1/*	$NetBSD: suffixmassage.c,v 1.1.1.3 2010/12/12 15:23:13 adam Exp $	*/
2
3/* suffixmassage.c - massages ldap backend dns */
4/* OpenLDAP: pkg/ldap/servers/slapd/back-meta/suffixmassage.c,v 1.7.2.5 2010/04/13 20:23:31 kurt Exp */
5/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
6 *
7 * Copyright 2003-2010 The OpenLDAP Foundation.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
12 * Public License.
13 *
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
17 */
18/* ACKNOWLEDGEMENTS:
19 * This work was initially developed by the Howard Chu for inclusion
20 * in OpenLDAP Software and subsequently enhanced by Pierangelo
21 * Masarati.
22 */
23/* This is an altered version */
24
25/*
26 * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
27 * Copyright 2000, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
28 *
29 * Module back-ldap, originally developed by Howard Chu
30 *
31 * has been modified by Pierangelo Masarati. The original copyright
32 * notice has been maintained.
33 *
34 * Permission is granted to anyone to use this software for any purpose
35 * on any computer system, and to alter it and redistribute it, subject
36 * to the following restrictions:
37 *
38 * 1. The author is not responsible for the consequences of use of this
39 *    software, no matter how awful, even if they arise from flaws in it.
40 *
41 * 2. The origin of this software must not be misrepresented, either by
42 *    explicit claim or by omission.  Since few users ever read sources,
43 *    credits should appear in the documentation.
44 *
45 * 3. Altered versions must be plainly marked as such, and must not be
46 *    misrepresented as being the original software.  Since few users
47 *    ever read sources, credits should appear in the documentation.
48 *
49 * 4. This notice may not be removed or altered.
50 */
51
52#include "portable.h"
53
54#include <stdio.h>
55
56#include <ac/string.h>
57#include <ac/socket.h>
58
59#include "slap.h"
60#include "../back-ldap/back-ldap.h"
61#include "back-meta.h"
62
63#ifdef ENABLE_REWRITE
64int
65ldap_back_dn_massage(
66	dncookie	*dc,
67	struct berval	*dn,
68	struct berval	*res )
69{
70	int		rc = 0;
71	static char	*dmy = "";
72
73	switch ( rewrite_session( dc->target->mt_rwmap.rwm_rw, dc->ctx,
74				( dn->bv_val ? dn->bv_val : dmy ),
75				dc->conn, &res->bv_val ) )
76	{
77	case REWRITE_REGEXEC_OK:
78		if ( res->bv_val != NULL ) {
79			res->bv_len = strlen( res->bv_val );
80		} else {
81			*res = *dn;
82		}
83		Debug( LDAP_DEBUG_ARGS,
84			"[rw] %s: \"%s\" -> \"%s\"\n",
85			dc->ctx,
86			BER_BVISNULL( dn ) ? "" : dn->bv_val,
87			BER_BVISNULL( res ) ? "" : res->bv_val );
88		rc = LDAP_SUCCESS;
89		break;
90
91 	case REWRITE_REGEXEC_UNWILLING:
92		if ( dc->rs ) {
93			dc->rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
94			dc->rs->sr_text = "Operation not allowed";
95		}
96		rc = LDAP_UNWILLING_TO_PERFORM;
97		break;
98
99	case REWRITE_REGEXEC_ERR:
100		if ( dc->rs ) {
101			dc->rs->sr_err = LDAP_OTHER;
102			dc->rs->sr_text = "Rewrite error";
103		}
104		rc = LDAP_OTHER;
105		break;
106	}
107
108	if ( res->bv_val == dmy ) {
109		BER_BVZERO( res );
110	}
111
112	return rc;
113}
114
115#else
116/*
117 * ldap_back_dn_massage
118 *
119 * Aliases the suffix; based on suffix_alias (servers/slapd/suffixalias.c).
120 */
121int
122ldap_back_dn_massage(
123	dncookie *dc,
124	struct berval *odn,
125	struct berval *res
126)
127{
128	int     i, src, dst;
129	struct berval pretty = {0,NULL}, *dn = odn;
130
131	assert( res != NULL );
132
133	if ( dn == NULL ) {
134		res->bv_val = NULL;
135		res->bv_len = 0;
136		return 0;
137	}
138	if ( dc->target->mt_rwmap.rwm_suffix_massage == NULL ) {
139		*res = *dn;
140		return 0;
141	}
142
143	if ( dc->tofrom ) {
144		src = 0 + dc->normalized;
145		dst = 2 + dc->normalized;
146	} else {
147		src = 2 + dc->normalized;
148		dst = 0 + dc->normalized;
149		/* DN from remote server may be in arbitrary form.
150		 * Pretty it so we can parse reliably.
151		 */
152		dnPretty( NULL, dn, &pretty, NULL );
153		if (pretty.bv_val) dn = &pretty;
154	}
155
156	for ( i = 0;
157		dc->target->mt_rwmap.rwm_suffix_massage[i].bv_val != NULL;
158		i += 4 ) {
159		int aliasLength = dc->target->mt_rwmap.rwm_suffix_massage[i+src].bv_len;
160		int diff = dn->bv_len - aliasLength;
161
162		if ( diff < 0 ) {
163			/* alias is longer than dn */
164			continue;
165		} else if ( diff > 0 && ( !DN_SEPARATOR(dn->bv_val[diff-1]))) {
166			/* boundary is not at a DN separator */
167			continue;
168			/* At a DN Separator */
169		}
170
171		if ( !strcmp( dc->target->mt_rwmap.rwm_suffix_massage[i+src].bv_val, &dn->bv_val[diff] ) ) {
172			res->bv_len = diff + dc->target->mt_rwmap.rwm_suffix_massage[i+dst].bv_len;
173			res->bv_val = ch_malloc( res->bv_len + 1 );
174			strncpy( res->bv_val, dn->bv_val, diff );
175			strcpy( &res->bv_val[diff], dc->target->mt_rwmap.rwm_suffix_massage[i+dst].bv_val );
176			Debug( LDAP_DEBUG_ARGS,
177				"ldap_back_dn_massage:"
178				" converted \"%s\" to \"%s\"\n",
179				BER_BVISNULL( dn ) ? "" : dn->bv_val,
180				BER_BVISNULL( res ) ? "" : res->bv_val, 0 );
181			break;
182		}
183	}
184	if (pretty.bv_val) {
185		ch_free(pretty.bv_val);
186		dn = odn;
187	}
188	/* Nothing matched, just return the original DN */
189	if (res->bv_val == NULL) {
190		*res = *dn;
191	}
192
193	return 0;
194}
195#endif /* !ENABLE_REWRITE */
196