From cdf2811a14214cf51eb3a1826ef455f9bf3ea948 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Mon, 30 Dec 2002 04:49:35 +0000 Subject: [PATCH] Suck in latest from HEAD including modrdn fixes, lint removal --- CHANGES | 4 +-- servers/slapd/back-bdb/bind.c | 12 ++++---- servers/slapd/back-bdb/compare.c | 7 ++--- servers/slapd/back-bdb/modrdn.c | 48 +++++++++++++++++------------- servers/slapd/back-ldbm/dn2id.c | 43 ++++++++++++++++++--------- servers/slapd/back-ldbm/idl.c | 18 ++++------- servers/slapd/back-ldbm/modrdn.c | 51 ++++++++++++++++---------------- servers/slapd/sasl.c | 4 +-- servers/slapd/schema_init.c | 27 ++++++++++------- servers/slapd/sets.c | 6 ++-- 10 files changed, 120 insertions(+), 100 deletions(-) diff --git a/CHANGES b/CHANGES index 7db0b6118a..da091aaf6c 100644 --- a/CHANGES +++ b/CHANGES @@ -3,10 +3,10 @@ OpenLDAP 2.1 Change Log OpenLDAP 2.1.10 Release Fixed slapd acl/group value_find_ex() bug (ITS#2227) Fixed slapd empty values return filter control bug (ITS#2219) - Fixed slapd empty oid control bug Fixed slapd NameAndOptionalUID bug Fixed slapd reentant gethostbyname bug - Fixed slapd SASL/EXTERNAL handling + Fixed slapd SASL/EXTERNAL handling (ITS#2234) + Fixed ldbm/bdb modrdn replog bug (ITS#2235) Fixed ldapsearch empty baseObject bug Fixed libldap_r thread stack size Fixed libldap SASL/EXTERNAL handling diff --git a/servers/slapd/back-bdb/bind.c b/servers/slapd/back-bdb/bind.c index 7a9230dcdc..f13338cdc0 100644 --- a/servers/slapd/back-bdb/bind.c +++ b/servers/slapd/back-bdb/bind.c @@ -211,9 +211,9 @@ dn2entry_retry: goto done; } - if ( ! access_allowed( be, conn, op, e, - password, NULL, ACL_AUTH, NULL ) ) - { + rc = access_allowed( be, conn, op, e, + password, NULL, ACL_AUTH, NULL ); + if ( ! rc ) { send_ldap_result( conn, op, rc = LDAP_INSUFFICIENT_ACCESS, NULL, NULL, NULL, NULL ); goto done; @@ -242,9 +242,9 @@ dn2entry_retry: goto done; } - if ( ! access_allowed( be, conn, op, e, - krbattr, NULL, ACL_AUTH, NULL ) ) - { + rc = access_allowed( be, conn, op, e, + krbattr, NULL, ACL_AUTH, NULL ); + if ( ! rc ) { send_ldap_result( conn, op, rc = LDAP_INSUFFICIENT_ACCESS, NULL, NULL, NULL, NULL ); goto done; diff --git a/servers/slapd/back-bdb/compare.c b/servers/slapd/back-bdb/compare.c index c22c4311c7..270077928a 100644 --- a/servers/slapd/back-bdb/compare.c +++ b/servers/slapd/back-bdb/compare.c @@ -110,9 +110,9 @@ dn2entry_retry: goto done; } - if ( ! access_allowed( be, conn, op, e, - ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ) ) - { + rc = access_allowed( be, conn, op, e, + ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ); + if ( ! rc ) { rc = LDAP_INSUFFICIENT_ACCESS; goto return_results; } @@ -129,7 +129,6 @@ dn2entry_retry: rc = LDAP_COMPARE_TRUE; break; } - } return_results: diff --git a/servers/slapd/back-bdb/modrdn.c b/servers/slapd/back-bdb/modrdn.c index 7d3613fba1..c7b95a313f 100644 --- a/servers/slapd/back-bdb/modrdn.c +++ b/servers/slapd/back-bdb/modrdn.c @@ -38,7 +38,7 @@ bdb_modrdn( /* LDAP v2 supporting correct attribute handling. */ LDAPRDN *new_rdn = NULL; LDAPRDN *old_rdn = NULL; - int rc; + int rc; const char *text; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; @@ -188,8 +188,7 @@ retry: /* transaction retry */ } /* check write on old entry */ - rc = access_allowed( be, conn, op, e, - entry, NULL, ACL_WRITE, NULL ); + rc = access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE, NULL ); switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: @@ -205,6 +204,7 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0, 0, 0 ); #endif + text = "no write access to old entry"; rc = LDAP_INSUFFICIENT_ACCESS; goto return_results; } @@ -267,13 +267,16 @@ retry: /* transaction retry */ 0, 0, 0); #endif rc = LDAP_OTHER; + text = "old entry's parent does not exist"; goto return_results; } /* check parent for "children" acl */ - if ( ! access_allowed( be, conn, op, p, - children, NULL, ACL_WRITE, NULL ) ) - { + rc = access_allowed( be, conn, op, p, + children, NULL, ACL_WRITE, NULL ); + + if ( ! rc ) { + rc = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: no access to parent\n", 0, 0, 0 ); @@ -281,8 +284,7 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + text = "no write access to old parent's children"; goto return_results; } @@ -325,8 +327,8 @@ retry: /* transaction retry */ p = NULL; - if ( ! rc ) - { + if ( ! rc ) { + rc = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: no access to parent\n", 0, 0, 0 ); @@ -335,9 +337,7 @@ retry: /* transaction retry */ "no access to parent\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, - LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + text = "no write access to old parent"; goto return_results; } @@ -374,6 +374,7 @@ retry: /* transaction retry */ "& \"\" is not suffix\n", 0, 0, 0); #endif + text = "no write access to old parent"; rc = LDAP_INSUFFICIENT_ACCESS; goto return_results; } @@ -407,6 +408,7 @@ retry: /* transaction retry */ newSuperior = NULL; /* ignore newSuperior */ } } + if ( newSuperior != NULL ) { if ( newSuperior->bv_len ) { np_dn = newSuperior; @@ -445,6 +447,7 @@ retry: /* transaction retry */ "bdb_modrdn: newSup(ndn=%s) not here!\n", np_ndn->bv_val, 0, 0); #endif + text = "new superior not found"; rc = LDAP_OTHER; goto return_results; } @@ -460,7 +463,10 @@ retry: /* transaction retry */ #endif /* check newSuperior for "children" acl */ - if ( !access_allowed( be, conn, op, np, children, NULL, ACL_WRITE, NULL ) ) { + rc = access_allowed( be, conn, op, np, children, + NULL, ACL_WRITE, NULL ); + + if( ! rc ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "==>bdb_modrdn: no wr to newSup children\n", 0, 0, 0 ); @@ -469,6 +475,7 @@ retry: /* transaction retry */ "bdb_modrdn: no wr to newSup children\n", 0, 0, 0 ); #endif + text = "no write access to new superior's children"; rc = LDAP_INSUFFICIENT_ACCESS; goto return_results; } @@ -483,7 +490,7 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n", 0, 0, 0 ); #endif - + text = "new superior is an alias"; rc = LDAP_ALIAS_PROBLEM; goto return_results; } @@ -498,7 +505,7 @@ retry: /* transaction retry */ Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n", 0, 0, 0 ); #endif - + text = "new superior is a referral"; rc = LDAP_OTHER; goto return_results; } @@ -522,8 +529,8 @@ retry: /* transaction retry */ np = NULL; - if ( ! rc ) - { + if ( ! rc ) { + rc = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: no access to superior\n", 0, 0, 0 ); @@ -532,9 +539,7 @@ retry: /* transaction retry */ "no access to new superior\n", 0, 0, 0 ); #endif - send_ldap_result( conn, op, - LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); + text = "no write access to new superior's children"; goto return_results; } @@ -558,6 +563,7 @@ retry: /* transaction retry */ "& \"\" is not suffix\n", 0, 0, 0); #endif + text = "no write access to new superior's children"; rc = LDAP_INSUFFICIENT_ACCESS; goto return_results; } diff --git a/servers/slapd/back-ldbm/dn2id.c b/servers/slapd/back-ldbm/dn2id.c index 757d4b0f71..60b6088c0c 100644 --- a/servers/slapd/back-ldbm/dn2id.c +++ b/servers/slapd/back-ldbm/dn2id.c @@ -37,8 +37,8 @@ dn2id_add( assert( id != NOID ); - if ( (db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT )) - == NULL ) { + db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT ); + if ( db == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "dn2id_add: couldn't open/create dn2id%s\n", LDBM_SUFFIX, 0, 0 ); @@ -57,7 +57,8 @@ dn2id_add( buf[0] = DN_BASE_PREFIX; ptr.bv_val = buf + 1; ptr.bv_len = dn->bv_len; - strcpy( ptr.bv_val, dn->bv_val ); + AC_MEMCPY( ptr.bv_val, dn->bv_val, dn->bv_len ); + ptr.bv_val[ dn->bv_len ] = '\0'; ldbm_datum_init( data ); data.dptr = (char *) &id; @@ -121,6 +122,7 @@ dn2id( struct ldbminfo *li = (struct ldbminfo *) be->be_private; DBCache *db; Datum key, data; + unsigned char *tmp; #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ENTRY, "dn2id: (%s)\n", dn->bv_val, 0, 0 ); @@ -131,7 +133,8 @@ dn2id( assert( idp ); /* first check the cache */ - if ( (*idp = cache_find_entry_ndn2id( be, &li->li_cache, dn )) != NOID ) { + *idp = cache_find_entry_ndn2id( be, &li->li_cache, dn ); + if ( *idp != NOID ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, DETAIL1, "dn2id: (%s)%ld in cache.\n", dn, *idp, 0 ); #else @@ -142,8 +145,8 @@ dn2id( return( 0 ); } - if ( (db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT )) - == NULL ) { + db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT ); + if ( db == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "dn2id: couldn't open dn2id%s\n", LDBM_SUFFIX, 0, 0 ); @@ -163,7 +166,11 @@ dn2id( key.dsize = dn->bv_len + 2; key.dptr = ch_malloc( key.dsize ); - sprintf( key.dptr, "%c%s", DN_BASE_PREFIX, dn->bv_val ); + tmp = (unsigned char *)key.dptr; + tmp[0] = DN_BASE_PREFIX; + tmp++; + AC_MEMCPY( tmp, dn->bv_val, dn->bv_len ); + tmp[dn->bv_len] = '\0'; data = ldbm_cache_fetch( db, key ); @@ -207,6 +214,7 @@ dn2idl( { DBCache *db; Datum key; + unsigned char *tmp; #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ENTRY, "dn2idl: \"%c%s\"\n", prefix, dn->bv_val, 0 ); @@ -222,8 +230,8 @@ dn2idl( return 0; } - if ( (db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT )) - == NULL ) { + db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT ); + if ( db == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "dn2idl: could not open dn2id%s\n", LDBM_SUFFIX, 0, 0 ); @@ -239,7 +247,11 @@ dn2idl( key.dsize = dn->bv_len + 2; key.dptr = ch_malloc( key.dsize ); - sprintf( key.dptr, "%c%s", prefix, dn->bv_val ); + tmp = (unsigned char *)key.dptr; + tmp[0] = prefix; + tmp++; + AC_MEMCPY( tmp, dn->bv_val, dn->bv_len ); + tmp[dn->bv_len] = '\0'; *idlp = idl_fetch( be, db, key ); @@ -274,8 +286,8 @@ dn2id_delete( assert( id != NOID ); - if ( (db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT )) - == NULL ) { + db = ldbm_cache_open( be, "dn2id", LDBM_SUFFIX, LDBM_WRCREAT ); + if ( db == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "dn2id_delete: couldn't open db2id%s\n", LDBM_SUFFIX, 0, 0 ); @@ -295,7 +307,8 @@ dn2id_delete( buf[0] = DN_BASE_PREFIX; ptr.bv_val = buf + 1; ptr.bv_len = dn->bv_len; - strcpy( ptr.bv_val, dn->bv_val ); + AC_MEMCPY( ptr.bv_val, dn->bv_val, dn->bv_len ); + ptr.bv_val[dn->bv_len] = '\0'; rc = ldbm_cache_delete( db, key ); @@ -378,7 +391,9 @@ dn2entry_rw( /* something bad happened to ldbm cache */ return( NULL ); - } else if ( id != NOID ) { + } + + if ( id != NOID ) { /* try to return the entry */ if ((e = id2entry_rw( be, id, rw )) != NULL ) { return( e ); diff --git a/servers/slapd/back-ldbm/idl.c b/servers/slapd/back-ldbm/idl.c index ff00848466..f6c0cf9b62 100644 --- a/servers/slapd/back-ldbm/idl.c +++ b/servers/slapd/back-ldbm/idl.c @@ -182,8 +182,7 @@ idl_fetch( Datum data; ID_BLOCK *idl; ID_BLOCK **tmp; - int nids; - unsigned i; + unsigned i, nids, nblocks; idl = idl_fetch_one( be, db, key ); @@ -209,21 +208,17 @@ idl_fetch( #ifndef USE_INDIRECT_NIDS /* count the number of blocks & allocate space for pointers to them */ - for ( i = 0; !ID_BLOCK_NOID(idl, i); i++ ) + for ( nblocks = 0; !ID_BLOCK_NOID(idl, nblocks); nblocks++ ) ; /* NULL */ #else - i = ID_BLOCK_NIDS(idl); + nblocks = ID_BLOCK_NIDS(idl); #endif - tmp = (ID_BLOCK **) ch_malloc( (i + 1) * sizeof(ID_BLOCK *) ); + tmp = (ID_BLOCK **) ch_malloc( nblocks * sizeof(ID_BLOCK *) ); /* read in all the blocks */ cont_alloc( &data, &key ); nids = 0; -#ifndef USE_INDIRECT_NIDS - for ( i = 0; !ID_BLOCK_NOID(idl, i); i++ ) { -#else - for ( i = 0; i < ID_BLOCK_NIDS(idl); i++ ) { -#endif + for ( i = 0; i < nblocks; i++ ) { cont_id( &data, ID_BLOCK_ID(idl, i) ); if ( (tmp[i] = idl_fetch_one( be, db, data )) == NULL ) { @@ -240,7 +235,6 @@ idl_fetch( nids += ID_BLOCK_NIDS(tmp[i]); } - tmp[i] = NULL; cont_free( &data ); idl_free( idl ); @@ -250,7 +244,7 @@ idl_fetch( nids = 0; /* copy in all the ids from the component blocks */ - for ( i = 0; tmp[i] != NULL; i++ ) { + for ( i = 0; i < nblocks; i++ ) { if ( tmp[i] == NULL ) { continue; } diff --git a/servers/slapd/back-ldbm/modrdn.c b/servers/slapd/back-ldbm/modrdn.c index f71cfc6150..3ea4e89cd1 100644 --- a/servers/slapd/back-ldbm/modrdn.c +++ b/servers/slapd/back-ldbm/modrdn.c @@ -62,9 +62,9 @@ ldbm_back_modrdn( int rc = CAN_ROLLBACK; int rc_id = 0; ID id = NOID; - const char *text = NULL; - char textbuf[SLAP_TEXT_BUFLEN]; - size_t textlen = sizeof textbuf; + const char *text = NULL; + char textbuf[SLAP_TEXT_BUFLEN]; + size_t textlen = sizeof textbuf; /* Added to support newSuperior */ Entry *np = NULL; /* newSuperior Entry */ struct berval *np_ndn = NULL; /* newSuperior ndn */ @@ -245,14 +245,15 @@ ldbm_back_modrdn( isroot = be_isroot( be, &op->o_ndn ); if ( ! isroot ) { if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) { + int can_access; p = (Entry *)&slap_entry_root; - rc = access_allowed( be, conn, op, p, + can_access = access_allowed( be, conn, op, p, children, NULL, ACL_WRITE, NULL ); p = NULL; /* check parent for "children" acl */ - if ( ! rc ) { + if ( ! can_access ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_modrdn: no access to parent \"\"\n", 0,0,0 ); @@ -419,14 +420,15 @@ ldbm_back_modrdn( if ( ! isroot ) { if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) { + int can_access; np = (Entry *)&slap_entry_root; - rc = access_allowed( be, conn, op, np, + can_access = access_allowed( be, conn, op, np, children, NULL, ACL_WRITE, NULL ); np = NULL; /* check parent for "children" acl */ - if ( ! rc ) { + if ( ! can_access ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, ERR, "ldbm_back_modrdn: no access " @@ -526,8 +528,6 @@ ldbm_back_modrdn( "type(s)/values(s) of newrdn\n", 0, 0, 0 ); #endif - rc = LDAP_INVALID_DN_SYNTAX; - text = "unknown type(s) used in RDN"; goto return_results; } @@ -560,8 +560,6 @@ ldbm_back_modrdn( "the old_rdn type(s)/value(s)\n", 0, 0, 0 ); #endif - rc = LDAP_OTHER; - text = "cannot parse RDN from old DN"; goto return_results; } } @@ -573,9 +571,8 @@ ldbm_back_modrdn( 0, 0, 0 ); #endif - rc = slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn, - deleteoldrdn, &mod ); - if ( rc != LDAP_SUCCESS ) { + if ( slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn, + deleteoldrdn, &mod ) != LDAP_SUCCESS ) { goto return_results; } @@ -604,6 +601,10 @@ ldbm_back_modrdn( new_dn.bv_val = NULL; new_ndn.bv_val = NULL; + /* NOTE: after this you must not free new_dn or new_ndn! + * They are used by cache. + */ + /* add new one */ if ( dn2id_add( be, &e->e_nname, e->e_id ) != 0 ) { send_ldap_result( conn, op, LDAP_OTHER, @@ -612,30 +613,28 @@ ldbm_back_modrdn( } /* modify memory copy of entry */ - rc = ldbm_modify_internal( be, conn, op, dn->bv_val, &mod[0], e, + rc_id = ldbm_modify_internal( be, conn, op, dn->bv_val, &mod[0], e, &text, textbuf, textlen ); + switch ( rc_id ) { + case LDAP_SUCCESS: + break; - if( rc != LDAP_SUCCESS ) { - if( rc != SLAPD_ABANDON ) { - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); - } - + case SLAPD_ABANDON: + /* too late ... */ + send_ldap_result( conn, op, rc_id, NULL, text, NULL, NULL ); + goto return_results; + + default: /* here we may try to delete the newly added dn */ if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) { /* we already are in trouble ... */ ; } - goto return_results; } (void) cache_update_entry( &li->li_cache, e ); - /* NOTE: after this you must not free new_dn or new_ndn! - * They are used by cache. - */ - /* id2entry index */ if ( id2entry_add( be, e ) != 0 ) { send_ldap_result( conn, op, LDAP_OTHER, diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 136e559576..dbf768a26d 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -949,8 +949,8 @@ slap_sasl_authorize( ok: if (conn->c_sasl_bindop) { Statslog( LDAP_DEBUG_STATS, - "conn=%lu op=%lu BIND authcid=\"%s\"\n", - conn->c_connid, conn->c_sasl_bindop->o_opid, + "conn=%lu op=%lu BIND authcid=\"%s\"\n", + conn->c_connid, conn->c_sasl_bindop->o_opid, auth_identity, 0, 0); } diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 354bbffe67..df2f3157a3 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -3735,25 +3735,31 @@ serial_and_issuer_parse( for (p=begin; p<=end && *p != '$'; p++) /* empty */ ; if ( p > end ) return LDAP_INVALID_SYNTAX; - /* p now points at the $ sign, now use begin and end to delimit the - serial number */ + /* p now points at the $ sign, now use + * begin and end to delimit the serial number + */ while (ASCII_SPACE(*begin)) begin++; end = p-1; while (ASCII_SPACE(*end)) end--; + if( end <= begin ) return LDAP_INVALID_SYNTAX; + bv.bv_len = end-begin+1; bv.bv_val = begin; ber_dupbv(serial, &bv); /* now extract the issuer, remember p was at the dollar sign */ - if ( issuer_dn ) { - begin = p+1; - end = assertion->bv_val+assertion->bv_len-1; - while (ASCII_SPACE(*begin)) begin++; - /* should we trim spaces at the end too? is it safe always? */ + begin = p+1; + end = assertion->bv_val+assertion->bv_len-1; + while (ASCII_SPACE(*begin)) begin++; + /* should we trim spaces at the end too? is it safe always? no, no */ + + if( end <= begin ) return LDAP_INVALID_SYNTAX; + if ( issuer_dn ) { bv.bv_len = end-begin+1; bv.bv_val = begin; + dnNormalize2( NULL, &bv, issuer_dn ); } @@ -3924,9 +3930,10 @@ static int certificateExactFilter( { BerVarray keys; struct berval asserted_serial; + int ret; - serial_and_issuer_parse(assertedValue, - &asserted_serial, NULL); + ret = serial_and_issuer_parse( assertedValue, &asserted_serial, NULL ); + if( ret != LDAP_SUCCESS ) return ret; keys = ch_malloc( sizeof( struct berval ) * 2 ); integerNormalize( syntax, &asserted_serial, &keys[0] ); @@ -4405,7 +4412,7 @@ static slap_syntax_defs_rec syntax_defs[] = { * Chadwick in private mail. */ {"( 1.2.826.0.1.3344810.7.1 DESC 'Serial Number and Issuer' )", - 0, NULL, NULL, NULL}, + 0, UTF8StringValidate, NULL, NULL}, #endif /* OpenLDAP Experimental Syntaxes */ diff --git a/servers/slapd/sets.c b/servers/slapd/sets.c index 2a839cbf34..cd4a76c5fc 100644 --- a/servers/slapd/sets.c +++ b/servers/slapd/sets.c @@ -20,14 +20,14 @@ static int set_samedn (char *dn1, char *dn2); long slap_set_size (BerVarray set) { - int i; + long i; i = 0; if (set != NULL) { while (set[i].bv_val) i++; } - return(i); + return i; } void @@ -384,7 +384,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer, SF_ERROR(syntax); } - rc = slap_set_size(set); + rc = slap_set_size(set) > 0 ? 1 : 0; if (results) { *results = set; set = NULL; -- 2.39.5