1 /*	$NetBSD: suffixmassage.c,v 1.1.1.3 2010/12/12 15:23:13 adam Exp $	*/
2 
3 /* suffixmassage.c - massages ldap backend dns */
4 /* OpenLDAP: pkg/ldap/servers/slapd/back-meta/suffixmassage.c,v 1.7.2.5 2010/04/13 20:23:31 kurt Exp */
5 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
6  *
7  * Copyright 2003-2010 The OpenLDAP Foundation.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted only as authorized by the OpenLDAP
12  * Public License.
13  *
14  * A copy of this license is available in the file LICENSE in the
15  * top-level directory of the distribution or, alternatively, at
16  * <http://www.OpenLDAP.org/license.html>.
17  */
18 /* ACKNOWLEDGEMENTS:
19  * This work was initially developed by the Howard Chu for inclusion
20  * in OpenLDAP Software and subsequently enhanced by Pierangelo
21  * Masarati.
22  */
23 /* This is an altered version */
24 
25 /*
26  * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
27  * Copyright 2000, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
28  *
29  * Module back-ldap, originally developed by Howard Chu
30  *
31  * has been modified by Pierangelo Masarati. The original copyright
32  * notice has been maintained.
33  *
34  * Permission is granted to anyone to use this software for any purpose
35  * on any computer system, and to alter it and redistribute it, subject
36  * to the following restrictions:
37  *
38  * 1. The author is not responsible for the consequences of use of this
39  *    software, no matter how awful, even if they arise from flaws in it.
40  *
41  * 2. The origin of this software must not be misrepresented, either by
42  *    explicit claim or by omission.  Since few users ever read sources,
43  *    credits should appear in the documentation.
44  *
45  * 3. Altered versions must be plainly marked as such, and must not be
46  *    misrepresented as being the original software.  Since few users
47  *    ever read sources, credits should appear in the documentation.
48  *
49  * 4. This notice may not be removed or altered.
50  */
51 
52 #include "portable.h"
53 
54 #include <stdio.h>
55 
56 #include <ac/string.h>
57 #include <ac/socket.h>
58 
59 #include "slap.h"
60 #include "../back-ldap/back-ldap.h"
61 #include "back-meta.h"
62 
63 #ifdef ENABLE_REWRITE
64 int
65 ldap_back_dn_massage(
66 	dncookie	*dc,
67 	struct berval	*dn,
68 	struct berval	*res )
69 {
70 	int		rc = 0;
71 	static char	*dmy = "";
72 
73 	switch ( rewrite_session( dc->target->mt_rwmap.rwm_rw, dc->ctx,
74 				( dn->bv_val ? dn->bv_val : dmy ),
75 				dc->conn, &res->bv_val ) )
76 	{
77 	case REWRITE_REGEXEC_OK:
78 		if ( res->bv_val != NULL ) {
79 			res->bv_len = strlen( res->bv_val );
80 		} else {
81 			*res = *dn;
82 		}
83 		Debug( LDAP_DEBUG_ARGS,
84 			"[rw] %s: \"%s\" -> \"%s\"\n",
85 			dc->ctx,
86 			BER_BVISNULL( dn ) ? "" : dn->bv_val,
87 			BER_BVISNULL( res ) ? "" : res->bv_val );
88 		rc = LDAP_SUCCESS;
89 		break;
90 
91  	case REWRITE_REGEXEC_UNWILLING:
92 		if ( dc->rs ) {
93 			dc->rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
94 			dc->rs->sr_text = "Operation not allowed";
95 		}
96 		rc = LDAP_UNWILLING_TO_PERFORM;
97 		break;
98 
99 	case REWRITE_REGEXEC_ERR:
100 		if ( dc->rs ) {
101 			dc->rs->sr_err = LDAP_OTHER;
102 			dc->rs->sr_text = "Rewrite error";
103 		}
104 		rc = LDAP_OTHER;
105 		break;
106 	}
107 
108 	if ( res->bv_val == dmy ) {
109 		BER_BVZERO( res );
110 	}
111 
112 	return rc;
113 }
114 
115 #else
116 /*
117  * ldap_back_dn_massage
118  *
119  * Aliases the suffix; based on suffix_alias (servers/slapd/suffixalias.c).
120  */
121 int
122 ldap_back_dn_massage(
123 	dncookie *dc,
124 	struct berval *odn,
125 	struct berval *res
126 )
127 {
128 	int     i, src, dst;
129 	struct berval pretty = {0,NULL}, *dn = odn;
130 
131 	assert( res != NULL );
132 
133 	if ( dn == NULL ) {
134 		res->bv_val = NULL;
135 		res->bv_len = 0;
136 		return 0;
137 	}
138 	if ( dc->target->mt_rwmap.rwm_suffix_massage == NULL ) {
139 		*res = *dn;
140 		return 0;
141 	}
142 
143 	if ( dc->tofrom ) {
144 		src = 0 + dc->normalized;
145 		dst = 2 + dc->normalized;
146 	} else {
147 		src = 2 + dc->normalized;
148 		dst = 0 + dc->normalized;
149 		/* DN from remote server may be in arbitrary form.
150 		 * Pretty it so we can parse reliably.
151 		 */
152 		dnPretty( NULL, dn, &pretty, NULL );
153 		if (pretty.bv_val) dn = &pretty;
154 	}
155 
156 	for ( i = 0;
157 		dc->target->mt_rwmap.rwm_suffix_massage[i].bv_val != NULL;
158 		i += 4 ) {
159 		int aliasLength = dc->target->mt_rwmap.rwm_suffix_massage[i+src].bv_len;
160 		int diff = dn->bv_len - aliasLength;
161 
162 		if ( diff < 0 ) {
163 			/* alias is longer than dn */
164 			continue;
165 		} else if ( diff > 0 && ( !DN_SEPARATOR(dn->bv_val[diff-1]))) {
166 			/* boundary is not at a DN separator */
167 			continue;
168 			/* At a DN Separator */
169 		}
170 
171 		if ( !strcmp( dc->target->mt_rwmap.rwm_suffix_massage[i+src].bv_val, &dn->bv_val[diff] ) ) {
172 			res->bv_len = diff + dc->target->mt_rwmap.rwm_suffix_massage[i+dst].bv_len;
173 			res->bv_val = ch_malloc( res->bv_len + 1 );
174 			strncpy( res->bv_val, dn->bv_val, diff );
175 			strcpy( &res->bv_val[diff], dc->target->mt_rwmap.rwm_suffix_massage[i+dst].bv_val );
176 			Debug( LDAP_DEBUG_ARGS,
177 				"ldap_back_dn_massage:"
178 				" converted \"%s\" to \"%s\"\n",
179 				BER_BVISNULL( dn ) ? "" : dn->bv_val,
180 				BER_BVISNULL( res ) ? "" : res->bv_val, 0 );
181 			break;
182 		}
183 	}
184 	if (pretty.bv_val) {
185 		ch_free(pretty.bv_val);
186 		dn = odn;
187 	}
188 	/* Nothing matched, just return the original DN */
189 	if (res->bv_val == NULL) {
190 		*res = *dn;
191 	}
192 
193 	return 0;
194 }
195 #endif /* !ENABLE_REWRITE */
196