From 59c4d9fad9e50ebe1723463546fef593306ac494 Mon Sep 17 00:00:00 2001 From: Hallvard Furuseth Date: Tue, 21 Oct 2008 18:57:16 +0000 Subject: [PATCH] Cleanup: Add lmpats_out[] to simplify limits2str(). Wrap both in #ifdef LDAP_DEBUG. Change char *lmpats[] to struct berval[]. Remove always-true compare. Readability: Add STRSTART, rearrange limits_get, fix comments & long lines. --- servers/slapd/limits.c | 290 ++++++++++++++++++++--------------------- 1 file changed, 144 insertions(+), 146 deletions(-) diff --git a/servers/slapd/limits.c b/servers/slapd/limits.c index a70c0881fb..ecd68f497e 100644 --- a/servers/slapd/limits.c +++ b/servers/slapd/limits.c @@ -27,45 +27,39 @@ /* define to get an error if requesting limit higher than hard */ #undef ABOVE_HARD_LIMIT_IS_ERROR +static const struct berval lmpats[] = { + BER_BVC( "base" ), + BER_BVC( "base" ), + BER_BVC( "onelevel" ), + BER_BVC( "subtree" ), + BER_BVC( "children" ), + BER_BVC( "regex" ), + BER_BVC( "anonymous" ), + BER_BVC( "users" ), + BER_BVC( "*" ) +}; + #ifdef LDAP_DEBUG static const char *const dn_source[2] = { "DN", "DN.THIS" }; -#endif +static const char *const lmpats_out[] = { + "UNDEFINED", + "EXACT", + "ONELEVEL", + "SUBTREE", + "CHILDREN", + "REGEX", + "ANONYMOUS", + "USERS", + "ANY" +}; -static char * +static const char * limits2str( unsigned i ) { - switch ( i ) { - case SLAP_LIMITS_UNDEFINED: - return "UNDEFINED"; - - case SLAP_LIMITS_EXACT: - return "EXACT"; - - case SLAP_LIMITS_ONE: - return "ONELEVEL"; - - case SLAP_LIMITS_SUBTREE: - return "SUBTREE"; - - case SLAP_LIMITS_CHILDREN: - return "CHILDREN"; - - case SLAP_LIMITS_REGEX: - return "REGEX"; - - case SLAP_LIMITS_ANONYMOUS: - return "ANONYMOUS"; - - case SLAP_LIMITS_USERS: - return "USERS"; - - case SLAP_LIMITS_ANY: - return "ANY"; - - default: - return "UNKNOWN"; - } + return i < (sizeof( lmpats_out ) / sizeof( lmpats_out[0] )) + ? lmpats_out[i] : "UNKNOWN"; } +#endif /* LDAP_DEBUG */ static int limits_get( @@ -108,29 +102,16 @@ limits_get( } if ( type == SLAP_LIMITS_TYPE_GROUP ) { - int rc; - - rc = backend_group( op, NULL, + int rc = backend_group( op, NULL, &lm[0]->lm_pat, ndn, lm[0]->lm_group_oc, lm[0]->lm_group_ad ); if ( rc == 0 ) { - *limit = &lm[0]->lm_limits; - Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=GROUP match=EXACT " - "dn=\"%s\" oc=\"%s\" ad=\"%s\"\n", - lm[0]->lm_pat.bv_val, - lm[0]->lm_group_oc->soc_cname.bv_val, - lm[0]->lm_group_ad->ad_cname.bv_val ); - - return( 0 ); + goto found_group; } } else { - if ( dn_match( &lm[0]->lm_pat, ndn ) ) { - *limit = &lm[0]->lm_limits; - Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=EXACT dn=\"%s\"\n", - dn_source[isthis], lm[0]->lm_pat.bv_val, 0 ); - return( 0 ); + goto found_dn; } } break; @@ -138,20 +119,20 @@ limits_get( case SLAP_LIMITS_ONE: case SLAP_LIMITS_SUBTREE: case SLAP_LIMITS_CHILDREN: { - size_t d; + ber_len_t d; if ( BER_BVISEMPTY( ndn ) ) { break; } - /* ndn shorter than dn_pat */ + /* ndn shorter than lm_pat */ if ( ndn->bv_len < lm[0]->lm_pat.bv_len ) { break; } d = ndn->bv_len - lm[0]->lm_pat.bv_len; - /* allow exact match for SUBTREE only */ if ( d == 0 ) { + /* allow exact match for SUBTREE only */ if ( style != SLAP_LIMITS_SUBTREE ) { break; } @@ -162,62 +143,39 @@ limits_get( } } - /* in case of (sub)match ... */ - if ( lm[0]->lm_pat.bv_len == ( ndn->bv_len - d ) - && strcmp( lm[0]->lm_pat.bv_val, - &ndn->bv_val[d] ) == 0 ) - { - /* check for exactly one rdn in case of ONE */ - if ( style == SLAP_LIMITS_ONE ) { - /* - * if ndn is more that one rdn - * below dn_pat, continue - */ - if ( (size_t) dn_rdnlen( NULL, ndn ) - != d - 1 ) - { - break; - } - } + /* check that ndn ends with lm_pat */ + if ( strcmp( lm[0]->lm_pat.bv_val, &ndn->bv_val[d] ) != 0 ) { + break; + } - *limit = &lm[0]->lm_limits; - Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s dn=\"%s\"\n", - dn_source[isthis], limits2str( style ), lm[0]->lm_pat.bv_val ); - return( 0 ); + /* in case of ONE, require exactly one rdn below lm_pat */ + if ( style == SLAP_LIMITS_ONE ) { + if ( dn_rdnlen( NULL, ndn ) != d - 1 ) { + break; + } } - break; + goto found_dn; } case SLAP_LIMITS_REGEX: if ( BER_BVISEMPTY( ndn ) ) { break; } - if ( regexec( &lm[0]->lm_regex, ndn->bv_val, - 0, NULL, 0 ) == 0 ) - { - *limit = &lm[0]->lm_limits; - Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s dn=\"%s\"\n", - dn_source[isthis], limits2str( style ), lm[0]->lm_pat.bv_val ); - return( 0 ); + if ( regexec( &lm[0]->lm_regex, ndn->bv_val, 0, NULL, 0 ) == 0 ) { + goto found_dn; } break; case SLAP_LIMITS_ANONYMOUS: if ( BER_BVISEMPTY( ndn ) ) { - Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n", - dn_source[isthis], limits2str( style ), 0 ); - *limit = &lm[0]->lm_limits; - return( 0 ); + goto found; } break; case SLAP_LIMITS_USERS: if ( !BER_BVISEMPTY( ndn ) ) { - *limit = &lm[0]->lm_limits; - Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n", - dn_source[isthis], limits2str( style ), 0 ); - return( 0 ); + goto found; } break; @@ -225,6 +183,28 @@ limits_get( *limit = &lm[0]->lm_limits; return( 0 ); + found: + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n", + dn_source[isthis], limits2str( style ), 0 ); + *limit = &lm[0]->lm_limits; + return( 0 ); + + found_dn: + Debug( LDAP_DEBUG_TRACE, + "<== limits_get: type=%s match=%s dn=\"%s\"\n", + dn_source[isthis], limits2str( style ), lm[0]->lm_pat.bv_val ); + *limit = &lm[0]->lm_limits; + return( 0 ); + + found_group: + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=GROUP match=EXACT " + "dn=\"%s\" oc=\"%s\" ad=\"%s\"\n", + lm[0]->lm_pat.bv_val, + lm[0]->lm_group_oc->soc_cname.bv_val, + lm[0]->lm_group_ad->ad_cname.bv_val ); + *limit = &lm[0]->lm_limits; + return( 0 ); + default: assert( 0 ); /* unreachable */ return( -1 ); @@ -336,6 +316,8 @@ limits_add( return( 0 ); } +#define STRSTART( s, m ) (strncasecmp( s, m, STRLENOF( "" m "" )) == 0) + int limits_parse( Backend *be, @@ -407,15 +389,15 @@ limits_parse( } else if ( strcasecmp( pattern, "users" ) == 0 ) { flags = SLAP_LIMITS_USERS; - } else if ( strncasecmp( pattern, "dn", STRLENOF( "dn" ) ) == 0 ) { + } else if ( STRSTART( pattern, "dn" ) ) { pattern += STRLENOF( "dn" ); flags = SLAP_LIMITS_TYPE_SELF; if ( pattern[0] == '.' ) { pattern++; - if ( strncasecmp( pattern, "this", STRLENOF( "this" )) == 0 ) { + if ( STRSTART( pattern, "this" ) ) { flags = SLAP_LIMITS_TYPE_THIS; pattern += STRLENOF( "this" ); - } else if ( strncasecmp( pattern, "self", STRLENOF( "self" )) == 0 ) { + } else if ( STRSTART( pattern, "self" ) ) { pattern += STRLENOF( "self" ); } else { goto got_dn_dot; @@ -424,18 +406,18 @@ limits_parse( if ( pattern[0] == '.' ) { pattern++; got_dn_dot: - if ( strncasecmp( pattern, "exact", STRLENOF( "exact" )) == 0 ) { + if ( STRSTART( pattern, "exact" ) ) { flags |= SLAP_LIMITS_EXACT; pattern += STRLENOF( "exact" ); - } else if ( strncasecmp( pattern, "base", STRLENOF( "base" ) ) == 0 ) { + } else if ( STRSTART( pattern, "base" ) ) { flags |= SLAP_LIMITS_BASE; pattern += STRLENOF( "base" ); - } else if ( strncasecmp( pattern, "one", STRLENOF( "one" ) ) == 0 ) { + } else if ( STRSTART( pattern, "one" ) ) { flags |= SLAP_LIMITS_ONE; pattern += STRLENOF( "one" ); - if ( strncasecmp( pattern, "level", STRLENOF( "level" ) ) == 0 ) { + if ( STRSTART( pattern, "level" ) ) { pattern += STRLENOF( "level" ); } else { @@ -445,10 +427,10 @@ limits_parse( "use \"onelevel\" instead.\n", fname, lineno, 0 ); } - } else if ( strncasecmp( pattern, "sub", STRLENOF( "sub" ) ) == 0 ) { + } else if ( STRSTART( pattern, "sub" ) ) { flags |= SLAP_LIMITS_SUBTREE; pattern += STRLENOF( "sub" ); - if ( strncasecmp( pattern, "tree", STRLENOF( "tree" ) ) == 0 ) { + if ( STRSTART( pattern, "tree" ) ) { pattern += STRLENOF( "tree" ); } else { @@ -458,11 +440,11 @@ limits_parse( "use \"subtree\" instead.\n", fname, lineno, 0 ); } - } else if ( strncasecmp( pattern, "children", STRLENOF( "children" ) ) == 0 ) { + } else if ( STRSTART( pattern, "children" ) ) { flags |= SLAP_LIMITS_CHILDREN; pattern += STRLENOF( "children" ); - } else if ( strncasecmp( pattern, "regex", STRLENOF( "regex" ) ) == 0 ) { + } else if ( STRSTART( pattern, "regex" ) ) { flags |= SLAP_LIMITS_REGEX; pattern += STRLENOF( "regex" ); @@ -470,7 +452,7 @@ limits_parse( * this could be deprecated in favour * of the pattern = "anonymous" form */ - } else if ( strncasecmp( pattern, "anonymous", STRLENOF( "anonymous" ) ) == 0 + } else if ( STRSTART( pattern, "anonymous" ) && flags == SLAP_LIMITS_TYPE_SELF ) { flags = SLAP_LIMITS_ANONYMOUS; @@ -515,7 +497,7 @@ limits_parse( } } - } else if (strncasecmp( pattern, "group", STRLENOF( "group" ) ) == 0 ) { + } else if (STRSTART( pattern, "group" ) ) { pattern += STRLENOF( "group" ); if ( pattern[0] == '/' ) { @@ -665,14 +647,16 @@ limits_parse_one( assert( arg != NULL ); assert( limit != NULL ); - if ( strncasecmp( arg, "time", STRLENOF( "time" ) ) == 0 ) { + if ( STRSTART( arg, "time" ) ) { arg += STRLENOF( "time" ); if ( arg[0] == '.' ) { arg++; - if ( strncasecmp( arg, "soft=", STRLENOF( "soft=" ) ) == 0 ) { + if ( STRSTART( arg, "soft=" ) ) { arg += STRLENOF( "soft=" ); - if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_t_soft = -1; } else { @@ -689,12 +673,14 @@ limits_parse_one( limit->lms_t_soft = soft; } - } else if ( strncasecmp( arg, "hard=", STRLENOF( "hard=" ) ) == 0 ) { + } else if ( STRSTART( arg, "hard=" ) ) { arg += STRLENOF( "hard=" ); if ( strcasecmp( arg, "soft" ) == 0 ) { limit->lms_t_hard = 0; - } else if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + } else if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_t_hard = -1; } else { @@ -721,7 +707,9 @@ limits_parse_one( } else if ( arg[0] == '=' ) { arg++; - if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_t_soft = -1; } else { @@ -737,14 +725,16 @@ limits_parse_one( return( 1 ); } - } else if ( strncasecmp( arg, "size", STRLENOF( "size" ) ) == 0 ) { + } else if ( STRSTART( arg, "size" ) ) { arg += STRLENOF( "size" ); if ( arg[0] == '.' ) { arg++; - if ( strncasecmp( arg, "soft=", STRLENOF( "soft=" ) ) == 0 ) { + if ( STRSTART( arg, "soft=" ) ) { arg += STRLENOF( "soft=" ); - if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_s_soft = -1; } else { @@ -761,12 +751,14 @@ limits_parse_one( limit->lms_s_soft = soft; } - } else if ( strncasecmp( arg, "hard=", STRLENOF( "hard=" ) ) == 0 ) { + } else if ( STRSTART( arg, "hard=" ) ) { arg += STRLENOF( "hard=" ); if ( strcasecmp( arg, "soft" ) == 0 ) { limit->lms_s_hard = 0; - } else if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + } else if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_s_hard = -1; } else { @@ -787,9 +779,11 @@ limits_parse_one( limit->lms_s_hard = hard; } - } else if ( strncasecmp( arg, "unchecked=", STRLENOF( "unchecked=" ) ) == 0 ) { + } else if ( STRSTART( arg, "unchecked=" ) ) { arg += STRLENOF( "unchecked=" ); - if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_s_unchecked = -1; } else if ( strcasecmp( arg, "disabled" ) == 0 ) { @@ -809,12 +803,14 @@ limits_parse_one( limit->lms_s_unchecked = unchecked; } - } else if ( strncasecmp( arg, "pr=", STRLENOF( "pr=" ) ) == 0 ) { + } else if ( STRSTART( arg, "pr=" ) ) { arg += STRLENOF( "pr=" ); if ( strcasecmp( arg, "noEstimate" ) == 0 ) { limit->lms_s_pr_hide = 1; - } else if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + } else if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_s_pr = -1; } else { @@ -831,10 +827,12 @@ limits_parse_one( limit->lms_s_pr = pr; } - } else if ( strncasecmp( arg, "prtotal=", STRLENOF( "prtotal=" ) ) == 0 ) { + } else if ( STRSTART( arg, "prtotal=" ) ) { arg += STRLENOF( "prtotal=" ); - if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_s_pr_total = -1; } else if ( strcasecmp( arg, "disabled" ) == 0 ) { @@ -867,7 +865,9 @@ limits_parse_one( } else if ( arg[0] == '=' ) { arg++; - if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) { + if ( strcasecmp( arg, "unlimited" ) == 0 + || strcasecmp( arg, "none" ) == 0 ) + { limit->lms_s_soft = -1; } else { @@ -887,18 +887,6 @@ limits_parse_one( return 0; } -static const char *lmpats[] = { - "base", - "base", - "onelevel", - "subtree", - "children", - "regex", - "anonymous", - "users", - "*" -}; - #define WHATSLEFT ( buflen - ( ptr - bv->bv_val ) ) /* Caller must provide an adequately sized buffer in bv */ @@ -933,8 +921,8 @@ limits_unparse( struct slap_limits *lim, struct berval *bv, ber_len_t buflen ) case SLAP_LIMITS_ANONYMOUS: case SLAP_LIMITS_USERS: case SLAP_LIMITS_ANY: - if ( WHATSLEFT <= strlen( lmpats[lm] ) ) return -1; - ptr = lutil_strcopy( ptr, lmpats[lm] ); + if ( WHATSLEFT <= lmpats[lm].bv_len ) return -1; + ptr = lutil_strcopy( ptr, lmpats[lm].bv_val ); break; case SLAP_LIMITS_UNDEFINED: case SLAP_LIMITS_EXACT: @@ -945,9 +933,9 @@ limits_unparse( struct slap_limits *lim, struct berval *bv, ber_len_t buflen ) dntypelen = type == SLAP_LIMITS_TYPE_SELF ? STRLENOF( "dn." ) : STRLENOF( "dn.this." ); if ( WHATSLEFT <= dntypelen + STRLENOF( "=" "\"" "\"" ) - + strlen( lmpats[lm] ) + lim->lm_pat.bv_len ) return -1; + + lmpats[lm].bv_len + lim->lm_pat.bv_len ) return -1; ptr = lutil_strncopy( ptr, "dn.this.", dntypelen ); - ptr = lutil_strcopy( ptr, lmpats[lm] ); + ptr = lutil_strcopy( ptr, lmpats[lm].bv_val ); *ptr++ = '='; *ptr++ = '"'; ptr = lutil_strcopy( ptr, lim->lm_pat.bv_val ); @@ -970,7 +958,11 @@ limits_unparse( struct slap_limits *lim, struct berval *bv, ber_len_t buflen ) /* Caller must provide an adequately sized buffer in bv */ int -limits_unparse_one( struct slap_limits_set *lim, int which, struct berval *bv, ber_len_t buflen ) +limits_unparse_one( + struct slap_limits_set *lim, + int which, + struct berval *bv, + ber_len_t buflen ) { char *ptr; @@ -1225,7 +1217,9 @@ limits_check( Operation *op, SlapReply *rs ) return -1; } - if ( op->ors_limit->lms_s_pr > 0 && ps->ps_size > op->ors_limit->lms_s_pr ) { + if ( op->ors_limit->lms_s_pr > 0 + && ps->ps_size > op->ors_limit->lms_s_pr ) + { rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; rs->sr_text = "illegal pagedResults page size"; send_ldap_result( op, rs ); @@ -1254,7 +1248,8 @@ limits_check( Operation *op, SlapReply *rs ) #ifdef ABOVE_HARD_LIMIT_IS_ERROR } else if ( pr_total > 0 && op->ors_slimit != SLAP_MAX_LIMIT - && ( op->ors_slimit == SLAP_NO_LIMIT || op->ors_slimit > pr_total ) ) + && ( op->ors_slimit == SLAP_NO_LIMIT + || op->ors_slimit > pr_total ) ) { rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; send_ldap_result( op, rs ); @@ -1267,16 +1262,19 @@ limits_check( Operation *op, SlapReply *rs ) int total; int slimit2; - /* first round of pagedResults: set count to any appropriate limit */ + /* first round of pagedResults: + * set count to any appropriate limit */ - /* if the limit is set, check that it does not violate any server-side limit */ + /* if the limit is set, check that it does + * not violate any server-side limit */ #ifdef ABOVE_HARD_LIMIT_IS_ERROR - if ( op->ors_slimit == SLAP_MAX_LIMIT ) { - slimit2 = op->ors_slimit = pr_total; + if ( op->ors_slimit == SLAP_MAX_LIMIT ) #else /* ! ABOVE_HARD_LIMIT_IS_ERROR */ - if ( op->ors_slimit == SLAP_MAX_LIMIT || op->ors_slimit > pr_total ) { - slimit2 = op->ors_slimit = pr_total; + if ( op->ors_slimit == SLAP_MAX_LIMIT + || op->ors_slimit > pr_total ) #endif /* ! ABOVE_HARD_LIMIT_IS_ERROR */ + { + slimit2 = op->ors_slimit = pr_total; } else if ( op->ors_slimit == 0 ) { slimit2 = pr_total; @@ -1295,7 +1293,7 @@ limits_check( Operation *op, SlapReply *rs ) } else { /* use the perpage limit if any - * NOTE: + 1 because the given value must be legal */ + * NOTE: + 1 because given value must be legal */ slimit = op->ors_limit->lms_s_pr + 1; } -- 2.39.5