From 0c28b66a7564728d8046d7e9c9840bf3e46f79f9 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Sun, 23 Dec 2001 00:43:57 +0000 Subject: [PATCH] use dnPretty instead of dn_pretty --- servers/slapd/add.c | 69 ++++++++++---- servers/slapd/bind.c | 88 ++++++++++------- servers/slapd/compare.c | 69 ++++++++------ servers/slapd/config.c | 4 - servers/slapd/delete.c | 54 +++++++---- servers/slapd/dn.c | 182 +----------------------------------- servers/slapd/entry.c | 72 +++++++++----- servers/slapd/modify.c | 55 +++++++---- servers/slapd/proto-slap.h | 9 +- servers/slapd/schema_init.c | 107 +-------------------- servers/slapd/search.c | 63 +++++++++---- servers/slapd/slap.h | 2 - 12 files changed, 327 insertions(+), 447 deletions(-) diff --git a/servers/slapd/add.c b/servers/slapd/add.c index 15018e1cb4..35710236ca 100644 --- a/servers/slapd/add.c +++ b/servers/slapd/add.c @@ -35,7 +35,7 @@ do_add( Connection *conn, Operation *op ) { BerElement *ber = op->o_ber; char *last; - struct berval dn; + struct berval dn = { 0, NULL }; ber_len_t len; ber_tag_t tag; Entry *e; @@ -79,30 +79,58 @@ do_add( Connection *conn, Operation *op ) } e = (Entry *) ch_calloc( 1, sizeof(Entry) ); - - e->e_dn = dn_pretty( dn.bv_val ); - e->e_ndn = dn_normalize( dn.bv_val ); + e->e_dn = NULL; + e->e_ndn = NULL; e->e_attrs = NULL; e->e_private = NULL; - if ( e->e_ndn == NULL ) { + { + struct berval *pdn; + rc = dnPretty( NULL, &dn, &pdn ); + + if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "do_add: conn %d invalid dn (%s)\n", conn->c_connid, - dn.bv_val )); + LDAP_LOG(( "operation", LDAP_LEVEL_ERR, + "do_add: conn %d invalid dn (%s)\n", conn->c_connid, + dn.bv_val )); #else - Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); - goto done; + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto done; + } + + e->e_dn = pdn->bv_val; + free( pdn ); + } + + { + struct berval *ndn; + rc = dnNormalize( NULL, &dn, &ndn ); + + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_ERR, + "do_add: conn %d invalid dn (%s)\n", conn->c_connid, + dn.bv_val )); +#else + Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto done; + } + + e->e_ndn = ndn->bv_val; + free( ndn ); } #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, - "do_add: conn %d ndn (%s)\n", conn->c_connid, e->e_ndn )); + "do_add: conn %d dn (%s)\n", conn->c_connid, e->e_dn )); #else - Debug( LDAP_DEBUG_ARGS, "do_add: ndn (%s)\n", e->e_ndn, 0, 0 ); + Debug( LDAP_DEBUG_ARGS, "do_add: dn (%s)\n", e->e_dn, 0, 0 ); #endif /* get the attrs */ @@ -132,8 +160,8 @@ do_add( Connection *conn, Operation *op ) if ( mod->ml_bvalues == NULL ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_INFO, - "do_add: conn %d no values for type %s\n", - conn->c_connid, mod->ml_type )); + "do_add: conn %d no values for type %s\n", + conn->c_connid, mod->ml_type )); #else Debug( LDAP_DEBUG_ANY, "no values for type %s\n", mod->ml_type, 0, 0 ); @@ -152,7 +180,7 @@ do_add( Connection *conn, Operation *op ) if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "do_add: conn %d ber_scanf failed\n", conn->c_connid )); + "do_add: conn %d ber_scanf failed\n", conn->c_connid )); #else Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 ); #endif @@ -165,7 +193,7 @@ do_add( Connection *conn, Operation *op ) if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_INFO, - "do_add: conn %d get_ctrls failed\n", conn->c_connid )); + "do_add: conn %d get_ctrls failed\n", conn->c_connid )); #else Debug( LDAP_DEBUG_ANY, "do_add: get_ctrls failed\n", 0, 0, 0 ); #endif @@ -179,7 +207,7 @@ do_add( Connection *conn, Operation *op ) } Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d ADD dn=\"%s\"\n", - op->o_connid, op->o_opid, e->e_ndn, 0, 0 ); + op->o_connid, op->o_opid, e->e_dn, 0, 0 ); if( e->e_ndn == NULL || *e->e_ndn == '\0' ) { /* protocolError may be a more appropriate error */ @@ -190,7 +218,6 @@ do_add( Connection *conn, Operation *op ) #if defined( SLAPD_SCHEMA_DN ) } else if ( strcasecmp( e->e_ndn, SLAPD_SCHEMA_DN ) == 0 ) { - /* protocolError may be a more appropriate error */ send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS, NULL, "subschema subentry already exists", NULL, NULL ); @@ -320,6 +347,8 @@ do_add( Connection *conn, Operation *op ) } done: + free( dn.bv_val ); + if( modlist != NULL ) { slap_modlist_free( modlist ); } diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c index 6d2b83563e..d2747a0b67 100644 --- a/servers/slapd/bind.c +++ b/servers/slapd/bind.c @@ -33,17 +33,18 @@ do_bind( Operation *op ) { - BerElement *ber = op->o_ber; - ber_int_t version; + BerElement *ber = op->o_ber; + ber_int_t version; ber_tag_t method; - char *mech; + char *mech = NULL; struct berval dn = { 0, NULL }; - char *ndn; - ber_tag_t tag; - int rc = LDAP_SUCCESS; - const char *text; - struct berval cred; - Backend *be; + struct berval *pdn = NULL; + struct berval *ndn = NULL; + ber_tag_t tag; + int rc = LDAP_SUCCESS; + const char *text; + struct berval cred = { 0, NULL }; + Backend *be; #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY, @@ -52,10 +53,6 @@ do_bind( Debug( LDAP_DEBUG_TRACE, "do_bind\n", 0, 0, 0 ); #endif - ndn = NULL; - mech = NULL; - cred.bv_val = NULL; - /* * Force to connection to "anonymous" until bind succeeds. */ @@ -152,9 +149,23 @@ do_bind( goto cleanup; } - ndn = ch_strdup( dn.bv_val ); + rc = dnPretty( NULL, &dn, &pdn ); + if ( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_bind: conn %d invalid dn (%s)\n", + conn->c_connid, dn.bv_val )); +#else + Debug( LDAP_DEBUG_ANY, "bind: invalid dn (%s)\n", + dn.bv_val, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto cleanup; + } - if ( dn_normalize( ndn ) == NULL ) { + rc = dnNormalize( NULL, &dn, &ndn ); + if ( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_INFO, "do_bind: conn %d invalid dn (%s)\n", @@ -172,27 +183,28 @@ do_bind( #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, "do_sasl_bind: conn %d dn (%s) mech %s\n", conn->c_connid, - dn.bv_val, mech )); + pdn->bv_val, mech )); #else Debug( LDAP_DEBUG_TRACE, "do_sasl_bind: dn (%s) mech %s\n", - dn.bv_val, mech, NULL ); + pdn->bv_val, mech, NULL ); #endif + } else { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, "do_bind: conn %d version=%ld dn=\"%s\" method=%ld\n", conn->c_connid, (unsigned long) version, - dn.bv_val, (unsigned long)method )); + pdn->bv_val, (unsigned long)method )); #else Debug( LDAP_DEBUG_TRACE, "do_bind: version=%ld dn=\"%s\" method=%ld\n", (unsigned long) version, - dn.bv_val, (unsigned long) method ); + pdn->bv_val, (unsigned long) method ); #endif } Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d BIND dn=\"%s\" method=%ld\n", - op->o_connid, op->o_opid, ndn, (unsigned long) method, 0 ); + op->o_connid, op->o_opid, pdn->bv_val, (unsigned long) method, 0 ); if ( version < LDAP_VERSION_MIN || version > LDAP_VERSION_MAX ) { #ifdef NEW_LOGGING @@ -277,7 +289,9 @@ do_bind( ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); edn = NULL; - rc = slap_sasl_bind( conn, op, dn.bv_val, ndn, &cred, &edn, &ssf ); + rc = slap_sasl_bind( conn, op, + pdn->bv_val, ndn->bv_val, + &cred, &edn, &ssf ); ldap_pvt_thread_mutex_lock( &conn->c_mutex ); if( rc == LDAP_SUCCESS ) { @@ -331,7 +345,7 @@ do_bind( if ( method == LDAP_AUTH_SIMPLE ) { /* accept "anonymous" binds */ - if ( cred.bv_len == 0 || ndn == NULL || *ndn == '\0' ) { + if ( cred.bv_len == 0 || ndn->bv_len == 0 ) { rc = LDAP_SUCCESS; text = NULL; @@ -341,7 +355,7 @@ do_bind( /* cred is not empty, disallow */ rc = LDAP_INVALID_CREDENTIALS; - } else if ( ndn != NULL && *ndn != '\0' && + } else if ( ndn->bv_len && !( global_allows & SLAP_ALLOW_BIND_ANON_DN )) { /* DN is not empty, disallow */ @@ -437,10 +451,10 @@ do_bind( * if we don't hold it. */ - if ( (be = select_backend( ndn, 0, 0 )) == NULL ) { + if ( (be = select_backend( ndn->bv_val, 0, 0 )) == NULL ) { if ( default_referral ) { struct berval **ref = referral_rewrite( default_referral, - NULL, dn.bv_val, LDAP_SCOPE_DEFAULT ); + NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : default_referral, NULL ); @@ -472,15 +486,17 @@ do_bind( char *edn = NULL; /* deref suffix alias if appropriate */ - ndn = suffix_alias( be, ndn ); + ndn->bv_val = suffix_alias( be, ndn->bv_val ); + ndn->bv_len = strlen( ndn->bv_val ); - ret = (*be->be_bind)( be, conn, op, dn.bv_val, ndn, + ret = (*be->be_bind)( be, conn, op, + pdn->bv_val, ndn->bv_val, method, &cred, &edn ); if ( ret == 0 ) { ldap_pvt_thread_mutex_lock( &conn->c_mutex ); - conn->c_cdn = dn.bv_val; + conn->c_cdn = pdn->bv_val; dn.bv_val = NULL; dn.bv_len = 0; @@ -489,8 +505,9 @@ do_bind( } else { conn->c_dn = ch_strdup( conn->c_cdn ); } - conn->c_ndn = ndn; - ndn = NULL; + conn->c_ndn = ndn->bv_val; + ndn->bv_val = NULL; + ndn->bv_len = 0; if( conn->c_dn != NULL ) { ber_len_t max = sockbuf_max_incoming; @@ -503,7 +520,8 @@ do_bind( "do_bind: conn %d v%d bind: \"%s\" to \"%s\" \n", conn->c_connid, version, conn->c_cdn, conn->c_dn )); #else - Debug( LDAP_DEBUG_TRACE, "do_bind: v%d bind: \"%s\" to \"%s\"\n", + Debug( LDAP_DEBUG_TRACE, + "do_bind: v%d bind: \"%s\" to \"%s\"\n", version, conn->c_cdn, conn->c_dn ); #endif @@ -519,13 +537,17 @@ do_bind( } else { send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", NULL, NULL ); + NULL, "operation not supported within namingContext", + NULL, NULL ); } cleanup: free( dn.bv_val ); + if( pdn != NULL ) { + ber_bvfree( pdn ); + } if( ndn != NULL ) { - free( ndn ); + ber_bvfree( ndn ); } if ( mech != NULL ) { free( mech ); diff --git a/servers/slapd/compare.c b/servers/slapd/compare.c index e751f4fb1f..686457b412 100644 --- a/servers/slapd/compare.c +++ b/servers/slapd/compare.c @@ -37,9 +37,10 @@ do_compare( { Entry *entry = NULL; struct berval dn = { 0, NULL }; - char *ndn = NULL; - struct berval desc; - struct berval value; + struct berval *pdn = NULL; + struct berval *ndn = NULL; + struct berval desc = { 0, NULL }; + struct berval value = { 0, NULL }; struct berval *nvalue; AttributeAssertion ava; Backend *be; @@ -48,8 +49,6 @@ do_compare( int manageDSAit; ava.aa_desc = NULL; - desc.bv_val = NULL; - value.bv_val = NULL; #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY, @@ -117,9 +116,23 @@ do_compare( goto cleanup; } - ndn = ch_strdup( dn.bv_val ); + rc = dnPretty( NULL, &dn, &pdn ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_compare: conn %d invalid dn (%s)\n", + conn->c_connid, dn.bv_val )); +#else + Debug( LDAP_DEBUG_ANY, + "do_compare: invalid dn (%s)\n", dn.bv_val, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto cleanup; + } - if( dn_normalize( ndn ) == NULL ) { + rc = dnNormalize( NULL, &dn, &ndn ); + if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_INFO, "do_compare: conn %d invalid dn (%s)\n", @@ -147,20 +160,20 @@ do_compare( ava.aa_value = nvalue; - if( strcasecmp( ndn, LDAP_ROOT_DSE ) == 0 ) { + if( strcasecmp( ndn->bv_val, LDAP_ROOT_DSE ) == 0 ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, "do_compare: conn %d dn (%s) attr(%s) value (%s)\n", - conn->c_connid, dn.bv_val, ava.aa_desc->ad_cname.bv_val, - ava.aa_value->bv_val )); + conn->c_connid, pdn->bv_val, + ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val )); #else Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n", - dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val ); + pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val ); #endif Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d CMP dn=\"%s\" attr=\"%s\"\n", - op->o_connid, op->o_opid, dn.bv_val, + op->o_connid, op->o_opid, pdn->bv_val, ava.aa_desc->ad_cname.bv_val, 0 ); rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; @@ -175,20 +188,20 @@ do_compare( goto cleanup; } - } else if ( strcasecmp( ndn, SLAPD_SCHEMA_DN ) == 0 ) { + } else if ( strcasecmp( ndn->bv_val, SLAPD_SCHEMA_DN ) == 0 ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, "do_compare: conn %d dn (%s) attr(%s) value (%s)\n", - conn->c_connid, dn.bv_val, ava.aa_desc->ad_cname.bv_val, + conn->c_connid, pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val )); #else Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n", - dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val ); + pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val ); #endif Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d CMP dn=\"%s\" attr=\"%s\"\n", - op->o_connid, op->o_opid, dn.bv_val, + op->o_connid, op->o_opid, pdn->bv_val, ava.aa_desc->ad_cname.bv_val, 0 ); rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; @@ -226,9 +239,9 @@ do_compare( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( ndn, manageDSAit, 0 )) == NULL ) { + if ( (be = select_backend( ndn->bv_val, manageDSAit, 0 )) == NULL ) { struct berval **ref = referral_rewrite( default_referral, - NULL, dn.bv_val, LDAP_SCOPE_DEFAULT ); + NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : default_referral, NULL ); @@ -247,7 +260,7 @@ do_compare( } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, dn.bv_val, ndn ); + rc = backend_check_referrals( be, conn, op, pdn->bv_val, ndn->bv_val ); if ( rc != LDAP_SUCCESS ) { goto cleanup; } @@ -255,30 +268,34 @@ do_compare( #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, "do_compare: conn %d dn (%s) attr(%s) value (%s)\n", - conn->c_connid, dn.bv_val, ava.aa_desc->ad_cname.bv_val, + conn->c_connid, pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val )); #else Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n", - dn.bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val ); + pdn->bv_val, ava.aa_desc->ad_cname.bv_val, ava.aa_value->bv_val ); #endif Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d CMP dn=\"%s\" attr=\"%s\"\n", - op->o_connid, op->o_opid, dn, ava.aa_desc->ad_cname.bv_val, 0 ); + op->o_connid, op->o_opid, pdn->bv_val, + ava.aa_desc->ad_cname.bv_val, 0 ); /* deref suffix alias if appropriate */ - ndn = suffix_alias( be, ndn ); + ndn->bv_val = suffix_alias( be, ndn->bv_val ); + ndn->bv_len = strlen( ndn->bv_val ); if ( be->be_compare ) { - (*be->be_compare)( be, conn, op, dn.bv_val, ndn, &ava ); + (*be->be_compare)( be, conn, op, pdn->bv_val, ndn->bv_val, &ava ); } else { send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", NULL, NULL ); + NULL, "operation not supported within namingContext", + NULL, NULL ); } cleanup: free( dn.bv_val ); - free( ndn ); + ber_bvfree( pdn ); + ber_bvfree( ndn ); free( desc.bv_val ); free( value.bv_val ); diff --git a/servers/slapd/config.c b/servers/slapd/config.c index bb73194aef..47da9ad965 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -953,9 +953,6 @@ read_config( const char *fname ) } charray_add( &be->be_suffix, dn ); -#ifndef USE_LDAP_DN_PARSING - (void) ldap_pvt_str2upper( dn ); -#else /* USE_LDAP_DN_PARSING */ if ( dn_normalize( dn ) == NULL ) { #ifdef NEW_LOGGING LDAP_LOG(( "config", LDAP_LEVEL_CRIT, @@ -970,7 +967,6 @@ read_config( const char *fname ) free( dn ); return 1; } -#endif /* USE_LDAP_DN_PARSING */ ber_bvecadd( &be->be_nsuffix, ber_bvstr( dn ) ); } diff --git a/servers/slapd/delete.c b/servers/slapd/delete.c index 3eb3c2c7b5..f488fecd2c 100644 --- a/servers/slapd/delete.c +++ b/servers/slapd/delete.c @@ -32,7 +32,8 @@ do_delete( ) { struct berval dn = { 0, NULL }; - char *ndn = NULL; + struct berval *ndn = NULL; + struct berval *pdn = NULL; const char *text; Backend *be; int rc; @@ -73,23 +74,37 @@ do_delete( goto cleanup; } - ndn = ch_strdup( dn.bv_val ); + rc = dnPretty( NULL, &dn, &pdn ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_delete: conn %d invalid dn (%s)\n", + conn->c_connid, dn.bv_val )); +#else + Debug( LDAP_DEBUG_ANY, + "do_delete: invalid dn (%s)\n", dn.bv_val, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto cleanup; + } - if( dn_normalize( ndn ) == NULL ) { + rc = dnNormalize( NULL, &dn, &ndn ); + if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "do_delete: conn %d invalid dn (%s).\n", + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_delete: conn %d invalid dn (%s)\n", conn->c_connid, dn.bv_val )); #else - Debug( LDAP_DEBUG_ANY, "do_delete: invalid dn (%s)\n", - dn.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_ANY, + "do_delete: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, "invalid DN", NULL, NULL ); goto cleanup; } - if( *ndn == '\0' ) { + if( ndn->bv_len == 0 ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_INFO, "do_delete: conn %d: " "Attempt to delete root DSE.\n", conn->c_connid )); @@ -102,7 +117,8 @@ do_delete( goto cleanup; #ifdef SLAPD_SCHEMA_DN - } else if ( strcasecmp( ndn, SLAPD_SCHEMA_DN ) == 0 ) { + + } else if ( strcasecmp( ndn->bv_val, SLAPD_SCHEMA_DN ) == 0 ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_INFO, "do_delete: conn %d: " "Attempt to delete subschema subentry.\n", conn->c_connid )); @@ -118,7 +134,7 @@ do_delete( } Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d DEL dn=\"%s\"\n", - op->o_connid, op->o_opid, dn.bv_val, 0, 0 ); + op->o_connid, op->o_opid, pdn->bv_val, 0, 0 ); manageDSAit = get_manageDSAit( op ); @@ -127,9 +143,9 @@ do_delete( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( ndn, manageDSAit, 0 )) == NULL ) { + if ( (be = select_backend( ndn->bv_val, manageDSAit, 0 )) == NULL ) { struct berval **ref = referral_rewrite( default_referral, - NULL, dn.bv_val, LDAP_SCOPE_DEFAULT ); + NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : default_referral, NULL ); @@ -147,13 +163,14 @@ do_delete( } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, dn.bv_val, ndn ); + rc = backend_check_referrals( be, conn, op, pdn->bv_val, ndn->bv_val ); if ( rc != LDAP_SUCCESS ) { goto cleanup; } /* deref suffix alias if appropriate */ - ndn = suffix_alias( be, ndn ); + ndn->bv_val = suffix_alias( be, ndn->bv_val ); + ndn->bv_len = strlen( ndn->bv_val ); /* * do the delete if 1 && (2 || 3) @@ -168,12 +185,12 @@ do_delete( if ( be->be_update_ndn == NULL || repl_user ) #endif { - if ( (*be->be_delete)( be, conn, op, dn.bv_val, ndn ) == 0 ) { + if ( (*be->be_delete)( be, conn, op, pdn->bv_val, ndn->bv_val ) == 0 ) { #ifdef SLAPD_MULTIMASTER if (be->be_update_ndn == NULL || !repl_user ) #endif { - replog( be, op, dn.bv_val, ndn, NULL ); + replog( be, op, pdn->bv_val, ndn->bv_val, NULL ); } } #ifndef SLAPD_MULTIMASTER @@ -181,7 +198,7 @@ do_delete( struct berval **defref = be->be_update_refs ? be->be_update_refs : default_referral; struct berval **ref = referral_rewrite( default_referral, - NULL, dn.bv_val, LDAP_SCOPE_DEFAULT ); + NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : defref, NULL ); @@ -196,7 +213,8 @@ do_delete( } cleanup: - if( ndn != NULL ) free( ndn ); free( dn.bv_val ); + if( pdn != NULL ) ber_bvfree( pdn ); + if( ndn != NULL ) ber_bvfree( ndn ); return rc; } diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c index 3a7a2e8e3f..be68d02a08 100644 --- a/servers/slapd/dn.c +++ b/servers/slapd/dn.c @@ -28,6 +28,7 @@ #define INQUOTEDVALUE 7 #define B4SEPARATOR 8 +#if 0 /* * dn_pretty - "pretty" the DN */ @@ -44,6 +45,7 @@ char *dn_pretty( const char *dn_in ) if( dn_out == NULL ) free( dn ); return dn_out; } +#endif /* * dn_validate - validate and compress dn. the dn is @@ -53,7 +55,6 @@ char *dn_pretty( const char *dn_in ) char * dn_validate( char *dn_in ) { -#ifdef USE_LDAP_DN_PARSING struct berval val, *normalized; int rc; @@ -78,164 +79,6 @@ dn_validate( char *dn_in ) ber_bvfree( normalized ); return( dn_in ); - -#else /* !USE_LDAP_DN_PARSING */ - char *d, *s; - int state, gotesc; - char *dn = dn_in; - - gotesc = 0; - state = B4LEADTYPE; - for ( d = s = dn; *s; s++ ) { - switch ( state ) { - case B4LEADTYPE: - case B4TYPE: - if ( OID_LEADCHAR(*s) ) { - state = INOIDTYPE; - *d++ = *s; - } else if ( ATTR_LEADCHAR(*s) ) { - state = INKEYTYPE; - *d++ = *s; - } else if ( ! ASCII_SPACE( *s ) ) { - dn = NULL; - state = INKEYTYPE; - *d++ = *s; - } - break; - - case INOIDTYPE: - if ( OID_CHAR(*s) ) { - *d++ = *s; - } else if ( *s == '=' ) { - state = B4VALUE; - *d++ = *s; - } else if ( ASCII_SPACE( *s ) ) { - state = B4EQUAL; - } else { - dn = NULL; - *d++ = *s; - } - break; - - case INKEYTYPE: - if ( ATTR_CHAR(*s) ) { - *d++ = *s; - } else if ( *s == '=' ) { - state = B4VALUE; - *d++ = *s; - } else if ( ASCII_SPACE( *s ) ) { - state = B4EQUAL; - } else { - dn = NULL; - *d++ = *s; - } - break; - - case B4EQUAL: - if ( *s == '=' ) { - state = B4VALUE; - *d++ = *s; - } else if ( ! ASCII_SPACE( *s ) ) { - /* not a valid dn - but what can we do here? */ - *d++ = *s; - dn = NULL; - } - break; - - case B4VALUE: - if ( *s == '"' ) { - state = INQUOTEDVALUE; - *d++ = *s; - } else if ( ! ASCII_SPACE( *s ) ) { - state = INVALUE; - *d++ = *s; - } - break; - - case INVALUE: - if ( !gotesc && RDN_SEPARATOR( *s ) ) { - while ( ASCII_SPACE( *(d - 1) ) ) - d--; - state = B4TYPE; - if ( *s == '+' ) { - *d++ = *s; - } else { - *d++ = ','; - } - } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) && - !RDN_SEPARATOR( *s ) ) - { - *--d = *s; - d++; - } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) { - *d++ = *s; - } - break; - - case INQUOTEDVALUE: - if ( !gotesc && *s == '"' ) { - state = B4SEPARATOR; - *d++ = *s; - } else if ( gotesc && !RDN_NEEDSESCAPE( *s ) ) { - *--d = *s; - d++; - } else if( !ASCII_SPACE( *s ) || !ASCII_SPACE( *(d - 1) ) ) { - *d++ = *s; - } - break; - - case B4SEPARATOR: - if ( RDN_SEPARATOR( *s ) ) { - state = B4TYPE; - *d++ = *s; - } else if ( !ASCII_SPACE( *s ) ) { - dn = NULL; - } - break; - - default: - dn = NULL; -#ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "dn_validate: unknown state %d for dn \"%s\".\n", - state, dn_in )); -#else - Debug( LDAP_DEBUG_ANY, - "dn_validate - unknown state %d\n", state, 0, 0 ); -#endif - break; - } - - if ( *s == '\\' ) { - gotesc = 1; - } else { - gotesc = 0; - } - } - - /* trim trailing spaces */ - while( d > dn_in && ASCII_SPACE( *(d-1) ) ) { - --d; - } - *d = '\0'; - - if( gotesc ) { - /* shouldn't be left in escape */ - dn = NULL; - } - - /* check end state */ - switch( state ) { - case B4LEADTYPE: /* looking for first type */ - case B4SEPARATOR: /* looking for separator */ - case INVALUE: /* inside value */ - break; - default: - dn = NULL; - } - - return( dn ); -#endif /* !USE_LDAP_DN_PARSING */ } /* @@ -247,7 +90,6 @@ dn_validate( char *dn_in ) char * dn_normalize( char *dn ) { -#ifdef USE_LDAP_DN_PARSING struct berval val, *normalized; int rc; @@ -272,26 +114,6 @@ dn_normalize( char *dn ) ber_bvfree( normalized ); return( dn ); - -#else /* !USE_LDAP_DN_PARSING */ - char *out; - struct berval *bvdn, *nbvdn; - - out = NULL; - bvdn = ber_bvstr( dn ); - - if ( dnNormalize( NULL, bvdn, &nbvdn ) == LDAP_SUCCESS ) { - if ( nbvdn->bv_len <= bvdn->bv_len ) { - out = dn; - strcpy( out, nbvdn->bv_val ); - } - ber_bvfree( nbvdn ); - } - bvdn->bv_val = NULL; /* prevent bvfree from freeing dn */ - ber_bvfree( bvdn ); - - return( out ); -#endif /* !USE_LDAP_DN_PARSING */ } int diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c index ebd740f3c0..7015495828 100644 --- a/servers/slapd/entry.c +++ b/servers/slapd/entry.c @@ -41,6 +41,7 @@ str2entry( char *s ) { int rc; Entry *e; + ber_len_t dnlen; char *type; struct berval value; struct berval *vals[2]; @@ -115,26 +116,48 @@ str2entry( char *s ) } if ( strcasecmp( type, "dn" ) == 0 ) { + struct berval *pdn; + free( type ); if ( e->e_dn != NULL ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, "str2entry: " - "entry %ld has multiple dns \"%s\" and \"%s\" " - "(second ignored)\n", - (long) e->e_id, e->e_dn, value.bv_val != NULL ? value.bv_val : "" )); + "entry %ld has multiple dns \"%s\" and \"%s\"\n", + (long) e->e_id, e->e_dn, + value.bv_val != NULL ? value.bv_val : "" )); #else Debug( LDAP_DEBUG_ANY, "str2entry: " - "entry %ld has multiple dns \"%s\" and \"%s\" " - "(second ignored)\n", + "entry %ld has multiple dns \"%s\" and \"%s\"\n", (long) e->e_id, e->e_dn, value.bv_val != NULL ? value.bv_val : "" ); #endif if( value.bv_val != NULL ) free( value.bv_val ); - continue; + entry_free( e ); + return NULL; + } + + rc = dnPretty( NULL, &value, &pdn ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, "str2entry: " + "entry %ld has invalid DN \"%s\"\n", + (long) e->e_id, + pdn->bv_val ? pdn->bv_val : "" )); +#else + Debug( LDAP_DEBUG_ANY, "str2entry: " + "entry %ld has invalid DN \"%s\"\n", + (long) e->e_id, + pdn->bv_val ? pdn->bv_val : "", 0 ); +#endif + if( value.bv_val != NULL ) free( value.bv_val ); + entry_free( e ); + return NULL; } - e->e_dn = value.bv_val != NULL ? value.bv_val : ch_strdup( "" ); + e->e_dn = pdn->bv_val != NULL ? pdn->bv_val : ch_strdup( "" ); + dnlen = pdn->bv_len; + free( pdn ); continue; } @@ -158,7 +181,6 @@ str2entry( char *s ) } rc = slap_str2undef_ad( type, &ad, &text ); - if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, @@ -266,24 +288,32 @@ str2entry( char *s ) } /* generate normalized dn */ - e->e_ndn = e->e_dn; - e->e_dn = dn_pretty( e->e_dn ); + { + struct berval dn; + struct berval *ndn; + + dn.bv_val = e->e_dn; + dn.bv_len = dnlen; - if( e->e_dn == NULL ) { + rc = dnNormalize( NULL, &dn, &ndn ); + + if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_INFO, - "str2entry: entry %ld has invalid dn: %s\n", - (long) e->e_id, e->e_ndn )); + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "str2entry: entry %ld has invalid dn: %s\n", + (long) e->e_id, e->e_ndn )); #else - Debug( LDAP_DEBUG_ANY, - "str2entry: entry %ld has invalid dn: %s\n", - (long) e->e_id, e->e_ndn, 0 ); + Debug( LDAP_DEBUG_ANY, + "str2entry: entry %ld has invalid dn: %s\n", + (long) e->e_id, e->e_ndn, 0 ); #endif - entry_free( e ); - return( NULL ); - } + entry_free( e ); + return NULL; + } - (void) dn_normalize( e->e_ndn ); + e->e_ndn = ndn->bv_val; + free( ndn ); + } #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL2, diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c index 2b9625857a..4c69378ed4 100644 --- a/servers/slapd/modify.c +++ b/servers/slapd/modify.c @@ -34,7 +34,8 @@ do_modify( Operation *op ) { struct berval dn = { 0, NULL }; - char *ndn = NULL; + struct berval *pdn = NULL; + struct berval *ndn = NULL; char *last; ber_tag_t tag; ber_len_t len; @@ -176,24 +177,37 @@ do_modify( goto cleanup; } - ndn = ch_strdup( dn.bv_val ); - - if( dn_normalize( ndn ) == NULL ) { + rc = dnPretty( NULL, &dn, &pdn ); + if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING - LDAP_LOG(( "operation", LDAP_LEVEL_ERR, - "do_modify: invalid dn (%s)\n", dn.bv_val )); + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_modify: conn %d invalid dn (%s)\n", + conn->c_connid, dn.bv_val )); #else Debug( LDAP_DEBUG_ANY, - "do_modify: invalid dn (%s)\n", - dn.bv_val, 0, 0 ); + "do_modify: invalid dn (%s)\n", dn.bv_val, 0, 0 ); #endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto cleanup; + } + rc = dnNormalize( NULL, &dn, &ndn ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_modify: conn %d invalid dn (%s)\n", + conn->c_connid, dn.bv_val )); +#else + Debug( LDAP_DEBUG_ANY, + "do_modify: invalid dn (%s)\n", dn.bv_val, 0, 0 ); +#endif send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, "invalid DN", NULL, NULL ); goto cleanup; } - if( *ndn == '\0' ) { + if( ndn->bv_len == 0 ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ERR, "do_modify: attempt to modify root DSE.\n" )); @@ -206,7 +220,7 @@ do_modify( goto cleanup; #if defined( SLAPD_SCHEMA_DN ) - } else if ( strcasecmp( ndn, SLAPD_SCHEMA_DN ) == 0 ) { + } else if ( strcasecmp( ndn->bv_val, SLAPD_SCHEMA_DN ) == 0 ) { #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ERR, "do_modify: attempt to modify subschema subentry.\n" )); @@ -283,9 +297,9 @@ do_modify( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( ndn, manageDSAit, 0 )) == NULL ) { + if ( (be = select_backend( ndn->bv_val, manageDSAit, 0 )) == NULL ) { struct berval **ref = referral_rewrite( default_referral, - NULL, dn.bv_val, LDAP_SCOPE_DEFAULT ); + NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : default_referral, NULL ); @@ -303,13 +317,14 @@ do_modify( } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, dn.bv_val, ndn ); + rc = backend_check_referrals( be, conn, op, pdn->bv_val, ndn->bv_val ); if ( rc != LDAP_SUCCESS ) { goto cleanup; } /* deref suffix alias if appropriate */ - ndn = suffix_alias( be, ndn ); + ndn->bv_val = suffix_alias( be, ndn->bv_val ); + ndn->bv_len = strlen( ndn->bv_val ); /* * do the modify if 1 && (2 || 3) @@ -362,13 +377,13 @@ do_modify( } } - if ( (*be->be_modify)( be, conn, op, dn.bv_val, ndn, mods ) == 0 + if ( (*be->be_modify)( be, conn, op, pdn->bv_val, ndn->bv_val, mods ) == 0 #ifdef SLAPD_MULTIMASTER && !repl_user #endif ) { /* but we log only the ones not from a replicator user */ - replog( be, op, dn.bv_val, ndn, mods ); + replog( be, op, pdn->bv_val, ndn->bv_val, mods ); } #ifndef SLAPD_MULTIMASTER @@ -377,7 +392,7 @@ do_modify( struct berval **defref = be->be_update_refs ? be->be_update_refs : default_referral; struct berval **ref = referral_rewrite( defref, - NULL, dn.bv_val, LDAP_SCOPE_DEFAULT ); + NULL, pdn->bv_val, LDAP_SCOPE_DEFAULT ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : defref, NULL ); @@ -387,12 +402,14 @@ do_modify( } } else { send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", NULL, NULL ); + NULL, "operation not supported within namingContext", + NULL, NULL ); } cleanup: free( dn.bv_val ); - if( ndn != NULL ) free( ndn ); + if( pdn != NULL ) ber_bvfree( pdn ); + if( ndn != NULL ) ber_bvfree( ndn ); if ( modlist != NULL ) slap_modlist_free( modlist ); if ( mods != NULL ) diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 915c40321f..bbbc0cce4f 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -325,7 +325,6 @@ LDAP_SLAPD_F (void) connection_internal_close( Connection *conn ); * dn.c */ -LDAP_SLAPD_F (char *) dn_pretty LDAP_P(( const char *dn )); LDAP_SLAPD_F (char *) dn_validate LDAP_P(( char *dn )); LDAP_SLAPD_F (char *) dn_normalize LDAP_P(( char *dn )); LDAP_SLAPD_F (int) dn_match LDAP_P(( const char *val, const char *asserted )); @@ -752,14 +751,20 @@ LDAP_SLAPD_F( int ) mods_structural_class( LDAP_SLAPD_F (int) schema_init LDAP_P((void)); LDAP_SLAPD_F (int) schema_prep LDAP_P((void)); +LDAP_SLAPD_F (int) dnValidate LDAP_P(( + Syntax *syntax, + struct berval *val )); + LDAP_SLAPD_F (int) dnNormalize LDAP_P(( Syntax *syntax, struct berval *val, struct berval **normalized )); + LDAP_SLAPD_F (int) dnPretty LDAP_P(( Syntax *syntax, struct berval *val, - struct berval **normalized )); + struct berval **pretty )); + LDAP_SLAPD_F (int) dnMatch LDAP_P(( int *matchp, slap_mask_t flags, diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index bab88690c1..6dc45f670e 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -32,11 +32,7 @@ /* unimplemented pretters */ #define integerPretty NULL -#ifndef USE_LDAP_DN_PARSING -# define dnPretty NULL -#else -# define SLAP_LDAPDN_PRETTY 0x1 -#endif /* !USE_LDAP_DN_PARSING */ +#define SLAP_LDAPDN_PRETTY 0x1 /* recycled matching routines */ #define bitStringMatch octetStringMatch @@ -221,8 +217,6 @@ int octetStringFilter( return LDAP_SUCCESS; } -#ifdef USE_LDAP_DN_PARSING - /* * The DN syntax-related functions take advantage of the dn representation * handling functions ldap_str2dn/ldap_dn2str. The latter are not schema- @@ -304,7 +298,7 @@ LDAPDN_validate( LDAPDN *dn ) /* * dn validate routine */ -static int +int dnValidate( Syntax *syntax, struct berval *in ) @@ -661,103 +655,6 @@ dnMatch( return( LDAP_SUCCESS ); } -#else /* !USE_LDAP_DN_PARSING */ - -static int -dnValidate( - Syntax *syntax, - struct berval *in ) -{ - int rc; - char *dn; - - if( in->bv_len == 0 ) return LDAP_SUCCESS; - - dn = ch_strdup( in->bv_val ); - - if( dn == NULL ) { - return LDAP_INVALID_SYNTAX; - - } else if ( strlen( in->bv_val ) != in->bv_len ) { - rc = LDAP_INVALID_SYNTAX; - - } else if ( dn_validate( dn ) == NULL ) { - rc = LDAP_INVALID_SYNTAX; - - } else { - rc = LDAP_SUCCESS; - } - - ch_free( dn ); - return rc; -} - -int -dnNormalize( - Syntax *syntax, - struct berval *val, - struct berval **normalized ) -{ - struct berval *out; - - if ( val->bv_len != 0 ) { - char *dn; - out = ber_bvstr( UTF8normalize( val, UTF8_CASEFOLD ) ); - - dn = dn_validate( out->bv_val ); - - if( dn == NULL ) { - ber_bvfree( out ); - return LDAP_INVALID_SYNTAX; - } - - out->bv_val = dn; - out->bv_len = strlen( dn ); - } else { - out = ber_bvdup( val ); - } - - *normalized = out; - return LDAP_SUCCESS; -} - -int -dnMatch( - int *matchp, - slap_mask_t flags, - Syntax *syntax, - MatchingRule *mr, - struct berval *value, - void *assertedValue ) -{ - int match; - struct berval *asserted = (struct berval *) assertedValue; - - match = value->bv_len - asserted->bv_len; - - if( match == 0 ) { -#ifdef USE_DN_NORMALIZE - match = strcmp( value->bv_val, asserted->bv_val ); -#else - match = strcasecmp( value->bv_val, asserted->bv_val ); -#endif - } - -#ifdef NEW_LOGGING - LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY, - "dnMatch: %d\n %s\n %s\n", match, - value->bv_val, asserted->bv_val )); -#else - Debug( LDAP_DEBUG_ARGS, "dnMatch %d\n\t\"%s\"\n\t\"%s\"\n", - match, value->bv_val, asserted->bv_val ); -#endif - - - *matchp = match; - return LDAP_SUCCESS; -} - -#endif /* !USE_LDAP_DN_PARSING */ static int nameUIDValidate( diff --git a/servers/slapd/search.c b/servers/slapd/search.c index 197126f6a1..803fe40e75 100644 --- a/servers/slapd/search.c +++ b/servers/slapd/search.c @@ -34,7 +34,9 @@ do_search( ber_int_t scope, deref, attrsonly; ber_int_t sizelimit, timelimit; struct berval base = { 0, NULL }; - char *nbase = NULL, *fstr = NULL; + struct berval *pbase = NULL; + struct berval *nbase = NULL; + char *fstr = NULL; Filter *filter = NULL; char **attrs = NULL; Backend *be; @@ -107,14 +109,37 @@ do_search( goto return_results; } - nbase = ch_strdup( base.bv_val ); + rc = dnPretty( NULL, &base, &pbase ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_search: conn %d invalid dn (%s)\n", + conn->c_connid, base.bv_val )); +#else + Debug( LDAP_DEBUG_ANY, + "do_search: invalid dn (%s)\n", base.bv_val, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto return_results; + } - if( dn_normalize( nbase ) == NULL ) { - send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, - NULL, "invalid DN", NULL, NULL ); + rc = dnNormalize( NULL, &base, &nbase ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "operation", LDAP_LEVEL_INFO, + "do_searc: conn %d invalid dn (%s)\n", + conn->c_connid, base.bv_val )); +#else + Debug( LDAP_DEBUG_ANY, + "do_search: invalid dn (%s)\n", base.bv_val, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); goto return_results; } + #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ARGS, "do_search \"%s\" %d %d %d %d %d\n", base.bv_val, scope, @@ -196,14 +221,14 @@ do_search( Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d SRCH base=\"%s\" scope=%d filter=\"%s\"\n", - op->o_connid, op->o_opid, base.bv_val, scope, fstr ); + op->o_connid, op->o_opid, pbase->bv_val, scope, fstr ); manageDSAit = get_manageDSAit( op ); if ( scope == LDAP_SCOPE_BASE ) { Entry *entry = NULL; - if ( strcasecmp( nbase, LDAP_ROOT_DSE ) == 0 ) { + if ( strcasecmp( nbase->bv_val, LDAP_ROOT_DSE ) == 0 ) { #ifdef LDAP_CONNECTIONLESS /* Ignore LDAPv2 CLDAP DSE queries */ if (op->o_protocol==LDAP_VERSION2 && conn->c_is_udp) { @@ -222,7 +247,7 @@ do_search( } #if defined( SLAPD_SCHEMA_DN ) - else if ( strcasecmp( nbase, SLAPD_SCHEMA_DN ) == 0 ) { + else if ( strcasecmp( nbase->bv_val, SLAPD_SCHEMA_DN ) == 0 ) { /* check restrictions */ rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ; if( rc != LDAP_SUCCESS ) { @@ -257,12 +282,13 @@ do_search( } } - if( nbase[0] == '\0' && default_search_nbase != NULL ) { + if( nbase->bv_len == 0 && default_search_nbase != NULL ) { ch_free( base.bv_val ); - ch_free( nbase ); + ch_free( nbase->bv_val ); base.bv_val = ch_strdup( default_search_base ); base.bv_len = strlen( default_search_nbase ); - nbase = ch_strdup( default_search_nbase ); + nbase->bv_val = ch_strdup( default_search_nbase ); + nbase->bv_len = strlen( default_search_nbase ); } /* @@ -270,9 +296,9 @@ do_search( * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( nbase, manageDSAit, 1 )) == NULL ) { + if ( (be = select_backend( nbase->bv_val, manageDSAit, 1 )) == NULL ) { struct berval **ref = referral_rewrite( default_referral, - NULL, base.bv_val, scope ); + NULL, pbase->bv_val, scope ); send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, ref ? ref : default_referral, NULL ); @@ -290,17 +316,18 @@ do_search( } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, base.bv_val, nbase ); + rc = backend_check_referrals( be, conn, op, pbase->bv_val, nbase->bv_val ); if ( rc != LDAP_SUCCESS ) { goto return_results; } /* deref the base if needed */ - nbase = suffix_alias( be, nbase ); + nbase->bv_val = suffix_alias( be, nbase->bv_val ); + nbase->bv_len = strlen( nbase->bv_val ); /* actually do the search and send the result(s) */ if ( be->be_search ) { - (*be->be_search)( be, conn, op, base.bv_val, nbase, + (*be->be_search)( be, conn, op, pbase->bv_val, nbase->bv_val, scope, deref, sizelimit, timelimit, filter, fstr, attrs, attrsonly ); } else { @@ -310,7 +337,9 @@ do_search( return_results:; free( base.bv_val ); - if( nbase != NULL) free( nbase ); + if( pbase != NULL) ber_bvfree( pbase ); + if( nbase != NULL) ber_bvfree( nbase ); + if( fstr != NULL) free( fstr ); if( filter != NULL) filter_free( filter ); if ( attrs != NULL ) { diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index d883542bea..8bcfcb2e68 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -8,8 +8,6 @@ #ifndef _SLAP_H_ #define _SLAP_H_ -#define USE_LDAP_DN_PARSING - #include "ldap_defaults.h" #include -- 2.39.5