mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-15 03:01:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

SLAPD_SCHEMA_NOT_COMPAT:

Browse Source 
Don't depend acl parsing upon slap_schema, it's filled in post-conf
This commit is contained in:
Kurt Zeilenga 2000-05-28 18:58:09 +00:00
parent 9e9be9c283
commit c98f0ea02c
4 changed files with 67 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
servers/slapd/aclparse.c
View File

@ -98,14 +98,6 @@ parse_acl(
#ifdef SLAPD_SCHEMA_NOT_COMPAT #ifdef SLAPD_SCHEMA_NOT_COMPAT
int rc; int rc;
const char *text; const char *text;
AttributeDescription *ad_distinguishedName = slap_schema.si_ad_distinguishedName;
AttributeDescription *ad_member = slap_schema.si_ad_member;
#ifdef SLAPD_ACI_ENABLED
AttributeDescription *ad_aci = slap_schema.si_ad_aci;
#endif
#else
static char *ad_aci = "aci";
static char *ad_member = "member";
#endif #endif
a = NULL; a = NULL;
@ -343,11 +335,12 @@ parse_acl(
} }
if( b->a_dn_at->ad_type->sat_syntax if( strcmp( b->a_dn_at->ad_type->sat_oid,
!= ad_distinguishedName->ad_type->sat_syntax ) SLAPD_OID_DN_SYNTAX ) != 0 )
{ {
fprintf( stderr, fprintf( stderr,
"%s: line %d: dnattr \"%s\": inappropriate syntax: %s\n", "%s: line %d: dnattr \"%s\": "
"inappropriate syntax: %s\n",
fname, lineno, right, fname, lineno, right,
b->a_dn_at->ad_type->sat_syntax_oid ); b->a_dn_at->ad_type->sat_syntax_oid );
acl_usage(); acl_usage();
@ -389,43 +382,54 @@ parse_acl(
#else #else
b->a_group_oc = ch_strdup(value); b->a_group_oc = ch_strdup(value);
#endif #endif
if( b->a_group_oc == NULL ) {
fprintf( stderr,
"%s: line %d: group objectclass \"%s\" unknown\n",
fname, lineno, value );
acl_usage();
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if( is_object_subclass( b->a_group_oc,
slap_schema.si_oc_referral ) )
{
fprintf( stderr,
"%s: line %d: group objectclass \"%s\" is subclass of referral\n",
fname, lineno, value );
acl_usage();
}
if( is_object_subclass( b->a_group_oc,
slap_schema.si_oc_alias ) )
{
fprintf( stderr,
"%s: line %d: group objectclass \"%s\" is subclass of alias\n",
fname, lineno, value );
acl_usage();
}
#endif
*--value = '/'; *--value = '/';
if( b->a_group_oc == NULL ) {
fprintf( stderr,
"%s: line %d: group objectclass "
"\"%s\" unknown\n",
fname, lineno, value );
acl_usage();
}
} else { } else {
#ifdef SLAPD_SCHEMA_NOT_COMPAT #ifdef SLAPD_SCHEMA_NOT_COMPAT
b->a_group_oc = slap_schema.si_oc_groupOfNames; b->a_group_oc = oc_find("groupOfNames");
if( b->a_group_oc == NULL ) {
fprintf( stderr,
"%s: line %d: group default objectclass "
"\"%s\" unknown\n",
fname, lineno, "groupOfNames" );
acl_usage();
}
#else #else
b->a_group_oc = ch_strdup("groupOfNames"); b->a_group_oc = ch_strdup("groupOfNames");
#endif #endif
} }
#ifdef SLAPD_SCHEMA_NOT_COMPAT
#if 0
if( is_object_subclass( b->a_group_oc,
slap_schema.si_oc_referral ) )
{
fprintf( stderr,
"%s: line %d: group objectclass \"%s\" "
"is subclass of referral\n",
fname, lineno, value );
acl_usage();
}
if( is_object_subclass( b->a_group_oc,
slap_schema.si_oc_alias ) )
{
fprintf( stderr,
"%s: line %d: group objectclass \"%s\" "
"is subclass of alias\n",
fname, lineno, value );
acl_usage();
}
#endif
#endif
if (name && *name) { if (name && *name) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT #ifdef SLAPD_SCHEMA_NOT_COMPAT
@ -437,34 +441,33 @@ parse_acl(
fname, lineno, right, text ); fname, lineno, right, text );
acl_usage(); acl_usage();
} }
if( b->a_group_at->ad_type->sat_syntax
!= ad_member->ad_type->sat_syntax )
{
fprintf( stderr,
"%s: line %d: group \"%s\": inappropriate syntax: %s\n",
fname, lineno, right,
b->a_group_at->ad_type->sat_syntax_oid );
acl_usage();
}
#else #else
b->a_group_at = ch_strdup(name); b->a_group_at = ch_strdup(name);
#endif #endif
*--name = '/'; *--name = '/';
} else { } else {
#ifdef SLAPD_SCHEMA_NOT_COMPAT #ifdef SLAPD_SCHEMA_NOT_COMPAT
b->a_group_at = ad_dup( ad_member ); rc = slap_str2ad( "member", &b->a_group_at, &text );
if( rc != LDAP_SUCCESS ) {
fprintf( stderr,
"%s: line %d: group \"%s\": %s\n",
fname, lineno, "member", text );
acl_usage();
}
#else #else
b->a_group_at = ch_strdup( ad_member ); b->a_group_at = ch_strdup( "member" );
#endif #endif
} }
#ifdef SLAPD_SCHEMA_NOT_COMPAT #ifdef SLAPD_SCHEMA_NOT_COMPAT
if( b->a_group_at == NULL ) { if( strcmp( b->a_group_at->ad_type->sat_oid,
SLAPD_OID_DN_SYNTAX ) != 0 )
{
fprintf( stderr, fprintf( stderr,
"%s: line %d: group attribute type undefined.\n", "%s: line %d: group \"%s\": inappropriate syntax: %s\n",
fname, lineno ); fname, lineno, right,
b->a_group_at->ad_type->sat_syntax_oid );
acl_usage(); acl_usage();
} }
@ -491,8 +494,7 @@ parse_acl(
acl_usage(); acl_usage();
} }
} }
#endif
#endif /* SLAPD_SCHEMA_NOT_COMPAT */
continue; continue;
} }

11
servers/slapd/schema_prep.c
View File

@ -47,7 +47,6 @@ struct slap_schema_oc_map {
{ "LDAProotDSE", offsetof(struct slap_internal_schema, si_oc_rootdse) }, { "LDAProotDSE", offsetof(struct slap_internal_schema, si_oc_rootdse) },
{ "LDAPsubentry", offsetof(struct slap_internal_schema, si_oc_subentry) }, { "LDAPsubentry", offsetof(struct slap_internal_schema, si_oc_subentry) },
{ "subschema", offsetof(struct slap_internal_schema, si_oc_subschema) }, { "subschema", offsetof(struct slap_internal_schema, si_oc_subschema) },
{ "groupOfNames", offsetof(struct slap_internal_schema, si_oc_groupOfNames) },
{ NULL, 0 } { NULL, 0 }
}; };
@ -103,19 +102,11 @@ struct slap_schema_ad_map {
{ "ref", NULL, { "ref", NULL,
offsetof(struct slap_internal_schema, si_ad_ref) }, offsetof(struct slap_internal_schema, si_ad_ref) },
/* access control information */ /* access control internals */
{ "entry", NULL, { "entry", NULL,
offsetof(struct slap_internal_schema, si_ad_entry) }, offsetof(struct slap_internal_schema, si_ad_entry) },
{ "children", NULL, { "children", NULL,
offsetof(struct slap_internal_schema, si_ad_children) }, offsetof(struct slap_internal_schema, si_ad_children) },
{ "distinguishedName", NULL,
offsetof(struct slap_internal_schema, si_ad_distinguishedName) },
{ "member", NULL,
offsetof(struct slap_internal_schema, si_ad_member) },
#ifdef SLAPD_ACI_ENABLED
{ "aci", NULL,
offsetof(struct slap_internal_schema, si_ad_aci) },
#endif
{ "userPassword", NULL, { "userPassword", NULL,
offsetof(struct slap_internal_schema, si_ad_userPassword) }, offsetof(struct slap_internal_schema, si_ad_userPassword) },

14
servers/slapd/slap.h
View File

@ -93,12 +93,10 @@ LDAP_BEGIN_DECL
#define AD_LEADCHAR(c) ( ATTR_CHAR(c) ) #define AD_LEADCHAR(c) ( ATTR_CHAR(c) )
#define AD_CHAR(c) ( ATTR_CHAR(c) || (c) == ';' ) #define AD_CHAR(c) ( ATTR_CHAR(c) || (c) == ';' )
#ifndef SLAPD_SCHEMA_NOT_COMPAT /* must match syntaxes in schema_init.c */
/* schema needed by slapd */ #define SLAPD_OID_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1"
#define SLAPD_OID_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1" /* experimental */ #define SLAPD_OID_DN_SYNTAX "1.3.6.1.4.1.1466.115.121.1.12"
#define SLAPD_ACI_DEFAULT_ATTR "aci" #define SLAPD_ACI_DEFAULT_ATTR "aci"
#endif
LIBSLAPD_F (int) slap_debug; LIBSLAPD_F (int) slap_debug;
@ -336,7 +334,6 @@ struct slap_internal_schema {
ObjectClass *si_oc_subentry; ObjectClass *si_oc_subentry;
ObjectClass *si_oc_subschema; ObjectClass *si_oc_subschema;
ObjectClass *si_oc_rootdse; ObjectClass *si_oc_rootdse;
ObjectClass *si_oc_groupOfNames;
/* objectClass attribute */ /* objectClass attribute */
AttributeDescription *si_ad_objectClass; AttributeDescription *si_ad_objectClass;
@ -372,11 +369,6 @@ struct slap_internal_schema {
/* Access Control Internals */ /* Access Control Internals */
AttributeDescription *si_ad_entry; AttributeDescription *si_ad_entry;
AttributeDescription *si_ad_children; AttributeDescription *si_ad_children;
AttributeDescription *si_ad_member;
AttributeDescription *si_ad_distinguishedName;
#ifdef SLAPD_ACI_ENABLED
AttributeDescription *si_ad_aci;
#endif
/* Other */ /* Other */
AttributeDescription *si_ad_userPassword; AttributeDescription *si_ad_userPassword;

4
servers/slapd/str2filter.c
View File

@ -178,6 +178,7 @@ str2simple( const char *str )
case ':': case ':':
f->f_choice = LDAP_FILTER_EXT; f->f_choice = LDAP_FILTER_EXT;
*s = '\0'; *s = '\0';
return NULL;
break; break;
default: default:
@ -188,6 +189,7 @@ str2simple( const char *str )
} else { } else {
f->f_choice = LDAP_FILTER_SUBSTRINGS; f->f_choice = LDAP_FILTER_SUBSTRINGS;
#ifdef SLAPD_SCHEMA_NOT_COMPAT #ifdef SLAPD_SCHEMA_NOT_COMPAT
f->f_sub = ch_calloc( 1, sizeof( SubstringsAssertion ) );
rc = slap_str2ad( str, &f->f_sub_desc, &text ); rc = slap_str2ad( str, &f->f_sub_desc, &text );
if( rc != LDAP_SUCCESS ) { if( rc != LDAP_SUCCESS ) {
filter_free( f ); filter_free( f );
@ -223,6 +225,8 @@ str2simple( const char *str )
#ifdef SLAPD_SCHEMA_NOT_COMPAT #ifdef SLAPD_SCHEMA_NOT_COMPAT
char *tmp; char *tmp;
f->f_ava = ch_calloc( 1, sizeof( AttributeAssertion ) );
f->f_av_desc = NULL;
rc = slap_str2ad( str, &f->f_av_desc, &text ); rc = slap_str2ad( str, &f->f_av_desc, &text );
if( rc != LDAP_SUCCESS ) { if( rc != LDAP_SUCCESS ) {
filter_free( f ); filter_free( f );