mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-03-31 14:50:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

VLV updates

Browse Source
This commit is contained in:
Kurt Zeilenga 2002-06-03 16:45:09 +00:00
parent 131470685f
commit 5c5b5455fb
3 changed files with 108 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
servers/slapd/matchedValues.c
View File

@ -23,7 +23,7 @@ static int test_mra_vrFilter(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Attribute *a,
MatchingRuleAssertion *mra,
char ***e_flags
);
@ -33,7 +33,7 @@ test_substrings_vrFilter(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Attribute *a,
ValuesReturnFilter *f,
char ***e_flags
);
@ -43,7 +43,7 @@ test_presence_vrFilter(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Attribute *a,
AttributeDescription *desc,
char ***e_flags
);
@ -53,7 +53,7 @@ test_ava_vrFilter(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Attribute *a,
AttributeAssertion *ava,
int type,
char ***e_flags
@ -65,7 +65,7 @@ filter_matched_values(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Attribute *a,
char ***e_flags
)
{
@ -108,7 +108,7 @@ filter_matched_values(
#else
Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 );
#endif
rc = test_ava_vrFilter( be, conn, op, e, f->f_ava,
rc = test_ava_vrFilter( be, conn, op, a, f->f_ava,
LDAP_FILTER_EQUALITY, e_flags );
if( rc == -1 ) {
return rc;
@ -123,7 +123,7 @@ filter_matched_values(
Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 );
#endif
rc = test_substrings_vrFilter( be, conn, op, e,
rc = test_substrings_vrFilter( be, conn, op, a,
f, e_flags );
if( rc == -1 ) {
return rc;
@ -137,7 +137,7 @@ filter_matched_values(
#else
Debug( LDAP_DEBUG_FILTER, " PRESENT\n", 0, 0, 0 );
#endif
rc = test_presence_vrFilter( be, conn, op, e,
rc = test_presence_vrFilter( be, conn, op, a,
f->f_desc, e_flags );
if( rc == -1 ) {
return rc;
@ -145,7 +145,7 @@ filter_matched_values(
break;
case LDAP_FILTER_GE:
rc = test_ava_vrFilter( be, conn, op, e, f->f_ava,
rc = test_ava_vrFilter( be, conn, op, a, f->f_ava,
LDAP_FILTER_GE, e_flags );
if( rc == -1 ) {
return rc;
@ -153,7 +153,7 @@ filter_matched_values(
break;
case LDAP_FILTER_LE:
rc = test_ava_vrFilter( be, conn, op, e, f->f_ava,
rc = test_ava_vrFilter( be, conn, op, a, f->f_ava,
LDAP_FILTER_LE, e_flags );
if( rc == -1 ) {
return rc;
@ -167,7 +167,7 @@ filter_matched_values(
#else
Debug( LDAP_DEBUG_FILTER, " EXT\n", 0, 0, 0 );
#endif
rc = test_mra_vrFilter( be, conn, op, e,
rc = test_mra_vrFilter( be, conn, op, a,
f->f_mra, e_flags );
if( rc == -1 ) {
return rc;
@ -198,25 +198,18 @@ filter_matched_values(
static int
test_ava_vrFilter(
Backend *be,
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Operation *op,
Attribute *a,
AttributeAssertion *ava,
int type,
char ***e_flags
int type,
char ***e_flags
)
{
int i, j;
Attribute *a;
if ( !access_allowed( be, conn, op, e,
ava->aa_desc, &ava->aa_value, ACL_SEARCH, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
}
for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
for ( i=0; a != NULL; a = a->a_next, i++ ) {
MatchingRule *mr;
struct berval *bv;
@ -287,22 +280,17 @@ test_ava_vrFilter(
static int
test_presence_vrFilter(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
AttributeDescription *desc,
char ***e_flags
Backend *be,
Connection *conn,
Operation *op,
Attribute *a,
AttributeDescription *desc,
char ***e_flags
)
{
int i, j;
Attribute *a;
if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_SEARCH, NULL ) ) {
return LDAP_INSUFFICIENT_ACCESS;
}
for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
for ( i=0; a != NULL; a = a->a_next, i++ ) {
struct berval *bv;
if ( !is_ad_subtype( a->a_desc, desc ) ) {
@ -318,24 +306,17 @@ test_presence_vrFilter(
static int
test_substrings_vrFilter(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
ValuesReturnFilter *f,
char ***e_flags
Backend *be,
Connection *conn,
Operation *op,
Attribute *a,
ValuesReturnFilter *f,
char ***e_flags
)
{
int i, j;
Attribute *a;
if ( !access_allowed( be, conn, op, e,
f->f_sub_desc, NULL, ACL_SEARCH, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
}
for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
for ( i=0; a != NULL; a = a->a_next, i++ ) {
MatchingRule *mr = a->a_desc->ad_type->sat_substr;
struct berval *bv;
@ -373,21 +354,14 @@ static int test_mra_vrFilter(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Attribute *a,
MatchingRuleAssertion *mra,
char ***e_flags
)
{
int i, j;
Attribute *a;
if( !access_allowed( be, conn, op, e,
mra->ma_desc, &mra->ma_value, ACL_SEARCH, NULL ) )
{
return LDAP_INSUFFICIENT_ACCESS;
}
for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
for ( i=0; a != NULL; a = a->a_next, i++ ) {
struct berval *bv;
if ( !is_ad_subtype( a->a_desc, mra->ma_desc ) ) {

2
servers/slapd/proto-slap.h
View File

@ -526,7 +526,7 @@ LDAP_SLAPD_F (int) filter_matched_values(
Backend *be,
Connection *conn,
Operation *op,
Entry *e,
Attribute *a,
char ***e_flags );
/*

78
servers/slapd/result.c
View File

@ -744,9 +744,9 @@ send_search_entry(
e_flags[i] = a_flags;
}
if ( op->vrFilter != NULL ){
if ( op->vrFilter != NULL ){
rc = filter_matched_values(be, conn, op, e, &e_flags) ;
rc = filter_matched_values(be, conn, op, e->e_attrs, &e_flags) ;
if ( rc == -1 ) {
#ifdef NEW_LOGGING
@ -917,8 +917,51 @@ send_search_entry(
/* eventually will loop through generated operational attributes */
/* only have subschemaSubentry implemented */
aa = backend_operational( be, conn, op, e, attrs, opattrs );
for ( a = aa, i=0; a != NULL; a = a->a_next ) i++;
e_flags = ch_malloc ( i * sizeof(a_flags) );
for (a = aa ; a != NULL; a = a->a_next ) {
for ( a = aa, i=0; a != NULL; a = a->a_next, i++ ) {
for ( j = 0; a->a_vals[j].bv_val != NULL; j++ );
a_flags = ch_calloc ( j, sizeof(char) );
/* If no ValuesReturnFilter control return everything */
if ( op->vrFilter == NULL ){
memset(a_flags, 1, j);
}
e_flags[i] = a_flags;
}
if ( op->vrFilter != NULL ){
rc = filter_matched_values(be, conn, op, aa, &e_flags) ;
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
"send_search_entry: conn %lu "
"matched values filtering failed\n",
conn ? conn->c_connid : 0 ));
#else
Debug( LDAP_DEBUG_ANY,
"matched values filtering failed\n", 0, 0, 0 );
#endif
ber_free( ber, 1 );
/* free e_flags */
for ( a = aa, i=0; a != NULL; a = a->a_next, i++ ) {
free( e_flags[i] );
}
free( e_flags );
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "matched values filtering error",
NULL, NULL );
goto error_return;
}
}
for (a = aa, j=0; a != NULL; a = a->a_next, j++ ) {
AttributeDescription *desc = a->a_desc;
if ( attrs == NULL ) {
@ -974,6 +1017,12 @@ send_search_entry(
ber_free_buf( ber );
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encoding description error", NULL, NULL );
/* free e_flags */
for ( a = aa, i=0; a != NULL; a = a->a_next, i++ ) {
free( e_flags[i] );
}
free( e_flags );
attrs_free( aa );
goto error_return;
}
@ -1000,6 +1049,10 @@ send_search_entry(
continue;
}
if ( e_flags[j][i] == 0 ){
continue;
}
if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
@ -1016,6 +1069,12 @@ send_search_entry(
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encoding values error",
NULL, NULL );
/* free e_flags */
for ( a = aa, i=0; a != NULL; a = a->a_next, i++ ) {
free( e_flags[i] );
}
free( e_flags );
attrs_free( aa );
goto error_return;
}
@ -1035,13 +1094,24 @@ send_search_entry(
ber_free_buf( ber );
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode end error", NULL, NULL );
/* free e_flags */
for ( a = aa, i=0; a != NULL; a = a->a_next, i++ ) {
free( e_flags[i] );
}
free( e_flags );
attrs_free( aa );
goto error_return;
}
}
attrs_free( aa );
/* free e_flags */
for ( a = aa, i=0; a != NULL; a = a->a_next, i++ ) {
free( e_flags[i] );
}
free( e_flags );
attrs_free( aa );
rc = ber_printf( ber, /*{{{*/ "}N}N}" );
#ifdef LDAP_CONNECTIONLESS