From 77a925d7f6936675fca087fce3bb700d7a6fe646 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Tue, 10 May 2005 18:06:47 +0000 Subject: [PATCH] Sync with HEAD in prep for 2.3.3beta --- build/ltmain.sh | 16 + build/top.mk | 9 +- configure | 2 +- configure.in | 4 +- contrib/slapd-modules/comp_match/Makefile | 2 +- .../slapd-modules/comp_match/certificate.asn1 | 31 + .../slapd-modules/comp_match/certificate.c | 57 +- .../slapd-modules/comp_match/certificate.h | 26 +- .../slapd-modules/comp_match/componentlib.c | 46 + .../slapd-modules/comp_match/componentlib.h | 3 +- contrib/slapd-modules/comp_match/crl.c | 2 +- contrib/slapd-modules/comp_match/init.c | 9 +- doc/man/man8/slapd.8 | 18 +- servers/slapd/acl.c | 8 +- servers/slapd/aclparse.c | 52 +- servers/slapd/back-bdb/config.c | 22 +- servers/slapd/back-bdb/init.c | 2 +- servers/slapd/back-ldif/ldif.c | 44 +- servers/slapd/back-meta/map.c | 7 +- servers/slapd/back-monitor/init.c | 4 +- servers/slapd/backover.c | 19 +- servers/slapd/bconfig.c | 746 +++++------- servers/slapd/config.c | 41 +- servers/slapd/config.h | 40 +- servers/slapd/entry.c | 116 +- servers/slapd/limits.c | 6 +- servers/slapd/overlays/pcache.c | 554 +++++---- servers/slapd/overlays/rwm.c | 4 +- servers/slapd/overlays/syncprov.c | 127 +- servers/slapd/proto-slap.h | 6 +- servers/slapd/result.c | 8 +- servers/slapd/slap.h | 10 +- tests/data/compsearch.out | 1082 ++++++++++++++++- tests/data/test-compmatch.ldif | 71 ++ tests/scripts/test031-component-filter | 14 + tests/scripts/test036-meta-concurrency | 9 +- 36 files changed, 2299 insertions(+), 918 deletions(-) diff --git a/build/ltmain.sh b/build/ltmain.sh index cc95125f02..d54be8d39d 100755 --- a/build/ltmain.sh +++ b/build/ltmain.sh @@ -201,6 +201,22 @@ do --mode) prevopt="--mode" prev=mode ;; --mode=*) mode="$optarg" ;; + --tag=*) + case "$optarg" in + CC) + ;; + disable-shared) + build_libtool_libs=no + ;; + disable-static) + build_old_libs=no + ;; + *) + echo "unknown tag" + exit 1; + esac + ;; + --preserve-dup-deps) duplicate_deps="yes" ;; --quiet | --silent) diff --git a/build/top.mk b/build/top.mk index 57af87d6c5..afdac27b59 100644 --- a/build/top.mk +++ b/build/top.mk @@ -70,7 +70,8 @@ MKDEP_CFLAGS = @OL_MKDEP_FLAGS@ MKVERSION = $(top_srcdir)/build/mkversion -v "$(VERSION)" -LIBTOOL = @LIBTOOL@ +# libtool 1.5+ requires "--tag=CC", but leave it off until we migrate +LIBTOOL = @LIBTOOL@ # --tag=CC LIBRELEASE = @OPENLDAP_LIBRELEASE@ LIBVERSION = @OPENLDAP_LIBVERSION@ LTVERSION = -release $(LIBRELEASE) -version-info $(LIBVERSION) @@ -81,9 +82,9 @@ LTONLY_LIB = $(@PLAT@_LTONLY_LIB) # libtool --only flag for modules: depends on linkage of module # The BUILD_MOD macro is defined in each backend Makefile.in file -LTONLY_yes = static -LTONLY_mod = shared -LTONLY_MOD = # --only-$(BUILD_MOD) +LTONLY_yes = --tag=disable-shared +LTONLY_mod = --tag=disable-static +LTONLY_MOD = $(LTONLY_$(BUILD_MOD)) # platform-specific libtool flags NT_LTFLAGS_LIB = -no-undefined -avoid-version -rpath $(libdir) diff --git a/configure b/configure index 5114195c2c..d602d6aa0c 100755 --- a/configure +++ b/configure @@ -8976,7 +8976,7 @@ fi fi -if test "$ac_cv_header_winsock_h" = yes; then +if test "$ac_cv_cygwin" != yes && test "$ac_cv_header_winsock_h" = yes; then echo $ac_n "checking for winsock""... $ac_c" 1>&6 echo "configure:8982: checking for winsock" >&5 if eval "test \"\${ol_cv_winsock+set}\" = set"; then diff --git a/configure.in b/configure.in index 28d5571160..41bb936798 100644 --- a/configure.in +++ b/configure.in @@ -834,7 +834,9 @@ fi dnl The following is INTENTIONALLY scripted out because shell does not dnl support variable names with the '@' character, which is what dnl autoconf would try to generate if one merely used AC_SEARCH_LIBS -if test "$ac_cv_header_winsock_h" = yes; then +dnl +dnl Skip Winsock tests on Cygwin +if test "$ac_cv_cygwin" != yes && test "$ac_cv_header_winsock_h" = yes; then AC_CACHE_CHECK([for winsock], [ol_cv_winsock], save_LIBS="$LIBS" for curlib in ws2_32 wsock32; do diff --git a/contrib/slapd-modules/comp_match/Makefile b/contrib/slapd-modules/comp_match/Makefile index befcdd288d..f902e95486 100644 --- a/contrib/slapd-modules/comp_match/Makefile +++ b/contrib/slapd-modules/comp_match/Makefile @@ -31,7 +31,7 @@ INCS=$(LDAP_INC) $(SNACC_INC) $(OPENSSL_INC) SNACC_LIB=$(snaccdir)/c-lib/libcasn1.a SSL_LIB=/usr/local/lib/lcrypto -#LDAP_LIB=-lldap_r -llber + LIBS=$(LDAP_LIB) $(SNACC_LIB) $(SSL_LIB) all: compmatch.la diff --git a/contrib/slapd-modules/comp_match/certificate.asn1 b/contrib/slapd-modules/comp_match/certificate.asn1 index 0036f4bc07..db81897932 100644 --- a/contrib/slapd-modules/comp_match/certificate.asn1 +++ b/contrib/slapd-modules/comp_match/certificate.asn1 @@ -81,6 +81,12 @@ nullOid2 OBJECT-TYPE STATUS mandatory ::= { 1 2 840 113549 1 1 1 } +nullOid3 OBJECT-TYPE + SYNTAX NULL + ACCESS read-write + STATUS mandatory + ::= { 1 2 840 113549 1 1 5 } + printableStringOid OBJECT-TYPE SYNTAX PrintableString ACCESS read-write @@ -117,6 +123,13 @@ printableStringOid6 OBJECT-TYPE STATUS mandatory ::= { 2 5 4 11 } +printableStringOid7 OBJECT-TYPE + SYNTAX PrintableString + ACCESS read-write + STATUS mandatory + ::= { 0 9 2342 19200300 100 1 3 } + + iA5StringOid OBJECT-TYPE SYNTAX IA5String ACCESS read-write @@ -141,4 +154,22 @@ octetStringOid3 OBJECT-TYPE STATUS mandatory ::= { 2 5 29 14 } +octetStringOid4 OBJECT-TYPE + SYNTAX OCTET STRING + ACCESS read-write + STATUS mandatory + ::= { 2 5 29 21 } + +octetStringOid5 OBJECT-TYPE + SYNTAX OCTET STRING + ACCESS read-write + STATUS mandatory + ::= { 2 5 29 20 } + +octetStringOid7 OBJECT-TYPE + SYNTAX OCTET STRING + ACCESS read-write + STATUS mandatory + ::= { 2 5 29 28 } + END diff --git a/contrib/slapd-modules/comp_match/certificate.c b/contrib/slapd-modules/comp_match/certificate.c index 7c3fa8a982..8b58bdbba9 100644 --- a/contrib/slapd-modules/comp_match/certificate.c +++ b/contrib/slapd-modules/comp_match/certificate.c @@ -31,49 +31,62 @@ void init_module_AuthenticationFramework() { InitAnyAuthenticationFramework(); } - void InitAnyAuthenticationFramework() { AsnOid oid0 ={ 9, "\52\206\110\206\367\15\1\1\4" }; AsnOid oid1 ={ 9, "\52\206\110\206\367\15\1\1\1" }; - AsnOid oid2 ={ 3, "\125\4\3" }; - AsnOid oid3 ={ 3, "\125\4\6" }; - AsnOid oid4 ={ 3, "\125\4\7" }; - AsnOid oid5 ={ 3, "\125\4\10" }; - AsnOid oid6 ={ 3, "\125\4\12" }; - AsnOid oid7 ={ 3, "\125\4\13" }; - AsnOid oid8 ={ 9, "\52\206\110\206\367\15\1\11\1" }; - AsnOid oid9 ={ 3, "\125\35\23" }; - AsnOid oid10 ={ 9, "\140\206\110\1\206\370\102\1\15" }; - AsnOid oid11 ={ 3, "\125\35\16" }; + AsnOid oid2 ={ 9, "\52\206\110\206\367\15\1\1\5" }; + AsnOid oid3 ={ 3, "\125\4\3" }; + AsnOid oid4 ={ 3, "\125\4\6" }; + AsnOid oid5 ={ 3, "\125\4\7" }; + AsnOid oid6 ={ 3, "\125\4\10" }; + AsnOid oid7 ={ 3, "\125\4\12" }; + AsnOid oid8 ={ 3, "\125\4\13" }; + AsnOid oid9 ={ 10, "\11\222\46\211\223\362\54\144\1\3" }; + AsnOid oid10 ={ 9, "\52\206\110\206\367\15\1\11\1" }; + AsnOid oid11 ={ 3, "\125\35\23" }; + AsnOid oid12 ={ 9, "\140\206\110\1\206\370\102\1\15" }; + AsnOid oid13 ={ 3, "\125\35\16" }; + AsnOid oid14 ={ 3, "\125\35\25" }; + AsnOid oid15 ={ 3, "\125\35\24" }; + AsnOid oid17 ={ 3, "\125\35\34" }; InstallAnyByComponentOid (nullOid_ANY_ID, &oid0, sizeof (ComponentNull), (EncodeFcn)BEncAsnNull, (gser_decoder_func*)GDecComponentNull, (ber_tag_decoder_func*)BDecComponentNullTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentNull,(FreeFcn)FreeComponentNull, (PrintFcn)NULL); InstallAnyByComponentOid (nullOid2_ANY_ID, &oid1, sizeof (ComponentNull), (EncodeFcn)BEncAsnNull, (gser_decoder_func*)GDecComponentNull, (ber_tag_decoder_func*)BDecComponentNullTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentNull,(FreeFcn)FreeComponentNull, (PrintFcn)NULL); - InstallAnyByComponentOid (printableStringOid_ANY_ID, &oid2, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); + InstallAnyByComponentOid (nullOid3_ANY_ID, &oid2, sizeof (ComponentNull), (EncodeFcn)BEncAsnNull, (gser_decoder_func*)GDecComponentNull, (ber_tag_decoder_func*)BDecComponentNullTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentNull,(FreeFcn)FreeComponentNull, (PrintFcn)NULL); - InstallAnyByComponentOid (printableStringOid2_ANY_ID, &oid3, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); + InstallAnyByComponentOid (printableStringOid_ANY_ID, &oid3, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); - InstallAnyByComponentOid (printableStringOid3_ANY_ID, &oid4, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); + InstallAnyByComponentOid (printableStringOid2_ANY_ID, &oid4, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); - InstallAnyByComponentOid (printableStringOid4_ANY_ID, &oid5, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); + InstallAnyByComponentOid (printableStringOid3_ANY_ID, &oid5, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); - InstallAnyByComponentOid (printableStringOid5_ANY_ID, &oid6, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); + InstallAnyByComponentOid (printableStringOid4_ANY_ID, &oid6, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); - InstallAnyByComponentOid (printableStringOid6_ANY_ID, &oid7, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); + InstallAnyByComponentOid (printableStringOid5_ANY_ID, &oid7, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); - InstallAnyByComponentOid (iA5StringOid_ANY_ID, &oid8, sizeof (ComponentIA5String), (EncodeFcn)BEncIA5String, (gser_decoder_func*)GDecComponentIA5String, (ber_tag_decoder_func*)BDecComponentIA5StringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentIA5String,(FreeFcn)FreeComponentIA5String, (PrintFcn)NULL); + InstallAnyByComponentOid (printableStringOid6_ANY_ID, &oid8, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL); - InstallAnyByComponentOid (octetStringOid_ANY_ID, &oid9, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + InstallAnyByComponentOid (printableStringOid7_ANY_ID, &oid9, sizeof (ComponentTeletexString), (EncodeFcn)BEncTeletexString, (gser_decoder_func*)GDecComponentTeletexString, (ber_tag_decoder_func*)BDecComponentTeletexStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentTeletexString,(FreeFcn)FreeComponentTeletexString, (PrintFcn)NULL); - InstallAnyByComponentOid (octetStringOid2_ANY_ID, &oid10, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + InstallAnyByComponentOid (iA5StringOid_ANY_ID, &oid10, sizeof (ComponentIA5String), (EncodeFcn)BEncIA5String, (gser_decoder_func*)GDecComponentIA5String, (ber_tag_decoder_func*)BDecComponentIA5StringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentIA5String,(FreeFcn)FreeComponentIA5String, (PrintFcn)NULL); - InstallAnyByComponentOid (octetStringOid3_ANY_ID, &oid11, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + InstallAnyByComponentOid (octetStringOid_ANY_ID, &oid11, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); -} /* InitAnyAuthenticationFramework */ + InstallAnyByComponentOid (octetStringOid2_ANY_ID, &oid12, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + + InstallAnyByComponentOid (octetStringOid3_ANY_ID, &oid13, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + + InstallAnyByComponentOid (octetStringOid4_ANY_ID, &oid14, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + InstallAnyByComponentOid (octetStringOid5_ANY_ID, &oid15, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + + InstallAnyByComponentOid (octetStringOid7_ANY_ID, &oid17, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL); + +} /* InitAnyAuthenticationFramework */ int MatchingComponentAlgorithmIdentifier ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) { diff --git a/contrib/slapd-modules/comp_match/certificate.h b/contrib/slapd-modules/comp_match/certificate.h index e9cf470be7..d1df75f1aa 100644 --- a/contrib/slapd-modules/comp_match/certificate.h +++ b/contrib/slapd-modules/comp_match/certificate.h @@ -25,17 +25,21 @@ typedef enum AuthenticationFrameworkAnyId { nullOid_ANY_ID = 0, nullOid2_ANY_ID = 1, - printableStringOid_ANY_ID = 2, - printableStringOid2_ANY_ID = 3, - printableStringOid3_ANY_ID = 4, - printableStringOid4_ANY_ID = 5, - printableStringOid5_ANY_ID = 6, - printableStringOid6_ANY_ID = 7, - iA5StringOid_ANY_ID = 8, - octetStringOid_ANY_ID = 9, - octetStringOid2_ANY_ID = 10, - octetStringOid3_ANY_ID = 11} AuthenticationFrameworkAnyId; - + nullOid3_ANY_ID = 2, + printableStringOid_ANY_ID = 3, + printableStringOid2_ANY_ID = 4, + printableStringOid3_ANY_ID = 5, + printableStringOid4_ANY_ID = 6, + printableStringOid5_ANY_ID = 7, + printableStringOid6_ANY_ID = 8, + printableStringOid7_ANY_ID = 9, + iA5StringOid_ANY_ID = 10, + octetStringOid_ANY_ID = 11, + octetStringOid2_ANY_ID = 12, + octetStringOid3_ANY_ID = 13, + octetStringOid4_ANY_ID = 14, + octetStringOid5_ANY_ID = 15, + octetStringOid7_ANY_ID = 17} AuthenticationFrameworkAnyId; void InitAnyAuthenticationFramework(); diff --git a/contrib/slapd-modules/comp_match/componentlib.c b/contrib/slapd-modules/comp_match/componentlib.c index 2f435fc1fc..93141b3bc8 100644 --- a/contrib/slapd-modules/comp_match/componentlib.c +++ b/contrib/slapd-modules/comp_match/componentlib.c @@ -1363,6 +1363,52 @@ BDecComponentPrintableString( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, return LDAP_SUCCESS; } +/* + * Component BER Decoder : TeletexString + */ + +int +BDecComponentTeletexStringTag ( void* mem_op, GenBuf *b, void *v, AsnLen *bytesDecoded, int mode ) +{ + return BDecComponentTeletexString ( mem_op, b, 0, 0, v, bytesDecoded, mode|CALL_TAG_DECODER ); +} + +int +BDecComponentTeletexString( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *v, AsnLen *bytesDecoded, int mode ) +{ + char* peek_head; + int i, strLen, rc; + void* component_values; + ComponentTeletexString* k, **k2; + AsnOid result; + + k = (ComponentTeletexString*) v; + + if ( mode & DEC_ALLOC_MODE_0 ) { + k2 = (ComponentTeletexString**) v; + *k2 = (ComponentTeletexString*) CompAlloc( mem_op, sizeof( ComponentTeletexString ) ); + if ( !*k2 ) return LDAP_DECODING_ERROR; + k = *k2; + } + + if ( mode & CALL_TAG_DECODER ) { + mode = mode & CALL_CONTENT_DECODER; + rc = BDecTeletexString ( mem_op, b, &result, bytesDecoded ); + } else { + rc = BDecTeletexStringContent ( mem_op, b, tagId, len, &result, bytesDecoded ); + } + if ( rc < 0 ) { + if ( k ) CompFree ( mem_op, k ); + return LDAP_DECODING_ERROR; + } + k->value = result; + + k->comp_desc = get_component_description (BASICTYPE_T61_STR); + + return LDAP_SUCCESS; +} + + /* * Matching function : Real */ diff --git a/contrib/slapd-modules/comp_match/componentlib.h b/contrib/slapd-modules/comp_match/componentlib.h index 678f369735..31bf3759e2 100644 --- a/contrib/slapd-modules/comp_match/componentlib.h +++ b/contrib/slapd-modules/comp_match/componentlib.h @@ -316,7 +316,8 @@ typedef struct ComponentTeletexString { int GEncComponentTeletexString (GenBuf *b, ComponentTeletexString * tel_str); int GDecComponentTeletexString ( void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode ); -#define BDecComponentTeletexString BDecComponentOcts +int BDecComponentTeletexStringTag (void* mem_op, GenBuf *b, void *v, AsnLen *bytesDecoded, int mode ); +int BDecComponentTeletexString( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *v, AsnLen *bytesDecoded, int mode ); #define MatchingComponentTeletexString MatchingComponentOcts #define ExtractingComponentTeletexString(mem_op,cr,data) #define FreeComponentTeletexString FreeComponentOcts diff --git a/contrib/slapd-modules/comp_match/crl.c b/contrib/slapd-modules/comp_match/crl.c index 6c957b3195..abd82cdb2c 100644 --- a/contrib/slapd-modules/comp_match/crl.c +++ b/contrib/slapd-modules/comp_match/crl.c @@ -25,7 +25,7 @@ BDecComponentCertificateListTop( void* mem_op, GenBuf* b, void *v, AsnLen* bytes void init_module_CertificateRevokationList() { InstallOidDecoderMapping( "2.5.4.39", NULL, GDecComponentCertificateList, - BDecComponentCertificateList, + BDecComponentCertificateListTop, ExtractingComponentCertificateList, MatchingComponentCertificateList); } diff --git a/contrib/slapd-modules/comp_match/init.c b/contrib/slapd-modules/comp_match/init.c index 9226262689..5f0d86d6a8 100644 --- a/contrib/slapd-modules/comp_match/init.c +++ b/contrib/slapd-modules/comp_match/init.c @@ -236,9 +236,11 @@ comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv ExpBufFreeBuf( buf ); GenBufFreeBuf( b ); if ( rc == -1 ) { +#if 0 ShutdownNibbleMemLocal ( a->a_comp_data->cd_mem_op ); free ( a->a_comp_data ); a->a_comp_data = NULL; +#endif return (void*)NULL; } else { @@ -470,10 +472,14 @@ comp_test_all_components ( { cr->cr_curr = start_compid; rc = comp_test_components ( attr_mem_op, assert_mem_op, comp_elmt, ca ); - + if ( rc != LDAP_COMPARE_FALSE ) { + break; + } +#if 0 if ( rc == LDAP_COMPARE_TRUE ) { break; } +#endif } } break; @@ -824,6 +830,7 @@ int init_module(int argc, char *argv[]) { /* the initialization for example X.509 certificate */ init_module_AuthenticationFramework(); init_module_AuthorityKeyIdentifierDefinition(); + init_module_CertificateRevokationList(); init_attribute_aliasing_table (); init_component_description_table (); return 0; diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8 index fd629920f5..0fa5d7d54c 100644 --- a/doc/man/man8/slapd.8 +++ b/doc/man/man8/slapd.8 @@ -10,6 +10,7 @@ slapd \- Stand-alone LDAP Daemon .B [\-T {acl|add|auth|cat|dn|index|passwd|test}] .B [\-d debug\-level] .B [\-f slapd\-config\-file] +.B [\-F slapd\-config\-directory] .B [\-h URLs] .B [\-n service\-name] [\-s syslog\-level] [\-l syslog\-local\-user] .B [\-r directory] @@ -27,8 +28,7 @@ is typically invoked at boot time, usually out of Upon startup, .B slapd normally forks and disassociates itself from the invoking tty. -If configured in -.BR ETCDIR/slapd.conf , +If configured in the config file (or config directory), the .B slapd process will print its process ID (see @@ -123,6 +123,20 @@ facility. Specifies the slapd configuration file. The default is .BR ETCDIR/slapd.conf . .TP +.BI \-F " slapd\-config\-directory" +Specifies the slapd configuration file. The default is +.BR ETCDIR/slapd.d . +If both +.B -f +and +.B -F +are specified, the config file will be read and converted to +config directory format and written to the specified directory. +If neither option is specified, slapd will attempt to read the +default config directory before trying to use the default +config file. If a valid config directory exists then the +default config file is ignored. +.TP .BI \-h " URLlist" .B slapd will by default serve diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index d51ffa37d2..e71d14fcca 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -920,11 +920,11 @@ acl_get( if ( vdnlen < patlen ) continue; - if ( a->acl_dn_style == ACL_STYLE_BASE ) { + if ( a->acl_attrval_style == ACL_STYLE_BASE ) { if ( vdnlen > patlen ) continue; - } else if ( a->acl_dn_style == ACL_STYLE_ONE ) { + } else if ( a->acl_attrval_style == ACL_STYLE_ONE ) { int rdnlen = -1; if ( !DN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) @@ -934,11 +934,11 @@ acl_get( if ( rdnlen != vdnlen - patlen - 1 ) continue; - } else if ( a->acl_dn_style == ACL_STYLE_SUBTREE ) { + } else if ( a->acl_attrval_style == ACL_STYLE_SUBTREE ) { if ( vdnlen > patlen && !DN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) continue; - } else if ( a->acl_dn_style == ACL_STYLE_CHILDREN ) { + } else if ( a->acl_attrval_style == ACL_STYLE_CHILDREN ) { if ( vdnlen <= patlen ) continue; diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index c9ec267727..62f7dad9fb 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -38,10 +38,11 @@ #include "lber_pvt.h" #include "lutil.h" +static const char style_base[] = "base"; static char *style_strings[] = { "regex", "expand", - "base", + "exact", "one", "subtree", "children", @@ -2349,7 +2350,10 @@ dnaccess2text( slap_dn_access *bdn, char *ptr, int is_realdn ) } else { ptr = lutil_strcopy( ptr, "dn." ); - ptr = lutil_strcopy( ptr, style_strings[bdn->a_style] ); + if ( bdn->a_style == ACL_STYLE_BASE ) + ptr = lutil_strcopy( ptr, style_base ); + else + ptr = lutil_strcopy( ptr, style_strings[bdn->a_style] ); if ( bdn->a_style == ACL_STYLE_LEVEL ) { int n = sprintf( ptr, "{%d}", bdn->a_level ); if ( n > 0 ) { @@ -2406,30 +2410,52 @@ access2text( Access *b, char *ptr ) } if ( !BER_BVISEMPTY( &b->a_peername_pat ) ) { - ptr = lutil_strcopy( ptr, " peername=\"" ); + ptr = lutil_strcopy( ptr, " peername" ); + *ptr++ = '.'; + ptr = lutil_strcopy( ptr, style_strings[b->a_peername_style] ); + *ptr++ = '='; + *ptr++ = '"'; ptr = lutil_strcopy( ptr, b->a_peername_pat.bv_val ); *ptr++ = '"'; } if ( !BER_BVISEMPTY( &b->a_sockname_pat ) ) { - ptr = lutil_strcopy( ptr, " sockname=\"" ); + ptr = lutil_strcopy( ptr, " sockname" ); + *ptr++ = '.'; + ptr = lutil_strcopy( ptr, style_strings[b->a_sockname_style] ); + *ptr++ = '='; + *ptr++ = '"'; ptr = lutil_strcopy( ptr, b->a_sockname_pat.bv_val ); *ptr++ = '"'; } if ( !BER_BVISEMPTY( &b->a_domain_pat ) ) { - ptr = lutil_strcopy( ptr, " domain=" ); + ptr = lutil_strcopy( ptr, " domain" ); + *ptr++ = '.'; + ptr = lutil_strcopy( ptr, style_strings[b->a_domain_style] ); + if ( b->a_domain_expand ) { + ptr = lutil_strcopy( ptr, ",expand" ); + } + *ptr++ = '='; ptr = lutil_strcopy( ptr, b->a_domain_pat.bv_val ); } if ( !BER_BVISEMPTY( &b->a_sockurl_pat ) ) { - ptr = lutil_strcopy( ptr, " sockurl=\"" ); + ptr = lutil_strcopy( ptr, " sockurl" ); + *ptr++ = '.'; + ptr = lutil_strcopy( ptr, style_strings[b->a_sockurl_style] ); + *ptr++ = '='; + *ptr++ = '"'; ptr = lutil_strcopy( ptr, b->a_sockurl_pat.bv_val ); *ptr++ = '"'; } if ( !BER_BVISEMPTY( &b->a_set_pat ) ) { - ptr = lutil_strcopy( ptr, " set=\"" ); + ptr = lutil_strcopy( ptr, " set" ); + *ptr++ = '.'; + ptr = lutil_strcopy( ptr, style_strings[b->a_set_style] ); + *ptr++ = '='; + *ptr++ = '"'; ptr = lutil_strcopy( ptr, b->a_set_pat.bv_val ); *ptr++ = '"'; } @@ -2515,7 +2541,10 @@ acl_unparse( AccessControl *a, struct berval *bv ) if ( !BER_BVISNULL( &a->acl_dn_pat ) ) { to++; ptr = lutil_strcopy( ptr, " dn." ); - ptr = lutil_strcopy( ptr, style_strings[a->acl_dn_style] ); + if ( a->acl_dn_style == ACL_STYLE_BASE ) + ptr = lutil_strcopy( ptr, style_base ); + else + ptr = lutil_strcopy( ptr, style_strings[a->acl_dn_style] ); *ptr++ = '='; *ptr++ = '"'; ptr = lutil_strcopy( ptr, a->acl_dn_pat.bv_val ); @@ -2557,7 +2586,12 @@ acl_unparse( AccessControl *a, struct berval *bv ) if ( !BER_BVISEMPTY( &a->acl_attrval ) ) { to++; ptr = lutil_strcopy( ptr, " val." ); - ptr = lutil_strcopy( ptr, style_strings[a->acl_attrval_style] ); + if ( a->acl_attrval_style == ACL_STYLE_BASE && + a->acl_attrs[0].an_desc->ad_type->sat_syntax == + slap_schema.si_syn_distinguishedName ) + ptr = lutil_strcopy( ptr, style_base ); + else + ptr = lutil_strcopy( ptr, style_strings[a->acl_attrval_style] ); *ptr++ = '='; *ptr++ = '"'; ptr = lutil_strcopy( ptr, a->acl_attrval.bv_val ); diff --git a/servers/slapd/back-bdb/config.c b/servers/slapd/back-bdb/config.c index 063f10134b..5eef6adc16 100644 --- a/servers/slapd/back-bdb/config.c +++ b/servers/slapd/back-bdb/config.c @@ -30,15 +30,12 @@ # define SLAP_BDB_ALLOW_DIRTY_READ #endif -#define bdb_cf_oc BDB_SYMBOL(cf_oc) #define bdb_cf_gen BDB_SYMBOL(cf_gen) #define bdb_cf_cleanup BDB_SYMBOL(cf_cleanup) #define bdb_checkpoint BDB_SYMBOL(checkpoint) #define bdb_online_index BDB_SYMBOL(online_index) -static ObjectClass *bdb_oc; - -static ConfigDriver bdb_cf_oc, bdb_cf_gen; +static ConfigDriver bdb_cf_gen; enum { BDB_CHKPT = 1, @@ -52,8 +49,6 @@ enum { }; static ConfigTable bdbcfg[] = { - { "", "", 0, 0, 0, ARG_MAGIC, - bdb_cf_oc, NULL, NULL, NULL }, { "directory", "dir", 2, 2, 0, ARG_STRING|ARG_MAGIC|BDB_DIRECTORY, bdb_cf_gen, "( OLcfgDbAt:0.1 NAME 'olcDbDirectory' " "DESC 'Directory for database content' " @@ -132,20 +127,10 @@ static ConfigOCs bdbocs[] = { "olcDbNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ " "olcDbIndex $ olcDbLinearIndex $ olcDbLockDetect $ " "olcDbMode $ olcDbSearchStack $ olcDbShmKey ) )", - Cft_Database, &bdb_oc }, + Cft_Database, bdbcfg }, { NULL, 0, NULL } }; -static int -bdb_cf_oc(ConfigArgs *c) -{ - if ( c->op == SLAP_CONFIG_EMIT ) { - value_add_one( &c->rvalue_vals, &bdb_oc->soc_cname ); - return 0; - } - return 1; -} - static slap_verbmasks bdb_lockd[] = { { BER_BVC("default"), DB_LOCK_DEFAULT }, { BER_BVC("oldest"), DB_LOCK_OLDEST }, @@ -617,10 +602,9 @@ bdb_cf_gen(ConfigArgs *c) int bdb_back_init_cf( BackendInfo *bi ) { int rc; - bi->bi_cf_table = bdbcfg; + bi->bi_cf_ocs = bdbocs; rc = config_register_schema( bdbcfg, bdbocs ); if ( rc ) return rc; - bdbcfg[0].ad = slap_schema.si_ad_objectClass; return 0; } diff --git a/servers/slapd/back-bdb/init.c b/servers/slapd/back-bdb/init.c index 84ecfe3087..b63961f027 100644 --- a/servers/slapd/back-bdb/init.c +++ b/servers/slapd/back-bdb/init.c @@ -71,7 +71,7 @@ bdb_db_init( BackendDB *be ) ldap_pvt_thread_rdwr_init ( &bdb->bi_cache.c_rwlock ); be->be_private = bdb; - be->be_cf_table = be->bd_info->bi_cf_table; + be->be_cf_ocs = be->bd_info->bi_cf_ocs; return 0; } diff --git a/servers/slapd/back-ldif/ldif.c b/servers/slapd/back-ldif/ldif.c index 636ce7ee6b..10f7a523d1 100644 --- a/servers/slapd/back-ldif/ldif.c +++ b/servers/slapd/back-ldif/ldif.c @@ -61,13 +61,7 @@ struct ldif_info { #define ENTRY_BUFF_INCREMENT 500 -static ObjectClass *ldif_oc; - -static ConfigDriver ldif_cf; - static ConfigTable ldifcfg[] = { - { "", "", 0, 0, 0, ARG_MAGIC, - ldif_cf, NULL, NULL, NULL }, { "directory", "dir", 2, 2, 0, ARG_BERVAL|ARG_OFFSET, (void *)offsetof(struct ldif_info, li_base_path), "( OLcfgDbAt:0.1 NAME 'olcDbDirectory' " @@ -83,21 +77,10 @@ static ConfigOCs ldifocs[] = { "NAME 'olcLdifConfig' " "DESC 'LDIF backend configuration' " "SUP olcDatabaseConfig " - "MUST ( olcDbDirectory ) )", Cft_Database, - &ldif_oc }, + "MUST ( olcDbDirectory ) )", Cft_Database, ldifcfg }, { NULL, 0, NULL } }; -static int -ldif_cf( ConfigArgs *c ) -{ - if ( c->op == SLAP_CONFIG_EMIT ) { - value_add_one( &c->rvalue_vals, &ldif_oc->soc_cname ); - return 0; - } - return 1; -} - static void dn2path(struct berval * dn, struct berval * rootdn, struct berval * base_path, struct berval *res) @@ -349,7 +332,7 @@ static int r_enum_tree(enumCookie *ck, struct berval *path, ck->op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE ); - send_search_reference( ck->op, ck->rs ); + rc = send_search_reference( ck->op, ck->rs ); ber_bvarray_free( ck->rs->sr_ref ); ber_bvarray_free( erefs ); @@ -360,9 +343,11 @@ static int r_enum_tree(enumCookie *ck, struct berval *path, ck->rs->sr_entry = e; ck->rs->sr_attrs = ck->op->ors_attrs; ck->rs->sr_flags = REP_ENTRY_MODIFIABLE; - send_search_entry(ck->op, ck->rs); + rc = send_search_entry(ck->op, ck->rs); } fd = 1; + if ( rc ) + goto leave; } else { /* Queueing up for tool mode */ if(ck->entries == NULL) { @@ -456,12 +441,14 @@ static int r_enum_tree(enumCookie *ck, struct berval *path, list = ptr->next; - if ( ptr->num.bv_val ) - AC_MEMCPY( ptr->bv.bv_val + ptr->off, ptr->num.bv_val, - ptr->num.bv_len ); - fullpath( path, &ptr->bv, &fpath ); - r_enum_tree(ck, &fpath, &e->e_name, &e->e_nname ); - free(fpath.bv_val); + if ( rc == LDAP_SUCCESS ) { + if ( ptr->num.bv_val ) + AC_MEMCPY( ptr->bv.bv_val + ptr->off, ptr->num.bv_val, + ptr->num.bv_len ); + fullpath( path, &ptr->bv, &fpath ); + rc = r_enum_tree(ck, &fpath, &e->e_name, &e->e_nname ); + free(fpath.bv_val); + } if ( ptr->num.bv_val ) free( ptr->num.bv_val ); free(ptr->bv.bv_val); @@ -1165,7 +1152,7 @@ ldif_back_db_init( BackendDB *be ) ni = ch_calloc( 1, sizeof(struct ldif_info) ); be->be_private = ni; - be->be_cf_table = be->bd_info->bi_cf_table; + be->be_cf_ocs = ldifocs; ldap_pvt_thread_mutex_init(&ni->li_mutex); return 0; } @@ -1210,8 +1197,6 @@ ldif_back_initialize( bi->bi_controls = controls; - bi->bi_cf_table = ldifcfg; - bi->bi_open = 0; bi->bi_close = 0; bi->bi_config = 0; @@ -1255,6 +1240,5 @@ ldif_back_initialize( rc = config_register_schema( ldifcfg, ldifocs ); if ( rc ) return rc; - ldifcfg[0].ad = slap_schema.si_ad_objectClass; return 0; } diff --git a/servers/slapd/back-meta/map.c b/servers/slapd/back-meta/map.c index 29a1ade97f..62533e339f 100644 --- a/servers/slapd/back-meta/map.c +++ b/servers/slapd/back-meta/map.c @@ -539,6 +539,7 @@ ldap_back_filter_map_rewrite( int rc; dncookie fdc; struct berval ftmp; + static char *dmy = ""; rc = ldap_back_int_filter_map_rewrite( dc, f, fstr, remap ); @@ -553,7 +554,7 @@ ldap_back_filter_map_rewrite( fdc.ctx = "searchFilter"; switch ( rewrite_session( fdc.target->mt_rwmap.rwm_rw, fdc.ctx, - ( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : "" ), + ( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : dmy ), fdc.conn, &fstr->bv_val ) ) { case REWRITE_REGEXEC_OK: @@ -586,6 +587,10 @@ ldap_back_filter_map_rewrite( rc = LDAP_OTHER; break; } + + if ( fstr->bv_val == dmy ) { + BER_BVZERO( fstr ); + } #endif /* ENABLE_REWRITE */ return rc; diff --git a/servers/slapd/back-monitor/init.c b/servers/slapd/back-monitor/init.c index c73caff65f..08ce16f5fd 100644 --- a/servers/slapd/back-monitor/init.c +++ b/servers/slapd/back-monitor/init.c @@ -1429,8 +1429,8 @@ monitor_back_db_open( "cn: Monitor\n" "description: This subtree contains monitoring/managing objects.\n" "description: This object contains information about this server.\n" - "description: Most of the information is contained in operational\n" - "description: attributeTypes, which must be explicitly requested.\n" + "description: Most of the information is held in operational" + " attributeTypes, which must be explicitly requested.\n" "creatorsName: %s\n" "modifiersName: %s\n" "createTimestamp: %s\n" diff --git a/servers/slapd/backover.c b/servers/slapd/backover.c index ddcc0233c1..599899ff85 100644 --- a/servers/slapd/backover.c +++ b/servers/slapd/backover.c @@ -25,6 +25,7 @@ #define SLAPD_TOOLS #include "slap.h" +#include "config.h" static slap_overinst *overlays; @@ -71,6 +72,8 @@ over_db_config( slap_overinfo *oi = be->bd_info->bi_private; slap_overinst *on = oi->oi_list; BackendInfo *bi_orig = be->bd_info; + ConfigArgs ca = {0}; + ConfigTable *ct; int rc = 0; if ( oi->oi_orig->bi_db_config ) { @@ -123,8 +126,22 @@ over_db_config( if ( rc != SLAP_CONF_UNKNOWN ) return rc; } + ca.argv = argv; + ca.argc = argc; + ca.fname = fname; + ca.lineno = lineno; + ca.be = be; for (; on; on=on->on_next) { - if (on->on_bi.bi_db_config) { + rc = SLAP_CONF_UNKNOWN; + if (on->on_bi.bi_cf_ocs) { + ConfigTable *ct; + ca.bi = &on->on_bi; + ct = config_find_keyword( on->on_bi.bi_cf_ocs->co_table, &ca ); + if ( ct ) { + rc = config_add_vals( ct, &ca ); + } + } + if (on->on_bi.bi_db_config && rc == SLAP_CONF_UNKNOWN) { be->bd_info = &on->on_bi; rc = on->on_bi.bi_db_config( be, fname, lineno, argc, argv ); diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c index 40b339c344..89295d327c 100644 --- a/servers/slapd/bconfig.c +++ b/servers/slapd/bconfig.c @@ -62,24 +62,6 @@ typedef struct ConfigFile { BerVarray c_dseFiles; } ConfigFile; -typedef struct CfOcInfo { - struct berval *co_name; - ConfigTable *co_table; - ConfigType co_type; - ObjectClass *co_oc; -} CfOcInfo; - -typedef struct CfEntryInfo { - struct CfEntryInfo *ce_parent; - struct CfEntryInfo *ce_sibs; - struct CfEntryInfo *ce_kids; - Entry *ce_entry; - ConfigType ce_type; - BackendInfo *ce_bi; - BackendDB *ce_be; - void *ce_private; -} CfEntryInfo; - typedef struct { ConfigFile *cb_config; CfEntryInfo *cb_root; @@ -104,9 +86,6 @@ static struct berval cfdir; static AttributeDescription *cfAd_backend, *cfAd_database, *cfAd_overlay, *cfAd_include; -static ObjectClass *cfOc_schema, *cfOc_global, *cfOc_backend, *cfOc_database, - *cfOc_include, *cfOc_overlay, *cfOc_module; - static ConfigFile cf_prv, *cfn = &cf_prv; static Avlnode *CfOcTree; @@ -218,7 +197,7 @@ static OidRec OidMacros[] = { /* alphabetical ordering */ -ConfigTable config_back_cf_table[] = { +static ConfigTable config_back_cf_table[] = { /* This attr is read-only */ { "", "", 0, 0, 0, ARG_MAGIC, &config_fname, "( OLcfgGlAt:78 NAME 'olcConfigFile' " @@ -590,6 +569,18 @@ ConfigTable config_back_cf_table[] = { NULL, NULL, NULL, NULL } }; +/* Routines to check if a child can be added to this type */ +static ConfigLDAPadd cfAddSchema, cfAddInclude, cfAddDatabase, + cfAddBackend, cfAddModule, cfAddOverlay; + +#define CFOC_GLOBAL cf_ocs[1] +#define CFOC_SCHEMA cf_ocs[2] +#define CFOC_BACKEND cf_ocs[3] +#define CFOC_DATABASE cf_ocs[4] +#define CFOC_OVERLAY cf_ocs[5] +#define CFOC_INCLUDE cf_ocs[6] +#define CFOC_MODULE cf_ocs[7] + static ConfigOCs cf_ocs[] = { { "( OLcfgGlOc:1 " "NAME 'olcConfig' " @@ -620,19 +611,19 @@ static ConfigOCs cf_ocs[] = { "olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ " "olcTLSRandFile $ olcTLSVerifyClient $ " "olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ " - "olcDitContentRules ) )", Cft_Global, &cfOc_global }, + "olcDitContentRules ) )", Cft_Global }, { "( OLcfgGlOc:3 " "NAME 'olcSchemaConfig' " "DESC 'OpenLDAP schema object' " "SUP olcConfig STRUCTURAL " "MAY ( cn $ olcObjectIdentifier $ olcAttributeTypes $ " "olcObjectClasses $ olcDitContentRules ) )", - Cft_Schema, &cfOc_schema }, + Cft_Schema, NULL, cfAddSchema }, { "( OLcfgGlOc:4 " "NAME 'olcBackendConfig' " "DESC 'OpenLDAP Backend-specific options' " "SUP olcConfig STRUCTURAL " - "MUST olcBackend )", Cft_Backend, &cfOc_backend }, + "MUST olcBackend )", Cft_Backend, NULL, cfAddBackend }, { "( OLcfgGlOc:5 " "NAME 'olcDatabaseConfig' " "DESC 'OpenLDAP Database-specific options' " @@ -643,26 +634,26 @@ static ConfigOCs cf_ocs[] = { "olcReplogFile $ olcRequires $ olcRestrict $ olcRootDN $ olcRootPW $ " "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSyncrepl $ " "olcTimeLimit $ olcUpdateDN $ olcUpdateRef ) )", - Cft_Database, &cfOc_database }, + Cft_Database, NULL, cfAddDatabase }, { "( OLcfgGlOc:6 " "NAME 'olcOverlayConfig' " "DESC 'OpenLDAP Overlay-specific options' " "SUP olcConfig STRUCTURAL " - "MUST olcOverlay )", Cft_Overlay, &cfOc_overlay }, + "MUST olcOverlay )", Cft_Overlay, NULL, cfAddOverlay }, { "( OLcfgGlOc:7 " "NAME 'olcIncludeFile' " "DESC 'OpenLDAP configuration include file' " "SUP olcConfig STRUCTURAL " "MUST olcInclude " "MAY ( cn $ olcRootDSE ) )", - Cft_Include, &cfOc_include }, + Cft_Include, NULL, cfAddInclude }, #ifdef SLAPD_MODULES { "( OLcfgGlOc:8 " "NAME 'olcModuleList' " "DESC 'OpenLDAP dynamic module info' " "SUP olcConfig STRUCTURAL " "MUST ( olcModulePath $ olcModuleLoad ) " - "MAY cn )", Cft_Module, &cfOc_module }, + "MAY cn )", Cft_Module, NULL, cfAddModule }, #endif { NULL, 0, NULL } }; @@ -1241,9 +1232,10 @@ config_generic(ConfigArgs *c) { default: - Debug(LDAP_DEBUG_ANY, "%s: unknown CFG_TYPE %d" + Debug( SLAPD_DEBUG_CONFIG_ERROR, + "%s: unknown CFG_TYPE %d" SLAPD_CONF_UNKNOWN_IGNORED ".\n", - c->log, c->type, 0); + c->log, c->type, 0 ); #ifdef SLAPD_CONF_UNKNOWN_BAILOUT return 1; #endif /* SLAPD_CONF_UNKNOWN_BAILOUT */ @@ -1431,7 +1423,7 @@ config_sizelimit(ConfigArgs *c) { c->log, c->msg, c->argv[i]); return(1); } else if(next[0] != '\0') { - Debug(LDAP_DEBUG_ANY, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "trailing chars \"%s\" in \"sizelimit \" line" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, next, 0); @@ -1488,7 +1480,7 @@ config_timelimit(ConfigArgs *c) { c->log, c->msg, c->argv[i]); return(1); } else if(next[0] != '\0') { - Debug(LDAP_DEBUG_ANY, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "trailing chars \"%s\" in \"timelimit \" line" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, next, 0); @@ -1505,6 +1497,7 @@ config_timelimit(ConfigArgs *c) { static int config_overlay(ConfigArgs *c) { + slap_overinfo *oi; if (c->op == SLAP_CONFIG_EMIT) { return 1; } else if ( c->op == LDAP_MOD_DELETE ) { @@ -1512,7 +1505,7 @@ config_overlay(ConfigArgs *c) { } if(c->argv[1][0] == '-' && overlay_config(c->be, &c->argv[1][1])) { /* log error */ - Debug(LDAP_DEBUG_ANY, "%s: (optional) %s overlay \"%s\" configuration failed" + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: (optional) %s overlay \"%s\" configuration failed" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, c->be == frontendDB ? "global " : "", c->argv[1][1]); #ifdef SLAPD_CONF_UNKNOWN_BAILOUT @@ -1521,6 +1514,11 @@ config_overlay(ConfigArgs *c) { } else if(overlay_config(c->be, c->argv[1])) { return(1); } + /* Setup context for subsequent config directives. + * The newly added overlay is at the head of the list. + */ + oi = (slap_overinfo *)c->be->bd_info; + c->bi = &oi->oi_list->on_bi; return(0); } @@ -1574,7 +1572,8 @@ config_suffix(ConfigArgs *c) { ndn = c->value_ndn; tbe = select_backend(&ndn, 0, 0); if(tbe == c->be) { - Debug(LDAP_DEBUG_ANY, "%s: suffix already served by this backend!" + Debug( SLAPD_DEBUG_CONFIG_ERROR, + "%s: suffix already served by this backend!" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, 0, 0); #ifdef SLAPD_CONF_UNKNOWN_BAILOUT @@ -2114,7 +2113,7 @@ config_replica(ConfigArgs *c) { if(!strncasecmp(c->argv[i], "suffix=", STRLENOF( "suffix="))) { switch(add_replica_suffix(c->be, nr, c->argv[i] + STRLENOF("suffix="))) { case 1: - Debug(LDAP_DEBUG_ANY, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "suffix \"%s\" in \"replica\" line is not valid for backend" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, c->argv[i] + STRLENOF("suffix="), 0); @@ -2123,7 +2122,7 @@ config_replica(ConfigArgs *c) { #endif /* SLAPD_CONF_UNKNOWN_BAILOUT */ break; case 2: - Debug(LDAP_DEBUG_ANY, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "unable to normalize suffix in \"replica\" line" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, 0, 0); @@ -2264,7 +2263,7 @@ config_include(ConfigArgs *c) { } cfn = cf; ber_str2bv( c->argv[1], 0, 1, &cf->c_file ); - rc = read_config_file(c->argv[1], c->depth + 1, c); + rc = read_config_file(c->argv[1], c->depth + 1, c, config_back_cf_table); c->lineno = savelineno - 1; cfn = cfsave; if ( rc ) { @@ -2408,7 +2407,7 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) { ConfigArgs c = {0}; ConfigTable *ct; char *argv[3]; - int rc; + int rc = 0; slap_callback cb = { NULL, config_ldif_resp, NULL, NULL }; Connection conn = {0}; char opbuf[OPERATION_BUFFER_SIZE]; @@ -2450,7 +2449,7 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) { argv[2] = NULL; c.argv = argv; - ct = config_find_keyword( c.be->be_cf_table, &c ); + ct = config_find_keyword( c.be->be_cf_ocs->co_table, &c ); if ( !ct ) return 1; @@ -2488,18 +2487,18 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) { cb.sc_private = cfb; op->o_bd = &cfb->cb_db; - op->o_bd->be_search( op, &rs ); + rc = op->o_bd->be_search( op, &rs ); } cfb->cb_use_ldif = 1; - return 0; + return rc; } static int -CfOcInfo_cmp( const void *c1, const void *c2 ) { - const CfOcInfo *co1 = c1; - const CfOcInfo *co2 = c2; +CfOc_cmp( const void *c1, const void *c2 ) { + const ConfigOCs *co1 = c1; + const ConfigOCs *co2 = c2; return ber_bvcmp( co1->co_name, co2->co_name ); } @@ -2507,7 +2506,6 @@ CfOcInfo_cmp( const void *c1, const void *c2 ) { int config_register_schema(ConfigTable *ct, ConfigOCs *ocs) { int i; - CfOcInfo *co; i = init_config_attrs( ct ); if ( i ) return i; @@ -2516,14 +2514,12 @@ config_register_schema(ConfigTable *ct, ConfigOCs *ocs) { i = init_config_ocs( ocs ); if ( i ) return i; - for (i=0; ocs[i].def; i++) { - if ( ocs[i].oc ) { - co = ch_malloc( sizeof(CfOcInfo) ); - co->co_oc = *ocs[i].oc; - co->co_name = &co->co_oc->soc_cname; - co->co_table = ct; - co->co_type = ocs[i].cft; - avl_insert( &CfOcTree, co, CfOcInfo_cmp, avl_dup_error ); + for (i=0; ocs[i].co_def; i++) { + if ( ocs[i].co_oc ) { + ocs[i].co_name = &ocs[i].co_oc->soc_cname; + if ( !ocs[i].co_table ) + ocs[i].co_table = ct; + avl_insert( &CfOcTree, &ocs[i], CfOc_cmp, avl_dup_error ); } } return 0; @@ -2573,7 +2569,7 @@ read_config(const char *fname, const char *dir) { else cfname = SLAPD_DEFAULT_CONFIGFILE; - rc = read_config_file(cfname, 0, NULL); + rc = read_config_file(cfname, 0, NULL, config_back_cf_table); if ( rc == 0 ) ber_str2bv( cfname, 0, 1, &cf_prv.c_file ); @@ -2641,7 +2637,7 @@ config_send( Operation *op, SlapReply *rs, CfEntryInfo *ce, int depth ) } static ConfigTable * -config_find_table( CfOcInfo **colst, int nocs, AttributeDescription *ad ) +config_find_table( ConfigOCs **colst, int nocs, AttributeDescription *ad ) { int i, j; @@ -2660,7 +2656,7 @@ config_find_table( CfOcInfo **colst, int nocs, AttributeDescription *ad ) * list the attributes in the desired sequence. */ static void -sort_attrs( Entry *e, CfOcInfo **colst, int nocs ) +sort_attrs( Entry *e, ConfigOCs **colst, int nocs ) { Attribute *a, *head = NULL, *tail = NULL, **prev; int i, j; @@ -2872,20 +2868,20 @@ check_name_index( CfEntryInfo *parent, ConfigType ce_type, Entry *e, return 0; } -static CfOcInfo ** +static ConfigOCs ** count_ocs( Attribute *oc_at, int *nocs ) { int i, j, n; - CfOcInfo co, *coptr, **colst; + ConfigOCs co, *coptr, **colst; /* count the objectclasses */ for ( i=0; oc_at->a_nvals[i].bv_val; i++ ); n = i; - colst = (CfOcInfo **)ch_malloc( n * sizeof(CfOcInfo *)); + colst = (ConfigOCs **)ch_malloc( n * sizeof(ConfigOCs *)); for ( i=0, j=0; ia_nvals[i]; - coptr = avl_find( CfOcTree, &co, CfOcInfo_cmp ); + coptr = avl_find( CfOcTree, &co, CfOc_cmp ); /* ignore non-config objectclasses. probably should be * an error, general data doesn't belong here. @@ -2901,18 +2897,91 @@ count_ocs( Attribute *oc_at, int *nocs ) return colst; } +static int +cfAddInclude( CfEntryInfo *p, Entry *e, ConfigArgs *ca ) +{ + if ( p->ce_type != Cft_Global && p->ce_type != Cft_Include ) + return LDAP_CONSTRAINT_VIOLATION; + + /* If we're reading from a configdir, don't parse this entry */ + if ( ca->lineno ) + return LDAP_COMPARE_TRUE; + + if ( p->ce_type == Cft_Global ) + cfn = &cf_prv; + else + cfn = p->ce_private; + ca->private = cfn; + return LDAP_SUCCESS; +} + +static int +cfAddSchema( CfEntryInfo *p, Entry *e, ConfigArgs *ca ) +{ + ConfigFile *cfo; + + /* This entry is hardcoded, don't re-parse it */ + if ( p->ce_type == Cft_Global ) { + cfn = &cf_prv; + ca->private = cfn; + return LDAP_COMPARE_TRUE; + } + if ( p->ce_type != Cft_Schema ) + return LDAP_CONSTRAINT_VIOLATION; + + cfn = ch_calloc( 1, sizeof(ConfigFile) ); + ca->private = cfn; + cfo = p->ce_private; + cfn->c_sibs = cfo->c_kids; + cfo->c_kids = cfn; + return LDAP_SUCCESS; +} + +static int +cfAddDatabase( CfEntryInfo *p, Entry *e, struct config_args_s *ca ) +{ + if ( p->ce_type != Cft_Global ) + return LDAP_CONSTRAINT_VIOLATION; + ca->be = frontendDB; /* just to get past check_vals */ + return LDAP_SUCCESS; +} + +static int +cfAddBackend( CfEntryInfo *p, Entry *e, struct config_args_s *ca ) +{ + if ( p->ce_type != Cft_Global ) + return LDAP_CONSTRAINT_VIOLATION; + return LDAP_SUCCESS; +} + +static int +cfAddModule( CfEntryInfo *p, Entry *e, struct config_args_s *ca ) +{ + if ( p->ce_type != Cft_Global ) + return LDAP_CONSTRAINT_VIOLATION; + return LDAP_SUCCESS; +} + +static int +cfAddOverlay( CfEntryInfo *p, Entry *e, struct config_args_s *ca ) +{ + if ( p->ce_type != Cft_Database ) + return LDAP_CONSTRAINT_VIOLATION; + ca->be = p->ce_be; + return LDAP_SUCCESS; +} + /* Parse an LDAP entry into config directives */ static int config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum ) { CfEntryInfo *ce, *last; - CfOcInfo **colst; - Attribute *a, *oc_at, *type_attr; - AttributeDescription *type_ad = NULL; + ConfigOCs **colst; + Attribute *a, *oc_at; int i, j, nocs, rc = 0; ConfigArgs ca = {0}; struct berval pdn; - ConfigTable *ct, *type_ct = NULL; + ConfigTable *ct; char *ptr; /* Make sure parent exists and entry does not */ @@ -2934,123 +3003,56 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum ) oc_at = attr_find( e->e_attrs, slap_schema.si_ad_objectClass ); if ( !oc_at ) return LDAP_OBJECT_CLASS_VIOLATION; - colst = count_ocs( oc_at, &nocs ); - - /* Only the root can be Cft_Global, everything else must - * have a parent. Only limited nesting arrangements are allowed. + /* Fake the coordinates based on whether we're part of an + * LDAP Add or if reading the config dir */ - switch( colst[0]->co_type ) { - case Cft_Global: - if ( last ) { - rc = LDAP_CONSTRAINT_VIOLATION; - goto leave; - } - break; - case Cft_Schema: - case Cft_Backend: - case Cft_Database: - case Cft_Include: - if ( !last || ( last->ce_type != Cft_Global && - last->ce_type != colst[0]->co_type )) { - rc = LDAP_CONSTRAINT_VIOLATION; - goto leave; - } - break; - case Cft_Overlay: - if ( !last || ( last->ce_type != Cft_Global && - last->ce_type != Cft_Database && - last->ce_type != colst[0]->co_type )) { - rc = LDAP_CONSTRAINT_VIOLATION; - goto leave; - } - break; -#ifdef SLAPD_MODULES - case Cft_Module: - if ( !last || last->ce_type != Cft_Global ) { - rc = LDAP_CONSTRAINT_VIOLATION; - goto leave; - } -#endif - break; + if ( rs ) { + ca.fname = "slapd"; + ca.lineno = 0; + } else { + ca.fname = cfdir.bv_val; + ca.lineno = 1; } - sort_attrs( e, colst, nocs ); + colst = count_ocs( oc_at, &nocs ); - /* Parse all the values and check for simple syntax errors before - * performing any set actions. + /* Only the root can be Cft_Global, everything else must + * have a parent. Only limited nesting arrangements are allowed. */ - switch (colst[0]->co_type) { - case Cft_Schema: - /* The cn=schema entry is all hardcoded, so never reparse it */ - if (last->ce_type == Cft_Global ) - goto ok; - cfn = ch_calloc( 1, sizeof(ConfigFile) ); - ca.private = cfn; - break; - case Cft_Global: + rc = LDAP_CONSTRAINT_VIOLATION; + if ( colst[0]->co_type == Cft_Global && !last ) { cfn = &cf_prv; ca.private = cfn; ca.be = frontendDB; /* just to get past check_vals */ - break; + rc = LDAP_SUCCESS; + } - case Cft_Backend: - if ( last->ce_type == Cft_Backend ) - ca.bi = last->ce_bi; - else - type_ad = cfAd_backend; - break; - case Cft_Database: - if ( last->ce_type == Cft_Database ) { - ca.be = last->ce_be; - } else { - type_ad = cfAd_database; - /* dummy, just to get past check_vals */ - ca.be = frontendDB; + /* Check whether the Add is allowed by its parent, and do + * any necessary arg setup + */ + if ( last ) { + for ( i=0; ico_ldadd && + ( rc = colst[i]->co_ldadd( last, e, &ca )) + != LDAP_CONSTRAINT_VIOLATION ) { + break; + } } - break; - - case Cft_Overlay: - ca.be = last->ce_be; - type_ad = cfAd_overlay; - break; + } - case Cft_Include: - if ( !rs ) { - nocs = 0; /* ignored */ - break; - } - if ( last->ce_type == Cft_Global ) - cfn = &cf_prv; - else - cfn = last->ce_private; - type_ad = cfAd_include; - break; -#ifdef SLAPD_MODULES - case Cft_Module: { -#if 0 - ModPaths *mp; - char *ptr; - ptr = strchr( e->e_name.bv_val, '{' ); - if ( !ptr ) { - rc = LDAP_NAMING_VIOLATION; - goto leave; - } - j = atoi(ptr+1); - for (i=0, mp=&modpaths; mp && imp_next); - /* There is no corresponding modpath for this load? */ - if ( i != j ) { - rc = LDAP_NAMING_VIOLATION; - goto leave; - } - module_path( mp->mp_path.bv_val ); - ca.private = mp; -#endif - } - break; -#endif + /* Add the entry but don't parse it, we already have its contents */ + if ( rc == LDAP_COMPARE_TRUE ) { + rc = LDAP_SUCCESS; + goto ok; } - /* If doing an LDAPadd, check for indexed names and any necessary + if ( rc != LDAP_SUCCESS ) + goto leave; + + /* Parse all the values and check for simple syntax errors before + * performing any set actions. + * + * If doing an LDAPadd, check for indexed names and any necessary * renaming/renumbering. Entries that don't need indexed names are * ignored. Entries that need an indexed name and arrive without one * are assigned to the end. Entries that arrive with an index may @@ -3068,22 +3070,12 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum ) goto leave; init_config_argv( &ca ); - if ( type_ad ) { - type_attr = attr_find( e->e_attrs, type_ad ); - if ( !type_attr ) { - rc = LDAP_OBJECT_CLASS_VIOLATION; - goto leave; - } - type_ct = config_find_table( colst, nocs, type_ad ); - if ( !type_ct ) { - rc = LDAP_OBJECT_CLASS_VIOLATION; - goto leave; - } - rc = check_vals( type_ct, &ca, type_attr, 1); - if ( rc ) goto leave; - } + + /* Make sure we process attrs in the required order */ + sort_attrs( e, colst, nocs ); + for ( a=e->e_attrs; a; a=a->a_next ) { - if ( a == type_attr || a == oc_at ) continue; + if ( a == oc_at ) continue; ct = config_find_table( colst, nocs, a->a_desc ); if ( !ct ) continue; /* user data? */ rc = check_vals( ct, &ca, a, 1 ); @@ -3091,21 +3083,8 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum ) } /* Basic syntax checks are OK. Do the actual settings. */ - if ( type_ct ) { - ca.line = type_attr->a_vals[0].bv_val; - if ( type_ad->ad_type->sat_flags & SLAP_AT_ORDERED ) { - ptr = strchr( ca.line, '}' ); - if ( ptr ) ca.line = ptr+1; - } - ca.valx = 0; - rc = config_parse_add( type_ct, &ca ); - if ( rc ) { - rc = LDAP_OTHER; - goto leave; - } - } for ( a=e->e_attrs; a; a=a->a_next ) { - if ( a == type_attr || a == oc_at ) continue; + if ( a == oc_at ) continue; ct = config_find_table( colst, nocs, a->a_desc ); if ( !ct ) continue; /* user data? */ for (i=0; a->a_vals[i].bv_val; i++) { @@ -3212,7 +3191,7 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs, Entry *e = ce->ce_entry; Attribute *save_attrs = e->e_attrs, *oc_at; ConfigTable *ct; - CfOcInfo **colst; + ConfigOCs **colst; int i, nocs; char *ptr; delrec *dels = NULL, *deltail = NULL; @@ -3228,6 +3207,7 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs, ca->be = ce->ce_be; ca->bi = ce->ce_bi; ca->private = ce->ce_private; + ca->ca_entry = e; strcpy( ca->log, "back-config" ); for (ml = op->orm_modlist; ml; ml=ml->sml_next) { @@ -3595,121 +3575,119 @@ out: return 0; } -static Entry * -config_alloc_entry( CfEntryInfo *parent, struct berval *rdn ) +static void +config_build_attrs( Entry *e, AttributeType **at, AttributeDescription *ad, + ConfigTable *ct, ConfigArgs *c ) +{ + int i, rc; + + for (; at && *at; at++) { + /* Skip the naming attr */ + if ((*at)->sat_ad == ad || (*at)->sat_ad == slap_schema.si_ad_cn ) + continue; + for (i=0;ct[i].name;i++) { + if (ct[i].ad == (*at)->sat_ad) { + rc = config_get_vals(&ct[i], c); + if (rc == LDAP_SUCCESS) { + if ( c->rvalue_nvals ) + attr_merge(e, ct[i].ad, c->rvalue_vals, + c->rvalue_nvals); + else + attr_merge_normalize(e, ct[i].ad, + c->rvalue_vals, NULL); + ber_bvarray_free( c->rvalue_nvals ); + ber_bvarray_free( c->rvalue_vals ); + } + break; + } + } + } +} + +Entry * +config_build_entry( Operation *op, SlapReply *rs, CfEntryInfo *parent, + ConfigArgs *c, struct berval *rdn, ConfigOCs *main, ConfigOCs *extra ) { Entry *e = ch_calloc( 1, sizeof(Entry) ); CfEntryInfo *ce = ch_calloc( 1, sizeof(CfEntryInfo) ); + struct berval val; + struct berval ad_name; + AttributeDescription *ad = NULL; + int rc; + char *ptr; + const char *text; + Attribute *oc_at; struct berval pdn; + ObjectClass *oc; + CfEntryInfo *ceprev = NULL; e->e_private = ce; ce->ce_entry = e; ce->ce_parent = parent; if ( parent ) { pdn = parent->ce_entry->e_nname; + if ( parent->ce_kids ) + for ( ceprev = parent->ce_kids; ceprev->ce_sibs; + ceprev = ceprev->ce_sibs ); } else { BER_BVZERO( &pdn ); } + ce->ce_type = main->co_type; + ce->ce_private = c->private; + ce->ce_be = c->be; + ce->ce_bi = c->bi; + build_new_dn( &e->e_name, &pdn, rdn, NULL ); ber_dupbv( &e->e_nname, &e->e_name ); - return e; -} -#define NO_TABLE 0 -#define BI_TABLE 1 -#define BE_TABLE 2 - -static int -config_build_entry( ConfigArgs *c, Entry *e, ObjectClass *oc, - struct berval *rdn, ConfigTable *ct, int table ) -{ - struct berval val; - struct berval ad_name; - AttributeDescription *ad = NULL; - int rc, i; - char *ptr; - const char *text; - AttributeType **at; - Attribute *oc_at; - - val = oc->soc_cname; - attr_merge_normalize_one(e, slap_schema.si_ad_objectClass, &val, NULL ); + attr_merge_normalize_one(e, slap_schema.si_ad_objectClass, + main->co_name, NULL ); + if ( extra ) + attr_merge_normalize_one(e, slap_schema.si_ad_objectClass, + extra->co_name, NULL ); ptr = strchr(rdn->bv_val, '='); ad_name.bv_val = rdn->bv_val; ad_name.bv_len = ptr - rdn->bv_val; rc = slap_bv2ad( &ad_name, &ad, &text ); if ( rc ) { - return rc; + return NULL; } val.bv_val = ptr+1; val.bv_len = rdn->bv_len - (val.bv_val - rdn->bv_val); attr_merge_normalize_one(e, ad, &val, NULL ); - for (at=oc->soc_required; at && *at; at++) { - /* Skip the naming attr */ - if ((*at)->sat_ad == ad || (*at)->sat_ad == slap_schema.si_ad_cn ) - continue; - for (i=0;ct[i].name;i++) { - if (ct[i].ad == (*at)->sat_ad) { - rc = config_get_vals(&ct[i], c); - if (rc == LDAP_SUCCESS) { - if ( c->rvalue_nvals ) - attr_merge(e, ct[i].ad, c->rvalue_vals, - c->rvalue_nvals); - else - attr_merge_normalize(e, ct[i].ad, - c->rvalue_vals, NULL); - ber_bvarray_free( c->rvalue_nvals ); - ber_bvarray_free( c->rvalue_vals ); - } - break; - } - } - } + oc = main->co_oc; + if ( oc->soc_required ) + config_build_attrs( e, oc->soc_required, ad, main->co_table, c ); - for (at=oc->soc_allowed; at && *at; at++) { - /* Skip the naming attr */ - if ((*at)->sat_ad == ad || (*at)->sat_ad == slap_schema.si_ad_cn ) - continue; - for (i=0;ct[i].name;i++) { - if (ct[i].ad == (*at)->sat_ad) { - rc = config_get_vals(&ct[i], c); - if (rc == LDAP_SUCCESS) { - if ( c->rvalue_nvals ) - attr_merge(e, ct[i].ad, c->rvalue_vals, c->rvalue_nvals); - else - attr_merge_normalize(e, ct[i].ad, c->rvalue_vals, NULL); - ber_bvarray_free( c->rvalue_nvals ); - ber_bvarray_free( c->rvalue_vals ); - } - break; - } - } - } + if ( oc->soc_allowed ) + config_build_attrs( e, oc->soc_allowed, ad, main->co_table, c ); - if ( table ) { - if ( table == BI_TABLE ) - ct = c->bi->bi_cf_table; - else - ct = c->be->be_cf_table; - for (;ct && ct->name;ct++) { - if (!ct->ad) continue; - rc = config_get_vals(ct, c); - if (rc == LDAP_SUCCESS) { - if ( c->rvalue_nvals ) - attr_merge(e, ct->ad, c->rvalue_vals, c->rvalue_nvals); - else - attr_merge_normalize(e, ct->ad, c->rvalue_vals, NULL); - } - } + if ( extra ) { + oc = extra->co_oc; + if ( oc->soc_required ) + config_build_attrs( e, oc->soc_required, ad, extra->co_table, c ); + + if ( oc->soc_allowed ) + config_build_attrs( e, oc->soc_allowed, ad, extra->co_table, c ); } + oc_at = attr_find( e->e_attrs, slap_schema.si_ad_objectClass ); rc = structural_class(oc_at->a_vals, &val, NULL, &text, c->msg, sizeof(c->msg)); attr_merge_normalize_one(e, slap_schema.si_ad_structuralObjectClass, &val, NULL ); + if ( op ) { + op->ora_e = e; + op->o_bd->be_add( op, rs ); + } + if ( ceprev ) { + ceprev->ce_sibs = ce; + } else if ( parent ) { + parent->ce_kids = ce; + } - return 0; + return e; } static void @@ -3718,15 +3696,9 @@ config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent, { Entry *e; ConfigFile *cf = c->private; - CfEntryInfo *ce, *ceprev; char *ptr; struct berval bv; - if ( ceparent->ce_kids ) { - for ( ceprev = ceparent->ce_kids; ceprev->ce_sibs; - ceprev = ceprev->ce_sibs ); - } - for (; cf; cf=cf->c_sibs, c->depth++) { c->value_dn.bv_val = c->log; bv.bv_val = strrchr(cf->c_file.bv_val, LDAP_DIRSEP[0]); @@ -3745,115 +3717,55 @@ config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent, c->value_dn.bv_len += bv.bv_len; c->value_dn.bv_val[c->value_dn.bv_len] ='\0'; - e = config_alloc_entry( ceparent, &c->value_dn ); c->private = cf; - config_build_entry( c, e, cfOc_schema, &c->value_dn, - c->bi->bi_cf_table, NO_TABLE ); - ce = e->e_private; - ce->ce_private = cf; - ce->ce_type = Cft_Schema; - if ( op ) { - op->ora_e = e; - op->o_bd->be_add( op, rs ); - } - ce->ce_bi = c->bi; - if ( !ceparent->ce_kids ) { - ceparent->ce_kids = ce; - } else { - ceprev->ce_sibs = ce; - } - ceprev = ce; - if ( cf->c_kids ) { + e = config_build_entry( op, rs, ceparent, c, &c->value_dn, + &CFOC_SCHEMA, NULL ); + if ( e && cf->c_kids ) { c->private = cf->c_kids; - config_build_schema_inc( c, ceparent, op, rs ); + config_build_schema_inc( c, e->e_private, op, rs ); } } } -static CfEntryInfo * +static void config_build_includes( ConfigArgs *c, CfEntryInfo *ceparent, Operation *op, SlapReply *rs ) { Entry *e; int i; ConfigFile *cf = c->private; - CfEntryInfo *ce, *ceprev; - - if ( ceparent->ce_kids ) { - for ( ceprev = ceparent->ce_kids; ceprev->ce_sibs; - ceprev = ceprev->ce_sibs ); - } for (i=0; cf; cf=cf->c_sibs, i++) { c->value_dn.bv_val = c->log; c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=include" IFMT, i); - e = config_alloc_entry( ceparent, &c->value_dn ); c->private = cf; - config_build_entry( c, e, cfOc_include, &c->value_dn, - c->bi->bi_cf_table, NO_TABLE ); - if ( op ) { - op->ora_e = e; - op->o_bd->be_add( op, rs ); - } - ce = e->e_private; - ce->ce_private = cf; - ce->ce_type = Cft_Include; - ce->ce_bi = c->bi; - if ( !ceparent->ce_kids ) { - ceparent->ce_kids = ce; - } else { - ceprev->ce_sibs = ce; - } - ceprev = ce; - if ( cf->c_kids ) { + e = config_build_entry( op, rs, ceparent, c, &c->value_dn, + &CFOC_INCLUDE, NULL ); + if ( e && cf->c_kids ) { c->private = cf->c_kids; - config_build_includes( c, ce, op, rs ); + config_build_includes( c, e->e_private, op, rs ); } } - return ce; } #ifdef SLAPD_MODULES -static CfEntryInfo * +static void config_build_modules( ConfigArgs *c, CfEntryInfo *ceparent, Operation *op, SlapReply *rs ) { - Entry *e; int i; - CfEntryInfo *ce, *ceprev; ModPaths *mp; - if ( ceparent->ce_kids ) { - for ( ceprev = ceparent->ce_kids; ceprev->ce_sibs; - ceprev = ceprev->ce_sibs ); - } - for (i=0, mp=&modpaths; mp; mp=mp->mp_next, i++) { if ( BER_BVISNULL( &mp->mp_path ) && !mp->mp_loads ) continue; c->value_dn.bv_val = c->log; c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=module" IFMT, i); - e = config_alloc_entry( ceparent, &c->value_dn ); - ce = e->e_private; - ce->ce_type = Cft_Include; c->private = mp; - ce->ce_private = mp; - config_build_entry( c, e, cfOc_module, &c->value_dn, - c->bi->bi_cf_table, NO_TABLE ); - if ( op ) { - op->ora_e = e; - op->o_bd->be_add( op, rs ); - } - ce->ce_bi = c->bi; - if ( !ceparent->ce_kids ) { - ceparent->ce_kids = ce; - } else { - ceprev->ce_sibs = ce; - } - ceprev = ce; + config_build_entry( op, rs, ceparent, c, &c->value_dn, + &CFOC_MODULE, NULL ); } - return ce; } #endif @@ -3895,89 +3807,59 @@ config_back_db_open( BackendDB *be ) /* create root of tree */ rdn = config_rdn; - e = config_alloc_entry( NULL, &rdn ); + c.private = cfb->cb_config; + c.be = frontendDB; + e = config_build_entry( op, &rs, NULL, &c, &rdn, &CFOC_GLOBAL, NULL ); ce = e->e_private; - ce->ce_type = Cft_Global; cfb->cb_root = ce; - c.be = be; - c.bi = be->bd_info; - c.private = cfb->cb_config; - ct = c.bi->bi_cf_table; - ce->ce_private = c.private; - config_build_entry( &c, e, cfOc_global, &rdn, ct, NO_TABLE ); - if ( op ) { - op->ora_e = e; - op->o_bd->be_add( op, &rs ); - } - ce->ce_bi = c.bi; parent = e; ceparent = ce; + /* Create includeFile nodes */ + if ( cfb->cb_config->c_kids ) { + c.depth = 0; + c.private = cfb->cb_config->c_kids; + config_build_includes( &c, ceparent, op, &rs ); + } + +#ifdef SLAPD_MODULES + /* Create Module nodes... */ + if ( modpaths.mp_loads ) { + config_build_modules( &c, ceparent, op, &rs ); + } +#endif + /* Create schema nodes... cn=schema will contain the hardcoded core * schema, read-only. Child objects will contain runtime loaded schema * files. */ rdn = schema_rdn; - e = config_alloc_entry( ceparent, &rdn ); - ce = e->e_private; - ce->ce_type = Cft_Schema; c.private = NULL; - config_build_entry( &c, e, cfOc_schema, &rdn, ct, NO_TABLE ); - if ( op ) { - op->ora_e = e; - op->o_bd->be_add( op, &rs ); - } - if ( !ceparent->ce_kids ) { - ceparent->ce_kids = ce; - } else { - ceprev->ce_sibs = ce; - } - ceprev = ce; + e = config_build_entry( op, &rs, ceparent, &c, &rdn, &CFOC_SCHEMA, NULL ); + ce = e->e_private; - /* Create includeFile nodes and schema nodes for included schema... */ + /* Create schema nodes for included schema... */ if ( cfb->cb_config->c_kids ) { c.depth = 0; c.private = cfb->cb_config->c_kids; config_build_schema_inc( &c, ce, op, &rs ); - c.private = cfb->cb_config->c_kids; - ceprev = config_build_includes( &c, ceparent, op, &rs ); } -#ifdef SLAPD_MODULES - /* Create Module nodes... */ - if ( modpaths.mp_loads ) { - ceprev = config_build_modules( &c, ceparent, op, &rs ); - } -#endif - /* Create backend nodes. Skip if they don't provide a cf_table. * There usually aren't any of these. */ c.line = 0; LDAP_STAILQ_FOREACH( bi, &backendInfo, bi_next) { - if (!bi->bi_cf_table) continue; + if (!bi->bi_cf_ocs) continue; if (!bi->bi_private) continue; rdn.bv_val = c.log; rdn.bv_len = sprintf(rdn.bv_val, "%s=%s", cfAd_backend->ad_cname.bv_val, bi->bi_type); - e = config_alloc_entry( ceparent, &rdn ); - ce = e->e_private; - ce->ce_type = Cft_Backend; - ce->ce_bi = bi; c.bi = bi; - config_build_entry( &c, e, cfOc_backend, &rdn, ct, BI_TABLE ); - if ( op ) { - op->ora_e = e; - op->o_bd->be_add( op, &rs ); - } - if ( !ceparent->ce_kids ) { - ceparent->ce_kids = ce; - } else { - ceprev->ce_sibs = ce; - } - ceprev = ce; + e = config_build_entry( op, &rs, ceparent, &c, &rdn, &CFOC_BACKEND, + bi->bi_cf_ocs ); } /* Create database nodes... */ @@ -3999,53 +3881,29 @@ config_back_db_open( BackendDB *be ) rdn.bv_val = c.log; rdn.bv_len = sprintf(rdn.bv_val, "%s=" IFMT "%s", cfAd_database->ad_cname.bv_val, i, bi->bi_type); - e = config_alloc_entry( ceparent, &rdn ); - ce = e->e_private; c.be = bptr; c.bi = bi; - ce->ce_type = Cft_Database; - ce->ce_be = c.be; - ce->ce_bi = c.bi; - config_build_entry( &c, e, cfOc_database, &rdn, ct, BE_TABLE ); - if ( op ) { - op->ora_e = e; - op->o_bd->be_add( op, &rs ); - } - if ( !ceparent->ce_kids ) { - ceparent->ce_kids = ce; - } else { - ceprev->ce_sibs = ce; - } - ceprev = ce; + e = config_build_entry( op, &rs, ceparent, &c, &rdn, &CFOC_DATABASE, + be->be_cf_ocs ); + ce = e->e_private; + if ( be->be_cf_ocs && be->be_cf_ocs->co_cfadd ) + be->be_cf_ocs->co_cfadd( op, &rs, e, &c ); /* Iterate through overlays */ if ( oi ) { slap_overinst *on; Entry *oe; - CfEntryInfo *opar = ce, *oprev = NULL; int j; for (j=0,on=oi->oi_list; on; j++,on=on->on_next) { rdn.bv_val = c.log; rdn.bv_len = sprintf(rdn.bv_val, "%s=" IFMT "%s", cfAd_overlay->ad_cname.bv_val, j, on->on_bi.bi_type ); - oe = config_alloc_entry( opar, &rdn ); - ce = oe->e_private; c.be = bptr; c.bi = &on->on_bi; - ce->ce_type = Cft_Overlay; - ce->ce_be = c.be; - ce->ce_bi = c.bi; - config_build_entry( &c, oe, cfOc_overlay, &rdn, ct, BI_TABLE ); - if ( op ) { - op->ora_e = oe; - op->o_bd->be_add( op, &rs ); - } - if ( !opar->ce_kids ) { - opar->ce_kids = ce; - } else { - oprev->ce_sibs = ce; - } - oprev = ce; + oe = config_build_entry( op, &rs, ce, &c, &rdn, + &CFOC_OVERLAY, c.bi->bi_cf_ocs ); + if ( c.bi->bi_cf_ocs && c.bi->bi_cf_ocs->co_cfadd ) + c.bi->bi_cf_ocs->co_cfadd( op, &rs, oe, &c ); } } } @@ -4259,7 +4117,7 @@ config_back_initialize( BackendInfo *bi ) parse_oidm( "slapd", i, 3, argv, 0, NULL ); } - bi->bi_cf_table = ct; + bi->bi_cf_ocs = cf_ocs; i = config_register_schema( ct, cf_ocs ); if ( i ) return i; diff --git a/servers/slapd/config.c b/servers/slapd/config.c index 143a806358..851fdae3b9 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -78,7 +78,8 @@ static int fp_parse_line(ConfigArgs *c); static char *strtok_quote(char *line, char *sep, char **quote_ptr); -int read_config_file(const char *fname, int depth, ConfigArgs *cf); +int read_config_file(const char *fname, int depth, ConfigArgs *cf, + ConfigTable *cft ); ConfigArgs * new_config_args( BackendDB *be, const char *fname, int lineno, int argc, char **argv ) @@ -445,27 +446,25 @@ int init_config_ocs( ConfigOCs *ocs ) { int i; - for (i=0;ocs[i].def;i++) { + for (i=0;ocs[i].co_def;i++) { LDAPObjectClass *oc; int code; const char *err; - oc = ldap_str2objectclass( ocs[i].def, &code, &err, + oc = ldap_str2objectclass( ocs[i].co_def, &code, &err, LDAP_SCHEMA_ALLOW_ALL ); if ( !oc ) { fprintf( stderr, "init_config_ocs: objectclass \"%s\": %s, %s\n", - ocs[i].def, ldap_scherr2str(code), err ); + ocs[i].co_def, ldap_scherr2str(code), err ); return code; } code = oc_add(oc,0,NULL,&err); if ( code && code != SLAP_SCHERR_CLASS_DUP ) { fprintf( stderr, "init_config_ocs: objectclass \"%s\": %s, %s\n", - ocs[i].def, scherr2str(code), err ); + ocs[i].co_def, scherr2str(code), err ); return code; } - if ( ocs[i].oc ) { - *ocs[i].oc = oc_find(oc->oc_names[0]); - } + ocs[i].co_oc = oc_find(oc->oc_names[0]); ldap_memfree(oc); } return 0; @@ -513,7 +512,7 @@ config_parse_add(ConfigTable *ct, ConfigArgs *c) } int -read_config_file(const char *fname, int depth, ConfigArgs *cf) +read_config_file(const char *fname, int depth, ConfigArgs *cf, ConfigTable *cft) { FILE *fp; ConfigTable *ct; @@ -569,7 +568,7 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) } if ( c->argc < 1 ) { - Debug(LDAP_DEBUG_CONFIG, "%s: bad config line" + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: bad config line" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, 0, 0); #ifdef SLAPD_CONF_UNKNOWN_BAILOUT @@ -582,7 +581,7 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) c->op = SLAP_CONFIG_ADD; - ct = config_find_keyword( config_back_cf_table, c ); + ct = config_find_keyword( cft, c ); if ( ct ) { rc = config_add_vals( ct, c ); if ( !rc ) continue; @@ -599,10 +598,10 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) goto leave; } - } else if ( c->bi ) { + } else if ( c->bi && !c->be ) { rc = SLAP_CONF_UNKNOWN; - if ( c->bi->bi_cf_table ) { - ct = config_find_keyword( c->bi->bi_cf_table, c ); + if ( c->bi->bi_cf_ocs ) { + ct = config_find_keyword( c->bi->bi_cf_ocs->co_table, c ); if ( ct ) { rc = config_add_vals( ct, c ); } @@ -614,7 +613,7 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) if ( rc ) { switch(rc) { case SLAP_CONF_UNKNOWN: - Debug(LDAP_DEBUG_CONFIG, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "unknown directive <%s> inside backend info definition" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, *c->argv, 0); @@ -629,8 +628,8 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) } else if ( c->be ) { rc = SLAP_CONF_UNKNOWN; - if ( c->be->be_cf_table ) { - ct = config_find_keyword( c->be->be_cf_table, c ); + if ( c->be->be_cf_ocs ) { + ct = config_find_keyword( c->be->be_cf_ocs->co_table, c ); if ( ct ) { rc = config_add_vals( ct, c ); } @@ -642,7 +641,7 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) if ( rc ) { switch(rc) { case SLAP_CONF_UNKNOWN: - Debug( LDAP_DEBUG_CONFIG, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "unknown directive <%s> inside backend database " "definition" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, *c->argv, 0); @@ -660,7 +659,7 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) if ( rc ) { switch(rc) { case SLAP_CONF_UNKNOWN: - Debug( LDAP_DEBUG_CONFIG, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "unknown directive <%s> inside global database definition" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, *c->argv, 0); @@ -674,7 +673,7 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf) } } else { - Debug(LDAP_DEBUG_CONFIG, "%s: " + Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: " "unknown directive <%s> outside backend info and database definitions" SLAPD_CONF_UNKNOWN_IGNORED ".\n", c->log, *c->argv, 0); @@ -1155,7 +1154,7 @@ int config_generic_wrapper( Backend *be, const char *fname, int lineno, sprintf( c.log, "%s: line %lu", fname, lineno ); rc = SLAP_CONF_UNKNOWN; - ct = config_find_keyword( be->be_cf_table, &c ); + ct = config_find_keyword( be->be_cf_ocs->co_table, &c ); if ( ct ) rc = config_add_vals( ct, &c ); return rc; diff --git a/servers/slapd/config.h b/servers/slapd/config.h index 909314c60e..47badfe7a3 100644 --- a/servers/slapd/config.h +++ b/servers/slapd/config.h @@ -35,7 +35,8 @@ typedef enum { Cft_Database, Cft_Overlay, Cft_Include, - Cft_Module + Cft_Module, + Cft_Misc /* backend/overlay defined */ } ConfigType; #define ARGS_USERLAND 0x00000fff @@ -66,16 +67,38 @@ typedef enum { #define ARG_BAD_CONF 0xdead0000 /* overload return values */ -extern ConfigTable config_back_cf_table[]; +/* This is a config entry's e_private data */ +typedef struct CfEntryInfo { + struct CfEntryInfo *ce_parent; + struct CfEntryInfo *ce_sibs; + struct CfEntryInfo *ce_kids; + Entry *ce_entry; + ConfigType ce_type; + BackendInfo *ce_bi; + BackendDB *ce_be; + void *ce_private; +} CfEntryInfo; + +struct config_args_s; + +/* Check if the child is allowed to be LDAPAdd'd to the parent */ +typedef int (ConfigLDAPadd)( + CfEntryInfo *parent, Entry *child, struct config_args_s *ca); + +/* Let the object create children out of slapd.conf */ +typedef int (ConfigCfAdd)( + Operation *op, SlapReply *rs, Entry *parent, struct config_args_s *ca ); typedef struct ConfigOCs { - char *def; - ConfigType cft; - ObjectClass **oc; + char *co_def; + ConfigType co_type; + ConfigTable *co_table; + ConfigLDAPadd *co_ldadd; + ConfigCfAdd *co_cfadd; + ObjectClass *co_oc; + struct berval *co_name; } ConfigOCs; -struct config_args_s; - typedef int (ConfigDriver)(struct config_args_s *c); typedef struct config_args_s { @@ -111,6 +134,7 @@ typedef struct config_args_s { int type; /* ConfigTable.arg_type & ARGS_USERLAND */ BackendDB *be; BackendInfo *bi; + Entry *ca_entry; /* entry being modified */ void *private; /* anything */ ConfigDriver *cleanup; } ConfigArgs; @@ -127,3 +151,5 @@ int config_register_schema(ConfigTable *ct, ConfigOCs *co); int config_get_vals(ConfigTable *ct, ConfigArgs *c); int config_add_vals(ConfigTable *ct, ConfigArgs *c); ConfigTable * config_find_keyword(ConfigTable *ct, ConfigArgs *c); +Entry * config_build_entry( Operation *op, SlapReply *rs, CfEntryInfo *parent, + ConfigArgs *c, struct berval *rdn, ConfigOCs *main, ConfigOCs *extra ); diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c index bd0274fb39..ffef157940 100644 --- a/servers/slapd/entry.c +++ b/servers/slapd/entry.c @@ -475,24 +475,9 @@ entry_id_cmp( const void *v_e1, const void *v_e2 ) return( e1->e_id < e2->e_id ? -1 : (e1->e_id > e2->e_id ? 1 : 0) ); } -#define entry_lenlen(l) ((l) < 0x80) ? 1 : ((l) < 0x100) ? 2 : \ - ((l) < 0x10000) ? 3 : ((l) < 0x1000000) ? 4 : 5 -#if 0 /* This is like a ber_len */ -static ber_len_t -entry_lenlen(ber_len_t len) -{ - if (len <= 0x7f) - return 1; - if (len <= 0xff) - return 2; - if (len <= 0xffff) - return 3; - if (len <= 0xffffff) - return 4; - return 5; -} -#endif +#define entry_lenlen(l) (((l) < 0x80) ? 1 : ((l) < 0x100) ? 2 : \ + ((l) < 0x10000) ? 3 : ((l) < 0x1000000) ? 4 : 5) static void entry_putlen(unsigned char **buf, ber_len_t len) @@ -530,12 +515,12 @@ entry_getlen(unsigned char **buf) return len; } -/* Add up the size of the entry for a flattened buffer */ -void entry_flatsize(Entry *e, ber_len_t *psiz, ber_len_t *plen, int norm) +/* Count up the sizes of the components of an entry */ +void entry_partsize(Entry *e, ber_len_t *plen, + int *pnattrs, int *pnvals, int norm) { - ber_len_t siz = sizeof(Entry); ber_len_t len, dnlen, ndnlen; - int i; + int i, nat = 0, nval = 0; Attribute *a; dnlen = e->e_name.bv_len; @@ -548,32 +533,45 @@ void entry_flatsize(Entry *e, ber_len_t *psiz, ber_len_t *plen, int norm) } for (a=e->e_attrs; a; a=a->a_next) { /* For AttributeDesc, we only store the attr name */ - siz += sizeof(Attribute); + nat++; len += a->a_desc->ad_cname.bv_len+1; len += entry_lenlen(a->a_desc->ad_cname.bv_len); for (i=0; a->a_vals[i].bv_val; i++) { - siz += sizeof(struct berval); + nval++; len += a->a_vals[i].bv_len + 1; len += entry_lenlen(a->a_vals[i].bv_len); } len += entry_lenlen(i); - siz += sizeof(struct berval); /* empty berval at end */ + nval++; /* empty berval at end */ if (norm && a->a_nvals != a->a_vals) { for (i=0; a->a_nvals[i].bv_val; i++) { - siz += sizeof(struct berval); + nval++; len += a->a_nvals[i].bv_len + 1; len += entry_lenlen(a->a_nvals[i].bv_len); } len += entry_lenlen(i); /* i nvals */ - siz += sizeof(struct berval); + nval++; } else { len += entry_lenlen(0); /* 0 nvals */ } } - len += 1; /* NUL byte at end */ - len += entry_lenlen(siz); - *psiz = siz; + len += entry_lenlen(nat); + len += entry_lenlen(nval); *plen = len; + *pnattrs = nat; + *pnvals = nval; +} + +/* Add up the size of the entry for a flattened buffer */ +ber_len_t entry_flatsize(Entry *e, int norm) +{ + ber_len_t len; + int nattrs, nvals; + + entry_partsize(e, &len, &nattrs, &nvals, norm); + len += sizeof(Entry) + (nattrs * sizeof(Attribute)) + + (nvals * sizeof(struct berval)); + return len; } /* Flatten an Entry into a buffer. The buffer is filled with just the @@ -585,9 +583,8 @@ void entry_flatsize(Entry *e, ber_len_t *psiz, ber_len_t *plen, int norm) */ int entry_encode(Entry *e, struct berval *bv) { - ber_len_t siz = sizeof(Entry); ber_len_t len, dnlen, ndnlen; - int i; + int i, nattrs, nvals; Attribute *a; unsigned char *ptr; @@ -596,12 +593,13 @@ int entry_encode(Entry *e, struct berval *bv) dnlen = e->e_name.bv_len; ndnlen = e->e_nname.bv_len; - entry_flatsize( e, &siz, &len, 1 ); + entry_partsize( e, &len, &nattrs, &nvals, 1 ); bv->bv_len = len; bv->bv_val = ch_malloc(len); ptr = (unsigned char *)bv->bv_val; - entry_putlen(&ptr, siz); + entry_putlen(&ptr, nattrs); + entry_putlen(&ptr, nvals); entry_putlen(&ptr, dnlen); AC_MEMCPY(ptr, e->e_dn, dnlen); ptr += dnlen; @@ -619,29 +617,28 @@ int entry_encode(Entry *e, struct berval *bv) *ptr++ = '\0'; if (a->a_vals) { for (i=0; a->a_vals[i].bv_val; i++); - entry_putlen(&ptr, i); - for (i=0; a->a_vals[i].bv_val; i++) { - entry_putlen(&ptr, a->a_vals[i].bv_len); - AC_MEMCPY(ptr, a->a_vals[i].bv_val, - a->a_vals[i].bv_len); - ptr += a->a_vals[i].bv_len; - *ptr++ = '\0'; - } - if (a->a_nvals != a->a_vals) { entry_putlen(&ptr, i); - for (i=0; a->a_nvals[i].bv_val; i++) { - entry_putlen(&ptr, a->a_nvals[i].bv_len); - AC_MEMCPY(ptr, a->a_nvals[i].bv_val, - a->a_nvals[i].bv_len); - ptr += a->a_nvals[i].bv_len; + for (i=0; a->a_vals[i].bv_val; i++) { + entry_putlen(&ptr, a->a_vals[i].bv_len); + AC_MEMCPY(ptr, a->a_vals[i].bv_val, + a->a_vals[i].bv_len); + ptr += a->a_vals[i].bv_len; *ptr++ = '\0'; } + if (a->a_nvals != a->a_vals) { + entry_putlen(&ptr, i); + for (i=0; a->a_nvals[i].bv_val; i++) { + entry_putlen(&ptr, a->a_nvals[i].bv_len); + AC_MEMCPY(ptr, a->a_nvals[i].bv_val, + a->a_nvals[i].bv_len); + ptr += a->a_nvals[i].bv_len; + *ptr++ = '\0'; + } } else { entry_putlen(&ptr, 0); } } } - *ptr = '\0'; return 0; } @@ -662,7 +659,7 @@ int entry_decode(struct berval *bv, Entry **e, void *ctx) int entry_decode(struct berval *bv, Entry **e) #endif { - int i, j, count; + int i, j, count, nattrs, nvals; int rc; Attribute *a; Entry *x; @@ -671,18 +668,28 @@ int entry_decode(struct berval *bv, Entry **e) unsigned char *ptr = (unsigned char *)bv->bv_val; BerVarray bptr; - i = entry_getlen(&ptr); - if (!i) { + nattrs = entry_getlen(&ptr); + if (!nattrs) { + Debug( LDAP_DEBUG_ANY, + "entry_decode: attribute count was zero\n", 0, 0, 0); + return LDAP_OTHER; + } + nvals = entry_getlen(&ptr); + if (!nvals) { Debug( LDAP_DEBUG_ANY, - "entry_decode: entry length was zero\n", 0, 0, 0); + "entry_decode: value count was zero\n", 0, 0, 0); return LDAP_OTHER; } + i = sizeof(Entry) + (nattrs * sizeof(Attribute)) + + (nvals * sizeof(struct berval)); #ifdef SLAP_ZONE_ALLOC x = slap_zn_calloc(1, i + bv->bv_len, ctx); AC_MEMCPY((char*)x + i, bv->bv_val, bv->bv_len); bv->bv_val = (char*)x + i; ptr = (unsigned char *)bv->bv_val; - i = entry_getlen(&ptr); + /* pointer is reset, now advance past nattrs and nvals again */ + entry_getlen(&ptr); + entry_getlen(&ptr); #else x = ch_calloc(1, i); #endif @@ -768,6 +775,9 @@ int entry_decode(struct berval *bv, Entry **e) } else { a->a_nvals = a->a_vals; } + nattrs--; + if ( !nattrs ) + break; } if (a) a->a_next = NULL; diff --git a/servers/slapd/limits.c b/servers/slapd/limits.c index 3e0dbdc815..2c4106e79a 100644 --- a/servers/slapd/limits.c +++ b/servers/slapd/limits.c @@ -901,9 +901,9 @@ limits_parse_one( } static const char *lmpats[] = { - "exact", - "exact", - "onelvel", + "base", + "base", + "onelevel", "subtree", "children", "regex", diff --git a/servers/slapd/overlays/pcache.c b/servers/slapd/overlays/pcache.c index 8b9a479632..1111e32294 100644 --- a/servers/slapd/overlays/pcache.c +++ b/servers/slapd/overlays/pcache.c @@ -32,6 +32,8 @@ #include "lutil.h" #include "ldap_rq.h" +#include "config.h" + /* query cache structs */ /* query */ @@ -1484,68 +1486,296 @@ consistency_check( #define MAX_ATTR_SETS 500 -static void find_supersets( struct attr_set* attr_sets, int numsets ); -static int compare_sets( struct attr_set* setA, int, int ); + +/* + * compares two sets of attributes (indices i and j) + * returns 0: if neither set is contained in the other set + * 1: if set i is contained in set j + * 2: if set j is contained in set i + * 3: the sets are equivalent + */ static int -proxy_cache_config( - BackendDB *be, - const char *fname, - int lineno, - int argc, - char **argv -) +compare_sets(struct attr_set* set, int i, int j) { - slap_overinst *on = (slap_overinst *)be->bd_info; + int k,l,numI,numJ; + int common=0; + int result=0; + + if (( set[i].attrs == NULL ) && ( set[j].attrs == NULL )) + return 3; + + if ( set[i].attrs == NULL ) + return 2; + + if ( set[j].attrs == NULL ) + return 1; + + numI = set[i].count; + numJ = set[j].count; + + for ( l=0; l < numI; l++ ) { + for ( k = 0; k < numJ; k++ ) { + if ( strcmp( set[i].attrs[l].an_name.bv_val, + set[j].attrs[k].an_name.bv_val ) == 0 ) + common++; + } + } + + if ( common == numI ) + result = 1; + + if ( common == numJ ) + result += 2; + + return result; +} + +static void +find_supersets ( struct attr_set* attr_sets, int numsets ) +{ + int num[MAX_ATTR_SETS]; + int i, j, res; + int* id_array; + for ( i = 0; i < MAX_ATTR_SETS; i++ ) + num[i] = 0; + + for ( i = 0; i < numsets; i++ ) { + attr_sets[i].ID_array = (int*) ch_malloc( sizeof( int ) ); + attr_sets[i].ID_array[0] = -1; + } + + for ( i = 0; i < numsets; i++ ) { + for ( j=i+1; j < numsets; j++ ) { + res = compare_sets( attr_sets, i, j ); + switch ( res ) { + case 0: + break; + case 3: + case 1: + id_array = attr_sets[i].ID_array; + attr_sets[i].ID_array = (int *) ch_realloc( id_array, + ( num[i] + 2 ) * sizeof( int )); + attr_sets[i].ID_array[num[i]] = j; + attr_sets[i].ID_array[num[i]+1] = -1; + num[i]++; + if (res == 1) + break; + case 2: + id_array = attr_sets[j].ID_array; + attr_sets[j].ID_array = (int *) ch_realloc( id_array, + ( num[j] + 2 ) * sizeof( int )); + attr_sets[j].ID_array[num[j]] = i; + attr_sets[j].ID_array[num[j]+1] = -1; + num[j]++; + break; + } + } + } +} + +enum { + PC_MAIN = 1, + PC_ATTR, + PC_TEMP, + PC_RESP +}; + +static ConfigDriver pc_cf_gen; +static ConfigLDAPadd pc_ldadd; +static ConfigCfAdd pc_cfadd; + +static ConfigTable pccfg[] = { + { "proxycache", "backend> " + " ce_type != Cft_Overlay || !p->ce_bi || + p->ce_bi->bi_cf_ocs != pcocs ) + return LDAP_CONSTRAINT_VIOLATION; + + on = (slap_overinst *)p->ce_bi; + cm = on->on_bi.bi_private; + ca->be = &cm->db; + return LDAP_SUCCESS; +} + +static int +pc_cfadd( Operation *op, SlapReply *rs, Entry *p, ConfigArgs *ca ) +{ + CfEntryInfo *pe = p->e_private; + slap_overinst *on = (slap_overinst *)pe->ce_bi; + cache_manager *cm = on->on_bi.bi_private; + struct berval bv; + + /* FIXME: should not hardcode "olcDatabase" here */ + bv.bv_len = sprintf( ca->msg, "olcDatabase=%s", cm->db.bd_info->bi_type ); + bv.bv_val = ca->msg; + ca->be = &cm->db; + + /* We can only create this entry if the database is table-driven + */ + if ( cm->db.bd_info->bi_cf_ocs ) + config_build_entry( op, rs, pe, ca, &bv, cm->db.bd_info->bi_cf_ocs, + &pcocs[1] ); + + return 0; +} + +static int +pc_cf_gen( ConfigArgs *c ) +{ + slap_overinst *on = (slap_overinst *)c->bi; cache_manager* cm = on->on_bi.bi_private; query_manager* qm = cm->qm; QueryTemplate* temp; AttributeName* attr_name; AttributeName* attrarray; const char* text=NULL; - char *argv0 = NULL; - - int index, i; - int num; - int rc = 0; - - if ( strncasecmp( argv[0], "proxycache-", STRLENOF( "proxycache-" ) ) == 0 ) { - argv0 = argv[0] + STRLENOF( "proxycache-" ); - } else { - argv0 = argv[0]; + int i, num, rc = 0; + char *ptr; + + if ( c->op == SLAP_CONFIG_EMIT ) { + struct berval bv; + switch( c->type ) { + case PC_MAIN: + bv.bv_len = sprintf( c->msg, "%s %d %d %d %d", + cm->db.bd_info->bi_type, cm->max_entries, cm->numattrsets, + cm->num_entries_limit, cm->cc_period ); + bv.bv_val = c->msg; + value_add_one( &c->rvalue_vals, &bv ); + break; + case PC_ATTR: + for (i=0; inumattrsets; i++) { + if ( !qm->attr_sets[i].count ) continue; + + bv.bv_len = sprintf( c->msg, "%d", i ); + + /* count the attr length */ + for ( attr_name = qm->attr_sets[i].attrs; + attr_name->an_name.bv_val; attr_name++ ) + bv.bv_len += attr_name->an_name.bv_len + 1; + + bv.bv_val = ch_malloc( bv.bv_len+1 ); + ptr = lutil_strcopy( bv.bv_val, c->msg ); + for ( attr_name = qm->attr_sets[i].attrs; + attr_name->an_name.bv_val; attr_name++ ) { + *ptr++ = ' '; + ptr = lutil_strcopy( ptr, attr_name->an_name.bv_val ); + } + ber_bvarray_add( &c->rvalue_vals, &bv ); + } + if ( !c->rvalue_vals ) + rc = 1; + break; + case PC_TEMP: + for (i=0; inumtemplates; i++) { + bv.bv_len = sprintf( c->msg, " %d %d", + qm->templates[i].attr_set_index, + qm->templates[i].ttl ); + bv.bv_len += qm->templates[i].querystr.bv_len + 2; + bv.bv_val = ch_malloc( bv.bv_len+1 ); + ptr = bv.bv_val; + *ptr++ = '"'; + ptr = lutil_strcopy( ptr, qm->templates[i].querystr.bv_val ); + *ptr++ = '"'; + strcpy( ptr, c->msg ); + ber_bvarray_add( &c->rvalue_vals, &bv ); + } + if ( !c->rvalue_vals ) + rc = 1; + break; + case PC_RESP: + if ( cm->response_cb == PCACHE_RESPONSE_CB_HEAD ) { + bv.bv_val = "head"; + bv.bv_len = STRLENOF("head"); + } else { + bv.bv_val = "tail"; + bv.bv_len = STRLENOF("tail"); + } + value_add_one( &c->rvalue_vals, &bv ); + break; + } + return rc; + } else if ( c->op == LDAP_MOD_DELETE ) { + return 1; /* FIXME */ +#if 0 + switch( c->type ) { + case PC_ATTR: + case PC_TEMP: + } + return rc; +#endif } - if ( strcasecmp( argv0, "proxycache" ) == 0 ) { - if ( argc < 6 ) { - fprintf( stderr, "%s: line %d: missing arguments in \"proxycache" - " " - "\"\n", fname, lineno ); + switch( c->type ) { + case PC_MAIN: + cm->numattrsets = atoi( c->argv[3] ); + if ( cm->numattrsets > MAX_ATTR_SETS ) { + sprintf( c->msg, "numattrsets must be <= %d", MAX_ATTR_SETS ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return( 1 ); } - - cm->db.bd_info = backend_info( argv[1] ); + cm->db.bd_info = backend_info( c->argv[1] ); if ( !cm->db.bd_info ) { - fprintf( stderr, "%s: line %d: backend %s unknown\n", - fname, lineno, argv[1] ); + sprintf( c->msg, "unknown backend type" ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); + return( 1 ); + } + if ( cm->db.bd_info->bi_db_init( &cm->db ) ) { + sprintf( c->msg, "backend %s init failed", c->argv[1] ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return( 1 ); } - if ( cm->db.bd_info->bi_db_init( &cm->db ) ) return( 1 ); /* This type is in use, needs to be opened */ cm->db.bd_info->bi_nDB++; - cm->max_entries = atoi( argv[2] ); + cm->max_entries = atoi( c->argv[2] ); - cm->numattrsets = atoi( argv[3] ); - if ( cm->numattrsets > MAX_ATTR_SETS ) { - fprintf( stderr, "%s: line %d: numattrsets must be <= %d\n", - fname, lineno, MAX_ATTR_SETS ); - return( 1 ); - } - - cm->num_entries_limit = atoi( argv[4] ); - cm->cc_period = atoi( argv[5] ); - Debug( LDAP_DEBUG_ANY, + cm->num_entries_limit = atoi( c->argv[4] ); + cm->cc_period = atoi( c->argv[5] ); + Debug( LDAP_DEBUG_TRACE, "Total # of attribute sets to be cached = %d\n", cm->numattrsets, 0, 0 ); qm->attr_sets = ( struct attr_set * )ch_malloc( cm->numattrsets * @@ -1553,50 +1783,41 @@ proxy_cache_config( for ( i = 0; i < cm->numattrsets; i++ ) { qm->attr_sets[i].attrs = NULL; } - - } else if ( strcasecmp( argv0, "proxyattrset" ) == 0 ) { - if ( argc < 3 ) { - fprintf( stderr, "%s: line %d: missing arguments in \"proxyattrset " - " \"\n", fname, lineno ); - return( 1 ); - } - Debug( LDAP_DEBUG_ANY, "Attribute Set # %d\n", - atoi( argv[1] ), 0, 0 ); - if (atoi(argv[1]) >= cm->numattrsets) { - fprintf( stderr, "%s; line %d index out of bounds \n", - fname, lineno ); + break; + case PC_ATTR: + num = atoi( c->argv[1] ); + if (num >= cm->numattrsets) { + sprintf( c->msg, "attrset index out of bounds" ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return 1; } - index = atoi( argv[1] ); - if ( argv[2] && strcmp( argv[2], "*" ) ) { - qm->attr_sets[index].count = argc - 2; - qm->attr_sets[index].attrs = (AttributeName*)ch_malloc( - (argc-1) * sizeof( AttributeName )); - attr_name = qm->attr_sets[index].attrs; - for ( i = 2; i < argc; i++ ) { - Debug( LDAP_DEBUG_ANY, "\t %s\n", - argv[i], 0, 0 ); - ber_str2bv( argv[i], 0, 1, - &attr_name->an_name); + if ( c->argv[2] && strcmp( c->argv[2], "*" ) ) { + qm->attr_sets[num].count = c->argc - 2; + qm->attr_sets[num].attrs = (AttributeName*)ch_malloc( + (c->argc-1) * sizeof( AttributeName )); + attr_name = qm->attr_sets[num].attrs; + for ( i = 2; i < c->argc; i++ ) { + ber_str2bv( c->argv[i], 0, 1, &attr_name->an_name); attr_name->an_desc = NULL; - slap_bv2ad( &attr_name->an_name, - &attr_name->an_desc, &text ); + if ( slap_bv2ad( &attr_name->an_name, + &attr_name->an_desc, &text )) { + strcpy( c->msg, text ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); + ch_free( qm->attr_sets[num].attrs ); + qm->attr_sets[num].attrs = NULL; + qm->attr_sets[num].count = 0; + return 1; + } attr_name++; attr_name->an_name.bv_val = NULL; attr_name->an_name.bv_len = 0; } } - } else if ( strcasecmp( argv0, "proxytemplate" ) == 0 ) { - if ( argc != 4 ) { - fprintf( stderr, "%s: line %d: missing argument(s) in " - "\"proxytemplate \" line\n", - fname, lineno ); - return( 1 ); - } - if (( i = atoi( argv[2] )) >= cm->numattrsets ) { - Debug( LDAP_DEBUG_ANY, - "%s: line %d, template index invalid\n", - fname, lineno, 0 ); + break; + case PC_TEMP: + if (( i = atoi( c->argv[2] )) >= cm->numattrsets ) { + sprintf( c->msg, "template index invalid" ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return 1; } num = cm->numtemplates; @@ -1607,63 +1828,60 @@ proxy_cache_config( temp = qm->templates + num; ldap_pvt_thread_rdwr_init( &temp->t_rwlock ); temp->query = temp->query_last = NULL; - temp->ttl = atoi( argv[3] ); + temp->ttl = atoi( c->argv[3] ); temp->no_of_queries = 0; - if ( argv[1] == NULL ) { - Debug( LDAP_DEBUG_ANY, - "Templates string not specified " - "for template %d\n", num, 0, 0 ); - return 1; - } - ber_str2bv( argv[1], 0, 1, &temp->querystr ); - Debug( LDAP_DEBUG_ANY, "Template:\n", 0, 0, 0 ); - Debug( LDAP_DEBUG_ANY, " query template: %s\n", + + ber_str2bv( c->argv[1], 0, 1, &temp->querystr ); + Debug( LDAP_DEBUG_TRACE, "Template:\n", 0, 0, 0 ); + Debug( LDAP_DEBUG_TRACE, " query template: %s\n", temp->querystr.bv_val, 0, 0 ); temp->attr_set_index = i; - Debug( LDAP_DEBUG_ANY, " attributes: \n", 0, 0, 0 ); + Debug( LDAP_DEBUG_TRACE, " attributes: \n", 0, 0, 0 ); if ( ( attrarray = qm->attr_sets[i].attrs ) != NULL ) { for ( i=0; attrarray[i].an_name.bv_val; i++ ) - Debug( LDAP_DEBUG_ANY, "\t%s\n", + Debug( LDAP_DEBUG_TRACE, "\t%s\n", attrarray[i].an_name.bv_val, 0, 0 ); } temp++; temp->querystr.bv_val = NULL; cm->numtemplates++; - - } else if ( strcasecmp( argv0, "response-callback" ) == 0 ) { - /* set to "tail" to put the response callback - * at the end of the callback list; this is required - * in case other overlays are present, so that the - * final entry is cached. */ - - if ( argc < 2 ) { - Debug( LDAP_DEBUG_ANY, - "missing specifier for \"response-callback {head(default)|tail}\" " - "callback position\n", 0, 0, 0 ); - return 1; - } - - if ( strcasecmp( argv[1], "head" ) == 0 ) { + break; + case PC_RESP: + if ( strcasecmp( c->argv[1], "head" ) == 0 ) { cm->response_cb = PCACHE_RESPONSE_CB_HEAD; - } else if ( strcasecmp( argv[1], "tail" ) == 0 ) { + } else if ( strcasecmp( c->argv[1], "tail" ) == 0 ) { cm->response_cb = PCACHE_RESPONSE_CB_TAIL; } else { - Debug( LDAP_DEBUG_ANY, - "unknown specifier %s for \"response-callback {head(default)|tail}\" " - "callback position\n", argv[1], 0, 0 ); + sprintf( c->msg, "unknown specifier" ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return 1; } + break; } - /* anything else */ - else { - rc = cm->db.bd_info->bi_db_config( &cm->db, fname, lineno, argc, argv ); - } - return rc; } +static int +proxy_cache_config( + BackendDB *be, + const char *fname, + int lineno, + int argc, + char **argv +) +{ + slap_overinst *on = (slap_overinst *)be->bd_info; + cache_manager* cm = on->on_bi.bi_private; + + /* Something for the cache database? */ + if ( cm->db.bd_info && cm->db.bd_info->bi_db_config ) + return cm->db.bd_info->bi_db_config( &cm->db, fname, lineno, + argc, argv ); + return SLAP_CONF_UNKNOWN; +} + static int proxy_cache_init( BackendDB *be @@ -1722,9 +1940,9 @@ proxy_cache_open( /* consistency check (add more...) */ for ( i = 0; i < cm->numattrsets; i++ ) { if ( cm->qm->attr_sets[i].attrs == NULL ) { - fprintf( stderr, "proxy_cache_open(): " + Debug( LDAP_DEBUG_ANY, "proxy_cache_open(): " "attr set %d (of %d) missing\n", - i, cm->numattrsets ); + i, cm->numattrsets, 0 ); return 1; } } @@ -1749,12 +1967,12 @@ proxy_cache_open( if ( BER_BVISNULL( &cm->db.be_rootndn ) || BER_BVISEMPTY( &cm->db.be_rootndn ) ) { - fprintf( stderr, "proxy_cache_open(): " + Debug( LDAP_DEBUG_ANY, "proxy_cache_open(): " "underlying database of type \"%s\"\n" " serving naming context \"%s\"\n" " has no \"rootdn\", required by \"proxycache\".\n", on->on_info->oi_orig->bi_type, - cm->db.be_suffix[0].bv_val ); + cm->db.be_suffix[0].bv_val, 0 ); return 1; } } @@ -1825,93 +2043,6 @@ proxy_cache_destroy( return rc; } -static void -find_supersets ( struct attr_set* attr_sets, int numsets ) -{ - int num[MAX_ATTR_SETS]; - int i, j, res; - int* id_array; - for ( i = 0; i < MAX_ATTR_SETS; i++ ) - num[i] = 0; - - for ( i = 0; i < numsets; i++ ) { - attr_sets[i].ID_array = (int*) ch_malloc( sizeof( int ) ); - attr_sets[i].ID_array[0] = -1; - } - - for ( i = 0; i < numsets; i++ ) { - for ( j=i+1; j < numsets; j++ ) { - res = compare_sets( attr_sets, i, j ); - switch ( res ) { - case 0: - break; - case 3: - case 1: - id_array = attr_sets[i].ID_array; - attr_sets[i].ID_array = (int *) ch_realloc( id_array, - ( num[i] + 2 ) * sizeof( int )); - attr_sets[i].ID_array[num[i]] = j; - attr_sets[i].ID_array[num[i]+1] = -1; - num[i]++; - if (res == 1) - break; - case 2: - id_array = attr_sets[j].ID_array; - attr_sets[j].ID_array = (int *) ch_realloc( id_array, - ( num[j] + 2 ) * sizeof( int )); - attr_sets[j].ID_array[num[j]] = i; - attr_sets[j].ID_array[num[j]+1] = -1; - num[j]++; - break; - } - } - } -} - -/* - * compares two sets of attributes (indices i and j) - * returns 0: if neither set is contained in the other set - * 1: if set i is contained in set j - * 2: if set j is contained in set i - * 3: the sets are equivalent - */ - -static int -compare_sets(struct attr_set* set, int i, int j) -{ - int k,l,numI,numJ; - int common=0; - int result=0; - - if (( set[i].attrs == NULL ) && ( set[j].attrs == NULL )) - return 3; - - if ( set[i].attrs == NULL ) - return 2; - - if ( set[j].attrs == NULL ) - return 1; - - numI = set[i].count; - numJ = set[j].count; - - for ( l=0; l < numI; l++ ) { - for ( k = 0; k < numJ; k++ ) { - if ( strcmp( set[i].attrs[l].an_name.bv_val, - set[j].attrs[k].an_name.bv_val ) == 0 ) - common++; - } - } - - if ( common == numI ) - result = 1; - - if ( common == numJ ) - result += 2; - - return result; -} - static slap_overinst proxy_cache; int pcache_init() @@ -1923,8 +2054,9 @@ int pcache_init() at = ldap_str2attributetype( queryid_schema, &code, &err, LDAP_SCHEMA_ALLOW_ALL ); if ( !at ) { - fprintf( stderr, "AttributeType Load failed %s %s\n", - ldap_scherr2str(code), err ); + Debug( LDAP_DEBUG_ANY, + "pcache_init: ldap_str2attributetype failed %s %s\n", + ldap_scherr2str(code), err, 0 ); return code; } code = at_add( at, 0, NULL, &err ); @@ -1933,8 +2065,9 @@ int pcache_init() } ldap_memfree( at ); if ( code ) { - fprintf( stderr, "AttributeType Load failed %s %s\n", - scherr2str(code), err ); + Debug( LDAP_DEBUG_ANY, + "pcache_init: at_add failed %s %s\n", + scherr2str(code), err, 0 ); return code; } @@ -1946,6 +2079,11 @@ int pcache_init() proxy_cache.on_bi.bi_db_destroy = proxy_cache_destroy; proxy_cache.on_bi.bi_op_search = proxy_cache_search; + proxy_cache.on_bi.bi_cf_ocs = pcocs; + + code = config_register_schema( pccfg, pcocs ); + if ( code ) return code; + return overlay_register( &proxy_cache ); } diff --git a/servers/slapd/overlays/rwm.c b/servers/slapd/overlays/rwm.c index c4f827ac4f..4ff18d6573 100644 --- a/servers/slapd/overlays/rwm.c +++ b/servers/slapd/overlays/rwm.c @@ -73,14 +73,14 @@ rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie ) return LDAP_SUCCESS; } - op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx ); - op->o_req_ndn = ndn; if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) { op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx ); op->o_req_dn = dn; } else { op->o_req_dn = ndn; } + op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx ); + op->o_req_ndn = ndn; return LDAP_SUCCESS; } diff --git a/servers/slapd/overlays/syncprov.c b/servers/slapd/overlays/syncprov.c index 3309eba85a..5c51f03c2d 100644 --- a/servers/slapd/overlays/syncprov.c +++ b/servers/slapd/overlays/syncprov.c @@ -25,6 +25,7 @@ #include #include "lutil.h" #include "slap.h" +#include "config.h" /* A modify request on a particular entry */ typedef struct modinst { @@ -1994,42 +1995,93 @@ syncprov_operational( return SLAP_CB_CONTINUE; } +enum { + SP_CHKPT = 1, + SP_SESSL +}; + +static ConfigDriver sp_cf_gen; + +static ConfigTable spcfg[] = { + { "syncprov-checkpoint", "ops> bd_info; + slap_overinst *on = (slap_overinst *)c->bi; syncprov_info_t *si = (syncprov_info_t *)on->on_bi.bi_private; - - if ( strcasecmp( argv[ 0 ], "syncprov-checkpoint" ) == 0 ) { - if ( argc != 3 ) { - fprintf( stderr, "%s: line %d: wrong number of arguments in " - "\"syncprov-checkpoint \"\n", fname, lineno ); - return -1; + int rc = 0; + + if ( c->op == SLAP_CONFIG_EMIT ) { + switch ( c->type ) { + case SP_CHKPT: + if ( si->si_chkops || si->si_chktime ) { + struct berval bv; + bv.bv_len = sprintf( c->msg, "%d %d", + si->si_chkops, si->si_chktime ); + bv.bv_val = c->msg; + value_add_one( &c->rvalue_vals, &bv ); + } else { + rc = 1; + } + break; + case SP_SESSL: + if ( si->si_logs ) { + c->value_int = si->si_logs->sl_size; + } else { + rc = 1; + } + break; } - si->si_chkops = atoi( argv[1] ); - si->si_chktime = atoi( argv[2] ) * 60; - return 0; - - } else if ( strcasecmp( argv[0], "syncprov-sessionlog" ) == 0 ) { - sessionlog *sl; - int size; - if ( argc != 2 ) { - fprintf( stderr, "%s: line %d: wrong number of arguments in " - "\"syncprov-sessionlog \"\n", fname, lineno ); - return -1; + return rc; + } else if ( c->op == LDAP_MOD_DELETE ) { + switch ( c->type ) { + case SP_CHKPT: + si->si_chkops = 0; + si->si_chktime = 0; + break; + case SP_SESSL: + if ( si->si_logs ) + si->si_logs->sl_size = 0; + else + rc = LDAP_NO_SUCH_ATTRIBUTE; + break; } - size = atoi( argv[1] ); + return rc; + } + switch ( c->type ) { + case SP_CHKPT: + si->si_chkops = atoi( c->argv[1] ); + si->si_chktime = atoi( c->argv[2] ) * 60; + break; + case SP_SESSL: { + sessionlog *sl; + int size = c->value_int; + if ( size < 0 ) { - fprintf( stderr, - "%s: line %d: session log size %d is negative\n", - fname, lineno, size ); - return -1; + sprintf( c->msg, "%s size %d is negative", + c->argv[0], size ); + Debug( LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0 ); + return ARG_BAD_CONF; } sl = si->si_logs; if ( !sl ) { @@ -2042,10 +2094,10 @@ syncprov_db_config( si->si_logs = sl; } sl->sl_size = size; - return 0; + } + break; } - - return SLAP_CONF_UNKNOWN; + return rc; } /* Cheating - we have no thread pool context for these functions, @@ -2338,13 +2390,13 @@ syncprov_init() SLAP_CTRL_HIDE|SLAP_CTRL_SEARCH, NULL, syncprov_parseCtrl, &slap_cids.sc_LDAPsync ); if ( rc != LDAP_SUCCESS ) { - fprintf( stderr, "Failed to register control %d\n", rc ); + Debug( LDAP_DEBUG_ANY, + "syncprov_init: Failed to register control %d\n", rc, 0, 0 ); return rc; } syncprov.on_bi.bi_type = "syncprov"; syncprov.on_bi.bi_db_init = syncprov_db_init; - syncprov.on_bi.bi_db_config = syncprov_db_config; syncprov.on_bi.bi_db_destroy = syncprov_db_destroy; syncprov.on_bi.bi_db_open = syncprov_db_open; syncprov.on_bi.bi_db_close = syncprov_db_close; @@ -2361,6 +2413,11 @@ syncprov_init() syncprov.on_bi.bi_extended = syncprov_op_extended; syncprov.on_bi.bi_operational = syncprov_operational; + syncprov.on_bi.bi_cf_ocs = spocs; + + rc = config_register_schema( spcfg, spocs ); + if ( rc ) return rc; + return overlay_register( &syncprov ); } diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index b9d28e5415..e2175c2279 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -690,8 +690,10 @@ LDAP_SLAPD_F (Entry *) str2entry LDAP_P(( char *s )); LDAP_SLAPD_F (Entry *) str2entry2 LDAP_P(( char *s, int checkvals )); LDAP_SLAPD_F (char *) entry2str LDAP_P(( Entry *e, int *len )); -LDAP_SLAPD_F (void) entry_flatsize LDAP_P(( - Entry *e, ber_len_t *siz, ber_len_t *len, int norm )); +LDAP_SLAPD_F (ber_len_t) entry_flatsize LDAP_P(( Entry *e, int norm )); +LDAP_SLAPD_F (void) entry_partsize LDAP_P(( Entry *e, ber_len_t *len, + int *nattrs, int *nvals, int norm )); + #ifdef SLAP_ZONE_ALLOC LDAP_SLAPD_F (int) entry_decode LDAP_P(( struct berval *bv, Entry **e, void *ctx )); diff --git a/servers/slapd/result.c b/servers/slapd/result.c index aa90811c82..964a01c3af 100644 --- a/servers/slapd/result.c +++ b/servers/slapd/result.c @@ -791,11 +791,9 @@ slap_send_search_entry( Operation *op, SlapReply *rs ) /* read back control or LDAP_CONNECTIONLESS */ ber = op->o_res_ber; } else { - ber_len_t siz, len; struct berval bv; - entry_flatsize( rs->sr_entry, &siz, &len, 0 ); - bv.bv_len = siz + len; + bv.bv_len = entry_flatsize( rs->sr_entry, 0 ); bv.bv_val = op->o_tmpalloc(bv.bv_len, op->o_tmpmemctx ); ber_init2( ber, &bv, LBER_USE_DER ); @@ -1517,7 +1515,6 @@ int slap_read_controls( BerElementBuffer berbuf; BerElement *ber = (BerElement *) &berbuf; LDAPControl c; - ber_len_t siz, len; Operation myop; Debug( LDAP_DEBUG_ANY, "slap_read_controls: (%s) %s\n", @@ -1527,8 +1524,7 @@ int slap_read_controls( rs->sr_attrs = ( oid == &slap_pre_read_bv ) ? op->o_preread_attrs : op->o_postread_attrs; - entry_flatsize( rs->sr_entry, &siz, &len, 0 ); - bv.bv_len = siz + len; + bv.bv_len = entry_flatsize( rs->sr_entry, 0 ); bv.bv_val = op->o_tmpalloc(bv.bv_len, op->o_tmpmemctx ); ber_init2( ber, &bv, LBER_USE_DER ); diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 9031c86c46..c8ffe0ba33 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -81,8 +81,10 @@ LDAP_BEGIN_DECL */ #ifdef SLAPD_CONF_UNKNOWN_BAILOUT #define SLAPD_CONF_UNKNOWN_IGNORED "" +#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_ANY #else /* ! SLAPD_CONF_UNKNOWN_BAILOUT */ #define SLAPD_CONF_UNKNOWN_IGNORED " (ignored)" +#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_CONFIG #endif /* ! SLAPD_CONF_UNKNOWN_BAILOUT */ /* @@ -1603,6 +1605,8 @@ LDAP_TAILQ_HEAD( be_pcl, slap_csn_entry ); #define SLAP_MAX_CIDS 32 /* Maximum number of supported controls */ #endif +struct ConfigOCs; /* config.h */ + struct slap_backend_db { BackendInfo *bd_info; /* pointer to shared backend info */ @@ -1773,7 +1777,7 @@ struct slap_backend_db { struct syncinfo_s *be_syncinfo; /* For syncrepl */ void *be_pb; /* Netscape plugin */ - struct ConfigTable *be_cf_table; + struct ConfigOCs *be_cf_ocs; void *be_private; /* anything the backend database needs */ LDAP_STAILQ_ENTRY(slap_backend_db) be_next; @@ -1987,8 +1991,6 @@ typedef int (BI_tool_id2entry_get) LDAP_P(( BackendDB *be, ID id, Entry **e )); typedef ID (BI_tool_entry_modify) LDAP_P(( BackendDB *be, Entry *e, struct berval *text )); -struct ConfigTable; /* config.h */ - struct slap_backend_info { char *bi_type; /* type of backend */ @@ -2116,7 +2118,7 @@ struct slap_backend_info { char bi_ctrls[SLAP_MAX_CIDS + 1]; unsigned int bi_nDB; /* number of databases of this type */ - struct ConfigTable *bi_cf_table; + struct ConfigOCs *bi_cf_ocs; void *bi_private; /* anything the backend type needs */ LDAP_STAILQ_ENTRY(slap_backend_info) bi_next ; }; diff --git a/tests/data/compsearch.out b/tests/data/compsearch.out index 73ca370b68..e07c9d4610 100644 --- a/tests/data/compsearch.out +++ b/tests/data/compsearch.out @@ -14,6 +14,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -48,6 +119,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -82,6 +224,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -116,6 +329,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -150,6 +434,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -184,6 +539,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -218,6 +644,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -252,6 +749,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -286,6 +854,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -320,6 +959,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -354,6 +1064,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -388,6 +1169,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -422,6 +1274,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -456,6 +1379,77 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com objectClass: OpenLDAPperson @@ -490,21 +1484,75 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr EkBJ/Q= - -dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com -objectClass: OpenLDAPperson -objectClass: extensibleObject -uid:: Y2hhcmxpZSA= -cn: charlie -sn: Jee -userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV - QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA - 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO - NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA - KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA - zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA - 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS - uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue - dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr - EkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE diff --git a/tests/data/test-compmatch.ldif b/tests/data/test-compmatch.ldif index eb72ab3266..d69f9f68cb 100644 --- a/tests/data/test-compmatch.ldif +++ b/tests/data/test-compmatch.ldif @@ -410,3 +410,74 @@ uid: charlie cn: beta sn: Jee userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDVQQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MONBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnAKUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUAzNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTySuz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5UedAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4XrEkBJ/Q= +certificateRevocationList;binary:: MIIP0TCCDrkCAQEwDQYJKoZIhvcNAQEFBQAwgZMxCzA + JBgNVBAYTAkFVMSswKQYDVQQKEyJDZXJ0aWZpY2F0ZXMgQXVzdHJhbGlhIFB0eSBMaW1pdGVkMSUw + IwYDVQQDExxDQVBMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTAwLgYKCZImiZPyLGQBAxQgY2FAY + 2VydGlmaWNhdGVzLWF1c3RyYWxpYS5jb20uYXUXDTAzMDcyMjAxMzAyMFoXDTAzMTEwMzAxMzUyMF + owgg27MCMCBDi/biUXDTAwMDMwNjA2MjEzM1owDDAKBgNVHRUEAwoBBDAjAgQ5Il0KFw0wMDA1MjM + wODAwNDNaMAwwCgYDVR0VBAMKAQQwIwIEOSo6ZxcNMDAwNTI5MDIyNTQzWjAMMAoGA1UdFQQDCgEE + MCMCBDkx1QAXDTAwMDUyOTAzMzYwMVowDDAKBgNVHRUEAwoBBDAjAgQ5Pd7GFw0wMDA2MDcwNTM3M + jRaMAwwCgYDVR0VBAMKAQQwIwIEOUcavBcNMDAwNjE0MDc0MjExWjAMMAoGA1UdFQQDCgEEMCMCBD + lIlLYXDTAwMDYxNTA4MzY1NlowDDAKBgNVHRUEAwoBBDAjAgQ5SeOkFw0wMDA2MTYwODIzMDVaMAw + wCgYDVR0VBAMKAQQwIwIEOUiGjRcNMDAwNjE2MDgyMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ30oX + DTAwMDYyOTA4MDQyM1owDDAKBgNVHRUEAwoBBDAjAgQ5SdUjFw0wMDA2MjkwODA1NDVaMAwwCgYDV + R0VBAMKAQQwIwIEOTHlfRcNMDAwNjMwMDYwNjA1WjAMMAoGA1UdFQQDCgEEMCMCBDkzV6EXDTAwMD + YzMDA2MDYxMVowDDAKBgNVHRUEAwoBBDAjAgQ5SIFOFw0wMDA2MzAwNjA2MjFaMAwwCgYDVR0VBAM + KAQQwIwIEOUiCbBcNMDAwNjMwMDYwNjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlIgzkXDTAwMDYzMDA2 + MDYzNlowDDAKBgNVHRUEAwoBBDAjAgQ5SIQEFw0wMDA2MzAwNjA2NDFaMAwwCgYDVR0VBAMKAQQwI + wIEOUiFBBcNMDAwNjMwMDYwNjQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlIhfQXDTAwMDYzMDA2MDY1NV + owDDAKBgNVHRUEAwoBBDAjAgQ5SIcmFw0wMDA2MzAwNjA3MDJaMAwwCgYDVR0VBAMKAQQwIwIEOUi + H4hcNMDAwNjMwMDYwNzA4WjAMMAoGA1UdFQQDCgEEMCMCBDlIiGUXDTAwMDYzMDA2MDcxNFowDDAK + BgNVHRUEAwoBBDAjAgQ5SIjaFw0wMDA2MzAwNjA3NDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiJhRcNM + DAwNjMwMDYwNzU3WjAMMAoGA1UdFQQDCgEEMCMCBDlIjoIXDTAwMDYzMDA2MDgwNFowDDAKBgNVHR + UEAwoBBDAjAgQ5SI89Fw0wMDA2MzAwNjA4MTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiP1RcNMDAwNjM + wMDYwODE1WjAMMAoGA1UdFQQDCgEEMCMCBDlIkEoXDTAwMDYzMDA2MDg0NVowDDAKBgNVHRUEAwoB + BDAjAgQ5SJC7Fw0wMDA2MzAwNjA4NTBaMAwwCgYDVR0VBAMKAQQwIwIEOUiReRcNMDAwNjMwMDYwO + DU2WjAMMAoGA1UdFQQDCgEEMCMCBDlIkgMXDTAwMDYzMDA2MDkwNFowDDAKBgNVHRUEAwoBBDAjAg + Q5SJKqFw0wMDA2MzAwNjA5MDlaMAwwCgYDVR0VBAMKAQQwIwIEOUiTJhcNMDAwNjMwMDYwOTE2WjA + MMAoGA1UdFQQDCgEEMCMCBDlIk5AXDTAwMDYzMDA2MDkyMVowDDAKBgNVHRUEAwoBBDAjAgQ5SJQ3 + Fw0wMDA2MzAwNjA5MjZaMAwwCgYDVR0VBAMKAQQwIwIEOUiVXhcNMDAwNjMwMDYwOTMyWjAMMAoGA + 1UdFQQDCgEEMCMCBDlIlgcXDTAwMDYzMDA2MDkzOFowDDAKBgNVHRUEAwoBBDAjAgQ5SJazFw0wMD + A2MzAwNjA5NDZaMAwwCgYDVR0VBAMKAQQwIwIEOUiXPxcNMDAwNjMwMDYwOTUxWjAMMAoGA1UdFQQ + DCgEEMCMCBDlIl7IXDTAwMDYzMDA2MDk1OFowDDAKBgNVHRUEAwoBBDAjAgQ5SJg0Fw0wMDA2MzAw + NjEwMDRaMAwwCgYDVR0VBAMKAQQwIwIEOUiZBBcNMDAwNjMwMDYxMDA5WjAMMAoGA1UdFQQDCgEEM + CMCBDlJzksXDTAwMDYzMDA2MTAxNVowDDAKBgNVHRUEAwoBBDAjAgQ5Sc64Fw0wMDA2MzAwNjEwMj + FaMAwwCgYDVR0VBAMKAQQwIwIEOUnPVxcNMDAwNjMwMDYxMDI3WjAMMAoGA1UdFQQDCgEEMCMCBDl + J0BAXDTAwMDYzMDA2MTAzNVowDDAKBgNVHRUEAwoBBDAjAgQ5SdDKFw0wMDA2MzAwNjEwNDNaMAww + CgYDVR0VBAMKAQQwIwIEOUnRZRcNMDAwNjMwMDYxMDQ5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ0d0XD + TAwMDYzMDA2MTA1N1owDDAKBgNVHRUEAwoBBDAjAgQ5SdJ4Fw0wMDA2MzAwNjExMTVaMAwwCgYDVR + 0VBAMKAQQwIwIEOUnTDBcNMDAwNjMwMDYxMTIxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ04oXDTAwMDY + zMDA2MTEyN1owDDAKBgNVHRUEAwoBBDAjAgQ5SdQSFw0wMDA2MzAwNjExMzNaMAwwCgYDVR0VBAMK + AQQwIwIEOUnUoBcNMDAwNjMwMDYxMTM5WjAMMAoGA1UdFQQDCgEEMCMCBDlJ2SQXDTAwMDYzMDA2M + TE1M1owDDAKBgNVHRUEAwoBBDAjAgQ5SdmwFw0wMDA2MzAwNjEyMDVaMAwwCgYDVR0VBAMKAQQwIw + IEOUnaTBcNMDAwNjMwMDYxMjExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ2vYXDTAwMDYzMDA2MTIxN1o + wDDAKBgNVHRUEAwoBBDAjAgQ5SducFw0wMDA2MzAwNjEyMjNaMAwwCgYDVR0VBAMKAQQwIwIEOUnc + IRcNMDAwNjMwMDYxMjI4WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3KQXDTAwMDYzMDA2MTIzM1owDDAKB + gNVHRUEAwoBBDAjAgQ5Sd2xFw0wMDA2MzAwNjEyNDBaMAwwCgYDVR0VBAMKAQQwIwIEOUneRBcNMD + AwNjMwMDYxMjQ1WjAMMAoGA1UdFQQDCgEEMCMCBDlJ3skXDTAwMDYzMDA2MTI1MVowDDAKBgNVHRU + EAwoBBDAjAgQ5Sd/IFw0wMDA2MzAwNjEzMDJaMAwwCgYDVR0VBAMKAQQwIwIEOUngPRcNMDAwNjMw + MDYxMzExWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4M8XDTAwMDYzMDA2MTMyMFowDDAKBgNVHRUEAwoBB + DAjAgQ5SeE/Fw0wMDA2MzAwNjEzMjVaMAwwCgYDVR0VBAMKAQQwIwIEOUnh2BcNMDAwNjMwMDYxMz + MxWjAMMAoGA1UdFQQDCgEEMCMCBDlJ4mgXDTAwMDYzMDA2MTMzOVowDDAKBgNVHRUEAwoBBDAjAgQ + 5SeQvFw0wMDA2MzAwNjEzNDRaMAwwCgYDVR0VBAMKAQQwIwIEOVsGJRcNMDAwNjMwMDYxMzUwWjAM + MAoGA1UdFQQDCgEEMCMCBDlbBusXDTAwMDYzMDA2MTM1NlowDDAKBgNVHRUEAwoBBDAjAgQ5XEKPF + w0wMDA3MTMwOTAwMzhaMAwwCgYDVR0VBAMKAQQwIwIEOVxEKRcNMDAwNzEzMDkwMDQ1WjAMMAoGA1 + UdFQQDCgEEMCMCBDlcRukXDTAwMDcyNjA2MjkyN1owDDAKBgNVHRUEAwoBBDAjAgQ5fohgFw0wMDA + 3MjYwNjQ2NTFaMAwwCgYDVR0VBAMKAQQwIwIEOaNqPBcNMDAwODIzMDYwOTQxWjAMMAoGA1UdFQQD + CgEFMCMCBDlcX2QXDTAwMDgzMTA3MTM1OFowDDAKBgNVHRUEAwoBBDAjAgQ5YsflFw0wMDA5MDEwM + TQwMjRaMAwwCgYDVR0VBAMKAQQwIwIEOWGHDRcNMDAwOTA2MDcwMTE2WjAMMAoGA1UdFQQDCgEEMC + MCBDliz/4XDTAwMDkwNjA3MDcwNVowDDAKBgNVHRUEAwoBBDAjAgQ5m3S6Fw0wMDA5MjAwNzA2NTd + aMAwwCgYDVR0VBAMKAQQwIwIEOy6/hhcNMDEwNzAzMDYxMDQyWjAMMAoGA1UdFQQDCgEEMCMCBDtB + Yw4XDTAxMDcwMzA2MTkxNlowDDAKBgNVHRUEAwoBBDAjAgQ7MEG6Fw0wMTA3MTAwODA5NTNaMAwwC + gYDVR0VBAMKAQQwIwIEOy68CxcNMDEwNzExMDYxMzI5WjAMMAoGA1UdFQQDCgEEMCMCBDswSOsXDT + AxMDgwMTA0MTkyM1owDDAKBgNVHRUEAwoBBTAjAgQ7MYgeFw0wMTA4MDEwNDIwMDJaMAwwCgYDVR0 + VBAMKAQQwIwIEOzGHeBcNMDEwODAyMDI0NTM4WjAMMAoGA1UdFQQDCgEEMCMCBDsuveEXDTAxMDgz + MDA2MjIwOFowDDAKBgNVHRUEAwoBBDAjAgQ7jdxLFw0wMTA4MzAwNjQzMjRaMAwwCgYDVR0VBAMKA + QQwIwIEOy67QxcNMDExMTIxMDYyMDUzWjAMMAoGA1UdFQQDCgEEMCMCBDsDNXcXDTAyMDUxNzA4ND + Y0MlowDDAKBgNVHRUEAwoBBDAjAgQ7AzXMFw0wMjA1MTcwODQ2NTdaMAwwCgYDVR0VBAMKAQSgMjA + wMAsGA1UdFAQEAgIQoDATBgNVHSMEDDAKgAhISAKVrWisNzAMBgNVHRwBAf8EAjAAMA0GCSqGSIb3 + DQEBBQUAA4IBAQA1xNXgyrtVB5LSOc76JF+aJzf8IfJGqF04CMzbo4lDpec/LgOrTSFV223ccJzuq + cnxGUfDbXFfSWDHGnj9HLLTCkrS3clL1TPVjGXg5mFu1l6DCfcP2v4i4dlradNYDQg/AVBoJsYa3l + efSFHw8RFXNHJWwIjJA6J0CBJ/8Uq2ywr8umdndb10RLtPWp66A7wxu7OvTjt68d3LgSniQ0mIJCn + 4ooE30oF/ew0EznbxlSCNRPpB8jYYJTibGrTUVU43lr8h3URIgBkA4InOhuDv0ePMSCDSxBUhY0+G + eKo+YiXHy4SGUGLakahuq/hlGTRJJUddqFA1dNZdOUl23nVE diff --git a/tests/scripts/test031-component-filter b/tests/scripts/test031-component-filter index 437f152193..f4e0a97f09 100755 --- a/tests/scripts/test031-component-filter +++ b/tests/scripts/test031-component-filter @@ -291,6 +291,20 @@ if test $RC != 0 ; then exit $RC fi +FILTER="(certificateRevocationList:componentFilterMatch:=item:{ component \"tbsCertList.revokedCertificates.\2a.userCertificate\", rule integerMatch, value 952069669 })" +echo " f=$FILTER ..." +echo "# f=$FILTER ..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ + "$FILTER" >> $SEARCHOUT 2>&1 + +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + test $KILLSERVERS != no && kill -HUP $KILLPIDS echo "Filtering ldapsearch results..." diff --git a/tests/scripts/test036-meta-concurrency b/tests/scripts/test036-meta-concurrency index 68741cd1e0..958f7842e3 100755 --- a/tests/scripts/test036-meta-concurrency +++ b/tests/scripts/test036-meta-concurrency @@ -24,13 +24,14 @@ if test $BACKMETA = metano ; then fi # to be removed some time... -if test "x$TEST_META" != "xyes" ; then - echo "### this test is currently disabled;" - echo "### set \"TEST_META=yes\" to enable (at own risk)." +if test "x$TEST_META" = "xno" ; then + echo "### disabled by \"TEST_META=no\"; unset TEST_META to re-enable" echo "" exit 0 else - echo "### this test is __very__ experimental; enable at own risk" + echo "### this test is experimental; in case of problems," + echo "### set \"TEST_META=no\" to disable, and report thru" + echo "### the Issue Tracking System " echo "" fi -- 2.39.5