From: Pierangelo Masarati Date: Wed, 16 May 2007 01:40:34 +0000 (+0000) Subject: allow attribute inheritance with syntax restriction (please review) X-Git-Tag: OPENLDAP_REL_ENG_2_4_MP~474 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=eb5d285a1bf15b7dcee5bd0f2ff2cb3dd791a80e;p=openldap allow attribute inheritance with syntax restriction (please review) --- diff --git a/servers/slapd/aci.c b/servers/slapd/aci.c index a86e3acd1f..ac786ace75 100644 --- a/servers/slapd/aci.c +++ b/servers/slapd/aci.c @@ -676,6 +676,7 @@ aci_init( void ) static slap_syntax_defs_rec aci_syntax_def = { "( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental ACI' )", SLAP_SYNTAX_HIDE, + NULL, OpenLDAPaciValidate, OpenLDAPaciPretty }; diff --git a/servers/slapd/at.c b/servers/slapd/at.c index dab8ebd927..afb34894c2 100644 --- a/servers/slapd/at.c +++ b/servers/slapd/at.c @@ -754,9 +754,16 @@ at_add( goto error_return; } - if( sat->sat_syntax != NULL && sat->sat_syntax != syn ) { - code = SLAP_SCHERR_ATTR_BAD_SUP; - goto error_return; + if ( sat->sat_syntax != NULL && sat->sat_syntax != syn ) { + Syntax *supsyn = syn->ssyn_sup; + + for ( ; supsyn && supsyn != sat->sat_syntax; + supsyn = supsyn->ssyn_sup ) + ; + if ( supsyn == NULL ) { + code = SLAP_SCHERR_ATTR_BAD_SUP; + goto error_return; + } } sat->sat_syntax = syn; diff --git a/servers/slapd/schema/core.schema b/servers/slapd/schema/core.schema index 5f8cba5679..fd75166d4d 100644 --- a/servers/slapd/schema/core.schema +++ b/servers/slapd/schema/core.schema @@ -92,9 +92,18 @@ attributetype ( 2.5.4.5 NAME 'serialNumber' SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) -attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# RFC 4519 definition (cannot be loaded because SYNTAX conflicts +# with that of name). +# +attributetype ( 2.5.4.6 NAME 'c' DESC 'RFC2256: ISO-3166 country 2-letter code' - SUP name SINGLE-VALUE ) + SUP name + SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 + SINGLE-VALUE ) + +#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256: locality which this object resides in' diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 7556341f3b..afa686eb1b 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -4012,176 +4012,187 @@ firstComponentNormalize( static slap_syntax_defs_rec syntax_defs[] = { {"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' " X_BINARY X_NOT_H_R ")", - SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL}, + SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' " X_NOT_H_R ")", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' " X_NOT_H_R ")", - SLAP_SYNTAX_BLOB, blobValidate, NULL}, + SLAP_SYNTAX_BLOB, NULL, blobValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' " X_NOT_H_R ")", - SLAP_SYNTAX_BER, berValidate, NULL}, + SLAP_SYNTAX_BER, NULL, berValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )", - 0, bitStringValidate, NULL }, + 0, NULL, bitStringValidate, NULL }, {"( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )", - 0, booleanValidate, NULL}, + 0, NULL, booleanValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' " X_BINARY X_NOT_H_R ")", - SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, certificateValidate, NULL}, + SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, + NULL, certificateValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' " X_BINARY X_NOT_H_R ")", - SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, sequenceValidate, NULL}, + SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, + NULL, sequenceValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' " X_BINARY X_NOT_H_R ")", - SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, sequenceValidate, NULL}, + SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, + NULL, sequenceValidate, NULL}, +#if 0 /* need to go __after__ printableString */ {"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )", - 0, countryStringValidate, NULL}, + 0, "1.3.6.1.4.1.1466.115.121.1.44", + countryStringValidate, NULL}, +#endif {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )", - 0, dnValidate, dnPretty}, + 0, NULL, dnValidate, dnPretty}, {"( 1.2.36.79672281.1.5.0 DESC 'RDN' )", - 0, rdnValidate, rdnPretty}, + 0, NULL, rdnValidate, rdnPretty}, #ifdef LDAP_COMP_MATCH {"( 1.2.36.79672281.1.5.3 DESC 'allComponents' )", - 0, allComponentsValidate, NULL}, + 0, NULL, allComponentsValidate, NULL}, {"( 1.2.36.79672281.1.5.2 DESC 'componentFilterMatch assertion') ", - 0, componentFilterValidate, NULL}, + 0, NULL, componentFilterValidate, NULL}, #endif {"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )", - 0, deliveryMethodValidate, NULL}, + 0, NULL, deliveryMethodValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )", - 0, UTF8StringValidate, NULL}, + 0, NULL, UTF8StringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure Rule Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )", - 0, printablesStringValidate, NULL}, + 0, NULL, printablesStringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' " X_NOT_H_R ")", - SLAP_SYNTAX_BLOB, NULL, NULL}, + SLAP_SYNTAX_BLOB, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )", - 0, generalizedTimeValidate, NULL}, + 0, NULL, generalizedTimeValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )", - 0, IA5StringValidate, NULL}, + 0, NULL, IA5StringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )", - 0, integerValidate, NULL}, + 0, NULL, integerValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' " X_NOT_H_R ")", - SLAP_SYNTAX_BLOB, blobValidate, NULL}, + SLAP_SYNTAX_BLOB, NULL, blobValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Access Points' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )", - 0, nameUIDValidate, nameUIDPretty }, + 0, NULL, nameUIDValidate, nameUIDPretty }, {"( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )", - 0, numericStringValidate, NULL}, + 0, NULL, numericStringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )", - 0, numericoidValidate, NULL}, + 0, NULL, numericoidValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )", - 0, IA5StringValidate, NULL}, + 0, NULL, IA5StringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )", - 0, blobValidate, NULL}, + 0, NULL, blobValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )", - 0, UTF8StringValidate, NULL}, + 0, NULL, UTF8StringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol Information' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation Address' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )", - 0, printableStringValidate, NULL}, + 0, "1.3.6.1.4.1.1466.115.121.1.15", + printableStringValidate, NULL}, + /* moved here because now depends on printable string */ + {"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )", + 0, "1.3.6.1.4.1.1466.115.121.1.44", + countryStringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.45 DESC 'SubtreeSpecification' )", #define subtreeSpecificationValidate UTF8StringValidate /* FIXME */ - 0, subtreeSpecificationValidate, NULL}, + 0, NULL, subtreeSpecificationValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' " X_BINARY X_NOT_H_R ")", - SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL}, + SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, berValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )", - 0, printableStringValidate, NULL}, + 0, NULL, printableStringValidate, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )", - 0, printablesStringValidate, NULL}, + 0, NULL, printablesStringValidate, NULL}, #ifdef SUPPORT_OBSOLETE_UTC_SYNTAX {"( 1.3.6.1.4.1.1466.115.121.1.53 DESC 'UTC Time' )", - 0, utcTimeValidate, NULL}, + 0, NULL, utcTimeValidate, NULL}, #endif {"( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema Definition' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema Description' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring Assertion' )", - 0, NULL, NULL}, + 0, NULL, NULL, NULL}, /* RFC 2307 NIS Syntaxes */ {"( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )", - 0, nisNetgroupTripleValidate, NULL}, + 0, NULL, nisNetgroupTripleValidate, NULL}, {"( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )", - 0, bootParameterValidate, NULL}, + 0, NULL, bootParameterValidate, NULL}, /* draft-zeilenga-ldap-x509 */ {"( 1.3.6.1.1.15.1 DESC 'Certificate Exact Assertion' )", - SLAP_SYNTAX_HIDE, + SLAP_SYNTAX_HIDE, NULL, serialNumberAndIssuerValidate, serialNumberAndIssuerPretty}, {"( 1.3.6.1.1.15.2 DESC 'Certificate Assertion' )", - SLAP_SYNTAX_HIDE, NULL, NULL}, + SLAP_SYNTAX_HIDE, NULL, NULL, NULL}, {"( 1.3.6.1.1.15.3 DESC 'Certificate Pair Exact Assertion' )", - SLAP_SYNTAX_HIDE, NULL, NULL}, + SLAP_SYNTAX_HIDE, NULL, NULL, NULL}, {"( 1.3.6.1.1.15.4 DESC 'Certificate Pair Assertion' )", - SLAP_SYNTAX_HIDE, NULL, NULL}, + SLAP_SYNTAX_HIDE, NULL, NULL, NULL}, {"( 1.3.6.1.1.15.5 DESC 'Certificate List Exact Assertion' )", - SLAP_SYNTAX_HIDE, NULL, NULL}, + SLAP_SYNTAX_HIDE, NULL, NULL, NULL}, {"( 1.3.6.1.1.15.6 DESC 'Certificate List Assertion' )", - SLAP_SYNTAX_HIDE, NULL, NULL}, + SLAP_SYNTAX_HIDE, NULL, NULL, NULL}, {"( 1.3.6.1.1.15.7 DESC 'Algorithm Identifier' )", - SLAP_SYNTAX_HIDE, NULL, NULL}, + SLAP_SYNTAX_HIDE, NULL, NULL, NULL}, #ifdef SLAPD_AUTHPASSWD /* needs updating */ {"( 1.3.6.1.4.1.4203.666.2.2 DESC 'OpenLDAP authPassword' )", - SLAP_SYNTAX_HIDE, NULL, NULL}, + SLAP_SYNTAX_HIDE, NULL, NULL, NULL}, #endif {"( 1.3.6.1.1.16.1 DESC 'UUID' )", - 0, UUIDValidate, UUIDPretty}, + 0, NULL, UUIDValidate, UUIDPretty}, {"( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' )", - SLAP_SYNTAX_HIDE, csnValidate, NULL}, + SLAP_SYNTAX_HIDE, NULL, csnValidate, NULL}, /* OpenLDAP Void Syntax */ {"( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )" , - SLAP_SYNTAX_HIDE, inValidate, NULL}, + SLAP_SYNTAX_HIDE, NULL, inValidate, NULL}, /* FIXME: OID is unused, but not registered yet */ {"( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' )", - SLAP_SYNTAX_HIDE, authzValidate, authzPretty}, + SLAP_SYNTAX_HIDE, NULL, authzValidate, authzPretty}, - {NULL, 0, NULL, NULL} + {NULL, 0, NULL, NULL, NULL} }; char *certificateExactMatchSyntaxes[] = { diff --git a/servers/slapd/schemaparse.c b/servers/slapd/schemaparse.c index 05535257b4..93aa7da6eb 100644 --- a/servers/slapd/schemaparse.c +++ b/servers/slapd/schemaparse.c @@ -49,6 +49,7 @@ static char *const err2text[] = { "Duplicate matchingRule", "Syntax not found", "Duplicate ldapSyntax", + "Superior syntax not found", "OID or name required", "Qualifier not supported", "Invalid NAME", diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index cb0bbcbac5..0ba6f6bb65 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -268,7 +268,7 @@ typedef struct slap_ssf_set { #define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3" #define SLAP_SYNTAX_OBJECTCLASSES_OID "1.3.6.1.4.1.1466.115.121.1.37" #define SLAP_SYNTAX_MATCHINGRULEUSES_OID "1.3.6.1.4.1.1466.115.121.1.31" -#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16" +#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16" /* * represents schema information for a database @@ -292,6 +292,7 @@ enum { SLAP_SCHERR_MR_DUP, SLAP_SCHERR_SYN_NOT_FOUND, SLAP_SCHERR_SYN_DUP, + SLAP_SCHERR_SYN_SUP_NOT_FOUND, SLAP_SCHERR_NO_NAME, SLAP_SCHERR_NOT_SUPPORTED, SLAP_SCHERR_BAD_DESCR, @@ -408,6 +409,8 @@ struct Syntax { #define SLAP_SYNTAX_HIDE 0x8000U /* hide (do not publish) */ #endif + Syntax *ssyn_sup; + slap_syntax_validate_func *ssyn_validate; slap_syntax_transform_func *ssyn_pretty; @@ -433,6 +436,7 @@ struct Syntax { typedef struct slap_syntax_defs_rec { char *sd_desc; int sd_flags; + char *sd_sup; slap_syntax_validate_func *sd_validate; slap_syntax_transform_func *sd_pretty; #ifdef SLAPD_BINARY_CONVERSION diff --git a/servers/slapd/syntax.c b/servers/slapd/syntax.c index 5c76378ccc..ab18b18795 100644 --- a/servers/slapd/syntax.c +++ b/servers/slapd/syntax.c @@ -129,7 +129,7 @@ syn_add( ) { Syntax *ssyn; - int code; + int code = 0; ssyn = (Syntax *) SLAP_CALLOC( 1, sizeof(Syntax) ); if( ssyn == NULL ) { @@ -156,7 +156,18 @@ syn_add( ssyn->ssyn_str2ber = def->sd_str2ber; #endif - code = syn_insert(ssyn, err); + if ( def->sd_sup != NULL ) { + ssyn->ssyn_sup = syn_find( def->sd_sup ); + if ( ssyn->ssyn_sup == NULL ) { + *err = def->sd_sup; + code = SLAP_SCHERR_SYN_SUP_NOT_FOUND; + } + } + + if ( code == 0 ) { + code = syn_insert(ssyn, err); + } + return code; }