mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-30 13:30:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup ENABLE_REWRITE ifdefs, put into a new ldap_back_dn_massage().

Browse Source 
All DN attrs are massaged, whether or not ENABLE_REWRITE is defined.
Use "dnAttr" rewriteContext for Add, Compare, & Modify.
Fixed ldap_back_compare.
This commit is contained in:
Howard Chu 2003-04-07 10:15:18 +00:00
parent 45d77aea2e
commit 68c5f6fa98
11 changed files with 330 additions and 605 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
servers/slapd/back-ldap/add.c
View File

@ -58,6 +58,7 @@ ldap_back_add(
struct berval mapped;
struct berval mdn = { 0, NULL };
ber_int_t msgid;
dncookie dc;
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, ENTRY, "ldap_back_add: %s\n", op->o_req_dn.bv_val, 0, 0 );
@ -73,37 +74,19 @@ ldap_back_add(
/*
* Rewrite the add dn, if needed
*/
dc.li = li;
#ifdef ENABLE_REWRITE
switch (rewrite_session( li->rwinfo, "addDn", op->o_req_dn.bv_val, op->o_conn,
&mdn.bv_val )) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val != NULL && mdn.bv_val[ 0 ] != '\0' ) {
mdn.bv_len = strlen( mdn.bv_val );
} else {
mdn = op->o_req_dn;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] addDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> addDn: \"%s\" -> \"%s\"\n%s",
op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "addDn";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
/* Count number of attributes in entry */
for (i = 1, a = op->oq_add.rs_e->e_attrs; a; i++, a = a->a_next)
@ -113,25 +96,6 @@ ldap_back_add(
attrs = (LDAPMod **)ch_malloc(sizeof(LDAPMod *)*i);
for (i=0, a=op->oq_add.rs_e->e_attrs; a; a=a->a_next) {
/*
* lastmod should always be <off>, so that
* creation/modification operational attrs
* of the target directory are used, if available
*/
#if 0
if ( !strcasecmp( a->a_desc->ad_cname.bv_val,
slap_schema.si_ad_creatorsName->ad_cname.bv_val )
|| !strcasecmp( a->a_desc->ad_cname.bv_val,
slap_schema.si_ad_createTimestamp->ad_cname.bv_val )
|| !strcasecmp( a->a_desc->ad_cname.bv_val,
slap_schema.si_ad_modifiersName->ad_cname.bv_val )
|| !strcasecmp( a->a_desc->ad_cname.bv_val,
slap_schema.si_ad_modifyTimestamp->ad_cname.bv_val )
) {
continue;
}
#endif
if ( a->a_desc->ad_type->sat_no_user_mod ) {
continue;
}
@ -150,20 +114,14 @@ ldap_back_add(
attrs[i]->mod_op = LDAP_MOD_BVALUES;
attrs[i]->mod_type = mapped.bv_val;
#ifdef ENABLE_REWRITE
/*
* FIXME: dn-valued attrs should be rewritten
* to allow their use in ACLs at back-ldap level.
*/
if ( strcmp( a->a_desc->ad_type->sat_syntax->ssyn_oid,
SLAPD_DN_SYNTAX ) == 0 ) {
if ( a->a_desc->ad_type->sat_syntax ==
slap_schema.si_syn_distinguishedName ) {
/*
* FIXME: rewrite could fail; in this case
* the operation should give up, right?
*/
(void)ldap_dnattr_rewrite( li->rwinfo, a->a_vals, op->o_conn );
(void)ldap_dnattr_rewrite( &dc, a->a_vals );
}
#endif /* ENABLE_REWRITE */
for (j=0; a->a_vals[j].bv_val; j++);
attrs[i]->mod_vals.modv_bvals = ch_malloc((j+1)*sizeof(struct berval *));
@ -188,59 +146,26 @@ ldap_back_add(
return ldap_back_op_result( lc, op, rs, msgid, 1 ) != LDAP_SUCCESS;
}
#ifdef ENABLE_REWRITE
int
ldap_dnattr_rewrite(
struct rewrite_info *rwinfo,
BerVarray a_vals,
void *cookie
dncookie *dc,
BerVarray a_vals
)
{
char *mattr;
for ( ; a_vals->bv_val != NULL; a_vals++ ) {
switch ( rewrite_session( rwinfo, "bindDn", a_vals->bv_val,
cookie, &mattr )) {
case REWRITE_REGEXEC_OK:
if ( mattr == NULL ) {
/* no substitution */
continue;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] bindDn (in add of dn-valued"
" attr): \"%s\" -> \"%s\"\n", a_vals->bv_val, mattr, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"rw> bindDn (in add of dn-valued attr):"
" \"%s\" -> \"%s\"\n%s",
a_vals->bv_val, mattr, "" );
#endif /* !NEW_LOGGING */
struct berval bv;
/*
* FIXME: replacing server-allocated memory
* (ch_malloc) with librewrite allocated memory
* (malloc)
*/
#ifdef ENABLE_REWRITE
dc->ctx="dnAttr";
#endif
for ( ; a_vals->bv_val != NULL; a_vals++ ) {
ldap_back_dn_massage( dc, a_vals, &bv );
/* leave attr untouched if massage failed */
if ( bv.bv_val && bv.bv_val != a_vals->bv_val ) {
ch_free( a_vals->bv_val );
a_vals->bv_val = mattr;
a_vals->bv_len = strlen( mattr );
break;
case REWRITE_REGEXEC_UNWILLING:
case REWRITE_REGEXEC_ERR:
/*
* FIXME: better give up,
* skip the attribute
* or leave it untouched?
*/
break;
*a_vals = bv;
}
}
return 0;
}
#endif /* ENABLE_REWRITE */

19
servers/slapd/back-ldap/back-ldap.h
View File

@ -98,8 +98,21 @@ int ldap_back_op_result(struct ldapconn *lc, Operation *op, SlapReply *rs,
ber_int_t msgid, int sendok);
int back_ldap_LTX_init_module(int argc, char *argv[]);
void ldap_back_dn_massage(struct ldapinfo *li, struct berval *dn,
struct berval *res, int normalized, int tofrom);
/* Whatever context ldap_back_dn_massage needs... */
typedef struct dncookie {
struct ldapinfo *li;
#ifdef ENABLE_REWRITE
Connection *conn;
char *ctx;
SlapReply *rs;
#else
int normalized;
int tofrom;
#endif
} dncookie;
int ldap_back_dn_massage(dncookie *dc, struct berval *dn,
struct berval *res);
extern int ldap_back_conn_cmp( const void *c1, const void *c2);
extern int ldap_back_conn_dup( void *c1, void *c2 );
@ -157,8 +170,8 @@ ldap_back_filter_map_rewrite_(
extern int suffix_massage_config( struct rewrite_info *info,
struct berval *pvnc, struct berval *nvnc,
struct berval *prnc, struct berval *nrnc);
extern int ldap_dnattr_rewrite( struct rewrite_info *rwinfo, BerVarray a_vals, void *cookie );
#endif /* ENABLE_REWRITE */
extern int ldap_dnattr_rewrite( dncookie *dc, BerVarray a_vals );
LDAP_END_DECL

154
servers/slapd/back-ldap/bind.c
View File

@ -62,6 +62,7 @@ ldap_back_bind(
struct berval mdn = { 0, NULL };
int rc = 0;
ber_int_t msgid;
dncookie dc;
lc = ldap_back_getconn(op, rs);
if ( !lc ) {
@ -71,40 +72,19 @@ ldap_back_bind(
/*
* Rewrite the bind dn if needed
*/
dc.li = li;
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "bindDn",
op->o_req_dn.bv_val,
op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn = op->o_req_dn;
} else {
mdn.bv_len = strlen( mdn.bv_val );
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] bindDn: \"%s\" -> \"%s\"\n",
op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> bindDn: \"%s\" -> \"%s\"\n",
op->o_req_dn.bv_val, mdn.bv_val, 0 );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "bindDn";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
if ( lc->bound_dn.bv_val ) {
ch_free( lc->bound_dn.bv_val );
@ -276,7 +256,7 @@ ldap_back_getconn(Operation *op, SlapReply *rs)
/* Looks like we didn't get a bind. Open a new session... */
if (!lc) {
int vers = op->o_conn->c_protocol;
int vers = op->o_protocol;
rs->sr_err = ldap_initialize(&ld, li->url);
if (rs->sr_err != LDAP_SUCCESS) {
@ -284,7 +264,7 @@ ldap_back_getconn(Operation *op, SlapReply *rs)
if (rs->sr_text == NULL) {
rs->sr_text = "ldap_initialize() failed";
}
send_ldap_result( op, rs );
if (op->o_conn) send_ldap_result( op, rs );
rs->sr_text = NULL;
return( NULL );
}
@ -320,67 +300,37 @@ ldap_back_getconn(Operation *op, SlapReply *rs)
} else {
lc->cred.bv_len = 0;
lc->cred.bv_val = NULL;
lc->bound_dn.bv_val = NULL;
lc->bound_dn.bv_len = 0;
if ( op->o_conn->c_dn.bv_len != 0
&& ( op->o_bd == op->o_conn->c_authz_backend ) ) {
dncookie dc;
struct berval bv;
/*
* Rewrite the bind dn if needed
*/
#ifdef ENABLE_REWRITE
lc->bound_dn.bv_val = NULL;
lc->bound_dn.bv_len = 0;
switch ( rewrite_session( li->rwinfo, "bindDn",
op->o_conn->c_dn.bv_val,
op->o_conn,
&lc->bound_dn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( lc->bound_dn.bv_val == NULL ) {
ber_dupbv( &lc->bound_dn,
&op->o_conn->c_dn );
} else {
lc->bound_dn.bv_len = strlen( lc->bound_dn.bv_val );
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] bindDn: \"%s\" ->"
" \"%s\"\n",
op->o_conn->c_dn.bv_val,
lc->bound_dn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"rw> bindDn: \"%s\" ->"
" \"%s\"\n",
op->o_conn->c_dn.bv_val,
lc->bound_dn.bv_val, 0 );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs,
LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( NULL );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs,
LDAP_OTHER,
"Rewrite error" );
return( NULL );
dc.li = li;
#ifdef ENABLE_REWRITE
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "bindDn";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &op->o_conn->c_dn, &bv ) ) {
if (op->o_conn) send_ldap_result( op, rs );
return NULL;
}
#else /* !ENABLE_REWRITE */
struct berval bv;
ldap_back_dn_massage( li, &op->o_conn->c_dn, &bv, 0, 1 );
if ( bv.bv_val == op->o_conn->c_dn.bv_val ) {
ber_dupbv( &lc->bound_dn, &bv );
} else {
lc->bound_dn = bv;
}
#endif /* !ENABLE_REWRITE */
} else {
lc->bound_dn.bv_val = NULL;
lc->bound_dn.bv_len = 0;
}
}
@ -408,8 +358,10 @@ ldap_back_getconn(Operation *op, SlapReply *rs)
/* Err could be -1 in case a duplicate ldapconn is inserted */
if ( rs->sr_err != 0 ) {
ldap_back_conn_free( lc );
send_ldap_error( op, rs, LDAP_OTHER,
"internal server error" );
if (op->o_conn) {
send_ldap_error( op, rs, LDAP_OTHER,
"internal server error" );
}
return( NULL );
}
} else {
@ -546,27 +498,23 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op, SlapReply *rs,
rs->sr_err = ldap_back_map_result(rs);
/* internal ops must not reply to client */
if ( op->o_conn && !op->o_do_not_cache ) {
#ifdef ENABLE_REWRITE
if (match) {
switch(rewrite_session(li->rwinfo, "matchedDn", match, op->o_conn,
(char **)&rs->sr_matched)) {
case REWRITE_REGEXEC_OK:
if (!rs->sr_matched) rs->sr_matched = match; break;
case REWRITE_REGEXEC_UNWILLING:
case REWRITE_REGEXEC_ERR:
break;
}
}
#else
if ( op->o_conn && !op->o_do_not_cache && match ) {
struct berval dn, mdn;
if (match) {
ber_str2bv(match, 0, 0, &dn);
ldap_back_dn_massage(li, &dn, &mdn, 0, 0);
rs->sr_matched = mdn.bv_val;
}
dncookie dc;
dc.li = li;
#ifdef ENABLE_REWRITE
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "matchedDn";
#else
dc.tofrom = 0;
dc.normalized = 0;
#endif
ber_str2bv(match, 0, 0, &dn);
ldap_back_dn_massage(&dc, &dn, &mdn);
rs->sr_matched = mdn.bv_val;
}
}
if (op->o_conn && (sendok || rs->sr_err != LDAP_SUCCESS)) {

65
servers/slapd/back-ldap/compare.c
View File

@ -52,9 +52,11 @@ ldap_back_compare(
{
struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
struct berval mapped_oc, mapped_at;
struct berval mapped_at, mapped_val;
struct berval mdn = { 0, NULL };
ber_int_t msgid;
int freeval = 0;
dncookie dc;
lc = ldap_back_getconn(op, rs);
if (!lc || !ldap_back_dobind( lc, op, rs ) ) {
@ -64,55 +66,46 @@ ldap_back_compare(
/*
* Rewrite the compare dn, if needed
*/
dc.li = li;
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "compareDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] compareDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> compareDn: \"%s\" -> \"%s\"\n%s",
op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "compareDn";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
if ( mdn.bv_val == NULL ) {
return -1;
}
#endif /* !ENABLE_REWRITE */
if ( op->oq_compare.rs_ava->aa_desc == slap_schema.si_ad_objectClass ) {
ldap_back_map(&li->oc_map, &op->oq_compare.rs_ava->aa_desc->ad_cname, &mapped_oc,
ldap_back_map(&li->oc_map, &op->orc_ava->aa_value, &mapped_val,
BACKLDAP_MAP);
if (mapped_oc.bv_val == NULL || mapped_oc.bv_val[0] == '\0') {
if (mapped_val.bv_val == NULL || mapped_val.bv_val[0] == '\0') {
return( -1 );
}
mapped_at = op->orc_ava->aa_desc->ad_cname;
} else {
ldap_back_map(&li->at_map, &op->oq_compare.rs_ava->aa_value, &mapped_at,
ldap_back_map(&li->at_map, &op->orc_ava->aa_desc->ad_cname, &mapped_at,
BACKLDAP_MAP);
if (mapped_at.bv_val == NULL || mapped_at.bv_val[0] == '\0') {
return( -1 );
}
if (op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) {
#ifdef ENABLE_REWRITE
dc.ctx = "dnAttr";
#endif
ldap_back_dn_massage( &dc, &op->orc_ava->aa_value, &mapped_val );
if (mapped_val.bv_val == NULL || mapped_val.bv_val[0] == '\0') {
mapped_val = op->orc_ava->aa_value;
}
}
}
rs->sr_err = ldap_compare_ext( lc->ld, mdn.bv_val, mapped_oc.bv_val,
&mapped_at, op->o_ctrls, NULL, &msgid );
rs->sr_err = ldap_compare_ext( lc->ld, mdn.bv_val, mapped_at.bv_val,
&mapped_val, op->o_ctrls, NULL, &msgid );
if ( mdn.bv_val != op->o_req_dn.bv_val ) {
free( mdn.bv_val );

38
servers/slapd/back-ldap/delete.c
View File

@ -53,6 +53,7 @@ ldap_back_delete(
struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
ber_int_t msgid;
dncookie dc;
struct berval mdn = { 0, NULL };
@ -65,34 +66,19 @@ ldap_back_delete(
/*
* Rewrite the request dn, if needed
*/
dc.li = li;
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "deleteDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] deleteDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> deleteDn: \"%s\" -> \"%s\"\n%s",
op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "deleteDn";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
rs->sr_err = ldap_delete_ext( lc->ld, mdn.bv_val, op->o_ctrls,
NULL, &msgid );

39
servers/slapd/back-ldap/extended.c
View File

@ -55,6 +55,7 @@ ldap_back_exop_passwd(
LDAPMessage *res;
ber_int_t msgid;
int rc;
dncookie dc;
lc = ldap_back_getconn(op, rs);
if (!lc || !ldap_back_dobind(lc, op, rs) ) {
@ -84,35 +85,19 @@ ldap_back_exop_passwd(
return LDAP_UNWILLING_TO_PERFORM;
}
if (id.bv_len) {
dc.li = li;
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "modifyPwd", dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn.bv_val = dn.bv_val;
}
mdn.bv_len = strlen(mdn.bv_val);
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] modifyPwd: \"%s\" -> \"%s\"\n", dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> modifyPwd: \"%s\" -> \"%s\"\n%s",
dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "modifyPwd";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &dn, &mdn ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
}
rc = ldap_passwd(lc->ld, id.bv_len ? &mdn : NULL, old.bv_len ? &old : NULL,

1
servers/slapd/back-ldap/init.c
View File

@ -130,6 +130,7 @@ ldap_back_db_init(
li->be = be;
be->be_private = li;
be->be_flags |= SLAP_BFLAG_NOLASTMOD;
return 0;
}

52
servers/slapd/back-ldap/modify.c
View File

@ -59,6 +59,7 @@ ldap_back_modify(
struct berval mapped;
struct berval mdn = { 0, NULL };
ber_int_t msgid;
dncookie dc;
lc = ldap_back_getconn(op, rs);
if ( !lc || !ldap_back_dobind( lc, op, rs ) ) {
@ -68,34 +69,19 @@ ldap_back_modify(
/*
* Rewrite the modify dn, if needed
*/
dc.li = li;
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "modifyDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] modifyDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> modifyDn: \"%s\" -> \"%s\"\n%s",
op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "modifyDn";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
for (i=0, ml=op->oq_modify.rs_modlist; ml; i++,ml=ml->sml_next)
;
@ -126,18 +112,10 @@ ldap_back_modify(
mods[i].mod_op = ml->sml_op | LDAP_MOD_BVALUES;
mods[i].mod_type = mapped.bv_val;
#ifdef ENABLE_REWRITE
/*
* FIXME: dn-valued attrs should be rewritten
* to allow their use in ACLs at the back-ldap
* level.
*/
if ( strcmp( ml->sml_desc->ad_type->sat_syntax->ssyn_oid,
SLAPD_DN_SYNTAX ) == 0 ) {
ldap_dnattr_rewrite( li->rwinfo,
ml->sml_bvalues, op->o_conn );
if ( ml->sml_desc->ad_type->sat_syntax ==
slap_schema.si_syn_distinguishedName ) {
ldap_dnattr_rewrite( &dc, ml->sml_bvalues );
}
#endif /* ENABLE_REWRITE */
if ( ml->sml_bvalues != NULL ) {
for (j = 0; ml->sml_bvalues[j].bv_val; j++);

86
servers/slapd/back-ldap/modrdn.c
View File

@ -53,6 +53,7 @@ ldap_back_modrdn(
struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
struct ldapconn *lc;
ber_int_t msgid;
dncookie dc;
struct berval mdn = { 0, NULL }, mnewSuperior = { 0, NULL };
@ -61,7 +62,15 @@ ldap_back_modrdn(
return( -1 );
}
if (op->oq_modrdn.rs_newSup) {
dc.li = li;
#ifdef ENABLE_REWRITE
dc.conn = op->o_conn;
dc.rs = rs;
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if (op->orr_newSup) {
int version = LDAP_VERSION3;
ldap_set_option( lc->ld, LDAP_OPT_PROTOCOL_VERSION, &version);
@ -69,76 +78,29 @@ ldap_back_modrdn(
* Rewrite the new superior, if defined and required
*/
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "newSuperiorDn",
op->oq_modrdn.rs_newSup->bv_val, op->o_conn, &mnewSuperior.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mnewSuperior.bv_val == NULL ) {
mnewSuperior.bv_val = ( char * )op->oq_modrdn.rs_newSup->bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] newSuperiorDn:" " \"%s\" -> \"%s\"\n",
op->oq_modrdn.rs_newSup->bv_val, mnewSuperior.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> newSuperiorDn:"
" \"%s\" -> \"%s\"\n%s",
op->oq_modrdn.rs_newSup->bv_val, mnewSuperior.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
dc.ctx = "newSuperiorDn";
#endif
if ( ldap_back_dn_massage( &dc, op->orr_newSup,
&mnewSuperior ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, op->oq_modrdn.rs_newSup, &mnewSuperior, 0, 1 );
if ( mnewSuperior.bv_val == NULL ) {
return( -1 );
}
#endif /* !ENABLE_REWRITE */
}
#ifdef ENABLE_REWRITE
/*
* Rewrite the modrdn dn, if required
*/
switch ( rewrite_session( li->rwinfo, "modrDn", op->o_req_dn.bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn.bv_val = ( char * )op->o_req_dn.bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] modrDn: \"%s\" -> \"%s\"\n", op->o_req_dn.bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> modrDn: \"%s\" -> \"%s\"\n%s",
op->o_req_dn.bv_val, mdn.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"Operation not allowed" );
return( -1 );
case REWRITE_REGEXEC_ERR:
send_ldap_error( op, rs, LDAP_OTHER,
"Rewrite error" );
return( -1 );
#ifdef ENABLE_REWRITE
dc.ctx = "modrDn";
#endif
if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &op->o_req_dn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
rs->sr_err = ldap_rename( lc->ld, mdn.bv_val,
op->oq_modrdn.rs_newrdn.bv_val, mnewSuperior.bv_val,
op->oq_modrdn.rs_deleteoldrdn, op->o_ctrls,
op->orr_newrdn.bv_val, mnewSuperior.bv_val,
op->orr_deleteoldrdn, op->o_ctrls,
NULL, &msgid );
if ( mdn.bv_val != op->o_req_dn.bv_val ) {

211
servers/slapd/back-ldap/search.c
View File

@ -74,6 +74,7 @@ ldap_back_search(
struct berval mfilter = { 0, NULL };
struct slap_limits_set *limit = NULL;
int isroot = 0;
dncookie dc;
lc = ldap_back_getconn(op, rs);
if ( !lc ) {
@ -146,42 +147,20 @@ ldap_back_search(
/*
* Rewrite the search base, if required
*/
dc.li = li;
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "searchBase",
op->o_req_dn.bv_val, op->o_conn, &mbase.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mbase.bv_val == NULL ) {
mbase = op->o_req_dn;
} else {
mbase.bv_len = strlen( mbase.bv_val );
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] searchBase: \"%s\" -> \"%s\"\n",
op->o_req_dn.bv_val, mbase.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> searchBase: \"%s\" -> \"%s\"\n%s",
op->o_req_dn.bv_val, mbase.bv_val, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
rs->sr_text = "Operation not allowed";
rc = -1;
goto finish;
case REWRITE_REGEXEC_ERR:
rs->sr_err = LDAP_OTHER;
rs->sr_text = "Rewrite error";
rc = -1;
goto finish;
dc.conn = op->o_conn;
dc.rs = rs;
dc.ctx = "searchBase";
#else
dc.tofrom = 1;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mbase ) ) {
send_ldap_result( op, rs );
return -1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, &op->o_req_dn, &mbase, 0, 1 );
#endif /* !ENABLE_REWRITE */
#ifdef ENABLE_REWRITE
rc = ldap_back_filter_map_rewrite_( li->rwinfo, op->o_conn,
&li->at_map, &li->oc_map, op->oq_search.rs_filter, &mfilter,
@ -335,44 +314,22 @@ fail:;
if (rc == -1)
goto fail;
#ifdef ENABLE_REWRITE
/*
* Rewrite the matched portion of the search base, if required
*/
if ( match != NULL ) {
switch ( rewrite_session( li->rwinfo, "matchedDn",
match, op->o_conn, (char **)&rs->sr_matched ) ) {
case REWRITE_REGEXEC_OK:
if ( rs->sr_matched == NULL ) {
rs->sr_matched = ( char * )match;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] matchedDn:" " \"%s\" -> \"%s\"\n", match, rs->sr_matched, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> matchedDn:"
" \"%s\" -> \"%s\"\n%s",
match, rs->sr_matched, "" );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
case REWRITE_REGEXEC_ERR:
/* FIXME: no error, but no matched ... */
rs->sr_matched = NULL;
break;
}
}
#else /* !ENABLE_REWRITE */
if ( match != NULL ) {
struct berval dn, mdn;
#ifdef ENABLE_REWRITE
dc.ctx = "matchedDn";
#else
dc.tofrom = 0;
dc.normalized = 0;
#endif
ber_str2bv(match, 0, 0, &dn);
ldap_back_dn_massage(li, &dn, &mdn, 0, 0);
ldap_back_dn_massage(&dc, &dn, &mdn);
rs->sr_matched = mdn.bv_val;
}
#endif /* !ENABLE_REWRITE */
if ( rs->sr_v2ref ) {
rs->sr_err = LDAP_REFERRAL;
}
@ -422,6 +379,7 @@ ldap_build_entry(
int last;
int private = flags & LDAP_BUILD_ENTRY_PRIVATE;
int normalize = flags & LDAP_BUILD_ENTRY_NORMALIZE;
dncookie dc;
/* safe assumptions ... */
assert( ent );
@ -430,37 +388,22 @@ ldap_build_entry(
if ( ber_scanf( &ber, "{m{", bdn ) == LBER_ERROR ) {
return LDAP_DECODING_ERROR;
}
#ifdef ENABLE_REWRITE
/*
* Rewrite the dn of the result, if needed
*/
switch ( rewrite_session( li->rwinfo, "searchResult",
bdn->bv_val, op->o_conn,
&ent->e_name.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( ent->e_name.bv_val == NULL ) {
ent->e_name = *bdn;
} else {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] searchResult: \"%s\"" " -> \"%s\"\n",
bdn->bv_val, ent->e_dn, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> searchResult: \"%s\""
" -> \"%s\"\n%s", bdn->bv_val, ent->e_dn, "" );
#endif /* !NEW_LOGGING */
ent->e_name.bv_len = strlen( ent->e_name.bv_val );
}
break;
case REWRITE_REGEXEC_ERR:
case REWRITE_REGEXEC_UNWILLING:
dc.li = li;
#ifdef ENABLE_REWRITE
dc.conn = op->o_conn;
dc.rs = NULL;
dc.ctx = "searchResult";
#else
dc.tofrom = 0;
dc.normalized = 0;
#endif
if ( ldap_back_dn_massage( &dc, bdn, &ent->e_name ) ) {
return LDAP_OTHER;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, bdn, &ent->e_name, 0, 0 );
#endif /* !ENABLE_REWRITE */
/*
* Note: this may fail if the target host(s) schema differs
@ -575,63 +518,16 @@ ldap_build_entry(
* ACLs to the target directory server, and letting
* everything pass thru the ldap backend.
*/
} else if ( strcmp( attr->a_desc->ad_type->sat_syntax->ssyn_oid,
SLAPD_DN_SYNTAX ) == 0 ) {
} else if ( attr->a_desc->ad_type->sat_syntax ==
slap_schema.si_syn_distinguishedName ) {
for ( bv = attr->a_vals; bv->bv_val; bv++ ) {
struct berval newval;
struct berval newval = {0,NULL};
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo,
"searchResult",
bv->bv_val,
op->o_conn,
&newval.bv_val )) {
case REWRITE_REGEXEC_OK:
/* left as is */
if ( newval.bv_val == NULL ) {
break;
}
newval.bv_len = strlen( newval.bv_val );
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] searchResult on attr=%s: \"%s\" -> \"%s\"\n",
attr->a_desc->ad_type->sat_cname.bv_val,
bv->bv_val, newval.bv_val );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"rw> searchResult on attr=%s: \"%s\" -> \"%s\"\n",
attr->a_desc->ad_type->sat_cname.bv_val,
bv->bv_val, newval.bv_val );
#endif /* !NEW_LOGGING */
free( bv->bv_val );
*bv = newval;
break;
case REWRITE_REGEXEC_UNWILLING:
LBER_FREE(bv->bv_val);
bv->bv_val = NULL;
if (--last < 0)
goto next_attr;
*bv = attr->a_vals[last];
attr->a_vals[last].bv_val = NULL;
bv--;
break;
case REWRITE_REGEXEC_ERR:
/*
* FIXME: better give up,
* skip the attribute
* or leave it untouched?
*/
break;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, bv, &newval, 0, 0 );
if ( bv->bv_val != newval.bv_val ) {
ldap_back_dn_massage( &dc, bv, &newval );
if ( newval.bv_val && bv->bv_val != newval.bv_val ) {
LBER_FREE( bv->bv_val );
*bv = newval;
}
*bv = newval;
#endif /* !ENABLE_REWRITE */
}
}
@ -688,6 +584,7 @@ ldap_back_entry_get(
char *filter = NULL;
Connection *oconn;
SlapReply rs;
dncookie dc;
/* Tell getconn this is a privileged op */
is_oc = op->o_do_not_cache;
@ -706,35 +603,19 @@ ldap_back_entry_get(
/*
* Rewrite the search base, if required
*/
dc.li = li;
#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo, "searchBase",
ndn->bv_val, op->o_conn, &mdn.bv_val ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn.bv_val == NULL ) {
mdn = *ndn;
} else {
mdn.bv_len = strlen( mdn.bv_val );
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] searchBase: \"%s\" -> \"%s\"\n",
ndn->bv_val, mdn.bv_val, 0 );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS, "rw> searchBase: \"%s\" -> \"%s\"\n",
ndn->bv_val, mdn.bv_val, 0 );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
case REWRITE_REGEXEC_ERR:
dc.conn = op->o_conn;
dc.rs = &rs;
dc.ctx = "searchBase";
#else
dc.tofrom = 1;
dc.normalized = 1;
#endif
if ( ldap_back_dn_massage( &dc, ndn, &mdn ) ) {
return 1;
}
#else /* !ENABLE_REWRITE */
ldap_back_dn_massage( li, ndn, &mdn, 0, 1 );
#endif /* !ENABLE_REWRITE */
ldap_back_map(&li->at_map, &at->ad_cname, &mapped, BACKLDAP_MAP);
if (mapped.bv_val == NULL || mapped.bv_val[0] == '\0') {
rc = 1;

141
servers/slapd/back-ldap/suffixmassage.c
View File

@ -30,8 +30,6 @@
#include "portable.h"
#ifndef ENABLE_REWRITE
#include <stdio.h>
#include <ac/socket.h>
@ -39,79 +37,134 @@
#include "slap.h"
#include "back-ldap.h"
#ifdef ENABLE_REWRITE
int
ldap_back_dn_massage(
dncookie *dc,
struct berval *dn,
struct berval *res
)
{
int rc = 0;
switch (rewrite_session( dc->li->rwinfo, dc->ctx, dn->bv_val, dc->conn,
&res->bv_val )) {
case REWRITE_REGEXEC_OK:
if ( res->bv_val != NULL && res->bv_val[ 0 ] != '\0' ) {
res->bv_len = strlen( res->bv_val );
} else {
*res = *dn;
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDAP, DETAIL1,
"[rw] %s: \"%s\" -> \"%s\"\n", dc->ctx, dn->bv_val, res->bv_val );
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"[rw] %s: \"%s\" -> \"%s\"\n", dc->ctx, dn->bv_val, res->bv_val );
#endif /* !NEW_LOGGING */
break;
case REWRITE_REGEXEC_UNWILLING:
if ( dc->rs ) {
dc->rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
dc->rs->sr_text = "Operation not allowed";
}
rc = -1;
break;
case REWRITE_REGEXEC_ERR:
if ( dc->rs ) {
dc->rs->sr_err = LDAP_OTHER;
dc->rs->sr_text = "Rewrite error";
}
rc = -1;
break;
}
return rc;
}
#else
/*
* ldap_back_dn_massage
*
* Aliases the suffix; based on suffix_alias (servers/slapd/suffixalias.c).
*/
void
int
ldap_back_dn_massage(
struct ldapinfo *li,
dncookie *dc,
struct berval *dn,
struct berval *res,
int normalized,
int tofrom
struct berval *res
)
{
int i, src, dst;
struct berval pretty = {0,NULL};
assert( res );
if ( dn == NULL ) {
if ( dn == NULL ) {
res->bv_val = NULL;
res->bv_len = 0;
return;
return 0;
}
if ( li == NULL || li->suffix_massage == NULL ) {
if ( dc->li == NULL || dc->li->suffix_massage == NULL ) {
*res = *dn;
return;
return 0;
}
if ( tofrom ) {
src = 0 + normalized;
dst = 2 + normalized;
if ( dc->tofrom ) {
src = 0 + dc->normalized;
dst = 2 + dc->normalized;
} else {
src = 2 + normalized;
dst = 0 + normalized;
src = 2 + dc->normalized;
dst = 0 + dc->normalized;
/* DN from remote server may be in arbitrary form.
* Pretty it so we can parse reliably.
*/
dnPretty2( NULL, dn, &pretty );
if (pretty.bv_val) dn = &pretty;
}
for ( i = 0;
li->suffix_massage[i].bv_val != NULL;
i += 4 ) {
int aliasLength = li->suffix_massage[i+src].bv_len;
int diff = dn->bv_len - aliasLength;
for ( i = 0;
dc->li->suffix_massage[i].bv_val != NULL;
i += 4 ) {
int aliasLength = dc->li->suffix_massage[i+src].bv_len;
int diff = dn->bv_len - aliasLength;
if ( diff < 0 ) {
/* alias is longer than dn */
continue;
} else if ( diff > 0 ) {
if ( normalized && ( ! DN_SEPARATOR(dn->bv_val[diff-1]) ) ) {
/* boundary is not at a DN separator */
continue;
}
/* At a DN Separator */
/* XXX or an escaped separator... oh well */
}
if ( diff < 0 ) {
/* alias is longer than dn */
continue;
} else if ( diff > 0 && ( !DN_SEPARATOR(dn->bv_val[diff-1]))) {
/* boundary is not at a DN separator */
continue;
/* At a DN Separator */
}
if ( !strcmp( li->suffix_massage[i+src].bv_val, &dn->bv_val[diff] ) ) {
res->bv_len = diff + li->suffix_massage[i+dst].bv_len;
res->bv_val = ch_malloc( res->bv_len + 1 );
strncpy( res->bv_val, dn->bv_val, diff );
strcpy( &res->bv_val[diff], li->suffix_massage[i+dst].bv_val );
if ( !strcmp( dc->li->suffix_massage[i+src].bv_val, &dn->bv_val[diff] ) ) {
res->bv_len = diff + dc->li->suffix_massage[i+dst].bv_len;
res->bv_val = ch_malloc( res->bv_len + 1 );
strncpy( res->bv_val, dn->bv_val, diff );
strcpy( &res->bv_val[diff], dc->li->suffix_massage[i+dst].bv_val );
#ifdef NEW_LOGGING
LDAP_LOG ( BACK_LDAP, ARGS,
"ldap_back_dn_massage: converted \"%s\" to \"%s\"\n",
dn->bv_val, res->bv_val, 0 );
#else
Debug( LDAP_DEBUG_ARGS,
"ldap_back_dn_massage:"
Debug( LDAP_DEBUG_ARGS,
"ldap_back_dn_massage:"
" converted \"%s\" to \"%s\"\n",
dn->bv_val, res->bv_val, 0 );
dn->bv_val, res->bv_val, 0 );
#endif
break;
}
}
break;
}
}
/* Nothing matched, just return the original DN */
if (res->bv_val == NULL) {
*res = *dn;
}
if (pretty.bv_val) {
ch_free(pretty.bv_val);
}
return;
return 0;
}
#endif /* !ENABLE_REWRITE */