#include "ldap-int.h"
-/* forces the use of new dn parsing routines */
-/* #define USE_LDAP_DN_PARSING */
/* extension to UFN that turns trailing "dc=value" rdns in DNS style,
* e.g. "ou=People,dc=openldap,dc=org" => "People, openldap.org" */
#define DC_IN_UFN
/* void ldapava_free_dn( LDAPDN *dn ); in ldap.h */
/* Higher level helpers */
-static int rdn2strlen( LDAPRDN *rdn, ber_len_t *len,
+static int rdn2strlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len,
int ( *s2l )( struct berval *, unsigned, ber_len_t * ) );
-static int rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len,
+static int rdn2str( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len,
int ( *s2s )( struct berval *, char *, unsigned, ber_len_t * ));
-static int rdn2UFNstrlen( LDAPRDN *rdn, ber_len_t *len );
-static int rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len );
-static int rdn2DCEstrlen( LDAPRDN *rdn, ber_len_t *len );
-static int rdn2DCEstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first );
-static int rdn2ADstrlen( LDAPRDN *rdn, ber_len_t *len );
-static int rdn2ADstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first );
+static int rdn2UFNstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len );
+static int rdn2UFNstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len );
+static int rdn2DCEstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len );
+static int rdn2DCEstr( LDAPRDN *rdn, char *str, unsigned flag, ber_len_t *len, int first );
+static int rdn2ADstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len );
+static int rdn2ADstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first );
#ifndef USE_LDAP_DN_PARSING /* deprecated */
#define NAME_TYPE_LDAP_RDN 0
( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_OCTOTHORPE(c) || LDAP_DN_NE(c) )
#define LDAP_DN_NEEDESCAPE_TRAIL(c) \
( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_NEEDESCAPE(c) )
-#define LDAP_DN_WILLESCAPE(c) \
+#define LDAP_DN_WILLESCAPE_CHAR( c) \
( LDAP_DN_RDN_SEP(c) || LDAP_DN_AVA_SEP(c) )
+#define LDAP_DN_WILLESCAPE(f, c) \
+ ( ( !( (f) & LDAP_DN_PRETTY ) ) && LDAP_DN_WILLESCAPE_CHAR(c) )
/* LDAPv2 */
#define LDAP_DN_VALUE_END_V2(c) \
* there might be some chars we want to escape in form
* of a couple of hexdigits for optimization purposes
*/
- } else if ( LDAP_DN_WILLESCAPE( p[ 0 ] ) ) {
+ } else if ( LDAP_DN_WILLESCAPE( flags, p[ 0 ] ) ) {
l += 3;
} else if ( LDAP_DN_NEEDESCAPE( p[ 0 ] )
* there might be some chars we want to escape in form
* of a couple of hexdigits for optimization purposes
*/
- if ( cl > 1 || LDAP_DN_WILLESCAPE( val->bv_val[ s ] ) ) {
+ if ( cl > 1 || LDAP_DN_WILLESCAPE( flags, val->bv_val[ s ] ) ) {
for ( ; cl--; ) {
str[ d++ ] = '\\';
byte2hexpair( &val->bv_val[ s ], &str[ d ] );
}
static int
-rdn2strlen( LDAPRDN *rdn, ber_len_t *len,
+rdn2strlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len,
int ( *s2l )( struct berval *v, unsigned f, ber_len_t *l ) )
{
int iAVA;
} else {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( ( *s2l )( ava->la_value, ava->la_flags, &vl ) ) {
+ if ( ( *s2l )( ava->la_value, f, &vl ) ) {
return( -1 );
}
l += vl;
}
static int
-rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len,
+rdn2str( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len,
int ( *s2s ) ( struct berval *v, char * s, unsigned f, ber_len_t *l ) )
{
int iAVA;
} else {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( ( *s2s )( ava->la_value, &str[ l ],
- ava->la_flags, &vl ) ) {
+ if ( ( *s2s )( ava->la_value, &str[ l ], f, &vl ) ) {
return( -1 );
}
l += vl;
}
static int
-rdn2DCEstrlen( LDAPRDN *rdn, ber_len_t *len )
+rdn2DCEstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len )
{
int iAVA;
ber_len_t l = 0;
case LDAP_AVA_STRING: {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( strval2DCEstrlen( ava->la_value,
- ava->la_flags, &vl ) ) {
+ if ( strval2DCEstrlen( ava->la_value, f, &vl ) ) {
return( -1 );
}
l += vl;
}
static int
-rdn2DCEstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first )
+rdn2DCEstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first )
{
int iAVA;
ber_len_t l = 0;
case LDAP_AVA_STRING: {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( strval2DCEstr( ava->la_value, &str[ l ],
- ava->la_flags, &vl ) ) {
+ if ( strval2DCEstr( ava->la_value, &str[ l ], f, &vl ) ) {
return( -1 );
}
l += vl;
}
static int
-rdn2UFNstrlen( LDAPRDN *rdn, ber_len_t *len )
+rdn2UFNstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len )
{
int iAVA;
ber_len_t l = 0;
} else {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( strval2strlen( ava->la_value, ava->la_flags,
- &vl ) ) {
+ if ( strval2strlen( ava->la_value, f, &vl ) ) {
return( -1 );
}
l += vl;
}
static int
-rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len )
+rdn2UFNstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len )
{
int iAVA;
ber_len_t l = 0;
} else {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( strval2str( ava->la_value, &str[ l ],
- ava->la_flags, &vl ) ) {
+ if ( strval2str( ava->la_value, &str[ l ], f, &vl ) ) {
return( -1 );
}
l += vl;
}
static int
-rdn2ADstrlen( LDAPRDN *rdn, ber_len_t *len )
+rdn2ADstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len )
{
int iAVA;
ber_len_t l = 0;
case LDAP_AVA_STRING: {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( strval2ADstrlen( ava->la_value,
- ava->la_flags, &vl ) ) {
+ if ( strval2ADstrlen( ava->la_value, f, &vl ) ) {
return( -1 );
}
l += vl;
}
static int
-rdn2ADstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first )
+rdn2ADstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first )
{
int iAVA;
ber_len_t l = 0;
case LDAP_AVA_STRING: {
ber_len_t vl;
+ unsigned f = flags | ava->la_flags;
- if ( strval2ADstr( ava->la_value, &str[ l ],
- ava->la_flags, &vl ) ) {
+ if ( strval2ADstr( ava->la_value, &str[ l ], f, &vl ) ) {
return( -1 );
}
l += vl;
*str = NULL;
switch ( LDAP_DN_FORMAT( flags ) ) {
case LDAP_DN_FORMAT_LDAPV3:
- if ( rdn2strlen( rdn, &l, strval2strlen ) ) {
+ if ( rdn2strlen( rdn, flags, &l, strval2strlen ) ) {
return( LDAP_OTHER );
}
break;
case LDAP_DN_FORMAT_LDAPV2:
- if ( rdn2strlen( rdn, &l, strval2IA5strlen ) ) {
+ if ( rdn2strlen( rdn, flags, &l, strval2IA5strlen ) ) {
return( LDAP_OTHER );
}
break;
case LDAP_DN_FORMAT_UFN:
- if ( rdn2UFNstrlen( rdn, &l ) ) {
+ if ( rdn2UFNstrlen( rdn, flags, &l ) ) {
return( LDAP_OTHER );
}
break;
case LDAP_DN_FORMAT_DCE:
- if ( rdn2DCEstrlen( rdn, &l ) ) {
+ if ( rdn2DCEstrlen( rdn, flags, &l ) ) {
return( LDAP_OTHER );
}
break;
case LDAP_DN_FORMAT_AD_CANONICAL:
- if ( rdn2ADstrlen( rdn, &l ) ) {
+ if ( rdn2ADstrlen( rdn, flags, &l ) ) {
return( LDAP_OTHER );
}
break;
switch ( LDAP_DN_FORMAT( flags ) ) {
case LDAP_DN_FORMAT_LDAPV3:
- rc = rdn2str( rdn, *str, &l, strval2str );
+ rc = rdn2str( rdn, *str, flags, &l, strval2str );
back = 1;
break;
case LDAP_DN_FORMAT_LDAPV2:
- rc = rdn2str( rdn, *str, &l, strval2IA5str );
+ rc = rdn2str( rdn, *str, flags, &l, strval2IA5str );
back = 1;
break;
case LDAP_DN_FORMAT_UFN:
- rc = rdn2UFNstr( rdn, *str, &l );
+ rc = rdn2UFNstr( rdn, *str, flags, &l );
back = 2;
break;
case LDAP_DN_FORMAT_DCE:
- rc = rdn2DCEstr( rdn, *str, &l, 1 );
+ rc = rdn2DCEstr( rdn, *str, flags, &l, 1 );
back = 0;
break;
case LDAP_DN_FORMAT_AD_CANONICAL:
- rc = rdn2ADstr( rdn, *str, &l, 1 );
+ rc = rdn2ADstr( rdn, *str, flags, &l, 1 );
back = 0;
break;
ber_len_t rdnl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2strlen( rdn, &rdnl, sv2l ) ) {
+ if ( rdn2strlen( rdn, flags, &rdnl, sv2l ) ) {
goto return_results;
}
ber_len_t rdnl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2str( rdn, &( *str )[ l ], &rdnl, sv2s ) ) {
+ if ( rdn2str( rdn, &( *str )[ l ], flags,
+ &rdnl, sv2s ) ) {
LDAP_FREE( *str );
*str = NULL;
goto return_results;
ber_len_t rdnl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2UFNstrlen( rdn, &rdnl ) ) {
+ if ( rdn2UFNstrlen( rdn, flags, &rdnl ) ) {
goto return_results;
}
len += rdnl;
ber_len_t vl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2UFNstr( rdn, &( *str )[ l ], &vl ) ) {
+ if ( rdn2UFNstr( rdn, &( *str )[ l ],
+ flags, &vl ) ) {
LDAP_FREE( *str );
*str = NULL;
goto return_results;
ber_len_t vl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2UFNstr( rdn, &( *str )[ l ], &vl ) ) {
+ if ( rdn2UFNstr( rdn, &( *str )[ l ],
+ flags, &vl ) ) {
LDAP_FREE( *str );
*str = NULL;
goto return_results;
ber_len_t rdnl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2DCEstrlen( rdn, &rdnl ) ) {
+ if ( rdn2DCEstrlen( rdn, flags, &rdnl ) ) {
goto return_results;
}
ber_len_t rdnl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2DCEstr( rdn, &( *str )[ l ], &rdnl, 0 ) ) {
+ if ( rdn2DCEstr( rdn, &( *str )[ l ], flags,
+ &rdnl, 0 ) ) {
LDAP_FREE( *str );
*str = NULL;
goto return_results;
ber_len_t rdnl;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
- if ( rdn2ADstrlen( rdn, &rdnl ) ) {
+ if ( rdn2ADstrlen( rdn, flags, &rdnl ) ) {
goto return_results;
}
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
if ( rdn2ADstr( rdn, &( *str )[ l ],
- &rdnl, 0 ) ) {
+ flags, &rdnl, 0 ) ) {
LDAP_FREE( *str );
*str = NULL;
goto return_results;
LDAPRDN *rdn = dn[ iRDN ][ 0 ];
if ( rdn2ADstr( rdn, &( *str )[ l ],
- &rdnl, first ) ) {
+ flags, &rdnl, first ) ) {
LDAP_FREE( *str );
*str = NULL;
goto return_results;
char *
dn_validate( char *dn_in )
{
+#ifdef USE_LDAP_DN_PARSING
+ struct berval val, *normalized;
+ int rc;
+
+ fprintf(stderr, ">>> dn_validate: %s\n", dn_in);
+
+ if ( dn_in == NULL || dn_in[ 0 ] == '\0' ) {
+ return( dn_in );
+ }
+
+ val.bv_val = dn_in;
+ val.bv_len = strlen( dn_in );
+
+ rc = dnPretty( NULL, &val, &normalized );
+ if ( rc != LDAP_SUCCESS ) {
+ return( NULL );
+ }
+
+ if ( val.bv_len < normalized->bv_len ) {
+ ber_bvfree( normalized );
+ return( NULL );
+ }
+
+ AC_MEMCPY( dn_in, normalized->bv_val, normalized->bv_len + 1 );
+ ber_bvfree( normalized );
+
+ fprintf(stderr, "<<< dn_validate: %s\n", dn_in);
+
+ return( dn_in );
+
+#else /* !USE_LDAP_DN_PARSING */
char *d, *s;
int state, gotesc;
char *dn = dn_in;
}
return( dn );
+#endif /* !USE_LDAP_DN_PARSING */
}
/*
char *
dn_normalize( char *dn )
{
+#ifdef USE_LDAP_DN_PARSING
+ struct berval val, *normalized;
+ int rc;
+
+ fprintf(stderr, ">>> dn_normalize: %s\n", dn);
+
+ if ( dn == NULL || dn[ 0 ] == '\0' ) {
+ return( dn );
+ }
+
+ val.bv_val = dn;
+ val.bv_len = strlen( dn );
+
+ rc = dnNormalize( NULL, &val, &normalized );
+ if ( rc != LDAP_SUCCESS ) {
+ return( NULL );
+ }
+
+ if ( val.bv_len < normalized->bv_len ) {
+ ber_bvfree( normalized );
+ return( NULL );
+ }
+
+ AC_MEMCPY( dn, normalized->bv_val, normalized->bv_len + 1 );
+ ber_bvfree( normalized );
+
+ ( void )ldap_pvt_str2upper( dn );
+
+ fprintf(stderr, "<<< dn_normalize: %s\n", dn);
+
+ return( dn );
+
+#else /* !USE_LDAP_DN_PARSING */
char *out;
struct berval *bvdn, *nbvdn;
ber_bvfree( bvdn );
return( out );
+#endif /* !USE_LDAP_DN_PARSING */
+}
+
+int
+dn_match( const char *val, const char *asserted )
+{
+ struct berval bval, basserted;
+
+ if ( val == NULL || asserted == NULL ) {
+ return 0;
+ }
+
+ bval.bv_val = ( char * )val;
+ bval.bv_len = strlen( val );
+
+ basserted.bv_val = ( char * )asserted;
+ basserted.bv_len = strlen( asserted);
+
+ return dnMatch( NULL, 0, NULL, NULL, &bval, &basserted);
}
/*
#define berValidate blobValidate
/* unimplemented pretters */
+#ifndef USE_LDAP_DN_PARSING
#define dnPretty NULL
+#endif /* !USE_LDAP_DN_PARSING */
#define integerPretty NULL
/* recycled matching routines */
return LDAP_SUCCESS;
}
+#ifdef USE_LDAP_DN_PARSING
+static int
+dnValidate(
+ Syntax *syntax,
+ struct berval *in )
+{
+ int rc;
+ LDAPDN *dn = NULL;
+
+ if ( in->bv_len == 0 ) {
+ return( LDAP_SUCCESS );
+ }
+
+ rc = ldap_str2dn( in->bv_val, &dn, LDAP_DN_FORMAT_LDAPV3 );
+ ldapava_free_dn( dn );
+
+ if ( rc != LDAP_SUCCESS ) {
+ return( LDAP_INVALID_SYNTAX );
+ }
+
+ return( LDAP_SUCCESS );
+}
+
+int
+dnNormalize(
+ Syntax *syntax,
+ struct berval *val,
+ struct berval **normalized )
+{
+ struct berval *out = NULL;
+
+ if ( val->bv_len != 0 ) {
+ LDAPDN *dn = NULL;
+ char *dn_out = NULL;
+ int rc;
+
+ rc = ldap_str2dn( val->bv_val, &dn, LDAP_DN_FORMAT_LDAPV3 );
+ if ( rc != LDAP_SUCCESS ) {
+ return( LDAP_INVALID_SYNTAX );
+ }
+
+ rc = ldap_dn2str( dn, &dn_out, LDAP_DN_FORMAT_LDAPV3 );
+ ldapava_free_dn( dn );
+
+ if ( rc != LDAP_SUCCESS ) {
+ return( LDAP_INVALID_SYNTAX );
+ }
+
+ out = ber_bvstr( dn_out );
+
+ } else {
+ out = ber_bvdup( val );
+ }
+
+ *normalized = out;
+
+ return( LDAP_SUCCESS );
+}
+
+int
+dnPretty(
+ Syntax *syntax,
+ struct berval *val,
+ struct berval **normalized)
+{
+ struct berval *out = NULL;
+
+ if ( val->bv_len != 0 ) {
+ LDAPDN *dn = NULL;
+ char *dn_out = NULL;
+ unsigned flags = LDAP_DN_FORMAT_LDAPV3;
+ int rc;
+
+ rc = ldap_str2dn( val->bv_val, &dn, flags );
+ if ( rc != LDAP_SUCCESS ) {
+ return( LDAP_INVALID_SYNTAX );
+ }
+
+ flags |= LDAP_DN_PRETTY;
+
+ rc = ldap_dn2str( dn, &dn_out, flags );
+ ldapava_free_dn( dn );
+
+ if ( rc != LDAP_SUCCESS ) {
+ return( LDAP_INVALID_SYNTAX );
+ }
+
+ out = ber_bvstr( dn_out );
+
+ } else {
+ out = ber_bvdup( val );
+ }
+
+ *normalized = out;
+
+ return( LDAP_SUCCESS );
+}
+
+int
+dnMatch(
+ int *matchp,
+ slap_mask_t flags,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *value,
+ void *assertedValue )
+{
+ int match;
+ struct berval *asserted = (struct berval *) assertedValue;
+
+ match = value->bv_len - asserted->bv_len;
+
+ if ( match == 0 ) {
+#ifdef USE_DN_NORMALIZE
+ match = strcmp( value->bv_val, asserted->bv_val );
+ fprintf(stderr, "USE_DN_NORMALIZE :(\n");
+#else
+ match = strcasecmp( value->bv_val, asserted->bv_val );
+ fprintf(stderr, "!USE_DN_NORMALIZE :)\n");
+#endif
+ }
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY,
+ "dnMatch: %d\n %s\n %s\n", match,
+ value->bv_val, asserted->bv_val ));
+#else
+ Debug( LDAP_DEBUG_ARGS, "dnMatch %d\n\t\"%s\"\n\t\"%s\"\n",
+ match, value->bv_val, asserted->bv_val );
+#endif
+
+ *matchp = match;
+ return( LDAP_SUCCESS );
+}
+
+#else /* !USE_LDAP_DN_PARSING */
+
static int
dnValidate(
Syntax *syntax,
return LDAP_SUCCESS;
}
+#endif /* !USE_LDAP_DN_PARSING */
+
static int
nameUIDValidate(
Syntax *syntax,
projects / openldap / commitdiff