From 9004262d955fe037aa31b00bfc66a5b633efe069 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Tue, 4 Dec 2001 20:22:26 +0000 Subject: [PATCH] reimplement dn_validate/normalize/(match) using the ldap_str2dn/dn2str stuff; need to #define USE_LDAP_DN_PARSING --- include/ldap.h | 11 +-- libraries/libldap/dntest.c | 2 + libraries/libldap/getdn.c | 117 ++++++++++++++++-------------- servers/slapd/dn.c | 84 +++++++++++++++++++++ servers/slapd/proto-slap.h | 16 ++++ servers/slapd/schema_init.c | 141 ++++++++++++++++++++++++++++++++++++ 6 files changed, 310 insertions(+), 61 deletions(-) diff --git a/include/ldap.h b/include/ldap.h index a349c95625..ea9035ee47 100644 --- a/include/ldap.h +++ b/include/ldap.h @@ -1178,13 +1178,14 @@ typedef LDAPRDN** LDAPDN; /* DN formats */ #define LDAP_DN_FORMAT_LDAPV3 0x0000U -#define LDAP_DN_FORMAT_LDAPV2 0x0001U -#define LDAP_DN_FORMAT_DCE 0x0002U -#define LDAP_DN_FORMAT_UFN 0x0003U /* dn2str only */ -#define LDAP_DN_FORMAT_AD_CANONICAL 0x0004U /* dn2str only */ -#define LDAP_DN_FORMAT_MASK 0x000FU +#define LDAP_DN_FORMAT_LDAPV2 0x0010U +#define LDAP_DN_FORMAT_DCE 0x0020U +#define LDAP_DN_FORMAT_UFN 0x0030U /* dn2str only */ +#define LDAP_DN_FORMAT_AD_CANONICAL 0x0040U /* dn2str only */ +#define LDAP_DN_FORMAT_MASK 0x00F0U /* str2dn flags */ +#define LDAP_DN_PRETTY 0x0100U #define LDAP_DN_P_NOLEADTRAILSPACES 0x1000U #define LDAP_DN_P_NOSPACEAFTERRDN 0x2000U #define LDAP_DN_PEDANTIC 0xF000U diff --git a/libraries/libldap/dntest.c b/libraries/libldap/dntest.c index fd817b301b..011519c39e 100644 --- a/libraries/libldap/dntest.c +++ b/libraries/libldap/dntest.c @@ -103,6 +103,8 @@ main( int argc, char *argv[] ) flags[ i ] |= LDAP_DN_FORMAT_UFN; } else if ( !strcasecmp( s, "AD" ) ) { flags[ i ] |= LDAP_DN_FORMAT_AD_CANONICAL; + } else if ( !strcasecmp( s, "PRETTY" ) ) { + flags[ i ] |= LDAP_DN_PRETTY; } else if ( !strcasecmp( s, "PEDANTIC" ) ) { flags[ i ] |= LDAP_DN_PEDANTIC; } else if ( !strcasecmp( s, "NOSPACES" ) ) { diff --git a/libraries/libldap/getdn.c b/libraries/libldap/getdn.c index 3377475214..36a48a3c9d 100644 --- a/libraries/libldap/getdn.c +++ b/libraries/libldap/getdn.c @@ -23,8 +23,6 @@ #include "ldap-int.h" -/* forces the use of new dn parsing routines */ -/* #define USE_LDAP_DN_PARSING */ /* extension to UFN that turns trailing "dc=value" rdns in DNS style, * e.g. "ou=People,dc=openldap,dc=org" => "People, openldap.org" */ #define DC_IN_UFN @@ -78,16 +76,16 @@ LDAPDN * ldapava_insert_into_dn( LDAPDN *dn, LDAPRDN *rdn, unsigned where ); /* void ldapava_free_dn( LDAPDN *dn ); in ldap.h */ /* Higher level helpers */ -static int rdn2strlen( LDAPRDN *rdn, ber_len_t *len, +static int rdn2strlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len, int ( *s2l )( struct berval *, unsigned, ber_len_t * ) ); -static int rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len, +static int rdn2str( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int ( *s2s )( struct berval *, char *, unsigned, ber_len_t * )); -static int rdn2UFNstrlen( LDAPRDN *rdn, ber_len_t *len ); -static int rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len ); -static int rdn2DCEstrlen( LDAPRDN *rdn, ber_len_t *len ); -static int rdn2DCEstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first ); -static int rdn2ADstrlen( LDAPRDN *rdn, ber_len_t *len ); -static int rdn2ADstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first ); +static int rdn2UFNstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len ); +static int rdn2UFNstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len ); +static int rdn2DCEstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len ); +static int rdn2DCEstr( LDAPRDN *rdn, char *str, unsigned flag, ber_len_t *len, int first ); +static int rdn2ADstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len ); +static int rdn2ADstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first ); #ifndef USE_LDAP_DN_PARSING /* deprecated */ #define NAME_TYPE_LDAP_RDN 0 @@ -637,8 +635,10 @@ dn2dn( const char *dnin, unsigned fin, unsigned fout ) ( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_OCTOTHORPE(c) || LDAP_DN_NE(c) ) #define LDAP_DN_NEEDESCAPE_TRAIL(c) \ ( LDAP_DN_ASCII_SPACE(c) || LDAP_DN_NEEDESCAPE(c) ) -#define LDAP_DN_WILLESCAPE(c) \ +#define LDAP_DN_WILLESCAPE_CHAR( c) \ ( LDAP_DN_RDN_SEP(c) || LDAP_DN_AVA_SEP(c) ) +#define LDAP_DN_WILLESCAPE(f, c) \ + ( ( !( (f) & LDAP_DN_PRETTY ) ) && LDAP_DN_WILLESCAPE_CHAR(c) ) /* LDAPv2 */ #define LDAP_DN_VALUE_END_V2(c) \ @@ -2113,7 +2113,7 @@ strval2strlen( struct berval *val, unsigned flags, ber_len_t *len ) * there might be some chars we want to escape in form * of a couple of hexdigits for optimization purposes */ - } else if ( LDAP_DN_WILLESCAPE( p[ 0 ] ) ) { + } else if ( LDAP_DN_WILLESCAPE( flags, p[ 0 ] ) ) { l += 3; } else if ( LDAP_DN_NEEDESCAPE( p[ 0 ] ) @@ -2160,7 +2160,7 @@ strval2str( struct berval *val, char *str, unsigned flags, ber_len_t *len ) * there might be some chars we want to escape in form * of a couple of hexdigits for optimization purposes */ - if ( cl > 1 || LDAP_DN_WILLESCAPE( val->bv_val[ s ] ) ) { + if ( cl > 1 || LDAP_DN_WILLESCAPE( flags, val->bv_val[ s ] ) ) { for ( ; cl--; ) { str[ d++ ] = '\\'; byte2hexpair( &val->bv_val[ s ], &str[ d ] ); @@ -2500,7 +2500,7 @@ dn2domain( LDAPDN *dn, char *str, int *iRDN ) } static int -rdn2strlen( LDAPRDN *rdn, ber_len_t *len, +rdn2strlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len, int ( *s2l )( struct berval *v, unsigned f, ber_len_t *l ) ) { int iAVA; @@ -2520,8 +2520,9 @@ rdn2strlen( LDAPRDN *rdn, ber_len_t *len, } else { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( ( *s2l )( ava->la_value, ava->la_flags, &vl ) ) { + if ( ( *s2l )( ava->la_value, f, &vl ) ) { return( -1 ); } l += vl; @@ -2534,7 +2535,7 @@ rdn2strlen( LDAPRDN *rdn, ber_len_t *len, } static int -rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len, +rdn2str( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int ( *s2s ) ( struct berval *v, char * s, unsigned f, ber_len_t *l ) ) { int iAVA; @@ -2558,9 +2559,9 @@ rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len, } else { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( ( *s2s )( ava->la_value, &str[ l ], - ava->la_flags, &vl ) ) { + if ( ( *s2s )( ava->la_value, &str[ l ], f, &vl ) ) { return( -1 ); } l += vl; @@ -2574,7 +2575,7 @@ rdn2str( LDAPRDN *rdn, char *str, ber_len_t *len, } static int -rdn2DCEstrlen( LDAPRDN *rdn, ber_len_t *len ) +rdn2DCEstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len ) { int iAVA; ber_len_t l = 0; @@ -2595,9 +2596,9 @@ rdn2DCEstrlen( LDAPRDN *rdn, ber_len_t *len ) case LDAP_AVA_STRING: { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( strval2DCEstrlen( ava->la_value, - ava->la_flags, &vl ) ) { + if ( strval2DCEstrlen( ava->la_value, f, &vl ) ) { return( -1 ); } l += vl; @@ -2615,7 +2616,7 @@ rdn2DCEstrlen( LDAPRDN *rdn, ber_len_t *len ) } static int -rdn2DCEstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first ) +rdn2DCEstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first ) { int iAVA; ber_len_t l = 0; @@ -2646,9 +2647,9 @@ rdn2DCEstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first ) case LDAP_AVA_STRING: { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( strval2DCEstr( ava->la_value, &str[ l ], - ava->la_flags, &vl ) ) { + if ( strval2DCEstr( ava->la_value, &str[ l ], f, &vl ) ) { return( -1 ); } l += vl; @@ -2666,7 +2667,7 @@ rdn2DCEstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first ) } static int -rdn2UFNstrlen( LDAPRDN *rdn, ber_len_t *len ) +rdn2UFNstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len ) { int iAVA; ber_len_t l = 0; @@ -2689,9 +2690,9 @@ rdn2UFNstrlen( LDAPRDN *rdn, ber_len_t *len ) } else { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( strval2strlen( ava->la_value, ava->la_flags, - &vl ) ) { + if ( strval2strlen( ava->la_value, f, &vl ) ) { return( -1 ); } l += vl; @@ -2704,7 +2705,7 @@ rdn2UFNstrlen( LDAPRDN *rdn, ber_len_t *len ) } static int -rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len ) +rdn2UFNstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len ) { int iAVA; ber_len_t l = 0; @@ -2721,9 +2722,9 @@ rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len ) } else { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( strval2str( ava->la_value, &str[ l ], - ava->la_flags, &vl ) ) { + if ( strval2str( ava->la_value, &str[ l ], f, &vl ) ) { return( -1 ); } l += vl; @@ -2745,7 +2746,7 @@ rdn2UFNstr( LDAPRDN *rdn, char *str, ber_len_t *len ) } static int -rdn2ADstrlen( LDAPRDN *rdn, ber_len_t *len ) +rdn2ADstrlen( LDAPRDN *rdn, unsigned flags, ber_len_t *len ) { int iAVA; ber_len_t l = 0; @@ -2770,9 +2771,9 @@ rdn2ADstrlen( LDAPRDN *rdn, ber_len_t *len ) case LDAP_AVA_STRING: { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( strval2ADstrlen( ava->la_value, - ava->la_flags, &vl ) ) { + if ( strval2ADstrlen( ava->la_value, f, &vl ) ) { return( -1 ); } l += vl; @@ -2790,7 +2791,7 @@ rdn2ADstrlen( LDAPRDN *rdn, ber_len_t *len ) } static int -rdn2ADstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first ) +rdn2ADstr( LDAPRDN *rdn, char *str, unsigned flags, ber_len_t *len, int first ) { int iAVA; ber_len_t l = 0; @@ -2815,9 +2816,9 @@ rdn2ADstr( LDAPRDN *rdn, char *str, ber_len_t *len, int first ) case LDAP_AVA_STRING: { ber_len_t vl; + unsigned f = flags | ava->la_flags; - if ( strval2ADstr( ava->la_value, &str[ l ], - ava->la_flags, &vl ) ) { + if ( strval2ADstr( ava->la_value, &str[ l ], f, &vl ) ) { return( -1 ); } l += vl; @@ -2861,31 +2862,31 @@ ldap_rdn2str( LDAPRDN *rdn, char **str, unsigned flags ) *str = NULL; switch ( LDAP_DN_FORMAT( flags ) ) { case LDAP_DN_FORMAT_LDAPV3: - if ( rdn2strlen( rdn, &l, strval2strlen ) ) { + if ( rdn2strlen( rdn, flags, &l, strval2strlen ) ) { return( LDAP_OTHER ); } break; case LDAP_DN_FORMAT_LDAPV2: - if ( rdn2strlen( rdn, &l, strval2IA5strlen ) ) { + if ( rdn2strlen( rdn, flags, &l, strval2IA5strlen ) ) { return( LDAP_OTHER ); } break; case LDAP_DN_FORMAT_UFN: - if ( rdn2UFNstrlen( rdn, &l ) ) { + if ( rdn2UFNstrlen( rdn, flags, &l ) ) { return( LDAP_OTHER ); } break; case LDAP_DN_FORMAT_DCE: - if ( rdn2DCEstrlen( rdn, &l ) ) { + if ( rdn2DCEstrlen( rdn, flags, &l ) ) { return( LDAP_OTHER ); } break; case LDAP_DN_FORMAT_AD_CANONICAL: - if ( rdn2ADstrlen( rdn, &l ) ) { + if ( rdn2ADstrlen( rdn, flags, &l ) ) { return( LDAP_OTHER ); } break; @@ -2898,27 +2899,27 @@ ldap_rdn2str( LDAPRDN *rdn, char **str, unsigned flags ) switch ( LDAP_DN_FORMAT( flags ) ) { case LDAP_DN_FORMAT_LDAPV3: - rc = rdn2str( rdn, *str, &l, strval2str ); + rc = rdn2str( rdn, *str, flags, &l, strval2str ); back = 1; break; case LDAP_DN_FORMAT_LDAPV2: - rc = rdn2str( rdn, *str, &l, strval2IA5str ); + rc = rdn2str( rdn, *str, flags, &l, strval2IA5str ); back = 1; break; case LDAP_DN_FORMAT_UFN: - rc = rdn2UFNstr( rdn, *str, &l ); + rc = rdn2UFNstr( rdn, *str, flags, &l ); back = 2; break; case LDAP_DN_FORMAT_DCE: - rc = rdn2DCEstr( rdn, *str, &l, 1 ); + rc = rdn2DCEstr( rdn, *str, flags, &l, 1 ); back = 0; break; case LDAP_DN_FORMAT_AD_CANONICAL: - rc = rdn2ADstr( rdn, *str, &l, 1 ); + rc = rdn2ADstr( rdn, *str, flags, &l, 1 ); back = 0; break; @@ -2989,7 +2990,7 @@ got_funcs: ber_len_t rdnl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2strlen( rdn, &rdnl, sv2l ) ) { + if ( rdn2strlen( rdn, flags, &rdnl, sv2l ) ) { goto return_results; } @@ -3005,7 +3006,8 @@ got_funcs: ber_len_t rdnl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2str( rdn, &( *str )[ l ], &rdnl, sv2s ) ) { + if ( rdn2str( rdn, &( *str )[ l ], flags, + &rdnl, sv2s ) ) { LDAP_FREE( *str ); *str = NULL; goto return_results; @@ -3069,7 +3071,7 @@ got_funcs: ber_len_t rdnl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2UFNstrlen( rdn, &rdnl ) ) { + if ( rdn2UFNstrlen( rdn, flags, &rdnl ) ) { goto return_results; } len += rdnl; @@ -3097,7 +3099,8 @@ got_funcs: ber_len_t vl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2UFNstr( rdn, &( *str )[ l ], &vl ) ) { + if ( rdn2UFNstr( rdn, &( *str )[ l ], + flags, &vl ) ) { LDAP_FREE( *str ); *str = NULL; goto return_results; @@ -3118,7 +3121,8 @@ got_funcs: ber_len_t vl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2UFNstr( rdn, &( *str )[ l ], &vl ) ) { + if ( rdn2UFNstr( rdn, &( *str )[ l ], + flags, &vl ) ) { LDAP_FREE( *str ); *str = NULL; goto return_results; @@ -3146,7 +3150,7 @@ got_funcs: ber_len_t rdnl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2DCEstrlen( rdn, &rdnl ) ) { + if ( rdn2DCEstrlen( rdn, flags, &rdnl ) ) { goto return_results; } @@ -3162,7 +3166,8 @@ got_funcs: ber_len_t rdnl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2DCEstr( rdn, &( *str )[ l ], &rdnl, 0 ) ) { + if ( rdn2DCEstr( rdn, &( *str )[ l ], flags, + &rdnl, 0 ) ) { LDAP_FREE( *str ); *str = NULL; goto return_results; @@ -3197,7 +3202,7 @@ got_funcs: ber_len_t rdnl; LDAPRDN *rdn = dn[ iRDN ][ 0 ]; - if ( rdn2ADstrlen( rdn, &rdnl ) ) { + if ( rdn2ADstrlen( rdn, flags, &rdnl ) ) { goto return_results; } @@ -3216,7 +3221,7 @@ got_funcs: LDAPRDN *rdn = dn[ iRDN ][ 0 ]; if ( rdn2ADstr( rdn, &( *str )[ l ], - &rdnl, 0 ) ) { + flags, &rdnl, 0 ) ) { LDAP_FREE( *str ); *str = NULL; goto return_results; @@ -3244,7 +3249,7 @@ got_funcs: LDAPRDN *rdn = dn[ iRDN ][ 0 ]; if ( rdn2ADstr( rdn, &( *str )[ l ], - &rdnl, first ) ) { + flags, &rdnl, first ) ) { LDAP_FREE( *str ); *str = NULL; goto return_results; diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c index 665600c5c1..1d106206a0 100644 --- a/servers/slapd/dn.c +++ b/servers/slapd/dn.c @@ -36,6 +36,37 @@ char * dn_validate( char *dn_in ) { +#ifdef USE_LDAP_DN_PARSING + struct berval val, *normalized; + int rc; + + fprintf(stderr, ">>> dn_validate: %s\n", dn_in); + + if ( dn_in == NULL || dn_in[ 0 ] == '\0' ) { + return( dn_in ); + } + + val.bv_val = dn_in; + val.bv_len = strlen( dn_in ); + + rc = dnPretty( NULL, &val, &normalized ); + if ( rc != LDAP_SUCCESS ) { + return( NULL ); + } + + if ( val.bv_len < normalized->bv_len ) { + ber_bvfree( normalized ); + return( NULL ); + } + + AC_MEMCPY( dn_in, normalized->bv_val, normalized->bv_len + 1 ); + ber_bvfree( normalized ); + + fprintf(stderr, "<<< dn_validate: %s\n", dn_in); + + return( dn_in ); + +#else /* !USE_LDAP_DN_PARSING */ char *d, *s; int state, gotesc; char *dn = dn_in; @@ -191,6 +222,7 @@ dn_validate( char *dn_in ) } return( dn ); +#endif /* !USE_LDAP_DN_PARSING */ } /* @@ -202,6 +234,39 @@ dn_validate( char *dn_in ) char * dn_normalize( char *dn ) { +#ifdef USE_LDAP_DN_PARSING + struct berval val, *normalized; + int rc; + + fprintf(stderr, ">>> dn_normalize: %s\n", dn); + + if ( dn == NULL || dn[ 0 ] == '\0' ) { + return( dn ); + } + + val.bv_val = dn; + val.bv_len = strlen( dn ); + + rc = dnNormalize( NULL, &val, &normalized ); + if ( rc != LDAP_SUCCESS ) { + return( NULL ); + } + + if ( val.bv_len < normalized->bv_len ) { + ber_bvfree( normalized ); + return( NULL ); + } + + AC_MEMCPY( dn, normalized->bv_val, normalized->bv_len + 1 ); + ber_bvfree( normalized ); + + ( void )ldap_pvt_str2upper( dn ); + + fprintf(stderr, "<<< dn_normalize: %s\n", dn); + + return( dn ); + +#else /* !USE_LDAP_DN_PARSING */ char *out; struct berval *bvdn, *nbvdn; @@ -219,6 +284,25 @@ dn_normalize( char *dn ) ber_bvfree( bvdn ); return( out ); +#endif /* !USE_LDAP_DN_PARSING */ +} + +int +dn_match( const char *val, const char *asserted ) +{ + struct berval bval, basserted; + + if ( val == NULL || asserted == NULL ) { + return 0; + } + + bval.bv_val = ( char * )val; + bval.bv_len = strlen( val ); + + basserted.bv_val = ( char * )asserted; + basserted.bv_len = strlen( asserted); + + return dnMatch( NULL, 0, NULL, NULL, &bval, &basserted); } /* diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 98a9494cf3..d5034175eb 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -316,6 +316,7 @@ LDAP_SLAPD_F (void) connection_internal_close( Connection *conn ); LDAP_SLAPD_F (char *) dn_validate LDAP_P(( char *dn )); LDAP_SLAPD_F (char *) dn_normalize LDAP_P(( char *dn )); +LDAP_SLAPD_F (int) dn_match LDAP_P(( const char *val, const char *asserted )); LDAP_SLAPD_F (char *) dn_parent LDAP_P(( Backend *be, const char *dn )); LDAP_SLAPD_F (char **) dn_subtree LDAP_P(( Backend *be, const char *dn )); LDAP_SLAPD_F (char *) dn_rdn LDAP_P(( Backend *be, const char *dn )); @@ -722,6 +723,21 @@ LDAP_SLAPD_F (int) entry_schema_check LDAP_P(( LDAP_SLAPD_F (int) schema_init LDAP_P((void)); LDAP_SLAPD_F (int) schema_prep LDAP_P((void)); +LDAP_SLAPD_F (int) dnNormalize LDAP_P(( + Syntax *syntax, + struct berval *val, + struct berval **normalized )); +LDAP_SLAPD_F (int) dnPretty LDAP_P(( + Syntax *syntax, + struct berval *val, + struct berval **normalized )); +LDAP_SLAPD_F (int) dnMatch LDAP_P(( + int *matchp, + slap_mask_t flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue )); /* * schemaparse.c diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index d322938cb8..e1284e34b7 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -32,7 +32,9 @@ #define berValidate blobValidate /* unimplemented pretters */ +#ifndef USE_LDAP_DN_PARSING #define dnPretty NULL +#endif /* !USE_LDAP_DN_PARSING */ #define integerPretty NULL /* recycled matching routines */ @@ -218,6 +220,143 @@ int octetStringFilter( return LDAP_SUCCESS; } +#ifdef USE_LDAP_DN_PARSING +static int +dnValidate( + Syntax *syntax, + struct berval *in ) +{ + int rc; + LDAPDN *dn = NULL; + + if ( in->bv_len == 0 ) { + return( LDAP_SUCCESS ); + } + + rc = ldap_str2dn( in->bv_val, &dn, LDAP_DN_FORMAT_LDAPV3 ); + ldapava_free_dn( dn ); + + if ( rc != LDAP_SUCCESS ) { + return( LDAP_INVALID_SYNTAX ); + } + + return( LDAP_SUCCESS ); +} + +int +dnNormalize( + Syntax *syntax, + struct berval *val, + struct berval **normalized ) +{ + struct berval *out = NULL; + + if ( val->bv_len != 0 ) { + LDAPDN *dn = NULL; + char *dn_out = NULL; + int rc; + + rc = ldap_str2dn( val->bv_val, &dn, LDAP_DN_FORMAT_LDAPV3 ); + if ( rc != LDAP_SUCCESS ) { + return( LDAP_INVALID_SYNTAX ); + } + + rc = ldap_dn2str( dn, &dn_out, LDAP_DN_FORMAT_LDAPV3 ); + ldapava_free_dn( dn ); + + if ( rc != LDAP_SUCCESS ) { + return( LDAP_INVALID_SYNTAX ); + } + + out = ber_bvstr( dn_out ); + + } else { + out = ber_bvdup( val ); + } + + *normalized = out; + + return( LDAP_SUCCESS ); +} + +int +dnPretty( + Syntax *syntax, + struct berval *val, + struct berval **normalized) +{ + struct berval *out = NULL; + + if ( val->bv_len != 0 ) { + LDAPDN *dn = NULL; + char *dn_out = NULL; + unsigned flags = LDAP_DN_FORMAT_LDAPV3; + int rc; + + rc = ldap_str2dn( val->bv_val, &dn, flags ); + if ( rc != LDAP_SUCCESS ) { + return( LDAP_INVALID_SYNTAX ); + } + + flags |= LDAP_DN_PRETTY; + + rc = ldap_dn2str( dn, &dn_out, flags ); + ldapava_free_dn( dn ); + + if ( rc != LDAP_SUCCESS ) { + return( LDAP_INVALID_SYNTAX ); + } + + out = ber_bvstr( dn_out ); + + } else { + out = ber_bvdup( val ); + } + + *normalized = out; + + return( LDAP_SUCCESS ); +} + +int +dnMatch( + int *matchp, + slap_mask_t flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue ) +{ + int match; + struct berval *asserted = (struct berval *) assertedValue; + + match = value->bv_len - asserted->bv_len; + + if ( match == 0 ) { +#ifdef USE_DN_NORMALIZE + match = strcmp( value->bv_val, asserted->bv_val ); + fprintf(stderr, "USE_DN_NORMALIZE :(\n"); +#else + match = strcasecmp( value->bv_val, asserted->bv_val ); + fprintf(stderr, "!USE_DN_NORMALIZE :)\n"); +#endif + } + +#ifdef NEW_LOGGING + LDAP_LOG(( "schema", LDAP_LEVEL_ENTRY, + "dnMatch: %d\n %s\n %s\n", match, + value->bv_val, asserted->bv_val )); +#else + Debug( LDAP_DEBUG_ARGS, "dnMatch %d\n\t\"%s\"\n\t\"%s\"\n", + match, value->bv_val, asserted->bv_val ); +#endif + + *matchp = match; + return( LDAP_SUCCESS ); +} + +#else /* !USE_LDAP_DN_PARSING */ + static int dnValidate( Syntax *syntax, @@ -312,6 +451,8 @@ dnMatch( return LDAP_SUCCESS; } +#endif /* !USE_LDAP_DN_PARSING */ + static int nameUIDValidate( Syntax *syntax, -- 2.39.5