From 58a72b915a265e25f3542eac4871e417c4612c60 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Thu, 10 Jan 2002 05:31:49 +0000 Subject: [PATCH] More operational attribute infrastructure... --- servers/slapd/oc.c | 13 +++ servers/slapd/schema_prep.c | 186 +++++++++++++++++++++++++++++------- servers/slapd/schemaparse.c | 18 +--- 3 files changed, 165 insertions(+), 52 deletions(-) diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c index 1904a3bddb..c2ba69013d 100644 --- a/servers/slapd/oc.c +++ b/servers/slapd/oc.c @@ -389,6 +389,19 @@ oc_add( } } + if ( !OID_LEADCHAR( oc->oc_oid[0] )) { + /* Expand OID macros */ + char *oid = oidm_find( oc->oc_oid ); + if ( !oid ) { + *err = oc->oc_oid; + return SLAP_SCHERR_OIDM; + } + if ( oid != oc->oc_oid ) { + ldap_memfree( oc->oc_oid ); + oc->oc_oid = oid; + } + } + soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) ); AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) ); diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c index d85b980938..143d167498 100644 --- a/servers/slapd/schema_prep.c +++ b/servers/slapd/schema_prep.c @@ -121,23 +121,52 @@ static struct slap_schema_oc_map { ObjectClassSchemaCheckFN *ssom_check; size_t ssom_offset; } oc_map[] = { - { "top", NULL, 0, - offsetof(struct slap_internal_schema, si_oc_top) }, - { "extensibleObject", NULL, 0, - offsetof(struct slap_internal_schema, si_oc_extensibleObject) }, - { "alias", NULL, 0, - offsetof(struct slap_internal_schema, si_oc_alias) }, - { "referral", NULL, 0, - offsetof(struct slap_internal_schema, si_oc_referral) }, - { "LDAProotDSE", NULL, 0, - offsetof(struct slap_internal_schema, si_oc_rootdse) }, - { "subentry", NULL, 0, - offsetof(struct slap_internal_schema, si_oc_subentry) }, - { "subschema", NULL, 0, - offsetof(struct slap_internal_schema, si_oc_subschema) }, + { "top", "( 2.5.6.0 NAME 'top' " + "DESC 'top of the superclass chain' " + "ABSTRACT MUST objectClass )", + 0, offsetof(struct slap_internal_schema, si_oc_top) }, + { "extensibleObject", "( 1.3.6.1.4.1.1466.101.120.111 " + "NAME 'extensibleObject' " + "DESC 'RFC2252: extensible object' " + "SUP top AUXILIARY )", + 0, offsetof(struct slap_internal_schema, si_oc_extensibleObject) }, + { "alias", "( 2.5.6.1 NAME 'alias' " + "DESC 'RFC2256: an alias' " + "SUP top STRUCTURAL " + "MUST aliasedObjectName )", + 0, offsetof(struct slap_internal_schema, si_oc_alias) }, + { "referral", "( 2.16.840.1.113730.3.2.6 NAME 'referral' " + "DESC 'namedref: named subordinate referral' " + "SUP top STRUCTURAL MUST ref )", + 0, offsetof(struct slap_internal_schema, si_oc_referral) }, + { "LDAProotDSE", "( 1.3.6.1.4.1.4203.1.4.1 " + "NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' ) " + "DESC 'OpenLDAP Root DSE object' " + "SUP top STRUCTURAL MAY cn )", + 0, offsetof(struct slap_internal_schema, si_oc_rootdse) }, + { "subentry", "( 2.5.20.0 NAME 'subentry' " + "SUP top STRUCTURAL " + "MUST ( cn $ subtreeSpecification ) )", + 0, offsetof(struct slap_internal_schema, si_oc_subentry) }, + { "subschema", "( 2.5.20.1 NAME 'subschema' " + "DESC 'RFC2252: controlling subschema (sub)entry' " + "AUXILIARY" + "MAY ( dITStructureRules $ nameForms $ ditContentRules $ " + "objectClasses $ attributeTypes $ matchingRules $ " + "matchingRuleUse ) )", + 0, offsetof(struct slap_internal_schema, si_oc_subschema) }, + { "collectiveAttributes", "( 2.5.20.2 " + "NAME 'collectiveAttributes' " + "AUXILIARY )", + 0, + offsetof(struct slap_internal_schema, si_oc_collectiveAttributes) }, { NULL, 0 } }; +static AttributeTypeSchemaCheckFN rootDseAttribute; +static AttributeTypeSchemaCheckFN subentryAttribute; +static AttributeTypeSchemaCheckFN referralAttribute; + static struct slap_schema_ad_map { char *ssam_name; char *ssam_defn; @@ -241,37 +270,37 @@ static struct slap_schema_ad_map { { "altServer", "( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' " "DESC 'RFC2252: alternative servers' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_altServer) }, { "namingContexts", "( 1.3.6.1.4.1.1466.101.120.5 " "NAME 'namingContexts' " "DESC 'RFC2252: naming contexts' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_namingContexts) }, { "supportedControl", "( 1.3.6.1.4.1.1466.101.120.13 " "NAME 'supportedControl' " "DESC 'RFC2252: supported controls' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedControl) }, { "supportedExtension", "( 1.3.6.1.4.1.1466.101.120.7 " "NAME 'supportedExtension' " "DESC 'RFC2252: supported extended operations' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedExtension) }, { "supportedLDAPVersion", "( 1.3.6.1.4.1.1466.101.120.15 " "NAME 'supportedLDAPVersion' " "DESC 'RFC2252: supported LDAP versions' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedLDAPVersion) }, { "supportedSASLMechanisms", "( 1.3.6.1.4.1.1466.101.120.14 " "NAME 'supportedSASLMechanisms' " "DESC 'RFC2252: supported SASL mechanisms'" "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedSASLMechanisms) }, { "supportedFeatures", "( 1.3.6.1.4.1.4203.1.3.5 " "NAME 'supportedFeatures' " @@ -279,7 +308,7 @@ static struct slap_schema_ad_map { "EQUALITY objectIdentifierMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 " "USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedFeatures) }, { "vendorName", "( 1.3.6.1.1.4 NAME 'vendorName' " "DESC 'RFC3045: name of implementation vendor' " @@ -287,7 +316,7 @@ static struct slap_schema_ad_map { "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " "SINGLE-VALUE NO-USER-MODIFICATION " "USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_vendorName) }, { "vendorVersion", "( 1.3.6.1.1.5 NAME 'vendorVersion' " "DESC 'RFC3045: version of implementation' " @@ -295,7 +324,7 @@ static struct slap_schema_ad_map { "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " "SINGLE-VALUE NO-USER-MODIFICATION " "USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_vendorVersion) }, /* subentry attributes */ @@ -309,7 +338,7 @@ static struct slap_schema_ad_map { "SINGLE-VALUE " "USAGE directoryOperation " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_subtreeSpecification) }, /* subschema subentry attributes */ @@ -318,50 +347,50 @@ static struct slap_schema_ad_map { "EQUALITY integerFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 " "USAGE directoryOperation ) ", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ditStructureRules) }, { "ditContentRules", "( 2.5.21.2 NAME 'dITContentRules' " "DESC 'RFC2252: DIT content rules' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ditContentRules) }, { "matchingRules", "( 2.5.21.4 NAME 'matchingRules' " "DESC 'RFC2252: matching rules' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_matchingRules) }, { "attributeTypes", "( 2.5.21.5 NAME 'attributeTypes' " "DESC 'RFC2252: attribute types' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_attributeTypes) }, { "objectClasses", "( 2.5.21.6 NAME 'objectClasses' " "DESC 'RFC2252: object classes' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_objectClasses) }, { "nameForms", "( 2.5.21.7 NAME 'nameForms' " "DESC 'RFC2252: name forms ' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_nameForms) }, { "matchingRuleUse", "( 2.5.21.8 NAME 'matchingRuleUse' " "DESC 'RFC2252: matching rule uses' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_matchingRuleUse) }, { "ldapSyntaxes", "( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' " "DESC 'RFC2252: LDAP syntaxes' " "EQUALITY objectIdentifierFirstComponentMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )", - NULL, NULL, NULL, NULL, + subentryAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ldapSyntaxes) }, /* knowledge information */ @@ -377,7 +406,7 @@ static struct slap_schema_ad_map { "EQUALITY caseExactMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " "USAGE distributedOperation )", - NULL, NULL, NULL, NULL, + referralAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ref) }, /* access control internals */ @@ -417,7 +446,7 @@ static struct slap_schema_ad_map { "DESC 'RFC2589: dynamic subtrees' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION " "USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + rootDseAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_dynamicSubtrees) }, /* userApplication attributes */ @@ -461,7 +490,7 @@ static struct slap_schema_ad_map { "EQUALITY caseExactIA5Match " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} " "USAGE dSAOperation )", - NULL, NULL, NULL, NULL, + subschemaAttribute, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_authPassword) }, #endif #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND @@ -546,6 +575,40 @@ slap_schema_load( void ) ldap_memfree( at ); } } + + for( i=0; oc_map[i].ssom_name; i++ ) { + LDAPObjectClass *oc; + int code; + const char *err; + + oc = ldap_str2objectclass( oc_map[i].ssom_defn, &code, &err, + LDAP_SCHEMA_ALLOW_ALL ); + if ( !oc ) { + fprintf( stderr, "slap_schema_load: " + "%s: %s before %s\n", + oc_map[i].ssom_name, ldap_scherr2str(code), err ); + return code; + } + + if ( oc->oc_oid == NULL ) { + fprintf( stderr, "slap_schema_load: " + "%s: objectclass has no OID\n", + oc_map[i].ssom_name ); + return LDAP_OTHER; + } + + code = oc_add(oc,&err); + if ( code ) { + fprintf( stderr, "slap_schema_load: " + "%s: %s: \"%s\"\n", + oc_map[i].ssom_name, scherr2str(code), err); + return code; + } + + ldap_memfree(oc); + return 0; + } + return LDAP_SUCCESS; } @@ -639,3 +702,56 @@ slap_schema_check( void ) ++schema_init_done; return LDAP_SUCCESS; } + +static int rootDseAttribute ( + Entry *e, + Attribute *attr, + const char** text, + char *textbuf, size_t textlen ) +{ + *text = textbuf; + if( e->e_nname.bv_len ) { + snprintf( textbuf, textlen, + "attribute \"%s\"only allowed in the root DSE", + attr->a_desc->ad_cname.bv_val ); + return LDAP_OBJECT_CLASS_VIOLATION; + } + + /* we should not be called for the root DSE */ + assert( 0 ); + return LDAP_SUCCESS; +} + +static int subentryAttribute ( + Entry *e, + Attribute *attr, + const char** text, + char *textbuf, size_t textlen ) +{ + *text = textbuf; + if( !is_entry_subentry( e ) ) { + snprintf( textbuf, textlen, + "attribute \"%s\"only allowed in the subentry", + attr->a_desc->ad_cname.bv_val ); + return LDAP_OBJECT_CLASS_VIOLATION; + } + + return LDAP_SUCCESS; +} + +static int referralAttribute ( + Entry *e, + Attribute *attr, + const char** text, + char *textbuf, size_t textlen ) +{ + *text = textbuf; + if( !is_entry_referral( e ) ) { + snprintf( textbuf, textlen, + "attribute \"%s\"only allowed in the referral", + attr->a_desc->ad_cname.bv_val ); + return LDAP_OBJECT_CLASS_VIOLATION; + } + + return LDAP_SUCCESS; +} diff --git a/servers/slapd/schemaparse.c b/servers/slapd/schemaparse.c index 991c6504c9..5f82e94c88 100644 --- a/servers/slapd/schemaparse.c +++ b/servers/slapd/schemaparse.c @@ -101,9 +101,8 @@ parse_oc( LDAPObjectClass *oc; int code; const char *err; - char *oid = NULL; - oc = ldap_str2objectclass(line,&code,&err,LDAP_SCHEMA_ALLOW_ALL); + oc = ldap_str2objectclass(line, &code, &err, LDAP_SCHEMA_ALLOW_ALL ); if ( !oc ) { fprintf( stderr, "%s: line %d: %s before %s\n", fname, lineno, ldap_scherr2str(code), err ); @@ -119,21 +118,6 @@ parse_oc( return 1; } - if ( !OID_LEADCHAR( oc->oc_oid[0] )) { - /* Expand OID macros */ - oid = oidm_find( oc->oc_oid ); - if ( !oid ) { - fprintf( stderr, - "%s: line %d: OID %s not recognized\n", - fname, lineno, oc->oc_oid); - return 1; - } - if ( oid != oc->oc_oid ) { - ldap_memfree( oc->oc_oid ); - oc->oc_oid = oid; - } - } - code = oc_add(oc,&err); if ( code ) { fprintf( stderr, "%s: line %d: %s: \"%s\"\n", -- 2.39.5