From 741f9ea38386231960c7df2085ddcf7819dfab9b Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Thu, 9 Sep 2004 02:07:27 +0000 Subject: [PATCH] Add initial dnSubtreeMatch. Should reuse other DN routines. Need to add various other DN matching rule functions. This commit, combined with entryDN and slapcat -a, should fully address ITS#3112. --- servers/slapd/dn.c | 62 +++++++++++++++++++++++++++++++------ servers/slapd/proto-slap.h | 8 +++++ servers/slapd/schema_init.c | 30 ++++++++++++++++++ servers/slapd/schema_prep.c | 12 +++++++ servers/slapd/slap.h | 6 ++++ 5 files changed, 108 insertions(+), 10 deletions(-) diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c index a74aa42832..9b6edbcf68 100644 --- a/servers/slapd/dn.c +++ b/servers/slapd/dn.c @@ -958,7 +958,54 @@ dnMatch( match, value->bv_val, asserted->bv_val ); *matchp = match; - return( LDAP_SUCCESS ); + return LDAP_SUCCESS; +} + +/* + * dnRelativeMatch routine + */ +int +dnRelativeMatch( + int *matchp, + slap_mask_t flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue ) +{ + int match; + struct berval *asserted = (struct berval *) assertedValue; + + assert( matchp ); + assert( value ); + assert( assertedValue ); + assert( !BER_BVISNULL( value ) ); + assert( !BER_BVISNULL( asserted ) ); + + if( mr == slap_schema.si_mr_dnSubtreeMatch ) { + if( asserted->bv_len > value->bv_len ) { + match = -1; + } else if ( asserted->bv_len == value->bv_len ) { + match = memcmp( value->bv_val, asserted->bv_val, + value->bv_len ); + } else { + if( DN_SEPARATOR( + value->bv_val[value->bv_len - asserted->bv_len - 1] )) + { + match = memcmp( + &value->bv_val[value->bv_len - asserted->bv_len], + asserted->bv_val, + asserted->bv_len ); + } else { + return 1; + } + } + + *matchp = match; + return LDAP_SUCCESS; + } + + return LDAP_OTHER; } int @@ -988,8 +1035,7 @@ rdnMatch( match, value->bv_val, asserted->bv_val ); *matchp = match; - - return( LDAP_SUCCESS ); + return LDAP_SUCCESS; } @@ -1046,14 +1092,11 @@ dnExtractRdn( return rc; } - rc = ldap_rdn2bv_x( tmpRDN, rdn, LDAP_DN_FORMAT_LDAPV3 | LDAP_DN_PRETTY, ctx ); + rc = ldap_rdn2bv_x( tmpRDN, rdn, LDAP_DN_FORMAT_LDAPV3 | LDAP_DN_PRETTY, + ctx ); ldap_rdnfree_x( tmpRDN, ctx ); - if ( rc != LDAP_SUCCESS ) { - return rc; - } - - return LDAP_SUCCESS; + return rc; } /* @@ -1253,7 +1296,6 @@ dnX509normalize( void *x509_name, struct berval *out ) int dnX509peerNormalize( void *ssl, struct berval *dn ) { - return ldap_pvt_tls_get_peer_dn( ssl, dn, (LDAPDN_rewrite_dummy *)LDAPDN_rewrite, 0 ); } diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index f05259524b..988952ba50 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -506,6 +506,14 @@ LDAP_SLAPD_F (int) dnMatch LDAP_P(( struct berval *value, void *assertedValue )); +LDAP_SLAPD_F (int) dnRelativeMatch LDAP_P(( + int *matchp, + slap_mask_t flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue )); + LDAP_SLAPD_F (int) rdnMatch LDAP_P(( int *matchp, slap_mask_t flags, diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index d995917870..07d3ceccac 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -3210,6 +3210,36 @@ static slap_mrule_defs_rec mrule_defs[] = { octetStringIndexer, octetStringFilter, NULL }, + {"( 1.3.6.1.4.1.4203.666.4.9 NAME 'dnSubtreeMatch' " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )", + SLAP_MR_HIDE | SLAP_MR_EXT, NULL, + NULL, dnNormalize, dnRelativeMatch, + NULL, NULL, + NULL }, + +#if 0 + {"( 1.3.6.1.4.1.4203.666.4.8 NAME 'dnOneLevelMatch' " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )", + SLAP_MR_HIDE | SLAP_MR_EXT, NULL, + NULL, dnNormalize, dnRelativeMatch, + NULL, NULL, + NULL }, + + {"( 1.3.6.1.4.1.4203.666.4.10 NAME 'dnSubordinateMatch' " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )", + SLAP_MR_HIDE | SLAP_MR_EXT, NULL, + NULL, dnNormalize, dnRelativeMatch, + NULL, NULL, + NULL }, + + {"( 1.3.6.1.4.1.4203.666.4.11 NAME 'dnSuperiorMatch' " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )", + SLAP_MR_HIDE | SLAP_MR_EXT, NULL, + NULL, dnNormalize, dnRelativeMatch, + NULL, NULL, + NULL }, +#endif + {"( 1.2.36.79672281.1.13.3 NAME 'rdnMatch' " "SYNTAX 1.2.36.79672281.1.5.0 )", SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL, diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c index 0af3fde49e..82ab93dea1 100644 --- a/servers/slapd/schema_prep.c +++ b/servers/slapd/schema_prep.c @@ -991,6 +991,18 @@ static struct slap_schema_mr_map { offsetof(struct slap_internal_schema, si_mr_caseExactSubstringsMatch) }, { "distinguishedNameMatch", offsetof(struct slap_internal_schema, si_mr_distinguishedNameMatch) }, + { "dnSubtreeMatch", + offsetof(struct slap_internal_schema, si_mr_dnSubtreeMatch) }, + +#if 0 + { "dnOneLevelMatch", + offsetof(struct slap_internal_schema, si_mr_dnOneLevelMatch) }, + { "dnSubordinateMatch", + offsetof(struct slap_internal_schema, si_mr_dnSubordinateMatch) }, + { "dnSuperiorMatch", + offsetof(struct slap_internal_schema, si_mr_dnSuperiorMatch) }, +#endif + { "integerMatch", offsetof(struct slap_internal_schema, si_mr_integerMatch) }, { "integerFirstComponentMatch", diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 8cc963126a..e22a503e09 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -868,6 +868,12 @@ struct slap_internal_schema { /* Matching Rules */ MatchingRule *si_mr_distinguishedNameMatch; + MatchingRule *si_mr_dnSubtreeMatch; +#if 0 + MatchingRule *si_mr_dnOneLevelMatch; + MatchingRule *si_mr_dnSubordinateMatch; + MatchingRule *si_mr_dnSuperiorMatch; +#endif MatchingRule *si_mr_caseExactMatch; MatchingRule *si_mr_caseExactSubstringsMatch; MatchingRule *si_mr_caseExactIA5Match; -- 2.39.5