2000-01-30 03:43:19 +08:00
|
|
|
/* schema_init.c - init builtin schema */
|
|
|
|
/* $OpenLDAP$ */
|
2003-11-27 09:17:14 +08:00
|
|
|
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
|
|
|
*
|
2005-01-02 04:49:32 +08:00
|
|
|
* Copyright 1998-2005 The OpenLDAP Foundation.
|
2003-11-27 09:17:14 +08:00
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted only as authorized by the OpenLDAP
|
|
|
|
* Public License.
|
|
|
|
*
|
|
|
|
* A copy of this license is available in the file LICENSE in the
|
|
|
|
* top-level directory of the distribution or, alternatively, at
|
|
|
|
* <http://www.OpenLDAP.org/license.html>.
|
2000-01-30 03:43:19 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "portable.h"
|
|
|
|
|
|
|
|
#include <stdio.h>
|
2005-04-11 03:32:14 +08:00
|
|
|
#ifdef HAVE_LIMITS_H
|
2001-09-07 10:08:32 +08:00
|
|
|
#include <limits.h>
|
2005-04-11 03:32:14 +08:00
|
|
|
#endif
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
#include <ac/ctype.h>
|
2001-09-02 01:10:43 +08:00
|
|
|
#include <ac/errno.h>
|
2000-01-30 03:43:19 +08:00
|
|
|
#include <ac/string.h>
|
|
|
|
#include <ac/socket.h>
|
|
|
|
|
|
|
|
#include "slap.h"
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2001-07-22 07:13:04 +08:00
|
|
|
#include "ldap_utf8.h"
|
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
#ifdef HAVE_TLS
|
|
|
|
#include <openssl/x509.h>
|
|
|
|
#include <openssl/err.h>
|
|
|
|
#include <openssl/rsa.h>
|
|
|
|
#include <openssl/crypto.h>
|
|
|
|
#include <openssl/pem.h>
|
|
|
|
#include <openssl/bio.h>
|
|
|
|
#include <openssl/asn1.h>
|
|
|
|
#include <openssl/x509v3.h>
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
#endif
|
|
|
|
|
2004-09-28 21:11:11 +08:00
|
|
|
#include "lutil.h"
|
2000-09-23 06:19:46 +08:00
|
|
|
#include "lutil_hash.h"
|
|
|
|
#define HASH_BYTES LUTIL_HASH_BYTES
|
|
|
|
#define HASH_CONTEXT lutil_HASH_CTX
|
|
|
|
#define HASH_Init(c) lutil_HASHInit(c)
|
|
|
|
#define HASH_Update(c,buf,len) lutil_HASHUpdate(c,buf,len)
|
|
|
|
#define HASH_Final(d,c) lutil_HASHFinal(d,c)
|
2000-09-23 04:47:46 +08:00
|
|
|
|
2000-07-25 05:29:30 +08:00
|
|
|
/* approx matching rules */
|
|
|
|
#define directoryStringApproxMatchOID "1.3.6.1.4.1.4203.666.4.4"
|
2003-05-16 11:57:01 +08:00
|
|
|
#define directoryStringApproxMatch approxMatch
|
2001-01-18 00:35:53 +08:00
|
|
|
#define directoryStringApproxIndexer approxIndexer
|
2003-05-16 11:57:01 +08:00
|
|
|
#define directoryStringApproxFilter approxFilter
|
2000-07-25 05:29:30 +08:00
|
|
|
#define IA5StringApproxMatchOID "1.3.6.1.4.1.4203.666.4.5"
|
2001-01-18 00:35:53 +08:00
|
|
|
#define IA5StringApproxMatch approxMatch
|
2000-10-25 04:25:37 +08:00
|
|
|
#define IA5StringApproxIndexer approxIndexer
|
2001-01-18 00:35:53 +08:00
|
|
|
#define IA5StringApproxFilter approxFilter
|
2000-07-25 05:29:30 +08:00
|
|
|
|
2004-12-03 00:59:00 +08:00
|
|
|
/* Change Sequence Number (CSN) - much of this will change */
|
|
|
|
#define csnValidate blobValidate
|
|
|
|
#define csnMatch octetStringMatch
|
|
|
|
#define csnOrderingMatch octetStringOrderingMatch
|
|
|
|
#define csnIndexer generalizedTimeIndexer
|
|
|
|
#define csnFilter generalizedTimeFilter
|
|
|
|
|
2005-08-12 07:52:17 +08:00
|
|
|
#ifdef SLAP_AUTHZ_SYNTAX
|
|
|
|
/* FIXME: temporary */
|
|
|
|
#define authzMatch octetStringMatch
|
|
|
|
#endif /* SLAP_AUTHZ_SYNTAX */
|
|
|
|
|
2004-10-06 13:51:38 +08:00
|
|
|
unsigned int index_substr_if_minlen = SLAP_INDEX_SUBSTR_IF_MINLEN_DEFAULT;
|
|
|
|
unsigned int index_substr_if_maxlen = SLAP_INDEX_SUBSTR_IF_MAXLEN_DEFAULT;
|
|
|
|
unsigned int index_substr_any_len = SLAP_INDEX_SUBSTR_ANY_LEN_DEFAULT;
|
|
|
|
unsigned int index_substr_any_step = SLAP_INDEX_SUBSTR_ANY_STEP_DEFAULT;
|
|
|
|
|
2005-08-22 17:46:17 +08:00
|
|
|
ldap_pvt_thread_mutex_t ad_undef_mutex;
|
|
|
|
ldap_pvt_thread_mutex_t oc_undef_mutex;
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
static int
|
|
|
|
inValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
2000-09-04 02:04:08 +08:00
|
|
|
{
|
2003-04-07 09:06:46 +08:00
|
|
|
/* no value allowed */
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2002-01-17 08:18:57 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
static int
|
|
|
|
blobValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
/* any value allowed */
|
|
|
|
return LDAP_SUCCESS;
|
2000-09-04 02:04:08 +08:00
|
|
|
}
|
2000-07-25 05:29:30 +08:00
|
|
|
|
2003-04-07 11:46:22 +08:00
|
|
|
#define berValidate blobValidate
|
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
static int
|
|
|
|
sequenceValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
if ( in->bv_len < 2 ) return LDAP_INVALID_SYNTAX;
|
|
|
|
if ( in->bv_val[0] != LBER_SEQUENCE ) return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_TLS
|
|
|
|
static int certificateValidate( Syntax *syntax, struct berval *in )
|
|
|
|
{
|
|
|
|
X509 *xcert=NULL;
|
2003-12-18 04:55:46 +08:00
|
|
|
unsigned char *p = (unsigned char *)in->bv_val;
|
2003-10-18 10:39:08 +08:00
|
|
|
|
|
|
|
xcert = d2i_X509(NULL, &p, in->bv_len);
|
|
|
|
if ( !xcert ) return LDAP_INVALID_SYNTAX;
|
|
|
|
X509_free(xcert);
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
#define certificateValidate sequenceValidate
|
|
|
|
#endif
|
|
|
|
|
2005-08-23 00:03:35 +08:00
|
|
|
int
|
2000-06-05 06:59:38 +08:00
|
|
|
octetStringMatch(
|
|
|
|
int *matchp,
|
2000-08-23 05:26:25 +08:00
|
|
|
slap_mask_t flags,
|
2000-06-05 06:59:38 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
2003-04-07 11:46:22 +08:00
|
|
|
struct berval *asserted = (struct berval *) assertedValue;
|
|
|
|
int match = value->bv_len - asserted->bv_len;
|
2000-06-05 06:59:38 +08:00
|
|
|
|
|
|
|
if( match == 0 ) {
|
2003-04-07 11:46:22 +08:00
|
|
|
match = memcmp( value->bv_val, asserted->bv_val, value->bv_len );
|
2000-06-05 06:59:38 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-01-04 01:06:01 +08:00
|
|
|
static int
|
|
|
|
octetStringOrderingMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
2003-04-07 11:46:22 +08:00
|
|
|
struct berval *asserted = (struct berval *) assertedValue;
|
2003-01-04 01:06:01 +08:00
|
|
|
ber_len_t v_len = value->bv_len;
|
2003-04-07 11:46:22 +08:00
|
|
|
ber_len_t av_len = asserted->bv_len;
|
2003-02-27 14:51:53 +08:00
|
|
|
|
2003-04-07 11:46:22 +08:00
|
|
|
int match = memcmp( value->bv_val, asserted->bv_val,
|
2003-01-04 01:06:01 +08:00
|
|
|
(v_len < av_len ? v_len : av_len) );
|
2003-02-27 14:51:53 +08:00
|
|
|
|
|
|
|
if( match == 0 ) match = v_len - av_len;
|
|
|
|
|
2003-01-04 01:06:01 +08:00
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
static void
|
|
|
|
hashPreset(
|
2004-09-28 10:51:00 +08:00
|
|
|
HASH_CONTEXT *HASHcontext,
|
|
|
|
struct berval *prefix,
|
|
|
|
char pre,
|
|
|
|
Syntax *syntax,
|
2005-10-24 06:38:15 +08:00
|
|
|
MatchingRule *mr)
|
2004-09-28 10:51:00 +08:00
|
|
|
{
|
|
|
|
HASH_Init(HASHcontext);
|
|
|
|
if(prefix && prefix->bv_len > 0) {
|
|
|
|
HASH_Update(HASHcontext,
|
|
|
|
(unsigned char *)prefix->bv_val, prefix->bv_len);
|
|
|
|
}
|
|
|
|
if(pre) HASH_Update(HASHcontext, (unsigned char*)&pre, sizeof(pre));
|
|
|
|
HASH_Update(HASHcontext, (unsigned char*)syntax->ssyn_oid, syntax->ssyn_oidlen);
|
|
|
|
HASH_Update(HASHcontext, (unsigned char*)mr->smr_oid, mr->smr_oidlen);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
static void
|
|
|
|
hashIter(
|
|
|
|
HASH_CONTEXT *HASHcontext,
|
|
|
|
unsigned char *HASHdigest,
|
|
|
|
unsigned char *value,
|
|
|
|
int len)
|
|
|
|
{
|
|
|
|
HASH_CONTEXT ctx = *HASHcontext;
|
|
|
|
HASH_Update( &ctx, value, len );
|
|
|
|
HASH_Final( HASHdigest, &ctx );
|
|
|
|
}
|
|
|
|
|
2000-06-05 06:59:38 +08:00
|
|
|
/* Index generation function */
|
2002-08-29 09:12:59 +08:00
|
|
|
int octetStringIndexer(
|
2000-08-23 05:26:25 +08:00
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
2000-06-05 06:59:38 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
2002-01-14 09:43:17 +08:00
|
|
|
BerVarray values,
|
2003-04-11 09:29:28 +08:00
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
2000-06-05 06:59:38 +08:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
size_t slen, mlen;
|
2002-01-14 09:43:17 +08:00
|
|
|
BerVarray keys;
|
2003-04-07 11:46:22 +08:00
|
|
|
HASH_CONTEXT HASHcontext;
|
|
|
|
unsigned char HASHdigest[HASH_BYTES];
|
2000-06-05 06:59:38 +08:00
|
|
|
struct berval digest;
|
2003-12-18 04:55:46 +08:00
|
|
|
digest.bv_val = (char *)HASHdigest;
|
2000-09-23 04:47:46 +08:00
|
|
|
digest.bv_len = sizeof(HASHdigest);
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
for( i=0; !BER_BVISNULL( &values[i] ); i++ ) {
|
2000-06-05 06:59:38 +08:00
|
|
|
/* just count them */
|
|
|
|
}
|
|
|
|
|
2001-07-26 09:08:00 +08:00
|
|
|
/* we should have at least one value at this point */
|
|
|
|
assert( i > 0 );
|
|
|
|
|
2004-04-20 11:44:57 +08:00
|
|
|
keys = slap_sl_malloc( sizeof( struct berval ) * (i+1), ctx );
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2001-12-26 22:36:02 +08:00
|
|
|
slen = syntax->ssyn_oidlen;
|
|
|
|
mlen = mr->smr_oidlen;
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
hashPreset( &HASHcontext, prefix, 0, syntax, mr);
|
2005-01-18 17:35:09 +08:00
|
|
|
for( i=0; !BER_BVISNULL( &values[i] ); i++ ) {
|
2005-10-24 06:38:15 +08:00
|
|
|
hashIter( &HASHcontext, HASHdigest,
|
|
|
|
(unsigned char *)values[i].bv_val, values[i].bv_len );
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( &keys[i], &digest, ctx );
|
2000-06-05 06:59:38 +08:00
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &keys[i] );
|
2000-06-05 06:59:38 +08:00
|
|
|
|
|
|
|
*keysp = keys;
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Index generation function */
|
2002-08-29 09:12:59 +08:00
|
|
|
int octetStringFilter(
|
2000-08-23 05:26:25 +08:00
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
2000-06-05 06:59:38 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
2002-08-29 10:27:15 +08:00
|
|
|
void * assertedValue,
|
2003-04-11 09:29:28 +08:00
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
2000-06-05 06:59:38 +08:00
|
|
|
{
|
|
|
|
size_t slen, mlen;
|
2002-01-14 09:43:17 +08:00
|
|
|
BerVarray keys;
|
2003-04-07 11:46:22 +08:00
|
|
|
HASH_CONTEXT HASHcontext;
|
|
|
|
unsigned char HASHdigest[HASH_BYTES];
|
2002-08-29 10:27:15 +08:00
|
|
|
struct berval *value = (struct berval *) assertedValue;
|
2000-06-05 06:59:38 +08:00
|
|
|
struct berval digest;
|
2003-12-18 04:55:46 +08:00
|
|
|
digest.bv_val = (char *)HASHdigest;
|
2000-09-23 04:47:46 +08:00
|
|
|
digest.bv_len = sizeof(HASHdigest);
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2001-12-26 22:36:02 +08:00
|
|
|
slen = syntax->ssyn_oidlen;
|
|
|
|
mlen = mr->smr_oidlen;
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2004-04-20 11:44:57 +08:00
|
|
|
keys = slap_sl_malloc( sizeof( struct berval ) * 2, ctx );
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
hashPreset( &HASHcontext, prefix, 0, syntax, mr );
|
|
|
|
hashIter( &HASHcontext, HASHdigest,
|
|
|
|
(unsigned char *)value->bv_val, value->bv_len );
|
2000-06-05 06:59:38 +08:00
|
|
|
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( keys, &digest, ctx );
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &keys[1] );
|
2000-06-05 06:59:38 +08:00
|
|
|
|
|
|
|
*keysp = keys;
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2000-05-28 03:33:08 +08:00
|
|
|
static int
|
2003-04-07 11:46:22 +08:00
|
|
|
octetStringSubstringsMatch(
|
2003-04-07 09:06:46 +08:00
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
2000-09-12 08:32:08 +08:00
|
|
|
Syntax *syntax,
|
2003-04-07 09:06:46 +08:00
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
2000-09-12 08:32:08 +08:00
|
|
|
{
|
2003-04-07 09:06:46 +08:00
|
|
|
int match = 0;
|
|
|
|
SubstringsAssertion *sub = assertedValue;
|
|
|
|
struct berval left = *value;
|
|
|
|
int i;
|
2003-04-07 11:46:22 +08:00
|
|
|
ber_len_t inlen = 0;
|
2000-09-12 08:32:08 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Add up asserted input length */
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISNULL( &sub->sa_initial ) ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
inlen += sub->sa_initial.bv_len;
|
2000-09-12 08:32:08 +08:00
|
|
|
}
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( sub->sa_any ) {
|
|
|
|
for ( i = 0; !BER_BVISNULL( &sub->sa_any[i] ); i++ ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
inlen += sub->sa_any[i].bv_len;
|
|
|
|
}
|
|
|
|
}
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISNULL( &sub->sa_final ) ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
inlen += sub->sa_final.bv_len;
|
2000-09-12 08:32:08 +08:00
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISNULL( &sub->sa_initial ) ) {
|
|
|
|
if ( inlen > left.bv_len ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
match = 1;
|
|
|
|
goto done;
|
2000-09-12 08:32:08 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
match = memcmp( sub->sa_initial.bv_val, left.bv_val,
|
|
|
|
sub->sa_initial.bv_len );
|
2000-09-12 08:32:08 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( match != 0 ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
goto done;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
left.bv_val += sub->sa_initial.bv_len;
|
|
|
|
left.bv_len -= sub->sa_initial.bv_len;
|
|
|
|
inlen -= sub->sa_initial.bv_len;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISNULL( &sub->sa_final ) ) {
|
|
|
|
if ( inlen > left.bv_len ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
match = memcmp( sub->sa_final.bv_val,
|
|
|
|
&left.bv_val[left.bv_len - sub->sa_final.bv_len],
|
|
|
|
sub->sa_final.bv_len );
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( match != 0 ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
goto done;
|
2002-08-06 11:18:02 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
left.bv_len -= sub->sa_final.bv_len;
|
|
|
|
inlen -= sub->sa_final.bv_len;
|
2002-08-06 11:18:02 +08:00
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( sub->sa_any ) {
|
|
|
|
for ( i = 0; !BER_BVISNULL( &sub->sa_any[i] ); i++ ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
ber_len_t idx;
|
|
|
|
char *p;
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
retry:
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( inlen > left.bv_len ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
/* not enough length */
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( BER_BVISEMPTY( &sub->sa_any[i] ) ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
continue;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
p = memchr( left.bv_val, *sub->sa_any[i].bv_val, left.bv_len );
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
if( p == NULL ) {
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
2002-08-06 11:18:02 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
idx = p - left.bv_val;
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( idx >= left.bv_len ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
/* this shouldn't happen */
|
|
|
|
return LDAP_OTHER;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
left.bv_val = p;
|
|
|
|
left.bv_len -= idx;
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( sub->sa_any[i].bv_len > left.bv_len ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
/* not enough left */
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
match = memcmp( left.bv_val,
|
|
|
|
sub->sa_any[i].bv_val,
|
|
|
|
sub->sa_any[i].bv_len );
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( match != 0 ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
left.bv_val++;
|
|
|
|
left.bv_len--;
|
|
|
|
goto retry;
|
|
|
|
}
|
2002-08-06 11:18:02 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
left.bv_val += sub->sa_any[i].bv_len;
|
|
|
|
left.bv_len -= sub->sa_any[i].bv_len;
|
|
|
|
inlen -= sub->sa_any[i].bv_len;
|
2002-08-06 11:18:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
done:
|
|
|
|
*matchp = match;
|
2002-08-06 11:18:02 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Substrings Index generation function */
|
|
|
|
static int
|
2003-04-07 11:46:22 +08:00
|
|
|
octetStringSubstringsIndexer(
|
2003-04-07 09:06:46 +08:00
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
|
|
|
BerVarray values,
|
2003-04-11 09:29:28 +08:00
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
2005-07-11 20:11:15 +08:00
|
|
|
ber_len_t i, nkeys;
|
2003-04-07 09:06:46 +08:00
|
|
|
size_t slen, mlen;
|
|
|
|
BerVarray keys;
|
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
HASH_CONTEXT HCany, HCini, HCfin;
|
2003-04-07 11:46:22 +08:00
|
|
|
unsigned char HASHdigest[HASH_BYTES];
|
2003-04-07 09:06:46 +08:00
|
|
|
struct berval digest;
|
2003-12-18 04:55:46 +08:00
|
|
|
digest.bv_val = (char *)HASHdigest;
|
2003-04-07 09:06:46 +08:00
|
|
|
digest.bv_len = sizeof(HASHdigest);
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
nkeys = 0;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
for ( i = 0; !BER_BVISNULL( &values[i] ); i++ ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
/* count number of indices to generate */
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
|
2004-10-06 13:51:38 +08:00
|
|
|
if( values[i].bv_len >= index_substr_if_maxlen ) {
|
|
|
|
nkeys += index_substr_if_maxlen -
|
|
|
|
(index_substr_if_minlen - 1);
|
|
|
|
} else if( values[i].bv_len >= index_substr_if_minlen ) {
|
|
|
|
nkeys += values[i].bv_len - (index_substr_if_minlen - 1);
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_ANY ) {
|
2004-10-06 13:51:38 +08:00
|
|
|
if( values[i].bv_len >= index_substr_any_len ) {
|
|
|
|
nkeys += values[i].bv_len - (index_substr_any_len - 1);
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
|
2004-10-06 13:51:38 +08:00
|
|
|
if( values[i].bv_len >= index_substr_if_maxlen ) {
|
|
|
|
nkeys += index_substr_if_maxlen -
|
|
|
|
(index_substr_if_minlen - 1);
|
|
|
|
} else if( values[i].bv_len >= index_substr_if_minlen ) {
|
|
|
|
nkeys += values[i].bv_len - (index_substr_if_minlen - 1);
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if( nkeys == 0 ) {
|
|
|
|
/* no keys to generate */
|
|
|
|
*keysp = NULL;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2004-04-20 11:44:57 +08:00
|
|
|
keys = slap_sl_malloc( sizeof( struct berval ) * (nkeys+1), ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
|
|
|
|
slen = syntax->ssyn_oidlen;
|
|
|
|
mlen = mr->smr_oidlen;
|
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
if ( flags & SLAP_INDEX_SUBSTR_ANY )
|
|
|
|
hashPreset( &HCany, prefix, SLAP_INDEX_SUBSTR_PREFIX, syntax, mr );
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_INITIAL )
|
|
|
|
hashPreset( &HCini, prefix, SLAP_INDEX_SUBSTR_INITIAL_PREFIX, syntax, mr );
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_FINAL )
|
|
|
|
hashPreset( &HCfin, prefix, SLAP_INDEX_SUBSTR_FINAL_PREFIX, syntax, mr );
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
nkeys = 0;
|
|
|
|
for ( i = 0; !BER_BVISNULL( &values[i] ); i++ ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
ber_len_t j,max;
|
|
|
|
|
|
|
|
if( ( flags & SLAP_INDEX_SUBSTR_ANY ) &&
|
2004-10-06 13:51:38 +08:00
|
|
|
( values[i].bv_len >= index_substr_any_len ) )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
2004-10-06 13:51:38 +08:00
|
|
|
max = values[i].bv_len - (index_substr_any_len - 1);
|
2003-04-07 09:06:46 +08:00
|
|
|
|
|
|
|
for( j=0; j<max; j++ ) {
|
2005-10-24 06:38:15 +08:00
|
|
|
hashIter( &HCany, HASHdigest,
|
|
|
|
(unsigned char *)&values[i].bv_val[j],
|
|
|
|
index_substr_any_len );
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-05-05 06:31:57 +08:00
|
|
|
/* skip if too short */
|
2004-10-06 13:51:38 +08:00
|
|
|
if( values[i].bv_len < index_substr_if_minlen ) continue;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
2004-10-06 13:51:38 +08:00
|
|
|
max = index_substr_if_maxlen < values[i].bv_len
|
|
|
|
? index_substr_if_maxlen : values[i].bv_len;
|
2004-05-05 06:31:57 +08:00
|
|
|
|
2004-10-06 13:51:38 +08:00
|
|
|
for( j=index_substr_if_minlen; j<=max; j++ ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_INITIAL ) {
|
2005-10-24 06:38:15 +08:00
|
|
|
hashIter( &HCini, HASHdigest,
|
|
|
|
(unsigned char *)values[i].bv_val, j );
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_FINAL ) {
|
2005-10-24 06:38:15 +08:00
|
|
|
hashIter( &HCfin, HASHdigest,
|
|
|
|
(unsigned char *)&values[i].bv_val[values[i].bv_len-j], j );
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if( nkeys > 0 ) {
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &keys[nkeys] );
|
2003-04-07 09:06:46 +08:00
|
|
|
*keysp = keys;
|
|
|
|
} else {
|
|
|
|
ch_free( keys );
|
|
|
|
*keysp = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
octetStringSubstringsFilter (
|
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
|
|
|
void * assertedValue,
|
2003-04-11 09:29:28 +08:00
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx)
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
SubstringsAssertion *sa;
|
|
|
|
char pre;
|
2005-07-11 20:11:15 +08:00
|
|
|
ber_len_t nkeys = 0;
|
2003-04-07 09:06:46 +08:00
|
|
|
size_t slen, mlen, klen;
|
|
|
|
BerVarray keys;
|
2003-04-07 11:46:22 +08:00
|
|
|
HASH_CONTEXT HASHcontext;
|
|
|
|
unsigned char HASHdigest[HASH_BYTES];
|
2003-04-07 09:06:46 +08:00
|
|
|
struct berval *value;
|
|
|
|
struct berval digest;
|
|
|
|
|
|
|
|
sa = (SubstringsAssertion *) assertedValue;
|
|
|
|
|
2004-05-05 06:31:57 +08:00
|
|
|
if( flags & SLAP_INDEX_SUBSTR_INITIAL &&
|
2005-01-18 17:35:09 +08:00
|
|
|
!BER_BVISNULL( &sa->sa_initial ) &&
|
2004-10-06 13:51:38 +08:00
|
|
|
sa->sa_initial.bv_len >= index_substr_if_minlen )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
nkeys++;
|
2004-10-06 13:51:38 +08:00
|
|
|
if ( sa->sa_initial.bv_len > index_substr_if_maxlen &&
|
2004-09-28 10:51:00 +08:00
|
|
|
( flags & SLAP_INDEX_SUBSTR_ANY ))
|
|
|
|
{
|
2005-02-01 21:40:17 +08:00
|
|
|
nkeys += 1 + (sa->sa_initial.bv_len - index_substr_if_maxlen) / index_substr_any_step;
|
2004-09-28 10:51:00 +08:00
|
|
|
}
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
ber_len_t i;
|
2005-01-18 17:35:09 +08:00
|
|
|
for( i=0; !BER_BVISNULL( &sa->sa_any[i] ); i++ ) {
|
2004-10-06 13:51:38 +08:00
|
|
|
if( sa->sa_any[i].bv_len >= index_substr_any_len ) {
|
2004-05-05 06:31:57 +08:00
|
|
|
/* don't bother accounting with stepping */
|
2003-04-07 09:06:46 +08:00
|
|
|
nkeys += sa->sa_any[i].bv_len -
|
2004-10-06 13:51:38 +08:00
|
|
|
( index_substr_any_len - 1 );
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-05-05 06:31:57 +08:00
|
|
|
if( flags & SLAP_INDEX_SUBSTR_FINAL &&
|
2005-01-18 17:35:09 +08:00
|
|
|
!BER_BVISNULL( &sa->sa_final ) &&
|
2004-10-06 13:51:38 +08:00
|
|
|
sa->sa_final.bv_len >= index_substr_if_minlen )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
nkeys++;
|
2004-10-06 13:51:38 +08:00
|
|
|
if ( sa->sa_final.bv_len > index_substr_if_maxlen &&
|
2004-09-28 10:51:00 +08:00
|
|
|
( flags & SLAP_INDEX_SUBSTR_ANY ))
|
|
|
|
{
|
2005-02-01 21:40:17 +08:00
|
|
|
nkeys += 1 + (sa->sa_final.bv_len - index_substr_if_maxlen) / index_substr_any_step;
|
2004-09-28 10:51:00 +08:00
|
|
|
}
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if( nkeys == 0 ) {
|
|
|
|
*keysp = NULL;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-12-18 04:55:46 +08:00
|
|
|
digest.bv_val = (char *)HASHdigest;
|
2003-04-07 09:06:46 +08:00
|
|
|
digest.bv_len = sizeof(HASHdigest);
|
|
|
|
|
|
|
|
slen = syntax->ssyn_oidlen;
|
|
|
|
mlen = mr->smr_oidlen;
|
|
|
|
|
2004-04-20 11:44:57 +08:00
|
|
|
keys = slap_sl_malloc( sizeof( struct berval ) * (nkeys+1), ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
nkeys = 0;
|
|
|
|
|
2004-05-05 06:31:57 +08:00
|
|
|
if( flags & SLAP_INDEX_SUBSTR_INITIAL &&
|
2005-01-18 17:35:09 +08:00
|
|
|
!BER_BVISNULL( &sa->sa_initial ) &&
|
2004-10-06 13:51:38 +08:00
|
|
|
sa->sa_initial.bv_len >= index_substr_if_minlen )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
pre = SLAP_INDEX_SUBSTR_INITIAL_PREFIX;
|
|
|
|
value = &sa->sa_initial;
|
|
|
|
|
2004-10-06 13:51:38 +08:00
|
|
|
klen = index_substr_if_maxlen < value->bv_len
|
|
|
|
? index_substr_if_maxlen : value->bv_len;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
hashPreset( &HASHcontext, prefix, pre, syntax, mr );
|
|
|
|
hashIter( &HASHcontext, HASHdigest,
|
|
|
|
(unsigned char *)value->bv_val, klen );
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
2004-09-28 10:51:00 +08:00
|
|
|
|
|
|
|
/* If initial is too long and we have subany indexed, use it
|
|
|
|
* to match the excess...
|
|
|
|
*/
|
2004-10-06 13:51:38 +08:00
|
|
|
if (value->bv_len > index_substr_if_maxlen && (flags & SLAP_INDEX_SUBSTR_ANY))
|
2004-09-28 10:51:00 +08:00
|
|
|
{
|
|
|
|
ber_len_t j;
|
|
|
|
pre = SLAP_INDEX_SUBSTR_PREFIX;
|
2005-10-24 06:38:15 +08:00
|
|
|
hashPreset( &HASHcontext, prefix, pre, syntax, mr);
|
2004-10-06 13:51:38 +08:00
|
|
|
for ( j=index_substr_if_maxlen-1; j <= value->bv_len - index_substr_any_len; j+=index_substr_any_step )
|
2004-09-28 10:51:00 +08:00
|
|
|
{
|
2005-10-24 06:38:15 +08:00
|
|
|
hashIter( &HASHcontext, HASHdigest,
|
|
|
|
(unsigned char *)&value->bv_val[j], index_substr_any_len );
|
2004-09-28 10:51:00 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
|
|
|
}
|
|
|
|
}
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if( flags & SLAP_INDEX_SUBSTR_ANY && sa->sa_any != NULL ) {
|
|
|
|
ber_len_t i, j;
|
|
|
|
pre = SLAP_INDEX_SUBSTR_PREFIX;
|
2004-10-06 13:51:38 +08:00
|
|
|
klen = index_substr_any_len;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
for( i=0; !BER_BVISNULL( &sa->sa_any[i] ); i++ ) {
|
2004-10-06 13:51:38 +08:00
|
|
|
if( sa->sa_any[i].bv_len < index_substr_any_len ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
value = &sa->sa_any[i];
|
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
hashPreset( &HASHcontext, prefix, pre, syntax, mr);
|
2003-04-07 09:06:46 +08:00
|
|
|
for(j=0;
|
2004-10-06 13:51:38 +08:00
|
|
|
j <= value->bv_len - index_substr_any_len;
|
|
|
|
j += index_substr_any_step )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
2005-10-24 06:38:15 +08:00
|
|
|
hashIter( &HASHcontext, HASHdigest,
|
|
|
|
(unsigned char *)&value->bv_val[j], klen );
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-05-05 06:31:57 +08:00
|
|
|
if( flags & SLAP_INDEX_SUBSTR_FINAL &&
|
2005-01-18 17:35:09 +08:00
|
|
|
!BER_BVISNULL( &sa->sa_final ) &&
|
2004-10-06 13:51:38 +08:00
|
|
|
sa->sa_final.bv_len >= index_substr_if_minlen )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
pre = SLAP_INDEX_SUBSTR_FINAL_PREFIX;
|
|
|
|
value = &sa->sa_final;
|
|
|
|
|
2004-10-06 13:51:38 +08:00
|
|
|
klen = index_substr_if_maxlen < value->bv_len
|
|
|
|
? index_substr_if_maxlen : value->bv_len;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
2005-10-24 06:38:15 +08:00
|
|
|
hashPreset( &HASHcontext, prefix, pre, syntax, mr );
|
|
|
|
hashIter( &HASHcontext, HASHdigest,
|
|
|
|
(unsigned char *)&value->bv_val[value->bv_len-klen], klen );
|
2003-04-11 09:29:28 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
2004-09-28 10:51:00 +08:00
|
|
|
|
|
|
|
/* If final is too long and we have subany indexed, use it
|
|
|
|
* to match the excess...
|
|
|
|
*/
|
2004-10-06 13:51:38 +08:00
|
|
|
if (value->bv_len > index_substr_if_maxlen && (flags & SLAP_INDEX_SUBSTR_ANY))
|
2004-09-28 10:51:00 +08:00
|
|
|
{
|
|
|
|
ber_len_t j;
|
|
|
|
pre = SLAP_INDEX_SUBSTR_PREFIX;
|
2005-10-24 06:38:15 +08:00
|
|
|
hashPreset( &HASHcontext, prefix, pre, syntax, mr);
|
2004-10-06 13:51:38 +08:00
|
|
|
for ( j=0; j <= value->bv_len - index_substr_if_maxlen; j+=index_substr_any_step )
|
2004-09-28 10:51:00 +08:00
|
|
|
{
|
2005-10-24 06:38:15 +08:00
|
|
|
hashIter( &HASHcontext, HASHdigest,
|
|
|
|
(unsigned char *)&value->bv_val[j], index_substr_any_len );
|
2004-09-28 10:51:00 +08:00
|
|
|
ber_dupbv_x( &keys[nkeys++], &digest, ctx );
|
|
|
|
}
|
|
|
|
}
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if( nkeys > 0 ) {
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &keys[nkeys] );
|
2003-04-07 09:06:46 +08:00
|
|
|
*keysp = keys;
|
|
|
|
} else {
|
|
|
|
ch_free( keys );
|
|
|
|
*keysp = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
bitStringValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
ber_len_t i;
|
|
|
|
|
|
|
|
/* very unforgiving validation, requires no normalization
|
|
|
|
* before simplistic matching
|
|
|
|
*/
|
|
|
|
if( in->bv_len < 3 ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2003-04-07 11:46:22 +08:00
|
|
|
* RFC 2252 section 6.3 Bit String
|
|
|
|
* bitstring = "'" *binary-digit "'B"
|
|
|
|
* binary-digit = "0" / "1"
|
2003-04-07 09:06:46 +08:00
|
|
|
* example: '0101111101'B
|
|
|
|
*/
|
|
|
|
|
|
|
|
if( in->bv_val[0] != '\'' ||
|
2005-01-18 17:35:09 +08:00
|
|
|
in->bv_val[in->bv_len - 2] != '\'' ||
|
|
|
|
in->bv_val[in->bv_len - 1] != 'B' )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
for( i = in->bv_len - 3; i > 0; i-- ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
if( in->bv_val[i] != '0' && in->bv_val[i] != '1' ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
/*
|
|
|
|
* Syntax is [RFC2252]:
|
|
|
|
*
|
|
|
|
|
|
|
|
6.3. Bit String
|
|
|
|
|
|
|
|
( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
|
|
|
|
|
|
|
|
Values in this syntax are encoded according to the following BNF:
|
|
|
|
|
|
|
|
bitstring = "'" *binary-digit "'B"
|
|
|
|
|
|
|
|
binary-digit = "0" / "1"
|
|
|
|
|
|
|
|
...
|
|
|
|
|
|
|
|
6.21. Name And Optional UID
|
|
|
|
|
|
|
|
( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )
|
|
|
|
|
|
|
|
Values in this syntax are encoded according to the following BNF:
|
|
|
|
|
|
|
|
NameAndOptionalUID = DistinguishedName [ "#" bitstring ]
|
|
|
|
|
|
|
|
Although the '#' character may occur in a string representation of a
|
|
|
|
distinguished name, no additional special quoting is done. This
|
|
|
|
syntax has been added subsequent to RFC 1778.
|
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
1.3.6.1.4.1.1466.0=#04024869,O=Test,C=GB#'0101'B
|
|
|
|
|
|
|
|
*
|
|
|
|
* draft-ietf-ldapbis-syntaxes-xx.txt says:
|
|
|
|
*
|
|
|
|
|
|
|
|
3.3.2. Bit String
|
|
|
|
|
|
|
|
A value of the Bit String syntax is a sequence of binary digits. The
|
|
|
|
LDAP-specific encoding of a value of this syntax is defined by the
|
|
|
|
following ABNF:
|
|
|
|
|
|
|
|
BitString = SQUOTE *binary-digit SQUOTE "B"
|
|
|
|
|
|
|
|
binary-digit = "0" / "1"
|
|
|
|
|
|
|
|
The <SQUOTE> rule is defined in [MODELS].
|
|
|
|
|
|
|
|
Example:
|
|
|
|
'0101111101'B
|
|
|
|
|
|
|
|
The LDAP definition for the Bit String syntax is:
|
|
|
|
|
|
|
|
( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
|
|
|
|
|
|
|
|
This syntax corresponds to the BIT STRING ASN.1 type from [ASN.1].
|
|
|
|
|
|
|
|
...
|
|
|
|
|
|
|
|
3.3.21. Name and Optional UID
|
|
|
|
|
|
|
|
A value of the Name and Optional UID syntax is the distinguished name
|
|
|
|
[MODELS] of an entity optionally accompanied by a unique identifier
|
|
|
|
that serves to differentiate the entity from others with an identical
|
|
|
|
distinguished name.
|
|
|
|
|
|
|
|
The LDAP-specific encoding of a value of this syntax is defined by
|
|
|
|
the following ABNF:
|
|
|
|
|
|
|
|
NameAndOptionalUID = distinguishedName [ SHARP BitString ]
|
|
|
|
|
|
|
|
The <BitString> rule is defined in Section 3.3.2. The
|
|
|
|
<distinguishedName> rule is defined in [LDAPDN]. The <SHARP> rule is
|
|
|
|
defined in [MODELS].
|
|
|
|
|
|
|
|
Note that although the '#' character may occur in the string
|
|
|
|
representation of a distinguished name, no additional escaping of
|
|
|
|
this character is performed when a <distinguishedName> is encoded in
|
|
|
|
a <NameAndOptionalUID>.
|
|
|
|
|
|
|
|
Example:
|
|
|
|
1.3.6.1.4.1.1466.0=#04024869,O=Test,C=GB#'0101'B
|
|
|
|
|
|
|
|
The LDAP definition for the Name and Optional UID syntax is:
|
|
|
|
|
|
|
|
( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )
|
|
|
|
|
|
|
|
This syntax corresponds to the NameAndOptionalUID ASN.1 type from
|
|
|
|
[X.520].
|
|
|
|
|
|
|
|
*
|
|
|
|
* draft-ietf-ldapbis-models-xx.txt [MODELS] says:
|
|
|
|
*
|
|
|
|
|
|
|
|
1.4. Common ABNF Productions
|
|
|
|
|
|
|
|
...
|
|
|
|
SHARP = %x23 ; octothorpe (or sharp sign) ("#")
|
|
|
|
...
|
|
|
|
SQUOTE = %x27 ; single quote ("'")
|
|
|
|
...
|
|
|
|
|
|
|
|
*
|
|
|
|
* Note: normalization strips any leading "0"s, unless the
|
|
|
|
* bit string is exactly "'0'B", so the normalized example,
|
|
|
|
* in slapd, would result in
|
|
|
|
*
|
|
|
|
* 1.3.6.1.4.1.1466.0=#04024869,o=test,c=gb#'101'B
|
|
|
|
*
|
|
|
|
* Since draft-ietf-ldapbis-dn-xx.txt clarifies that SHARP,
|
|
|
|
* i.e. "#", doesn't have to be escaped except when at the
|
|
|
|
* beginning of a value, the definition of Name and Optional
|
|
|
|
* UID appears to be flawed, because there is no clear means
|
|
|
|
* to determine whether the UID part is present or not.
|
|
|
|
*
|
|
|
|
* Example:
|
|
|
|
*
|
|
|
|
* cn=Someone,dc=example,dc=com#'1'B
|
|
|
|
*
|
|
|
|
* could be either a NameAndOptionalUID with trailing UID, i.e.
|
|
|
|
*
|
|
|
|
* DN = "cn=Someone,dc=example,dc=com"
|
|
|
|
* UID = "'1'B"
|
|
|
|
*
|
|
|
|
* or a NameAndOptionalUID with no trailing UID, and the AVA
|
|
|
|
* in the last RDN made of
|
|
|
|
*
|
|
|
|
* attributeType = dc
|
|
|
|
* attributeValue = com#'1'B
|
|
|
|
*
|
|
|
|
* in fact "com#'1'B" is a valid IA5 string.
|
|
|
|
*
|
|
|
|
* As a consequence, current slapd code assumes that the
|
|
|
|
* presence of portions of a BitString at the end of the string
|
|
|
|
* representation of a NameAndOptionalUID means a BitString
|
|
|
|
* is expected, and cause an error otherwise. This is quite
|
|
|
|
* arbitrary, and might change in the future.
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
static int
|
|
|
|
nameUIDValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
int rc;
|
2004-06-30 00:29:00 +08:00
|
|
|
struct berval dn, uid;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( in ) ) return LDAP_SUCCESS;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
|
|
|
ber_dupbv( &dn, in );
|
|
|
|
if( !dn.bv_val ) return LDAP_OTHER;
|
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
/* if there's a "#", try bitStringValidate()... */
|
|
|
|
uid.bv_val = strrchr( dn.bv_val, '#' );
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISNULL( &uid ) ) {
|
2004-06-30 00:29:00 +08:00
|
|
|
uid.bv_val++;
|
|
|
|
uid.bv_len = dn.bv_len - ( uid.bv_val - dn.bv_val );
|
|
|
|
|
|
|
|
rc = bitStringValidate( NULL, &uid );
|
|
|
|
if ( rc == LDAP_SUCCESS ) {
|
|
|
|
/* in case of success, trim the UID,
|
|
|
|
* otherwise treat it as part of the DN */
|
|
|
|
dn.bv_len -= uid.bv_len + 1;
|
|
|
|
uid.bv_val[-1] = '\0';
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
rc = dnValidate( NULL, &dn );
|
|
|
|
|
|
|
|
ber_memfree( dn.bv_val );
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2003-08-23 05:03:03 +08:00
|
|
|
int
|
|
|
|
nameUIDPretty(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val,
|
|
|
|
struct berval *out,
|
|
|
|
void *ctx )
|
|
|
|
{
|
2005-07-18 14:22:33 +08:00
|
|
|
assert( val != NULL );
|
|
|
|
assert( out != NULL );
|
2003-08-23 05:03:03 +08:00
|
|
|
|
|
|
|
|
|
|
|
Debug( LDAP_DEBUG_TRACE, ">>> nameUIDPretty: <%s>\n", val->bv_val, 0, 0 );
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( val ) ) {
|
2003-08-23 05:03:03 +08:00
|
|
|
ber_dupbv_x( out, val, ctx );
|
|
|
|
|
|
|
|
} else if ( val->bv_len > SLAP_LDAPDN_MAXLEN ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
} else {
|
2004-06-29 06:10:27 +08:00
|
|
|
int rc;
|
|
|
|
struct berval dnval = *val;
|
|
|
|
struct berval uidval = BER_BVNULL;
|
2003-08-23 05:03:03 +08:00
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
uidval.bv_val = strrchr( val->bv_val, '#' );
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISNULL( &uidval ) ) {
|
2004-06-30 00:29:00 +08:00
|
|
|
uidval.bv_val++;
|
|
|
|
uidval.bv_len = val->bv_len - ( uidval.bv_val - val->bv_val );
|
2004-06-29 06:10:27 +08:00
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
rc = bitStringValidate( NULL, &uidval );
|
2004-06-29 06:10:27 +08:00
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
if ( rc == LDAP_SUCCESS ) {
|
|
|
|
ber_dupbv_x( &dnval, val, ctx );
|
|
|
|
dnval.bv_len -= uidval.bv_len + 1;
|
|
|
|
dnval.bv_val[dnval.bv_len] = '\0';
|
2004-06-29 06:10:27 +08:00
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
} else {
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &uidval );
|
2004-06-30 00:29:00 +08:00
|
|
|
}
|
2003-08-23 05:03:03 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
rc = dnPretty( syntax, &dnval, out, ctx );
|
2004-06-29 06:10:27 +08:00
|
|
|
if ( dnval.bv_val != val->bv_val ) {
|
|
|
|
slap_sl_free( dnval.bv_val, ctx );
|
|
|
|
}
|
|
|
|
if( rc != LDAP_SUCCESS ) {
|
|
|
|
return rc;
|
|
|
|
}
|
2003-08-23 05:03:03 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( !BER_BVISNULL( &uidval ) ) {
|
2004-06-29 06:10:27 +08:00
|
|
|
int i, c, got1;
|
|
|
|
char *tmp;
|
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
tmp = slap_sl_realloc( out->bv_val, out->bv_len
|
|
|
|
+ STRLENOF( "#" ) + uidval.bv_len + 1,
|
2004-06-29 07:03:01 +08:00
|
|
|
ctx );
|
2003-08-23 05:03:03 +08:00
|
|
|
if( tmp == NULL ) {
|
|
|
|
ber_memfree_x( out->bv_val, ctx );
|
|
|
|
return LDAP_OTHER;
|
|
|
|
}
|
2003-08-23 05:16:16 +08:00
|
|
|
out->bv_val = tmp;
|
2003-08-23 05:03:03 +08:00
|
|
|
out->bv_val[out->bv_len++] = '#';
|
2004-06-29 06:10:27 +08:00
|
|
|
out->bv_val[out->bv_len++] = '\'';
|
2003-08-23 05:03:03 +08:00
|
|
|
|
|
|
|
got1 = uidval.bv_len < sizeof("'0'B");
|
2004-06-29 06:10:27 +08:00
|
|
|
for( i = 1; i < uidval.bv_len - 2; i++ ) {
|
2003-08-23 05:03:03 +08:00
|
|
|
c = uidval.bv_val[i];
|
|
|
|
switch(c) {
|
|
|
|
case '0':
|
|
|
|
if( got1 ) out->bv_val[out->bv_len++] = c;
|
|
|
|
break;
|
|
|
|
case '1':
|
|
|
|
got1 = 1;
|
|
|
|
out->bv_val[out->bv_len++] = c;
|
2004-06-29 06:10:27 +08:00
|
|
|
break;
|
2003-08-23 05:03:03 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-06-29 06:10:27 +08:00
|
|
|
out->bv_val[out->bv_len++] = '\'';
|
|
|
|
out->bv_val[out->bv_len++] = 'B';
|
2003-08-23 05:03:03 +08:00
|
|
|
out->bv_val[out->bv_len] = '\0';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Debug( LDAP_DEBUG_TRACE, "<<< nameUIDPretty: <%s>\n", out->bv_val, 0, 0 );
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
static int
|
|
|
|
uniqueMemberNormalize(
|
|
|
|
slap_mask_t usage,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
2003-04-11 09:29:28 +08:00
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
struct berval out;
|
|
|
|
int rc;
|
|
|
|
|
2003-10-18 14:18:05 +08:00
|
|
|
assert( SLAP_MR_IS_VALUE_OF_SYNTAX( usage ));
|
|
|
|
|
2004-05-14 06:19:16 +08:00
|
|
|
ber_dupbv_x( &out, val, ctx );
|
|
|
|
if ( BER_BVISEMPTY( &out ) ) {
|
2004-05-14 06:12:24 +08:00
|
|
|
*normalized = out;
|
|
|
|
|
|
|
|
} else {
|
2004-04-07 12:11:43 +08:00
|
|
|
struct berval uid = BER_BVNULL;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
2004-06-30 00:29:00 +08:00
|
|
|
uid.bv_val = strrchr( out.bv_val, '#' );
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISNULL( &uid ) ) {
|
2004-06-30 00:29:00 +08:00
|
|
|
uid.bv_val++;
|
|
|
|
uid.bv_len = out.bv_len - ( uid.bv_val - out.bv_val );
|
|
|
|
|
|
|
|
rc = bitStringValidate( NULL, &uid );
|
|
|
|
if ( rc == LDAP_SUCCESS ) {
|
|
|
|
uid.bv_val[-1] = '\0';
|
|
|
|
out.bv_len -= uid.bv_len + 1;
|
|
|
|
} else {
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &uid );
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2003-04-30 02:28:14 +08:00
|
|
|
rc = dnNormalize( 0, NULL, NULL, &out, normalized, ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
|
|
|
|
if( rc != LDAP_SUCCESS ) {
|
2004-05-14 06:19:16 +08:00
|
|
|
slap_sl_free( out.bv_val, ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( !BER_BVISNULL( &uid ) ) {
|
2004-06-30 00:29:00 +08:00
|
|
|
char *tmp;
|
|
|
|
|
|
|
|
tmp = ch_realloc( normalized->bv_val,
|
2004-06-29 06:10:27 +08:00
|
|
|
normalized->bv_len + uid.bv_len
|
|
|
|
+ STRLENOF("#") + 1 );
|
2004-06-30 00:29:00 +08:00
|
|
|
if ( tmp == NULL ) {
|
|
|
|
ber_memfree_x( normalized->bv_val, ctx );
|
|
|
|
return LDAP_OTHER;
|
|
|
|
}
|
|
|
|
|
|
|
|
normalized->bv_val = tmp;
|
2003-04-07 09:06:46 +08:00
|
|
|
|
|
|
|
/* insert the separator */
|
|
|
|
normalized->bv_val[normalized->bv_len++] = '#';
|
|
|
|
|
|
|
|
/* append the UID */
|
|
|
|
AC_MEMCPY( &normalized->bv_val[normalized->bv_len],
|
|
|
|
uid.bv_val, uid.bv_len );
|
|
|
|
normalized->bv_len += uid.bv_len;
|
|
|
|
|
|
|
|
/* terminate */
|
|
|
|
normalized->bv_val[normalized->bv_len] = '\0';
|
|
|
|
}
|
|
|
|
|
2004-05-14 06:19:16 +08:00
|
|
|
slap_sl_free( out.bv_val, ctx );
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-08-11 10:12:20 +08:00
|
|
|
static int
|
|
|
|
uniqueMemberMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
|
|
|
int match;
|
|
|
|
struct berval *asserted = (struct berval *) assertedValue;
|
2004-07-19 05:40:16 +08:00
|
|
|
struct berval assertedDN = *asserted;
|
2004-04-07 12:11:43 +08:00
|
|
|
struct berval assertedUID = BER_BVNULL;
|
2005-09-25 14:12:41 +08:00
|
|
|
struct berval valueDN = *value;
|
2004-04-07 12:11:43 +08:00
|
|
|
struct berval valueUID = BER_BVNULL;
|
2005-03-26 10:07:00 +08:00
|
|
|
int approx = ((flags & SLAP_MR_EQUALITY_APPROX) == SLAP_MR_EQUALITY_APPROX);
|
2003-08-11 10:12:20 +08:00
|
|
|
|
2004-07-19 05:40:16 +08:00
|
|
|
if ( !BER_BVISEMPTY( asserted ) ) {
|
2004-06-30 01:23:54 +08:00
|
|
|
assertedUID.bv_val = strrchr( assertedDN.bv_val, '#' );
|
|
|
|
if ( !BER_BVISNULL( &assertedUID ) ) {
|
|
|
|
assertedUID.bv_val++;
|
|
|
|
assertedUID.bv_len = assertedDN.bv_len
|
|
|
|
- ( assertedUID.bv_val - assertedDN.bv_val );
|
2003-08-11 10:12:20 +08:00
|
|
|
|
2004-06-30 01:23:54 +08:00
|
|
|
if ( bitStringValidate( NULL, &assertedUID ) == LDAP_SUCCESS ) {
|
|
|
|
assertedDN.bv_len -= assertedUID.bv_len + 1;
|
2003-08-11 10:12:20 +08:00
|
|
|
|
2004-06-30 01:23:54 +08:00
|
|
|
} else {
|
|
|
|
BER_BVZERO( &assertedUID );
|
|
|
|
}
|
2003-08-11 10:12:20 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-06-30 01:23:54 +08:00
|
|
|
if ( !BER_BVISEMPTY( value ) ) {
|
2003-08-11 10:12:20 +08:00
|
|
|
|
2004-06-30 01:23:54 +08:00
|
|
|
valueUID.bv_val = strrchr( valueDN.bv_val, '#' );
|
|
|
|
if ( !BER_BVISNULL( &valueUID ) ) {
|
|
|
|
valueUID.bv_val++;
|
|
|
|
valueUID.bv_len = valueDN.bv_len
|
|
|
|
- ( valueUID.bv_val - valueDN.bv_val );
|
2003-08-11 10:12:20 +08:00
|
|
|
|
2004-06-30 01:23:54 +08:00
|
|
|
if ( bitStringValidate( NULL, &valueUID ) == LDAP_SUCCESS ) {
|
|
|
|
valueDN.bv_len -= valueUID.bv_len + 1;
|
2003-08-11 10:12:20 +08:00
|
|
|
|
2004-06-30 01:23:54 +08:00
|
|
|
} else {
|
|
|
|
BER_BVZERO( &valueUID );
|
|
|
|
}
|
2003-08-11 10:12:20 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if( valueUID.bv_len && assertedUID.bv_len ) {
|
2004-06-29 06:10:27 +08:00
|
|
|
match = valueUID.bv_len - assertedUID.bv_len;
|
|
|
|
if ( match ) {
|
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-08-11 10:12:20 +08:00
|
|
|
match = memcmp( valueUID.bv_val, assertedUID.bv_val, valueUID.bv_len );
|
|
|
|
if( match ) {
|
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2005-03-26 10:07:00 +08:00
|
|
|
|
|
|
|
} else if ( !approx && valueUID.bv_len ) {
|
|
|
|
match = -1;
|
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
|
|
|
|
} else if ( !approx && assertedUID.bv_len ) {
|
|
|
|
match = 1;
|
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
2003-08-11 10:12:20 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return dnMatch( matchp, flags, syntax, mr, &valueDN, &assertedDN );
|
|
|
|
}
|
|
|
|
|
2005-03-26 10:07:00 +08:00
|
|
|
static int
|
|
|
|
uniqueMemberIndexer(
|
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
|
|
|
BerVarray values,
|
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
|
|
|
{
|
|
|
|
BerVarray dnvalues;
|
|
|
|
int rc;
|
|
|
|
int i;
|
|
|
|
for( i=0; !BER_BVISNULL( &values[i] ); i++ ) {
|
|
|
|
/* just count them */
|
|
|
|
}
|
|
|
|
assert( i > 0 );
|
|
|
|
|
|
|
|
dnvalues = slap_sl_malloc( sizeof( struct berval ) * (i+1), ctx );
|
|
|
|
|
|
|
|
for( i=0; !BER_BVISNULL( &values[i] ); i++ ) {
|
|
|
|
struct berval assertedDN = values[i];
|
|
|
|
struct berval assertedUID = BER_BVNULL;
|
|
|
|
|
|
|
|
if ( !BER_BVISEMPTY( &assertedDN ) ) {
|
|
|
|
assertedUID.bv_val = strrchr( assertedDN.bv_val, '#' );
|
|
|
|
if ( !BER_BVISNULL( &assertedUID ) ) {
|
|
|
|
assertedUID.bv_val++;
|
|
|
|
assertedUID.bv_len = assertedDN.bv_len
|
|
|
|
- ( assertedUID.bv_val - assertedDN.bv_val );
|
|
|
|
|
|
|
|
if ( bitStringValidate( NULL, &assertedUID ) == LDAP_SUCCESS ) {
|
|
|
|
assertedDN.bv_len -= assertedUID.bv_len + 1;
|
|
|
|
|
|
|
|
} else {
|
|
|
|
BER_BVZERO( &assertedUID );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
dnvalues[i] = assertedDN;
|
|
|
|
}
|
|
|
|
BER_BVZERO( &dnvalues[i] );
|
|
|
|
|
|
|
|
rc = octetStringIndexer( use, flags, syntax, mr, prefix,
|
|
|
|
dnvalues, keysp, ctx );
|
|
|
|
|
|
|
|
slap_sl_free( dnvalues, ctx );
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
uniqueMemberFilter(
|
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
|
|
|
void * assertedValue,
|
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
|
|
|
{
|
|
|
|
struct berval *asserted = (struct berval *) assertedValue;
|
|
|
|
struct berval assertedDN = *asserted;
|
|
|
|
struct berval assertedUID = BER_BVNULL;
|
|
|
|
|
|
|
|
if ( !BER_BVISEMPTY( asserted ) ) {
|
|
|
|
assertedUID.bv_val = strrchr( assertedDN.bv_val, '#' );
|
|
|
|
if ( !BER_BVISNULL( &assertedUID ) ) {
|
|
|
|
assertedUID.bv_val++;
|
|
|
|
assertedUID.bv_len = assertedDN.bv_len
|
|
|
|
- ( assertedUID.bv_val - assertedDN.bv_val );
|
|
|
|
|
|
|
|
if ( bitStringValidate( NULL, &assertedUID ) == LDAP_SUCCESS ) {
|
|
|
|
assertedDN.bv_len -= assertedUID.bv_len + 1;
|
|
|
|
|
|
|
|
} else {
|
|
|
|
BER_BVZERO( &assertedUID );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return octetStringFilter( use, flags, syntax, mr, prefix,
|
|
|
|
&assertedDN, keysp, ctx );
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/*
|
|
|
|
* Handling boolean syntax and matching is quite rigid.
|
|
|
|
* A more flexible approach would be to allow a variety
|
|
|
|
* of strings to be normalized and prettied into TRUE
|
|
|
|
* and FALSE.
|
|
|
|
*/
|
2000-06-30 03:00:17 +08:00
|
|
|
static int
|
|
|
|
booleanValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
/* very unforgiving validation, requires no normalization
|
|
|
|
* before simplistic matching
|
|
|
|
*/
|
|
|
|
|
|
|
|
if( in->bv_len == 4 ) {
|
2003-04-17 03:49:00 +08:00
|
|
|
if( bvmatch( in, &slap_true_bv ) ) {
|
2000-06-30 03:00:17 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
} else if( in->bv_len == 5 ) {
|
2003-04-17 03:49:00 +08:00
|
|
|
if( bvmatch( in, &slap_false_bv ) ) {
|
2000-06-30 03:00:17 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
booleanMatch(
|
|
|
|
int *matchp,
|
2000-08-23 05:26:25 +08:00
|
|
|
slap_mask_t flags,
|
2000-06-30 03:00:17 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
|
|
|
/* simplistic matching allowed by rigid validation */
|
|
|
|
struct berval *asserted = (struct berval *) assertedValue;
|
|
|
|
*matchp = value->bv_len != asserted->bv_len;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2002-08-07 16:19:11 +08:00
|
|
|
/*-------------------------------------------------------------------
|
|
|
|
LDAP/X.500 string syntax / matching rules have a few oddities. This
|
|
|
|
comment attempts to detail how slapd(8) treats them.
|
|
|
|
|
|
|
|
Summary:
|
2003-02-28 13:13:29 +08:00
|
|
|
StringSyntax X.500 LDAP Matching/Comments
|
2002-08-07 16:19:11 +08:00
|
|
|
DirectoryString CHOICE UTF8 i/e + ignore insignificant spaces
|
|
|
|
PrintableString subset subset i/e + ignore insignificant spaces
|
2003-02-28 13:13:29 +08:00
|
|
|
PrintableString subset subset i/e + ignore insignificant spaces
|
2003-04-07 11:46:22 +08:00
|
|
|
NumericString subset subset ignore all spaces
|
2002-08-07 16:19:11 +08:00
|
|
|
IA5String ASCII ASCII i/e + ignore insignificant spaces
|
|
|
|
TeletexString T.61 T.61 i/e + ignore insignificant spaces
|
|
|
|
|
2003-04-07 11:46:22 +08:00
|
|
|
TelephoneNumber subset subset i + ignore all spaces and "-"
|
2002-08-07 16:19:11 +08:00
|
|
|
|
|
|
|
See draft-ietf-ldapbis-strpro for details (once published).
|
|
|
|
|
|
|
|
|
|
|
|
Directory String -
|
|
|
|
In X.500(93), a directory string can be either a PrintableString,
|
|
|
|
a bmpString, or a UniversalString (e.g., UCS (a subset of Unicode)).
|
|
|
|
In later versions, more CHOICEs were added. In all cases the string
|
|
|
|
must be non-empty.
|
|
|
|
|
2002-08-31 18:45:22 +08:00
|
|
|
In LDAPv3, a directory string is a UTF-8 encoded UCS string.
|
2003-02-28 13:13:29 +08:00
|
|
|
A directory string cannot be zero length.
|
2002-08-07 16:19:11 +08:00
|
|
|
|
|
|
|
For matching, there are both case ignore and exact rules. Both
|
|
|
|
also require that "insignificant" spaces be ignored.
|
|
|
|
spaces before the first non-space are ignored;
|
|
|
|
spaces after the last non-space are ignored;
|
|
|
|
spaces after a space are ignored.
|
|
|
|
Note: by these rules (and as clarified in X.520), a string of only
|
|
|
|
spaces is to be treated as if held one space, not empty (which
|
|
|
|
would be a syntax error).
|
|
|
|
|
|
|
|
NumericString
|
|
|
|
In ASN.1, numeric string is just a string of digits and spaces
|
|
|
|
and could be empty. However, in X.500, all attribute values of
|
|
|
|
numeric string carry a non-empty constraint. For example:
|
|
|
|
|
|
|
|
internationalISDNNumber ATTRIBUTE ::= {
|
|
|
|
WITH SYNTAX InternationalISDNNumber
|
|
|
|
EQUALITY MATCHING RULE numericStringMatch
|
|
|
|
SUBSTRINGS MATCHING RULE numericStringSubstringsMatch
|
|
|
|
ID id-at-internationalISDNNumber }
|
|
|
|
InternationalISDNNumber ::=
|
|
|
|
NumericString (SIZE(1..ub-international-isdn-number))
|
|
|
|
|
|
|
|
Unforunately, some assertion values are don't carry the same
|
|
|
|
constraint (but its unclear how such an assertion could ever
|
|
|
|
be true). In LDAP, there is one syntax (numericString) not two
|
|
|
|
(numericString with constraint, numericString without constraint).
|
|
|
|
This should be treated as numericString with non-empty constraint.
|
|
|
|
Note that while someone may have no ISDN number, there are no ISDN
|
|
|
|
numbers which are zero length.
|
|
|
|
|
|
|
|
In matching, spaces are ignored.
|
|
|
|
|
|
|
|
PrintableString
|
|
|
|
In ASN.1, Printable string is just a string of printable characters
|
|
|
|
and can be empty. In X.500, semantics much like NumericString (see
|
|
|
|
serialNumber for a like example) excepting uses insignificant space
|
|
|
|
handling instead of ignore all spaces.
|
|
|
|
|
|
|
|
IA5String
|
|
|
|
Basically same as PrintableString. There are no examples in X.500,
|
|
|
|
but same logic applies. So we require them to be non-empty as
|
|
|
|
well.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------*/
|
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
static int
|
|
|
|
UTF8StringValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
ber_len_t count;
|
|
|
|
int len;
|
2003-12-18 04:55:46 +08:00
|
|
|
unsigned char *u = (unsigned char *)in->bv_val;
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( in ) && syntax == slap_schema.si_syn_directoryString ) {
|
2003-02-28 13:13:29 +08:00
|
|
|
/* directory strings cannot be empty */
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-06-24 07:57:53 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
for( count = in->bv_len; count > 0; count -= len, u += len ) {
|
2000-01-30 03:43:19 +08:00
|
|
|
/* get the length indicated by the first byte */
|
2002-01-15 16:27:19 +08:00
|
|
|
len = LDAP_UTF8_CHARLEN2( u, len );
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2002-01-15 12:38:05 +08:00
|
|
|
/* very basic checks */
|
|
|
|
switch( len ) {
|
|
|
|
case 6:
|
2002-01-15 16:27:19 +08:00
|
|
|
if( (u[5] & 0xC0) != 0x80 ) {
|
2002-01-15 12:38:05 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
case 5:
|
2002-01-15 16:27:19 +08:00
|
|
|
if( (u[4] & 0xC0) != 0x80 ) {
|
2002-01-15 12:38:05 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
case 4:
|
2002-01-15 16:27:19 +08:00
|
|
|
if( (u[3] & 0xC0) != 0x80 ) {
|
2002-01-15 12:38:05 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
case 3:
|
2002-01-15 16:27:19 +08:00
|
|
|
if( (u[2] & 0xC0 )!= 0x80 ) {
|
2002-01-15 12:38:05 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
case 2:
|
2002-01-15 16:27:19 +08:00
|
|
|
if( (u[1] & 0xC0) != 0x80 ) {
|
2002-01-15 12:38:05 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
case 1:
|
2002-01-18 12:49:55 +08:00
|
|
|
/* CHARLEN already validated it */
|
2002-01-15 12:38:05 +08:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
/* make sure len corresponds with the offset
|
|
|
|
to the next character */
|
2003-12-18 04:55:46 +08:00
|
|
|
if( LDAP_UTF8_OFFSET( (char *)u ) != len ) return LDAP_INVALID_SYNTAX;
|
2000-01-30 03:43:19 +08:00
|
|
|
}
|
|
|
|
|
2003-02-28 13:13:29 +08:00
|
|
|
if( count != 0 ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2000-05-25 07:27:33 +08:00
|
|
|
return LDAP_SUCCESS;
|
2000-01-30 03:43:19 +08:00
|
|
|
}
|
|
|
|
|
2003-02-28 13:13:29 +08:00
|
|
|
static int
|
|
|
|
UTF8StringNormalize(
|
|
|
|
slap_mask_t use,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
2003-04-11 09:29:28 +08:00
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
2003-02-28 13:13:29 +08:00
|
|
|
{
|
|
|
|
struct berval tmp, nvalue;
|
|
|
|
int flags;
|
|
|
|
int i, wasspace;
|
|
|
|
|
2003-10-18 14:18:05 +08:00
|
|
|
assert( SLAP_MR_IS_VALUE_OF_SYNTAX( use ));
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISNULL( val ) ) {
|
2003-02-28 13:13:29 +08:00
|
|
|
/* assume we're dealing with a syntax (e.g., UTF8String)
|
|
|
|
* which allows empty strings
|
|
|
|
*/
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( normalized );
|
2003-02-28 13:13:29 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-04-16 18:22:33 +08:00
|
|
|
flags = SLAP_MR_ASSOCIATED( mr, slap_schema.si_mr_caseExactMatch )
|
2003-03-01 04:00:54 +08:00
|
|
|
? LDAP_UTF8_NOCASEFOLD : LDAP_UTF8_CASEFOLD;
|
2003-04-04 06:18:17 +08:00
|
|
|
flags |= ( ( use & SLAP_MR_EQUALITY_APPROX ) == SLAP_MR_EQUALITY_APPROX )
|
2003-02-28 13:13:29 +08:00
|
|
|
? LDAP_UTF8_APPROX : 0;
|
|
|
|
|
2003-04-11 11:57:10 +08:00
|
|
|
val = UTF8bvnormalize( val, &tmp, flags, ctx );
|
2003-02-28 13:13:29 +08:00
|
|
|
if( val == NULL ) {
|
|
|
|
return LDAP_OTHER;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* collapse spaces (in place) */
|
|
|
|
nvalue.bv_len = 0;
|
|
|
|
nvalue.bv_val = tmp.bv_val;
|
|
|
|
|
2005-03-25 13:57:07 +08:00
|
|
|
/* trim leading spaces? */
|
|
|
|
wasspace = !((( use & SLAP_MR_SUBSTR_ANY ) == SLAP_MR_SUBSTR_ANY ) ||
|
|
|
|
(( use & SLAP_MR_SUBSTR_FINAL ) == SLAP_MR_SUBSTR_FINAL ));
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
for( i = 0; i < tmp.bv_len; i++) {
|
2003-02-28 13:13:29 +08:00
|
|
|
if ( ASCII_SPACE( tmp.bv_val[i] )) {
|
|
|
|
if( wasspace++ == 0 ) {
|
|
|
|
/* trim repeated spaces */
|
|
|
|
nvalue.bv_val[nvalue.bv_len++] = tmp.bv_val[i];
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
wasspace = 0;
|
|
|
|
nvalue.bv_val[nvalue.bv_len++] = tmp.bv_val[i];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( !BER_BVISEMPTY( &nvalue ) ) {
|
2005-03-25 13:57:07 +08:00
|
|
|
/* trim trailing space? */
|
|
|
|
if( wasspace && (
|
|
|
|
(( use & SLAP_MR_SUBSTR_INITIAL ) != SLAP_MR_SUBSTR_INITIAL ) &&
|
|
|
|
( use & SLAP_MR_SUBSTR_ANY ) != SLAP_MR_SUBSTR_ANY ))
|
|
|
|
{
|
2003-02-28 13:13:29 +08:00
|
|
|
--nvalue.bv_len;
|
2003-04-07 09:06:46 +08:00
|
|
|
}
|
|
|
|
nvalue.bv_val[nvalue.bv_len] = '\0';
|
2000-10-25 04:25:37 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
} else {
|
|
|
|
/* string of all spaces is treated as one space */
|
|
|
|
nvalue.bv_val[0] = ' ';
|
|
|
|
nvalue.bv_val[1] = '\0';
|
|
|
|
nvalue.bv_len = 1;
|
|
|
|
}
|
2000-10-25 04:25:37 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
*normalized = nvalue;
|
2000-10-25 04:25:37 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2005-03-25 13:57:07 +08:00
|
|
|
static int
|
|
|
|
directoryStringSubstringsMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
|
|
|
int match = 0;
|
|
|
|
SubstringsAssertion *sub = assertedValue;
|
|
|
|
struct berval left = *value;
|
|
|
|
int i;
|
|
|
|
int priorspace=0;
|
|
|
|
|
|
|
|
if ( !BER_BVISNULL( &sub->sa_initial ) ) {
|
|
|
|
if ( sub->sa_initial.bv_len > left.bv_len ) {
|
|
|
|
/* not enough left */
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
match = memcmp( sub->sa_initial.bv_val, left.bv_val,
|
|
|
|
sub->sa_initial.bv_len );
|
|
|
|
|
|
|
|
if ( match != 0 ) {
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
left.bv_val += sub->sa_initial.bv_len;
|
|
|
|
left.bv_len -= sub->sa_initial.bv_len;
|
|
|
|
|
|
|
|
priorspace = ASCII_SPACE(
|
|
|
|
sub->sa_initial.bv_val[sub->sa_initial.bv_len] );
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( sub->sa_any ) {
|
|
|
|
for ( i = 0; !BER_BVISNULL( &sub->sa_any[i] ); i++ ) {
|
|
|
|
ber_len_t idx;
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
if( priorspace && !BER_BVISEMPTY( &sub->sa_any[i] )
|
|
|
|
&& ASCII_SPACE( sub->sa_any[i].bv_val[0] ))
|
|
|
|
{
|
|
|
|
/* allow next space to match */
|
|
|
|
left.bv_val--;
|
|
|
|
left.bv_len++;
|
|
|
|
}
|
|
|
|
priorspace=0;
|
|
|
|
|
|
|
|
retry:
|
|
|
|
if ( BER_BVISEMPTY( &sub->sa_any[i] ) ) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( sub->sa_any[i].bv_len > left.bv_len ) {
|
|
|
|
/* not enough left */
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
p = memchr( left.bv_val, *sub->sa_any[i].bv_val, left.bv_len );
|
|
|
|
|
|
|
|
if( p == NULL ) {
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
idx = p - left.bv_val;
|
|
|
|
|
|
|
|
if ( idx >= left.bv_len ) {
|
|
|
|
/* this shouldn't happen */
|
|
|
|
return LDAP_OTHER;
|
|
|
|
}
|
|
|
|
|
|
|
|
left.bv_val = p;
|
|
|
|
left.bv_len -= idx;
|
|
|
|
|
|
|
|
if ( sub->sa_any[i].bv_len > left.bv_len ) {
|
|
|
|
/* not enough left */
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
match = memcmp( left.bv_val,
|
|
|
|
sub->sa_any[i].bv_val,
|
|
|
|
sub->sa_any[i].bv_len );
|
|
|
|
|
|
|
|
if ( match != 0 ) {
|
|
|
|
left.bv_val++;
|
|
|
|
left.bv_len--;
|
|
|
|
goto retry;
|
|
|
|
}
|
|
|
|
|
|
|
|
left.bv_val += sub->sa_any[i].bv_len;
|
|
|
|
left.bv_len -= sub->sa_any[i].bv_len;
|
|
|
|
|
|
|
|
priorspace = ASCII_SPACE(
|
|
|
|
sub->sa_any[i].bv_val[sub->sa_any[i].bv_len] );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( !BER_BVISNULL( &sub->sa_final ) ) {
|
|
|
|
if( priorspace && !BER_BVISEMPTY( &sub->sa_final )
|
|
|
|
&& ASCII_SPACE( sub->sa_final.bv_val[0] ))
|
|
|
|
{
|
|
|
|
/* allow next space to match */
|
|
|
|
left.bv_val--;
|
|
|
|
left.bv_len++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( sub->sa_final.bv_len > left.bv_len ) {
|
|
|
|
/* not enough left */
|
|
|
|
match = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
match = memcmp( sub->sa_final.bv_val,
|
|
|
|
&left.bv_val[left.bv_len - sub->sa_final.bv_len],
|
|
|
|
sub->sa_final.bv_len );
|
|
|
|
|
|
|
|
if ( match != 0 ) {
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
#if defined(SLAPD_APPROX_INITIALS)
|
2003-05-16 11:57:01 +08:00
|
|
|
# define SLAPD_APPROX_DELIMITER "._ "
|
|
|
|
# define SLAPD_APPROX_WORDLEN 2
|
2000-10-25 04:25:37 +08:00
|
|
|
#else
|
2003-05-16 11:57:01 +08:00
|
|
|
# define SLAPD_APPROX_DELIMITER " "
|
|
|
|
# define SLAPD_APPROX_WORDLEN 1
|
2003-04-07 09:06:46 +08:00
|
|
|
#endif
|
2000-10-25 04:25:37 +08:00
|
|
|
|
|
|
|
static int
|
|
|
|
approxMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
2003-04-07 09:06:46 +08:00
|
|
|
struct berval *nval, *assertv;
|
|
|
|
char *val, **values, **words, *c;
|
|
|
|
int i, count, len, nextchunk=0, nextavail=0;
|
2000-10-25 04:25:37 +08:00
|
|
|
|
2001-07-26 05:22:55 +08:00
|
|
|
/* Yes, this is necessary */
|
2003-05-16 11:57:01 +08:00
|
|
|
nval = UTF8bvnormalize( value, NULL, LDAP_UTF8_APPROX, NULL );
|
2003-04-07 09:06:46 +08:00
|
|
|
if( nval == NULL ) {
|
2001-07-26 05:22:55 +08:00
|
|
|
*matchp = 1;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Yes, this is necessary */
|
2003-04-07 09:06:46 +08:00
|
|
|
assertv = UTF8bvnormalize( ((struct berval *)assertedValue),
|
2003-05-16 11:57:01 +08:00
|
|
|
NULL, LDAP_UTF8_APPROX, NULL );
|
2003-04-07 09:06:46 +08:00
|
|
|
if( assertv == NULL ) {
|
|
|
|
ber_bvfree( nval );
|
|
|
|
*matchp = 1;
|
2001-07-26 05:22:55 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Isolate how many words there are */
|
|
|
|
for ( c = nval->bv_val, count = 1; *c; c++ ) {
|
|
|
|
c = strpbrk( c, SLAPD_APPROX_DELIMITER );
|
|
|
|
if ( c == NULL ) break;
|
|
|
|
*c = '\0';
|
|
|
|
count++;
|
2000-10-25 04:25:37 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Get a phonetic copy of each word */
|
|
|
|
words = (char **)ch_malloc( count * sizeof(char *) );
|
|
|
|
values = (char **)ch_malloc( count * sizeof(char *) );
|
|
|
|
for ( c = nval->bv_val, i = 0; i < count; i++, c += strlen(c) + 1 ) {
|
|
|
|
words[i] = c;
|
|
|
|
values[i] = phonetic(c);
|
2001-07-26 05:22:55 +08:00
|
|
|
}
|
2000-10-25 04:25:37 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Work through the asserted value's words, to see if at least some
|
|
|
|
of the words are there, in the same order. */
|
|
|
|
len = 0;
|
|
|
|
while ( (ber_len_t) nextchunk < assertv->bv_len ) {
|
|
|
|
len = strcspn( assertv->bv_val + nextchunk, SLAPD_APPROX_DELIMITER);
|
|
|
|
if( len == 0 ) {
|
|
|
|
nextchunk++;
|
2003-04-07 02:57:17 +08:00
|
|
|
continue;
|
2000-06-16 03:56:51 +08:00
|
|
|
}
|
2003-04-07 09:06:46 +08:00
|
|
|
#if defined(SLAPD_APPROX_INITIALS)
|
|
|
|
else if( len == 1 ) {
|
|
|
|
/* Single letter words need to at least match one word's initial */
|
|
|
|
for( i=nextavail; i<count; i++ )
|
|
|
|
if( !strncasecmp( assertv->bv_val + nextchunk, words[i], 1 )) {
|
|
|
|
nextavail=i+1;
|
|
|
|
break;
|
|
|
|
}
|
2000-05-28 07:08:28 +08:00
|
|
|
}
|
2003-04-07 09:06:46 +08:00
|
|
|
#endif
|
|
|
|
else {
|
|
|
|
/* Isolate the next word in the asserted value and phonetic it */
|
|
|
|
assertv->bv_val[nextchunk+len] = '\0';
|
|
|
|
val = phonetic( assertv->bv_val + nextchunk );
|
2000-05-28 07:08:28 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* See if this phonetic chunk is in the remaining words of *value */
|
|
|
|
for( i=nextavail; i<count; i++ ){
|
|
|
|
if( !strcmp( val, values[i] ) ){
|
|
|
|
nextavail = i+1;
|
|
|
|
break;
|
|
|
|
}
|
2003-04-07 02:57:17 +08:00
|
|
|
}
|
2003-04-07 09:06:46 +08:00
|
|
|
ch_free( val );
|
2000-06-16 03:32:24 +08:00
|
|
|
}
|
2000-05-28 07:08:28 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* This chunk in the asserted value was NOT within the *value. */
|
|
|
|
if( i >= count ) {
|
|
|
|
nextavail=-1;
|
|
|
|
break;
|
2000-05-28 07:08:28 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Go on to the next word in the asserted value */
|
|
|
|
nextchunk += len+1;
|
2003-04-07 02:57:17 +08:00
|
|
|
}
|
2000-06-16 03:56:51 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* If some of the words were seen, call it a match */
|
|
|
|
if( nextavail > 0 ) {
|
|
|
|
*matchp = 0;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
*matchp = 1;
|
|
|
|
}
|
2000-08-22 10:23:52 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Cleanup allocs */
|
|
|
|
ber_bvfree( assertv );
|
|
|
|
for( i=0; i<count; i++ ) {
|
|
|
|
ch_free( values[i] );
|
|
|
|
}
|
|
|
|
ch_free( values );
|
|
|
|
ch_free( words );
|
|
|
|
ber_bvfree( nval );
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
static int
|
|
|
|
approxIndexer(
|
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
|
|
|
BerVarray values,
|
2003-05-16 11:57:01 +08:00
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
2003-04-07 09:06:46 +08:00
|
|
|
{
|
|
|
|
char *c;
|
|
|
|
int i,j, len, wordcount, keycount=0;
|
|
|
|
struct berval *newkeys;
|
|
|
|
BerVarray keys=NULL;
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
for( j = 0; !BER_BVISNULL( &values[j] ); j++ ) {
|
2004-04-07 12:11:43 +08:00
|
|
|
struct berval val = BER_BVNULL;
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Yes, this is necessary */
|
2003-05-16 11:57:01 +08:00
|
|
|
UTF8bvnormalize( &values[j], &val, LDAP_UTF8_APPROX, NULL );
|
2005-01-18 17:35:09 +08:00
|
|
|
assert( !BER_BVISNULL( &val ) );
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Isolate how many words there are. There will be a key for each */
|
|
|
|
for( wordcount = 0, c = val.bv_val; *c; c++) {
|
|
|
|
len = strcspn(c, SLAPD_APPROX_DELIMITER);
|
|
|
|
if( len >= SLAPD_APPROX_WORDLEN ) wordcount++;
|
|
|
|
c+= len;
|
|
|
|
if (*c == '\0') break;
|
|
|
|
*c = '\0';
|
|
|
|
}
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Allocate/increase storage to account for new keys */
|
|
|
|
newkeys = (struct berval *)ch_malloc( (keycount + wordcount + 1)
|
|
|
|
* sizeof(struct berval) );
|
|
|
|
AC_MEMCPY( newkeys, keys, keycount * sizeof(struct berval) );
|
|
|
|
if( keys ) ch_free( keys );
|
|
|
|
keys = newkeys;
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Get a phonetic copy of each word */
|
|
|
|
for( c = val.bv_val, i = 0; i < wordcount; c += len + 1 ) {
|
|
|
|
len = strlen( c );
|
|
|
|
if( len < SLAPD_APPROX_WORDLEN ) continue;
|
|
|
|
ber_str2bv( phonetic( c ), 0, 0, &keys[keycount] );
|
|
|
|
keycount++;
|
|
|
|
i++;
|
2000-07-19 01:46:34 +08:00
|
|
|
}
|
2001-01-26 23:56:29 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
ber_memfree( val.bv_val );
|
2000-07-19 01:46:34 +08:00
|
|
|
}
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &keys[keycount] );
|
2003-04-07 09:06:46 +08:00
|
|
|
*keysp = keys;
|
2000-08-23 05:26:25 +08:00
|
|
|
|
2000-07-19 01:46:34 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2000-06-21 09:12:29 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
static int
|
|
|
|
approxFilter(
|
2003-04-07 02:57:17 +08:00
|
|
|
slap_mask_t use,
|
2000-08-23 05:26:25 +08:00
|
|
|
slap_mask_t flags,
|
2000-07-19 01:46:34 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
2002-08-29 10:27:15 +08:00
|
|
|
void * assertedValue,
|
2003-05-16 11:57:01 +08:00
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
2000-07-19 01:46:34 +08:00
|
|
|
{
|
2003-04-07 09:06:46 +08:00
|
|
|
char *c;
|
|
|
|
int i, count, len;
|
|
|
|
struct berval *val;
|
2002-01-14 09:43:17 +08:00
|
|
|
BerVarray keys;
|
2001-07-17 06:48:52 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Yes, this is necessary */
|
|
|
|
val = UTF8bvnormalize( ((struct berval *)assertedValue),
|
2003-05-16 11:57:01 +08:00
|
|
|
NULL, LDAP_UTF8_APPROX, NULL );
|
2005-01-18 17:35:09 +08:00
|
|
|
if( val == NULL || BER_BVISNULL( val ) ) {
|
2003-04-07 09:06:46 +08:00
|
|
|
keys = (struct berval *)ch_malloc( sizeof(struct berval) );
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &keys[0] );
|
2003-04-07 09:06:46 +08:00
|
|
|
*keysp = keys;
|
|
|
|
ber_bvfree( val );
|
|
|
|
return LDAP_SUCCESS;
|
2000-07-19 01:46:34 +08:00
|
|
|
}
|
2000-08-22 10:23:52 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Isolate how many words there are. There will be a key for each */
|
|
|
|
for( count = 0,c = val->bv_val; *c; c++) {
|
|
|
|
len = strcspn(c, SLAPD_APPROX_DELIMITER);
|
|
|
|
if( len >= SLAPD_APPROX_WORDLEN ) count++;
|
|
|
|
c+= len;
|
|
|
|
if (*c == '\0') break;
|
|
|
|
*c = '\0';
|
2000-08-22 10:23:52 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Allocate storage for new keys */
|
|
|
|
keys = (struct berval *)ch_malloc( (count + 1) * sizeof(struct berval) );
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
/* Get a phonetic copy of each word */
|
|
|
|
for( c = val->bv_val, i = 0; i < count; c += len + 1 ) {
|
|
|
|
len = strlen(c);
|
|
|
|
if( len < SLAPD_APPROX_WORDLEN ) continue;
|
|
|
|
ber_str2bv( phonetic( c ), 0, 0, &keys[i] );
|
|
|
|
i++;
|
2000-07-19 01:46:34 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
ber_bvfree( val );
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( &keys[count] );
|
2003-04-07 09:06:46 +08:00
|
|
|
*keysp = keys;
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 09:06:46 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2002-03-26 01:08:38 +08:00
|
|
|
/* Remove all spaces and '-' characters */
|
|
|
|
static int
|
2003-03-24 10:16:10 +08:00
|
|
|
telephoneNumberNormalize(
|
|
|
|
slap_mask_t usage,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
2003-04-11 09:29:28 +08:00
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
2002-03-26 01:08:38 +08:00
|
|
|
{
|
|
|
|
char *p, *q;
|
|
|
|
|
2003-10-18 14:18:05 +08:00
|
|
|
assert( SLAP_MR_IS_VALUE_OF_SYNTAX( usage ));
|
|
|
|
|
2002-08-06 13:35:59 +08:00
|
|
|
/* validator should have refused an empty string */
|
2005-01-18 17:35:09 +08:00
|
|
|
assert( !BER_BVISEMPTY( val ) );
|
2002-08-06 13:35:59 +08:00
|
|
|
|
2004-09-02 00:01:36 +08:00
|
|
|
q = normalized->bv_val = slap_sl_malloc( val->bv_len + 1, ctx );
|
2002-03-26 01:08:38 +08:00
|
|
|
|
2002-08-06 13:35:59 +08:00
|
|
|
for( p = val->bv_val; *p; p++ ) {
|
|
|
|
if ( ! ( ASCII_SPACE( *p ) || *p == '-' )) {
|
2002-03-26 01:08:38 +08:00
|
|
|
*q++ = *p;
|
2002-08-06 13:35:59 +08:00
|
|
|
}
|
|
|
|
}
|
2002-03-26 01:08:38 +08:00
|
|
|
*q = '\0';
|
|
|
|
|
|
|
|
normalized->bv_len = q - normalized->bv_val;
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( normalized ) ) {
|
2004-04-20 11:44:57 +08:00
|
|
|
slap_sl_free( normalized->bv_val, ctx );
|
2005-01-18 17:35:09 +08:00
|
|
|
BER_BVZERO( normalized );
|
2002-08-06 13:35:59 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2002-03-26 01:08:38 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2005-08-18 01:14:57 +08:00
|
|
|
int
|
2003-04-25 10:28:06 +08:00
|
|
|
numericoidValidate(
|
2000-09-04 02:04:08 +08:00
|
|
|
Syntax *syntax,
|
2003-04-25 10:28:06 +08:00
|
|
|
struct berval *in )
|
2000-09-04 02:04:08 +08:00
|
|
|
{
|
2003-04-25 10:28:06 +08:00
|
|
|
struct berval val = *in;
|
2000-09-04 02:04:08 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( &val ) ) {
|
2000-11-11 07:07:20 +08:00
|
|
|
/* disallow empty strings */
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-09-04 02:04:08 +08:00
|
|
|
|
2003-04-25 10:28:06 +08:00
|
|
|
while( OID_LEADCHAR( val.bv_val[0] ) ) {
|
|
|
|
if ( val.bv_len == 1 ) {
|
|
|
|
return LDAP_SUCCESS;
|
2003-04-25 07:40:55 +08:00
|
|
|
}
|
2000-09-04 02:04:08 +08:00
|
|
|
|
2005-03-21 18:23:01 +08:00
|
|
|
if ( val.bv_val[0] == '0' && !OID_SEPARATOR( val.bv_val[1] )) {
|
2003-04-25 10:28:06 +08:00
|
|
|
break;
|
|
|
|
}
|
2003-04-25 07:40:55 +08:00
|
|
|
|
2003-04-25 10:28:06 +08:00
|
|
|
val.bv_val++;
|
|
|
|
val.bv_len--;
|
|
|
|
|
|
|
|
while ( OID_LEADCHAR( val.bv_val[0] )) {
|
|
|
|
val.bv_val++;
|
|
|
|
val.bv_len--;
|
|
|
|
|
|
|
|
if ( val.bv_len == 0 ) {
|
|
|
|
return LDAP_SUCCESS;
|
2000-09-04 02:04:08 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2003-04-25 10:28:06 +08:00
|
|
|
if( !OID_SEPARATOR( val.bv_val[0] )) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
val.bv_val++;
|
|
|
|
val.bv_len--;
|
2000-09-04 02:04:08 +08:00
|
|
|
}
|
2003-04-25 10:28:06 +08:00
|
|
|
|
2000-09-04 02:04:08 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2001-09-20 23:50:49 +08:00
|
|
|
static int
|
2003-04-24 13:16:06 +08:00
|
|
|
integerValidate(
|
2001-09-20 23:50:49 +08:00
|
|
|
Syntax *syntax,
|
2003-04-24 13:16:06 +08:00
|
|
|
struct berval *in )
|
2001-09-20 23:50:49 +08:00
|
|
|
{
|
2003-04-24 13:16:06 +08:00
|
|
|
ber_len_t i;
|
|
|
|
struct berval val = *in;
|
2001-09-20 23:50:49 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( BER_BVISEMPTY( &val ) ) return LDAP_INVALID_SYNTAX;
|
2001-09-20 23:50:49 +08:00
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
if ( val.bv_val[0] == '-' ) {
|
|
|
|
val.bv_len--;
|
|
|
|
val.bv_val++;
|
2001-09-20 23:50:49 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( &val ) ) { /* bare "-" */
|
2003-04-24 13:16:06 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-09-04 02:04:08 +08:00
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
if( val.bv_val[0] == '0' ) { /* "-0" */
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-09-04 02:04:08 +08:00
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
} else if ( val.bv_val[0] == '0' ) {
|
2003-04-24 20:43:30 +08:00
|
|
|
if( val.bv_len > 1 ) { /* "0<more>" */
|
2003-04-24 13:16:06 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2003-03-24 14:49:55 +08:00
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
return LDAP_SUCCESS;
|
2000-09-12 08:00:25 +08:00
|
|
|
}
|
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
for( i=0; i < val.bv_len; i++ ) {
|
|
|
|
if( !ASCII_DIGIT(val.bv_val[i]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-09-04 02:04:08 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2000-09-12 02:34:14 +08:00
|
|
|
static int
|
2003-04-24 13:16:06 +08:00
|
|
|
integerMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
2003-03-24 14:49:55 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
2003-04-24 13:16:06 +08:00
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
2000-09-12 02:34:14 +08:00
|
|
|
{
|
2003-04-24 13:16:06 +08:00
|
|
|
struct berval *asserted = (struct berval *) assertedValue;
|
|
|
|
int vsign = 1, asign = 1; /* default sign = '+' */
|
|
|
|
struct berval v, a;
|
|
|
|
int match;
|
2001-09-20 23:50:49 +08:00
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
v = *value;
|
|
|
|
if( v.bv_val[0] == '-' ) {
|
|
|
|
vsign = -1;
|
|
|
|
v.bv_val++;
|
|
|
|
v.bv_len--;
|
2001-09-20 23:50:49 +08:00
|
|
|
}
|
2000-09-12 02:34:14 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( &v ) ) vsign = 0;
|
2000-09-12 02:34:14 +08:00
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
a = *asserted;
|
|
|
|
if( a.bv_val[0] == '-' ) {
|
|
|
|
asign = -1;
|
|
|
|
a.bv_val++;
|
|
|
|
a.bv_len--;
|
2001-09-20 23:50:49 +08:00
|
|
|
}
|
2000-09-12 02:34:14 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( &a ) ) vsign = 0;
|
2003-03-24 14:49:55 +08:00
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
match = vsign - asign;
|
|
|
|
if( match == 0 ) {
|
|
|
|
match = ( v.bv_len != a.bv_len
|
|
|
|
? ( v.bv_len < a.bv_len ? -1 : 1 )
|
|
|
|
: memcmp( v.bv_val, a.bv_val, v.bv_len ));
|
|
|
|
if( vsign < 0 ) match = -match;
|
2000-09-12 02:34:14 +08:00
|
|
|
}
|
|
|
|
|
2003-04-24 13:16:06 +08:00
|
|
|
*matchp = match;
|
2001-09-20 23:50:49 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2003-04-24 13:16:06 +08:00
|
|
|
|
2000-11-05 05:09:23 +08:00
|
|
|
static int
|
|
|
|
countryStringValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val )
|
|
|
|
{
|
|
|
|
if( val->bv_len != 2 ) return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
if( !SLAP_PRINTABLE(val->bv_val[0]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
if( !SLAP_PRINTABLE(val->bv_val[1]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2000-09-04 02:04:08 +08:00
|
|
|
static int
|
|
|
|
printableStringValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val )
|
|
|
|
{
|
|
|
|
ber_len_t i;
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( val ) ) return LDAP_INVALID_SYNTAX;
|
2002-08-06 13:35:59 +08:00
|
|
|
|
2000-09-04 02:04:08 +08:00
|
|
|
for(i=0; i < val->bv_len; i++) {
|
2000-11-05 04:31:50 +08:00
|
|
|
if( !SLAP_PRINTABLE(val->bv_val[i]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-09-04 02:04:08 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2000-11-05 05:09:23 +08:00
|
|
|
static int
|
|
|
|
printablesStringValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val )
|
|
|
|
{
|
2002-08-06 13:35:59 +08:00
|
|
|
ber_len_t i, len;
|
2000-11-05 05:09:23 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( val ) ) return LDAP_INVALID_SYNTAX;
|
2002-08-06 13:35:59 +08:00
|
|
|
|
|
|
|
for(i=0,len=0; i < val->bv_len; i++) {
|
|
|
|
int c = val->bv_val[i];
|
|
|
|
|
|
|
|
if( c == '$' ) {
|
|
|
|
if( len == 0 ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
len = 0;
|
|
|
|
|
|
|
|
} else if ( SLAP_PRINTABLE(c) ) {
|
|
|
|
len++;
|
|
|
|
} else {
|
2000-11-05 05:09:23 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2002-08-17 00:32:42 +08:00
|
|
|
if( len == 0 ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2002-08-06 13:35:59 +08:00
|
|
|
|
2000-11-05 05:09:23 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2000-09-04 02:04:08 +08:00
|
|
|
static int
|
|
|
|
IA5StringValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val )
|
|
|
|
{
|
|
|
|
ber_len_t i;
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( val ) ) return LDAP_INVALID_SYNTAX;
|
2002-08-06 13:35:59 +08:00
|
|
|
|
2000-09-04 02:04:08 +08:00
|
|
|
for(i=0; i < val->bv_len; i++) {
|
2002-01-04 04:03:27 +08:00
|
|
|
if( !LDAP_ASCII(val->bv_val[i]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-09-04 02:04:08 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-02-28 13:13:29 +08:00
|
|
|
static int
|
|
|
|
IA5StringNormalize(
|
|
|
|
slap_mask_t use,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
2003-04-11 09:29:28 +08:00
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
2000-09-04 02:04:08 +08:00
|
|
|
{
|
|
|
|
char *p, *q;
|
2003-10-23 13:28:22 +08:00
|
|
|
int casefold = !SLAP_MR_ASSOCIATED(mr, slap_schema.si_mr_caseExactIA5Match);
|
2000-09-04 02:04:08 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
assert( !BER_BVISEMPTY( val ) );
|
2002-08-06 13:35:59 +08:00
|
|
|
|
2003-10-18 14:18:05 +08:00
|
|
|
assert( SLAP_MR_IS_VALUE_OF_SYNTAX( use ));
|
|
|
|
|
2000-09-04 02:04:08 +08:00
|
|
|
p = val->bv_val;
|
|
|
|
|
|
|
|
/* Ignore initial whitespace */
|
2003-04-28 12:41:47 +08:00
|
|
|
while ( ASCII_SPACE( *p ) ) p++;
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-11 09:29:28 +08:00
|
|
|
normalized->bv_val = ber_strdup_x( p, ctx );
|
2003-04-07 02:57:17 +08:00
|
|
|
p = q = normalized->bv_val;
|
|
|
|
|
|
|
|
while ( *p ) {
|
|
|
|
if ( ASCII_SPACE( *p ) ) {
|
|
|
|
*q++ = *p++;
|
|
|
|
|
|
|
|
/* Ignore the extra whitespace */
|
|
|
|
while ( ASCII_SPACE( *p ) ) {
|
|
|
|
p++;
|
2000-07-19 01:46:34 +08:00
|
|
|
}
|
|
|
|
|
2003-04-07 02:57:17 +08:00
|
|
|
} else if ( casefold ) {
|
|
|
|
/* Most IA5 rules require casefolding */
|
2004-04-27 07:13:19 +08:00
|
|
|
*q++ = TOLOWER(*p); p++;
|
2003-04-07 02:57:17 +08:00
|
|
|
|
|
|
|
} else {
|
|
|
|
*q++ = *p++;
|
2000-07-19 01:46:34 +08:00
|
|
|
}
|
2003-04-07 02:57:17 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
assert( normalized->bv_val <= p );
|
|
|
|
assert( q <= p );
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the string ended in space, backup the pointer one
|
|
|
|
* position. One is enough because the above loop collapsed
|
|
|
|
* all whitespace to a single space.
|
|
|
|
*/
|
2003-04-28 12:41:47 +08:00
|
|
|
if ( ASCII_SPACE( q[-1] ) ) --q;
|
2000-07-19 01:46:34 +08:00
|
|
|
|
2003-04-07 02:57:17 +08:00
|
|
|
/* null terminate */
|
|
|
|
*q = '\0';
|
|
|
|
|
|
|
|
normalized->bv_len = q - normalized->bv_val;
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( normalized ) ) {
|
2004-04-20 11:44:57 +08:00
|
|
|
normalized->bv_val = slap_sl_realloc( normalized->bv_val, 2, ctx );
|
2003-04-07 02:57:17 +08:00
|
|
|
normalized->bv_val[0] = ' ';
|
|
|
|
normalized->bv_val[1] = '\0';
|
|
|
|
normalized->bv_len = 1;
|
2000-08-23 05:26:25 +08:00
|
|
|
}
|
|
|
|
|
2000-07-19 01:46:34 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-11-01 01:41:31 +08:00
|
|
|
static int
|
|
|
|
UUIDValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
if( in->bv_len != 36 ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
for( i=0; i<36; i++ ) {
|
|
|
|
switch(i) {
|
|
|
|
case 8:
|
|
|
|
case 13:
|
|
|
|
case 18:
|
|
|
|
case 23:
|
|
|
|
if( in->bv_val[i] != '-' ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
if( !ASCII_HEX( in->bv_val[i]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2005-12-21 07:25:44 +08:00
|
|
|
static int
|
|
|
|
UUIDPretty(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in,
|
|
|
|
struct berval *out,
|
|
|
|
void *ctx )
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
int rc=LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
assert( in != NULL );
|
|
|
|
assert( out != NULL );
|
|
|
|
|
|
|
|
if( in->bv_len != 36 ) return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
out->bv_len = 36;
|
|
|
|
out->bv_val = slap_sl_malloc( out->bv_len + 1, ctx );
|
|
|
|
|
|
|
|
for( i=0; i<36; i++ ) {
|
|
|
|
switch(i) {
|
|
|
|
case 8:
|
|
|
|
case 13:
|
|
|
|
case 18:
|
|
|
|
case 23:
|
|
|
|
if( in->bv_val[i] != '-' ) {
|
|
|
|
goto handle_error;
|
|
|
|
}
|
|
|
|
out->bv_val[i] = '-';
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
if( !ASCII_HEX( in->bv_val[i]) ) {
|
|
|
|
goto handle_error;
|
|
|
|
}
|
|
|
|
out->bv_val[i] = TOLOWER( in->bv_val[i] );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
rc = LDAP_SUCCESS;
|
|
|
|
out->bv_val[ out->bv_len ] = '\0';
|
|
|
|
|
|
|
|
if( 0 ) {
|
|
|
|
handle_error:
|
|
|
|
slap_sl_free( out->bv_val, ctx );
|
|
|
|
out->bv_val = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2005-12-21 06:36:51 +08:00
|
|
|
int
|
2003-11-01 01:41:31 +08:00
|
|
|
UUIDNormalize(
|
|
|
|
slap_mask_t usage,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
|
|
|
{
|
2003-12-18 04:55:46 +08:00
|
|
|
unsigned char octet = '\0';
|
2003-11-01 01:41:31 +08:00
|
|
|
int i;
|
|
|
|
int j;
|
|
|
|
normalized->bv_len = 16;
|
2004-09-02 00:01:36 +08:00
|
|
|
normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx );
|
2003-11-01 01:41:31 +08:00
|
|
|
|
|
|
|
for( i=0, j=0; i<36; i++ ) {
|
|
|
|
unsigned char nibble;
|
|
|
|
if( val->bv_val[i] == '-' ) {
|
|
|
|
continue;
|
|
|
|
|
|
|
|
} else if( ASCII_DIGIT( val->bv_val[i] ) ) {
|
|
|
|
nibble = val->bv_val[i] - '0';
|
|
|
|
|
|
|
|
} else if( ASCII_HEXLOWER( val->bv_val[i] ) ) {
|
|
|
|
nibble = val->bv_val[i] - ('a'-10);
|
|
|
|
|
|
|
|
} else if( ASCII_HEXUPPER( val->bv_val[i] ) ) {
|
|
|
|
nibble = val->bv_val[i] - ('A'-10);
|
|
|
|
|
|
|
|
} else {
|
2004-04-20 11:44:57 +08:00
|
|
|
slap_sl_free( normalized->bv_val, ctx );
|
2003-11-01 01:41:31 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2003-11-03 16:22:13 +08:00
|
|
|
if( j & 1 ) {
|
2003-11-01 01:41:31 +08:00
|
|
|
octet |= nibble;
|
|
|
|
normalized->bv_val[j>>1] = octet;
|
2003-11-03 16:22:13 +08:00
|
|
|
} else {
|
|
|
|
octet = nibble << 4;
|
2003-11-01 01:41:31 +08:00
|
|
|
}
|
|
|
|
j++;
|
|
|
|
}
|
|
|
|
|
|
|
|
normalized->bv_val[normalized->bv_len] = 0;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2001-01-18 05:02:11 +08:00
|
|
|
static int
|
|
|
|
numericStringValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
ber_len_t i;
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( in ) ) return LDAP_INVALID_SYNTAX;
|
2002-08-06 13:35:59 +08:00
|
|
|
|
2001-01-18 05:02:11 +08:00
|
|
|
for(i=0; i < in->bv_len; i++) {
|
|
|
|
if( !SLAP_NUMERIC(in->bv_val[i]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2000-05-29 12:58:40 +08:00
|
|
|
static int
|
2003-03-24 10:11:41 +08:00
|
|
|
numericStringNormalize(
|
|
|
|
slap_mask_t usage,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
2003-04-11 09:29:28 +08:00
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
2000-05-29 12:58:40 +08:00
|
|
|
{
|
2001-01-18 05:02:11 +08:00
|
|
|
/* removal all spaces */
|
2000-05-29 12:58:40 +08:00
|
|
|
char *p, *q;
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
assert( !BER_BVISEMPTY( val ) );
|
2002-08-06 13:35:59 +08:00
|
|
|
|
2004-09-02 00:01:36 +08:00
|
|
|
normalized->bv_val = slap_sl_malloc( val->bv_len + 1, ctx );
|
2000-05-29 12:58:40 +08:00
|
|
|
|
|
|
|
p = val->bv_val;
|
2001-12-29 23:01:10 +08:00
|
|
|
q = normalized->bv_val;
|
2000-05-29 12:58:40 +08:00
|
|
|
|
|
|
|
while ( *p ) {
|
2000-06-21 01:05:15 +08:00
|
|
|
if ( ASCII_SPACE( *p ) ) {
|
2000-05-29 12:58:40 +08:00
|
|
|
/* Ignore whitespace */
|
|
|
|
p++;
|
|
|
|
} else {
|
|
|
|
*q++ = *p++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2001-07-25 03:54:04 +08:00
|
|
|
/* we should have copied no more then is in val */
|
2001-12-29 23:01:10 +08:00
|
|
|
assert( (q - normalized->bv_val) <= (p - val->bv_val) );
|
2000-05-29 12:58:40 +08:00
|
|
|
|
|
|
|
/* null terminate */
|
|
|
|
*q = '\0';
|
|
|
|
|
2001-12-29 23:01:10 +08:00
|
|
|
normalized->bv_len = q - normalized->bv_val;
|
2000-05-29 12:58:40 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( normalized ) ) {
|
2004-04-20 11:44:57 +08:00
|
|
|
normalized->bv_val = slap_sl_realloc( normalized->bv_val, 2, ctx );
|
2002-08-06 13:35:59 +08:00
|
|
|
normalized->bv_val[0] = ' ';
|
|
|
|
normalized->bv_val[1] = '\0';
|
|
|
|
normalized->bv_len = 1;
|
|
|
|
}
|
|
|
|
|
2000-05-29 12:58:40 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-09-21 14:26:43 +08:00
|
|
|
/*
|
|
|
|
* Integer conversion macros that will use the largest available
|
|
|
|
* type.
|
|
|
|
*/
|
2004-06-29 07:03:01 +08:00
|
|
|
#if defined(HAVE_STRTOLL) && defined(LLONG_MAX) \
|
|
|
|
&& defined(LLONG_MIN) && defined(HAVE_LONG_LONG)
|
2003-09-21 14:26:43 +08:00
|
|
|
# define SLAP_STRTOL(n,e,b) strtoll(n,e,b)
|
|
|
|
# define SLAP_LONG_MAX LLONG_MAX
|
|
|
|
# define SLAP_LONG_MIN LLONG_MIN
|
|
|
|
# define SLAP_LONG long long
|
|
|
|
#else
|
|
|
|
# define SLAP_STRTOL(n,e,b) strtol(n,e,b)
|
|
|
|
# define SLAP_LONG_MAX LONG_MAX
|
|
|
|
# define SLAP_LONG_MIN LONG_MIN
|
|
|
|
# define SLAP_LONG long
|
|
|
|
#endif /* HAVE_STRTOLL ... */
|
|
|
|
|
2001-09-02 01:10:43 +08:00
|
|
|
static int
|
|
|
|
integerBitAndMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
2003-09-21 14:26:43 +08:00
|
|
|
SLAP_LONG lValue, lAssertedValue;
|
2001-09-02 01:10:43 +08:00
|
|
|
|
|
|
|
/* safe to assume integers are NUL terminated? */
|
2003-09-21 14:26:43 +08:00
|
|
|
lValue = SLAP_STRTOL(value->bv_val, NULL, 10);
|
2004-06-29 07:03:01 +08:00
|
|
|
if(( lValue == SLAP_LONG_MIN || lValue == SLAP_LONG_MAX) &&
|
|
|
|
errno == ERANGE )
|
|
|
|
{
|
2001-09-02 01:10:43 +08:00
|
|
|
return LDAP_CONSTRAINT_VIOLATION;
|
2002-12-12 04:39:05 +08:00
|
|
|
}
|
2001-09-02 01:10:43 +08:00
|
|
|
|
2004-06-29 07:03:01 +08:00
|
|
|
lAssertedValue = SLAP_STRTOL(((struct berval *)assertedValue)->bv_val,
|
|
|
|
NULL, 10);
|
|
|
|
if(( lAssertedValue == SLAP_LONG_MIN || lAssertedValue == SLAP_LONG_MAX ) &&
|
|
|
|
errno == ERANGE )
|
2002-12-12 04:39:05 +08:00
|
|
|
{
|
2001-09-02 01:10:43 +08:00
|
|
|
return LDAP_CONSTRAINT_VIOLATION;
|
2002-12-12 04:39:05 +08:00
|
|
|
}
|
2001-09-02 01:10:43 +08:00
|
|
|
|
2005-06-16 13:31:24 +08:00
|
|
|
*matchp = ((lValue & lAssertedValue) == lAssertedValue) ? 0 : 1;
|
2001-09-02 01:10:43 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
integerBitOrMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
2003-09-21 14:26:43 +08:00
|
|
|
SLAP_LONG lValue, lAssertedValue;
|
2001-09-02 01:10:43 +08:00
|
|
|
|
|
|
|
/* safe to assume integers are NUL terminated? */
|
2003-09-21 14:26:43 +08:00
|
|
|
lValue = SLAP_STRTOL(value->bv_val, NULL, 10);
|
2004-06-11 08:14:01 +08:00
|
|
|
if(( lValue == SLAP_LONG_MIN || lValue == SLAP_LONG_MAX ) &&
|
|
|
|
errno == ERANGE )
|
|
|
|
{
|
2001-09-02 01:10:43 +08:00
|
|
|
return LDAP_CONSTRAINT_VIOLATION;
|
2002-12-12 04:39:05 +08:00
|
|
|
}
|
2001-09-02 01:10:43 +08:00
|
|
|
|
2004-06-11 08:14:01 +08:00
|
|
|
lAssertedValue = SLAP_STRTOL( ((struct berval *)assertedValue)->bv_val,
|
|
|
|
NULL, 10);
|
2004-06-29 07:03:01 +08:00
|
|
|
if(( lAssertedValue == SLAP_LONG_MIN || lAssertedValue == SLAP_LONG_MAX ) &&
|
|
|
|
errno == ERANGE )
|
2002-12-12 04:39:05 +08:00
|
|
|
{
|
2001-09-02 01:10:43 +08:00
|
|
|
return LDAP_CONSTRAINT_VIOLATION;
|
2002-12-12 04:39:05 +08:00
|
|
|
}
|
2001-09-02 01:10:43 +08:00
|
|
|
|
2005-06-16 13:31:24 +08:00
|
|
|
*matchp = ((lValue & lAssertedValue) != 0) ? 0 : -1;
|
2001-09-02 01:10:43 +08:00
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-05-15 04:52:23 +08:00
|
|
|
static int
|
|
|
|
serialNumberAndIssuerValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
2003-10-18 10:39:08 +08:00
|
|
|
int rc;
|
|
|
|
ber_len_t n;
|
|
|
|
struct berval sn, i;
|
|
|
|
if( in->bv_len < 3 ) return LDAP_INVALID_SYNTAX;
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2005-11-14 06:26:53 +08:00
|
|
|
i.bv_val = ber_bvchr( in, '$' );
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISNULL( &i ) ) return LDAP_INVALID_SYNTAX;
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
sn.bv_val = in->bv_val;
|
|
|
|
sn.bv_len = i.bv_val - in->bv_val;
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
i.bv_val++;
|
|
|
|
i.bv_len = in->bv_len - (sn.bv_len + 1);
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* validate serial number (strict for now) */
|
|
|
|
for( n=0; n < sn.bv_len; n++ ) {
|
2004-06-29 07:03:01 +08:00
|
|
|
if( !ASCII_DIGIT(sn.bv_val[n]) ) return LDAP_INVALID_SYNTAX;
|
2003-05-15 04:52:23 +08:00
|
|
|
}
|
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* validate DN */
|
|
|
|
rc = dnValidate( NULL, &i );
|
|
|
|
if( rc ) return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
2003-05-15 04:52:23 +08:00
|
|
|
}
|
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
int
|
|
|
|
serialNumberAndIssuerPretty(
|
2003-05-15 04:52:23 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val,
|
2003-10-18 10:39:08 +08:00
|
|
|
struct berval *out,
|
2003-05-15 04:52:23 +08:00
|
|
|
void *ctx )
|
|
|
|
{
|
2003-10-18 10:39:08 +08:00
|
|
|
int rc;
|
|
|
|
ber_len_t n;
|
|
|
|
struct berval sn, i, newi;
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2005-07-18 14:22:33 +08:00
|
|
|
assert( val != NULL );
|
|
|
|
assert( out != NULL );
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
Debug( LDAP_DEBUG_TRACE, ">>> serialNumberAndIssuerPretty: <%s>\n",
|
|
|
|
val->bv_val, 0, 0 );
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
if( val->bv_len < 3 ) return LDAP_INVALID_SYNTAX;
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2005-11-14 06:26:53 +08:00
|
|
|
i.bv_val = ber_bvchr( val, '$' );
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISNULL( &i ) ) return LDAP_INVALID_SYNTAX;
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
sn.bv_val = val->bv_val;
|
|
|
|
sn.bv_len = i.bv_val - val->bv_val;
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
i.bv_val++;
|
|
|
|
i.bv_len = val->bv_len - (sn.bv_len + 1);
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* eat leading zeros */
|
|
|
|
for( n=0; n < (sn.bv_len-1); n++ ) {
|
|
|
|
if( sn.bv_val[n] != '0' ) break;
|
|
|
|
}
|
|
|
|
sn.bv_val += n;
|
|
|
|
sn.bv_len -= n;
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
for( n=0; n < sn.bv_len; n++ ) {
|
2004-06-29 07:03:01 +08:00
|
|
|
if( !ASCII_DIGIT(sn.bv_val[n]) ) return LDAP_INVALID_SYNTAX;
|
2003-10-18 10:39:08 +08:00
|
|
|
}
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* pretty DN */
|
|
|
|
rc = dnPretty( syntax, &i, &newi, ctx );
|
|
|
|
if( rc ) return LDAP_INVALID_SYNTAX;
|
2002-12-12 04:39:05 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* make room from sn + "$" */
|
|
|
|
out->bv_len = sn.bv_len + newi.bv_len + 1;
|
2004-04-20 11:44:57 +08:00
|
|
|
out->bv_val = slap_sl_realloc( newi.bv_val, out->bv_len + 1, ctx );
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2005-07-31 07:30:42 +08:00
|
|
|
if( out->bv_val == NULL ) {
|
|
|
|
out->bv_len = 0;
|
2004-04-20 11:44:57 +08:00
|
|
|
slap_sl_free( newi.bv_val, ctx );
|
2003-10-18 10:39:08 +08:00
|
|
|
return LDAP_OTHER;
|
2001-10-20 18:15:09 +08:00
|
|
|
}
|
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* push issuer over */
|
2005-07-31 07:30:42 +08:00
|
|
|
AC_MEMCPY( &out->bv_val[sn.bv_len+1], out->bv_val, newi.bv_len );
|
2003-10-18 10:39:08 +08:00
|
|
|
/* insert sn and "$" */
|
|
|
|
AC_MEMCPY( out->bv_val, sn.bv_val, sn.bv_len );
|
|
|
|
out->bv_val[sn.bv_len] = '$';
|
|
|
|
/* terminate */
|
|
|
|
out->bv_val[out->bv_len] = '\0';
|
|
|
|
|
|
|
|
Debug( LDAP_DEBUG_TRACE, "<<< serialNumberAndIssuerPretty: <%s>\n",
|
|
|
|
out->bv_val, 0, 0 );
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
2001-10-20 18:15:09 +08:00
|
|
|
}
|
|
|
|
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
/*
|
2003-10-18 10:39:08 +08:00
|
|
|
* This routine is called by certificateExactNormalize when
|
|
|
|
* certificateExactNormalize receives a search string instead of
|
|
|
|
* a certificate. This routine checks if the search value is valid
|
|
|
|
* and then returns the normalized value
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
*/
|
|
|
|
static int
|
2003-10-18 10:39:08 +08:00
|
|
|
serialNumberAndIssuerNormalize(
|
|
|
|
slap_mask_t usage,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
|
|
|
struct berval *out,
|
|
|
|
void *ctx )
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
{
|
2003-05-15 04:52:23 +08:00
|
|
|
int rc;
|
2003-10-18 10:39:08 +08:00
|
|
|
ber_len_t n;
|
|
|
|
struct berval sn, i, newi;
|
|
|
|
|
2005-07-18 14:22:33 +08:00
|
|
|
assert( val != NULL );
|
|
|
|
assert( out != NULL );
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
Debug( LDAP_DEBUG_TRACE, ">>> serialNumberAndIssuerNormalize: <%s>\n",
|
|
|
|
val->bv_val, 0, 0 );
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
if( val->bv_len < 3 ) return LDAP_INVALID_SYNTAX;
|
|
|
|
|
2005-11-14 06:26:53 +08:00
|
|
|
i.bv_val = ber_bvchr( val, '$' );
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISNULL( &i ) ) return LDAP_INVALID_SYNTAX;
|
2003-10-18 10:39:08 +08:00
|
|
|
|
|
|
|
sn.bv_val = val->bv_val;
|
|
|
|
sn.bv_len = i.bv_val - val->bv_val;
|
|
|
|
|
|
|
|
i.bv_val++;
|
|
|
|
i.bv_len = val->bv_len - (sn.bv_len + 1);
|
|
|
|
|
|
|
|
/* eat leading zeros */
|
|
|
|
for( n=0; n < (sn.bv_len-1); n++ ) {
|
|
|
|
if( sn.bv_val[n] != '0' ) break;
|
2001-10-23 17:05:04 +08:00
|
|
|
}
|
2003-10-18 10:39:08 +08:00
|
|
|
sn.bv_val += n;
|
|
|
|
sn.bv_len -= n;
|
2003-05-15 04:52:23 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
for( n=0; n < sn.bv_len; n++ ) {
|
|
|
|
if( !ASCII_DIGIT(sn.bv_val[n]) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2001-10-23 17:05:04 +08:00
|
|
|
}
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* pretty DN */
|
|
|
|
rc = dnNormalize( usage, syntax, mr, &i, &newi, ctx );
|
|
|
|
if( rc ) return LDAP_INVALID_SYNTAX;
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* make room from sn + "$" */
|
|
|
|
out->bv_len = sn.bv_len + newi.bv_len + 1;
|
2004-04-20 11:44:57 +08:00
|
|
|
out->bv_val = slap_sl_realloc( newi.bv_val, out->bv_len + 1, ctx );
|
2003-10-18 10:39:08 +08:00
|
|
|
|
2005-07-31 07:30:42 +08:00
|
|
|
if( out->bv_val == NULL ) {
|
|
|
|
out->bv_len = 0;
|
2004-04-20 11:44:57 +08:00
|
|
|
slap_sl_free( newi.bv_val, ctx );
|
2003-10-18 10:39:08 +08:00
|
|
|
return LDAP_OTHER;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* push issuer over */
|
2005-07-31 07:30:42 +08:00
|
|
|
AC_MEMCPY( &out->bv_val[sn.bv_len+1], out->bv_val, newi.bv_len );
|
2003-10-18 10:39:08 +08:00
|
|
|
/* insert sn and "$" */
|
|
|
|
AC_MEMCPY( out->bv_val, sn.bv_val, sn.bv_len );
|
|
|
|
out->bv_val[sn.bv_len] = '$';
|
|
|
|
/* terminate */
|
|
|
|
out->bv_val[out->bv_len] = '\0';
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
Debug( LDAP_DEBUG_TRACE, "<<< serialNumberAndIssuerNormalize: <%s>\n",
|
|
|
|
out->bv_val, 0, 0 );
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
return rc;
|
It now sort of works, but needs some normalization work and proper
error reporting to client and syslog. And indexing, of course.
Now, the problem is that matching rules get called from different
places that are inconsistent in what an assertedValue is. When doing
a modify, a full certificate value is passed (to verify it isn't
already there). When doing a search or compare, the passed value is
in the syntax of the matching rule.
Consistency would require that the caller extracts an asserted value
from the full value before calling smr_match. It can do this by
calling smr_convert (it was unused, was it meant to be used for
this?).
Unfortunately, the caller is typically value_find, value_match, etc.
that have themselves little knowledge of what they are dealing with,
so their interface needs to be extended, new flag values or new
arguments, so that they know if they have a value in attribute type
syntax or in matching rule syntax.
2001-10-22 14:54:30 +08:00
|
|
|
}
|
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
#ifdef HAVE_TLS
|
2001-10-20 18:15:09 +08:00
|
|
|
static int
|
2003-05-15 04:52:23 +08:00
|
|
|
certificateExactNormalize(
|
|
|
|
slap_mask_t usage,
|
2001-10-23 21:39:07 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
2003-05-15 04:52:23 +08:00
|
|
|
struct berval *val,
|
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
2001-10-23 21:39:07 +08:00
|
|
|
{
|
2003-10-18 10:39:08 +08:00
|
|
|
int rc = LDAP_INVALID_SYNTAX;
|
|
|
|
unsigned char *p;
|
|
|
|
char *serial = NULL;
|
|
|
|
ber_len_t seriallen;
|
2004-04-07 12:11:43 +08:00
|
|
|
struct berval issuer_dn = BER_BVNULL;
|
2003-10-18 10:39:08 +08:00
|
|
|
X509_NAME *name = NULL;
|
|
|
|
ASN1_INTEGER *sn = NULL;
|
|
|
|
X509 *xcert = NULL;
|
2001-10-23 21:39:07 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( val ) ) goto done;
|
2001-10-23 21:39:07 +08:00
|
|
|
|
2003-10-18 14:18:05 +08:00
|
|
|
if( SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX(usage) ) {
|
2003-10-18 13:49:58 +08:00
|
|
|
return serialNumberAndIssuerNormalize(0,NULL,NULL,val,normalized,ctx);
|
2001-10-23 21:39:07 +08:00
|
|
|
}
|
|
|
|
|
2003-10-18 14:18:05 +08:00
|
|
|
assert( SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX(usage) );
|
|
|
|
|
2003-12-18 04:55:46 +08:00
|
|
|
p = (unsigned char *)val->bv_val;
|
2003-10-18 10:39:08 +08:00
|
|
|
xcert = d2i_X509( NULL, &p, val->bv_len);
|
|
|
|
if( xcert == NULL ) goto done;
|
|
|
|
|
|
|
|
sn=X509_get_serialNumber(xcert);
|
|
|
|
if ( sn == NULL ) goto done;
|
|
|
|
serial=i2s_ASN1_INTEGER(0, sn );
|
|
|
|
if( serial == NULL ) goto done;
|
|
|
|
seriallen=strlen(serial);
|
|
|
|
|
|
|
|
name=X509_get_issuer_name(xcert);
|
|
|
|
if( name == NULL ) goto done;
|
|
|
|
rc = dnX509normalize( name, &issuer_dn );
|
|
|
|
if( rc != LDAP_SUCCESS ) goto done;
|
|
|
|
|
|
|
|
normalized->bv_len = seriallen + issuer_dn.bv_len + 1;
|
2003-12-18 04:55:46 +08:00
|
|
|
normalized->bv_val = ch_malloc(normalized->bv_len+1);
|
|
|
|
p = (unsigned char *)normalized->bv_val;
|
2003-10-18 10:39:08 +08:00
|
|
|
AC_MEMCPY(p, serial, seriallen);
|
|
|
|
p += seriallen;
|
|
|
|
*p++ = '$';
|
|
|
|
AC_MEMCPY(p, issuer_dn.bv_val, issuer_dn.bv_len);
|
|
|
|
p += issuer_dn.bv_len;
|
|
|
|
*p = '\0';
|
|
|
|
|
|
|
|
Debug( LDAP_DEBUG_TRACE, "certificateExactNormalize: %s\n",
|
|
|
|
normalized->bv_val, NULL, NULL );
|
|
|
|
|
|
|
|
done:
|
|
|
|
if (xcert) X509_free(xcert);
|
|
|
|
if (serial) ch_free(serial);
|
|
|
|
if (issuer_dn.bv_val) ber_memfree(issuer_dn.bv_val);
|
|
|
|
|
2003-05-15 04:52:23 +08:00
|
|
|
return rc;
|
2001-10-23 21:39:07 +08:00
|
|
|
}
|
2003-05-15 04:52:23 +08:00
|
|
|
#endif /* HAVE_TLS */
|
2001-10-23 21:39:07 +08:00
|
|
|
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
#ifndef SUPPORT_OBSOLETE_UTC_SYNTAX
|
|
|
|
/* slight optimization - does not need the start parameter */
|
|
|
|
#define check_time_syntax(v, start, p, f) (check_time_syntax)(v, p, f)
|
|
|
|
enum { start = 0 };
|
|
|
|
#endif
|
|
|
|
|
2000-06-15 15:58:04 +08:00
|
|
|
static int
|
|
|
|
check_time_syntax (struct berval *val,
|
|
|
|
int start,
|
2003-08-14 04:04:59 +08:00
|
|
|
int *parts,
|
|
|
|
struct berval *fraction)
|
2000-06-15 15:58:04 +08:00
|
|
|
{
|
2003-08-14 04:04:59 +08:00
|
|
|
/*
|
|
|
|
* start=0 GeneralizedTime YYYYmmddHH[MM[SS]][(./,)d...](Z|(+/-)HH[MM])
|
|
|
|
* start=1 UTCTime YYmmddHHMM[SS][Z|(+/-)HHMM]
|
|
|
|
* GeneralizedTime supports leap seconds, UTCTime does not.
|
|
|
|
*/
|
|
|
|
static const int ceiling[9] = { 100, 100, 12, 31, 24, 60, 60, 24, 60 };
|
|
|
|
static const int mdays[2][12] = {
|
2000-09-07 03:17:33 +08:00
|
|
|
/* non-leap years */
|
2003-08-14 04:04:59 +08:00
|
|
|
{ 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 },
|
2000-09-07 03:17:33 +08:00
|
|
|
/* leap years */
|
2003-08-14 04:04:59 +08:00
|
|
|
{ 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 }
|
2000-09-07 03:17:33 +08:00
|
|
|
};
|
2000-06-15 15:58:04 +08:00
|
|
|
char *p, *e;
|
2003-08-14 04:04:59 +08:00
|
|
|
int part, c, c1, c2, tzoffset, leapyear = 0;
|
2000-06-15 15:58:04 +08:00
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
p = val->bv_val;
|
2000-06-15 15:58:04 +08:00
|
|
|
e = p + val->bv_len;
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
#ifdef SUPPORT_OBSOLETE_UTC_SYNTAX
|
|
|
|
parts[0] = 20; /* century - any multiple of 4 from 04 to 96 */
|
|
|
|
#endif
|
|
|
|
for (part = start; part < 7 && p < e; part++) {
|
|
|
|
c1 = *p;
|
|
|
|
if (!ASCII_DIGIT(c1)) {
|
2000-06-15 15:58:04 +08:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
p++;
|
2000-09-07 03:17:33 +08:00
|
|
|
if (p == e) {
|
2000-06-15 15:58:04 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
2000-09-07 03:17:33 +08:00
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
c = *p++;
|
|
|
|
if (!ASCII_DIGIT(c)) {
|
2000-06-15 15:58:04 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
2000-09-07 03:17:33 +08:00
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
c += c1 * 10 - '0' * 11;
|
|
|
|
if ((part | 1) == 3) {
|
|
|
|
--c;
|
|
|
|
if (c < 0) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-09-07 03:17:33 +08:00
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
if (c >= ceiling[part]) {
|
|
|
|
if (! (c == 60 && part == 6 && start == 0))
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
parts[part] = c;
|
|
|
|
}
|
|
|
|
if (part < 5 + start) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
for (; part < 9; part++) {
|
|
|
|
parts[part] = 0;
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
2000-09-07 03:17:33 +08:00
|
|
|
|
|
|
|
/* leapyear check for the Gregorian calendar (year>1581) */
|
2004-08-29 03:26:59 +08:00
|
|
|
if (parts[parts[1] == 0 ? 0 : 1] % 4 == 0) {
|
2000-09-07 03:17:33 +08:00
|
|
|
leapyear = 1;
|
|
|
|
}
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
if (parts[3] >= mdays[leapyear][parts[2]]) {
|
2000-09-07 03:17:33 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2000-06-15 15:58:04 +08:00
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
if (start == 0) {
|
|
|
|
fraction->bv_val = p;
|
|
|
|
fraction->bv_len = 0;
|
|
|
|
if (p < e && (*p == '.' || *p == ',')) {
|
|
|
|
char *end_num;
|
2004-08-29 03:26:59 +08:00
|
|
|
while (++p < e && ASCII_DIGIT(*p)) {
|
|
|
|
/* EMTPY */;
|
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
if (p - fraction->bv_val == 1) {
|
2000-06-15 15:58:04 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
2000-09-07 03:17:33 +08:00
|
|
|
}
|
2004-08-29 03:26:59 +08:00
|
|
|
for (end_num = p; end_num[-1] == '0'; --end_num) {
|
|
|
|
/* EMPTY */;
|
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
c = end_num - fraction->bv_val;
|
2004-08-29 03:26:59 +08:00
|
|
|
if (c != 1) fraction->bv_len = c;
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
if (p == e) {
|
|
|
|
/* no time zone */
|
|
|
|
return start == 0 ? LDAP_INVALID_SYNTAX : LDAP_SUCCESS;
|
2000-09-07 03:17:33 +08:00
|
|
|
}
|
2000-06-15 15:58:04 +08:00
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
tzoffset = *p++;
|
|
|
|
switch (tzoffset) {
|
|
|
|
default:
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
case 'Z':
|
|
|
|
/* UTC */
|
|
|
|
break;
|
|
|
|
case '+':
|
|
|
|
case '-':
|
|
|
|
for (part = 7; part < 9 && p < e; part++) {
|
|
|
|
c1 = *p;
|
|
|
|
if (!ASCII_DIGIT(c1)) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
p++;
|
|
|
|
if (p == e) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
c2 = *p++;
|
|
|
|
if (!ASCII_DIGIT(c2)) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
parts[part] = c1 * 10 + c2 - '0' * 11;
|
|
|
|
if (parts[part] >= ceiling[part]) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
if (part < 8 + start) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (tzoffset == '-') {
|
|
|
|
/* negative offset to UTC, ie west of Greenwich */
|
|
|
|
parts[4] += parts[7];
|
|
|
|
parts[5] += parts[8];
|
|
|
|
/* offset is just hhmm, no seconds */
|
|
|
|
for (part = 6; --part >= 0; ) {
|
|
|
|
if (part != 3) {
|
|
|
|
c = ceiling[part];
|
|
|
|
} else {
|
|
|
|
c = mdays[leapyear][parts[2]];
|
|
|
|
}
|
|
|
|
if (parts[part] >= c) {
|
|
|
|
if (part == 0) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
parts[part] -= c;
|
|
|
|
parts[part - 1]++;
|
|
|
|
continue;
|
|
|
|
} else if (part != 5) {
|
|
|
|
break;
|
|
|
|
}
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
} else {
|
|
|
|
/* positive offset to UTC, ie east of Greenwich */
|
|
|
|
parts[4] -= parts[7];
|
|
|
|
parts[5] -= parts[8];
|
|
|
|
for (part = 6; --part >= 0; ) {
|
|
|
|
if (parts[part] < 0) {
|
|
|
|
if (part == 0) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
if (part != 3) {
|
|
|
|
c = ceiling[part];
|
|
|
|
} else {
|
|
|
|
/* make first arg to % non-negative */
|
|
|
|
c = mdays[leapyear][(parts[2] - 1 + 12) % 12];
|
|
|
|
}
|
|
|
|
parts[part] += c;
|
|
|
|
parts[part - 1]--;
|
|
|
|
continue;
|
|
|
|
} else if (part != 5) {
|
|
|
|
break;
|
|
|
|
}
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
return p != e ? LDAP_INVALID_SYNTAX : LDAP_SUCCESS;
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
|
|
|
|
2002-03-24 10:17:21 +08:00
|
|
|
#ifdef SUPPORT_OBSOLETE_UTC_SYNTAX
|
2003-08-14 04:04:59 +08:00
|
|
|
|
|
|
|
#if 0
|
2000-06-15 15:58:04 +08:00
|
|
|
static int
|
2003-02-27 14:51:53 +08:00
|
|
|
xutcTimeNormalize(
|
2000-06-15 15:58:04 +08:00
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val,
|
2001-12-29 23:01:10 +08:00
|
|
|
struct berval *normalized )
|
2000-06-15 15:58:04 +08:00
|
|
|
{
|
|
|
|
int parts[9], rc;
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
rc = check_time_syntax(val, 1, parts, NULL);
|
2000-06-15 15:58:04 +08:00
|
|
|
if (rc != LDAP_SUCCESS) {
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2001-12-29 23:01:10 +08:00
|
|
|
normalized->bv_val = ch_malloc( 14 );
|
|
|
|
if ( normalized->bv_val == NULL ) {
|
2000-06-15 15:58:04 +08:00
|
|
|
return LBER_ERROR_MEMORY;
|
2000-09-07 03:17:33 +08:00
|
|
|
}
|
2000-06-15 15:58:04 +08:00
|
|
|
|
2001-12-29 23:01:10 +08:00
|
|
|
sprintf( normalized->bv_val, "%02d%02d%02d%02d%02d%02dZ",
|
2000-09-07 03:17:33 +08:00
|
|
|
parts[1], parts[2] + 1, parts[3] + 1,
|
|
|
|
parts[4], parts[5], parts[6] );
|
2001-12-29 23:01:10 +08:00
|
|
|
normalized->bv_len = 13;
|
2000-06-15 15:58:04 +08:00
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
#endif /* 0 */
|
2000-06-15 15:58:04 +08:00
|
|
|
|
|
|
|
static int
|
|
|
|
utcTimeValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
int parts[9];
|
2003-08-14 04:04:59 +08:00
|
|
|
return check_time_syntax(in, 1, parts, NULL);
|
2000-06-15 15:58:04 +08:00
|
|
|
}
|
2003-08-14 04:04:59 +08:00
|
|
|
|
|
|
|
#endif /* SUPPORT_OBSOLETE_UTC_SYNTAX */
|
2000-06-15 15:58:04 +08:00
|
|
|
|
2000-06-30 10:18:58 +08:00
|
|
|
static int
|
|
|
|
generalizedTimeValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *in )
|
|
|
|
{
|
|
|
|
int parts[9];
|
2003-08-14 04:04:59 +08:00
|
|
|
struct berval fraction;
|
|
|
|
return check_time_syntax(in, 0, parts, &fraction);
|
2000-06-30 10:18:58 +08:00
|
|
|
}
|
|
|
|
|
2000-06-15 15:58:04 +08:00
|
|
|
static int
|
2003-03-24 14:49:55 +08:00
|
|
|
generalizedTimeNormalize(
|
|
|
|
slap_mask_t usage,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
2003-04-11 09:29:28 +08:00
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
2000-06-15 15:58:04 +08:00
|
|
|
{
|
|
|
|
int parts[9], rc;
|
2003-08-14 04:04:59 +08:00
|
|
|
unsigned int len;
|
|
|
|
struct berval fraction;
|
2000-06-15 15:58:04 +08:00
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
rc = check_time_syntax(val, 0, parts, &fraction);
|
2000-06-15 15:58:04 +08:00
|
|
|
if (rc != LDAP_SUCCESS) {
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
len = sizeof("YYYYmmddHHMMSSZ")-1 + fraction.bv_len;
|
2004-09-02 00:01:36 +08:00
|
|
|
normalized->bv_val = slap_sl_malloc( len + 1, ctx );
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( BER_BVISNULL( normalized ) ) {
|
2000-06-15 15:58:04 +08:00
|
|
|
return LBER_ERROR_MEMORY;
|
|
|
|
}
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
sprintf( normalized->bv_val, "%02d%02d%02d%02d%02d%02d%02d",
|
2000-09-07 03:17:33 +08:00
|
|
|
parts[0], parts[1], parts[2] + 1, parts[3] + 1,
|
|
|
|
parts[4], parts[5], parts[6] );
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( !BER_BVISEMPTY( &fraction ) ) {
|
2003-08-14 04:04:59 +08:00
|
|
|
memcpy( normalized->bv_val + sizeof("YYYYmmddHHMMSSZ")-2,
|
|
|
|
fraction.bv_val, fraction.bv_len );
|
|
|
|
normalized->bv_val[sizeof("YYYYmmddHHMMSSZ")-2] = '.';
|
|
|
|
}
|
|
|
|
strcpy( normalized->bv_val + len-1, "Z" );
|
|
|
|
normalized->bv_len = len;
|
2000-06-15 15:58:04 +08:00
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-08-14 04:04:59 +08:00
|
|
|
static int
|
|
|
|
generalizedTimeOrderingMatch(
|
|
|
|
int *matchp,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *value,
|
|
|
|
void *assertedValue )
|
|
|
|
{
|
|
|
|
struct berval *asserted = (struct berval *) assertedValue;
|
|
|
|
ber_len_t v_len = value->bv_len;
|
|
|
|
ber_len_t av_len = asserted->bv_len;
|
|
|
|
|
|
|
|
/* ignore trailing 'Z' when comparing */
|
|
|
|
int match = memcmp( value->bv_val, asserted->bv_val,
|
|
|
|
(v_len < av_len ? v_len : av_len) - 1 );
|
|
|
|
if ( match == 0 ) match = v_len - av_len;
|
|
|
|
|
|
|
|
*matchp = match;
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2004-09-28 21:11:11 +08:00
|
|
|
/* Index generation function */
|
|
|
|
int generalizedTimeIndexer(
|
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
|
|
|
BerVarray values,
|
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
|
|
|
{
|
|
|
|
int i, j;
|
|
|
|
BerVarray keys;
|
|
|
|
char tmp[5];
|
|
|
|
BerValue bvtmp; /* 40 bit index */
|
|
|
|
struct lutil_tm tm;
|
|
|
|
struct lutil_timet tt;
|
|
|
|
|
|
|
|
bvtmp.bv_len = sizeof(tmp);
|
|
|
|
bvtmp.bv_val = tmp;
|
|
|
|
for( i=0; values[i].bv_val != NULL; i++ ) {
|
|
|
|
/* just count them */
|
|
|
|
}
|
|
|
|
|
|
|
|
/* we should have at least one value at this point */
|
|
|
|
assert( i > 0 );
|
|
|
|
|
|
|
|
keys = slap_sl_malloc( sizeof( struct berval ) * (i+1), ctx );
|
|
|
|
|
|
|
|
/* GeneralizedTime YYYYmmddHH[MM[SS]][(./,)d...](Z|(+/-)HH[MM]) */
|
|
|
|
for( i=0, j=0; values[i].bv_val != NULL; i++ ) {
|
|
|
|
assert(values[i].bv_val != NULL && values[i].bv_len >= 10);
|
|
|
|
/* Use 40 bits of time for key */
|
|
|
|
if ( lutil_parsetime( values[i].bv_val, &tm ) == 0 ) {
|
|
|
|
lutil_tm2time( &tm, &tt );
|
|
|
|
tmp[0] = tt.tt_gsec & 0xff;
|
|
|
|
tmp[4] = tt.tt_sec & 0xff;
|
|
|
|
tt.tt_sec >>= 8;
|
|
|
|
tmp[3] = tt.tt_sec & 0xff;
|
|
|
|
tt.tt_sec >>= 8;
|
|
|
|
tmp[2] = tt.tt_sec & 0xff;
|
|
|
|
tt.tt_sec >>= 8;
|
|
|
|
tmp[1] = tt.tt_sec & 0xff;
|
|
|
|
|
|
|
|
ber_dupbv_x(&keys[j++], &bvtmp, ctx );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
keys[j].bv_val = NULL;
|
|
|
|
keys[j].bv_len = 0;
|
|
|
|
|
|
|
|
*keysp = keys;
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Index generation function */
|
|
|
|
int generalizedTimeFilter(
|
|
|
|
slap_mask_t use,
|
|
|
|
slap_mask_t flags,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *prefix,
|
|
|
|
void * assertedValue,
|
|
|
|
BerVarray *keysp,
|
|
|
|
void *ctx )
|
|
|
|
{
|
|
|
|
BerVarray keys;
|
|
|
|
char tmp[5];
|
|
|
|
BerValue bvtmp; /* 40 bit index */
|
|
|
|
BerValue *value = (BerValue *) assertedValue;
|
|
|
|
struct lutil_tm tm;
|
|
|
|
struct lutil_timet tt;
|
|
|
|
|
|
|
|
bvtmp.bv_len = sizeof(tmp);
|
|
|
|
bvtmp.bv_val = tmp;
|
|
|
|
/* GeneralizedTime YYYYmmddHH[MM[SS]][(./,)d...](Z|(+/-)HH[MM]) */
|
|
|
|
/* Use 40 bits of time for key */
|
2004-12-06 11:37:06 +08:00
|
|
|
if ( value->bv_val && value->bv_len >= 10 &&
|
|
|
|
lutil_parsetime( value->bv_val, &tm ) == 0 ) {
|
2004-12-06 15:38:09 +08:00
|
|
|
|
2004-09-28 21:11:11 +08:00
|
|
|
lutil_tm2time( &tm, &tt );
|
|
|
|
tmp[0] = tt.tt_gsec & 0xff;
|
|
|
|
tmp[4] = tt.tt_sec & 0xff;
|
|
|
|
tt.tt_sec >>= 8;
|
|
|
|
tmp[3] = tt.tt_sec & 0xff;
|
|
|
|
tt.tt_sec >>= 8;
|
|
|
|
tmp[2] = tt.tt_sec & 0xff;
|
|
|
|
tt.tt_sec >>= 8;
|
|
|
|
tmp[1] = tt.tt_sec & 0xff;
|
|
|
|
|
2004-12-06 15:38:09 +08:00
|
|
|
keys = slap_sl_malloc( sizeof( struct berval ) * 2, ctx );
|
2004-09-28 21:11:11 +08:00
|
|
|
ber_dupbv_x(keys, &bvtmp, ctx );
|
2004-12-06 15:38:09 +08:00
|
|
|
keys[1].bv_val = NULL;
|
|
|
|
keys[1].bv_len = 0;
|
2004-09-28 21:11:11 +08:00
|
|
|
} else {
|
2004-12-06 15:38:09 +08:00
|
|
|
keys = NULL;
|
2004-09-28 21:11:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
*keysp = keys;
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2004-04-02 10:25:36 +08:00
|
|
|
static int
|
|
|
|
deliveryMethodValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val )
|
|
|
|
{
|
|
|
|
#undef LENOF
|
|
|
|
#define LENOF(s) (sizeof(s)-1)
|
|
|
|
struct berval tmp = *val;
|
|
|
|
/*
|
|
|
|
* DeliveryMethod = pdm *( WSP DOLLAR WSP DeliveryMethod )
|
|
|
|
* pdm = "any" / "mhs" / "physical" / "telex" / "teletex" /
|
|
|
|
* "g3fax" / "g4fax" / "ia5" / "videotex" / "telephone"
|
|
|
|
*/
|
|
|
|
again:
|
|
|
|
if( tmp.bv_len < 3 ) return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
switch( tmp.bv_val[0] ) {
|
|
|
|
case 'a':
|
|
|
|
case 'A':
|
|
|
|
if(( tmp.bv_len >= LENOF("any") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "any", LENOF("any")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("any");
|
|
|
|
tmp.bv_val += LENOF("any");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
case 'm':
|
|
|
|
case 'M':
|
|
|
|
if(( tmp.bv_len >= LENOF("mhs") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "mhs", LENOF("mhs")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("mhs");
|
|
|
|
tmp.bv_val += LENOF("mhs");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
case 'p':
|
|
|
|
case 'P':
|
|
|
|
if(( tmp.bv_len >= LENOF("physical") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "physical", LENOF("physical")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("physical");
|
|
|
|
tmp.bv_val += LENOF("physical");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
case 't':
|
|
|
|
case 'T': /* telex or teletex or telephone */
|
|
|
|
if(( tmp.bv_len >= LENOF("telex") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "telex", LENOF("telex")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("telex");
|
|
|
|
tmp.bv_val += LENOF("telex");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if(( tmp.bv_len >= LENOF("teletex") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "teletex", LENOF("teletex")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("teletex");
|
|
|
|
tmp.bv_val += LENOF("teletex");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if(( tmp.bv_len >= LENOF("telephone") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "telephone", LENOF("telephone")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("telephone");
|
|
|
|
tmp.bv_val += LENOF("telephone");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
case 'g':
|
|
|
|
case 'G': /* g3fax or g4fax */
|
|
|
|
if(( tmp.bv_len >= LENOF("g3fax") ) && (
|
|
|
|
( strncasecmp(tmp.bv_val, "g3fax", LENOF("g3fax")) == 0 ) ||
|
|
|
|
( strncasecmp(tmp.bv_val, "g4fax", LENOF("g4fax")) == 0 )))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("g3fax");
|
|
|
|
tmp.bv_val += LENOF("g3fax");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
case 'i':
|
|
|
|
case 'I':
|
|
|
|
if(( tmp.bv_len >= LENOF("ia5") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "ia5", LENOF("ia5")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("ia5");
|
|
|
|
tmp.bv_val += LENOF("ia5");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
case 'v':
|
|
|
|
case 'V':
|
|
|
|
if(( tmp.bv_len >= LENOF("videotex") ) &&
|
|
|
|
( strncasecmp(tmp.bv_val, "videotex", LENOF("videotex")) == 0 ))
|
|
|
|
{
|
|
|
|
tmp.bv_len -= LENOF("videotex");
|
|
|
|
tmp.bv_val += LENOF("videotex");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
default:
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if( BER_BVISEMPTY( &tmp ) ) return LDAP_SUCCESS;
|
2004-04-02 10:25:36 +08:00
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
while( !BER_BVISEMPTY( &tmp ) && ( tmp.bv_val[0] == ' ' ) ) {
|
2004-04-02 10:25:36 +08:00
|
|
|
tmp.bv_len++;
|
|
|
|
tmp.bv_val--;
|
|
|
|
}
|
2005-01-18 17:35:09 +08:00
|
|
|
if( !BER_BVISEMPTY( &tmp ) && ( tmp.bv_val[0] == '$' ) ) {
|
2004-04-02 10:25:36 +08:00
|
|
|
tmp.bv_len++;
|
|
|
|
tmp.bv_val--;
|
|
|
|
} else {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
2005-01-18 17:35:09 +08:00
|
|
|
while( !BER_BVISEMPTY( &tmp ) && ( tmp.bv_val[0] == ' ' ) ) {
|
2004-04-02 10:25:36 +08:00
|
|
|
tmp.bv_len++;
|
|
|
|
tmp.bv_val--;
|
|
|
|
}
|
|
|
|
|
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
|
2000-09-04 01:35:39 +08:00
|
|
|
static int
|
|
|
|
nisNetgroupTripleValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val )
|
|
|
|
{
|
|
|
|
char *p, *e;
|
|
|
|
int commas = 0;
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( BER_BVISEMPTY( val ) ) {
|
2000-09-04 01:35:39 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
p = (char *)val->bv_val;
|
|
|
|
e = p + val->bv_len;
|
|
|
|
|
|
|
|
if ( *p != '(' /*')'*/ ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2002-01-03 01:06:56 +08:00
|
|
|
for ( p++; ( p < e ) && ( *p != /*'('*/ ')' ); p++ ) {
|
2000-09-04 01:35:39 +08:00
|
|
|
if ( *p == ',' ) {
|
|
|
|
commas++;
|
|
|
|
if ( commas > 2 ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
2002-07-24 23:19:40 +08:00
|
|
|
} else if ( !AD_CHAR( *p ) ) {
|
2000-09-04 01:35:39 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ( commas != 2 ) || ( *p != /*'('*/ ')' ) ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
p++;
|
|
|
|
|
|
|
|
if (p != e) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
bootParameterValidate(
|
|
|
|
Syntax *syntax,
|
|
|
|
struct berval *val )
|
|
|
|
{
|
|
|
|
char *p, *e;
|
|
|
|
|
2005-01-18 17:35:09 +08:00
|
|
|
if ( BER_BVISEMPTY( val ) ) {
|
2000-09-04 01:35:39 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
p = (char *)val->bv_val;
|
|
|
|
e = p + val->bv_len;
|
|
|
|
|
|
|
|
/* key */
|
|
|
|
for (; ( p < e ) && ( *p != '=' ); p++ ) {
|
2002-07-24 23:19:40 +08:00
|
|
|
if ( !AD_CHAR( *p ) ) {
|
2000-09-04 01:35:39 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( *p != '=' ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* server */
|
|
|
|
for ( p++; ( p < e ) && ( *p != ':' ); p++ ) {
|
2002-07-24 23:19:40 +08:00
|
|
|
if ( !AD_CHAR( *p ) ) {
|
2000-09-04 01:35:39 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( *p != ':' ) {
|
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* path */
|
|
|
|
for ( p++; p < e; p++ ) {
|
2002-07-24 23:29:22 +08:00
|
|
|
if ( !SLAP_PRINTABLE( *p ) ) {
|
2000-09-04 01:35:39 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2003-04-28 12:41:47 +08:00
|
|
|
static int
|
|
|
|
firstComponentNormalize(
|
|
|
|
slap_mask_t usage,
|
|
|
|
Syntax *syntax,
|
|
|
|
MatchingRule *mr,
|
|
|
|
struct berval *val,
|
|
|
|
struct berval *normalized,
|
|
|
|
void *ctx )
|
|
|
|
{
|
|
|
|
int rc;
|
2004-04-28 13:12:53 +08:00
|
|
|
struct berval comp;
|
|
|
|
ber_len_t len;
|
2003-04-28 12:41:47 +08:00
|
|
|
|
2004-04-28 13:12:53 +08:00
|
|
|
if( SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX( usage )) {
|
|
|
|
ber_dupbv_x( normalized, val, ctx );
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
}
|
2003-04-28 12:41:47 +08:00
|
|
|
|
2004-04-28 13:12:53 +08:00
|
|
|
if( val->bv_len < 3 ) return LDAP_INVALID_SYNTAX;
|
|
|
|
|
|
|
|
if( val->bv_val[0] != '(' /*')'*/ &&
|
|
|
|
val->bv_val[0] != '{' /*'}'*/ )
|
2003-04-28 12:41:47 +08:00
|
|
|
{
|
2004-04-28 13:12:53 +08:00
|
|
|
return LDAP_INVALID_SYNTAX;
|
2003-04-28 12:41:47 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/* trim leading white space */
|
2004-04-28 13:12:53 +08:00
|
|
|
for( len=1;
|
2003-04-28 12:41:47 +08:00
|
|
|
len < val->bv_len && ASCII_SPACE(val->bv_val[len]);
|
|
|
|
len++ )
|
|
|
|
{
|
|
|
|
/* empty */
|
|
|
|
}
|
|
|
|
|
|
|
|
/* grab next word */
|
2004-04-28 13:12:53 +08:00
|
|
|
comp.bv_val = &val->bv_val[len];
|
2003-04-28 12:41:47 +08:00
|
|
|
len = val->bv_len - len;
|
2005-01-18 17:35:09 +08:00
|
|
|
for( comp.bv_len = 0;
|
2004-04-28 13:12:53 +08:00
|
|
|
!ASCII_SPACE(comp.bv_val[comp.bv_len]) && comp.bv_len < len;
|
|
|
|
comp.bv_len++ )
|
2003-04-28 12:41:47 +08:00
|
|
|
{
|
|
|
|
/* empty */
|
|
|
|
}
|
|
|
|
|
|
|
|
if( mr == slap_schema.si_mr_objectIdentifierFirstComponentMatch ) {
|
2004-04-28 13:12:53 +08:00
|
|
|
rc = numericoidValidate( NULL, &comp );
|
2003-04-28 12:41:47 +08:00
|
|
|
} else if( mr == slap_schema.si_mr_integerFirstComponentMatch ) {
|
2004-04-28 13:12:53 +08:00
|
|
|
rc = integerValidate( NULL, &comp );
|
2003-04-28 12:41:47 +08:00
|
|
|
} else {
|
|
|
|
rc = LDAP_INVALID_SYNTAX;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if( rc == LDAP_SUCCESS ) {
|
2004-04-28 13:12:53 +08:00
|
|
|
ber_dupbv_x( normalized, &comp, ctx );
|
2003-04-28 12:41:47 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2003-08-11 10:12:20 +08:00
|
|
|
|
2001-12-23 09:19:46 +08:00
|
|
|
#define X_BINARY "X-BINARY-TRANSFER-REQUIRED 'TRUE' "
|
|
|
|
#define X_NOT_H_R "X-NOT-HUMAN-READABLE 'TRUE' "
|
2002-08-17 09:29:18 +08:00
|
|
|
|
|
|
|
static slap_syntax_defs_rec syntax_defs[] = {
|
2002-01-06 12:59:26 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' "
|
|
|
|
X_BINARY X_NOT_H_R ")",
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL},
|
2000-05-19 01:21:42 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' " X_NOT_H_R ")",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2002-01-06 12:59:26 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' "
|
|
|
|
X_NOT_H_R ")",
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_BLOB, blobValidate, NULL},
|
2002-01-06 12:59:26 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' "
|
|
|
|
X_NOT_H_R ")",
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_BER, berValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, bitStringValidate, NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, booleanValidate, NULL},
|
2000-05-19 01:21:42 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' "
|
|
|
|
X_BINARY X_NOT_H_R ")",
|
2003-10-18 10:39:08 +08:00
|
|
|
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, certificateValidate, NULL},
|
2000-05-19 01:21:42 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' "
|
|
|
|
X_BINARY X_NOT_H_R ")",
|
2003-10-18 10:39:08 +08:00
|
|
|
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, sequenceValidate, NULL},
|
2000-05-19 08:33:09 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' "
|
|
|
|
X_BINARY X_NOT_H_R ")",
|
2003-10-18 10:39:08 +08:00
|
|
|
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, sequenceValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, countryStringValidate, NULL},
|
2000-05-29 08:27:49 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )",
|
2003-04-30 02:13:10 +08:00
|
|
|
0, dnValidate, dnPretty},
|
2004-06-30 07:36:58 +08:00
|
|
|
{"( 1.2.36.79672281.1.5.0 DESC 'RDN' )",
|
|
|
|
0, rdnValidate, rdnPretty},
|
2004-08-26 08:06:39 +08:00
|
|
|
#ifdef LDAP_COMP_MATCH
|
2004-12-08 02:40:47 +08:00
|
|
|
{"( 1.2.36.79672281.1.5.3 DESC 'allComponents' )",
|
|
|
|
0, allComponentsValidate, NULL},
|
2004-11-15 04:11:38 +08:00
|
|
|
{"( 1.2.36.79672281.1.5.2 DESC 'componentFilterMatch assertion') ",
|
2004-08-26 08:06:39 +08:00
|
|
|
0, componentFilterValidate, NULL},
|
|
|
|
#endif
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )",
|
2004-04-02 10:25:36 +08:00
|
|
|
0, deliveryMethodValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, UTF8StringValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure Rule Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, printablesStringValidate, NULL},
|
2000-05-19 01:21:42 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' " X_NOT_H_R ")",
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_BLOB, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, generalizedTimeValidate, NULL},
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, IA5StringValidate, NULL},
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, integerValidate, NULL},
|
2000-05-19 01:21:42 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' " X_NOT_H_R ")",
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_BLOB, blobValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Access Points' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )",
|
2003-08-23 05:03:03 +08:00
|
|
|
0, nameUIDValidate, nameUIDPretty },
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, numericStringValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )",
|
2003-04-25 10:28:06 +08:00
|
|
|
0, numericoidValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, IA5StringValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, blobValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, UTF8StringValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol Information' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation Address' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, printableStringValidate, NULL},
|
2003-04-23 04:33:08 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.45 DESC 'SubtreeSpecification' )",
|
2003-04-23 04:35:41 +08:00
|
|
|
#define subtreeSpecificationValidate UTF8StringValidate /* FIXME */
|
2003-04-23 04:33:08 +08:00
|
|
|
0, subtreeSpecificationValidate, NULL},
|
2000-05-19 01:21:42 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' "
|
|
|
|
X_BINARY X_NOT_H_R ")",
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, printableStringValidate, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, printablesStringValidate, NULL},
|
2002-03-24 10:17:21 +08:00
|
|
|
#ifdef SUPPORT_OBSOLETE_UTC_SYNTAX
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.53 DESC 'UTC Time' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, utcTimeValidate, NULL},
|
2002-03-24 10:17:21 +08:00
|
|
|
#endif
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema Definition' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema Description' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-05-18 02:10:38 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring Assertion' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, NULL, NULL},
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2000-08-25 03:54:16 +08:00
|
|
|
/* RFC 2307 NIS Syntaxes */
|
2000-09-12 08:32:08 +08:00
|
|
|
{"( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, nisNetgroupTripleValidate, NULL},
|
2000-08-25 03:54:16 +08:00
|
|
|
{"( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
0, bootParameterValidate, NULL},
|
2000-08-25 03:54:16 +08:00
|
|
|
|
2003-10-18 10:39:08 +08:00
|
|
|
/* From PKIX *//* This OID is not published yet. */
|
|
|
|
{"( 1.2.826.0.1.3344810.7.1 DESC 'Certificate Serial Number and Issuer' )",
|
|
|
|
SLAP_SYNTAX_HIDE,
|
|
|
|
serialNumberAndIssuerValidate,
|
|
|
|
serialNumberAndIssuerPretty},
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2002-01-10 08:17:21 +08:00
|
|
|
#ifdef SLAPD_AUTHPASSWD
|
2001-12-02 12:48:06 +08:00
|
|
|
/* needs updating */
|
2000-05-31 05:34:55 +08:00
|
|
|
{"( 1.3.6.1.4.1.4203.666.2.2 DESC 'OpenLDAP authPassword' )",
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_HIDE, NULL, NULL},
|
2002-01-10 08:17:21 +08:00
|
|
|
#endif
|
2000-02-02 02:05:49 +08:00
|
|
|
|
2005-09-27 02:37:50 +08:00
|
|
|
{"( 1.3.6.1.1.16.1 DESC 'UUID' )",
|
2005-12-21 07:25:44 +08:00
|
|
|
0, UUIDValidate, UUIDPretty},
|
2003-11-01 01:41:31 +08:00
|
|
|
|
2004-12-02 17:05:26 +08:00
|
|
|
{"( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' )",
|
2004-12-03 00:59:00 +08:00
|
|
|
SLAP_SYNTAX_HIDE, csnValidate, NULL},
|
2004-12-02 17:05:26 +08:00
|
|
|
|
2000-08-27 03:52:21 +08:00
|
|
|
/* OpenLDAP Void Syntax */
|
2000-10-17 07:47:46 +08:00
|
|
|
{"( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )" ,
|
2003-04-07 03:16:49 +08:00
|
|
|
SLAP_SYNTAX_HIDE, inValidate, NULL},
|
2005-08-12 07:52:17 +08:00
|
|
|
|
|
|
|
#ifdef SLAP_AUTHZ_SYNTAX
|
|
|
|
/* FIXME: OID is unused, but not registered yet */
|
|
|
|
{"( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' )",
|
|
|
|
SLAP_SYNTAX_HIDE, authzValidate, authzPretty},
|
|
|
|
#endif /* SLAP_AUTHZ_SYNTAX */
|
|
|
|
|
2003-04-07 03:16:49 +08:00
|
|
|
{NULL, 0, NULL, NULL}
|
2000-01-30 03:43:19 +08:00
|
|
|
};
|
|
|
|
|
2002-09-01 04:42:25 +08:00
|
|
|
char *certificateExactMatchSyntaxes[] = {
|
2002-09-03 15:01:09 +08:00
|
|
|
"1.3.6.1.4.1.1466.115.121.1.8" /* certificate */,
|
|
|
|
NULL
|
|
|
|
};
|
2004-11-15 04:11:38 +08:00
|
|
|
#ifdef LDAP_COMP_MATCH
|
|
|
|
char *componentFilterMatchSyntaxes[] = {
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.8" /* certificate */,
|
|
|
|
NULL
|
|
|
|
};
|
|
|
|
#endif
|
2002-09-03 15:01:09 +08:00
|
|
|
char *directoryStringSyntaxes[] = {
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.44" /* printableString */,
|
|
|
|
NULL
|
|
|
|
};
|
|
|
|
char *integerFirstComponentMatchSyntaxes[] = {
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.27" /* INTEGER */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.17" /* ditStructureRuleDescription */,
|
|
|
|
NULL
|
|
|
|
};
|
|
|
|
char *objectIdentifierFirstComponentMatchSyntaxes[] = {
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.38" /* OID */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.3" /* attributeTypeDescription */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.16" /* ditContentRuleDescription */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.54" /* ldapSyntaxDescription */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.30" /* matchingRuleDescription */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.31" /* matchingRuleUseDescription */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.35" /* nameFormDescription */,
|
|
|
|
"1.3.6.1.4.1.1466.115.121.1.37" /* objectClassDescription */,
|
|
|
|
NULL
|
|
|
|
};
|
2002-09-01 04:42:25 +08:00
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
/*
|
2000-07-03 00:36:21 +08:00
|
|
|
* Other matching rules in X.520 that we do not use (yet):
|
2000-01-30 03:43:19 +08:00
|
|
|
*
|
|
|
|
* 2.5.13.25 uTCTimeMatch
|
|
|
|
* 2.5.13.26 uTCTimeOrderingMatch
|
2004-03-19 05:39:57 +08:00
|
|
|
* 2.5.13.31* directoryStringFirstComponentMatch
|
|
|
|
* 2.5.13.32* wordMatch
|
|
|
|
* 2.5.13.33* keywordMatch
|
2000-01-30 03:43:19 +08:00
|
|
|
* 2.5.13.36 certificatePairExactMatch
|
|
|
|
* 2.5.13.37 certificatePairMatch
|
|
|
|
* 2.5.13.38 certificateListExactMatch
|
|
|
|
* 2.5.13.39 certificateListMatch
|
|
|
|
* 2.5.13.40 algorithmIdentifierMatch
|
2004-03-19 05:39:57 +08:00
|
|
|
* 2.5.13.41* storedPrefixMatch
|
2000-01-30 03:43:19 +08:00
|
|
|
* 2.5.13.42 attributeCertificateMatch
|
|
|
|
* 2.5.13.43 readerAndKeyIDMatch
|
|
|
|
* 2.5.13.44 attributeIntegrityMatch
|
2004-03-19 05:39:57 +08:00
|
|
|
*
|
|
|
|
* (*) described in RFC 3698 (LDAP: Additional Matching Rules)
|
2000-01-30 03:43:19 +08:00
|
|
|
*/
|
2002-08-17 09:29:18 +08:00
|
|
|
static slap_mrule_defs_rec mrule_defs[] = {
|
2000-07-25 05:29:30 +08:00
|
|
|
/*
|
|
|
|
* EQUALITY matching rules must be listed after associated APPROX
|
|
|
|
* matching rules. So, we list all APPROX matching rules first.
|
|
|
|
*/
|
|
|
|
{"( " directoryStringApproxMatchOID " NAME 'directoryStringApproxMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_HIDE | SLAP_MR_EQUALITY_APPROX | SLAP_MR_EXT, NULL,
|
2003-02-27 14:51:53 +08:00
|
|
|
NULL, NULL, directoryStringApproxMatch,
|
|
|
|
directoryStringApproxIndexer, directoryStringApproxFilter,
|
2000-07-25 05:29:30 +08:00
|
|
|
NULL},
|
|
|
|
|
|
|
|
{"( " IA5StringApproxMatchOID " NAME 'IA5StringApproxMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_HIDE | SLAP_MR_EQUALITY_APPROX | SLAP_MR_EXT, NULL,
|
2003-02-27 14:51:53 +08:00
|
|
|
NULL, NULL, IA5StringApproxMatch,
|
|
|
|
IA5StringApproxIndexer, IA5StringApproxFilter,
|
2000-07-25 05:29:30 +08:00
|
|
|
NULL},
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Other matching rules
|
|
|
|
*/
|
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 2.5.13.0 NAME 'objectIdentifierMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-25 10:28:06 +08:00
|
|
|
NULL, NULL, octetStringMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.1 NAME 'distinguishedNameMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-07 09:19:47 +08:00
|
|
|
NULL, dnNormalize, dnMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringIndexer, octetStringFilter,
|
2004-06-30 07:36:58 +08:00
|
|
|
NULL },
|
2004-08-26 08:06:39 +08:00
|
|
|
|
2004-09-09 10:07:27 +08:00
|
|
|
{"( 1.3.6.1.4.1.4203.666.4.9 NAME 'dnSubtreeMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
|
|
|
|
SLAP_MR_HIDE | SLAP_MR_EXT, NULL,
|
|
|
|
NULL, dnNormalize, dnRelativeMatch,
|
|
|
|
NULL, NULL,
|
|
|
|
NULL },
|
|
|
|
|
|
|
|
{"( 1.3.6.1.4.1.4203.666.4.8 NAME 'dnOneLevelMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
|
|
|
|
SLAP_MR_HIDE | SLAP_MR_EXT, NULL,
|
|
|
|
NULL, dnNormalize, dnRelativeMatch,
|
|
|
|
NULL, NULL,
|
|
|
|
NULL },
|
|
|
|
|
|
|
|
{"( 1.3.6.1.4.1.4203.666.4.10 NAME 'dnSubordinateMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
|
|
|
|
SLAP_MR_HIDE | SLAP_MR_EXT, NULL,
|
|
|
|
NULL, dnNormalize, dnRelativeMatch,
|
|
|
|
NULL, NULL,
|
|
|
|
NULL },
|
|
|
|
|
|
|
|
{"( 1.3.6.1.4.1.4203.666.4.11 NAME 'dnSuperiorMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )",
|
|
|
|
SLAP_MR_HIDE | SLAP_MR_EXT, NULL,
|
|
|
|
NULL, dnNormalize, dnRelativeMatch,
|
|
|
|
NULL, NULL,
|
|
|
|
NULL },
|
|
|
|
|
2004-06-30 07:36:58 +08:00
|
|
|
{"( 1.2.36.79672281.1.13.3 NAME 'rdnMatch' "
|
|
|
|
"SYNTAX 1.2.36.79672281.1.5.0 )",
|
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
|
|
|
NULL, rdnNormalize, rdnMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2004-08-26 08:06:39 +08:00
|
|
|
#ifdef LDAP_COMP_MATCH
|
|
|
|
{"( 1.2.36.79672281.1.13.2 NAME 'componentFilterMatch' "
|
|
|
|
"SYNTAX 1.2.36.79672281.1.5.2 )",
|
2004-11-15 04:11:38 +08:00
|
|
|
SLAP_MR_EXT|SLAP_MR_COMPONENT, componentFilterMatchSyntaxes,
|
2004-08-26 08:06:39 +08:00
|
|
|
NULL, NULL , componentFilterMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
|
|
|
NULL },
|
2004-10-28 03:37:02 +08:00
|
|
|
|
|
|
|
{"( 1.2.36.79672281.1.13.6 NAME 'allComponentsMatch' "
|
|
|
|
"SYNTAX 1.2.36.79672281.1.5.3 )",
|
|
|
|
SLAP_MR_EQUALITY|SLAP_MR_EXT|SLAP_MR_COMPONENT, NULL,
|
|
|
|
NULL, NULL , allComponentsMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
|
|
|
NULL },
|
2004-11-30 04:21:38 +08:00
|
|
|
|
|
|
|
{"( 1.2.36.79672281.1.13.7 NAME 'directoryComponentsMatch' "
|
|
|
|
"SYNTAX 1.2.36.79672281.1.5.3 )",
|
|
|
|
SLAP_MR_EQUALITY|SLAP_MR_EXT|SLAP_MR_COMPONENT, NULL,
|
|
|
|
NULL, NULL , directoryComponentsMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
|
|
|
NULL },
|
2004-08-26 08:06:39 +08:00
|
|
|
#endif
|
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 2.5.13.2 NAME 'caseIgnoreMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
|
2003-04-07 09:19:47 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, directoryStringSyntaxes,
|
|
|
|
NULL, UTF8StringNormalize, octetStringMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringIndexer, octetStringFilter,
|
2000-07-25 05:29:30 +08:00
|
|
|
directoryStringApproxMatchOID },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
|
2002-09-03 15:01:09 +08:00
|
|
|
SLAP_MR_ORDERING, directoryStringSyntaxes,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, UTF8StringNormalize, octetStringOrderingMatch,
|
|
|
|
NULL, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
"caseIgnoreMatch" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
|
2004-03-27 02:58:01 +08:00
|
|
|
SLAP_MR_SUBSTR, directoryStringSyntaxes,
|
2005-03-25 13:57:07 +08:00
|
|
|
NULL, UTF8StringNormalize, directoryStringSubstringsMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringSubstringsIndexer, octetStringSubstringsFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
"caseIgnoreMatch" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.5 NAME 'caseExactMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
|
2002-09-03 15:01:09 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, directoryStringSyntaxes,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, UTF8StringNormalize, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2000-07-25 05:29:30 +08:00
|
|
|
directoryStringApproxMatchOID },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.6 NAME 'caseExactOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
|
2002-09-03 15:01:09 +08:00
|
|
|
SLAP_MR_ORDERING, directoryStringSyntaxes,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, UTF8StringNormalize, octetStringOrderingMatch,
|
|
|
|
NULL, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
"caseExactMatch" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.7 NAME 'caseExactSubstringsMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
|
2002-09-03 15:01:09 +08:00
|
|
|
SLAP_MR_SUBSTR, directoryStringSyntaxes,
|
2005-03-25 13:57:07 +08:00
|
|
|
NULL, UTF8StringNormalize, directoryStringSubstringsMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringSubstringsIndexer, octetStringSubstringsFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
"caseExactMatch" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.8 NAME 'numericStringMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )",
|
2003-04-07 02:57:17 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2004-02-18 04:30:37 +08:00
|
|
|
NULL, numericStringNormalize, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2004-03-27 02:58:01 +08:00
|
|
|
{"( 2.5.13.9 NAME 'numericStringOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )",
|
|
|
|
SLAP_MR_ORDERING, NULL,
|
|
|
|
NULL, numericStringNormalize, octetStringOrderingMatch,
|
|
|
|
NULL, NULL,
|
|
|
|
"numericStringMatch" },
|
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 2.5.13.10 NAME 'numericStringSubstringsMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_SUBSTR, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, numericStringNormalize, octetStringSubstringsMatch,
|
|
|
|
octetStringSubstringsIndexer, octetStringSubstringsFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
"numericStringMatch" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.11 NAME 'caseIgnoreListMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )",
|
2003-04-07 02:57:17 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2000-05-17 02:11:50 +08:00
|
|
|
{"( 2.5.13.12 NAME 'caseIgnoreListSubstringsMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_SUBSTR, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL, NULL, NULL, NULL, NULL,
|
|
|
|
"caseIgnoreListMatch" },
|
2000-05-17 02:11:50 +08:00
|
|
|
|
2000-06-30 03:00:17 +08:00
|
|
|
{"( 2.5.13.13 NAME 'booleanMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL, booleanMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-06-30 03:00:17 +08:00
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 2.5.13.14 NAME 'integerMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-24 13:16:06 +08:00
|
|
|
NULL, NULL, integerMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2002-03-26 01:08:38 +08:00
|
|
|
{"( 2.5.13.15 NAME 'integerOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
|
2003-04-07 09:06:46 +08:00
|
|
|
SLAP_MR_ORDERING, NULL,
|
2003-04-24 13:16:06 +08:00
|
|
|
NULL, NULL, integerMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
"integerMatch" },
|
2002-03-26 01:08:38 +08:00
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 2.5.13.16 NAME 'bitStringMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.17 NAME 'octetStringMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2002-09-04 10:00:42 +08:00
|
|
|
{"( 2.5.13.18 NAME 'octetStringOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
|
|
|
|
SLAP_MR_ORDERING, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL, octetStringOrderingMatch,
|
2002-09-04 10:00:42 +08:00
|
|
|
NULL, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
"octetStringMatch" },
|
2002-09-04 10:00:42 +08:00
|
|
|
|
2003-03-01 09:27:09 +08:00
|
|
|
{"( 2.5.13.19 NAME 'octetStringSubstringsMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
|
|
|
|
SLAP_MR_SUBSTR, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL, octetStringSubstringsMatch,
|
|
|
|
octetStringSubstringsIndexer, octetStringSubstringsFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
"octetStringMatch" },
|
2003-03-01 09:27:09 +08:00
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 2.5.13.20 NAME 'telephoneNumberMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )",
|
2003-04-07 02:57:17 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-02-27 14:51:53 +08:00
|
|
|
NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
telephoneNumberNormalize, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.21 NAME 'telephoneNumberSubstringsMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_SUBSTR, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, telephoneNumberNormalize, octetStringSubstringsMatch,
|
|
|
|
octetStringSubstringsIndexer, octetStringSubstringsFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
"telephoneNumberMatch" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.22 NAME 'presentationAddressMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.23 NAME 'uniqueMemberMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, uniqueMemberNormalize, uniqueMemberMatch,
|
2005-03-26 10:07:00 +08:00
|
|
|
uniqueMemberIndexer, uniqueMemberFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.24 NAME 'protocolInformationMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.27 NAME 'generalizedTimeMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )",
|
2004-09-28 21:11:11 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT | SLAP_MR_ORDERED_INDEX, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, generalizedTimeNormalize, octetStringMatch,
|
2004-09-28 21:11:11 +08:00
|
|
|
generalizedTimeIndexer, generalizedTimeFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.28 NAME 'generalizedTimeOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )",
|
2004-09-28 21:11:11 +08:00
|
|
|
SLAP_MR_ORDERING | SLAP_MR_ORDERED_INDEX, NULL,
|
2003-08-14 04:04:59 +08:00
|
|
|
NULL, generalizedTimeNormalize, generalizedTimeOrderingMatch,
|
2000-07-25 05:29:30 +08:00
|
|
|
NULL, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
"generalizedTimeMatch" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.29 NAME 'integerFirstComponentMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
|
2003-04-24 13:16:06 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT,
|
|
|
|
integerFirstComponentMatchSyntaxes,
|
2003-04-28 12:41:47 +08:00
|
|
|
NULL, firstComponentNormalize, integerMatch,
|
2003-04-24 13:16:06 +08:00
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )",
|
2002-09-03 15:01:09 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT,
|
|
|
|
objectIdentifierFirstComponentMatchSyntaxes,
|
2003-04-28 12:41:47 +08:00
|
|
|
NULL, firstComponentNormalize, octetStringMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
NULL },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2001-10-20 18:15:09 +08:00
|
|
|
{"( 2.5.13.34 NAME 'certificateExactMatch' "
|
2001-10-21 01:31:52 +08:00
|
|
|
"SYNTAX 1.2.826.0.1.3344810.7.1 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, certificateExactMatchSyntaxes,
|
2003-10-18 10:39:08 +08:00
|
|
|
#ifdef HAVE_TLS
|
2003-05-15 04:52:23 +08:00
|
|
|
NULL, certificateExactNormalize, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2003-10-18 10:39:08 +08:00
|
|
|
#else
|
|
|
|
NULL, NULL, NULL, NULL, NULL,
|
2003-10-18 12:20:19 +08:00
|
|
|
#endif
|
|
|
|
NULL },
|
|
|
|
|
|
|
|
{"( 2.5.13.35 NAME 'certificateMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )",
|
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
|
|
|
#ifdef HAVE_TLS
|
|
|
|
NULL, NULL, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
|
|
|
#else
|
|
|
|
NULL, NULL, NULL, NULL, NULL,
|
2001-10-20 18:15:09 +08:00
|
|
|
#endif
|
2003-10-18 10:39:08 +08:00
|
|
|
NULL },
|
2001-10-20 18:15:09 +08:00
|
|
|
|
2000-01-30 03:43:19 +08:00
|
|
|
{"( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, IA5StringNormalize, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2000-07-25 05:29:30 +08:00
|
|
|
IA5StringApproxMatchOID },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
|
2003-04-07 02:57:17 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, IA5StringNormalize, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
2000-07-25 05:29:30 +08:00
|
|
|
IA5StringApproxMatchOID },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
{"( 1.3.6.1.4.1.1466.109.114.3 NAME 'caseIgnoreIA5SubstringsMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_SUBSTR, NULL,
|
2005-03-25 13:57:07 +08:00
|
|
|
NULL, IA5StringNormalize, directoryStringSubstringsMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringSubstringsIndexer, octetStringSubstringsFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
"caseIgnoreIA5Match" },
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2000-08-27 02:49:50 +08:00
|
|
|
{"( 1.3.6.1.4.1.4203.1.2.1 NAME 'caseExactIA5SubstringsMatch' "
|
2000-07-03 00:36:21 +08:00
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_SUBSTR, NULL,
|
2005-03-25 13:57:07 +08:00
|
|
|
NULL, IA5StringNormalize, directoryStringSubstringsMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
octetStringSubstringsIndexer, octetStringSubstringsFilter,
|
2003-04-16 13:56:28 +08:00
|
|
|
"caseExactIA5Match" },
|
2000-07-03 00:36:21 +08:00
|
|
|
|
2002-01-10 08:17:21 +08:00
|
|
|
#ifdef SLAPD_AUTHPASSWD
|
2001-12-02 12:48:06 +08:00
|
|
|
/* needs updating */
|
2000-05-31 05:34:55 +08:00
|
|
|
{"( 1.3.6.1.4.1.4203.666.4.1 NAME 'authPasswordMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )",
|
2003-06-01 02:57:32 +08:00
|
|
|
SLAP_MR_HIDE | SLAP_MR_EQUALITY, NULL,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL, authPasswordMatch,
|
2000-07-25 05:29:30 +08:00
|
|
|
NULL, NULL,
|
|
|
|
NULL},
|
2002-01-10 08:17:21 +08:00
|
|
|
#endif
|
2000-05-31 05:34:55 +08:00
|
|
|
|
2001-09-02 01:10:43 +08:00
|
|
|
{"( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EXT, NULL,
|
2003-04-24 13:16:06 +08:00
|
|
|
NULL, NULL, integerBitAndMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
"integerMatch" },
|
2001-09-02 01:10:43 +08:00
|
|
|
|
|
|
|
{"( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )",
|
2002-09-01 04:42:25 +08:00
|
|
|
SLAP_MR_EXT, NULL,
|
2003-04-24 13:16:06 +08:00
|
|
|
NULL, NULL, integerBitOrMatch,
|
2003-04-07 09:06:46 +08:00
|
|
|
NULL, NULL,
|
2003-04-16 13:56:28 +08:00
|
|
|
"integerMatch" },
|
2001-09-02 01:10:43 +08:00
|
|
|
|
2005-09-27 02:37:50 +08:00
|
|
|
{"( 1.3.6.1.1.16.2 NAME 'UUIDMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.1.16.1 )",
|
2005-12-21 06:36:51 +08:00
|
|
|
SLAP_MR_EQUALITY | SLAP_MR_MUTATION_NORMALIZER, NULL,
|
2003-11-01 01:41:31 +08:00
|
|
|
NULL, UUIDNormalize, octetStringMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
|
|
|
NULL},
|
|
|
|
|
2005-09-27 02:37:50 +08:00
|
|
|
{"( 1.3.6.1.1.16.3 NAME 'UUIDOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.1.16.1 )",
|
2005-12-21 06:36:51 +08:00
|
|
|
SLAP_MR_ORDERING | SLAP_MR_MUTATION_NORMALIZER, NULL,
|
2003-11-01 01:41:31 +08:00
|
|
|
NULL, UUIDNormalize, octetStringOrderingMatch,
|
|
|
|
octetStringIndexer, octetStringFilter,
|
|
|
|
"UUIDMatch"},
|
|
|
|
|
2004-12-02 17:05:26 +08:00
|
|
|
{"( 1.3.6.1.4.1.4203.666.11.2.2 NAME 'CSNMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.4203.666.11.2.1 )",
|
|
|
|
SLAP_MR_HIDE | SLAP_MR_EQUALITY | SLAP_MR_ORDERED_INDEX, NULL,
|
2004-12-03 00:59:00 +08:00
|
|
|
NULL, NULL, csnMatch,
|
|
|
|
csnIndexer, csnFilter,
|
2004-12-02 17:05:26 +08:00
|
|
|
NULL},
|
|
|
|
|
|
|
|
{"( 1.3.6.1.4.1.4203.666.11.2.3 NAME 'CSNOrderingMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.4203.666.11.2.1 )",
|
|
|
|
SLAP_MR_HIDE | SLAP_MR_ORDERING | SLAP_MR_ORDERED_INDEX, NULL,
|
2004-12-03 00:59:00 +08:00
|
|
|
NULL, NULL, csnOrderingMatch,
|
2004-12-02 17:05:26 +08:00
|
|
|
NULL, NULL,
|
|
|
|
"CSNMatch" },
|
|
|
|
|
2005-08-12 07:52:17 +08:00
|
|
|
#ifdef SLAP_AUTHZ_SYNTAX
|
|
|
|
/* FIXME: OID is unused, but not registered yet */
|
|
|
|
{"( 1.3.6.1.4.1.4203.666.4.12 NAME 'authzMatch' "
|
|
|
|
"SYNTAX 1.3.6.1.4.1.4203.666.2.7 )",
|
|
|
|
SLAP_MR_HIDE | SLAP_MR_EQUALITY, NULL,
|
|
|
|
NULL, authzNormalize, authzMatch,
|
|
|
|
NULL, NULL,
|
|
|
|
NULL},
|
|
|
|
#endif /* SLAP_AUTHZ_SYNTAX */
|
|
|
|
|
2002-09-01 04:42:25 +08:00
|
|
|
{NULL, SLAP_MR_NONE, NULL,
|
|
|
|
NULL, NULL, NULL, NULL, NULL,
|
|
|
|
NULL }
|
2000-01-30 03:43:19 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
int
|
2002-01-10 08:17:21 +08:00
|
|
|
slap_schema_init( void )
|
2000-01-30 03:43:19 +08:00
|
|
|
{
|
|
|
|
int res;
|
2003-04-07 11:46:22 +08:00
|
|
|
int i;
|
2000-01-30 03:43:19 +08:00
|
|
|
|
2000-05-16 04:04:36 +08:00
|
|
|
/* we should only be called once (from main) */
|
2004-10-06 13:51:38 +08:00
|
|
|
assert( schema_init_done == 0 );
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
for ( i=0; syntax_defs[i].sd_desc != NULL; i++ ) {
|
2002-08-17 09:29:18 +08:00
|
|
|
res = register_syntax( &syntax_defs[i] );
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
if ( res ) {
|
2002-01-10 08:17:21 +08:00
|
|
|
fprintf( stderr, "slap_schema_init: Error registering syntax %s\n",
|
2000-01-30 03:43:19 +08:00
|
|
|
syntax_defs[i].sd_desc );
|
2000-05-25 07:27:33 +08:00
|
|
|
return LDAP_OTHER;
|
2000-01-30 03:43:19 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for ( i=0; mrule_defs[i].mrd_desc != NULL; i++ ) {
|
2002-09-01 04:42:25 +08:00
|
|
|
if( mrule_defs[i].mrd_usage == SLAP_MR_NONE &&
|
|
|
|
mrule_defs[i].mrd_compat_syntaxes == NULL )
|
|
|
|
{
|
2000-02-15 04:57:34 +08:00
|
|
|
fprintf( stderr,
|
2003-02-27 11:29:07 +08:00
|
|
|
"slap_schema_init: Ignoring unusable matching rule %s\n",
|
2000-02-15 04:57:34 +08:00
|
|
|
mrule_defs[i].mrd_desc );
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2002-08-17 09:29:18 +08:00
|
|
|
res = register_matching_rule( &mrule_defs[i] );
|
2000-01-30 03:43:19 +08:00
|
|
|
|
|
|
|
if ( res ) {
|
|
|
|
fprintf( stderr,
|
2002-01-10 08:17:21 +08:00
|
|
|
"slap_schema_init: Error registering matching rule %s\n",
|
2000-01-30 03:43:19 +08:00
|
|
|
mrule_defs[i].mrd_desc );
|
2000-05-25 07:27:33 +08:00
|
|
|
return LDAP_OTHER;
|
2000-01-30 03:43:19 +08:00
|
|
|
}
|
|
|
|
}
|
2002-01-10 08:17:21 +08:00
|
|
|
|
|
|
|
res = slap_schema_load();
|
2004-10-06 13:51:38 +08:00
|
|
|
schema_init_done = 1;
|
2002-01-10 08:17:21 +08:00
|
|
|
return res;
|
2000-01-30 03:43:19 +08:00
|
|
|
}
|
2001-11-07 09:03:49 +08:00
|
|
|
|
|
|
|
void
|
|
|
|
schema_destroy( void )
|
|
|
|
{
|
2001-12-31 12:35:02 +08:00
|
|
|
oidm_destroy();
|
2001-11-07 09:03:49 +08:00
|
|
|
oc_destroy();
|
|
|
|
at_destroy();
|
|
|
|
mr_destroy();
|
2002-08-31 18:45:22 +08:00
|
|
|
mru_destroy();
|
2001-11-07 09:03:49 +08:00
|
|
|
syn_destroy();
|
2005-08-22 17:46:17 +08:00
|
|
|
|
|
|
|
ldap_pvt_thread_mutex_destroy( &ad_undef_mutex );
|
|
|
|
ldap_pvt_thread_mutex_destroy( &oc_undef_mutex );
|
2001-11-07 09:03:49 +08:00
|
|
|
}
|