ComponentFilterMatch support for userCertificate

diff --git a/contrib/slapd-modules/comp_match/certificate.c b/contrib/slapd-modules/comp_match/certificate.c
index 89da6cf7c440ca0137e06c015e68f0ec63fa57d5..3b15643125e740e66d051e3dd5a2fe8720e8e435 100644 (file)
--- a/contrib/slapd-modules/comp_match/certificate.c
+++ b/contrib/slapd-modules/comp_match/certificate.c
@@ -9,7 +9,7 @@
 
 
 void init_module_AuthenticationFramework() {
-       add_OD_entry ( "1.3.6.1.4.1.4203.666.1.34", GDecComponentCertificate,
+       add_OD_entry ( "2.5.4.36", GDecComponentCertificate,
        BDecComponentCertificate, NULL);
        InitAnyAuthenticationFramework();
 }
@@ -1630,6 +1630,8 @@ MatchingComponentRelativeDistinguishedName ( char* oid, ComponentSyntaxInfo* csi
        else
                 rc = LDAP_COMPARE_FALSE;
        AsnListMove( &t_list, v2 );
+       AsnListFirst(v1);
+       AsnListFirst(v2);
        return rc;
 }  /* BMatchingComponentRelativeDistinguishedNameContent */
 
@@ -1872,6 +1874,9 @@ MatchingComponentRDNSequence ( char* oid, ComponentSyntaxInfo* csi_attr, Compone
                }
        } /* end of for */
 
+       AsnListFirst(v1);
+       AsnListFirst(v2);
+
        if( (!component1 && component2) || (component1 && !component2))
                return LDAP_COMPARE_FALSE;
        else

diff --git a/servers/slapd/attr.c b/servers/slapd/attr.c
index 70600c4eb942fd4a362c160728fba4948ed5578c..0513a9d2d5cbc312e2668b3f6aef76c4aa13c810 100644 (file)
--- a/servers/slapd/attr.c
+++ b/servers/slapd/attr.c
@@ -40,12 +40,21 @@
 
 #include "slap.h"
 
+#ifdef LDAP_COMP_MATCH
+extern free_component_func* component_destructor;
+#endif
 void
 attr_free( Attribute *a )
 {
        if ( a->a_nvals && a->a_nvals != a->a_vals )
                ber_bvarray_free( a->a_nvals );
        ber_bvarray_free( a->a_vals );
+#ifdef LDAP_COMP_MATCH
+       if ( component_destructor && a->a_component_values ) {
+               component_destructor(a->a_component_values);
+               a->a_component_values = NULL;
+       }
+#endif
        free( a );
 }
 
@@ -108,6 +117,9 @@ attr_dup( Attribute *a )
        tmp->a_desc = a->a_desc;
        tmp->a_next = NULL;
        tmp->a_flags = 0;
+#ifdef LDAP_COMP_MATCH
+       tmp->a_component_values = NULL;
+#endif
 
        return tmp;
 }
@@ -168,6 +180,9 @@ attr_merge(
                (*a)->a_nvals = NULL;
                (*a)->a_next = NULL;
                (*a)->a_flags = 0;
+#ifdef LDAP_COMP_MATCH
+               (*a)->a_component_values = NULL;
+#endif
        }
 
        rc = value_add( &(*a)->a_vals, vals );
@@ -249,6 +264,9 @@ attr_merge_one(
                (*a)->a_nvals = NULL;
                (*a)->a_next = NULL;
                (*a)->a_flags = 0;
+#ifdef LDAP_COMP_MATCH
+               (*a)->a_component_values = NULL;
+#endif
        }
 
        rc = value_add_one( &(*a)->a_vals, val );

diff --git a/servers/slapd/component.c b/servers/slapd/component.c
index 8e851bea225a8740f838cb67c01d40f932220a95..fea68cb7480470ea9d1db094c98ed2608fa6cc73 100644 (file)
--- a/servers/slapd/component.c
+++ b/servers/slapd/component.c
@@ -103,10 +103,7 @@ componentFilterMatch (
                return LDAP_INAPPROPRIATE_MATCHING;
                
        rc = test_comp_filter( syntax, a, a->a_vals, ma->ma_cf );
-       if ( component_destructor && a->a_component_values ) {
-               component_destructor(a->a_component_values);
-               a->a_component_values = NULL;
-       }
+
        if ( rc == LDAP_COMPARE_TRUE ) {
                *matchp = 0;
                return LDAP_SUCCESS;

diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c
index 45d4f98e3315389192135a692939372a72f5a78b..c636b130c6016196a4780ff2a0f437b64fd3e654 100644 (file)
--- a/servers/slapd/entry.c
+++ b/servers/slapd/entry.c
@@ -662,6 +662,9 @@ int entry_decode(struct berval *bv, Entry **e)
                bptr = (BerVarray)(a+1);
                a->a_vals = bptr;
                a->a_flags = 0;
+#ifdef LDAP_COMP_MATCH
+               a->a_component_values = NULL;
+#endif
                count = j = entry_getlen(&ptr);
 
                while (j) {

diff --git a/servers/slapd/schema/test.schema b/servers/slapd/schema/test.schema
index 9fd8cd8120e2da295340bd2f0ac2aa52467c9579..e5f1f5da25f847e2c8372ad943e2ba7276465665 100644 (file)
--- a/servers/slapd/schema/test.schema
+++ b/servers/slapd/schema/test.schema
@@ -14,13 +14,3 @@
 ## <http://www.OpenLDAP.org/license.html>.
 #
 
-# For testing purposes only.
-
-attributetype ( 1.3.6.1.4.1.4203.666.1.34 NAME 'componentCertificate'
-        DESC 'Component version of userCertificate, use ;binary'
-        SYNTAX 1.3.6.1.4.1.4203.666.2.7 )
-
-objectclass ( 1.3.6.1.4.1.4203.666.3.14 NAME 'componentpkiUser'
-    DESC 'a PKI user with componentCertificate'
-    SUP top AUXILIARY
-    MAY componentCertificate )

diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index 8c6e5fef6f0b648e018380a55ca81c4dde4e8371..0c87aadb5900dce199ca1595d925299eeae94e27 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -3075,11 +3075,8 @@ static slap_syntax_defs_rec syntax_defs[] = {
 #ifdef LDAP_COMP_MATCH
         {"( 1.2.36.79672281.1.5.3 DESC 'allComponents' )",
                 0, allComponentsValidate, NULL},
-       {"( 1.2.36.79672281.1.5.2 DESC 'componentFilter') ",
+       {"( 1.2.36.79672281.1.5.2 DESC 'componentFilterMatch assertion') ",
                0, componentFilterValidate, NULL},
-       {"( 1.3.6.1.4.1.4203.666.2.7 DESC 'componentCertificate' "
-               X_BINARY X_NOT_H_R ")",
-               SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, componentCertificateValidate, NULL},
 #endif
        {"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )",
                0, NULL, NULL},
@@ -3209,6 +3206,12 @@ char *certificateExactMatchSyntaxes[] = {
        "1.3.6.1.4.1.1466.115.121.1.8" /* certificate */,
        NULL
 };
+#ifdef LDAP_COMP_MATCH
+char *componentFilterMatchSyntaxes[] = {
+       "1.3.6.1.4.1.1466.115.121.1.8" /* certificate */,
+       NULL
+};
+#endif
 char *directoryStringSyntaxes[] = {
        "1.3.6.1.4.1.1466.115.121.1.44" /* printableString */,
        NULL
@@ -3325,7 +3328,7 @@ static slap_mrule_defs_rec mrule_defs[] = {
 #ifdef LDAP_COMP_MATCH
        {"( 1.2.36.79672281.1.13.2 NAME 'componentFilterMatch' "
                "SYNTAX 1.2.36.79672281.1.5.2 )",
-               SLAP_MR_EXT|SLAP_MR_COMPONENT, NULL,
+               SLAP_MR_EXT|SLAP_MR_COMPONENT, componentFilterMatchSyntaxes,
                NULL, NULL , componentFilterMatch,
                octetStringIndexer, octetStringFilter,
                NULL },
@@ -3336,12 +3339,6 @@ static slap_mrule_defs_rec mrule_defs[] = {
                 NULL, NULL , allComponentsMatch,
                 octetStringIndexer, octetStringFilter,
                 NULL },
-       {"( 1.3.6.1.4.1.4203.666.4.12 NAME 'componentCertificateMatch' "
-               "SYNTAX 1.3.6.1.4.1.4203.666.2.7 )",
-               SLAP_MR_EXT|SLAP_MR_COMPONENT, NULL,
-               NULL, NULL , componentCertificateMatch,
-               octetStringIndexer, octetStringFilter,
-               NULL },
 #endif
 
        {"( 2.5.13.2 NAME 'caseIgnoreMatch' "

diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index bb41efc677427e85eaa3e763dc0e1084c30afa32..e5c00e9c66b2e359037cb2f63dcadc4604c818ba 100644 (file)
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -2611,7 +2611,7 @@ struct slap_component_syntax_info;
 
 typedef int gser_decoder_func LDAP_P((
        void* b,
-       struct slap_component_syntax_info* comp_syn_info,
+       struct slap_component_syntax_info** comp_syn_info,
        int* len,
        int mode));
 

diff --git a/tests/data/compsearch.out b/tests/data/compsearch.out
index 81ae1478e124bd10aeaf2eeb7d1f4a72b2e63078..6142363b16e1cb76f5ee9321edaf8aba5c9e01cf 100644 (file)
--- a/tests/data/compsearch.out
+++ b/tests/data/compsearch.out
@@ -4,16 +4,16 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: beta
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 
 dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -21,16 +21,16 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: charlie
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 
 dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -38,16 +38,16 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: beta
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 
 dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -55,16 +55,16 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: charlie
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 
 dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -72,16 +72,16 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: beta
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 
 dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -89,16 +89,16 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: charlie
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 
 dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -106,16 +106,16 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: beta
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 
 dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -123,31 +123,14 @@ objectClass: extensibleObject
 uid:: Y2hhcmxpZSA=
 cn: charlie
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
-
-dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
-objectClass: extensibleObject
-uid:: Y2hhcmxpZSA=
-cn: charlie
-sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQsw
- CQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTM
- IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2
- QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+
- tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4E
- FgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihE
- aQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44lao
- KcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5
- rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9
- a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
 

diff --git a/tests/data/slapd-component.conf b/tests/data/slapd-component.conf
index 738cbc75db065d5de8a500dc60be9cef3ce19c6b..7bd1e260e7eb95c5ab2f96e0a94883ab71f328d2 100644 (file)
--- a/tests/data/slapd-component.conf
+++ b/tests/data/slapd-component.conf
@@ -19,7 +19,6 @@ include ./schema/cosine.schema
 include ./schema/inetorgperson.schema
 include ./schema/openldap.schema
 include ./schema/nis.schema
-include ./schema/test.schema
 
 include ./testdata/ditcontentrules.conf
 

diff --git a/tests/data/test-compmatch.ldif b/tests/data/test-compmatch.ldif
index bbec2aaac04fb3400648ea9f7e91d119e2e42b7c..eb72ab3266ba390cb55488193f274fcceb5f2241 100644 (file)
--- a/tests/data/test-compmatch.ldif
+++ b/tests/data/test-compmatch.ldif
@@ -401,7 +401,7 @@ objectclass: extensibleObject
 uid: charlie 
 cn: charlie
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4XrEkBJ/Q=
 
 dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
 objectclass: OpenLDAPperson
@@ -409,4 +409,4 @@ objectclass: extensibleObject
 uid: charlie 
 cn: beta
 sn: Jee
-componentCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4XrEkBJ/Q=
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4XrEkBJ/Q=

diff --git a/tests/scripts/test031-component-filter b/tests/scripts/test031-component-filter
index 7568ab73b28501b51cdf11c16aee0190ccd80670..d9adf0928bc3474ddbd0e585983849ff2e2b7de1 100755 (executable)
--- a/tests/scripts/test031-component-filter
+++ b/tests/scripts/test031-component-filter
@@ -82,7 +82,7 @@ cat /dev/null > $SEARCHOUT
 echo "Testing Component Filter Match RFC3687 Certificate searching:"
 echo "# Testing Component Filter Match RFC3687 Certificate searching:" >> $SEARCHOUT
 
-FILTER="(componentCertificate:componentCertificateMatch:=item:{ component \"tbsCertificate.serialNumber\", rule allComponentsMatch, value 0 })"
+FILTER="(usertCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.serialNumber\", rule allComponentsMatch, value 0 })"
 echo "        f=$FILTER ..."
 echo "#         f=$FILTER ..." >> $SEARCHOUT
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
@@ -95,7 +95,7 @@ if test $RC != 0 ; then
        exit $RC
 fi
 
-FILTER="(componentCertificate:componentCertificateMatch:=item:{ component \"tbsCertificate.version\", rule allComponentsMatch, value 2 })"
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.version\", rule allComponentsMatch, value 2 })"
 echo "        f=$FILTER ..."
 echo "#         f=$FILTER ..." >> $SEARCHOUT
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
@@ -108,7 +108,7 @@ if test $RC != 0 ; then
        exit $RC
 fi
 
-FILTER="(componentCertificate:componentCertificateMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence.1.1.value\", rule octetStringMatch, value \"US\" })"
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence.1.1.value\", rule caseExactMatch, value \"US\" })"
 echo "        f=$FILTER ..."
 echo "#         f=$FILTER ..." >> $SEARCHOUT
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
@@ -121,7 +121,7 @@ if test $RC != 0 ; then
        exit $RC
 fi
 
-FILTER="(componentCertificate:componentCertificateMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence.1.1.value\", rule allComponentsMatch, value \"US\" })"
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence.1.1.value\", rule allComponentsMatch, value \"US\" })"
 echo "        f=$FILTER ..."
 echo "#         f=$FILTER ..." >> $SEARCHOUT
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
@@ -134,7 +134,7 @@ if test $RC != 0 ; then
        exit $RC
 fi
 
-FILTER="(componentCertificate:componentCertificateMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence\", rule allComponentsMatch, value { { { type 2.5.4.6 , value \"US\" } } } })"
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence\", rule allComponentsMatch, value { { { type 2.5.4.6 , value \"US\" } } } })"
 echo "        f=$FILTER ..."
 echo "#         f=$FILTER ..." >> $SEARCHOUT
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \