1 /* ad.c - routines for dealing with attribute descriptions */
2 /* $OpenLDAP$ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 *
5 * Copyright 1998-2021 The OpenLDAP Foundation.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
10 * Public License.
11 *
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
15 */
16
17 #include "portable.h"
18
19 #include <stdio.h>
20
21 #include <ac/ctype.h>
22 #include <ac/errno.h>
23 #include <ac/socket.h>
24 #include <ac/string.h>
25 #include <ac/time.h>
26
27 #include "slap.h"
28 #include "lutil.h"
29
30 static struct berval bv_no_attrs = BER_BVC( LDAP_NO_ATTRS );
31 static struct berval bv_all_user_attrs = BER_BVC( "*" );
32 static struct berval bv_all_operational_attrs = BER_BVC( "+" );
33
34 static AttributeName anlist_no_attrs[] = {
35 { BER_BVC( LDAP_NO_ATTRS ), NULL, 0, NULL },
36 { BER_BVNULL, NULL, 0, NULL }
37 };
38
39 static AttributeName anlist_all_user_attributes[] = {
40 { BER_BVC( LDAP_ALL_USER_ATTRIBUTES ), NULL, 0, NULL },
41 { BER_BVNULL, NULL, 0, NULL }
42 };
43
44 static AttributeName anlist_all_operational_attributes[] = {
45 { BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES ), NULL, 0, NULL },
46 { BER_BVNULL, NULL, 0, NULL }
47 };
48
49 static AttributeName anlist_all_attributes[] = {
50 { BER_BVC( LDAP_ALL_USER_ATTRIBUTES ), NULL, 0, NULL },
51 { BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES ), NULL, 0, NULL },
52 { BER_BVNULL, NULL, 0, NULL }
53 };
54
55 AttributeName *slap_anlist_no_attrs = anlist_no_attrs;
56 AttributeName *slap_anlist_all_user_attributes = anlist_all_user_attributes;
57 AttributeName *slap_anlist_all_operational_attributes = anlist_all_operational_attributes;
58 AttributeName *slap_anlist_all_attributes = anlist_all_attributes;
59
60 struct berval * slap_bv_no_attrs = &bv_no_attrs;
61 struct berval * slap_bv_all_user_attrs = &bv_all_user_attrs;
62 struct berval * slap_bv_all_operational_attrs = &bv_all_operational_attrs;
63
64 typedef struct Attr_option {
65 struct berval name; /* option name or prefix */
66 int prefix; /* NAME is a tag and range prefix */
67 } Attr_option;
68
69 static Attr_option lang_option = { BER_BVC("lang-"), 1 };
70
71 /* Options sorted by name, and number of options */
72 static Attr_option *options = &lang_option;
73 static int option_count = 1;
74
75 static int msad_range_hack = 0;
76
77 static int ad_count;
78
79 static Attr_option *ad_find_option_definition( const char *opt, int optlen );
80
ad_keystring(struct berval * bv)81 int ad_keystring(
82 struct berval *bv )
83 {
84 ber_len_t i;
85
86 if( !AD_LEADCHAR( bv->bv_val[0] ) ) {
87 return 1;
88 }
89
90 for( i=1; i<bv->bv_len; i++ ) {
91 if( !AD_CHAR( bv->bv_val[i] )) {
92 if ( msad_range_hack && bv->bv_val[i] == '=' )
93 continue;
94 return 1;
95 }
96 }
97 return 0;
98 }
99
ad_destroy(AttributeDescription * ad)100 void ad_destroy( AttributeDescription *ad )
101 {
102 AttributeDescription *n;
103
104 for (; ad != NULL; ad = n) {
105 n = ad->ad_next;
106 ldap_memfree( ad );
107 }
108 }
109
110 /* Is there an AttributeDescription for this type that uses these tags? */
ad_find_tags(AttributeType * type,struct berval * tags)111 AttributeDescription * ad_find_tags(
112 AttributeType *type,
113 struct berval *tags )
114 {
115 AttributeDescription *ad;
116
117 ldap_pvt_thread_mutex_lock( &type->sat_ad_mutex );
118 for (ad = type->sat_ad; ad; ad=ad->ad_next)
119 {
120 if (ad->ad_tags.bv_len == tags->bv_len &&
121 !strcasecmp(ad->ad_tags.bv_val, tags->bv_val))
122 break;
123 }
124 ldap_pvt_thread_mutex_unlock( &type->sat_ad_mutex );
125 return ad;
126 }
127
slap_str2ad(const char * str,AttributeDescription ** ad,const char ** text)128 int slap_str2ad(
129 const char *str,
130 AttributeDescription **ad,
131 const char **text )
132 {
133 struct berval bv;
134 bv.bv_val = (char *) str;
135 bv.bv_len = strlen( str );
136
137 return slap_bv2ad( &bv, ad, text );
138 }
139
strchrlen(const char * beg,const char * end,const char ch,int * len)140 static char *strchrlen(
141 const char *beg,
142 const char *end,
143 const char ch,
144 int *len )
145 {
146 const char *p;
147
148 for( p=beg; p < end && *p; p++ ) {
149 if( *p == ch ) {
150 *len = p - beg;
151 return (char *) p;
152 }
153 }
154
155 *len = p - beg;
156 return NULL;
157 }
158
slap_bv2ad(struct berval * bv,AttributeDescription ** ad,const char ** text)159 int slap_bv2ad(
160 struct berval *bv,
161 AttributeDescription **ad,
162 const char **text )
163 {
164 int rtn = LDAP_UNDEFINED_TYPE;
165 AttributeDescription desc, *d2;
166 char *name, *options, *optn;
167 char *opt, *next;
168 int ntags;
169 int tagslen;
170
171 /* hardcoded limits for speed */
172 #define MAX_TAGGING_OPTIONS 128
173 struct berval tags[MAX_TAGGING_OPTIONS+1];
174 #define MAX_TAGS_LEN 1024
175 char tagbuf[MAX_TAGS_LEN];
176
177 assert( ad != NULL );
178 assert( *ad == NULL ); /* temporary */
179
180 if( bv == NULL || BER_BVISNULL( bv ) || BER_BVISEMPTY( bv ) ) {
181 *text = "empty AttributeDescription";
182 return rtn;
183 }
184
185 /* make sure description is IA5 */
186 if( ad_keystring( bv ) ) {
187 *text = "AttributeDescription contains inappropriate characters";
188 return rtn;
189 }
190
191 /* find valid base attribute type; parse in place */
192 desc.ad_cname = *bv;
193 desc.ad_flags = 0;
194 BER_BVZERO( &desc.ad_tags );
195 name = bv->bv_val;
196 options = ber_bvchr( bv, ';' );
197 if ( options != NULL && (unsigned) ( options - name ) < bv->bv_len ) {
198 /* don't go past the end of the berval! */
199 desc.ad_cname.bv_len = options - name;
200 } else {
201 options = NULL;
202 }
203 desc.ad_type = at_bvfind( &desc.ad_cname );
204 if( desc.ad_type == NULL ) {
205 *text = "attribute type undefined";
206 return rtn;
207 }
208
209 if( is_at_operational( desc.ad_type ) && options != NULL ) {
210 *text = "operational attribute with options undefined";
211 return rtn;
212 }
213
214 /*
215 * parse options in place
216 */
217 ntags = 0;
218 tagslen = 0;
219 optn = bv->bv_val + bv->bv_len;
220
221 for( opt=options; opt != NULL; opt=next ) {
222 Attr_option *aopt;
223 int optlen;
224 opt++;
225 next = strchrlen( opt, optn, ';', &optlen );
226
227 if( optlen == 0 ) {
228 *text = "zero length option is invalid";
229 return rtn;
230
231 } else if ( optlen == STRLENOF("binary") &&
232 strncasecmp( opt, "binary", STRLENOF("binary") ) == 0 )
233 {
234 /* binary option */
235 if( slap_ad_is_binary( &desc ) ) {
236 *text = "option \"binary\" specified multiple times";
237 return rtn;
238 }
239
240 if( !slap_syntax_is_binary( desc.ad_type->sat_syntax )) {
241 /* not stored in binary, disallow option */
242 *text = "option \"binary\" not supported with type";
243 return rtn;
244 }
245
246 desc.ad_flags |= SLAP_DESC_BINARY;
247 continue;
248
249 } else if (( aopt = ad_find_option_definition( opt, optlen )) ) {
250 int i;
251
252 if( opt[optlen-1] == '-' ||
253 ( aopt->name.bv_val[aopt->name.bv_len-1] == '=' && msad_range_hack )) {
254 desc.ad_flags |= SLAP_DESC_TAG_RANGE;
255 }
256
257 if( ntags >= MAX_TAGGING_OPTIONS ) {
258 *text = "too many tagging options";
259 return rtn;
260 }
261
262 /*
263 * tags should be presented in sorted order,
264 * so run the array in reverse.
265 */
266 for( i=ntags-1; i>=0; i-- ) {
267 int rc;
268
269 rc = strncasecmp( opt, tags[i].bv_val,
270 (unsigned) optlen < tags[i].bv_len
271 ? (unsigned) optlen : tags[i].bv_len );
272
273 if( rc == 0 && (unsigned)optlen == tags[i].bv_len ) {
274 /* duplicate (ignore) */
275 ntags--;
276 goto done;
277
278 } else if ( rc > 0 ||
279 ( rc == 0 && (unsigned)optlen > tags[i].bv_len ))
280 {
281 AC_MEMCPY( &tags[i+2], &tags[i+1],
282 (ntags-i-1)*sizeof(struct berval) );
283 tags[i+1].bv_val = opt;
284 tags[i+1].bv_len = optlen;
285 goto done;
286 }
287 }
288
289 if( ntags ) {
290 AC_MEMCPY( &tags[1], &tags[0],
291 ntags*sizeof(struct berval) );
292 }
293 tags[0].bv_val = opt;
294 tags[0].bv_len = optlen;
295
296 done:;
297 tagslen += optlen + 1;
298 ntags++;
299
300 } else {
301 *text = "unrecognized option";
302 return rtn;
303 }
304 }
305
306 if( ntags > 0 ) {
307 int i;
308
309 if( tagslen > MAX_TAGS_LEN ) {
310 *text = "tagging options too long";
311 return rtn;
312 }
313
314 desc.ad_tags.bv_val = tagbuf;
315 tagslen = 0;
316
317 for( i=0; i<ntags; i++ ) {
318 AC_MEMCPY( &desc.ad_tags.bv_val[tagslen],
319 tags[i].bv_val, tags[i].bv_len );
320
321 tagslen += tags[i].bv_len;
322 desc.ad_tags.bv_val[tagslen++] = ';';
323 }
324
325 desc.ad_tags.bv_val[--tagslen] = '\0';
326 desc.ad_tags.bv_len = tagslen;
327 }
328
329 /* see if a matching description is already cached */
330 for (d2 = desc.ad_type->sat_ad; d2; d2=d2->ad_next) {
331 if( d2->ad_flags != desc.ad_flags ) {
332 continue;
333 }
334 if( d2->ad_tags.bv_len != desc.ad_tags.bv_len ) {
335 continue;
336 }
337 if( d2->ad_tags.bv_len == 0 ) {
338 break;
339 }
340 if( strncasecmp( d2->ad_tags.bv_val, desc.ad_tags.bv_val,
341 desc.ad_tags.bv_len ) == 0 )
342 {
343 break;
344 }
345 }
346
347 /* Not found, add new one */
348 while (d2 == NULL) {
349 size_t dlen = 0;
350 ldap_pvt_thread_mutex_lock( &desc.ad_type->sat_ad_mutex );
351 /* check again now that we've locked */
352 for (d2 = desc.ad_type->sat_ad; d2; d2=d2->ad_next) {
353 if (d2->ad_flags != desc.ad_flags)
354 continue;
355 if (d2->ad_tags.bv_len != desc.ad_tags.bv_len)
356 continue;
357 if (d2->ad_tags.bv_len == 0)
358 break;
359 if (strncasecmp(d2->ad_tags.bv_val, desc.ad_tags.bv_val,
360 desc.ad_tags.bv_len) == 0)
361 break;
362 }
363 if (d2) {
364 ldap_pvt_thread_mutex_unlock( &desc.ad_type->sat_ad_mutex );
365 break;
366 }
367
368 /* Allocate a single contiguous block. If there are no
369 * options, we just need space for the AttrDesc structure.
370 * Otherwise, we need to tack on the full name length +
371 * options length, + maybe tagging options length again.
372 */
373 if (desc.ad_tags.bv_len || desc.ad_flags != SLAP_DESC_NONE) {
374 dlen = desc.ad_type->sat_cname.bv_len + 1;
375 if (desc.ad_tags.bv_len) {
376 dlen += 1 + desc.ad_tags.bv_len;
377 }
378 if ( slap_ad_is_binary( &desc ) ) {
379 dlen += 1 + STRLENOF(";binary") + desc.ad_tags.bv_len;
380 }
381 }
382
383 d2 = ch_malloc(sizeof(AttributeDescription) + dlen);
384 d2->ad_next = NULL;
385 d2->ad_type = desc.ad_type;
386 d2->ad_flags = desc.ad_flags;
387 d2->ad_cname.bv_len = desc.ad_type->sat_cname.bv_len;
388 d2->ad_tags.bv_len = desc.ad_tags.bv_len;
389 ldap_pvt_thread_mutex_lock( &ad_index_mutex );
390 d2->ad_index = ++ad_count;
391 ldap_pvt_thread_mutex_unlock( &ad_index_mutex );
392
393 if (dlen == 0) {
394 d2->ad_cname.bv_val = d2->ad_type->sat_cname.bv_val;
395 d2->ad_tags.bv_val = NULL;
396 } else {
397 char *cp, *op, *lp;
398 int j;
399 d2->ad_cname.bv_val = (char *)(d2+1);
400 strcpy(d2->ad_cname.bv_val, d2->ad_type->sat_cname.bv_val);
401 cp = d2->ad_cname.bv_val + d2->ad_cname.bv_len;
402 if( slap_ad_is_binary( &desc ) ) {
403 op = cp;
404 lp = NULL;
405 if( desc.ad_tags.bv_len ) {
406 lp = desc.ad_tags.bv_val;
407 while( strncasecmp(lp, "binary", STRLENOF("binary")) < 0
408 && (lp = strchr( lp, ';' )) != NULL )
409 ++lp;
410 if( lp != desc.ad_tags.bv_val ) {
411 *cp++ = ';';
412 j = (lp
413 ? (unsigned) (lp - desc.ad_tags.bv_val - 1)
414 : strlen( desc.ad_tags.bv_val ));
415 cp = lutil_strncopy(cp, desc.ad_tags.bv_val, j);
416 }
417 }
418 cp = lutil_strcopy(cp, ";binary");
419 if( lp != NULL ) {
420 *cp++ = ';';
421 cp = lutil_strcopy(cp, lp);
422 }
423 d2->ad_cname.bv_len = cp - d2->ad_cname.bv_val;
424 if( desc.ad_tags.bv_len )
425 ldap_pvt_str2lower(op);
426 j = 1;
427 } else {
428 j = 0;
429 }
430 if( desc.ad_tags.bv_len ) {
431 lp = d2->ad_cname.bv_val + d2->ad_cname.bv_len + j;
432 if ( j == 0 )
433 *lp++ = ';';
434 d2->ad_tags.bv_val = lp;
435 strcpy(lp, desc.ad_tags.bv_val);
436 ldap_pvt_str2lower(lp);
437 if( j == 0 )
438 d2->ad_cname.bv_len += 1 + desc.ad_tags.bv_len;
439 }
440 }
441 /* Add new desc to list. We always want the bare Desc with
442 * no options to stay at the head of the list, assuming
443 * that one will be used most frequently.
444 */
445 if (desc.ad_type->sat_ad == NULL || dlen == 0) {
446 d2->ad_next = desc.ad_type->sat_ad;
447 desc.ad_type->sat_ad = d2;
448 } else {
449 d2->ad_next = desc.ad_type->sat_ad->ad_next;
450 desc.ad_type->sat_ad->ad_next = d2;
451 }
452 ldap_pvt_thread_mutex_unlock( &desc.ad_type->sat_ad_mutex );
453 }
454
455 if( *ad == NULL ) {
456 *ad = d2;
457 } else {
458 **ad = *d2;
459 }
460
461 return LDAP_SUCCESS;
462 }
463
is_ad_subtags(struct berval * subtagsbv,struct berval * suptagsbv)464 static int is_ad_subtags(
465 struct berval *subtagsbv,
466 struct berval *suptagsbv )
467 {
468 const char *suptags, *supp, *supdelimp, *supn;
469 const char *subtags, *subp, *subdelimp, *subn;
470 int suplen, sublen;
471
472 subtags =subtagsbv->bv_val;
473 suptags =suptagsbv->bv_val;
474 subn = subtags + subtagsbv->bv_len;
475 supn = suptags + suptagsbv->bv_len;
476
477 for( supp=suptags ; supp; supp=supdelimp ) {
478 supdelimp = strchrlen( supp, supn, ';', &suplen );
479 if( supdelimp ) supdelimp++;
480
481 for( subp=subtags ; subp; subp=subdelimp ) {
482 subdelimp = strchrlen( subp, subn, ';', &sublen );
483 if( subdelimp ) subdelimp++;
484
485 if ( suplen > sublen
486 ? ( suplen-1 == sublen && supp[suplen-1] == '-'
487 && strncmp( supp, subp, sublen ) == 0 )
488 : ( ( suplen == sublen || supp[suplen-1] == '-' )
489 && strncmp( supp, subp, suplen ) == 0 ) )
490 {
491 goto match;
492 }
493 }
494
495 return 0;
496 match:;
497 }
498 return 1;
499 }
500
is_ad_subtype(AttributeDescription * sub,AttributeDescription * super)501 int is_ad_subtype(
502 AttributeDescription *sub,
503 AttributeDescription *super
504 )
505 {
506 AttributeType *a;
507 int lr;
508
509 for ( a = sub->ad_type; a; a=a->sat_sup ) {
510 if ( a == super->ad_type ) break;
511 }
512 if( !a ) {
513 return 0;
514 }
515
516 /* ensure sub does support all flags of super */
517 lr = sub->ad_tags.bv_len ? SLAP_DESC_TAG_RANGE : 0;
518 if(( super->ad_flags & ( sub->ad_flags | lr )) != super->ad_flags ) {
519 return 0;
520 }
521
522 /* check for tagging options */
523 if ( super->ad_tags.bv_len == 0 )
524 return 1;
525 if ( sub->ad_tags.bv_len == 0 )
526 return 0;
527
528 return is_ad_subtags( &sub->ad_tags, &super->ad_tags );
529 }
530
ad_inlist(AttributeDescription * desc,AttributeName * attrs)531 int ad_inlist(
532 AttributeDescription *desc,
533 AttributeName *attrs )
534 {
535 if (! attrs ) return 0;
536
537 for( ; attrs->an_name.bv_val; attrs++ ) {
538 AttributeType *a;
539 ObjectClass *oc;
540
541 if ( attrs->an_desc ) {
542 int lr;
543
544 if ( desc == attrs->an_desc ) {
545 return 1;
546 }
547
548 /*
549 * EXTENSION: if requested description is preceded by
550 * a '-' character, do not match on subtypes.
551 */
552 if ( attrs->an_name.bv_val[0] == '-' ) {
553 continue;
554 }
555
556 /* Is this a subtype of the requested attr? */
557 for (a = desc->ad_type; a; a=a->sat_sup) {
558 if ( a == attrs->an_desc->ad_type )
559 break;
560 }
561 if ( !a ) {
562 continue;
563 }
564 /* Does desc support all the requested flags? */
565 lr = desc->ad_tags.bv_len ? SLAP_DESC_TAG_RANGE : 0;
566 if(( attrs->an_desc->ad_flags & (desc->ad_flags | lr))
567 != attrs->an_desc->ad_flags ) {
568 continue;
569 }
570 /* Do the descs have compatible tags? */
571 if ( attrs->an_desc->ad_tags.bv_len == 0 ) {
572 return 1;
573 }
574 if ( desc->ad_tags.bv_len == 0) {
575 continue;
576 }
577 if ( is_ad_subtags( &desc->ad_tags,
578 &attrs->an_desc->ad_tags ) ) {
579 return 1;
580 }
581 continue;
582 }
583
584 if ( ber_bvccmp( &attrs->an_name, '*' ) ) {
585 if ( !is_at_operational( desc->ad_type ) ) {
586 return 1;
587 }
588 continue;
589 }
590
591 if ( ber_bvccmp( &attrs->an_name, '+' ) ) {
592 if ( is_at_operational( desc->ad_type ) ) {
593 return 1;
594 }
595 continue;
596 }
597
598 /*
599 * EXTENSION: see if requested description is @objectClass
600 * if so, return attributes which the class requires/allows
601 * else if requested description is !objectClass, return
602 * attributes which the class does not require/allow
603 */
604 if ( !( attrs->an_flags & SLAP_AN_OCINITED )) {
605 if( attrs->an_name.bv_val ) {
606 switch( attrs->an_name.bv_val[0] ) {
607 case '@': /* @objectClass */
608 case '+': /* +objectClass (deprecated) */
609 case '!': { /* exclude */
610 struct berval ocname;
611 ocname.bv_len = attrs->an_name.bv_len - 1;
612 ocname.bv_val = &attrs->an_name.bv_val[1];
613 oc = oc_bvfind( &ocname );
614 if ( oc && attrs->an_name.bv_val[0] == '!' ) {
615 attrs->an_flags |= SLAP_AN_OCEXCLUDE;
616 } else {
617 attrs->an_flags &= ~SLAP_AN_OCEXCLUDE;
618 }
619 } break;
620
621 default: /* old (deprecated) way */
622 oc = oc_bvfind( &attrs->an_name );
623 }
624 attrs->an_oc = oc;
625 }
626 attrs->an_flags |= SLAP_AN_OCINITED;
627 }
628 oc = attrs->an_oc;
629 if( oc != NULL ) {
630 if ( attrs->an_flags & SLAP_AN_OCEXCLUDE ) {
631 if ( oc == slap_schema.si_oc_extensibleObject ) {
632 /* extensibleObject allows the return of anything */
633 return 0;
634 }
635
636 if( oc->soc_required ) {
637 /* allow return of required attributes */
638 int i;
639
640 for ( i = 0; oc->soc_required[i] != NULL; i++ ) {
641 for (a = desc->ad_type; a; a=a->sat_sup) {
642 if ( a == oc->soc_required[i] ) {
643 return 0;
644 }
645 }
646 }
647 }
648
649 if( oc->soc_allowed ) {
650 /* allow return of allowed attributes */
651 int i;
652 for ( i = 0; oc->soc_allowed[i] != NULL; i++ ) {
653 for (a = desc->ad_type; a; a=a->sat_sup) {
654 if ( a == oc->soc_allowed[i] ) {
655 return 0;
656 }
657 }
658 }
659 }
660
661 return 1;
662 }
663
664 if ( oc == slap_schema.si_oc_extensibleObject ) {
665 /* extensibleObject allows the return of anything */
666 return 1;
667 }
668
669 if( oc->soc_required ) {
670 /* allow return of required attributes */
671 int i;
672
673 for ( i = 0; oc->soc_required[i] != NULL; i++ ) {
674 for (a = desc->ad_type; a; a=a->sat_sup) {
675 if ( a == oc->soc_required[i] ) {
676 return 1;
677 }
678 }
679 }
680 }
681
682 if( oc->soc_allowed ) {
683 /* allow return of allowed attributes */
684 int i;
685 for ( i = 0; oc->soc_allowed[i] != NULL; i++ ) {
686 for (a = desc->ad_type; a; a=a->sat_sup) {
687 if ( a == oc->soc_allowed[i] ) {
688 return 1;
689 }
690 }
691 }
692 }
693
694 } else {
695 const char *text;
696
697 /* give it a chance of being retrieved by a proxy... */
698 (void)slap_bv2undef_ad( &attrs->an_name,
699 &attrs->an_desc, &text,
700 SLAP_AD_PROXIED|SLAP_AD_NOINSERT );
701 }
702 }
703
704 return 0;
705 }
706
707
slap_str2undef_ad(const char * str,AttributeDescription ** ad,const char ** text,unsigned flags)708 int slap_str2undef_ad(
709 const char *str,
710 AttributeDescription **ad,
711 const char **text,
712 unsigned flags )
713 {
714 struct berval bv;
715 bv.bv_val = (char *) str;
716 bv.bv_len = strlen( str );
717
718 return slap_bv2undef_ad( &bv, ad, text, flags );
719 }
720
slap_bv2undef_ad(struct berval * bv,AttributeDescription ** ad,const char ** text,unsigned flags)721 int slap_bv2undef_ad(
722 struct berval *bv,
723 AttributeDescription **ad,
724 const char **text,
725 unsigned flags )
726 {
727 AttributeDescription *desc;
728 AttributeType *at;
729
730 assert( ad != NULL );
731
732 if( bv == NULL || bv->bv_len == 0 ) {
733 *text = "empty AttributeDescription";
734 return LDAP_UNDEFINED_TYPE;
735 }
736
737 /* make sure description is IA5 */
738 if( ad_keystring( bv ) ) {
739 *text = "AttributeDescription contains inappropriate characters";
740 return LDAP_UNDEFINED_TYPE;
741 }
742
743 /* use the appropriate type */
744 if ( flags & SLAP_AD_PROXIED ) {
745 at = slap_schema.si_at_proxied;
746
747 } else {
748 at = slap_schema.si_at_undefined;
749 }
750
751 for( desc = at->sat_ad; desc; desc=desc->ad_next ) {
752 if( desc->ad_cname.bv_len == bv->bv_len &&
753 !strcasecmp( desc->ad_cname.bv_val, bv->bv_val ) )
754 {
755 break;
756 }
757 }
758
759 if( !desc ) {
760 if ( flags & SLAP_AD_NOINSERT ) {
761 *text = NULL;
762 return LDAP_UNDEFINED_TYPE;
763 }
764
765 desc = ch_malloc(sizeof(AttributeDescription) + 1 +
766 bv->bv_len);
767
768 desc->ad_flags = SLAP_DESC_NONE;
769 BER_BVZERO( &desc->ad_tags );
770
771 desc->ad_cname.bv_len = bv->bv_len;
772 desc->ad_cname.bv_val = (char *)(desc+1);
773 strncpy(desc->ad_cname.bv_val, bv->bv_val, bv->bv_len);
774 desc->ad_cname.bv_val[bv->bv_len] = '\0';
775
776 /* canonical to upper case */
777 ldap_pvt_str2upper( desc->ad_cname.bv_val );
778
779 /* shouldn't we protect this for concurrency? */
780 desc->ad_type = at;
781 desc->ad_index = 0;
782 ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
783 desc->ad_next = desc->ad_type->sat_ad;
784 desc->ad_type->sat_ad = desc;
785 ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
786
787 Debug( LDAP_DEBUG_ANY,
788 "%s attributeDescription \"%s\" inserted.\n",
789 ( flags & SLAP_AD_PROXIED ) ? "PROXIED" : "UNKNOWN",
790 desc->ad_cname.bv_val );
791 }
792
793 if( !*ad ) {
794 *ad = desc;
795 } else {
796 **ad = *desc;
797 }
798
799 return LDAP_SUCCESS;
800 }
801
802 AttributeDescription *
slap_bv2tmp_ad(struct berval * bv,void * memctx)803 slap_bv2tmp_ad(
804 struct berval *bv,
805 void *memctx )
806 {
807 AttributeDescription *ad =
808 slap_sl_mfuncs.bmf_malloc( sizeof(AttributeDescription) +
809 bv->bv_len + 1, memctx );
810
811 ad->ad_cname.bv_val = (char *)(ad+1);
812 strncpy( ad->ad_cname.bv_val, bv->bv_val, bv->bv_len+1 );
813 ad->ad_cname.bv_len = bv->bv_len;
814 ad->ad_flags = SLAP_DESC_TEMPORARY;
815 ad->ad_type = slap_schema.si_at_undefined;
816
817 return ad;
818 }
819
820 static int
undef_promote(AttributeType * at,char * name,AttributeType * nat)821 undef_promote(
822 AttributeType *at,
823 char *name,
824 AttributeType *nat )
825 {
826 AttributeDescription **u_ad, **n_ad;
827
828 /* Get to last ad on the new type */
829 for ( n_ad = &nat->sat_ad; *n_ad; n_ad = &(*n_ad)->ad_next ) ;
830
831 for ( u_ad = &at->sat_ad; *u_ad; ) {
832 struct berval bv;
833
834 ber_str2bv( name, 0, 0, &bv );
835
836 /* remove iff undef == name or undef == name;tag */
837 if ( (*u_ad)->ad_cname.bv_len >= bv.bv_len
838 && strncasecmp( (*u_ad)->ad_cname.bv_val, bv.bv_val, bv.bv_len ) == 0
839 && ( (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == '\0'
840 || (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == ';' ) )
841 {
842 AttributeDescription *tmp = *u_ad;
843
844 *u_ad = (*u_ad)->ad_next;
845
846 tmp->ad_type = nat;
847 tmp->ad_next = NULL;
848 /* ad_cname was contiguous, no leak here */
849 tmp->ad_cname = nat->sat_cname;
850 ldap_pvt_thread_mutex_lock( &ad_index_mutex );
851 tmp->ad_index = ++ad_count;
852 ldap_pvt_thread_mutex_unlock( &ad_index_mutex );
853 *n_ad = tmp;
854 n_ad = &tmp->ad_next;
855 } else {
856 u_ad = &(*u_ad)->ad_next;
857 }
858 }
859
860 return 0;
861 }
862
863 int
slap_ad_undef_promote(char * name,AttributeType * at)864 slap_ad_undef_promote(
865 char *name,
866 AttributeType *at )
867 {
868 int rc;
869
870 ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
871
872 rc = undef_promote( slap_schema.si_at_undefined, name, at );
873 if ( rc == 0 ) {
874 rc = undef_promote( slap_schema.si_at_proxied, name, at );
875 }
876
877 ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
878
879 return rc;
880 }
881
882 int
an_find(AttributeName * a,struct berval * s)883 an_find(
884 AttributeName *a,
885 struct berval *s
886 )
887 {
888 if( a == NULL ) return 0;
889
890 for ( ; a->an_name.bv_val; a++ ) {
891 if ( a->an_name.bv_len != s->bv_len) continue;
892 if ( strcasecmp( s->bv_val, a->an_name.bv_val ) == 0 ) {
893 return( 1 );
894 }
895 }
896
897 return( 0 );
898 }
899
900 /*
901 * Convert a delimited string into a list of AttributeNames; add
902 * on to an existing list if it was given. If the string is not
903 * a valid attribute name, if a '-' is prepended it is skipped
904 * and the remaining name is tried again; if a '@' (or '+') is
905 * prepended, an objectclass name is searched instead; if a '!'
906 * is prepended, the objectclass name is negated.
907 *
908 * NOTE: currently, if a valid attribute name is not found, the
909 * same string is also checked as valid objectclass name; however,
910 * this behavior is deprecated.
911 */
912 AttributeName *
str2anlist(AttributeName * an,char * in,const char * brkstr)913 str2anlist( AttributeName *an, char *in, const char *brkstr )
914 {
915 char *str;
916 char *s;
917 char *lasts;
918 int i, j;
919 const char *text;
920 AttributeName *anew;
921
922 /* find last element in list */
923 i = 0;
924 if ( an != NULL ) {
925 for ( i = 0; !BER_BVISNULL( &an[ i ].an_name ) ; i++)
926 ;
927 }
928
929 /* protect the input string from strtok */
930 str = ch_strdup( in );
931
932 /* Count words in string */
933 j = 1;
934 for ( s = str; *s; s++ ) {
935 if ( strchr( brkstr, *s ) != NULL ) {
936 j++;
937 }
938 }
939
940 an = ch_realloc( an, ( i + j + 1 ) * sizeof( AttributeName ) );
941 anew = an + i;
942 for ( s = ldap_pvt_strtok( str, brkstr, &lasts );
943 s != NULL;
944 s = ldap_pvt_strtok( NULL, brkstr, &lasts ) )
945 {
946 /* put a stop mark */
947 BER_BVZERO( &anew[1].an_name );
948
949 anew->an_desc = NULL;
950 anew->an_oc = NULL;
951 anew->an_flags = 0;
952 ber_str2bv(s, 0, 1, &anew->an_name);
953 slap_bv2ad(&anew->an_name, &anew->an_desc, &text);
954 if ( !anew->an_desc ) {
955 switch( anew->an_name.bv_val[0] ) {
956 case '-': {
957 struct berval adname;
958 adname.bv_len = anew->an_name.bv_len - 1;
959 adname.bv_val = &anew->an_name.bv_val[1];
960 slap_bv2ad(&adname, &anew->an_desc, &text);
961 if ( !anew->an_desc ) {
962 goto reterr;
963 }
964 } break;
965
966 case '@':
967 case '+': /* (deprecated) */
968 case '!': {
969 struct berval ocname;
970 ocname.bv_len = anew->an_name.bv_len - 1;
971 ocname.bv_val = &anew->an_name.bv_val[1];
972 anew->an_oc = oc_bvfind( &ocname );
973 if ( !anew->an_oc ) {
974 goto reterr;
975 }
976
977 if ( anew->an_name.bv_val[0] == '!' ) {
978 anew->an_flags |= SLAP_AN_OCEXCLUDE;
979 }
980 } break;
981
982 default:
983 /* old (deprecated) way */
984 anew->an_oc = oc_bvfind( &anew->an_name );
985 if ( !anew->an_oc ) {
986 goto reterr;
987 }
988 }
989 }
990 anew->an_flags |= SLAP_AN_OCINITED;
991 anew++;
992 }
993
994 BER_BVZERO( &anew->an_name );
995 free( str );
996 return( an );
997
998 reterr:
999 anlist_free( an, 1, NULL );
1000
1001 /*
1002 * overwrites input string
1003 * on error!
1004 */
1005 strcpy( in, s );
1006 free( str );
1007 return NULL;
1008 }
1009
1010 void
anlist_free(AttributeName * an,int freename,void * ctx)1011 anlist_free( AttributeName *an, int freename, void *ctx )
1012 {
1013 if ( an == NULL ) {
1014 return;
1015 }
1016
1017 if ( freename ) {
1018 int i;
1019
1020 for ( i = 0; an[i].an_name.bv_val; i++ ) {
1021 ber_memfree_x( an[i].an_name.bv_val, ctx );
1022 }
1023 }
1024
1025 ber_memfree_x( an, ctx );
1026 }
1027
anlist2charray_x(AttributeName * an,int dup,void * ctx)1028 char **anlist2charray_x( AttributeName *an, int dup, void *ctx )
1029 {
1030 char **attrs;
1031 int i;
1032
1033 if ( an != NULL ) {
1034 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ )
1035 ;
1036 attrs = (char **) slap_sl_malloc( (i + 1) * sizeof(char *), ctx );
1037 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
1038 if ( dup )
1039 attrs[i] = ch_strdup( an[i].an_name.bv_val );
1040 else
1041 attrs[i] = an[i].an_name.bv_val;
1042 }
1043 attrs[i] = NULL;
1044 } else {
1045 attrs = NULL;
1046 }
1047
1048 return attrs;
1049 }
1050
anlist2charray(AttributeName * an,int dup)1051 char **anlist2charray( AttributeName *an, int dup )
1052 {
1053 return anlist2charray_x( an, dup, NULL );
1054 }
1055
1056 char**
anlist2attrs(AttributeName * anlist)1057 anlist2attrs( AttributeName * anlist )
1058 {
1059 int i, j, k = 0;
1060 int n;
1061 char **attrs;
1062 ObjectClass *oc;
1063
1064 if ( anlist == NULL )
1065 return NULL;
1066
1067 for ( i = 0; anlist[i].an_name.bv_val; i++ ) {
1068 if ( ( oc = anlist[i].an_oc ) ) {
1069 for ( j = 0; oc->soc_required && oc->soc_required[j]; j++ ) ;
1070 k += j;
1071 for ( j = 0; oc->soc_allowed && oc->soc_allowed[j]; j++ ) ;
1072 k += j;
1073 }
1074 }
1075
1076 if ( i == 0 )
1077 return NULL;
1078
1079 attrs = anlist2charray( anlist, 1 );
1080
1081 n = i;
1082
1083 if ( k )
1084 attrs = (char **) ch_realloc( attrs, (i + k + 1) * sizeof( char * ));
1085
1086 for ( i = 0; anlist[i].an_name.bv_val; i++ ) {
1087 if ( ( oc = anlist[i].an_oc ) ) {
1088 for ( j = 0; oc->soc_required && oc->soc_required[j]; j++ ) {
1089 attrs[n++] = ch_strdup(
1090 oc->soc_required[j]->sat_cname.bv_val );
1091 }
1092 for ( j = 0; oc->soc_allowed && oc->soc_allowed[j]; j++ ) {
1093 attrs[n++] = ch_strdup(
1094 oc->soc_allowed[j]->sat_cname.bv_val );
1095 }
1096 }
1097 }
1098
1099 if ( attrs )
1100 attrs[n] = NULL;
1101
1102 i = 0;
1103 while ( attrs && attrs[i] ) {
1104 if ( *attrs[i] == '@' ) {
1105 ch_free( attrs[i] );
1106 for ( j = i; attrs[j]; j++ ) {
1107 attrs[j] = attrs[j+1];
1108 }
1109 } else {
1110 i++;
1111 }
1112 }
1113
1114 for ( i = 0; attrs && attrs[i]; i++ ) {
1115 j = i + 1;
1116 while ( attrs && attrs[j] ) {
1117 if ( !strcmp( attrs[i], attrs[j] )) {
1118 ch_free( attrs[j] );
1119 for ( k = j; attrs && attrs[k]; k++ ) {
1120 attrs[k] = attrs[k+1];
1121 }
1122 } else {
1123 j++;
1124 }
1125 }
1126 }
1127
1128 if ( i != n )
1129 attrs = (char **) ch_realloc( attrs, (i+1) * sizeof( char * ));
1130
1131 return attrs;
1132 }
1133
1134 #define LBUFSIZ 80
1135 AttributeName*
file2anlist(AttributeName * an,const char * fname,const char * brkstr)1136 file2anlist( AttributeName *an, const char *fname, const char *brkstr )
1137 {
1138 FILE *fp;
1139 char *line = NULL;
1140 char *lcur = NULL;
1141 char *c;
1142 size_t lmax = LBUFSIZ;
1143
1144 fp = fopen( fname, "r" );
1145 if ( fp == NULL ) {
1146 char ebuf[128];
1147 int saved_errno = errno;
1148 Debug( LDAP_DEBUG_ANY,
1149 "get_attrs_from_file: failed to open attribute list file "
1150 "\"%s\": %s\n", fname, AC_STRERROR_R( saved_errno, ebuf, sizeof(ebuf) ) );
1151 return NULL;
1152 }
1153
1154 lcur = line = (char *) ch_malloc( lmax );
1155 if ( !line ) {
1156 Debug( LDAP_DEBUG_ANY,
1157 "get_attrs_from_file: could not allocate memory\n" );
1158 fclose(fp);
1159 return NULL;
1160 }
1161
1162 while ( fgets( lcur, LBUFSIZ, fp ) != NULL ) {
1163 if ( ( c = strchr( lcur, '\n' ) ) ) {
1164 if ( c == line ) {
1165 *c = '\0';
1166 } else if ( *(c-1) == '\r' ) {
1167 *(c-1) = '\0';
1168 } else {
1169 *c = '\0';
1170 }
1171 } else {
1172 lmax += LBUFSIZ;
1173 line = (char *) ch_realloc( line, lmax );
1174 if ( !line ) {
1175 Debug( LDAP_DEBUG_ANY,
1176 "get_attrs_from_file: could not allocate memory\n" );
1177 fclose(fp);
1178 return NULL;
1179 }
1180 lcur = line + strlen( line );
1181 continue;
1182 }
1183 an = str2anlist( an, line, brkstr );
1184 if ( an == NULL )
1185 break;
1186 lcur = line;
1187 }
1188 ch_free( line );
1189 fclose(fp);
1190 return an;
1191 }
1192 #undef LBUFSIZ
1193
1194 /* Define an attribute option. */
1195 int
ad_define_option(const char * name,const char * fname,int lineno)1196 ad_define_option( const char *name, const char *fname, int lineno )
1197 {
1198 int i;
1199 unsigned int optlen;
1200
1201 if ( options == &lang_option ) {
1202 options = NULL;
1203 option_count = 0;
1204 }
1205 if ( name == NULL )
1206 return 0;
1207
1208 optlen = 0;
1209 do {
1210 if ( !DESC_CHAR( name[optlen] ) ) {
1211 /* allow trailing '=', same as '-' */
1212 if ( name[optlen] == '=' && !name[optlen+1] ) {
1213 msad_range_hack = 1;
1214 continue;
1215 }
1216 Debug( LDAP_DEBUG_ANY,
1217 "%s: line %d: illegal option name \"%s\"\n",
1218 fname, lineno, name );
1219 return 1;
1220 }
1221 } while ( name[++optlen] );
1222
1223 options = ch_realloc( options,
1224 (option_count+1) * sizeof(Attr_option) );
1225
1226 if ( strcasecmp( name, "binary" ) == 0
1227 || ad_find_option_definition( name, optlen ) ) {
1228 Debug( LDAP_DEBUG_ANY,
1229 "%s: line %d: option \"%s\" is already defined\n",
1230 fname, lineno, name );
1231 return 1;
1232 }
1233
1234 for ( i = option_count; i; --i ) {
1235 if ( strcasecmp( name, options[i-1].name.bv_val ) >= 0 )
1236 break;
1237 options[i] = options[i-1];
1238 }
1239
1240 options[i].name.bv_val = ch_strdup( name );
1241 options[i].name.bv_len = optlen;
1242 options[i].prefix = (name[optlen-1] == '-') ||
1243 (name[optlen-1] == '=');
1244
1245 if ( i != option_count &&
1246 options[i].prefix &&
1247 optlen < options[i+1].name.bv_len &&
1248 strncasecmp( name, options[i+1].name.bv_val, optlen ) == 0 ) {
1249 Debug( LDAP_DEBUG_ANY,
1250 "%s: line %d: option \"%s\" overrides previous option\n",
1251 fname, lineno, name );
1252 return 1;
1253 }
1254
1255 option_count++;
1256 return 0;
1257 }
1258
1259 void
ad_unparse_options(BerVarray * res)1260 ad_unparse_options( BerVarray *res )
1261 {
1262 int i;
1263 for ( i = 0; i < option_count; i++ ) {
1264 value_add_one( res, &options[i].name );
1265 }
1266 }
1267
1268 /* Find the definition of the option name or prefix matching the arguments */
1269 static Attr_option *
ad_find_option_definition(const char * opt,int optlen)1270 ad_find_option_definition( const char *opt, int optlen )
1271 {
1272 int top = 0, bot = option_count;
1273 while ( top < bot ) {
1274 int mid = (top + bot) / 2;
1275 int mlen = options[mid].name.bv_len;
1276 char *mname = options[mid].name.bv_val;
1277 int j;
1278 if ( optlen < mlen ) {
1279 j = strncasecmp( opt, mname, optlen ) - 1;
1280 } else {
1281 j = strncasecmp( opt, mname, mlen );
1282 if ( j==0 && (optlen==mlen || options[mid].prefix) )
1283 return &options[mid];
1284 }
1285 if ( j < 0 )
1286 bot = mid;
1287 else
1288 top = mid + 1;
1289 }
1290 return NULL;
1291 }
1292
ad_mr(AttributeDescription * ad,unsigned usage)1293 MatchingRule *ad_mr(
1294 AttributeDescription *ad,
1295 unsigned usage )
1296 {
1297 switch( usage & SLAP_MR_TYPE_MASK ) {
1298 case SLAP_MR_NONE:
1299 case SLAP_MR_EQUALITY:
1300 return ad->ad_type->sat_equality;
1301 break;
1302 case SLAP_MR_ORDERING:
1303 return ad->ad_type->sat_ordering;
1304 break;
1305 case SLAP_MR_SUBSTR:
1306 return ad->ad_type->sat_substr;
1307 break;
1308 case SLAP_MR_EXT:
1309 default:
1310 assert( 0 /* ad_mr: bad usage */);
1311 }
1312 return NULL;
1313 }
1314