mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-03-07 14:18:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup:

Browse Source 
Add lmpats_out[] to simplify limits2str().  Wrap both in #ifdef LDAP_DEBUG.
Change char *lmpats[] to struct berval[].  Remove always-true compare.
Readability: Add STRSTART, rearrange limits_get, fix comments & long lines.
This commit is contained in:
Hallvard Furuseth 2008-10-21 18:57:16 +00:00
parent e8c1147b77
commit 59c4d9fad9
1 changed files with 145 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

292
servers/slapd/limits.c
View File

@ -27,45 +27,39 @@
/* define to get an error if requesting limit higher than hard */
#undef ABOVE_HARD_LIMIT_IS_ERROR
static const struct berval lmpats[] = {
BER_BVC( "base" ),
BER_BVC( "base" ),
BER_BVC( "onelevel" ),
BER_BVC( "subtree" ),
BER_BVC( "children" ),
BER_BVC( "regex" ),
BER_BVC( "anonymous" ),
BER_BVC( "users" ),
BER_BVC( "*" )
};
#ifdef LDAP_DEBUG
static const char *const dn_source[2] = { "DN", "DN.THIS" };
#endif
static const char *const lmpats_out[] = {
"UNDEFINED",
"EXACT",
"ONELEVEL",
"SUBTREE",
"CHILDREN",
"REGEX",
"ANONYMOUS",
"USERS",
"ANY"
};
static char *
static const char *
limits2str( unsigned i )
{
switch ( i ) {
case SLAP_LIMITS_UNDEFINED:
return "UNDEFINED";
case SLAP_LIMITS_EXACT:
return "EXACT";
case SLAP_LIMITS_ONE:
return "ONELEVEL";
case SLAP_LIMITS_SUBTREE:
return "SUBTREE";
case SLAP_LIMITS_CHILDREN:
return "CHILDREN";
case SLAP_LIMITS_REGEX:
return "REGEX";
case SLAP_LIMITS_ANONYMOUS:
return "ANONYMOUS";
case SLAP_LIMITS_USERS:
return "USERS";
case SLAP_LIMITS_ANY:
return "ANY";
default:
return "UNKNOWN";
}
return i < (sizeof( lmpats_out ) / sizeof( lmpats_out[0] ))
? lmpats_out[i] : "UNKNOWN";
}
#endif /* LDAP_DEBUG */
static int
limits_get(
@ -108,29 +102,16 @@ limits_get(
}
if ( type == SLAP_LIMITS_TYPE_GROUP ) {
int rc;
rc = backend_group( op, NULL,
int rc = backend_group( op, NULL,
&lm[0]->lm_pat, ndn,
lm[0]->lm_group_oc,
lm[0]->lm_group_ad );
if ( rc == 0 ) {
*limit = &lm[0]->lm_limits;
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=GROUP match=EXACT "
"dn=\"%s\" oc=\"%s\" ad=\"%s\"\n",
lm[0]->lm_pat.bv_val,
lm[0]->lm_group_oc->soc_cname.bv_val,
lm[0]->lm_group_ad->ad_cname.bv_val );
return( 0 );
goto found_group;
}
} else {
if ( dn_match( &lm[0]->lm_pat, ndn ) ) {
*limit = &lm[0]->lm_limits;
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=EXACT dn=\"%s\"\n",
dn_source[isthis], lm[0]->lm_pat.bv_val, 0 );
return( 0 );
goto found_dn;
}
}
break;
@ -138,20 +119,20 @@ limits_get(
case SLAP_LIMITS_ONE:
case SLAP_LIMITS_SUBTREE:
case SLAP_LIMITS_CHILDREN: {
size_t d;
ber_len_t d;
if ( BER_BVISEMPTY( ndn ) ) {
break;
}
/* ndn shorter than dn_pat */
/* ndn shorter than lm_pat */
if ( ndn->bv_len < lm[0]->lm_pat.bv_len ) {
break;
}
d = ndn->bv_len - lm[0]->lm_pat.bv_len;
/* allow exact match for SUBTREE only */
if ( d == 0 ) {
/* allow exact match for SUBTREE only */
if ( style != SLAP_LIMITS_SUBTREE ) {
break;
}
@ -162,62 +143,39 @@ limits_get(
}
}
/* in case of (sub)match ... */
if ( lm[0]->lm_pat.bv_len == ( ndn->bv_len - d )
&& strcmp( lm[0]->lm_pat.bv_val,
&ndn->bv_val[d] ) == 0 )
{
/* check for exactly one rdn in case of ONE */
if ( style == SLAP_LIMITS_ONE ) {
/*
* if ndn is more that one rdn
* below dn_pat, continue
*/
if ( (size_t) dn_rdnlen( NULL, ndn )
!= d - 1 )
{
break;
}
}
*limit = &lm[0]->lm_limits;
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s dn=\"%s\"\n",
dn_source[isthis], limits2str( style ), lm[0]->lm_pat.bv_val );
return( 0 );
/* check that ndn ends with lm_pat */
if ( strcmp( lm[0]->lm_pat.bv_val, &ndn->bv_val[d] ) != 0 ) {
break;
}
break;
/* in case of ONE, require exactly one rdn below lm_pat */
if ( style == SLAP_LIMITS_ONE ) {
if ( dn_rdnlen( NULL, ndn ) != d - 1 ) {
break;
}
}
goto found_dn;
}
case SLAP_LIMITS_REGEX:
if ( BER_BVISEMPTY( ndn ) ) {
break;
}
if ( regexec( &lm[0]->lm_regex, ndn->bv_val,
0, NULL, 0 ) == 0 )
{
*limit = &lm[0]->lm_limits;
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s dn=\"%s\"\n",
dn_source[isthis], limits2str( style ), lm[0]->lm_pat.bv_val );
return( 0 );
if ( regexec( &lm[0]->lm_regex, ndn->bv_val, 0, NULL, 0 ) == 0 ) {
goto found_dn;
}
break;
case SLAP_LIMITS_ANONYMOUS:
if ( BER_BVISEMPTY( ndn ) ) {
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n",
dn_source[isthis], limits2str( style ), 0 );
*limit = &lm[0]->lm_limits;
return( 0 );
goto found;
}
break;
case SLAP_LIMITS_USERS:
if ( !BER_BVISEMPTY( ndn ) ) {
*limit = &lm[0]->lm_limits;
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n",
dn_source[isthis], limits2str( style ), 0 );
return( 0 );
goto found;
}
break;
@ -225,6 +183,28 @@ limits_get(
*limit = &lm[0]->lm_limits;
return( 0 );
found:
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n",
dn_source[isthis], limits2str( style ), 0 );
*limit = &lm[0]->lm_limits;
return( 0 );
found_dn:
Debug( LDAP_DEBUG_TRACE,
"<== limits_get: type=%s match=%s dn=\"%s\"\n",
dn_source[isthis], limits2str( style ), lm[0]->lm_pat.bv_val );
*limit = &lm[0]->lm_limits;
return( 0 );
found_group:
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=GROUP match=EXACT "
"dn=\"%s\" oc=\"%s\" ad=\"%s\"\n",
lm[0]->lm_pat.bv_val,
lm[0]->lm_group_oc->soc_cname.bv_val,
lm[0]->lm_group_ad->ad_cname.bv_val );
*limit = &lm[0]->lm_limits;
return( 0 );
default:
assert( 0 ); /* unreachable */
return( -1 );
@ -336,6 +316,8 @@ limits_add(
return( 0 );
}
#define STRSTART( s, m ) (strncasecmp( s, m, STRLENOF( "" m "" )) == 0)
int
limits_parse(
Backend *be,
@ -407,15 +389,15 @@ limits_parse(
} else if ( strcasecmp( pattern, "users" ) == 0 ) {
flags = SLAP_LIMITS_USERS;
} else if ( strncasecmp( pattern, "dn", STRLENOF( "dn" ) ) == 0 ) {
} else if ( STRSTART( pattern, "dn" ) ) {
pattern += STRLENOF( "dn" );
flags = SLAP_LIMITS_TYPE_SELF;
if ( pattern[0] == '.' ) {
pattern++;
if ( strncasecmp( pattern, "this", STRLENOF( "this" )) == 0 ) {
if ( STRSTART( pattern, "this" ) ) {
flags = SLAP_LIMITS_TYPE_THIS;
pattern += STRLENOF( "this" );
} else if ( strncasecmp( pattern, "self", STRLENOF( "self" )) == 0 ) {
} else if ( STRSTART( pattern, "self" ) ) {
pattern += STRLENOF( "self" );
} else {
goto got_dn_dot;
@ -424,18 +406,18 @@ limits_parse(
if ( pattern[0] == '.' ) {
pattern++;
got_dn_dot:
if ( strncasecmp( pattern, "exact", STRLENOF( "exact" )) == 0 ) {
if ( STRSTART( pattern, "exact" ) ) {
flags |= SLAP_LIMITS_EXACT;
pattern += STRLENOF( "exact" );
} else if ( strncasecmp( pattern, "base", STRLENOF( "base" ) ) == 0 ) {
} else if ( STRSTART( pattern, "base" ) ) {
flags |= SLAP_LIMITS_BASE;
pattern += STRLENOF( "base" );
} else if ( strncasecmp( pattern, "one", STRLENOF( "one" ) ) == 0 ) {
} else if ( STRSTART( pattern, "one" ) ) {
flags |= SLAP_LIMITS_ONE;
pattern += STRLENOF( "one" );
if ( strncasecmp( pattern, "level", STRLENOF( "level" ) ) == 0 ) {
if ( STRSTART( pattern, "level" ) ) {
pattern += STRLENOF( "level" );
} else {
@ -445,10 +427,10 @@ limits_parse(
"use \"onelevel\" instead.\n", fname, lineno, 0 );
}
} else if ( strncasecmp( pattern, "sub", STRLENOF( "sub" ) ) == 0 ) {
} else if ( STRSTART( pattern, "sub" ) ) {
flags |= SLAP_LIMITS_SUBTREE;
pattern += STRLENOF( "sub" );
if ( strncasecmp( pattern, "tree", STRLENOF( "tree" ) ) == 0 ) {
if ( STRSTART( pattern, "tree" ) ) {
pattern += STRLENOF( "tree" );
} else {
@ -458,11 +440,11 @@ limits_parse(
"use \"subtree\" instead.\n", fname, lineno, 0 );
}
} else if ( strncasecmp( pattern, "children", STRLENOF( "children" ) ) == 0 ) {
} else if ( STRSTART( pattern, "children" ) ) {
flags |= SLAP_LIMITS_CHILDREN;
pattern += STRLENOF( "children" );
} else if ( strncasecmp( pattern, "regex", STRLENOF( "regex" ) ) == 0 ) {
} else if ( STRSTART( pattern, "regex" ) ) {
flags |= SLAP_LIMITS_REGEX;
pattern += STRLENOF( "regex" );
@ -470,7 +452,7 @@ limits_parse(
* this could be deprecated in favour
* of the pattern = "anonymous" form
*/
} else if ( strncasecmp( pattern, "anonymous", STRLENOF( "anonymous" ) ) == 0
} else if ( STRSTART( pattern, "anonymous" )
&& flags == SLAP_LIMITS_TYPE_SELF )
{
flags = SLAP_LIMITS_ANONYMOUS;
@ -515,7 +497,7 @@ limits_parse(
}
}
} else if (strncasecmp( pattern, "group", STRLENOF( "group" ) ) == 0 ) {
} else if (STRSTART( pattern, "group" ) ) {
pattern += STRLENOF( "group" );
if ( pattern[0] == '/' ) {
@ -665,14 +647,16 @@ limits_parse_one(
assert( arg != NULL );
assert( limit != NULL );
if ( strncasecmp( arg, "time", STRLENOF( "time" ) ) == 0 ) {
if ( STRSTART( arg, "time" ) ) {
arg += STRLENOF( "time" );
if ( arg[0] == '.' ) {
arg++;
if ( strncasecmp( arg, "soft=", STRLENOF( "soft=" ) ) == 0 ) {
if ( STRSTART( arg, "soft=" ) ) {
arg += STRLENOF( "soft=" );
if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_t_soft = -1;
} else {
@ -689,12 +673,14 @@ limits_parse_one(
limit->lms_t_soft = soft;
}
} else if ( strncasecmp( arg, "hard=", STRLENOF( "hard=" ) ) == 0 ) {
} else if ( STRSTART( arg, "hard=" ) ) {
arg += STRLENOF( "hard=" );
if ( strcasecmp( arg, "soft" ) == 0 ) {
limit->lms_t_hard = 0;
} else if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
} else if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_t_hard = -1;
} else {
@ -721,7 +707,9 @@ limits_parse_one(
} else if ( arg[0] == '=' ) {
arg++;
if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_t_soft = -1;
} else {
@ -737,14 +725,16 @@ limits_parse_one(
return( 1 );
}
} else if ( strncasecmp( arg, "size", STRLENOF( "size" ) ) == 0 ) {
} else if ( STRSTART( arg, "size" ) ) {
arg += STRLENOF( "size" );
if ( arg[0] == '.' ) {
arg++;
if ( strncasecmp( arg, "soft=", STRLENOF( "soft=" ) ) == 0 ) {
if ( STRSTART( arg, "soft=" ) ) {
arg += STRLENOF( "soft=" );
if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_s_soft = -1;
} else {
@ -761,12 +751,14 @@ limits_parse_one(
limit->lms_s_soft = soft;
}
} else if ( strncasecmp( arg, "hard=", STRLENOF( "hard=" ) ) == 0 ) {
} else if ( STRSTART( arg, "hard=" ) ) {
arg += STRLENOF( "hard=" );
if ( strcasecmp( arg, "soft" ) == 0 ) {
limit->lms_s_hard = 0;
} else if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
} else if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_s_hard = -1;
} else {
@ -787,9 +779,11 @@ limits_parse_one(
limit->lms_s_hard = hard;
}
} else if ( strncasecmp( arg, "unchecked=", STRLENOF( "unchecked=" ) ) == 0 ) {
} else if ( STRSTART( arg, "unchecked=" ) ) {
arg += STRLENOF( "unchecked=" );
if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_s_unchecked = -1;
} else if ( strcasecmp( arg, "disabled" ) == 0 ) {
@ -809,12 +803,14 @@ limits_parse_one(
limit->lms_s_unchecked = unchecked;
}
} else if ( strncasecmp( arg, "pr=", STRLENOF( "pr=" ) ) == 0 ) {
} else if ( STRSTART( arg, "pr=" ) ) {
arg += STRLENOF( "pr=" );
if ( strcasecmp( arg, "noEstimate" ) == 0 ) {
limit->lms_s_pr_hide = 1;
} else if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
} else if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_s_pr = -1;
} else {
@ -831,10 +827,12 @@ limits_parse_one(
limit->lms_s_pr = pr;
}
} else if ( strncasecmp( arg, "prtotal=", STRLENOF( "prtotal=" ) ) == 0 ) {
} else if ( STRSTART( arg, "prtotal=" ) ) {
arg += STRLENOF( "prtotal=" );
if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_s_pr_total = -1;
} else if ( strcasecmp( arg, "disabled" ) == 0 ) {
@ -867,7 +865,9 @@ limits_parse_one(
} else if ( arg[0] == '=' ) {
arg++;
if ( strcasecmp( arg, "unlimited" ) == 0 || strcasecmp( arg, "none" ) == 0 ) {
if ( strcasecmp( arg, "unlimited" ) == 0
|| strcasecmp( arg, "none" ) == 0 )
{
limit->lms_s_soft = -1;
} else {
@ -887,18 +887,6 @@ limits_parse_one(
return 0;
}
static const char *lmpats[] = {
"base",
"base",
"onelevel",
"subtree",
"children",
"regex",
"anonymous",
"users",
"*"
};
#define WHATSLEFT ( buflen - ( ptr - bv->bv_val ) )
/* Caller must provide an adequately sized buffer in bv */
@ -933,8 +921,8 @@ limits_unparse( struct slap_limits *lim, struct berval *bv, ber_len_t buflen )
case SLAP_LIMITS_ANONYMOUS:
case SLAP_LIMITS_USERS:
case SLAP_LIMITS_ANY:
if ( WHATSLEFT <= strlen( lmpats[lm] ) ) return -1;
ptr = lutil_strcopy( ptr, lmpats[lm] );
if ( WHATSLEFT <= lmpats[lm].bv_len ) return -1;
ptr = lutil_strcopy( ptr, lmpats[lm].bv_val );
break;
case SLAP_LIMITS_UNDEFINED:
case SLAP_LIMITS_EXACT:
@ -945,9 +933,9 @@ limits_unparse( struct slap_limits *lim, struct berval *bv, ber_len_t buflen )
dntypelen = type == SLAP_LIMITS_TYPE_SELF
? STRLENOF( "dn." ) : STRLENOF( "dn.this." );
if ( WHATSLEFT <= dntypelen + STRLENOF( "=" "\"" "\"" )
+ strlen( lmpats[lm] ) + lim->lm_pat.bv_len ) return -1;
+ lmpats[lm].bv_len + lim->lm_pat.bv_len ) return -1;
ptr = lutil_strncopy( ptr, "dn.this.", dntypelen );
ptr = lutil_strcopy( ptr, lmpats[lm] );
ptr = lutil_strcopy( ptr, lmpats[lm].bv_val );
*ptr++ = '=';
*ptr++ = '"';
ptr = lutil_strcopy( ptr, lim->lm_pat.bv_val );
@ -970,7 +958,11 @@ limits_unparse( struct slap_limits *lim, struct berval *bv, ber_len_t buflen )
/* Caller must provide an adequately sized buffer in bv */
int
limits_unparse_one( struct slap_limits_set *lim, int which, struct berval *bv, ber_len_t buflen )
limits_unparse_one(
struct slap_limits_set *lim,
int which,
struct berval *bv,
ber_len_t buflen )
{
char *ptr;
@ -1225,7 +1217,9 @@ limits_check( Operation *op, SlapReply *rs )
return -1;
}
if ( op->ors_limit->lms_s_pr > 0 && ps->ps_size > op->ors_limit->lms_s_pr ) {
if ( op->ors_limit->lms_s_pr > 0
&& ps->ps_size > op->ors_limit->lms_s_pr )
{
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
rs->sr_text = "illegal pagedResults page size";
send_ldap_result( op, rs );
@ -1254,7 +1248,8 @@ limits_check( Operation *op, SlapReply *rs )
#ifdef ABOVE_HARD_LIMIT_IS_ERROR
} else if ( pr_total > 0 && op->ors_slimit != SLAP_MAX_LIMIT
&& ( op->ors_slimit == SLAP_NO_LIMIT || op->ors_slimit > pr_total ) )
&& ( op->ors_slimit == SLAP_NO_LIMIT
|| op->ors_slimit > pr_total ) )
{
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
send_ldap_result( op, rs );
@ -1267,16 +1262,19 @@ limits_check( Operation *op, SlapReply *rs )
int total;
int slimit2;
/* first round of pagedResults: set count to any appropriate limit */
/* first round of pagedResults:
* set count to any appropriate limit */
/* if the limit is set, check that it does not violate any server-side limit */
/* if the limit is set, check that it does
* not violate any server-side limit */
#ifdef ABOVE_HARD_LIMIT_IS_ERROR
if ( op->ors_slimit == SLAP_MAX_LIMIT ) {
slimit2 = op->ors_slimit = pr_total;
if ( op->ors_slimit == SLAP_MAX_LIMIT )
#else /* ! ABOVE_HARD_LIMIT_IS_ERROR */
if ( op->ors_slimit == SLAP_MAX_LIMIT || op->ors_slimit > pr_total ) {
slimit2 = op->ors_slimit = pr_total;
if ( op->ors_slimit == SLAP_MAX_LIMIT
|| op->ors_slimit > pr_total )
#endif /* ! ABOVE_HARD_LIMIT_IS_ERROR */
{
slimit2 = op->ors_slimit = pr_total;
} else if ( op->ors_slimit == 0 ) {
slimit2 = pr_total;
@ -1295,7 +1293,7 @@ limits_check( Operation *op, SlapReply *rs )
} else {
/* use the perpage limit if any
* NOTE: + 1 because the given value must be legal */
* NOTE: + 1 because given value must be legal */
slimit = op->ors_limit->lms_s_pr + 1;
}