From b013847111d022f26e82922a788e817804ae04c1 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Thu, 12 Apr 2007 01:02:01 +0000 Subject: [PATCH] fix ';binary' certificate transport (ITS#4868); add cert to sql-test000 (mysql; psql untested) --- servers/slapd/back-sql/back-sql.h | 1 + servers/slapd/back-sql/entry-id.c | 22 ++-- .../rdbms_depend/mysql/testdb_create.sql | 13 ++- .../rdbms_depend/mysql/testdb_data.sql | 3 + .../rdbms_depend/mysql/testdb_metadata.sql | 7 ++ .../rdbms_depend/pgsql/testdb_create.sql | 8 ++ .../rdbms_depend/pgsql/testdb_data.sql | 3 + .../rdbms_depend/pgsql/testdb_metadata.sql | 4 + servers/slapd/back-sql/schema-map.c | 23 +++- tests/data/sql-read.out | 103 ++++++++++++++++++ 10 files changed, 174 insertions(+), 13 deletions(-) diff --git a/servers/slapd/back-sql/back-sql.h b/servers/slapd/back-sql/back-sql.h index 83f58d0ea2..6965e3f5c9 100644 --- a/servers/slapd/back-sql/back-sql.h +++ b/servers/slapd/back-sql/back-sql.h @@ -331,6 +331,7 @@ typedef struct backsql_oc_map_rec { typedef struct backsql_at_map_rec { /* Description of corresponding LDAP attribute type */ AttributeDescription *bam_ad; + AttributeDescription *bam_true_ad; /* ObjectClass if bam_ad is objectClass */ ObjectClass *bam_oc; diff --git a/servers/slapd/back-sql/entry-id.c b/servers/slapd/back-sql/entry-id.c index e12b208121..a942b739ae 100644 --- a/servers/slapd/back-sql/entry-id.c +++ b/servers/slapd/back-sql/entry-id.c @@ -516,8 +516,8 @@ backsql_get_attr_vals( void *v_at, void *v_bsi ) #endif /* ! BACKSQL_ARBITRARY_KEY */ #ifdef BACKSQL_PRETTY_VALIDATE - validate = at->bam_ad->ad_type->sat_syntax->ssyn_validate; - pretty = at->bam_ad->ad_type->sat_syntax->ssyn_pretty; + validate = at->bam_true_ad->ad_type->sat_syntax->ssyn_validate; + pretty = at->bam_true_ad->ad_type->sat_syntax->ssyn_pretty; if ( validate == NULL && pretty == NULL ) { return 1; @@ -525,8 +525,8 @@ backsql_get_attr_vals( void *v_at, void *v_bsi ) #endif /* BACKSQL_PRETTY_VALIDATE */ #ifdef BACKSQL_COUNTQUERY - if ( at->bam_ad->ad_type->sat_equality ) { - normfunc = at->bam_ad->ad_type->sat_equality->smr_normalize; + if ( at->bam_true_ad->ad_type->sat_equality ) { + normfunc = at->bam_true_ad->ad_type->sat_equality->smr_normalize; } /* Count how many rows will be returned. This avoids memory @@ -583,7 +583,7 @@ backsql_get_attr_vals( void *v_at, void *v_bsi ) return 1; } - attr = attr_find( bsi->bsi_e->e_attrs, at->bam_ad ); + attr = attr_find( bsi->bsi_e->e_attrs, at->bam_true_ad ); if ( attr != NULL ) { BerVarray tmp; @@ -615,7 +615,7 @@ backsql_get_attr_vals( void *v_at, void *v_bsi ) append = 1; /* Make space for the array of values */ - attr = attr_alloc( at->bam_ad ); + attr = attr_alloc( at->bam_true_ad ); attr->a_vals = ch_calloc( count + 1, sizeof( struct berval ) ); if ( attr->a_vals == NULL ) { Debug( LDAP_DEBUG_TRACE, "Out of memory!\n", 0,0,0 ); @@ -761,12 +761,12 @@ backsql_get_attr_vals( void *v_at, void *v_bsi ) if ( pretty ) { struct berval pbv; - retval = pretty( at->bam_ad->ad_type->sat_syntax, + retval = pretty( at->bam_true_ad->ad_type->sat_syntax, &bv, &pbv, bsi->bsi_op->o_tmpmemctx ); bv = pbv; } else { - retval = validate( at->bam_ad->ad_type->sat_syntax, + retval = validate( at->bam_true_ad->ad_type->sat_syntax, &bv ); } @@ -792,7 +792,7 @@ backsql_get_attr_vals( void *v_at, void *v_bsi ) #ifndef BACKSQL_COUNTQUERY (void)backsql_entry_addattr( bsi->bsi_e, - at->bam_ad, &bv, + at->bam_true_ad, &bv, bsi->bsi_op->o_tmpmemctx ); #else /* BACKSQL_COUNTQUERY */ @@ -800,8 +800,8 @@ backsql_get_attr_vals( void *v_at, void *v_bsi ) struct berval nbv; retval = (*normfunc)( SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - at->bam_ad->ad_type->sat_syntax, - at->bam_ad->ad_type->sat_equality, + at->bam_true_ad->ad_type->sat_syntax, + at->bam_true_ad->ad_type->sat_equality, &bv, &nbv, bsi->bsi_op->o_tmpmemctx ); diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sql b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sql index 3c6b71e8b0..b35261b468 100644 --- a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sql +++ b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sql @@ -32,7 +32,12 @@ CREATE TABLE phones ( pers_id int NOT NULL ); - +drop table if exists certs; +CREATE TABLE certs ( + id int NOT NULL , + cert LONGBLOB NOT NULL, + pers_id int NOT NULL +); ALTER TABLE authors_docs ADD CONSTRAINT PK_authors_docs PRIMARY KEY @@ -66,6 +71,12 @@ ALTER TABLE phones ADD id ); +ALTER TABLE certs ADD + CONSTRAINT PK_certs PRIMARY KEY + ( + id + ); + drop table if exists referrals; CREATE TABLE referrals ( id int NOT NULL, diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql index 7bef37495a..0ccbfb76a2 100644 --- a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql +++ b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql @@ -16,3 +16,6 @@ insert into authors_docs (pers_id,doc_id) values (1,2); insert into authors_docs (pers_id,doc_id) values (2,1); insert into referrals (id,name,url) values (1,'Referral','ldap://localhost:9012/'); + +insert into certs (id,cert,pers_id) values (1,UNHEX('3082036b308202d4a003020102020102300d06092a864886f70d01010405003077310b3009060355040613025553311330110603550408130a43616c69666f726e6961311f301d060355040a13164f70656e4c444150204578616d706c652c204c74642e311330110603550403130a4578616d706c65204341311d301b06092a864886f70d010901160e6361406578616d706c652e636f6d301e170d3033313031373136333331395a170d3034313031363136333331395a307e310b3009060355040613025553311330110603550408130a43616c69666f726e6961311f301d060355040a13164f70656e4c444150204578616d706c652c204c74642e311830160603550403130f557273756c612048616d7073746572311f301d06092a864886f70d01090116107568616d406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100eec60a7910b57d2e687158ca55eea738d36f10413dfecf31435e1aeeb9713b8e2da7dd2dde6bc6cec03b4987eaa7b037b9eb50e11c71e58088cc282883122cd8329c6f24f6045e6be9d21b9190c8292998267a5f7905292de936262747ab4b76a88a63872c41629a69d32e894d44c896a8d06fab0a1bc7de343c6c1458478f290203010001a381ff3081fc30090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414a323de136c19ae0c479450e882dfb10ad147f45e3081a10603551d2304819930819680144b6f211a3624d290f943b053472d7de1c0e69823a17ba4793077310b3009060355040613025553311330110603550408130a43616c69666f726e6961311f301d060355040a13164f70656e4c444150204578616d706c652c204c74642e311330110603550403130a4578616d706c65204341311d301b06092a864886f70d010901160e6361406578616d706c652e636f6d820100300d06092a864886f70d010104050003818100881470045bdce95660d6e6af59e6a844aec4b9f5eaea88d4eb7a5a47080afa64750f81a3e47d00fd39c69a17a1c66d29d36f06edc537107f8c592239c2d4da55fb3f1d488e7b2387ad2a551cbd1ceb070ae9e020a9467275cb28798abb4cbfff98ddb3f1e7689b067072392511bb08125b5bec2bc207b7b6b275c47248f29acd'),3); + diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_metadata.sql b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_metadata.sql index 1606600fe9..eddeb3ff98 100644 --- a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_metadata.sql +++ b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_metadata.sql @@ -80,6 +80,10 @@ values (13,4,'ou','referrals.name','referrals',NULL,NULL,NULL,3,0); insert into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) values (14,4,'ref','referrals.url','referrals',NULL,NULL,NULL,3,0); +insert into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) +values (15,1,'userCertificate','certs.cert','persons,certs', + 'certs.pers_id=persons.id',NULL,NULL,3,0); + -- entries mapping: each entry must appear in this table, with a unique DN rooted at the database naming context -- id a unique number > 0 identifying the entry -- dn the DN of the entry, in "pretty" form @@ -113,6 +117,9 @@ values (7,'ou=Referral,dc=example,dc=com',4,1,1); insert into ldap_entry_objclasses (entry_id,oc_name) values (1,'dcObject'); +insert into ldap_entry_objclasses (entry_id,oc_name) +values (4,'strongAuthenticationUser'); + insert into ldap_entry_objclasses (entry_id,oc_name) values (7,'extensibleObject'); diff --git a/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_create.sql b/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_create.sql index 0142dd9b15..e1c57e785c 100644 --- a/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_create.sql +++ b/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_create.sql @@ -37,6 +37,14 @@ create table phones ( pers_id int not null ); +drop table certs; +drop sequence certs_id_seq; +CREATE TABLE certs ( + id int not null primary key, + cert bytea not null, + pers_id int not null +); + drop table referrals; drop sequence referrals_id_seq; create table referrals ( diff --git a/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_data.sql b/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_data.sql index 7bef37495a..0e661d4ccc 100644 --- a/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_data.sql +++ b/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_data.sql @@ -16,3 +16,6 @@ insert into authors_docs (pers_id,doc_id) values (1,2); insert into authors_docs (pers_id,doc_id) values (2,1); insert into referrals (id,name,url) values (1,'Referral','ldap://localhost:9012/'); + +insert into certs (id,cert,pers_id) values (1,decode('MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhcNMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhIEhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+qnsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFimmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUOiC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAMA0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5jds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN','base64'),3); + diff --git a/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_metadata.sql b/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_metadata.sql index df4a79cfde..32a97278b0 100644 --- a/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_metadata.sql +++ b/servers/slapd/back-sql/rdbms_depend/pgsql/testdb_metadata.sql @@ -55,6 +55,8 @@ insert into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where, insert into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) values (14,4,'ref','referrals.url','referrals',NULL,'UPDATE referrals SET url=? WHERE id=?','SELECT 1 FROM referrals WHERE url=? and id=? and 1=0',3,0); +insert into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) values (15,1,'userCertificate','certs.cert','persons,certs','certs.pers_id=persons.id',NULL,NULL,3,0); + -- entries mapping: each entry must appear in this table, with a unique DN rooted at the database naming context -- id a unique number > 0 identifying the entry -- dn the DN of the entry, in "pretty" form @@ -80,6 +82,8 @@ insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (7,'ou=Referral, -- oc_name the name of the objectClass; it MUST match the name of an objectClass that is loaded in slapd's schema insert into ldap_entry_objclasses (entry_id,oc_name) values (1,'dcObject'); +insert into ldap_entry_objclasses (entry_id,oc_name) values (4,'strongAuthenticationUser'); + insert into ldap_entry_objclasses (entry_id,oc_name) values (7,'extensibleObject'); -- procedures diff --git a/servers/slapd/back-sql/schema-map.c b/servers/slapd/back-sql/schema-map.c index cc1f82c275..5dbe2ff084 100644 --- a/servers/slapd/back-sql/schema-map.c +++ b/servers/slapd/back-sql/schema-map.c @@ -200,6 +200,7 @@ backsql_add_sysmaps( backsql_info *bi, backsql_oc_map_rec *oc_map ) at_map = (backsql_at_map_rec *)ch_calloc(1, sizeof( backsql_at_map_rec ) ); at_map->bam_ad = slap_schema.si_ad_objectClass; + at_map->bam_true_ad = slap_schema.si_ad_objectClass; ber_str2bv( "ldap_entry_objclasses.oc_name", 0, 1, &at_map->bam_sel_expr ); ber_str2bv( "ldap_entry_objclasses,ldap_entries", 0, 1, @@ -372,6 +373,26 @@ backsql_oc_get_attr_mapping( void *v_oc, void *v_bas ) at_map = (backsql_at_map_rec *)ch_calloc( 1, sizeof( backsql_at_map_rec ) ); at_map->bam_ad = ad; + at_map->bam_true_ad = ad; + if ( slap_syntax_is_binary( ad->ad_type->sat_syntax ) + && !slap_ad_is_binary( ad ) ) + { + char buf[ BUFSIZ ]; + struct berval bv; + const char *text = NULL; + + bv.bv_val = buf; + bv.bv_len = snprintf( buf, sizeof( buf ), "%s;binary", + ad->ad_cname.bv_val ); + at_map->bam_true_ad = NULL; + bas->bas_rc = slap_bv2ad( &bv, &at_map->bam_true_ad, &text ); + if ( bas->bas_rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_attr_mapping(): " + "unable to fetch attribute \"%s\": %s (%d)\n", + buf, text, rc ); + return BACKSQL_AVL_STOP; + } + } ber_str2bv( at_row.cols[ 1 ], 0, 1, &at_map->bam_sel_expr ); if ( at_row.value_len[ 8 ] < 0 ) { @@ -739,7 +760,7 @@ backsql_id2oc( backsql_info *bi, unsigned long id ) backsql_at_map_rec * backsql_ad2at( backsql_oc_map_rec* objclass, AttributeDescription *ad ) { - backsql_at_map_rec tmp, *res; + backsql_at_map_rec tmp = { 0 }, *res; #ifdef BACKSQL_TRACE Debug( LDAP_DEBUG_TRACE, "==>backsql_ad2at(): " diff --git a/tests/data/sql-read.out b/tests/data/sql-read.out index 8167cc3e56..3d5edfb682 100644 --- a/tests/data/sql-read.out +++ b/tests/data/sql-read.out @@ -8,9 +8,26 @@ dc: example # Testing onelevel search... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: strongAuthenticationUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: documentTitle=book1,dc=example,dc=com objectClass: document @@ -50,9 +67,26 @@ telephoneNumber: 545-4563 # Testing subtree search... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: strongAuthenticationUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: documentTitle=book1,dc=example,dc=com objectClass: document @@ -98,9 +132,26 @@ telephoneNumber: 545-4563 # Testing subtree search with manageDSAit... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: strongAuthenticationUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: documentTitle=book1,dc=example,dc=com objectClass: document @@ -297,9 +348,26 @@ dc: example # Testing NOT search... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: strongAuthenticationUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: cn=Torvlobnor Puzdoy,dc=example,dc=com objectClass: inetOrgPerson @@ -336,9 +404,26 @@ dc: example # Testing NOT search on "auxiliary" objectClass... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: strongAuthenticationUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: documentTitle=book1,dc=example,dc=com objectClass: document @@ -394,9 +479,26 @@ dc: example # Testing objectClass inheritance in filter... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: strongAuthenticationUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: cn=Mitya Kovalev,dc=example,dc=com objectClass: inetOrgPerson @@ -454,6 +556,7 @@ givenName: Mitya # Testing objectClass in requested attributes... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: strongAuthenticationUser dn: documentTitle=book1,dc=example,dc=com objectClass: document -- 2.39.5