From 9effc2b8f00434a4c5c6da2a7f5f488cc47bfa28 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Sun, 23 Jan 2005 21:42:05 +0000 Subject: [PATCH] cleanup of rewrite code and docs --- doc/man/man5/slapo-rwm.5 | 21 ++++++++++++--------- include/rewrite.h | 13 ++++++------- libraries/librewrite/xmap.c | 2 +- 3 files changed, 19 insertions(+), 17 deletions(-) diff --git a/doc/man/man5/slapo-rwm.5 b/doc/man/man5/slapo-rwm.5 index 0fe80aaa7a..a2a19fde55 100644 --- a/doc/man/man5/slapo-rwm.5 +++ b/doc/man/man5/slapo-rwm.5 @@ -188,15 +188,15 @@ n as return code if the rule matches; the flag does not alter the recursive behavior of the rule, so, to have it performed only once, it must be used in combination with `:', e.g. -.B `:U{16}' -returns the value `16' after exactly one execution of the rule, if the -pattern matches. +.B `:U{32}' +returns the value `32' (indicating noSuchObject) after exactly +one execution of the rule, if the pattern matches. As a consequence, its behavior is equivalent to `@', with the return code set to .BR n ; or, in other words, `@' is equivalent to `U{0}'. -By convention, the freely available codes are above 16 included; -the others are reserved. +Positive errors are allowed, indicating the related LDAP error codes +as specified in \fIdraft-ietf-ldapbis-protocol\fP. .LP The ordering of the flags can be significant. For instance: `IG{2}' means ignore errors and jump two lines ahead @@ -400,26 +400,29 @@ rwm-rewriteEngine on rwm-rewriteEngine on # all dataflow from client to server referring to DNs rwm-rewriteContext default -rwm-rewriteRule "(.*)$" "$1" ":" +rwm-rewriteRule "(.+,)?$" "$1" ":" # empty filter rule rwm-rewriteContext searchFilter # all dataflow from server to client rwm-rewriteContext searchEntryDN -rwm-rewriteRule "(.*)$" "$1" ":" +rwm-rewriteRule "(.+,)?$" "$1" ":" rwm-rewriteContext searchAttrDN alias searchEntryDN rwm-rewriteContext matchedDN alias searchEntryDN +# misc empty rules +rwm-rewriteContext referralAttrDN +rwm-rewriteContext referralDN # Everything defined here goes into the `default' context. # This rule changes the naming context of anything sent # to `dc=home,dc=net' to `dc=OpenLDAP, dc=org' -rwm-rewriteRule "(.*)dc=home,[ ]?dc=net$" +rwm-rewriteRule "(.+,)?dc=home,[ ]?dc=net$" "$1dc=OpenLDAP, dc=org" ":" # since a pretty/normalized DN does not include spaces # after rdn separators, e.g. `,', this rule suffices: -rwm-rewriteRule "(.*)dc=home,dc=net$" +rwm-rewriteRule "(.+,)?dc=home,dc=net$" "$1dc=OpenLDAP,dc=org" ":" # Start a new context (ends input of the previous one). diff --git a/include/rewrite.h b/include/rewrite.h index ccf359c297..155f504452 100644 --- a/include/rewrite.h +++ b/include/rewrite.h @@ -38,8 +38,7 @@ * Rewrite internal status returns */ #define REWRITE_SUCCESS LDAP_SUCCESS -#define REWRITE_ERR LDAP_OPERATIONS_ERROR -#define REWRITE_NO_SUCH_OBJECT LDAP_NO_SUCH_OBJECT +#define REWRITE_ERR LDAP_OTHER /* * Rewrite modes (input values for rewrite_info_init); determine the @@ -66,11 +65,11 @@ * REWRITE_REGEXEC_UNWILLING the server should issue an 'unwilling * to perform' error */ -#define REWRITE_REGEXEC_OK 0x0000 -#define REWRITE_REGEXEC_ERR 0x0001 -#define REWRITE_REGEXEC_STOP 0x0002 -#define REWRITE_REGEXEC_UNWILLING 0x0003 -#define REWRITE_REGEXEC_USER 0x0004 /* and above ... */ +#define REWRITE_REGEXEC_OK (0) +#define REWRITE_REGEXEC_ERR (-1) +#define REWRITE_REGEXEC_STOP (-2) +#define REWRITE_REGEXEC_UNWILLING (-3) +#define REWRITE_REGEXEC_USER (1) /* and above: LDAP errors */ /* * Rewrite variable flags diff --git a/libraries/librewrite/xmap.c b/libraries/librewrite/xmap.c index 0448c8ee96..ca6e6819be 100644 --- a/libraries/librewrite/xmap.c +++ b/libraries/librewrite/xmap.c @@ -259,7 +259,7 @@ rewrite_xmap_apply( ldap_pvt_thread_mutex_unlock( &xpasswd_mutex ); #endif /* USE_REWRITE_LDAP_PVT_THREADS */ - rc = REWRITE_NO_SUCH_OBJECT; + rc = LDAP_NO_SUCH_OBJECT; break; } -- 2.39.2