From 3112f21612ec2f27af9d1dddd87ed9851fcf7a23 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Mon, 26 Jun 2000 05:13:41 +0000 Subject: [PATCH] Add attribute type/matching rule support for structuralObjectClass attribute type. Add type to core.schema. Not yet populated on add nor checked on modify. --- servers/slapd/acl.c | 13 +++--- servers/slapd/back-ldbm/attribute.c | 1 - servers/slapd/back-ldbm/modify.c | 5 ++- servers/slapd/filterentry.c | 4 +- servers/slapd/proto-slap.h | 1 + servers/slapd/schema/core.schema | 5 +++ servers/slapd/schema_init.c | 28 ++++++------- servers/slapd/schema_prep.c | 61 +++++++++++++++++++++++++---- servers/slapd/slap.h | 21 ++++++---- servers/slapd/value.c | 8 ++-- 10 files changed, 103 insertions(+), 44 deletions(-) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index fd40a97687..ea08d0bdda 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -565,9 +565,9 @@ acl_mask( /* target is attribute, check if the attribute value * is the op dn. */ - rc = value_match( &match, b->a_dn_at, - b->a_dn_at->ad_type->sat_equality, - val, &bv, &text ); + rc = value_match( &match, b->a_dn_at, + b->a_dn_at->ad_type->sat_equality, 0, + val, &bv, &text ); /* on match error or no match, fail the ACL clause */ if (rc != LDAP_SUCCESS || match != 0 ) continue; @@ -584,9 +584,10 @@ acl_mask( /* target is attribute, check if the attribute value * is the op dn. */ - rc = value_match( &match, b->a_dn_at, - b->a_dn_at->ad_type->sat_equality, - val, &bv, &text ); + rc = value_match( &match, b->a_dn_at, + b->a_dn_at->ad_type->sat_equality, 0, + val, &bv, &text ); + /* on match error or no match, fail the ACL clause */ if (rc != LDAP_SUCCESS || match != 0 ) continue; diff --git a/servers/slapd/back-ldbm/attribute.c b/servers/slapd/back-ldbm/attribute.c index 8dd03e13c6..43bbf14bd5 100644 --- a/servers/slapd/back-ldbm/attribute.c +++ b/servers/slapd/back-ldbm/attribute.c @@ -36,7 +36,6 @@ ldbm_back_attribute( int i, j, rc; Attribute *attr; struct berval **v; - char *s; const char *entry_at_name = entry_at->ad_cname->bv_val; Debug( LDAP_DEBUG_ARGS, diff --git a/servers/slapd/back-ldbm/modify.c b/servers/slapd/back-ldbm/modify.c index bf5ebd4409..6d3974cef4 100644 --- a/servers/slapd/back-ldbm/modify.c +++ b/servers/slapd/back-ldbm/modify.c @@ -298,6 +298,7 @@ add_values( for ( j = 0; a->a_vals[j] != NULL; j++ ) { int match; int rc = value_match( &match, mod->sm_desc, mr, + SLAP_MR_MODIFY_MATCHING, a->a_vals[j], asserted, &text ); if( rc == LDAP_SUCCESS && match == 0 ) { @@ -372,10 +373,10 @@ delete_values( for ( j = 0; a->a_vals[j] != NULL; j++ ) { int match; int rc = value_match( &match, mod->sm_desc, mr, + SLAP_MR_MODIFY_MATCHING, a->a_vals[j], asserted, &text ); - if( rc == LDAP_SUCCESS && match != 0 ) - { + if( rc == LDAP_SUCCESS && match != 0 ) { continue; } found = 1; diff --git a/servers/slapd/filterentry.c b/servers/slapd/filterentry.c index 29dbb0886f..e4bcf3c23e 100644 --- a/servers/slapd/filterentry.c +++ b/servers/slapd/filterentry.c @@ -193,7 +193,7 @@ test_ava_filter( int rc; const char *text; - rc = value_match( &ret, a->a_desc, mr, + rc = value_match( &ret, a->a_desc, mr, 0, a->a_vals[i], ava->aa_value, &text ); @@ -344,7 +344,7 @@ test_substrings_filter( int rc; const char *text; - rc = value_match( &ret, a->a_desc, mr, + rc = value_match( &ret, a->a_desc, mr, 0, a->a_vals[i], f->f_sub, &text ); diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 4ea597f62e..c6aa3dc7c5 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -678,6 +678,7 @@ LDAP_SLAPD_F (int) value_match LDAP_P(( int *match, AttributeDescription *ad, MatchingRule *mr, + unsigned flags, struct berval *v1, void *v2, const char ** text )); diff --git a/servers/slapd/schema/core.schema b/servers/slapd/schema/core.schema index 062839091e..15812176d2 100644 --- a/servers/slapd/schema/core.schema +++ b/servers/slapd/schema/core.schema @@ -77,6 +77,11 @@ attributetype ( 2.5.21.8 NAME 'matchingRuleUse' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation ) +# From X.500(97?) +attributetype ( 2.5.21.9 NAME 'structuralObjectClass' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 + NO-USER-MODIFICATION SINGLE-VALUE USAGE directoryOperation ) # LDAP Operational Attributes from RFC2252 attributetype ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts' diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 774876d7ff..a51c4e63f4 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -91,7 +91,7 @@ static int octetStringMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -111,7 +111,7 @@ octetStringMatch( /* Index generation function */ int octetStringIndexer( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -164,7 +164,7 @@ int octetStringIndexer( /* Index generation function */ int octetStringFilter( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -257,7 +257,7 @@ dnNormalize( static int dnMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -587,7 +587,7 @@ IA5StringNormalize( static int caseExactIA5Match( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -608,7 +608,7 @@ caseExactIA5Match( static int caseExactIA5SubstringsMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -732,7 +732,7 @@ done: /* Index generation function */ int caseExactIA5Indexer( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -785,7 +785,7 @@ int caseExactIA5Indexer( /* Index generation function */ int caseExactIA5Filter( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -831,7 +831,7 @@ int caseExactIA5Filter( static int caseIgnoreIA5Match( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -866,7 +866,7 @@ static char *strcasechr( const char *str, int c ) static int caseIgnoreIA5SubstringsMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -991,7 +991,7 @@ done: /* Index generation function */ int caseIgnoreIA5Indexer( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -1047,7 +1047,7 @@ int caseIgnoreIA5Indexer( /* Index generation function */ int caseIgnoreIA5Filter( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -1151,7 +1151,7 @@ numericStringNormalize( static int objectIdentifierFirstComponentMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -1182,7 +1182,7 @@ objectIdentifierFirstComponentMatch( /* insert attributeTypes, objectclass check here */ if( OID_LEADCHAR(asserted->bv_val[0]) ) { - rc = objectIdentifierMatch( &match, use, syntax, mr, &oid, asserted ); + rc = objectIdentifierMatch( &match, flags, syntax, mr, &oid, asserted ); } else { char *stored = ch_malloc( oid.bv_len + 1 ); diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c index 33192a6661..57df22771a 100644 --- a/servers/slapd/schema_prep.c +++ b/servers/slapd/schema_prep.c @@ -26,7 +26,7 @@ struct slap_internal_schema slap_schema; static int objectClassMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -37,7 +37,7 @@ objectClassMatch( ObjectClass *asserted = oc_find( a->bv_val ); if( asserted == NULL ) { - if( OID_LEADCHAR( *value->bv_val ) ) { + if( OID_LEADCHAR( *a->bv_val ) ) { /* OID form, return FALSE */ *matchp = 1; return LDAP_SUCCESS; @@ -52,15 +52,58 @@ objectClassMatch( return SLAPD_COMPARE_UNDEFINED; } + if( flags & SLAP_MR_MODIFY_MATCHING ) { + *matchp = ( asserted != oc ); + } else { + *matchp = !is_object_subclass( asserted, oc ); + } + #if 0 - Debug( LDAP_DEBUG_TRACE, "objectClassMatch(%s,%s)\n", - value->bv_val, a->bv_val, NULL ); + Debug( LDAP_DEBUG_TRACE, "objectClassMatch(%s,%s) = %d\n", + value->bv_val, a->bv_val, *matchp ); #endif - *matchp = !is_object_subclass( asserted, oc ); + return LDAP_SUCCESS; +} + +#define structuralObjectClassIndexer NULL +#define structuralObjectClassFilter NULL + +static int +structuralObjectClassMatch( + int *matchp, + unsigned flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue ) +{ + struct berval *a = (struct berval *) assertedValue; + ObjectClass *oc = oc_find( value->bv_val ); + ObjectClass *asserted = oc_find( a->bv_val ); + + if( asserted == NULL ) { + if( OID_LEADCHAR( *a->bv_val ) ) { + /* OID form, return FALSE */ + *matchp = 1; + return LDAP_SUCCESS; + } + + /* desc form, return undefined */ + return SLAPD_COMPARE_UNDEFINED; + } - Debug( LDAP_DEBUG_TRACE, "\treturns %d\n", - *matchp, NULL, NULL ); + if ( oc == NULL ) { + /* unrecognized stored value */ + return SLAPD_COMPARE_UNDEFINED; + } + + *matchp = ( asserted != oc ); + +#if 0 + Debug( LDAP_DEBUG_TRACE, "structuralObjectClassMatch(%s,%s) = %d\n", + value->bv_val, a->bv_val, *matchp ); +#endif return LDAP_SUCCESS; } @@ -89,6 +132,10 @@ struct slap_schema_ad_map { { "objectClass", objectClassMatch, objectClassIndexer, objectClassFilter, offsetof(struct slap_internal_schema, si_ad_objectClass) }, + { "structuralObjectClass", + structuralObjectClassMatch, + structuralObjectClassIndexer, structuralObjectClassFilter, + offsetof(struct slap_internal_schema, si_ad_structuralObjectClass) }, /* user entry operational attributes */ { "creatorsName", NULL, NULL, NULL, diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 9b26a5903e..65d96c2d2d 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -242,7 +242,7 @@ typedef int slap_mr_normalize_func LDAP_P(( /* Match (compare) function */ typedef int slap_mr_match_func LDAP_P(( int *match, - unsigned use, + unsigned flags, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, struct berval * value, @@ -250,7 +250,7 @@ typedef int slap_mr_match_func LDAP_P(( /* Index generation function */ typedef int slap_mr_indexer_func LDAP_P(( - unsigned use, + unsigned flags, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, struct berval *prefix, @@ -259,7 +259,7 @@ typedef int slap_mr_indexer_func LDAP_P(( /* Filter index function */ typedef int slap_mr_filter_func LDAP_P(( - unsigned use, + unsigned flags, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, struct berval *prefix, @@ -271,7 +271,8 @@ typedef struct slap_matching_rule { unsigned smr_usage; #define SLAP_MR_TYPE_MASK 0xFF00U -#define SLAP_MR_SUBTYPE_MASK 0x00FFU +#define SLAP_MR_SUBTYPE_MASK 0x00F0U +#define SLAP_MR_USAGE 0x000FU #define SLAP_MR_NONE 0x0000U #define SLAP_MR_EQUALITY 0x0100U @@ -279,11 +280,14 @@ typedef struct slap_matching_rule { #define SLAP_MR_SUBSTR 0x0400U #define SLAP_MR_EXT 0x0800U -#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0001U ) +#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0010U ) + +#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0010U ) +#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0020U ) +#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0040U ) -#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0001U ) -#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0002U ) -#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0004U ) +/* this is used to kludge objectClass testing */ +#define SLAP_MR_MODIFY_MATCHING 0x0001U Syntax *smr_syntax; slap_mr_convert_func *smr_convert; @@ -382,6 +386,7 @@ struct slap_internal_schema { AttributeDescription *si_ad_objectClass; /* operational attributes */ + AttributeDescription *si_ad_structuralObjectClass; AttributeDescription *si_ad_creatorsName; AttributeDescription *si_ad_createTimestamp; AttributeDescription *si_ad_modifiersName; diff --git a/servers/slapd/value.c b/servers/slapd/value.c index 0ddd2518e5..2440a6a6e1 100644 --- a/servers/slapd/value.c +++ b/servers/slapd/value.c @@ -125,12 +125,12 @@ value_match( int *match, AttributeDescription *ad, MatchingRule *mr, + unsigned flags, struct berval *v1, /* stored value */ void *v2, /* assertion */ const char ** text ) { int rc; - int usage = 0; struct berval *nv1 = NULL; if( !mr->smr_match ) { @@ -146,7 +146,7 @@ value_match( } } - rc = (mr->smr_match)( match, usage, + rc = (mr->smr_match)( match, flags, ad->ad_type->sat_syntax, mr, nv1 != NULL ? nv1 : v1, @@ -184,8 +184,8 @@ int value_find( int match; const char *text; - rc = value_match( &match, ad, mr, vals[i], - nval == NULL ? val : nval, &text ); + rc = value_match( &match, ad, mr, 0, + vals[i], nval == NULL ? val : nval, &text ); if( rc == LDAP_SUCCESS && match == 0 ) { return LDAP_SUCCESS; -- 2.39.5