type. Add type to core.schema. Not yet populated on add nor checked on modify.
/* target is attribute, check if the attribute value
* is the op dn.
*/
- rc = value_match( &match, b->a_dn_at,
- b->a_dn_at->ad_type->sat_equality,
- val, &bv, &text );
+ rc = value_match( &match, b->a_dn_at,
+ b->a_dn_at->ad_type->sat_equality, 0,
+ val, &bv, &text );
/* on match error or no match, fail the ACL clause */
if (rc != LDAP_SUCCESS || match != 0 )
continue;
/* target is attribute, check if the attribute value
* is the op dn.
*/
- rc = value_match( &match, b->a_dn_at,
- b->a_dn_at->ad_type->sat_equality,
- val, &bv, &text );
+ rc = value_match( &match, b->a_dn_at,
+ b->a_dn_at->ad_type->sat_equality, 0,
+ val, &bv, &text );
+
/* on match error or no match, fail the ACL clause */
if (rc != LDAP_SUCCESS || match != 0 )
continue;
int i, j, rc;
Attribute *attr;
struct berval **v;
- char *s;
const char *entry_at_name = entry_at->ad_cname->bv_val;
Debug( LDAP_DEBUG_ARGS,
for ( j = 0; a->a_vals[j] != NULL; j++ ) {
int match;
int rc = value_match( &match, mod->sm_desc, mr,
+ SLAP_MR_MODIFY_MATCHING,
a->a_vals[j], asserted, &text );
if( rc == LDAP_SUCCESS && match == 0 ) {
for ( j = 0; a->a_vals[j] != NULL; j++ ) {
int match;
int rc = value_match( &match, mod->sm_desc, mr,
+ SLAP_MR_MODIFY_MATCHING,
a->a_vals[j], asserted, &text );
- if( rc == LDAP_SUCCESS && match != 0 )
- {
+ if( rc == LDAP_SUCCESS && match != 0 ) {
continue;
}
found = 1;
int rc;
const char *text;
- rc = value_match( &ret, a->a_desc, mr,
+ rc = value_match( &ret, a->a_desc, mr, 0,
a->a_vals[i], ava->aa_value,
&text );
int rc;
const char *text;
- rc = value_match( &ret, a->a_desc, mr,
+ rc = value_match( &ret, a->a_desc, mr, 0,
a->a_vals[i], f->f_sub,
&text );
int *match,
AttributeDescription *ad,
MatchingRule *mr,
+ unsigned flags,
struct berval *v1,
void *v2,
const char ** text ));
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )
+# From X.500(97?)
+attributetype ( 2.5.21.9 NAME 'structuralObjectClass'
+ EQUALITY objectIdentifierMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
+ NO-USER-MODIFICATION SINGLE-VALUE USAGE directoryOperation )
# LDAP Operational Attributes from RFC2252
attributetype ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
static int
octetStringMatch(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
/* Index generation function */
int octetStringIndexer(
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *prefix,
/* Index generation function */
int octetStringFilter(
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *prefix,
static int
dnMatch(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
static int
caseExactIA5Match(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
static int
caseExactIA5SubstringsMatch(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
/* Index generation function */
int caseExactIA5Indexer(
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *prefix,
/* Index generation function */
int caseExactIA5Filter(
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *prefix,
static int
caseIgnoreIA5Match(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
static int
caseIgnoreIA5SubstringsMatch(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
/* Index generation function */
int caseIgnoreIA5Indexer(
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *prefix,
/* Index generation function */
int caseIgnoreIA5Filter(
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *prefix,
static int
objectIdentifierFirstComponentMatch(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
/* insert attributeTypes, objectclass check here */
if( OID_LEADCHAR(asserted->bv_val[0]) ) {
- rc = objectIdentifierMatch( &match, use, syntax, mr, &oid, asserted );
+ rc = objectIdentifierMatch( &match, flags, syntax, mr, &oid, asserted );
} else {
char *stored = ch_malloc( oid.bv_len + 1 );
static int
objectClassMatch(
int *matchp,
- unsigned use,
+ unsigned flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
ObjectClass *asserted = oc_find( a->bv_val );
if( asserted == NULL ) {
- if( OID_LEADCHAR( *value->bv_val ) ) {
+ if( OID_LEADCHAR( *a->bv_val ) ) {
/* OID form, return FALSE */
*matchp = 1;
return LDAP_SUCCESS;
return SLAPD_COMPARE_UNDEFINED;
}
+ if( flags & SLAP_MR_MODIFY_MATCHING ) {
+ *matchp = ( asserted != oc );
+ } else {
+ *matchp = !is_object_subclass( asserted, oc );
+ }
+
#if 0
- Debug( LDAP_DEBUG_TRACE, "objectClassMatch(%s,%s)\n",
- value->bv_val, a->bv_val, NULL );
+ Debug( LDAP_DEBUG_TRACE, "objectClassMatch(%s,%s) = %d\n",
+ value->bv_val, a->bv_val, *matchp );
#endif
- *matchp = !is_object_subclass( asserted, oc );
+ return LDAP_SUCCESS;
+}
+
+#define structuralObjectClassIndexer NULL
+#define structuralObjectClassFilter NULL
+
+static int
+structuralObjectClassMatch(
+ int *matchp,
+ unsigned flags,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *value,
+ void *assertedValue )
+{
+ struct berval *a = (struct berval *) assertedValue;
+ ObjectClass *oc = oc_find( value->bv_val );
+ ObjectClass *asserted = oc_find( a->bv_val );
+
+ if( asserted == NULL ) {
+ if( OID_LEADCHAR( *a->bv_val ) ) {
+ /* OID form, return FALSE */
+ *matchp = 1;
+ return LDAP_SUCCESS;
+ }
+
+ /* desc form, return undefined */
+ return SLAPD_COMPARE_UNDEFINED;
+ }
- Debug( LDAP_DEBUG_TRACE, "\treturns %d\n",
- *matchp, NULL, NULL );
+ if ( oc == NULL ) {
+ /* unrecognized stored value */
+ return SLAPD_COMPARE_UNDEFINED;
+ }
+
+ *matchp = ( asserted != oc );
+
+#if 0
+ Debug( LDAP_DEBUG_TRACE, "structuralObjectClassMatch(%s,%s) = %d\n",
+ value->bv_val, a->bv_val, *matchp );
+#endif
return LDAP_SUCCESS;
}
{ "objectClass",
objectClassMatch, objectClassIndexer, objectClassFilter,
offsetof(struct slap_internal_schema, si_ad_objectClass) },
+ { "structuralObjectClass",
+ structuralObjectClassMatch,
+ structuralObjectClassIndexer, structuralObjectClassFilter,
+ offsetof(struct slap_internal_schema, si_ad_structuralObjectClass) },
/* user entry operational attributes */
{ "creatorsName", NULL, NULL, NULL,
/* Match (compare) function */
typedef int slap_mr_match_func LDAP_P((
int *match,
- unsigned use,
+ unsigned flags,
struct slap_syntax *syntax, /* syntax of stored value */
struct slap_matching_rule *mr,
struct berval * value,
/* Index generation function */
typedef int slap_mr_indexer_func LDAP_P((
- unsigned use,
+ unsigned flags,
struct slap_syntax *syntax, /* syntax of stored value */
struct slap_matching_rule *mr,
struct berval *prefix,
/* Filter index function */
typedef int slap_mr_filter_func LDAP_P((
- unsigned use,
+ unsigned flags,
struct slap_syntax *syntax, /* syntax of stored value */
struct slap_matching_rule *mr,
struct berval *prefix,
unsigned smr_usage;
#define SLAP_MR_TYPE_MASK 0xFF00U
-#define SLAP_MR_SUBTYPE_MASK 0x00FFU
+#define SLAP_MR_SUBTYPE_MASK 0x00F0U
+#define SLAP_MR_USAGE 0x000FU
#define SLAP_MR_NONE 0x0000U
#define SLAP_MR_EQUALITY 0x0100U
#define SLAP_MR_SUBSTR 0x0400U
#define SLAP_MR_EXT 0x0800U
-#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0001U )
+#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0010U )
+
+#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0010U )
+#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0020U )
+#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0040U )
-#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0001U )
-#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0002U )
-#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0004U )
+/* this is used to kludge objectClass testing */
+#define SLAP_MR_MODIFY_MATCHING 0x0001U
Syntax *smr_syntax;
slap_mr_convert_func *smr_convert;
AttributeDescription *si_ad_objectClass;
/* operational attributes */
+ AttributeDescription *si_ad_structuralObjectClass;
AttributeDescription *si_ad_creatorsName;
AttributeDescription *si_ad_createTimestamp;
AttributeDescription *si_ad_modifiersName;
int *match,
AttributeDescription *ad,
MatchingRule *mr,
+ unsigned flags,
struct berval *v1, /* stored value */
void *v2, /* assertion */
const char ** text )
{
int rc;
- int usage = 0;
struct berval *nv1 = NULL;
if( !mr->smr_match ) {
}
}
- rc = (mr->smr_match)( match, usage,
+ rc = (mr->smr_match)( match, flags,
ad->ad_type->sat_syntax,
mr,
nv1 != NULL ? nv1 : v1,
int match;
const char *text;
- rc = value_match( &match, ad, mr, vals[i],
- nval == NULL ? val : nval, &text );
+ rc = value_match( &match, ad, mr, 0,
+ vals[i], nval == NULL ? val : nval, &text );
if( rc == LDAP_SUCCESS && match == 0 ) {
return LDAP_SUCCESS;
projects / openldap / commitdiff