ) {
                struct berval **ref = referral_rewrite( default_referral,
-                       NULL, dn.bv_val, LDAP_SCOPE_DEFAULT );
+                       NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT );
 
                send_ldap_result( conn, op, rc = LDAP_REFERRAL,
                        NULL, NULL, ref ? ref : default_referral, NULL );
@@ -247,7 +260,7 @@ do_compare(
        }
 
        /* check for referrals */
-       rc = backend_check_referrals( be, conn, op, dn.bv_val, ndn );
+       rc = backend_check_referrals( be, conn, op, pdn->bv_val, ndn->bv_val );
        if ( rc != LDAP_SUCCESS ) {
                goto cleanup;
        }
@@ -255,30 +268,34 @@ do_compare(
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
                "do_compare: conn %d     dn (%s) attr(%s) value (%s)\n",
-               conn->c_connid, dn.bv_val, ava.aa_desc->ad_cname.bv_val,
+               conn->c_connid, pdn->bv_val, ava.aa_desc->ad_cname.bv_val,
                ava.aa_value->bv_val ));
 #else
        Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
-           dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val );
+           pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val );
 #endif
 
        Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d CMP dn=\"%s\" attr=\"%s\"\n",
-           op->o_connid, op->o_opid, dn, ava.aa_desc->ad_cname.bv_val, 0 );
+           op->o_connid, op->o_opid, pdn->bv_val,
+               ava.aa_desc->ad_cname.bv_val, 0 );
 
 
        /* deref suffix alias if appropriate */
-       ndn = suffix_alias( be, ndn );
+       ndn->bv_val = suffix_alias( be, ndn->bv_val );
+       ndn->bv_len = strlen( ndn->bv_val );
 
        if ( be->be_compare ) {
-               (*be->be_compare)( be, conn, op, dn.bv_val, ndn, &ava );
+               (*be->be_compare)( be, conn, op, pdn->bv_val, ndn->bv_val, &ava );
        } else {
                send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-                       NULL, "operation not supported within namingContext", NULL, NULL );
+                       NULL, "operation not supported within namingContext",
+                       NULL, NULL );
        }
 
 cleanup:
        free( dn.bv_val );
-       free( ndn );
+       ber_bvfree( pdn );
+       ber_bvfree( ndn );
        free( desc.bv_val );
        free( value.bv_val );
 

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index bb73194aef33bb17ee3b0d5898c23590a14f0659..47da9ad9650dd699c929e4b744b59638dd6ebfbb 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -953,9 +953,6 @@ read_config( const char *fname )
 
                                }
                                charray_add( &be->be_suffix, dn );
-#ifndef USE_LDAP_DN_PARSING
-                               (void) ldap_pvt_str2upper( dn );
-#else /* USE_LDAP_DN_PARSING */
                                if ( dn_normalize( dn ) == NULL ) {
 #ifdef NEW_LOGGING
                                        LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
@@ -970,7 +967,6 @@ read_config( const char *fname )
                                        free( dn );
                                        return 1;
                                }
-#endif /* USE_LDAP_DN_PARSING */
                                ber_bvecadd( &be->be_nsuffix, ber_bvstr( dn ) );
                        }
 

diff --git a/servers/slapd/delete.c b/servers/slapd/delete.c
index 3eb3c2c7b58443e2a761ec338af6839003b710e7..f488fecd2c06d51c966c3a296ecc90a215a1c83c 100644 (file)
--- a/servers/slapd/delete.c
+++ b/servers/slapd/delete.c
@@ -32,7 +32,8 @@ do_delete(
 )
 {
        struct berval dn = { 0, NULL };
-       char *ndn = NULL;
+       struct berval *ndn = NULL;
+       struct berval *pdn = NULL;
        const char *text;
        Backend *be;
        int rc;
@@ -73,23 +74,37 @@ do_delete(
                goto cleanup;
        } 
 
-       ndn = ch_strdup( dn.bv_val );
+       rc = dnPretty( NULL, &dn, &pdn );
+       if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_delete: conn %d  invalid dn (%s)\n",
+                       conn->c_connid, dn.bv_val ));
+#else
+               Debug( LDAP_DEBUG_ANY,
+                       "do_delete: invalid dn (%s)\n", dn.bv_val, 0, 0 );
+#endif
+               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                   "invalid DN", NULL, NULL );
+               goto cleanup;
+       }
 
-       if(     dn_normalize( ndn ) == NULL ) {
+       rc = dnNormalize( NULL, &dn, &ndn );
+       if( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
-               LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
-                       "do_delete: conn %d  invalid dn (%s).\n",
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_delete: conn %d  invalid dn (%s)\n",
                        conn->c_connid, dn.bv_val ));
 #else
-               Debug( LDAP_DEBUG_ANY, "do_delete: invalid dn (%s)\n",
-                       dn.bv_val, 0, 0 );
+               Debug( LDAP_DEBUG_ANY,
+                       "do_delete: invalid dn (%s)\n", dn.bv_val, 0, 0 );
 #endif
                send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
                    "invalid DN", NULL, NULL );
                goto cleanup;
        }
 
-       if( *ndn == '\0' ) {
+       if( ndn->bv_len == 0 ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_INFO, "do_delete: conn %d: "
                        "Attempt to delete root DSE.\n", conn->c_connid ));
@@ -102,7 +117,8 @@ do_delete(
                goto cleanup;
 
 #ifdef SLAPD_SCHEMA_DN
-       } else if ( strcasecmp( ndn, SLAPD_SCHEMA_DN ) == 0 ) {
+
+       } else if ( strcasecmp( ndn->bv_val, SLAPD_SCHEMA_DN ) == 0 ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_INFO, "do_delete: conn %d: "
                        "Attempt to delete subschema subentry.\n", conn->c_connid ));
@@ -118,7 +134,7 @@ do_delete(
        }
 
        Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d DEL dn=\"%s\"\n",
-               op->o_connid, op->o_opid, dn.bv_val, 0, 0 );
+               op->o_connid, op->o_opid, pdn->bv_val, 0, 0 );
 
        manageDSAit = get_manageDSAit( op );
 
@@ -127,9 +143,9 @@ do_delete(
         * appropriate one, or send a referral to our "referral server"
         * if we don't hold it.
         */
-       if ( (be = select_backend( ndn, manageDSAit, 0 )) == NULL ) {
+       if ( (be = select_backend( ndn->bv_val, manageDSAit, 0 )) == NULL ) {
                struct berval **ref = referral_rewrite( default_referral,
-                       NULL, dn.bv_val, LDAP_SCOPE_DEFAULT );
+                       NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT );
 
                send_ldap_result( conn, op, rc = LDAP_REFERRAL,
                        NULL, NULL, ref ? ref : default_referral, NULL );
@@ -147,13 +163,14 @@ do_delete(
        }
 
        /* check for referrals */
-       rc = backend_check_referrals( be, conn, op, dn.bv_val, ndn );
+       rc = backend_check_referrals( be, conn, op, pdn->bv_val, ndn->bv_val );
        if ( rc != LDAP_SUCCESS ) {
                goto cleanup;
        }
 
        /* deref suffix alias if appropriate */
-       ndn = suffix_alias( be, ndn );
+       ndn->bv_val = suffix_alias( be, ndn->bv_val );
+       ndn->bv_len = strlen( ndn->bv_val );
 
        /*
         * do the delete if 1 && (2 || 3)
@@ -168,12 +185,12 @@ do_delete(
                if ( be->be_update_ndn == NULL || repl_user )
 #endif
                {
-                       if ( (*be->be_delete)( be, conn, op, dn.bv_val, ndn ) == 0 ) {
+                       if ( (*be->be_delete)( be, conn, op, pdn->bv_val, ndn->bv_val ) == 0 ) {
 #ifdef SLAPD_MULTIMASTER
                                if (be->be_update_ndn == NULL || !repl_user )
 #endif
                                {
-                                       replog( be, op, dn.bv_val, ndn, NULL );
+                                       replog( be, op, pdn->bv_val, ndn->bv_val, NULL );
                                }
                        }
 #ifndef SLAPD_MULTIMASTER
@@ -181,7 +198,7 @@ do_delete(
                        struct berval **defref = be->be_update_refs
                                ? be->be_update_refs : default_referral;
                        struct berval **ref = referral_rewrite( default_referral,
-                               NULL, dn.bv_val, LDAP_SCOPE_DEFAULT );
+                               NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT );
 
                        send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL,
                                ref ? ref : defref, NULL );
@@ -196,7 +213,8 @@ do_delete(
        }
 
 cleanup:
-       if( ndn != NULL ) free( ndn );
        free( dn.bv_val );
+       if( pdn != NULL ) ber_bvfree( pdn );
+       if( ndn != NULL ) ber_bvfree( ndn );
        return rc;
 }

diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c
index 3a7a2e8e3f14edad665dd57c4533dd75048e847c..be68d02a08c939f8b97032c7b16eedce783c2c33 100644 (file)
--- a/servers/slapd/dn.c
+++ b/servers/slapd/dn.c
@@ -28,6 +28,7 @@
 #define INQUOTEDVALUE  7
 #define B4SEPARATOR            8
 
+#if 0
 /*
  * dn_pretty - "pretty" the DN
  */
@@ -44,6 +45,7 @@ char *dn_pretty( const char *dn_in )
        if( dn_out == NULL ) free( dn );
        return dn_out;
 }
+#endif
 
 /*
  * dn_validate - validate and compress dn.  the dn is
@@ -53,7 +55,6 @@ char *dn_pretty( const char *dn_in )
 char *
 dn_validate( char *dn_in )
 {
-#ifdef USE_LDAP_DN_PARSING
        struct berval   val, *normalized;
        int             rc;
 
@@ -78,164 +79,6 @@ dn_validate( char *dn_in )
        ber_bvfree( normalized );
 
        return( dn_in );
-       
-#else /* !USE_LDAP_DN_PARSING */
-       char    *d, *s;
-       int     state, gotesc;
-       char    *dn = dn_in;
-
-       gotesc = 0;
-       state = B4LEADTYPE;
-       for ( d = s = dn; *s; s++ ) {
-               switch ( state ) {
-               case B4LEADTYPE:
-               case B4TYPE:
-                       if ( OID_LEADCHAR(*s) ) {
-                               state = INOIDTYPE;
-                               *d++ = *s;
-                       } else if ( ATTR_LEADCHAR(*s) ) {
-                               state = INKEYTYPE;
-                               *d++ = *s;
-                       } else if ( ! ASCII_SPACE( *s ) ) {
-                               dn = NULL;
-                               state = INKEYTYPE;
-                               *d++ = *s;
-                       }
-                       break;
-
-               case INOIDTYPE:
-                       if ( OID_CHAR(*s) ) {
-                               *d++ = *s;
-                       } else if ( *s == '=' ) {
-                               state = B4VALUE;
-                               *d++ = *s;
-                       } else if ( ASCII_SPACE( *s ) ) {
-                               state = B4EQUAL;
-                       } else {
-                               dn = NULL;
-                               *d++ = *s;
-                       }
-                       break;
-
-               case INKEYTYPE:
-                       if ( ATTR_CHAR(*s) ) {
-                               *d++ = *s;
-                       } else if ( *s == '=' ) {
-                               state = B4VALUE;
-                               *d++ = *s;
-                       } else if ( ASCII_SPACE( *s ) ) {
-                               state = B4EQUAL;
-                       } else {
-                               dn = NULL;
-                               *d++ = *s;
-                       }
-                       break;
-
-               case B4EQUAL:
-                       if ( *s == '=' ) {
-                               state = B4VALUE;
-                               *d++ = *s;
-                       } else if ( ! ASCII_SPACE( *s ) ) {
-                               /* not a valid dn - but what can we do here? */
-                               *d++ = *s;
-                               dn = NULL;
-                       }
-                       break;
-
-               case B4VALUE:
-                       if ( *s == '"' ) {
-                               state = INQUOTEDVALUE;
-                               *d++ = *s;
-                       } else if ( ! ASCII_SPACE( *s ) ) {
-                               state = INVALUE;
-                               *d++ = *s;
-                       }
-                       break;
-
-               case INVALUE:
-                       if ( !gotesc && RDN_SEPARATOR( *s ) ) {
-                               while ( ASCII_SPACE( *(d - 1) ) )
-                                       d--;
-                               state = B4TYPE;
-                               if ( *s == '+' ) {
-                                       *d++ = *s;
-                               } else {
-                                       *d++ = ',';
-                               }
-                       } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) &&
-                               !RDN_SEPARATOR( *s ) )
-                       {
-                               *--d = *s;
-                               d++;
-                       } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) {
-                               *d++ = *s;
-                       }
-                       break;
-
-               case INQUOTEDVALUE:
-                       if ( !gotesc && *s == '"' ) {
-                               state = B4SEPARATOR;
-                               *d++ = *s;
-                       } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) ) {
-                               *--d = *s;
-                               d++;
-                       } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) {
-                               *d++ = *s;
-                       }
-                       break;
-
-               case B4SEPARATOR:
-                       if ( RDN_SEPARATOR( *s ) ) {
-                               state = B4TYPE;
-                               *d++ = *s;
-                       } else if ( !ASCII_SPACE( *s ) ) {
-                               dn = NULL;
-                       }
-                       break;
-
-               default:
-                       dn = NULL;
-#ifdef NEW_LOGGING
-                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
-                               "dn_validate: unknown state %d for dn \"%s\".\n",
-                               state, dn_in ));
-#else
-                       Debug( LDAP_DEBUG_ANY,
-                               "dn_validate - unknown state %d\n", state, 0, 0 );
-#endif
-                       break;
-               }
-
-               if ( *s == '\\' ) {
-                       gotesc = 1;
-               } else {
-                       gotesc = 0;
-               }
-       }
-
-       /* trim trailing spaces */
-       while( d > dn_in && ASCII_SPACE( *(d-1) ) ) {
-               --d;
-       }
-       *d = '\0';
-
-       if( gotesc ) {
-               /* shouldn't be left in escape */
-               dn = NULL;
-       }
-
-       /* check end state */
-       switch( state ) {
-       case B4LEADTYPE:        /* looking for first type */
-       case B4SEPARATOR:       /* looking for separator */
-       case INVALUE:           /* inside value */
-               break;
-       default:
-               dn = NULL;
-       }
-
-       return( dn );
-#endif /* !USE_LDAP_DN_PARSING */
 }
 
 /*
@@ -247,7 +90,6 @@ dn_validate( char *dn_in )
 char *
 dn_normalize( char *dn )
 {
-#ifdef USE_LDAP_DN_PARSING
        struct berval   val, *normalized;
        int             rc;
 
@@ -272,26 +114,6 @@ dn_normalize( char *dn )
        ber_bvfree( normalized );
 
        return( dn );
-       
-#else /* !USE_LDAP_DN_PARSING */
-       char *out;
-       struct berval *bvdn, *nbvdn;
-
-       out = NULL;
-       bvdn = ber_bvstr( dn );
-       
-       if ( dnNormalize( NULL, bvdn, &nbvdn ) == LDAP_SUCCESS ) {
-               if ( nbvdn->bv_len <= bvdn->bv_len ) {
-                       out = dn;
-                       strcpy( out, nbvdn->bv_val );
-               }
-               ber_bvfree( nbvdn );
-       }
-       bvdn->bv_val = NULL; /* prevent bvfree from freeing dn */
-       ber_bvfree( bvdn );
-
-       return( out );
-#endif /* !USE_LDAP_DN_PARSING */
 }
 
 int

diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c
index ebd740f3c067478d211f654d574a8c73f6e5d3b0..70154958282d9f5b091e8ca9537b73ea4e1d5996 100644 (file)
--- a/servers/slapd/entry.c
+++ b/servers/slapd/entry.c
@@ -41,6 +41,7 @@ str2entry( char *s )
 {
        int rc;
        Entry           *e;
+       ber_len_t       dnlen;
        char            *type;
        struct berval value;
        struct berval   *vals[2];
@@ -115,26 +116,48 @@ str2entry( char *s )
                }
 
                if ( strcasecmp( type, "dn" ) == 0 ) {
+                       struct berval *pdn;
+
                        free( type );
 
                        if ( e->e_dn != NULL ) {
 #ifdef NEW_LOGGING
                                LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, "str2entry: "
-                                       "entry %ld has multiple dns \"%s\" and \"%s\" "
-                                       "(second ignored)\n",
-                                       (long) e->e_id, e->e_dn, value.bv_val != NULL ? value.bv_val : "" ));
+                                       "entry %ld has multiple dns \"%s\" and \"%s\"\n",
+                                       (long) e->e_id, e->e_dn,
+                                       value.bv_val != NULL ? value.bv_val : "" ));
 #else
                                Debug( LDAP_DEBUG_ANY, "str2entry: "
-                                       "entry %ld has multiple dns \"%s\" and \"%s\" "
-                                       "(second ignored)\n",
+                                       "entry %ld has multiple dns \"%s\" and \"%s\"\n",
                                    (long) e->e_id, e->e_dn,
                                        value.bv_val != NULL ? value.bv_val : "" );
 #endif
                                if( value.bv_val != NULL ) free( value.bv_val );
-                               continue;
+                               entry_free( e );
+                               return NULL;
+                       }
+
+                       rc = dnPretty( NULL, &value, &pdn );
+                       if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+                               LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, "str2entry: "
+                                       "entry %ld has invalid DN \"%s\"\n",
+                                       (long) e->e_id,
+                                       pdn->bv_val ? pdn->bv_val : "" ));
+#else
+                               Debug( LDAP_DEBUG_ANY, "str2entry: "
+                                       "entry %ld has invalid DN \"%s\"\n",
+                                       (long) e->e_id,
+                                       pdn->bv_val ? pdn->bv_val : "", 0 );
+#endif
+                               if( value.bv_val != NULL ) free( value.bv_val );
+                               entry_free( e );
+                               return NULL;
                        }
 
-                       e->e_dn = value.bv_val != NULL ? value.bv_val : ch_strdup( "" );
+                       e->e_dn = pdn->bv_val != NULL ? pdn->bv_val : ch_strdup( "" );
+                       dnlen = pdn->bv_len;
+                       free( pdn );
                        continue;
                }
 
@@ -158,7 +181,6 @@ str2entry( char *s )
                        }
 
                        rc = slap_str2undef_ad( type, &ad, &text );
-
                        if( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
                                LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1,
@@ -266,24 +288,32 @@ str2entry( char *s )
        }
 
        /* generate normalized dn */
-       e->e_ndn = e->e_dn;
-       e->e_dn = dn_pretty( e->e_dn );
+       {
+               struct berval dn;
+               struct berval *ndn;
+
+               dn.bv_val = e->e_dn;
+               dn.bv_len = dnlen;
 
-       if( e->e_dn == NULL ) {
+               rc = dnNormalize( NULL, &dn, &ndn );
+
+               if( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
-               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                          "str2entry:  entry %ld has invalid dn: %s\n",
-                               (long) e->e_id, e->e_ndn ));
+                       LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                                  "str2entry:  entry %ld has invalid dn: %s\n",
+                                       (long) e->e_id, e->e_ndn ));
 #else
-               Debug( LDAP_DEBUG_ANY,
-                       "str2entry: entry %ld has invalid dn: %s\n",
-                   (long) e->e_id, e->e_ndn, 0 );
+                       Debug( LDAP_DEBUG_ANY,
+                               "str2entry: entry %ld has invalid dn: %s\n",
+                           (long) e->e_id, e->e_ndn, 0 );
 #endif
-               entry_free( e );
-               return( NULL );
-       }
+                       entry_free( e );
+                       return NULL;
+               }
 
-       (void) dn_normalize( e->e_ndn );
+               e->e_ndn = ndn->bv_val;
+               free( ndn );
+       }
 
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL2,

diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c
index 2b9625857ac3c70c35e90dc0b6d7b5fa53de5d55..4c69378ed4b7890d29b3d00b6591bee73bcc1dcd 100644 (file)
--- a/servers/slapd/modify.c
+++ b/servers/slapd/modify.c
@@ -34,7 +34,8 @@ do_modify(
     Operation  *op )
 {
        struct berval dn = { 0, NULL };
-       char *ndn = NULL;
+       struct berval *pdn = NULL;
+       struct berval *ndn = NULL;
        char            *last;
        ber_tag_t       tag;
        ber_len_t       len;
@@ -176,24 +177,37 @@ do_modify(
                goto cleanup;
        }
 
-       ndn = ch_strdup( dn.bv_val );
-
-       if(     dn_normalize( ndn ) == NULL ) {
+       rc = dnPretty( NULL, &dn, &pdn );
+       if( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
-               LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
-                       "do_modify: invalid dn (%s)\n", dn.bv_val ));
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_modify: conn %d  invalid dn (%s)\n",
+                       conn->c_connid, dn.bv_val ));
 #else
                Debug( LDAP_DEBUG_ANY,
-                       "do_modify: invalid dn (%s)\n",
-                       dn.bv_val, 0, 0 );
+                       "do_modify: invalid dn (%s)\n", dn.bv_val, 0, 0 );
 #endif
+               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                   "invalid DN", NULL, NULL );
+               goto cleanup;
+       }
 
+       rc = dnNormalize( NULL, &dn, &ndn );
+       if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_modify: conn %d  invalid dn (%s)\n",
+                       conn->c_connid, dn.bv_val ));
+#else
+               Debug( LDAP_DEBUG_ANY,
+                       "do_modify: invalid dn (%s)\n", dn.bv_val, 0, 0 );
+#endif
                send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
                    "invalid DN", NULL, NULL );
                goto cleanup;
        }
 
-       if( *ndn == '\0' ) {
+       if( ndn->bv_len == 0 ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
                        "do_modify: attempt to modify root DSE.\n" ));
@@ -206,7 +220,7 @@ do_modify(
                goto cleanup;
 
 #if defined( SLAPD_SCHEMA_DN )
-       } else if ( strcasecmp( ndn, SLAPD_SCHEMA_DN ) == 0 ) {
+       } else if ( strcasecmp( ndn->bv_val, SLAPD_SCHEMA_DN ) == 0 ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
                        "do_modify: attempt to modify subschema subentry.\n" ));
@@ -283,9 +297,9 @@ do_modify(
         * appropriate one, or send a referral to our "referral server"
         * if we don't hold it.
         */
-       if ( (be = select_backend( ndn, manageDSAit, 0 )) == NULL ) {
+       if ( (be = select_backend( ndn->bv_val, manageDSAit, 0 )) == NULL ) {
                struct berval **ref = referral_rewrite( default_referral,
-                       NULL, dn.bv_val, LDAP_SCOPE_DEFAULT );
+                       NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT );
 
                send_ldap_result( conn, op, rc = LDAP_REFERRAL,
                        NULL, NULL, ref ? ref : default_referral, NULL );
@@ -303,13 +317,14 @@ do_modify(
        }
 
        /* check for referrals */
-       rc = backend_check_referrals( be, conn, op, dn.bv_val, ndn );
+       rc = backend_check_referrals( be, conn, op, pdn->bv_val, ndn->bv_val );
        if ( rc != LDAP_SUCCESS ) {
                goto cleanup;
        }
 
        /* deref suffix alias if appropriate */
-       ndn = suffix_alias( be, ndn );
+       ndn->bv_val = suffix_alias( be, ndn->bv_val );
+       ndn->bv_len = strlen( ndn->bv_val );
 
        /*
         * do the modify if 1 && (2 || 3)
@@ -362,13 +377,13 @@ do_modify(
                                }
                        }
 
-                       if ( (*be->be_modify)( be, conn, op, dn.bv_val, ndn, mods ) == 0
+                       if ( (*be->be_modify)( be, conn, op, pdn->bv_val, ndn->bv_val, mods ) == 0
 #ifdef SLAPD_MULTIMASTER
                                && !repl_user
 #endif
                        ) {
                                /* but we log only the ones not from a replicator user */
-                               replog( be, op, dn.bv_val, ndn, mods );
+                               replog( be, op, pdn->bv_val, ndn->bv_val, mods );
                        }
 
 #ifndef SLAPD_MULTIMASTER
@@ -377,7 +392,7 @@ do_modify(
                        struct berval **defref = be->be_update_refs
                                ? be->be_update_refs : default_referral;
                        struct berval **ref = referral_rewrite( defref,
-                               NULL, dn.bv_val, LDAP_SCOPE_DEFAULT );
+                               NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT );
 
                        send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL,
                                ref ? ref : defref, NULL );
@@ -387,12 +402,14 @@ do_modify(
                }
        } else {
                send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-                   NULL, "operation not supported within namingContext", NULL, NULL );
+                   NULL, "operation not supported within namingContext",
+                       NULL, NULL );
        }
 
 cleanup:
        free( dn.bv_val );
-       if( ndn != NULL ) free( ndn );
+       if( pdn != NULL ) ber_bvfree( pdn );
+       if( ndn != NULL ) ber_bvfree( ndn );
        if ( modlist != NULL )
                slap_modlist_free( modlist );
        if ( mods != NULL )

diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index 915c40321ff68c8c3ac82cf6369caaff4c361073..bbbc0cce4f4f8b2026fb27f9a14321fd90980773 100644 (file)
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -325,7 +325,6 @@ LDAP_SLAPD_F (void) connection_internal_close( Connection *conn );
  * dn.c
  */
 
-LDAP_SLAPD_F (char *) dn_pretty LDAP_P(( const char *dn ));
 LDAP_SLAPD_F (char *) dn_validate LDAP_P(( char *dn ));
 LDAP_SLAPD_F (char *) dn_normalize LDAP_P(( char *dn ));
 LDAP_SLAPD_F (int) dn_match LDAP_P(( const char *val, const char *asserted ));
@@ -752,14 +751,20 @@ LDAP_SLAPD_F( int ) mods_structural_class(
 LDAP_SLAPD_F (int) schema_init LDAP_P((void));
 LDAP_SLAPD_F (int) schema_prep LDAP_P((void));
 
+LDAP_SLAPD_F (int) dnValidate LDAP_P((
+       Syntax *syntax, 
+       struct berval *val ));
+
 LDAP_SLAPD_F (int) dnNormalize LDAP_P((
        Syntax *syntax, 
        struct berval *val, 
        struct berval **normalized ));
+
 LDAP_SLAPD_F (int) dnPretty LDAP_P(( 
        Syntax *syntax, 
        struct berval *val, 
-       struct berval **normalized ));
+       struct berval **pretty ));
+
 LDAP_SLAPD_F (int) dnMatch LDAP_P(( 
        int *matchp, 
        slap_mask_t flags, 

diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index bab88690c1e8996a87a6181bcdac5877666f3908..6dc45f670eecc6d04ea06fccba8cb80f029043e7 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -32,11 +32,7 @@
 
 /* unimplemented pretters */
 #define integerPretty                                  NULL
-#ifndef USE_LDAP_DN_PARSING
-#      define dnPretty                                         NULL
-#else
-#      define SLAP_LDAPDN_PRETTY 0x1
-#endif /* !USE_LDAP_DN_PARSING */
+#define SLAP_LDAPDN_PRETTY 0x1
 
 /* recycled matching routines */
 #define bitStringMatch                                 octetStringMatch
@@ -221,8 +217,6 @@ int octetStringFilter(
        return LDAP_SUCCESS;
 }
 
-#ifdef USE_LDAP_DN_PARSING
-
 /*
  * The DN syntax-related functions take advantage of the dn representation
  * handling functions ldap_str2dn/ldap_dn2str.  The latter are not schema-
@@ -304,7 +298,7 @@ LDAPDN_validate( LDAPDN *dn )
 /*
  * dn validate routine
  */
-static int
+int
 dnValidate(
        Syntax *syntax,
        struct berval *in )
@@ -661,103 +655,6 @@ dnMatch(
        return( LDAP_SUCCESS );
 }
 
-#else /* !USE_LDAP_DN_PARSING */
-
-static int
-dnValidate(
-       Syntax *syntax,
-       struct berval *in )
-{
-       int rc;
-       char *dn;
-
-       if( in->bv_len == 0 ) return LDAP_SUCCESS;
-
-       dn = ch_strdup( in->bv_val );
-
-       if( dn == NULL ) {
-               return LDAP_INVALID_SYNTAX;
-
-       } else if ( strlen( in->bv_val ) != in->bv_len ) {
-               rc = LDAP_INVALID_SYNTAX;
-
-       } else if ( dn_validate( dn ) == NULL ) {
-               rc = LDAP_INVALID_SYNTAX;
-
-       } else {
-               rc = LDAP_SUCCESS;
-       }
-
-       ch_free( dn );
-       return rc;
-}
-
-int
-dnNormalize(
-       Syntax *syntax,
-       struct berval *val,
-       struct berval **normalized )
-{
-       struct berval *out;
-
-       if ( val->bv_len != 0 ) {
-               char *dn;
-               out = ber_bvstr( UTF8normalize( val, UTF8_CASEFOLD ) );
-
-               dn = dn_validate( out->bv_val );
-
-               if( dn == NULL ) {
-                       ber_bvfree( out );
-                       return LDAP_INVALID_SYNTAX;
-               }
-
-               out->bv_val = dn;
-               out->bv_len = strlen( dn );
-       } else {
-               out = ber_bvdup( val );
-       }
-
-       *normalized = out;
-       return LDAP_SUCCESS;
-}
-
-int
-dnMatch(
-       int *matchp,
-       slap_mask_t flags,
-       Syntax *syntax,
-       MatchingRule *mr,
-       struct berval *value,
-       void *assertedValue )
-{
-       int match;
-       struct berval *asserted = (struct berval *) assertedValue;
-       
-       match = value->bv_len - asserted->bv_len;
-
-       if( match == 0 ) {
-#ifdef USE_DN_NORMALIZE
-               match = strcmp( value->bv_val, asserted->bv_val );
-#else
-               match = strcasecmp( value->bv_val, asserted->bv_val );
-#endif
-       }
-
-#ifdef NEW_LOGGING
-       LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
-               "dnMatch: %d\n    %s\n    %s\n", match,
-               value->bv_val, asserted->bv_val ));
-#else
-       Debug( LDAP_DEBUG_ARGS, "dnMatch %d\n\t\"%s\"\n\t\"%s\"\n",
-               match, value->bv_val, asserted->bv_val );
-#endif
-
-
-       *matchp = match;
-       return LDAP_SUCCESS;
-}
-
-#endif /* !USE_LDAP_DN_PARSING */
 
 static int
 nameUIDValidate(

diff --git a/servers/slapd/search.c b/servers/slapd/search.c
index 197126f6a107ffec7c4be89ba8aac075db462bad..803fe40e75a1a29c48a91b2d7ffc85ccc4a39c91 100644 (file)
--- a/servers/slapd/search.c
+++ b/servers/slapd/search.c
@@ -34,7 +34,9 @@ do_search(
        ber_int_t       scope, deref, attrsonly;
        ber_int_t       sizelimit, timelimit;
        struct berval base = { 0, NULL };
-       char            *nbase = NULL, *fstr = NULL;
+       struct berval *pbase = NULL;
+       struct berval *nbase = NULL;
+       char            *fstr = NULL;
        Filter          *filter = NULL;
        char            **attrs = NULL;
        Backend         *be;
@@ -107,14 +109,37 @@ do_search(
                goto return_results;
        }
 
-       nbase = ch_strdup( base.bv_val );
+       rc = dnPretty( NULL, &base, &pbase );
+       if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_search: conn %d  invalid dn (%s)\n",
+                       conn->c_connid, base.bv_val ));
+#else
+               Debug( LDAP_DEBUG_ANY,
+                       "do_search: invalid dn (%s)\n", base.bv_val, 0, 0 );
+#endif
+               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                   "invalid DN", NULL, NULL );
+               goto return_results;
+       }
 
-       if( dn_normalize( nbase ) == NULL ) {
-               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX,
-                       NULL, "invalid DN", NULL, NULL );
+       rc = dnNormalize( NULL, &base, &nbase );
+       if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+                       "do_searc: conn %d  invalid dn (%s)\n",
+                       conn->c_connid, base.bv_val ));
+#else
+               Debug( LDAP_DEBUG_ANY,
+                       "do_search: invalid dn (%s)\n", base.bv_val, 0, 0 );
+#endif
+               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                   "invalid DN", NULL, NULL );
                goto return_results;
        }
 
+
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
                "do_search \"%s\" %d %d %d %d %d\n", base.bv_val, scope,
@@ -196,14 +221,14 @@ do_search(
 
        Statslog( LDAP_DEBUG_STATS,
            "conn=%ld op=%d SRCH base=\"%s\" scope=%d filter=\"%s\"\n",
-           op->o_connid, op->o_opid, base.bv_val, scope, fstr );
+           op->o_connid, op->o_opid, pbase->bv_val, scope, fstr );
 
        manageDSAit = get_manageDSAit( op );
 
        if ( scope == LDAP_SCOPE_BASE ) {
                Entry *entry = NULL;
 
-               if ( strcasecmp( nbase, LDAP_ROOT_DSE ) == 0 ) {
+               if ( strcasecmp( nbase->bv_val, LDAP_ROOT_DSE ) == 0 ) {
 #ifdef LDAP_CONNECTIONLESS
                        /* Ignore LDAPv2 CLDAP DSE queries */
                        if (op->o_protocol==LDAP_VERSION2 && conn->c_is_udp) {
@@ -222,7 +247,7 @@ do_search(
                }
 
 #if defined( SLAPD_SCHEMA_DN )
-               else if ( strcasecmp( nbase, SLAPD_SCHEMA_DN ) == 0 ) {
+               else if ( strcasecmp( nbase->bv_val, SLAPD_SCHEMA_DN ) == 0 ) {
                        /* check restrictions */
                        rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
                        if( rc != LDAP_SUCCESS ) {
@@ -257,12 +282,13 @@ do_search(
                }
        }
 
-       if( nbase[0] == '\0' && default_search_nbase != NULL ) {
+       if( nbase->bv_len == 0 && default_search_nbase != NULL ) {
                ch_free( base.bv_val );
-               ch_free( nbase );
+               ch_free( nbase->bv_val );
                base.bv_val = ch_strdup( default_search_base );
                base.bv_len = strlen( default_search_nbase );
-               nbase = ch_strdup( default_search_nbase );
+               nbase->bv_val = ch_strdup( default_search_nbase );
+               nbase->bv_len = strlen( default_search_nbase );
        }
 
        /*
@@ -270,9 +296,9 @@ do_search(
         * appropriate one, or send a referral to our "referral server"
         * if we don't hold it.
         */
-       if ( (be = select_backend( nbase, manageDSAit, 1 )) == NULL ) {
+       if ( (be = select_backend( nbase->bv_val, manageDSAit, 1 )) == NULL ) {
                struct berval **ref = referral_rewrite( default_referral,
-                       NULL, base.bv_val, scope );
+                       NULL, pbase->bv_val, scope );
 
                send_ldap_result( conn, op, rc = LDAP_REFERRAL,
                        NULL, NULL, ref ? ref : default_referral, NULL );
@@ -290,17 +316,18 @@ do_search(
        }
 
        /* check for referrals */
-       rc = backend_check_referrals( be, conn, op, base.bv_val, nbase );
+       rc = backend_check_referrals( be, conn, op, pbase->bv_val, nbase->bv_val );
        if ( rc != LDAP_SUCCESS ) {
                goto return_results;
        }
 
        /* deref the base if needed */
-       nbase = suffix_alias( be, nbase );
+       nbase->bv_val = suffix_alias( be, nbase->bv_val );
+       nbase->bv_len = strlen( nbase->bv_val );
 
        /* actually do the search and send the result(s) */
        if ( be->be_search ) {
-               (*be->be_search)( be, conn, op, base.bv_val, nbase,
+               (*be->be_search)( be, conn, op, pbase->bv_val, nbase->bv_val,
                        scope, deref, sizelimit,
                    timelimit, filter, fstr, attrs, attrsonly );
        } else {
@@ -310,7 +337,9 @@ do_search(
 
 return_results:;
        free( base.bv_val );
-       if( nbase != NULL) free( nbase );
+       if( pbase != NULL) ber_bvfree( pbase );
+       if( nbase != NULL) ber_bvfree( nbase );
+
        if( fstr != NULL) free( fstr );
        if( filter != NULL) filter_free( filter );
        if ( attrs != NULL ) {

diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index d883542beade67f72f2863f6bca09e7fb3802dfe..8bcfcb2e6827aa392cf26c3a60e9de69e185b6b0 100644 (file)
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -8,8 +8,6 @@
 #ifndef _SLAP_H_
 #define _SLAP_H_
 
-#define USE_LDAP_DN_PARSING
-
 #include "ldap_defaults.h"
 
 #include <stdio.h>