diff --git a/servers/slapd/at.c b/servers/slapd/at.c index b12d25eb28..911c46f870 100644 --- a/servers/slapd/at.c +++ b/servers/slapd/at.c @@ -235,7 +235,7 @@ at_insert( (AVL_DUP) avl_dup_error ) ) { *err = sat->sat_oid; ldap_memfree(air); - return SLAP_SCHERR_DUP_ATTR; + return SLAP_SCHERR_ATTR_DUP; } /* FIX: temporal consistency check */ at_bvfind(&air->air_name); @@ -253,7 +253,7 @@ at_insert( (AVL_DUP) avl_dup_error ) ) { *err = *names; ldap_memfree(air); - return SLAP_SCHERR_DUP_ATTR; + return SLAP_SCHERR_ATTR_DUP; } /* FIX: temporal consistency check */ at_bvfind(&air->air_name); @@ -368,6 +368,11 @@ at_add( /* subtypes must have same usage as their SUP */ return SLAP_SCHERR_ATTR_BAD_USAGE; } + + if ( sat->sat_flags & SLAP_AT_FINAL ) { + /* cannot subtype a "final" attribute type */ + return SLAP_SCHERR_ATTR_BAD_SUP; + } } /* diff --git a/servers/slapd/mr.c b/servers/slapd/mr.c index e1af29d0c8..f8e788b6e0 100644 --- a/servers/slapd/mr.c +++ b/servers/slapd/mr.c @@ -108,7 +108,7 @@ mr_insert( (AVL_DUP) avl_dup_error ) ) { *err = smr->smr_oid; ldap_memfree(mir); - return SLAP_SCHERR_DUP_RULE; + return SLAP_SCHERR_MR_DUP; } /* FIX: temporal consistency check */ mr_bvfind(&mir->mir_name); @@ -125,7 +125,7 @@ mr_insert( (AVL_DUP) avl_dup_error ) ) { *err = *names; ldap_memfree(mir); - return SLAP_SCHERR_DUP_RULE; + return SLAP_SCHERR_MR_DUP; } /* FIX: temporal consistency check */ mr_bvfind(&mir->mir_name); diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c index ca7a0d45aa..02f6ea4022 100644 --- a/servers/slapd/oc.c +++ b/servers/slapd/oc.c @@ -354,7 +354,7 @@ oc_insert( { *err = soc->soc_oid; ldap_memfree(oir); - return SLAP_SCHERR_DUP_CLASS; + return SLAP_SCHERR_CLASS_DUP; } /* FIX: temporal consistency check */ @@ -378,7 +378,7 @@ oc_insert( { *err = *names; ldap_memfree(oir); - return SLAP_SCHERR_DUP_CLASS; + return SLAP_SCHERR_CLASS_DUP; } /* FIX: temporal consistency check */ @@ -446,7 +446,7 @@ oc_add( code = oc_create_allowed( soc, soc->soc_at_oids_may, &op, err ); if ( code != 0 ) return code; - if( user && op ) return SLAP_SCHERR_CLASS_OPERATIONAL; + if( user && op ) return SLAP_SCHERR_CLASS_BAD_SUP; code = oc_insert(soc,err); return code; diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c index 73c36a7170..6ef84a90e9 100644 --- a/servers/slapd/schema_prep.c +++ b/servers/slapd/schema_prep.c @@ -236,7 +236,7 @@ static struct slap_schema_ad_map { "DESC 'RFC2256: object classes of the entity' " "EQUALITY objectIdentifierMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )", - NULL, 0, objectClassMatch, NULL, NULL, + NULL, SLAP_AT_FINAL, objectClassMatch, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_objectClass) }, /* user entry operational attributes */ @@ -453,7 +453,7 @@ static struct slap_schema_ad_map { "DESC 'RFC2256: name of aliased object' " "EQUALITY distinguishedNameMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )", - aliasAttribute, 0, NULL, NULL, NULL, + aliasAttribute, SLAP_AT_FINAL, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_aliasedObjectName) }, { "ref", "( 2.16.840.1.113730.3.1.34 NAME 'ref' " "DESC 'namedref: subordinate referral URL' " @@ -508,14 +508,14 @@ static struct slap_schema_ad_map { "DESC 'RFC2256: common supertype of DN attributes' " "EQUALITY distinguishedNameMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_ABSTRACT, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_distinguishedName) }, { "name", "( 2.5.4.41 NAME 'name' " "DESC 'RFC2256: common supertype of name attributes' " "EQUALITY caseIgnoreMatch " "SUBSTR caseIgnoreSubstringsMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_ABSTRACT, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_name) }, { "cn", "( 2.5.4.3 NAME ( 'cn' 'commonName' ) " "DESC 'RFC2256: common name(s) for which the entity is known by' " @@ -526,7 +526,7 @@ static struct slap_schema_ad_map { "DESC 'RFC2256/2307: password of user' " "EQUALITY octetStringMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )", - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_FINAL, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_userPassword) }, #ifdef SLAPD_AUTHPASSWD @@ -535,7 +535,7 @@ static struct slap_schema_ad_map { "DESC 'RFC3112: authentication password attribute' " "EQUALITY 1.3.6.1.4.1.4203.1.2.2 " "SYNTAX 1.3.6.1.4.1.4203.1.1.2 )", - NULL, 0, + NULL, SLAP_AT_FINAL, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_authPassword) }, { "supportedAuthPasswordSchemes", "( 1.3.6.1.4.1.4203.1.3.3 " @@ -549,7 +549,7 @@ static struct slap_schema_ad_map { #endif #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND { "krbName", NULL, - NULL, 0, NULL, NULL, NULL, + NULL, SLAP_AT_FINAL, NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_krbName) }, #endif @@ -565,7 +565,8 @@ static AttributeType slap_at_undefined = { NULL, /* subtypes */ NULL, NULL, NULL, NULL, /* matching rules */ NULL, /* syntax (this may need to be defined) */ - (AttributeTypeSchemaCheckFN *) 0, 0, /* schema check function/mask */ + (AttributeTypeSchemaCheckFN *) 0, /* schema check function */ + SLAP_AT_ABSTRACT|SLAP_AT_FINAL, /* mask */ NULL, /* next */ NULL /* attribute description */ /* mutex (don't know how to initialize it :) */ diff --git a/servers/slapd/schemaparse.c b/servers/slapd/schemaparse.c index bc9dbd7dd9..10e92f827c 100644 --- a/servers/slapd/schemaparse.c +++ b/servers/slapd/schemaparse.c @@ -21,23 +21,23 @@ int global_schemacheck = 1; /* schemacheck ON is default */ static void oc_usage(void); static void at_usage(void); -static char *const err2text[SLAP_SCHERR_LAST+1] = { - "Success", +static char *const err2text[] = { "Out of memory", "ObjectClass not found", "ObjectClass inappropriate SUPerior", "ObjectClass operational", + "Duplicate objectClass", "AttributeType not found", "AttributeType inappropriate USAGE", - "Duplicate objectClass", + "AttributeType inappropriate SUPerior", + "AttributeType SYNTAX or SUPerior required", "Duplicate attributeType", - "Duplicate ldapSyntax", - "Duplicate matchingRule", - "OID or name required", - "SYNTAX or SUPerior required", "MatchingRule not found", + "Duplicate matchingRule", "Syntax not found", "Syntax required", + "Duplicate ldapSyntax", + "OID or name required", "Qualifier not supported", "Invalid NAME", "OID could not be expanded" @@ -46,7 +46,7 @@ static char *const err2text[SLAP_SCHERR_LAST+1] = { char * scherr2str(int code) { - if ( code < 0 || code >= (int)(sizeof(err2text)/sizeof(char *)) ) { + if ( code < 0 || SLAP_SCHERR_LAST < code ) { return "Unknown error"; } else { return err2text[code]; diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index a8efb056e8..949a01441c 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -218,25 +218,26 @@ typedef struct slap_ssf_set { /* * represents schema information for a database */ -#define SLAP_SCHERR_OUTOFMEM 1 -#define SLAP_SCHERR_CLASS_NOT_FOUND 2 -#define SLAP_SCHERR_CLASS_BAD_USAGE 3 -#define SLAP_SCHERR_CLASS_OPERATIONAL 4 -#define SLAP_SCHERR_ATTR_NOT_FOUND 5 -#define SLAP_SCHERR_ATTR_BAD_USAGE 6 -#define SLAP_SCHERR_DUP_CLASS 7 -#define SLAP_SCHERR_DUP_ATTR 8 -#define SLAP_SCHERR_DUP_SYNTAX 9 -#define SLAP_SCHERR_DUP_RULE 10 -#define SLAP_SCHERR_NO_NAME 11 -#define SLAP_SCHERR_ATTR_INCOMPLETE 12 -#define SLAP_SCHERR_MR_NOT_FOUND 13 -#define SLAP_SCHERR_SYN_NOT_FOUND 14 -#define SLAP_SCHERR_MR_INCOMPLETE 15 -#define SLAP_SCHERR_NOT_SUPPORTED 16 -#define SLAP_SCHERR_BAD_DESCR 17 -#define SLAP_SCHERR_OIDM 18 -#define SLAP_SCHERR_LAST SLAP_SCHERR_OIDM +#define SLAP_SCHERR_OUTOFMEM 1 +#define SLAP_SCHERR_CLASS_NOT_FOUND 2 +#define SLAP_SCHERR_CLASS_BAD_USAGE 3 +#define SLAP_SCHERR_CLASS_BAD_SUP 4 +#define SLAP_SCHERR_CLASS_DUP 5 +#define SLAP_SCHERR_ATTR_NOT_FOUND 6 +#define SLAP_SCHERR_ATTR_BAD_USAGE 7 +#define SLAP_SCHERR_ATTR_BAD_SUP 8 +#define SLAP_SCHERR_ATTR_INCOMPLETE 9 +#define SLAP_SCHERR_ATTR_DUP 10 +#define SLAP_SCHERR_MR_NOT_FOUND 11 +#define SLAP_SCHERR_MR_INCOMPLETE 12 +#define SLAP_SCHERR_MR_DUP 13 +#define SLAP_SCHERR_SYN_NOT_FOUND 14 +#define SLAP_SCHERR_SYN_DUP 15 +#define SLAP_SCHERR_NO_NAME 16 +#define SLAP_SCHERR_NOT_SUPPORTED 17 +#define SLAP_SCHERR_BAD_DESCR 18 +#define SLAP_SCHERR_OIDM 19 +#define SLAP_SCHERR_LAST SLAP_SCHERR_OIDM typedef union slap_sockaddr { struct sockaddr sa_addr; @@ -433,8 +434,10 @@ typedef struct slap_attribute_type { AttributeTypeSchemaCheckFN *sat_check; -#define SLAP_AT_NONE 0x0000U -#define SLAP_AT_HIDE 0x0001U /* hide attribute */ +#define SLAP_AT_NONE 0x0000U +#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */ +#define SLAP_AT_FINAL 0x0200U /* cannot be subtyped */ +#define SLAP_AT_HIDE 0x8000U /* hide attribute */ slap_mask_t sat_flags; struct slap_attribute_type *sat_next; diff --git a/servers/slapd/syntax.c b/servers/slapd/syntax.c index 2155eb20f5..eea2e1b110 100644 --- a/servers/slapd/syntax.c +++ b/servers/slapd/syntax.c @@ -103,7 +103,7 @@ syn_insert( (AVL_DUP) avl_dup_error ) ) { *err = ssyn->ssyn_oid; ldap_memfree(sir); - return SLAP_SCHERR_DUP_SYNTAX; + return SLAP_SCHERR_SYN_DUP; } /* FIX: temporal consistency check */ syn_find(sir->sir_name);