From 77c4389f551b5177ca0cf6df41e1765557fe2e05 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Mon, 7 Apr 2003 12:53:00 +0000 Subject: [PATCH] use rewrite info instead of ldapinfo for reusability in back-meta; will change soon --- servers/slapd/back-ldap/add.c | 46 +++++++++++++++++++------ servers/slapd/back-ldap/back-ldap.h | 3 +- servers/slapd/back-ldap/bind.c | 8 +++-- servers/slapd/back-ldap/compare.c | 3 +- servers/slapd/back-ldap/delete.c | 3 +- servers/slapd/back-ldap/extended.c | 3 +- servers/slapd/back-ldap/modify.c | 3 +- servers/slapd/back-ldap/modrdn.c | 3 +- servers/slapd/back-ldap/search.c | 43 ++++++++++++++++++----- servers/slapd/back-ldap/suffixmassage.c | 9 ++--- 10 files changed, 91 insertions(+), 33 deletions(-) diff --git a/servers/slapd/back-ldap/add.c b/servers/slapd/back-ldap/add.c index 7344aa5605..a9be70d466 100644 --- a/servers/slapd/back-ldap/add.c +++ b/servers/slapd/back-ldap/add.c @@ -74,12 +74,13 @@ ldap_back_add( /* * Rewrite the add dn, if needed */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "addDn"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif @@ -96,7 +97,7 @@ ldap_back_add( attrs = (LDAPMod **)ch_malloc(sizeof(LDAPMod *)*i); #ifdef ENABLE_REWRITE - dc.ctx = "addAttrDN"; + dc.ctx = "addDnAttr"; #endif for (i=0, a=op->oq_add.rs_e->e_attrs; a; a=a->a_next) { if ( a->a_desc->ad_type->sat_no_user_mod ) { @@ -155,15 +156,38 @@ ldap_dnattr_rewrite( BerVarray a_vals ) { - struct berval bv; - - for ( ; a_vals->bv_val != NULL; a_vals++ ) { - ldap_back_dn_massage( dc, a_vals, &bv ); - - /* leave attr untouched if massage failed */ - if ( bv.bv_val && bv.bv_val != a_vals->bv_val ) { - ch_free( a_vals->bv_val ); - *a_vals = bv; + struct berval bv; + int i, last; + + for ( last = 0; a_vals[last].bv_val != NULL; last++ ); + last--; + + for ( i = 0; a_vals[i].bv_val != NULL; i++ ) { + switch ( ldap_back_dn_massage( dc, &a_vals[i], &bv ) ) { + case LDAP_SUCCESS: + case LDAP_OTHER: /* ? */ + default: /* ??? */ + /* leave attr untouched if massage failed */ + if ( bv.bv_val && bv.bv_val != a_vals[i].bv_val ) { + ch_free( a_vals[i].bv_val ); + a_vals[i] = bv; + } + break; + + case LDAP_UNWILLING_TO_PERFORM: + /* + * FIXME: need to check if it may be considered + * legal to trim values when adding/modifying; + * it should be when searching (see ACLs). + */ + ch_free( a_vals[i].bv_val ); + if (last > i ) { + a_vals[i] = a_vals[last]; + } + a_vals[last].bv_len = 0; + a_vals[last].bv_val = NULL; + last--; + break; } } diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h index 49592cf1df..3ef2f6d68b 100644 --- a/servers/slapd/back-ldap/back-ldap.h +++ b/servers/slapd/back-ldap/back-ldap.h @@ -100,12 +100,13 @@ int back_ldap_LTX_init_module(int argc, char *argv[]); /* Whatever context ldap_back_dn_massage needs... */ typedef struct dncookie { - struct ldapinfo *li; #ifdef ENABLE_REWRITE + struct rewrite_info *rw; Connection *conn; char *ctx; SlapReply *rs; #else + struct ldapinfo *li; int normalized; int tofrom; #endif diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c index 3ba1eb8889..6d1cef328c 100644 --- a/servers/slapd/back-ldap/bind.c +++ b/servers/slapd/back-ldap/bind.c @@ -72,12 +72,13 @@ ldap_back_bind( /* * Rewrite the bind dn if needed */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "bindDn"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif @@ -311,8 +312,8 @@ ldap_back_getconn(Operation *op, SlapReply *rs) /* * Rewrite the bind dn if needed */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "bindDn"; @@ -502,12 +503,13 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op, SlapReply *rs, struct berval dn, mdn; dncookie dc; - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "matchedDn"; #else + dc.li = li; dc.tofrom = 0; dc.normalized = 0; #endif diff --git a/servers/slapd/back-ldap/compare.c b/servers/slapd/back-ldap/compare.c index f1dfb35b79..f1b96becb5 100644 --- a/servers/slapd/back-ldap/compare.c +++ b/servers/slapd/back-ldap/compare.c @@ -66,12 +66,13 @@ ldap_back_compare( /* * Rewrite the compare dn, if needed */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "compareDn"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif diff --git a/servers/slapd/back-ldap/delete.c b/servers/slapd/back-ldap/delete.c index c48ae217cc..0699868150 100644 --- a/servers/slapd/back-ldap/delete.c +++ b/servers/slapd/back-ldap/delete.c @@ -66,12 +66,13 @@ ldap_back_delete( /* * Rewrite the request dn, if needed */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "deleteDn"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif diff --git a/servers/slapd/back-ldap/extended.c b/servers/slapd/back-ldap/extended.c index 8f643e1c93..6ccd377598 100644 --- a/servers/slapd/back-ldap/extended.c +++ b/servers/slapd/back-ldap/extended.c @@ -85,12 +85,13 @@ ldap_back_exop_passwd( return LDAP_UNWILLING_TO_PERFORM; } if (id.bv_len) { - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "modifyPwd"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif diff --git a/servers/slapd/back-ldap/modify.c b/servers/slapd/back-ldap/modify.c index 60d77dc6e9..7375a191ce 100644 --- a/servers/slapd/back-ldap/modify.c +++ b/servers/slapd/back-ldap/modify.c @@ -69,12 +69,13 @@ ldap_back_modify( /* * Rewrite the modify dn, if needed */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "modifyDn"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif diff --git a/servers/slapd/back-ldap/modrdn.c b/servers/slapd/back-ldap/modrdn.c index 27a87ef075..1e79b450e9 100644 --- a/servers/slapd/back-ldap/modrdn.c +++ b/servers/slapd/back-ldap/modrdn.c @@ -62,11 +62,12 @@ ldap_back_modrdn( return( -1 ); } - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c index db8c227544..8fdc28872b 100644 --- a/servers/slapd/back-ldap/search.c +++ b/servers/slapd/back-ldap/search.c @@ -147,12 +147,13 @@ ldap_back_search( /* * Rewrite the search base, if required */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = rs; dc.ctx = "searchBase"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 0; #endif @@ -392,12 +393,13 @@ ldap_build_entry( /* * Rewrite the dn of the result, if needed */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = NULL; dc.ctx = "searchResult"; #else + dc.li = li; dc.tofrom = 0; dc.normalized = 0; #endif @@ -523,13 +525,35 @@ ldap_build_entry( */ } else if ( attr->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) { - for ( bv = attr->a_vals; bv->bv_val; bv++ ) { - struct berval newval = {0,NULL}; - - ldap_back_dn_massage( &dc, bv, &newval ); - if ( newval.bv_val && bv->bv_val != newval.bv_val ) { + int last, i; + + /* + * FIXME: should use ldap_dnattr_rewrite(), + * but need a different free() callback ... + */ + + for ( last = 0; attr->a_vals[last].bv_val; last++ ); + + for ( i = 0; attr->a_vals[i].bv_val; i++ ) { + struct berval newval = { 0, NULL }; + + bv = &attr->a_vals[i]; + switch ( ldap_back_dn_massage( &dc, bv, &newval ) ) { + case LDAP_UNWILLING_TO_PERFORM: LBER_FREE( bv->bv_val ); - *bv = newval; + if ( last > i ) { + *bv = attr->a_vals[last]; + } + attr->a_vals[last].bv_val = NULL; + last--; + break; + + default: + if ( newval.bv_val && bv->bv_val != newval.bv_val ) { + LBER_FREE( bv->bv_val ); + *bv = newval; + } + break; } } } @@ -602,12 +626,13 @@ ldap_back_entry_get( /* * Rewrite the search base, if required */ - dc.li = li; #ifdef ENABLE_REWRITE + dc.rw = li->rwinfo; dc.conn = op->o_conn; dc.rs = &rs; dc.ctx = "searchBase"; #else + dc.li = li; dc.tofrom = 1; dc.normalized = 1; #endif diff --git a/servers/slapd/back-ldap/suffixmassage.c b/servers/slapd/back-ldap/suffixmassage.c index 15a8903cf2..4cd1a13b4c 100644 --- a/servers/slapd/back-ldap/suffixmassage.c +++ b/servers/slapd/back-ldap/suffixmassage.c @@ -47,10 +47,10 @@ ldap_back_dn_massage( { int rc = 0; - switch (rewrite_session( dc->li->rwinfo, dc->ctx, dn->bv_val, dc->conn, + switch (rewrite_session( dc->rw, dc->ctx, dn->bv_val, dc->conn, &res->bv_val )) { case REWRITE_REGEXEC_OK: - if ( res->bv_val != NULL && res->bv_val[ 0 ] != '\0' ) { + if ( res->bv_val != NULL ) { res->bv_len = strlen( res->bv_val ); } else { *res = *dn; @@ -62,6 +62,7 @@ ldap_back_dn_massage( Debug( LDAP_DEBUG_ARGS, "[rw] %s: \"%s\" -> \"%s\"\n", dc->ctx, dn->bv_val, res->bv_val ); #endif /* !NEW_LOGGING */ + rc = LDAP_SUCCESS; break; case REWRITE_REGEXEC_UNWILLING: @@ -69,7 +70,7 @@ ldap_back_dn_massage( dc->rs->sr_err = LDAP_UNWILLING_TO_PERFORM; dc->rs->sr_text = "Operation not allowed"; } - rc = -1; + rc = LDAP_UNWILLING_TO_PERFORM; break; case REWRITE_REGEXEC_ERR: @@ -77,7 +78,7 @@ ldap_back_dn_massage( dc->rs->sr_err = LDAP_OTHER; dc->rs->sr_text = "Rewrite error"; } - rc = -1; + rc = LDAP_OTHER; break; } return rc; -- 2.39.5