From d40e5a365ab412c15c5fcd6c1687ed38217c152d Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Fri, 7 May 2004 09:03:05 +0000 Subject: [PATCH] fix DN_SEPARATOR() and clarify its use --- servers/slapd/acl.c | 18 +++++++++--------- servers/slapd/aclparse.c | 4 ++-- servers/slapd/back-bdb/cache.c | 4 ++-- servers/slapd/back-ldap/suffixmassage.c | 9 ++++----- servers/slapd/back-meta/search.c | 2 +- servers/slapd/backend.c | 2 +- servers/slapd/dn.c | 4 ++-- servers/slapd/limits.c | 2 +- servers/slapd/overlays/rwmdn.c | 9 ++++----- servers/slapd/slap.h | 6 ++++-- 10 files changed, 30 insertions(+), 30 deletions(-) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 28b1fec16b..23abde734f 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -551,7 +551,7 @@ acl_get( continue; if ( patlen > 0 ) { - if ( !NDN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) ) + if ( !DN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) ) continue; sep = 1; } @@ -561,13 +561,13 @@ acl_get( continue; } else if ( a->acl_dn_style == ACL_STYLE_SUBTREE ) { - if ( dnlen > patlen && !NDN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) ) + if ( dnlen > patlen && !DN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) ) continue; } else if ( a->acl_dn_style == ACL_STYLE_CHILDREN ) { if ( dnlen <= patlen ) continue; - if ( !NDN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) ) + if ( !DN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) ) continue; } @@ -652,7 +652,7 @@ acl_get( } else if ( a->acl_dn_style == ACL_STYLE_ONE ) { int rdnlen = -1; - if ( !NDN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) + if ( !DN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) continue; rdnlen = dn_rdnlen( NULL, val ); @@ -660,14 +660,14 @@ acl_get( continue; } else if ( a->acl_dn_style == ACL_STYLE_SUBTREE ) { - if ( vdnlen > patlen && !NDN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) + if ( vdnlen > patlen && !DN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) continue; } else if ( a->acl_dn_style == ACL_STYLE_CHILDREN ) { if ( vdnlen <= patlen ) continue; - if ( !NDN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) + if ( !DN_SEPARATOR( val->bv_val[vdnlen - patlen - 1] ) ) continue; } @@ -880,7 +880,7 @@ acl_mask( goto dn_match_cleanup; } - if ( !NDN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) ) { + if ( !DN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) ) { goto dn_match_cleanup; } @@ -890,7 +890,7 @@ acl_mask( } } else if ( b->a_dn_style == ACL_STYLE_SUBTREE ) { - if ( odnlen > patlen && !NDN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) ) { + if ( odnlen > patlen && !DN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) ) { goto dn_match_cleanup; } @@ -899,7 +899,7 @@ acl_mask( goto dn_match_cleanup; } - if ( !NDN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) ) { + if ( !DN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) ) { goto dn_match_cleanup; } } diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index 8c3738c4d6..efec82f904 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -196,7 +196,7 @@ check_scope( BackendDB *be, AccessControl *a ) int rdnlen = -1, sep = 0; if ( patlen > 0 ) { - if ( !NDN_SEPARATOR( dn.bv_val[ dn.bv_len - patlen - 1 ] ) ) + if ( !DN_SEPARATOR( dn.bv_val[ dn.bv_len - patlen - 1 ] ) ) return ACL_SCOPE_ERR; sep = 1; } @@ -227,7 +227,7 @@ check_scope( BackendDB *be, AccessControl *a ) break; } - if ( dn.bv_len < patlen && !NDN_SEPARATOR( a->acl_dn_pat.bv_val[ patlen -dn.bv_len - 1 ] ) ) { + if ( dn.bv_len < patlen && !DN_SEPARATOR( a->acl_dn_pat.bv_val[ patlen -dn.bv_len - 1 ] ) ) { return ACL_SCOPE_ERR; } diff --git a/servers/slapd/back-bdb/cache.c b/servers/slapd/back-bdb/cache.c index aef5127b5e..d6dd366165 100644 --- a/servers/slapd/back-bdb/cache.c +++ b/servers/slapd/back-bdb/cache.c @@ -336,9 +336,9 @@ bdb_cache_find_ndn( /* Advance to next lower RDN */ for (ptr = ei.bei_nrdn.bv_val - 2; ptr > ndn->bv_val - && !NDN_SEPARATOR(*ptr); ptr--) /* empty */; + && !DN_SEPARATOR(*ptr); ptr--) /* empty */; if ( ptr >= ndn->bv_val ) { - if (NDN_SEPARATOR(*ptr)) ptr++; + if (DN_SEPARATOR(*ptr)) ptr++; ei.bei_nrdn.bv_len = ei.bei_nrdn.bv_val - ptr - 1; ei.bei_nrdn.bv_val = ptr; } diff --git a/servers/slapd/back-ldap/suffixmassage.c b/servers/slapd/back-ldap/suffixmassage.c index 67841698b8..c1c94a8a97 100644 --- a/servers/slapd/back-ldap/suffixmassage.c +++ b/servers/slapd/back-ldap/suffixmassage.c @@ -134,11 +134,10 @@ ldap_back_dn_massage( if ( diff < 0 ) { /* alias is longer than dn */ continue; - } else if ( diff > 0 && ( !NDN_SEPARATOR(dn->bv_val[diff-1]))) { - /* FIXME: should use DN_SEPARATOR() instead of - * NDN_SEPARATOR(), but the latter may fail if - * an escaped ';' is present */ - /* boundary is not at a DN separator */ + } else if ( diff > 0 && ( !DN_SEPARATOR(dn->bv_val[diff-1]))) { + /* FIXME: DN_SEPARATOR() is intended to work + * on a normalized/pretty DN, so that ';' + * is never used as a DN separator */ continue; /* At a DN Separator */ } diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c index c48b73e50b..2e239e3383 100644 --- a/servers/slapd/back-meta/search.c +++ b/servers/slapd/back-meta/search.c @@ -749,7 +749,7 @@ is_one_level_rdn( ) { for ( ; from--; ) { - if ( NDN_SEPARATOR( rdn[ from ] ) ) { + if ( DN_SEPARATOR( rdn[ from ] ) ) { return 0; } } diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index 75eeef7e2e..b99ecdc1e2 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -670,7 +670,7 @@ select_backend( * need not look at escaping */ if ( len && len < dnlen && - !NDN_SEPARATOR( dn->bv_val[(dnlen-len)-1] )) + !DN_SEPARATOR( dn->bv_val[(dnlen-len)-1] )) { continue; } diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c index 66203b56e8..6702e8dc18 100644 --- a/servers/slapd/dn.c +++ b/servers/slapd/dn.c @@ -690,7 +690,7 @@ dnParent( return; } - assert( NDN_SEPARATOR( p[ 0 ] ) ); + assert( DN_SEPARATOR( p[ 0 ] ) ); p++; assert( ATTR_LEADCHAR( p[ 0 ] ) ); @@ -882,7 +882,7 @@ dnIsSuffix( } /* no rdn separator or escaped rdn separator */ - if ( d > 1 && !NDN_SEPARATOR( dn->bv_val[ d - 1 ] ) ) { + if ( d > 1 && !DN_SEPARATOR( dn->bv_val[ d - 1 ] ) ) { return 0; } diff --git a/servers/slapd/limits.c b/servers/slapd/limits.c index 81a3bce063..55fce61705 100644 --- a/servers/slapd/limits.c +++ b/servers/slapd/limits.c @@ -163,7 +163,7 @@ limits_get( } } else { /* check for unescaped rdn separator */ - if ( !NDN_SEPARATOR( ndn->bv_val[d-1] ) ) { + if ( !DN_SEPARATOR( ndn->bv_val[d-1] ) ) { break; } } diff --git a/servers/slapd/overlays/rwmdn.c b/servers/slapd/overlays/rwmdn.c index c3bec9fc04..e5f31160e0 100644 --- a/servers/slapd/overlays/rwmdn.c +++ b/servers/slapd/overlays/rwmdn.c @@ -138,11 +138,10 @@ rwm_dn_massage( if ( diff < 0 ) { /* alias is longer than dn */ continue; - } else if ( diff > 0 && ( !NDN_SEPARATOR(dn->bv_val[diff-1]))) { - /* FIXME: should use DN_SEPARATOR() instead of - * NDN_SEPARATOR(), but the latter may fail if - * an escaped ';' is present */ - /* boundary is not at a DN separator */ + } else if ( diff > 0 && ( !DN_SEPARATOR(dn->bv_val[diff-1]))) { + /* FIXME: DN_SEPARATOR() is intended to work + * on a normalized/pretty DN, so that ';' + * is never used as a DN separator */ continue; /* At a DN Separator */ } diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index d6408f3fa9..a20909d27a 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -133,8 +133,10 @@ LDAP_BEGIN_DECL || (c) == '(' || (c) == ')' || !ASCII_PRINTABLE(c) ) #define DN_ESCAPE(c) ((c) == SLAP_ESCAPE_CHAR) -#define NDN_SEPARATOR(c) ((c) == ',') -#define DN_SEPARATOR(c) (NDN_SEPARATOR(c) || (c) == ';') +/* NOTE: for consistency, this macro must only operate + * on normalized/pretty DN, such that ';' is never used + * as RDN separator, and all occurrences of ';' must be escaped */ +#define DN_SEPARATOR(c) ((c) == ',') #define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 2253 */ #define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c)) #define RDN_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"') -- 2.39.5