Distinguish absent control value from empty control value.

diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index f9e9b9b076fafb20c3d4ecc418f81c53628de850..ea2ecba0ec2edea11f055924a6459c27ad792789 100644 (file)
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -849,8 +849,8 @@ static int parseDontUseCopy (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len ) {
-               rs->sr_text = "dontUseCopy control value not empty";
+       if ( !BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "dontUseCopy control value not absent";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -873,8 +873,8 @@ static int parseRelax (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len ) {
-               rs->sr_text = "relax control value not empty";
+       if ( !BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "relax control value not absent";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -895,8 +895,8 @@ static int parseManageDSAit (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len ) {
-               rs->sr_text = "manageDSAit control value not empty";
+       if ( !BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "manageDSAit control value not absent";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -920,6 +920,11 @@ static int parseProxyAuthz (
                return LDAP_PROTOCOL_ERROR;
        }
 
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "proxy authorization control value absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
        if ( !( global_allows & SLAP_ALLOW_PROXY_AUTHZ_ANON )
                && BER_BVISEMPTY( &op->o_ndn ) )
        {
@@ -937,7 +942,7 @@ static int parseProxyAuthz (
                ctrl->ldctl_value.bv_len ?  ctrl->ldctl_value.bv_val : "anonymous",
                0 );
 
-       if ( ctrl->ldctl_value.bv_len == 0 ) {
+       if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
                Debug( LDAP_DEBUG_TRACE,
                        "parseProxyAuthz: conn=%lu anonymous\n", 
                        op->o_connid, 0, 0 );
@@ -1036,8 +1041,13 @@ static int parsePagedResults (
                return LDAP_PROTOCOL_ERROR;
        }
 
+       if ( BER_BVISNULL( &ctrl->ldctl_value ) ) {
+               rs->sr_text = "paged results control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
        if ( BER_BVISEMPTY( &ctrl->ldctl_value ) ) {
-               rs->sr_text = "paged results control value is empty (or absent)";
+               rs->sr_text = "paged results control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1112,8 +1122,13 @@ static int parseSortedResults (
                return LDAP_PROTOCOL_ERROR;
        }
 
+       if ( BER_BVISNULL( &ctrl->ldctl_value ) ) {
+               rs->sr_text = "sorted results control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
        if ( BER_BVISEMPTY( &ctrl->ldctl_value ) ) {
-               rs->sr_text = "sorted results control value is empty (or absent)";
+               rs->sr_text = "sorted results control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1140,8 +1155,13 @@ static int parseAssert (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len == 0 ) {
-               rs->sr_text = "assert control value is empty (or absent)";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "assert control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
+       if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
+               rs->sr_text = "assert control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1198,8 +1218,13 @@ static int parsePreRead (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len == 0 ) {
-               rs->sr_text = "preread control value is empty (or absent)";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "preread control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
+       if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
+               rs->sr_text = "preread control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1266,8 +1291,13 @@ static int parsePostRead (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len == 0 ) {
-               rs->sr_text = "postread control value is empty (or absent)";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "postread control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
+       if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
+               rs->sr_text = "postread control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1351,8 +1381,13 @@ static int parseValuesReturnFilter (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len == 0 ) {
-               rs->sr_text = "valuesReturnFilter control value is empty (or absent)";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "valuesReturnFilter control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
+       if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
+               rs->sr_text = "valuesReturnFilter control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1435,8 +1470,8 @@ static int parsePermissiveModify (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len ) {
-               rs->sr_text = "permissiveModify control value not empty";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "permissiveModify control value not absent";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1457,7 +1492,7 @@ static int parseDomainScope (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len ) {
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
                rs->sr_text = "domainScope control value not empty";
                return LDAP_PROTOCOL_ERROR;
        }
@@ -1480,8 +1515,8 @@ static int parseTreeDelete (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( ctrl->ldctl_value.bv_len ) {
-               rs->sr_text = "treeDelete control value not empty";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "treeDelete control value not absent";
                return LDAP_PROTOCOL_ERROR;
        }
 
@@ -1502,8 +1537,13 @@ static int parseSearchOptions (
        ber_int_t search_flags;
        ber_tag_t tag;
 
-       if ( ctrl->ldctl_value.bv_len == 0 ) {
-               rs->sr_text = "searchOptions control value is empty (or absent)";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "searchOptions control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
+       if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
+               rs->sr_text = "searchOptions control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 

diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index 9a7abd0215120bc6effb7f3648efa9ff7fb892b7..1946b5ca51caed506768b484e972867f1911828a 100644 (file)
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -2018,8 +2018,8 @@ ppolicy_parseCtrl(
        SlapReply *rs,
        LDAPControl *ctrl )
 {
-       if ( ctrl->ldctl_value.bv_len ) {
-               rs->sr_text = "passwordPolicyRequest control value not empty";
+       if ( !BER_BVISNULL( &ctrl->ldctl_value ) ) {
+               rs->sr_text = "passwordPolicyRequest control value not absent";
                return LDAP_PROTOCOL_ERROR;
        }
        op->o_ctrlflag[ppolicy_cid] = ctrl->ldctl_iscritical

diff --git a/servers/slapd/overlays/syncprov.c b/servers/slapd/overlays/syncprov.c
index 18a3fe5586c183ff6ebfc9b7565b600fa07591fa..5650b14b7aa918512eb93ece47b3bb21d0a753fd 100644 (file)
--- a/servers/slapd/overlays/syncprov.c
+++ b/servers/slapd/overlays/syncprov.c
@@ -2708,8 +2708,13 @@ static int syncprov_parseCtrl (
                return LDAP_PROTOCOL_ERROR;
        }
 
+       if ( BER_BVISNULL( &ctrl->ldctl_value ) ) {
+               rs->sr_text = "Sync control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
        if ( BER_BVISEMPTY( &ctrl->ldctl_value ) ) {
-               rs->sr_text = "Sync control value is empty (or absent)";
+               rs->sr_text = "Sync control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }
 

diff --git a/servers/slapd/overlays/valsort.c b/servers/slapd/overlays/valsort.c
index b089a7189974e2cfd50423de36ea7c217811a488..f1b82e917c763e4afea0057c7452e6b00ab27b36 100644 (file)
--- a/servers/slapd/overlays/valsort.c
+++ b/servers/slapd/overlays/valsort.c
@@ -510,8 +510,13 @@ valsort_parseCtrl(
        BerElement *ber = (BerElement *)&berbuf;
        ber_int_t flag = 0;
 
-       if ( ctrl->ldctl_value.bv_len == 0 ) {
-               rs->sr_text = "valSort control value is empty (or absent)";
+       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+               rs->sr_text = "valSort control value is absent";
+               return LDAP_PROTOCOL_ERROR;
+       }
+
+       if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
+               rs->sr_text = "valSort control value is empty";
                return LDAP_PROTOCOL_ERROR;
        }