From c5da0c76cec4cdd1bc31a6b5bc0066d752fe041b Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Fri, 28 Jan 2000 20:01:00 +0000 Subject: [PATCH] Additional changes to migrate to new schema codes Still not usable. --- servers/slapd/acl.c | 9 +++- servers/slapd/aclparse.c | 87 ++++++++++++++++++++++++++++-- servers/slapd/attr.c | 34 +++++++----- servers/slapd/ava.c | 2 + servers/slapd/back-ldbm/external.h | 8 ++- servers/slapd/back-ldbm/group.c | 8 +++ servers/slapd/back-ldbm/index.c | 12 ++++- servers/slapd/back-ldbm/tools.c | 32 ++++++++++- servers/slapd/backend.c | 8 ++- servers/slapd/config.c | 12 +++++ servers/slapd/filter.c | 18 +++++-- servers/slapd/proto-slap.h | 20 ++++++- servers/slapd/schemaparse.c | 13 +++-- servers/slapd/slap.h | 24 +++++++-- 14 files changed, 247 insertions(+), 40 deletions(-) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 9753015e45..74384a2708 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -393,6 +393,7 @@ acl_mask( } if ( b->a_dn_at != NULL && op->o_ndn != NULL ) { + char *dn_at; Attribute *at; struct berval bv; @@ -402,8 +403,14 @@ acl_mask( bv.bv_val = op->o_ndn; bv.bv_len = strlen( bv.bv_val ); +#ifdef SLAPD_SCHEMA_COMPAT + dn_at = b->a_dn_at; +#else + dn_at = at_canonical_name( b->a_dn_at ); +#endif + /* see if asker is listed in dnattr */ - if ( (at = attr_find( e->e_attrs, b->a_dn_at )) != NULL + if ( (at = attr_find( e->e_attrs, dn_at )) != NULL #ifdef SLAPD_SCHEMA_COMPAT && value_find( at->a_vals, &bv, at->a_syntax, 3 ) == 0 #endif diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index b7da8b8623..a6c5abc4c3 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -315,12 +315,34 @@ parse_acl( if ( strcasecmp( left, "dnattr" ) == 0 ) { if( b->a_dn_pat != NULL ) { fprintf( stderr, - "%s: line %d: dnaddr already specified.\n", + "%s: line %d: dnattr already specified.\n", fname, lineno ); acl_usage(); } +#ifdef SLAPD_SCHEMA_COMPAT b->a_dn_at = ch_strdup( right ); +#else + b->a_dn_at = at_find( right ); + + if( b->a_dn_at == NULL ) { + fprintf( stderr, + "%s: line %d: dnattr attribute type undefined.\n", + fname, lineno ); + acl_usage(); + } + +#ifdef SLAPD_OID_DN_SYNTAX + if( strcmp( b->a_dn_at->sat_syntax_oid, + SLAPD_OID_DN_SYNTAX ) != 0 ) + { + fprintf( stderr, + "%s: line %d: dnattr attribute type not of DN syntax.\n", + fname, lineno ); + acl_usage(); + } +#endif +#endif continue; } @@ -356,12 +378,40 @@ parse_acl( } if (name && *name) { +#ifdef SLAPD_SCHEMA_COMPAT b->a_group_at = ch_strdup(name); +#else + b->a_group_at = at_find( name ); +#endif *--name = '/'; } else { +#ifdef SLAPD_SCHEMA_COMPAT b->a_group_at = ch_strdup("member"); +#else + b->a_group_at = at_find("member"); +#endif + } + +#ifndef SLAPD_SCHEMA_COMPAT + if( b->a_group_at == NULL ) { + fprintf( stderr, + "%s: line %d: group attribute type undefined.\n", + fname, lineno ); + acl_usage(); + } + +#ifdef SLAPD_OID_DN_SYNTAX + if( strcmp( b->a_group_at->sat_syntax_oid, + SLAPD_OID_DN_SYNTAX ) != 0 ) + { + fprintf( stderr, + "%s: line %d: group attribute type not of DN syntax.\n", + fname, lineno ); + acl_usage(); } +#endif /* SLAPD_OID_DN_SYNTAX */ +#endif /* !SLAPD_SCHEMA_COMPAT */ continue; } @@ -426,13 +476,42 @@ parse_acl( acl_usage(); } - if ( right != NULL && *right != '\0' ) + if ( right != NULL && *right != '\0' ) { +#ifdef SLAPD_SCHEMA_COMPAT b->a_aci_at = ch_strdup( right ); - else +#else + b->a_aci_at = at_find( right ); +#endif + } else { +#ifdef SLAPD_SCHEMA_COMPAT b->a_aci_at = ch_strdup( SLAPD_ACI_DEFAULT_ATTR ); +#else + b->a_aci_at = at_find( SLAPD_ACI_DEFAULT_ATTR ); +#endif + } + +#ifdef SLAPD_SCHEMA_COMPAT + if( b->a_aci_at == NULL ) { + fprintf( stderr, + "%s: line %d: aci attribute type undefined.\n", + fname, lineno ); + acl_usage(); + } + +#ifdef SLAPD_OID_DN_SYNTAX + if( strcmp( b->a_aci_at->sat_syntax_oid, + SLAPD_OID_DN_SYNTAX ) != 0 ) + { + fprintf( stderr, + "%s: line %d: aci attribute type not of DN syntax.\n", + fname, lineno ); + acl_usage(); + } +#endif /* SLAPD_OID_DN_SYNTAX */ +#endif /* SLAPD_SCHEMA_COMPAT */ continue; } -#endif +#endif /* SLAPD_ACI_ENABLED */ if( right != NULL ) { /* unsplit */ diff --git a/servers/slapd/attr.c b/servers/slapd/attr.c index f61c7b218f..efe6d61e78 100644 --- a/servers/slapd/attr.c +++ b/servers/slapd/attr.c @@ -261,7 +261,6 @@ attr_syntax( char *type ) return( DEFAULT_SYNTAX ); } -#endif /* * attr_syntax_config - process an attribute syntax config line @@ -275,7 +274,6 @@ attr_syntax_config( char **argv ) { -#ifdef SLAPD_SCHEMA_COMPAT char *save; LDAP_ATTRIBUTE_TYPE *at; int lasti; @@ -296,7 +294,7 @@ attr_syntax_config( #define SYNTAX_DSCE_OID "2.5.13.5" #define SYNTAX_IA5_OID "1.3.6.1.4.1.1466.115.121.1.26" #define SYNTAX_IA5CE_OID "1.3.6.1.4.1.1466.109.114.1" -#define SYNTAX_DN_OID "1.3.6.1.4.1.1466.115.121.1.12" +#define SYNTAX_DN_OID SLAPD_OID_DN_SYNTAX #define SYNTAX_TEL_OID "1.3.6.1.4.1.1466.115.121.1.50" #define SYNTAX_BIN_OID "1.3.6.1.4.1.1466.115.121.1.40" /* octetString */ @@ -353,15 +351,10 @@ attr_syntax_config( fname, lineno, scherr2str(code), err); exit( EXIT_FAILURE ); } + ldap_memfree(at); -#else - fprintf( stderr, "%s: line %d: %s\n", - fname, lineno, "not built with -DSLAPD_SCHEMA_COMPAT\n"); - exit( EXIT_FAILURE ); -#endif } -#ifdef SLAPD_SCHEMA_COMPAT int at_fake_if_needed( char *name @@ -712,12 +705,24 @@ at_add( char * +#ifdef SLAPD_SCHEMA_COMPAT at_canonical_name( char * a_type ) +#else +at_canonical_name( AttributeType * atp ) +#endif { +#ifdef SLAPD_SCHEMA_COMPAT AttributeType *atp; - if ( (atp=at_find(a_type)) == NULL ) { + atp=at_find(a_type); +#endif + + if ( atp == NULL ) { +#ifdef SLAPD_SCHEMA_COMPAT return a_type; +#else + return NULL; +#endif } else if ( atp->sat_names && atp->sat_names[0] && (*(atp->sat_names[0]) != '\0') ) @@ -726,10 +731,13 @@ at_canonical_name( char * a_type ) } else if (atp->sat_oid && (*atp->sat_oid != '\0')) { return atp->sat_oid; - - } else { - return a_type; } + +#ifdef SLAPD_SCHEMA_COMPAT + return a_type; +#else + return NULL; +#endif } #if defined( SLAPD_SCHEMA_DN ) diff --git a/servers/slapd/ava.c b/servers/slapd/ava.c index 5bc0ec3d6b..a55380a234 100644 --- a/servers/slapd/ava.c +++ b/servers/slapd/ava.c @@ -25,7 +25,9 @@ get_ava( Debug( LDAP_DEBUG_ANY, " get_ava ber_scanf\n", 0, 0, 0 ); return( -1 ); } + attr_normalize( ava->ava_type ); + #ifdef SLAPD_SCHEMA_COMPAT value_normalize( ava->ava_value.bv_val, attr_syntax( ava->ava_type ) ); #endif diff --git a/servers/slapd/back-ldbm/external.h b/servers/slapd/back-ldbm/external.h index 5cba7ebb3f..e771356b47 100644 --- a/servers/slapd/back-ldbm/external.h +++ b/servers/slapd/back-ldbm/external.h @@ -67,9 +67,15 @@ extern int ldbm_back_delete LDAP_P(( BackendDB *bd, extern int ldbm_back_abandon LDAP_P(( BackendDB *bd, Connection *conn, Operation *op, ber_int_t msgid )); +#ifdef SLAPD_SCHEMA_COMPAT extern int ldbm_back_group LDAP_P(( BackendDB *bd, Entry *target, const char* gr_ndn, const char* op_ndn, - const char* objectclassValue, const char* groupattrName)); + const char* objectclassValue, const char* group_at)); +#else +extern int ldbm_back_group LDAP_P(( BackendDB *bd, + Entry *target, const char* gr_ndn, const char* op_ndn, + const char* objectclassValue, AttributeType* group_at)); +#endif /* hooks for slap tools */ diff --git a/servers/slapd/back-ldbm/group.c b/servers/slapd/back-ldbm/group.c index 198100b3ca..ed5a67eafe 100644 --- a/servers/slapd/back-ldbm/group.c +++ b/servers/slapd/back-ldbm/group.c @@ -28,7 +28,11 @@ ldbm_back_group( const char *gr_ndn, const char *op_ndn, const char *objectclassValue, +#ifdef SLAPD_SCHEMA_COMPAT const char *groupattrName +#else + AttributeType *group_at +#endif ) { struct ldbminfo *li = (struct ldbminfo *) be->be_private; @@ -38,6 +42,10 @@ ldbm_back_group( Attribute *attr; struct berval bv; +#ifndef SLAPD_SCHEMA_COMPAT + char *groupattrName = at_canonical_name( group_at ); +#endif + Debug( LDAP_DEBUG_ARGS, "=> ldbm_back_group: gr dn: \"%s\"\n", gr_ndn, 0, 0 ); diff --git a/servers/slapd/back-ldbm/index.c b/servers/slapd/back-ldbm/index.c index 703d9017b0..0769a4bac8 100644 --- a/servers/slapd/back-ldbm/index.c +++ b/servers/slapd/back-ldbm/index.c @@ -145,8 +145,12 @@ index_read( return( idl ); } +#ifdef SLAPD_SCHEMA_COMPAT attr_normalize( type ); at_cn = at_canonical_name( type ); +#else + at_cn = at_canonical_name( at_find( type ) ); +#endif if ( at_cn == NULL ) { Debug( LDAP_DEBUG_ANY, @@ -312,7 +316,11 @@ index_change_values( return( 0 ); } +#ifdef SLAPD_SCHEMA_COMPAT at_cn = at_canonical_name( type ); +#else + at_cn = at_canonical_name( at_find( type ) ); +#endif if ( at_cn == NULL ) { Debug( LDAP_DEBUG_ANY, @@ -321,7 +329,6 @@ index_change_values( return( -1 ); } -#ifdef SLAPD_SCHEMA_COMPAT if ( (db = ldbm_cache_open( be, at_cn, LDBM_SUFFIX, mode )) == NULL ) { Debug( LDAP_DEBUG_ANY, @@ -332,6 +339,7 @@ index_change_values( } +#ifdef SLAPD_SCHEMA_COMPAT for ( i = 0; vals[i] != NULL; i++ ) { /* * presence index entry @@ -443,9 +451,9 @@ index_change_values( free( bigbuf ); } } +#endif ldbm_cache_close( be, db ); -#endif return( 0 ); diff --git a/servers/slapd/back-ldbm/tools.c b/servers/slapd/back-ldbm/tools.c index c36d82cf23..4f31019664 100644 --- a/servers/slapd/back-ldbm/tools.c +++ b/servers/slapd/back-ldbm/tools.c @@ -204,13 +204,41 @@ int ldbm_tool_index_attr( attr_masks( be->be_private, type, &indexmask, &syntaxmask ); +#ifdef SLAPD_SCHEMA_COMPAT attr_normalize( type ); at_cn = at_canonical_name( type ); + if( at_cn ) { + Debug( LDAP_DEBUG_ANY, "<= index_attr NULL (attribute type %s has no canonical name)\n", + type, 0, 0 ); + return 0; + } +#else + { + AttributeType *at = at_find( type ); + + if( at == NULL ) { + Debug( LDAP_DEBUG_ANY, + "<= index_attr NULL (could not find attribute type %s)\n", + type, 0, 0 ); + return 0; + } + + at_cn = at_canonical_name( at ); + } + + if( at_cn ) { + Debug( LDAP_DEBUG_ANY, "<= index_attr NULL (attribute type %s (%s) has no canonical name)\n", + at->sat_oid, type, 0 ); + return 0; + } +#endif + if ( (db = ldbm_cache_open( be, at_cn, LDBM_SUFFIX, LDBM_NEWDB )) - == NULL ) { + == NULL ) + { Debug( LDAP_DEBUG_ANY, - "<= index_read NULL (could not open %s%s)\n", at_cn, + "<= index_attr NULL (could not open %s%s)\n", at_cn, LDBM_SUFFIX, 0 ); return 0; } diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index 9aa6568a60..072143674b 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -618,12 +618,16 @@ backend_group( const char *gr_ndn, const char *op_ndn, const char *objectclassValue, - const char *groupattrName +#ifdef SLAPD_SCHEMA_COMPAT + const char *group_at +#else + AttributeType *group_at +#endif ) { if (be->be_group) return( be->be_group(be, target, gr_ndn, op_ndn, - objectclassValue, groupattrName) ); + objectclassValue, group_at) ); else return(1); } diff --git a/servers/slapd/config.c b/servers/slapd/config.c index ce1d40a3f7..e64f3abcda 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -462,7 +462,13 @@ read_config( const char *fname ) p = strchr(saveline,'('); parse_oc( fname, lineno, p, cargv ); } else { +#ifdef SLAPD_SCHEMA_COMPAT parse_oc_old( be, fname, lineno, cargc, cargv ); +#else + Debug( LDAP_DEBUG_ANY, + "%s: line %d: old objectclass format not supported.\n", + fname, lineno, 0 ); +#endif } /* specify an attribute type */ @@ -474,8 +480,14 @@ read_config( const char *fname ) p = strchr(saveline,'('); parse_at( fname, lineno, p, cargv ); } else { +#ifdef SLAPD_SCHEMA_COMPAT attr_syntax_config( fname, lineno, cargc - 1, &cargv[1] ); +#else + Debug( LDAP_DEBUG_ANY, + "%s: line %d: old attribute type format not supported.\n", + fname, lineno, 0 ); +#endif } /* turn on/off schema checking */ diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c index d02e657330..9f10361528 100644 --- a/servers/slapd/filter.c +++ b/servers/slapd/filter.c @@ -260,12 +260,17 @@ get_substring_filter( { rc = ber_scanf( ber, "O", &val ); if ( rc == LBER_ERROR ) { - return( -1 ); + rc = -1; + goto return_error; } + if ( val == NULL || val->bv_len == 0 ) { ber_bvfree( val ); - return( LDAP_INVALID_SYNTAX ); - } + rc = LDAP_INVALID_SYNTAX; + goto return_error; + } + + rc = LDAP_PROTOCOL_ERROR; #ifdef SLAPD_SCHEMA_COMPAT /* we should call a substring syntax normalization routine */ @@ -322,7 +327,12 @@ get_substring_filter( default: Debug( LDAP_DEBUG_FILTER, " unknown type\n", tag, 0, 0 ); + + ber_bvfree( val ); + return_error: + Debug( LDAP_DEBUG_FILTER, " error=%d\n", rc, 0, 0 ); + if( fstr ) { free( *fstr ); *fstr = NULL; @@ -332,7 +342,7 @@ return_error: ber_bvfree( f->f_sub_initial ); ber_bvecfree( f->f_sub_any ); ber_bvfree( f->f_sub_final ); - return( LDAP_PROTOCOL_ERROR ); + return rc; } } diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 481f5fc792..998fda00bf 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -53,9 +53,11 @@ LIBSLAPD_F (Attribute *) attr_dup LDAP_P(( Attribute *a )); LIBSLAPD_F (char *) attr_normalize LDAP_P(( char *s )); LIBSLAPD_F (int) attr_merge_fast LDAP_P(( Entry *e, char *type, struct berval **vals, int nvals, int naddvals, int *maxvals, Attribute ***a )); LIBSLAPD_F (int) attr_merge LDAP_P(( Entry *e, char *type, struct berval **vals )); + LIBSLAPD_F (Attribute *) attr_find LDAP_P(( Attribute *a, const char *type )); LIBSLAPD_F (int) attr_delete LDAP_P(( Attribute **attrs, const char *type )); LIBSLAPD_F (int) attr_syntax LDAP_P(( char *type )); + LIBSLAPD_F (void) attr_syntax_config LDAP_P(( const char *fname, int lineno, int argc, char **argv )); LIBSLAPD_F (AttributeType *) at_find LDAP_P(( const char *name )); LIBSLAPD_F (int) at_find_in_list LDAP_P(( AttributeType *sat, AttributeType **list )); @@ -64,7 +66,12 @@ LIBSLAPD_F (int) at_delete_from_list LDAP_P(( int pos, AttributeType ***listp )) LIBSLAPD_F (int) at_fake_if_needed LDAP_P(( char *name )); LIBSLAPD_F (int) at_schema_info LDAP_P(( Entry *e )); LIBSLAPD_F (int) at_add LDAP_P(( LDAP_ATTRIBUTE_TYPE *at, const char **err )); + +#ifdef SLAPD_SCHEMA_COMPAT LIBSLAPD_F (char *) at_canonical_name LDAP_P(( char * a_type )); +#else +LIBSLAPD_F (char *) at_canonical_name LDAP_P(( AttributeType *a_type )); +#endif LIBSLAPD_F (void) attrs_free LDAP_P(( Attribute *a )); LIBSLAPD_F (Attribute *) attrs_dup LDAP_P(( Attribute *a )); @@ -110,12 +117,23 @@ LIBSLAPD_F( int ) backend_check_controls LDAP_P(( LIBSLAPD_F (int) backend_connection_init LDAP_P((Connection *conn)); LIBSLAPD_F (int) backend_connection_destroy LDAP_P((Connection *conn)); +#ifdef SLAPD_SCHEMA_COMPAT +LIBSLAPD_F (int) backend_group LDAP_P((Backend *be, + Entry *target, + const char *gr_ndn, + const char *op_ndn, + const char *objectclassValue, + const char *groupattrName +)); +#else LIBSLAPD_F (int) backend_group LDAP_P((Backend *be, Entry *target, const char *gr_ndn, const char *op_ndn, const char *objectclassValue, - const char *groupattrName)); + AttributeType *groupAttrType +)); +#endif #ifdef SLAPD_SCHEMA_DN /* temporary extern for temporary routine*/ diff --git a/servers/slapd/schemaparse.c b/servers/slapd/schemaparse.c index 848456cf3c..3dbc872335 100644 --- a/servers/slapd/schemaparse.c +++ b/servers/slapd/schemaparse.c @@ -18,7 +18,9 @@ int global_schemacheck = 1; /* schemacheck on is default */ +#ifdef SLAPD_SCHEMA_COMPAT static void oc_usage_old(void) LDAP_GCCATTR((noreturn)); +#endif static void oc_usage(void) LDAP_GCCATTR((noreturn)); static void at_usage(void) LDAP_GCCATTR((noreturn)); @@ -48,6 +50,7 @@ scherr2str(int code) } } +#ifdef SLAPD_SCHEMA_COMPAT void parse_oc_old( Backend *be, @@ -57,7 +60,6 @@ parse_oc_old( char **argv ) { -#ifdef SLAPD_SCHEMA_COMPAT int i; char last; LDAP_OBJECT_CLASS *oc; @@ -145,13 +147,8 @@ parse_oc_old( exit( EXIT_FAILURE ); } ldap_memfree(oc); - -#else - fprintf( stderr, "%s: line %d: %s %s\n", - fname, lineno, "not built with -DSLAPD_SCHEMA_COMPAT\n"); - exit( EXIT_FAILURE ); -#endif } +#endif /* OID Macros */ @@ -304,6 +301,7 @@ oc_usage( void ) exit( EXIT_FAILURE ); } +#ifdef SLAPD_SCHEMA_COMPAT static void oc_usage_old( void ) { @@ -312,6 +310,7 @@ oc_usage_old( void ) fprintf( stderr, " [ allows ]\n" ); exit( EXIT_FAILURE ); } +#endif static void at_usage( void ) diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 6baf40b09c..a5815cd1f6 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -8,7 +8,9 @@ #ifndef _SLDAPD_H_ #define _SLDAPD_H_ +#ifndef SLAPD_SCHEMA_NOT_COMPAT #define SLAPD_SCHEMA_COMPAT 1 +#endif #include "ldap_defaults.h" @@ -89,6 +91,9 @@ LDAP_BEGIN_DECL #define SLAPD_ACI_DEFAULT_ATTR "aci" +/* schema needed by slapd */ +#define SLAPD_OID_DN_SYNTAX "1.3.6.1.4.1.1466.115.121.1.12" + LIBSLAPD_F (int) slap_debug; @@ -241,8 +246,8 @@ typedef struct slap_ava { * represents an matching rule assertion */ typedef struct slap_mra { - char *mra_rule; - char *mra_type; /* attribute description */ + char *mra_rule; /* optional */ + char *mra_type; /* attribute description -- optional */ int mra_dnattrs; struct berval *mra_value; } Mra; @@ -434,7 +439,11 @@ typedef struct slap_access { slap_access_mask_t a_mask; char *a_dn_pat; +#ifdef SLAPD_SCHEMA_COMPAT char *a_dn_at; +#else + AttributeType *a_dn_at; +#endif int a_dn_self; char *a_peername_pat; @@ -444,13 +453,21 @@ typedef struct slap_access { char *a_sockurl_pat; #ifdef SLAPD_ACI_ENABLED +#ifdef SLAPD_SCHEMA_COMPAT char *a_aci_at; +#else + AttributeType *a_aci_at; +#endif #endif /* ACL Groups */ char *a_group_pat; char *a_group_oc; +#ifdef SLAPD_SCHEMA_COMPAT char *a_group_at; +#else + AttributeType *a_group_at; +#endif struct slap_access *a_next; } Access; @@ -690,7 +707,8 @@ struct slap_backend_info { int (*bi_acl_group) LDAP_P((Backend *bd, Entry *e, const char *bdn, const char *edn, - const char *objectclassValue, const char *groupattrName )); + const char *objectclassValue, + AttributeType *group_at )); int (*bi_connection_init) LDAP_P((BackendDB *bd, struct slap_conn *c)); -- 2.39.5