break;
- case LDAP_FILTER_EXT:
- filter_escape_value( &f->f_mr_value, &tmp );
-#ifndef SLAP_X_MRA_MATCH_DNATTRS
- fstr->bv_len = f->f_mr_desc->ad_cname.bv_len +
- ( f->f_mr_dnattrs ? sizeof(":dn")-1 : 0 ) +
- ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len+1 : 0 ) +
- tmp.bv_len + ( sizeof("(:=)") - 1 );
- fstr->bv_val = malloc( fstr->bv_len + 1 );
-
- snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)",
- f->f_mr_desc->ad_cname.bv_val,
- f->f_mr_dnattrs ? ":dn" : "",
- f->f_mr_rule_text.bv_len ? ":" : "",
- f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_val : "",
- tmp.bv_val );
-#else /* SLAP_X_MRA_MATCH_DNATTRS */
- {
+ case LDAP_FILTER_EXT: {
struct berval ad;
+ filter_escape_value( &f->f_mr_value, &tmp );
if ( f->f_mr_desc ) {
ad = f->f_mr_desc->ad_cname;
f->f_mr_rule_text.bv_len ? ":" : "",
f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_val : "",
tmp.bv_val );
- }
-#endif /* SLAP_X_MRA_MATCH_DNATTRS */
ber_memfree( tmp.bv_val );
- break;
+ } break;
case SLAPD_FILTER_COMPUTED:
ber_str2bv(
f->f_desc->ad_cname.bv_val );
break;
- case LDAP_FILTER_EXT:
- filter_escape_value( &f->f_mr_value, &tmp );
-
-#ifndef SLAP_X_MRA_MATCH_DNATTRS
- fstr->bv_len = f->f_mr_desc->ad_cname.bv_len +
- ( f->f_mr_dnattrs ? sizeof(":dn")-1 : 0 ) +
- ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len+1 : 0 ) +
- tmp.bv_len + ( sizeof("(:=)") - 1 );
- fstr->bv_val = malloc( fstr->bv_len + 1 );
-
- snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)",
- f->f_mr_desc->ad_cname.bv_val,
- f->f_mr_dnattrs ? ":dn" : "",
- f->f_mr_rule_text.bv_len ? ":" : "",
- f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_val : "",
- tmp.bv_val );
-#else /* SLAP_X_MRA_MATCH_DNATTRS */
- {
+ case LDAP_FILTER_EXT: {
struct berval ad;
+ filter_escape_value( &f->f_mr_value, &tmp );
if ( f->f_mr_desc ) {
ad = f->f_mr_desc->ad_cname;
f->f_mr_rule_text.bv_len ? ":" : "",
f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_val : "",
tmp.bv_val );
- }
-#endif /* SLAP_X_MRA_MATCH_DNATTRS */
ber_memfree( tmp.bv_val );
- break;
+ } break;
case SLAPD_FILTER_COMPUTED:
ber_str2bv(
{
Attribute *a;
-#ifndef SLAP_X_MRA_MATCH_DNATTRS
- if( !access_allowed( be, conn, op, e,
- mra->ma_desc, &mra->ma_value, ACL_SEARCH, NULL ) )
- {
- return LDAP_INSUFFICIENT_ACCESS;
- }
-#else /* SLAP_X_MRA_MATCH_DNATTRS */
if ( mra->ma_desc ) {
/*
* if ma_desc is available, then we're filtering for
{
return LDAP_INSUFFICIENT_ACCESS;
}
-#endif /* SLAP_X_MRA_MATCH_DNATTRS */
for(a = attrs_find( e->e_attrs, mra->ma_desc );
a != NULL;
}
}
}
-#ifdef SLAP_X_MRA_MATCH_DNATTRS
} else {
/*
}
}
}
-#endif /* SLAP_X_MRA_MATCH_DNATTRS */
return LDAP_COMPARE_FALSE;
}
for ( i=0; a != NULL; a = a->a_next, i++ ) {
struct berval *bv, value;
-#ifndef SLAP_X_MRA_MATCH_DNATTRS
- if ( !is_ad_subtype( a->a_desc, mra->ma_desc ) ) {
- continue;
- }
- value = mra->ma_value;
-
-#else /* SLAP_X_MRA_MATCH_DNATTRS */
if ( mra->ma_desc ) {
if ( !is_ad_subtype( a->a_desc, mra->ma_desc ) ) {
continue;
}
}
-#endif /* SLAP_X_MRA_MATCH_DNATTRS */
for ( bv = a->a_vals, j = 0; bv->bv_val != NULL; bv++, j++ ) {
int ret;
return SLAPD_DISCONNECT;
}
-#ifndef SLAP_X_MRA_MATCH_DNATTRS
- /*
- * Let's try to implement it
- */
- if( ma->ma_dnattrs ) {
- *text = "matching with \":dn\" not supported";
- return LDAP_INAPPROPRIATE_MATCHING;
- }
-#endif /* !SLAP_X_MRA_MATCH_DNATTRS */
-
if( type.bv_val != NULL ) {
rc = slap_bv2ad( &type, &ma->ma_desc, text );
if( rc != LDAP_SUCCESS ) {
mra_free( ma, 1 );
return rc;
}
-
-#ifndef SLAP_X_MRA_MATCH_DNATTRS
- } else {
- *text = "matching without attribute description rule not supported";
- return LDAP_INAPPROPRIATE_MATCHING;
-#endif /* !SLAP_X_MRA_MATCH_DNATTRS */
}
if( ma->ma_rule_text.bv_val != NULL ) {
}
}
- /*
- * FIXME: is it correct that ma->ma_rule_text, if present,
- * is looked-up, checked, and then replaced by the sat_equality
- * of the given attribute? I'd rather do smtg like use
- * the attribute's equality rule only if no matching rule
- * was given, otherwise I don't see any extension ...
- */
-
-#if 1
if ( ma->ma_rule == NULL ) {
-#ifdef SLAP_X_MRA_MATCH_DNATTRS
/*
* Need either type or rule ...
*/
*text = "no matching rule or type";
return LDAP_INAPPROPRIATE_MATCHING;
}
-#endif /* !SLAP_X_MRA_MATCH_DNATTRS */
if ( ma->ma_desc->ad_type->sat_equality != NULL &&
ma->ma_desc->ad_type->sat_equality->smr_usage & SLAP_MR_EXT )
return LDAP_INAPPROPRIATE_MATCHING;
}
}
-#else
- if( ma->ma_desc != NULL &&
- ma->ma_desc->ad_type->sat_equality != NULL &&
- ma->ma_desc->ad_type->sat_equality->smr_usage & SLAP_MR_EXT )
- {
- /* no matching rule was provided, use the attribute's
- equality rule if it supports extensible matching. */
- ma->ma_rule = ma->ma_desc->ad_type->sat_equality;
-
- } else {
- mra_free( ma, 1 );
- *text = "no appropriate matching rule";
- return LDAP_INAPPROPRIATE_MATCHING;
- }
-#endif
-#ifdef SLAP_X_MRA_MATCH_DNATTRS
if ( ma->ma_desc != NULL ) {
-#endif /* SLAP_X_MRA_MATCH_DNATTRS */
if( !mr_usable_with_at( ma->ma_rule, ma->ma_desc->ad_type ) ) {
mra_free( ma, 1 );
*text = "matching rule use with this attribute not appropriate";
*/
rc = value_validate_normalize( ma->ma_desc, SLAP_MR_EQUALITY,
&value, &ma->ma_value, text );
-#ifdef SLAP_X_MRA_MATCH_DNATTRS
} else {
/*
* Need to normalize, but how?
}
}
-#endif /* SLAP_X_MRA_MATCH_DNATTRS */
if( rc != LDAP_SUCCESS ) {
mra_free( ma, 1 );
* filterentry.c
*/
-/*
- * define to enable dn components match in extended filter matching
- */
-#define SLAP_X_MRA_MATCH_DNATTRS
-
LDAP_SLAPD_F (int) test_filter LDAP_P((
Backend *be, Connection *conn, Operation *op,
Entry *e, Filter *f ));
projects / openldap / commitdiff