1 /* ad.c - routines for dealing with attribute descriptions */
2 /* $OpenLDAP$ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 *
5 * Copyright 1998-2021 The OpenLDAP Foundation.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
10 * Public License.
11 *
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
15 */
16
17 #include "portable.h"
18
19 #include <stdio.h>
20
21 #include <ac/ctype.h>
22 #include <ac/errno.h>
23 #include <ac/socket.h>
24 #include <ac/string.h>
25 #include <ac/time.h>
26
27 #include "slap.h"
28 #include "lutil.h"
29
30 static struct berval bv_no_attrs = BER_BVC( LDAP_NO_ATTRS );
31 static struct berval bv_all_user_attrs = BER_BVC( "*" );
32 static struct berval bv_all_operational_attrs = BER_BVC( "+" );
33
34 static AttributeName anlist_no_attrs[] = {
35 { BER_BVC( LDAP_NO_ATTRS ), NULL, 0, NULL },
36 { BER_BVNULL, NULL, 0, NULL }
37 };
38
39 static AttributeName anlist_all_user_attributes[] = {
40 { BER_BVC( LDAP_ALL_USER_ATTRIBUTES ), NULL, 0, NULL },
41 { BER_BVNULL, NULL, 0, NULL }
42 };
43
44 static AttributeName anlist_all_operational_attributes[] = {
45 { BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES ), NULL, 0, NULL },
46 { BER_BVNULL, NULL, 0, NULL }
47 };
48
49 static AttributeName anlist_all_attributes[] = {
50 { BER_BVC( LDAP_ALL_USER_ATTRIBUTES ), NULL, 0, NULL },
51 { BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES ), NULL, 0, NULL },
52 { BER_BVNULL, NULL, 0, NULL }
53 };
54
55 AttributeName *slap_anlist_no_attrs = anlist_no_attrs;
56 AttributeName *slap_anlist_all_user_attributes = anlist_all_user_attributes;
57 AttributeName *slap_anlist_all_operational_attributes = anlist_all_operational_attributes;
58 AttributeName *slap_anlist_all_attributes = anlist_all_attributes;
59
60 struct berval * slap_bv_no_attrs = &bv_no_attrs;
61 struct berval * slap_bv_all_user_attrs = &bv_all_user_attrs;
62 struct berval * slap_bv_all_operational_attrs = &bv_all_operational_attrs;
63
64 typedef struct Attr_option {
65 struct berval name; /* option name or prefix */
66 int prefix; /* NAME is a tag and range prefix */
67 } Attr_option;
68
69 static Attr_option lang_option = { BER_BVC("lang-"), 1 };
70
71 /* Options sorted by name, and number of options */
72 static Attr_option *options = &lang_option;
73 static int option_count = 1;
74
75 static int msad_range_hack = 0;
76
77 static int ad_count;
78
79 static Attr_option *ad_find_option_definition( const char *opt, int optlen );
80
ad_keystring(struct berval * bv)81 int ad_keystring(
82 struct berval *bv )
83 {
84 ber_len_t i;
85
86 if( !AD_LEADCHAR( bv->bv_val[0] ) ) {
87 return 1;
88 }
89
90 for( i=1; i<bv->bv_len; i++ ) {
91 if( !AD_CHAR( bv->bv_val[i] )) {
92 if ( msad_range_hack && bv->bv_val[i] == '=' )
93 continue;
94 return 1;
95 }
96 }
97 return 0;
98 }
99
ad_destroy(AttributeDescription * ad)100 void ad_destroy( AttributeDescription *ad )
101 {
102 AttributeDescription *n;
103
104 for (; ad != NULL; ad = n) {
105 n = ad->ad_next;
106 ldap_memfree( ad );
107 }
108 }
109
110 /* Is there an AttributeDescription for this type that uses these tags? */
ad_find_tags(AttributeType * type,struct berval * tags)111 AttributeDescription * ad_find_tags(
112 AttributeType *type,
113 struct berval *tags )
114 {
115 AttributeDescription *ad;
116
117 ldap_pvt_thread_mutex_lock( &type->sat_ad_mutex );
118 for (ad = type->sat_ad; ad; ad=ad->ad_next)
119 {
120 if (ad->ad_tags.bv_len == tags->bv_len &&
121 !strcasecmp(ad->ad_tags.bv_val, tags->bv_val))
122 break;
123 }
124 ldap_pvt_thread_mutex_unlock( &type->sat_ad_mutex );
125 return ad;
126 }
127
slap_str2ad(const char * str,AttributeDescription ** ad,const char ** text)128 int slap_str2ad(
129 const char *str,
130 AttributeDescription **ad,
131 const char **text )
132 {
133 struct berval bv;
134 bv.bv_val = (char *) str;
135 bv.bv_len = strlen( str );
136
137 return slap_bv2ad( &bv, ad, text );
138 }
139
strchrlen(const char * beg,const char * end,const char ch,int * len)140 static char *strchrlen(
141 const char *beg,
142 const char *end,
143 const char ch,
144 int *len )
145 {
146 const char *p;
147
148 for( p=beg; p < end && *p; p++ ) {
149 if( *p == ch ) {
150 *len = p - beg;
151 return (char *) p;
152 }
153 }
154
155 *len = p - beg;
156 return NULL;
157 }
158
slap_bv2ad(struct berval * bv,AttributeDescription ** ad,const char ** text)159 int slap_bv2ad(
160 struct berval *bv,
161 AttributeDescription **ad,
162 const char **text )
163 {
164 int rtn = LDAP_UNDEFINED_TYPE;
165 AttributeDescription desc, *d2;
166 char *name, *options, *optn;
167 char *opt, *next;
168 int ntags;
169 int tagslen;
170
171 /* hardcoded limits for speed */
172 #define MAX_TAGGING_OPTIONS 128
173 struct berval tags[MAX_TAGGING_OPTIONS+1];
174 #define MAX_TAGS_LEN 1024
175 char tagbuf[MAX_TAGS_LEN];
176
177 assert( ad != NULL );
178 assert( *ad == NULL ); /* temporary */
179
180 if( bv == NULL || BER_BVISNULL( bv ) || BER_BVISEMPTY( bv ) ) {
181 *text = "empty AttributeDescription";
182 return rtn;
183 }
184
185 /* make sure description is IA5 */
186 if( ad_keystring( bv ) ) {
187 *text = "AttributeDescription contains inappropriate characters";
188 return rtn;
189 }
190
191 /* find valid base attribute type; parse in place */
192 desc.ad_cname = *bv;
193 desc.ad_flags = 0;
194 BER_BVZERO( &desc.ad_tags );
195 name = bv->bv_val;
196 options = ber_bvchr( bv, ';' );
197 if ( options != NULL && (unsigned) ( options - name ) < bv->bv_len ) {
198 /* don't go past the end of the berval! */
199 desc.ad_cname.bv_len = options - name;
200 } else {
201 options = NULL;
202 }
203 desc.ad_type = at_bvfind( &desc.ad_cname );
204 if( desc.ad_type == NULL ) {
205 *text = "attribute type undefined";
206 return rtn;
207 }
208
209 if( is_at_operational( desc.ad_type ) && options != NULL ) {
210 *text = "operational attribute with options undefined";
211 return rtn;
212 }
213
214 /*
215 * parse options in place
216 */
217 ntags = 0;
218 tagslen = 0;
219 optn = bv->bv_val + bv->bv_len;
220
221 for( opt=options; opt != NULL; opt=next ) {
222 int optlen;
223 opt++;
224 next = strchrlen( opt, optn, ';', &optlen );
225
226 if( optlen == 0 ) {
227 *text = "zero length option is invalid";
228 return rtn;
229
230 } else if ( optlen == STRLENOF("binary") &&
231 strncasecmp( opt, "binary", STRLENOF("binary") ) == 0 )
232 {
233 /* binary option */
234 if( slap_ad_is_binary( &desc ) ) {
235 *text = "option \"binary\" specified multiple times";
236 return rtn;
237 }
238
239 if( !slap_syntax_is_binary( desc.ad_type->sat_syntax )) {
240 /* not stored in binary, disallow option */
241 *text = "option \"binary\" not supported with type";
242 return rtn;
243 }
244
245 desc.ad_flags |= SLAP_DESC_BINARY;
246 continue;
247
248 } else if ( ad_find_option_definition( opt, optlen ) ) {
249 int i;
250
251 if( opt[optlen-1] == '-' ||
252 ( opt[optlen-1] == '=' && msad_range_hack )) {
253 desc.ad_flags |= SLAP_DESC_TAG_RANGE;
254 }
255
256 if( ntags >= MAX_TAGGING_OPTIONS ) {
257 *text = "too many tagging options";
258 return rtn;
259 }
260
261 /*
262 * tags should be presented in sorted order,
263 * so run the array in reverse.
264 */
265 for( i=ntags-1; i>=0; i-- ) {
266 int rc;
267
268 rc = strncasecmp( opt, tags[i].bv_val,
269 (unsigned) optlen < tags[i].bv_len
270 ? (unsigned) optlen : tags[i].bv_len );
271
272 if( rc == 0 && (unsigned)optlen == tags[i].bv_len ) {
273 /* duplicate (ignore) */
274 ntags--;
275 goto done;
276
277 } else if ( rc > 0 ||
278 ( rc == 0 && (unsigned)optlen > tags[i].bv_len ))
279 {
280 AC_MEMCPY( &tags[i+2], &tags[i+1],
281 (ntags-i-1)*sizeof(struct berval) );
282 tags[i+1].bv_val = opt;
283 tags[i+1].bv_len = optlen;
284 goto done;
285 }
286 }
287
288 if( ntags ) {
289 AC_MEMCPY( &tags[1], &tags[0],
290 ntags*sizeof(struct berval) );
291 }
292 tags[0].bv_val = opt;
293 tags[0].bv_len = optlen;
294
295 done:;
296 tagslen += optlen + 1;
297 ntags++;
298
299 } else {
300 *text = "unrecognized option";
301 return rtn;
302 }
303 }
304
305 if( ntags > 0 ) {
306 int i;
307
308 if( tagslen > MAX_TAGS_LEN ) {
309 *text = "tagging options too long";
310 return rtn;
311 }
312
313 desc.ad_tags.bv_val = tagbuf;
314 tagslen = 0;
315
316 for( i=0; i<ntags; i++ ) {
317 AC_MEMCPY( &desc.ad_tags.bv_val[tagslen],
318 tags[i].bv_val, tags[i].bv_len );
319
320 tagslen += tags[i].bv_len;
321 desc.ad_tags.bv_val[tagslen++] = ';';
322 }
323
324 desc.ad_tags.bv_val[--tagslen] = '\0';
325 desc.ad_tags.bv_len = tagslen;
326 }
327
328 /* see if a matching description is already cached */
329 for (d2 = desc.ad_type->sat_ad; d2; d2=d2->ad_next) {
330 if( d2->ad_flags != desc.ad_flags ) {
331 continue;
332 }
333 if( d2->ad_tags.bv_len != desc.ad_tags.bv_len ) {
334 continue;
335 }
336 if( d2->ad_tags.bv_len == 0 ) {
337 break;
338 }
339 if( strncasecmp( d2->ad_tags.bv_val, desc.ad_tags.bv_val,
340 desc.ad_tags.bv_len ) == 0 )
341 {
342 break;
343 }
344 }
345
346 /* Not found, add new one */
347 while (d2 == NULL) {
348 size_t dlen = 0;
349 ldap_pvt_thread_mutex_lock( &desc.ad_type->sat_ad_mutex );
350 /* check again now that we've locked */
351 for (d2 = desc.ad_type->sat_ad; d2; d2=d2->ad_next) {
352 if (d2->ad_flags != desc.ad_flags)
353 continue;
354 if (d2->ad_tags.bv_len != desc.ad_tags.bv_len)
355 continue;
356 if (d2->ad_tags.bv_len == 0)
357 break;
358 if (strncasecmp(d2->ad_tags.bv_val, desc.ad_tags.bv_val,
359 desc.ad_tags.bv_len) == 0)
360 break;
361 }
362 if (d2) {
363 ldap_pvt_thread_mutex_unlock( &desc.ad_type->sat_ad_mutex );
364 break;
365 }
366
367 /* Allocate a single contiguous block. If there are no
368 * options, we just need space for the AttrDesc structure.
369 * Otherwise, we need to tack on the full name length +
370 * options length, + maybe tagging options length again.
371 */
372 if (desc.ad_tags.bv_len || desc.ad_flags != SLAP_DESC_NONE) {
373 dlen = desc.ad_type->sat_cname.bv_len + 1;
374 if (desc.ad_tags.bv_len) {
375 dlen += 1 + desc.ad_tags.bv_len;
376 }
377 if ( slap_ad_is_binary( &desc ) ) {
378 dlen += 1 + STRLENOF(";binary") + desc.ad_tags.bv_len;
379 }
380 }
381
382 d2 = ch_malloc(sizeof(AttributeDescription) + dlen);
383 d2->ad_next = NULL;
384 d2->ad_type = desc.ad_type;
385 d2->ad_flags = desc.ad_flags;
386 d2->ad_cname.bv_len = desc.ad_type->sat_cname.bv_len;
387 d2->ad_tags.bv_len = desc.ad_tags.bv_len;
388 ldap_pvt_thread_mutex_lock( &ad_index_mutex );
389 d2->ad_index = ++ad_count;
390 ldap_pvt_thread_mutex_unlock( &ad_index_mutex );
391
392 if (dlen == 0) {
393 d2->ad_cname.bv_val = d2->ad_type->sat_cname.bv_val;
394 d2->ad_tags.bv_val = NULL;
395 } else {
396 char *cp, *op, *lp;
397 int j;
398 d2->ad_cname.bv_val = (char *)(d2+1);
399 strcpy(d2->ad_cname.bv_val, d2->ad_type->sat_cname.bv_val);
400 cp = d2->ad_cname.bv_val + d2->ad_cname.bv_len;
401 if( slap_ad_is_binary( &desc ) ) {
402 op = cp;
403 lp = NULL;
404 if( desc.ad_tags.bv_len ) {
405 lp = desc.ad_tags.bv_val;
406 while( strncasecmp(lp, "binary", STRLENOF("binary")) < 0
407 && (lp = strchr( lp, ';' )) != NULL )
408 ++lp;
409 if( lp != desc.ad_tags.bv_val ) {
410 *cp++ = ';';
411 j = (lp
412 ? (unsigned) (lp - desc.ad_tags.bv_val - 1)
413 : strlen( desc.ad_tags.bv_val ));
414 cp = lutil_strncopy(cp, desc.ad_tags.bv_val, j);
415 }
416 }
417 cp = lutil_strcopy(cp, ";binary");
418 if( lp != NULL ) {
419 *cp++ = ';';
420 cp = lutil_strcopy(cp, lp);
421 }
422 d2->ad_cname.bv_len = cp - d2->ad_cname.bv_val;
423 if( desc.ad_tags.bv_len )
424 ldap_pvt_str2lower(op);
425 j = 1;
426 } else {
427 j = 0;
428 }
429 if( desc.ad_tags.bv_len ) {
430 lp = d2->ad_cname.bv_val + d2->ad_cname.bv_len + j;
431 if ( j == 0 )
432 *lp++ = ';';
433 d2->ad_tags.bv_val = lp;
434 strcpy(lp, desc.ad_tags.bv_val);
435 ldap_pvt_str2lower(lp);
436 if( j == 0 )
437 d2->ad_cname.bv_len += 1 + desc.ad_tags.bv_len;
438 }
439 }
440 /* Add new desc to list. We always want the bare Desc with
441 * no options to stay at the head of the list, assuming
442 * that one will be used most frequently.
443 */
444 if (desc.ad_type->sat_ad == NULL || dlen == 0) {
445 d2->ad_next = desc.ad_type->sat_ad;
446 desc.ad_type->sat_ad = d2;
447 } else {
448 d2->ad_next = desc.ad_type->sat_ad->ad_next;
449 desc.ad_type->sat_ad->ad_next = d2;
450 }
451 ldap_pvt_thread_mutex_unlock( &desc.ad_type->sat_ad_mutex );
452 }
453
454 if( *ad == NULL ) {
455 *ad = d2;
456 } else {
457 **ad = *d2;
458 }
459
460 return LDAP_SUCCESS;
461 }
462
is_ad_subtags(struct berval * subtagsbv,struct berval * suptagsbv)463 static int is_ad_subtags(
464 struct berval *subtagsbv,
465 struct berval *suptagsbv )
466 {
467 const char *suptags, *supp, *supdelimp, *supn;
468 const char *subtags, *subp, *subdelimp, *subn;
469 int suplen, sublen;
470
471 subtags =subtagsbv->bv_val;
472 suptags =suptagsbv->bv_val;
473 subn = subtags + subtagsbv->bv_len;
474 supn = suptags + suptagsbv->bv_len;
475
476 for( supp=suptags ; supp; supp=supdelimp ) {
477 supdelimp = strchrlen( supp, supn, ';', &suplen );
478 if( supdelimp ) supdelimp++;
479
480 for( subp=subtags ; subp; subp=subdelimp ) {
481 subdelimp = strchrlen( subp, subn, ';', &sublen );
482 if( subdelimp ) subdelimp++;
483
484 if ( suplen > sublen
485 ? ( suplen-1 == sublen && supp[suplen-1] == '-'
486 && strncmp( supp, subp, sublen ) == 0 )
487 : ( ( suplen == sublen || supp[suplen-1] == '-' )
488 && strncmp( supp, subp, suplen ) == 0 ) )
489 {
490 goto match;
491 }
492 }
493
494 return 0;
495 match:;
496 }
497 return 1;
498 }
499
is_ad_subtype(AttributeDescription * sub,AttributeDescription * super)500 int is_ad_subtype(
501 AttributeDescription *sub,
502 AttributeDescription *super
503 )
504 {
505 AttributeType *a;
506 int lr;
507
508 for ( a = sub->ad_type; a; a=a->sat_sup ) {
509 if ( a == super->ad_type ) break;
510 }
511 if( !a ) {
512 return 0;
513 }
514
515 /* ensure sub does support all flags of super */
516 lr = sub->ad_tags.bv_len ? SLAP_DESC_TAG_RANGE : 0;
517 if(( super->ad_flags & ( sub->ad_flags | lr )) != super->ad_flags ) {
518 return 0;
519 }
520
521 /* check for tagging options */
522 if ( super->ad_tags.bv_len == 0 )
523 return 1;
524 if ( sub->ad_tags.bv_len == 0 )
525 return 0;
526
527 return is_ad_subtags( &sub->ad_tags, &super->ad_tags );
528 }
529
ad_inlist(AttributeDescription * desc,AttributeName * attrs)530 int ad_inlist(
531 AttributeDescription *desc,
532 AttributeName *attrs )
533 {
534 if (! attrs ) return 0;
535
536 for( ; attrs->an_name.bv_val; attrs++ ) {
537 AttributeType *a;
538 ObjectClass *oc;
539
540 if ( attrs->an_desc ) {
541 int lr;
542
543 if ( desc == attrs->an_desc ) {
544 return 1;
545 }
546
547 /*
548 * EXTENSION: if requested description is preceeded by
549 * a '-' character, do not match on subtypes.
550 */
551 if ( attrs->an_name.bv_val[0] == '-' ) {
552 continue;
553 }
554
555 /* Is this a subtype of the requested attr? */
556 for (a = desc->ad_type; a; a=a->sat_sup) {
557 if ( a == attrs->an_desc->ad_type )
558 break;
559 }
560 if ( !a ) {
561 continue;
562 }
563 /* Does desc support all the requested flags? */
564 lr = desc->ad_tags.bv_len ? SLAP_DESC_TAG_RANGE : 0;
565 if(( attrs->an_desc->ad_flags & (desc->ad_flags | lr))
566 != attrs->an_desc->ad_flags ) {
567 continue;
568 }
569 /* Do the descs have compatible tags? */
570 if ( attrs->an_desc->ad_tags.bv_len == 0 ) {
571 return 1;
572 }
573 if ( desc->ad_tags.bv_len == 0) {
574 continue;
575 }
576 if ( is_ad_subtags( &desc->ad_tags,
577 &attrs->an_desc->ad_tags ) ) {
578 return 1;
579 }
580 continue;
581 }
582
583 if ( ber_bvccmp( &attrs->an_name, '*' ) ) {
584 if ( !is_at_operational( desc->ad_type ) ) {
585 return 1;
586 }
587 continue;
588 }
589
590 if ( ber_bvccmp( &attrs->an_name, '+' ) ) {
591 if ( is_at_operational( desc->ad_type ) ) {
592 return 1;
593 }
594 continue;
595 }
596
597 /*
598 * EXTENSION: see if requested description is @objectClass
599 * if so, return attributes which the class requires/allows
600 * else if requested description is !objectClass, return
601 * attributes which the class does not require/allow
602 */
603 if ( !( attrs->an_flags & SLAP_AN_OCINITED )) {
604 if( attrs->an_name.bv_val ) {
605 switch( attrs->an_name.bv_val[0] ) {
606 case '@': /* @objectClass */
607 case '+': /* +objectClass (deprecated) */
608 case '!': { /* exclude */
609 struct berval ocname;
610 ocname.bv_len = attrs->an_name.bv_len - 1;
611 ocname.bv_val = &attrs->an_name.bv_val[1];
612 oc = oc_bvfind( &ocname );
613 if ( oc && attrs->an_name.bv_val[0] == '!' ) {
614 attrs->an_flags |= SLAP_AN_OCEXCLUDE;
615 } else {
616 attrs->an_flags &= ~SLAP_AN_OCEXCLUDE;
617 }
618 } break;
619
620 default: /* old (deprecated) way */
621 oc = oc_bvfind( &attrs->an_name );
622 }
623 attrs->an_oc = oc;
624 }
625 attrs->an_flags |= SLAP_AN_OCINITED;
626 }
627 oc = attrs->an_oc;
628 if( oc != NULL ) {
629 if ( attrs->an_flags & SLAP_AN_OCEXCLUDE ) {
630 if ( oc == slap_schema.si_oc_extensibleObject ) {
631 /* extensibleObject allows the return of anything */
632 return 0;
633 }
634
635 if( oc->soc_required ) {
636 /* allow return of required attributes */
637 int i;
638
639 for ( i = 0; oc->soc_required[i] != NULL; i++ ) {
640 for (a = desc->ad_type; a; a=a->sat_sup) {
641 if ( a == oc->soc_required[i] ) {
642 return 0;
643 }
644 }
645 }
646 }
647
648 if( oc->soc_allowed ) {
649 /* allow return of allowed attributes */
650 int i;
651 for ( i = 0; oc->soc_allowed[i] != NULL; i++ ) {
652 for (a = desc->ad_type; a; a=a->sat_sup) {
653 if ( a == oc->soc_allowed[i] ) {
654 return 0;
655 }
656 }
657 }
658 }
659
660 return 1;
661 }
662
663 if ( oc == slap_schema.si_oc_extensibleObject ) {
664 /* extensibleObject allows the return of anything */
665 return 1;
666 }
667
668 if( oc->soc_required ) {
669 /* allow return of required attributes */
670 int i;
671
672 for ( i = 0; oc->soc_required[i] != NULL; i++ ) {
673 for (a = desc->ad_type; a; a=a->sat_sup) {
674 if ( a == oc->soc_required[i] ) {
675 return 1;
676 }
677 }
678 }
679 }
680
681 if( oc->soc_allowed ) {
682 /* allow return of allowed attributes */
683 int i;
684 for ( i = 0; oc->soc_allowed[i] != NULL; i++ ) {
685 for (a = desc->ad_type; a; a=a->sat_sup) {
686 if ( a == oc->soc_allowed[i] ) {
687 return 1;
688 }
689 }
690 }
691 }
692
693 } else {
694 const char *text;
695
696 /* give it a chance of being retrieved by a proxy... */
697 (void)slap_bv2undef_ad( &attrs->an_name,
698 &attrs->an_desc, &text,
699 SLAP_AD_PROXIED|SLAP_AD_NOINSERT );
700 }
701 }
702
703 return 0;
704 }
705
706
slap_str2undef_ad(const char * str,AttributeDescription ** ad,const char ** text,unsigned flags)707 int slap_str2undef_ad(
708 const char *str,
709 AttributeDescription **ad,
710 const char **text,
711 unsigned flags )
712 {
713 struct berval bv;
714 bv.bv_val = (char *) str;
715 bv.bv_len = strlen( str );
716
717 return slap_bv2undef_ad( &bv, ad, text, flags );
718 }
719
slap_bv2undef_ad(struct berval * bv,AttributeDescription ** ad,const char ** text,unsigned flags)720 int slap_bv2undef_ad(
721 struct berval *bv,
722 AttributeDescription **ad,
723 const char **text,
724 unsigned flags )
725 {
726 AttributeDescription *desc;
727 AttributeType *at;
728
729 assert( ad != NULL );
730
731 if( bv == NULL || bv->bv_len == 0 ) {
732 *text = "empty AttributeDescription";
733 return LDAP_UNDEFINED_TYPE;
734 }
735
736 /* make sure description is IA5 */
737 if( ad_keystring( bv ) ) {
738 *text = "AttributeDescription contains inappropriate characters";
739 return LDAP_UNDEFINED_TYPE;
740 }
741
742 /* use the appropriate type */
743 if ( flags & SLAP_AD_PROXIED ) {
744 at = slap_schema.si_at_proxied;
745
746 } else {
747 at = slap_schema.si_at_undefined;
748 }
749
750 for( desc = at->sat_ad; desc; desc=desc->ad_next ) {
751 if( desc->ad_cname.bv_len == bv->bv_len &&
752 !strcasecmp( desc->ad_cname.bv_val, bv->bv_val ) )
753 {
754 break;
755 }
756 }
757
758 if( !desc ) {
759 if ( flags & SLAP_AD_NOINSERT ) {
760 *text = NULL;
761 return LDAP_UNDEFINED_TYPE;
762 }
763
764 desc = ch_malloc(sizeof(AttributeDescription) + 1 +
765 bv->bv_len);
766
767 desc->ad_flags = SLAP_DESC_NONE;
768 BER_BVZERO( &desc->ad_tags );
769
770 desc->ad_cname.bv_len = bv->bv_len;
771 desc->ad_cname.bv_val = (char *)(desc+1);
772 strncpy(desc->ad_cname.bv_val, bv->bv_val, bv->bv_len);
773 desc->ad_cname.bv_val[bv->bv_len] = '\0';
774
775 /* canonical to upper case */
776 ldap_pvt_str2upper( desc->ad_cname.bv_val );
777
778 /* shouldn't we protect this for concurrency? */
779 desc->ad_type = at;
780 desc->ad_index = 0;
781 ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
782 desc->ad_next = desc->ad_type->sat_ad;
783 desc->ad_type->sat_ad = desc;
784 ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
785
786 Debug( LDAP_DEBUG_ANY,
787 "%s attributeDescription \"%s\" inserted.\n",
788 ( flags & SLAP_AD_PROXIED ) ? "PROXIED" : "UNKNOWN",
789 desc->ad_cname.bv_val, 0 );
790 }
791
792 if( !*ad ) {
793 *ad = desc;
794 } else {
795 **ad = *desc;
796 }
797
798 return LDAP_SUCCESS;
799 }
800
801 AttributeDescription *
slap_bv2tmp_ad(struct berval * bv,void * memctx)802 slap_bv2tmp_ad(
803 struct berval *bv,
804 void *memctx )
805 {
806 AttributeDescription *ad =
807 slap_sl_mfuncs.bmf_malloc( sizeof(AttributeDescription) +
808 bv->bv_len + 1, memctx );
809
810 ad->ad_cname.bv_val = (char *)(ad+1);
811 strncpy( ad->ad_cname.bv_val, bv->bv_val, bv->bv_len+1 );
812 ad->ad_cname.bv_len = bv->bv_len;
813 ad->ad_flags = SLAP_DESC_TEMPORARY;
814 ad->ad_type = slap_schema.si_at_undefined;
815
816 return ad;
817 }
818
819 static int
undef_promote(AttributeType * at,char * name,AttributeType * nat)820 undef_promote(
821 AttributeType *at,
822 char *name,
823 AttributeType *nat )
824 {
825 AttributeDescription **u_ad, **n_ad;
826
827 /* Get to last ad on the new type */
828 for ( n_ad = &nat->sat_ad; *n_ad; n_ad = &(*n_ad)->ad_next ) ;
829
830 for ( u_ad = &at->sat_ad; *u_ad; ) {
831 struct berval bv;
832
833 ber_str2bv( name, 0, 0, &bv );
834
835 /* remove iff undef == name or undef == name;tag */
836 if ( (*u_ad)->ad_cname.bv_len >= bv.bv_len
837 && strncasecmp( (*u_ad)->ad_cname.bv_val, bv.bv_val, bv.bv_len ) == 0
838 && ( (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == '\0'
839 || (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == ';' ) )
840 {
841 AttributeDescription *tmp = *u_ad;
842
843 *u_ad = (*u_ad)->ad_next;
844
845 tmp->ad_type = nat;
846 tmp->ad_next = NULL;
847 /* ad_cname was contiguous, no leak here */
848 tmp->ad_cname = nat->sat_cname;
849 ldap_pvt_thread_mutex_lock( &ad_index_mutex );
850 tmp->ad_index = ++ad_count;
851 ldap_pvt_thread_mutex_unlock( &ad_index_mutex );
852 *n_ad = tmp;
853 n_ad = &tmp->ad_next;
854 } else {
855 u_ad = &(*u_ad)->ad_next;
856 }
857 }
858
859 return 0;
860 }
861
862 int
slap_ad_undef_promote(char * name,AttributeType * at)863 slap_ad_undef_promote(
864 char *name,
865 AttributeType *at )
866 {
867 int rc;
868
869 ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
870
871 rc = undef_promote( slap_schema.si_at_undefined, name, at );
872 if ( rc == 0 ) {
873 rc = undef_promote( slap_schema.si_at_proxied, name, at );
874 }
875
876 ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
877
878 return rc;
879 }
880
881 int
an_find(AttributeName * a,struct berval * s)882 an_find(
883 AttributeName *a,
884 struct berval *s
885 )
886 {
887 if( a == NULL ) return 0;
888
889 for ( ; a->an_name.bv_val; a++ ) {
890 if ( a->an_name.bv_len != s->bv_len) continue;
891 if ( strcasecmp( s->bv_val, a->an_name.bv_val ) == 0 ) {
892 return( 1 );
893 }
894 }
895
896 return( 0 );
897 }
898
899 /*
900 * Convert a delimited string into a list of AttributeNames; add
901 * on to an existing list if it was given. If the string is not
902 * a valid attribute name, if a '-' is prepended it is skipped
903 * and the remaining name is tried again; if a '@' (or '+') is
904 * prepended, an objectclass name is searched instead; if a '!'
905 * is prepended, the objectclass name is negated.
906 *
907 * NOTE: currently, if a valid attribute name is not found, the
908 * same string is also checked as valid objectclass name; however,
909 * this behavior is deprecated.
910 */
911 AttributeName *
str2anlist(AttributeName * an,char * in,const char * brkstr)912 str2anlist( AttributeName *an, char *in, const char *brkstr )
913 {
914 char *str;
915 char *s;
916 char *lasts;
917 int i, j;
918 const char *text;
919 AttributeName *anew;
920
921 /* find last element in list */
922 i = 0;
923 if ( an != NULL ) {
924 for ( i = 0; !BER_BVISNULL( &an[ i ].an_name ) ; i++)
925 ;
926 }
927
928 /* protect the input string from strtok */
929 str = ch_strdup( in );
930
931 /* Count words in string */
932 j = 1;
933 for ( s = str; *s; s++ ) {
934 if ( strchr( brkstr, *s ) != NULL ) {
935 j++;
936 }
937 }
938
939 an = ch_realloc( an, ( i + j + 1 ) * sizeof( AttributeName ) );
940 anew = an + i;
941 for ( s = ldap_pvt_strtok( str, brkstr, &lasts );
942 s != NULL;
943 s = ldap_pvt_strtok( NULL, brkstr, &lasts ) )
944 {
945 /* put a stop mark */
946 BER_BVZERO( &anew[1].an_name );
947
948 anew->an_desc = NULL;
949 anew->an_oc = NULL;
950 anew->an_flags = 0;
951 ber_str2bv(s, 0, 1, &anew->an_name);
952 slap_bv2ad(&anew->an_name, &anew->an_desc, &text);
953 if ( !anew->an_desc ) {
954 switch( anew->an_name.bv_val[0] ) {
955 case '-': {
956 struct berval adname;
957 adname.bv_len = anew->an_name.bv_len - 1;
958 adname.bv_val = &anew->an_name.bv_val[1];
959 slap_bv2ad(&adname, &anew->an_desc, &text);
960 if ( !anew->an_desc ) {
961 goto reterr;
962 }
963 } break;
964
965 case '@':
966 case '+': /* (deprecated) */
967 case '!': {
968 struct berval ocname;
969 ocname.bv_len = anew->an_name.bv_len - 1;
970 ocname.bv_val = &anew->an_name.bv_val[1];
971 anew->an_oc = oc_bvfind( &ocname );
972 if ( !anew->an_oc ) {
973 goto reterr;
974 }
975
976 if ( anew->an_name.bv_val[0] == '!' ) {
977 anew->an_flags |= SLAP_AN_OCEXCLUDE;
978 }
979 } break;
980
981 default:
982 /* old (deprecated) way */
983 anew->an_oc = oc_bvfind( &anew->an_name );
984 if ( !anew->an_oc ) {
985 goto reterr;
986 }
987 }
988 }
989 anew->an_flags |= SLAP_AN_OCINITED;
990 anew++;
991 }
992
993 BER_BVZERO( &anew->an_name );
994 free( str );
995 return( an );
996
997 reterr:
998 anlist_free( an, 1, NULL );
999
1000 /*
1001 * overwrites input string
1002 * on error!
1003 */
1004 strcpy( in, s );
1005 free( str );
1006 return NULL;
1007 }
1008
1009 void
anlist_free(AttributeName * an,int freename,void * ctx)1010 anlist_free( AttributeName *an, int freename, void *ctx )
1011 {
1012 if ( an == NULL ) {
1013 return;
1014 }
1015
1016 if ( freename ) {
1017 int i;
1018
1019 for ( i = 0; an[i].an_name.bv_val; i++ ) {
1020 ber_memfree_x( an[i].an_name.bv_val, ctx );
1021 }
1022 }
1023
1024 ber_memfree_x( an, ctx );
1025 }
1026
anlist2charray_x(AttributeName * an,int dup,void * ctx)1027 char **anlist2charray_x( AttributeName *an, int dup, void *ctx )
1028 {
1029 char **attrs;
1030 int i;
1031
1032 if ( an != NULL ) {
1033 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ )
1034 ;
1035 attrs = (char **) slap_sl_malloc( (i + 1) * sizeof(char *), ctx );
1036 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
1037 if ( dup )
1038 attrs[i] = ch_strdup( an[i].an_name.bv_val );
1039 else
1040 attrs[i] = an[i].an_name.bv_val;
1041 }
1042 attrs[i] = NULL;
1043 } else {
1044 attrs = NULL;
1045 }
1046
1047 return attrs;
1048 }
1049
anlist2charray(AttributeName * an,int dup)1050 char **anlist2charray( AttributeName *an, int dup )
1051 {
1052 return anlist2charray_x( an, dup, NULL );
1053 }
1054
1055 char**
anlist2attrs(AttributeName * anlist)1056 anlist2attrs( AttributeName * anlist )
1057 {
1058 int i, j, k = 0;
1059 int n;
1060 char **attrs;
1061 ObjectClass *oc;
1062
1063 if ( anlist == NULL )
1064 return NULL;
1065
1066 for ( i = 0; anlist[i].an_name.bv_val; i++ ) {
1067 if ( ( oc = anlist[i].an_oc ) ) {
1068 for ( j = 0; oc->soc_required && oc->soc_required[j]; j++ ) ;
1069 k += j;
1070 for ( j = 0; oc->soc_allowed && oc->soc_allowed[j]; j++ ) ;
1071 k += j;
1072 }
1073 }
1074
1075 if ( i == 0 )
1076 return NULL;
1077
1078 attrs = anlist2charray( anlist, 1 );
1079
1080 n = i;
1081
1082 if ( k )
1083 attrs = (char **) ch_realloc( attrs, (i + k + 1) * sizeof( char * ));
1084
1085 for ( i = 0; anlist[i].an_name.bv_val; i++ ) {
1086 if ( ( oc = anlist[i].an_oc ) ) {
1087 for ( j = 0; oc->soc_required && oc->soc_required[j]; j++ ) {
1088 attrs[n++] = ch_strdup(
1089 oc->soc_required[j]->sat_cname.bv_val );
1090 }
1091 for ( j = 0; oc->soc_allowed && oc->soc_allowed[j]; j++ ) {
1092 attrs[n++] = ch_strdup(
1093 oc->soc_allowed[j]->sat_cname.bv_val );
1094 }
1095 }
1096 }
1097
1098 if ( attrs )
1099 attrs[n] = NULL;
1100
1101 i = 0;
1102 while ( attrs && attrs[i] ) {
1103 if ( *attrs[i] == '@' ) {
1104 ch_free( attrs[i] );
1105 for ( j = i; attrs[j]; j++ ) {
1106 attrs[j] = attrs[j+1];
1107 }
1108 } else {
1109 i++;
1110 }
1111 }
1112
1113 for ( i = 0; attrs && attrs[i]; i++ ) {
1114 j = i + 1;
1115 while ( attrs && attrs[j] ) {
1116 if ( !strcmp( attrs[i], attrs[j] )) {
1117 ch_free( attrs[j] );
1118 for ( k = j; attrs && attrs[k]; k++ ) {
1119 attrs[k] = attrs[k+1];
1120 }
1121 } else {
1122 j++;
1123 }
1124 }
1125 }
1126
1127 if ( i != n )
1128 attrs = (char **) ch_realloc( attrs, (i+1) * sizeof( char * ));
1129
1130 return attrs;
1131 }
1132
1133 #define LBUFSIZ 80
1134 AttributeName*
file2anlist(AttributeName * an,const char * fname,const char * brkstr)1135 file2anlist( AttributeName *an, const char *fname, const char *brkstr )
1136 {
1137 FILE *fp;
1138 char *line = NULL;
1139 char *lcur = NULL;
1140 char *c;
1141 size_t lmax = LBUFSIZ;
1142
1143 fp = fopen( fname, "r" );
1144 if ( fp == NULL ) {
1145 Debug( LDAP_DEBUG_ANY,
1146 "get_attrs_from_file: failed to open attribute list file "
1147 "\"%s\": %s\n", fname, strerror(errno), 0 );
1148 return NULL;
1149 }
1150
1151 lcur = line = (char *) ch_malloc( lmax );
1152 if ( !line ) {
1153 Debug( LDAP_DEBUG_ANY,
1154 "get_attrs_from_file: could not allocate memory\n",
1155 0, 0, 0 );
1156 fclose(fp);
1157 return NULL;
1158 }
1159
1160 while ( fgets( lcur, LBUFSIZ, fp ) != NULL ) {
1161 if ( ( c = strchr( lcur, '\n' ) ) ) {
1162 if ( c == line ) {
1163 *c = '\0';
1164 } else if ( *(c-1) == '\r' ) {
1165 *(c-1) = '\0';
1166 } else {
1167 *c = '\0';
1168 }
1169 } else {
1170 lmax += LBUFSIZ;
1171 line = (char *) ch_realloc( line, lmax );
1172 if ( !line ) {
1173 Debug( LDAP_DEBUG_ANY,
1174 "get_attrs_from_file: could not allocate memory\n",
1175 0, 0, 0 );
1176 fclose(fp);
1177 return NULL;
1178 }
1179 lcur = line + strlen( line );
1180 continue;
1181 }
1182 an = str2anlist( an, line, brkstr );
1183 if ( an == NULL )
1184 break;
1185 lcur = line;
1186 }
1187 ch_free( line );
1188 fclose(fp);
1189 return an;
1190 }
1191 #undef LBUFSIZ
1192
1193 /* Define an attribute option. */
1194 int
ad_define_option(const char * name,const char * fname,int lineno)1195 ad_define_option( const char *name, const char *fname, int lineno )
1196 {
1197 int i;
1198 unsigned int optlen;
1199
1200 if ( options == &lang_option ) {
1201 options = NULL;
1202 option_count = 0;
1203 }
1204 if ( name == NULL )
1205 return 0;
1206
1207 optlen = 0;
1208 do {
1209 if ( !DESC_CHAR( name[optlen] ) ) {
1210 /* allow trailing '=', same as '-' */
1211 if ( name[optlen] == '=' && !name[optlen+1] ) {
1212 msad_range_hack = 1;
1213 continue;
1214 }
1215 Debug( LDAP_DEBUG_ANY,
1216 "%s: line %d: illegal option name \"%s\"\n",
1217 fname, lineno, name );
1218 return 1;
1219 }
1220 } while ( name[++optlen] );
1221
1222 options = ch_realloc( options,
1223 (option_count+1) * sizeof(Attr_option) );
1224
1225 if ( strcasecmp( name, "binary" ) == 0
1226 || ad_find_option_definition( name, optlen ) ) {
1227 Debug( LDAP_DEBUG_ANY,
1228 "%s: line %d: option \"%s\" is already defined\n",
1229 fname, lineno, name );
1230 return 1;
1231 }
1232
1233 for ( i = option_count; i; --i ) {
1234 if ( strcasecmp( name, options[i-1].name.bv_val ) >= 0 )
1235 break;
1236 options[i] = options[i-1];
1237 }
1238
1239 options[i].name.bv_val = ch_strdup( name );
1240 options[i].name.bv_len = optlen;
1241 options[i].prefix = (name[optlen-1] == '-') ||
1242 (name[optlen-1] == '=');
1243
1244 if ( i != option_count &&
1245 options[i].prefix &&
1246 optlen < options[i+1].name.bv_len &&
1247 strncasecmp( name, options[i+1].name.bv_val, optlen ) == 0 ) {
1248 Debug( LDAP_DEBUG_ANY,
1249 "%s: line %d: option \"%s\" overrides previous option\n",
1250 fname, lineno, name );
1251 return 1;
1252 }
1253
1254 option_count++;
1255 return 0;
1256 }
1257
1258 void
ad_unparse_options(BerVarray * res)1259 ad_unparse_options( BerVarray *res )
1260 {
1261 int i;
1262 for ( i = 0; i < option_count; i++ ) {
1263 value_add_one( res, &options[i].name );
1264 }
1265 }
1266
1267 /* Find the definition of the option name or prefix matching the arguments */
1268 static Attr_option *
ad_find_option_definition(const char * opt,int optlen)1269 ad_find_option_definition( const char *opt, int optlen )
1270 {
1271 int top = 0, bot = option_count;
1272 while ( top < bot ) {
1273 int mid = (top + bot) / 2;
1274 int mlen = options[mid].name.bv_len;
1275 char *mname = options[mid].name.bv_val;
1276 int j;
1277 if ( optlen < mlen ) {
1278 j = strncasecmp( opt, mname, optlen ) - 1;
1279 } else {
1280 j = strncasecmp( opt, mname, mlen );
1281 if ( j==0 && (optlen==mlen || options[mid].prefix) )
1282 return &options[mid];
1283 }
1284 if ( j < 0 )
1285 bot = mid;
1286 else
1287 top = mid + 1;
1288 }
1289 return NULL;
1290 }
1291
ad_mr(AttributeDescription * ad,unsigned usage)1292 MatchingRule *ad_mr(
1293 AttributeDescription *ad,
1294 unsigned usage )
1295 {
1296 switch( usage & SLAP_MR_TYPE_MASK ) {
1297 case SLAP_MR_NONE:
1298 case SLAP_MR_EQUALITY:
1299 return ad->ad_type->sat_equality;
1300 break;
1301 case SLAP_MR_ORDERING:
1302 return ad->ad_type->sat_ordering;
1303 break;
1304 case SLAP_MR_SUBSTR:
1305 return ad->ad_type->sat_substr;
1306 break;
1307 case SLAP_MR_EXT:
1308 default:
1309 assert( 0 /* ad_mr: bad usage */);
1310 }
1311 return NULL;
1312 }
1313