From: Pierangelo Masarati Date: Mon, 29 Dec 2003 17:06:43 +0000 (+0000) Subject: fix, clarify and document previous commit X-Git-Tag: OPENLDAP_REL_ENG_2_1_MP~90 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=c860ba6a235bd9d51b4117babf1de2445a508559;p=openldap fix, clarify and document previous commit --- diff --git a/doc/man/man5/slapd-meta.5 b/doc/man/man5/slapd-meta.5 index 56ba6535a4..c080555d22 100644 --- a/doc/man/man5/slapd-meta.5 +++ b/doc/man/man5/slapd-meta.5 @@ -362,20 +362,41 @@ use POSIX Basic Regular Expressions (default is Extended) apply the rule once only (default is recursive) .TP .B `@' -stop applying rules in case of match. +stop applying rules in case of match; the current rule is still applied +recursively; combine with `:' to apply the current rule only once +and then stop. .TP .B `#' stop current operation if the rule matches, and issue an `unwilling to perform' error. .TP .B `G{n}' -jump n rules back and forth (watch for loops!). +jump +.B n +rules back and forth (watch for loops!). Note that `G{1}' is implicit in every rule. .TP .B `I' ignores errors in rule; this means, in case of error, e.g. issued by a map, the error is treated as a missed match. The `unwilling to perform' is not overridden. +.TP +.B `U{n}' +uses +.B +n +as return code if the rule matches; the flag does not alter the recursive +behavior of the rule, so, to have it performed only once, it must be used +in combination with `:', e.g. +.B `:U{16}' +returns the value `16' after exactly one execution of the rule, if the +pattern matches. +As a consequence, its behavior is equivalent to `@', with the return +code set to +.BR n ; +or, in other words, `@' is equivalent to `U{0}'. +By convention, the freely available codes are above 16 included; +the others are reserved. .LP The ordering of the flags is significant. For instance: `IG{2}' means ignore errors and jump two lines ahead @@ -616,7 +637,7 @@ rewriteMap ldap attr2dn "ldap://host/dc=my,dc=org?dn?sub" # regular DNs, because the definition of a bindDn # rewrite context overrides the default definition. rewriteContext bindDn -rewriteRule "^mail=[^,]+@[^,]+$" "%{attr2dn(%0)}" "@I" +rewriteRule "^mail=[^,]+@[^,]+$" "%{attr2dn(%0)}" ":@I" # This is a rather sophisticated example. It massages a # search filter in case who performs the search has @@ -645,7 +666,7 @@ rewriteRule "(.*\e\e()uid=([a-z0-9_]+)(\e\e).*)" "%{**binddn}<>%{&prefix(%1)}%{&arg(%2)}%{&suffix(%3)}" ":I" rewriteRule "[^,]+,ou=admin,dc=home,dc=net" - "%{*prefix}|(uid=%{*arg})(cn=%{*arg})%{*suffix}" "@I" + "%{*prefix}|(uid=%{*arg})(cn=%{*arg})%{*suffix}" ":@I" rewriteRule ".*<>" "%{*prefix}uid=%{*arg}%{*suffix}" ":" # This example shows how to strip unwanted DN-valued @@ -655,7 +676,7 @@ rewriteRule ".*<>" "%{*prefix}uid=%{*arg}%{*suffix}" ":" # The second rule matches everything else and causes # the value to be rejected. rewriteContext searchResult -rewriteRule ".*,ou=People,dc=example,dc=com" "%0" "@" +rewriteRule ".*,ou=People,dc=example,dc=com" "%0" ":@" rewriteRule ".*" "" "#" .fi .SH "LDAP Proxy resolution (a possible evolution of slapd\-ldap(5)):" @@ -666,16 +687,16 @@ E.g.: .LP .nf rewriteRule '^cn=root,.*' '%0' 'G{3}' - rewriteRule '^cn=[a-l].*' 'ldap://ldap1.my.org/%0' '@' - rewriteRule '^cn=[m-z].*' 'ldap://ldap2.my.org/%0' '@' - rewriteRule '.*' 'ldap://ldap3.my.org/%0' '@' + rewriteRule '^cn=[a-l].*' 'ldap://ldap1.my.org/%0' ':@' + rewriteRule '^cn=[m-z].*' 'ldap://ldap2.my.org/%0' ':@' + rewriteRule '.*' 'ldap://ldap3.my.org/%0' ':@' .fi .LP (Rule 1 is simply there to illustrate the `G{n}' action; it could have been written: .LP .nf - rewriteRule '^cn=root,.*' 'ldap://ldap3.my.org/%0' '@' + rewriteRule '^cn=root,.*' 'ldap://ldap3.my.org/%0' ':@' .fi .LP with the advantage of saving one rewrite pass ...) diff --git a/libraries/librewrite/info.c b/libraries/librewrite/info.c index ef95f5da84..d8e9c21ba3 100644 --- a/libraries/librewrite/info.c +++ b/libraries/librewrite/info.c @@ -259,11 +259,13 @@ rewrite_session( */ case REWRITE_REGEXEC_UNWILLING: case REWRITE_REGEXEC_ERR: - default: if ( *result != NULL ) { free( *result ); *result = NULL; } + + default: + break; } rc_return:; diff --git a/libraries/librewrite/rule.c b/libraries/librewrite/rule.c index ef491d4a59..11f489bda3 100644 --- a/libraries/librewrite/rule.c +++ b/libraries/librewrite/rule.c @@ -189,8 +189,8 @@ rewrite_rule_compile( return REWRITE_ERR; } - mode &= ~REWRITE_RECURSE; - mode |= REWRITE_EXEC_ONCE; + //mode &= ~REWRITE_RECURSE; + //mode |= REWRITE_EXEC_ONCE; action->la_type = REWRITE_ACTION_STOP; break; @@ -219,8 +219,7 @@ rewrite_rule_compile( * After applying rule, return user-defined * error code */ - char buf[16], *q; - size_t l; + char *next = NULL; int *d; if ( p[ 1 ] != '{' ) { @@ -228,26 +227,17 @@ rewrite_rule_compile( return REWRITE_ERR; } - q = strchr( p + 2, '}' ); - if ( q == NULL ) { - /* XXX Need to free stuff */ - return REWRITE_ERR; - } - - l = q - p + 1; - if ( l >= sizeof( buf ) ) { + d = malloc( sizeof( int ) ); + if ( d == NULL ) { /* XXX Need to free stuff */ return REWRITE_ERR; } - AC_MEMCPY( buf, p + 2, l ); - buf[ l ] = '\0'; - d = malloc( sizeof( int ) ); - if ( d == NULL ) { + d[ 0 ] = strtol( &p[ 2 ], &next, 0 ); + if ( next == NULL || next == &p[ 2 ] || next[0] != '}' ) { /* XXX Need to free stuff */ return REWRITE_ERR; } - d[ 0 ] = atoi( buf ); action = calloc( sizeof( struct rewrite_action ), 1 ); if ( action == NULL ) { @@ -269,7 +259,7 @@ rewrite_rule_compile( action->la_args = (void *)d; - p = q; /* p is incremented by the for ... */ + p = next; /* p is incremented by the for ... */ break; }