Add support dn.base=""

diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c
index e54db75c96fcafa01b09bd354974ba74876a7653..a7df30bd8e71c844aa9e9e27501ced2d6d536221 100644 (file)
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -136,9 +136,9 @@ parse_acl(
                                split( argv[i], '=', &left, &right );
                                split( left, '.', &left, &style );
 
-                               if ( right == NULL || *right == '\0' ) {
+                               if ( right == NULL ) {
                                        fprintf( stderr,
-       "%s: line %d: missing \"=\" in (or value after) \"%s\" in to clause\n",
+       "%s: line %d: missing \"=\" in \"%s\" in to clause\n",
                                            fname, lineno, left );
                                        acl_usage();
                                }

diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index 3e874d532b66bf40d943d31024e070292e34b578..8b7e41beb97aee004a63dfdeb4518f9d29cff594 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -10,6 +10,7 @@
 #include <stdio.h>
 
 #include <ac/ctype.h>
+#include <ac/errno.h>
 #include <ac/string.h>
 #include <ac/socket.h>
 
@@ -3315,6 +3316,54 @@ objectIdentifierFirstComponentMatch(
        return rc;
 }
 
+static int
+integerBitAndMatch(
+       int *matchp,
+       slap_mask_t flags,
+       Syntax *syntax,
+       MatchingRule *mr,
+       struct berval *value,
+       void *assertedValue )
+{
+       long lValue, lAssertedValue;
+
+       /* safe to assume integers are NUL terminated? */
+       lValue = strtoul(value->bv_val, NULL, 10);
+       if(( lValue == LONG_MIN || lValue == LONG_MAX) && errno == ERANGE )
+               return LDAP_CONSTRAINT_VIOLATION;
+
+       lAssertedValue = strtol(((struct berval *)assertedValue)->bv_val, NULL, 10);
+       if(( lAssertedValue == LONG_MIN || lAssertedValue == LONG_MAX) && errno == ERANGE )
+               return LDAP_CONSTRAINT_VIOLATION;
+
+       *matchp = (lValue & lAssertedValue);
+       return LDAP_SUCCESS;
+}
+
+static int
+integerBitOrMatch(
+       int *matchp,
+       slap_mask_t flags,
+       Syntax *syntax,
+       MatchingRule *mr,
+       struct berval *value,
+       void *assertedValue )
+{
+       long lValue, lAssertedValue;
+
+       /* safe to assume integers are NUL terminated? */
+       lValue = strtoul(value->bv_val, NULL, 10);
+       if(( lValue == LONG_MIN || lValue == LONG_MAX) && errno == ERANGE )
+               return LDAP_CONSTRAINT_VIOLATION;
+
+       lAssertedValue = strtol(((struct berval *)assertedValue)->bv_val, NULL, 10);
+       if(( lAssertedValue == LONG_MIN || lAssertedValue == LONG_MAX) && errno == ERANGE )
+               return LDAP_CONSTRAINT_VIOLATION;
+
+       *matchp = (lValue | lAssertedValue);
+       return LDAP_SUCCESS;
+}
+
 static int
 check_time_syntax (struct berval *val,
        int start,
@@ -4115,6 +4164,20 @@ struct mrule_defs_rec mrule_defs[] = {
                OpenLDAPaciMatch, NULL, NULL,
                NULL},
 
+       {"( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' "
+               "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
+               SLAP_MR_EXT,
+               NULL, NULL,
+               integerBitAndMatch, NULL, NULL,
+               NULL},
+
+       {"( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' "
+               "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
+               SLAP_MR_EXT,
+               NULL, NULL,
+               integerBitOrMatch, NULL, NULL,
+               NULL},
+
        {NULL, SLAP_MR_NONE, NULL, NULL, NULL, NULL}
 };