map.c revision 1.1
1/* map.c - ldap backend mapping routines */ 2/* $OpenLDAP: pkg/ldap/servers/slapd/back-meta/map.c,v 1.15.2.7 2008/02/11 23:26:47 kurt Exp $ */ 3/* This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 * 5 * Copyright 1998-2008 The OpenLDAP Foundation. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted only as authorized by the OpenLDAP 10 * Public License. 11 * 12 * A copy of this license is available in the file LICENSE in the 13 * top-level directory of the distribution or, alternatively, at 14 * <http://www.OpenLDAP.org/license.html>. 15 */ 16/* ACKNOWLEDGEMENTS: 17 * This work was initially developed by the Howard Chu for inclusion 18 * in OpenLDAP Software and subsequently enhanced by Pierangelo 19 * Masarati. 20 */ 21/* This is an altered version */ 22/* 23 * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com> 24 * 25 * Permission is granted to anyone to use this software for any purpose 26 * on any computer system, and to alter it and redistribute it, subject 27 * to the following restrictions: 28 * 29 * 1. The author is not responsible for the consequences of use of this 30 * software, no matter how awful, even if they arise from flaws in it. 31 * 32 * 2. The origin of this software must not be misrepresented, either by 33 * explicit claim or by omission. Since few users ever read sources, 34 * credits should appear in the documentation. 35 * 36 * 3. Altered versions must be plainly marked as such, and must not be 37 * misrepresented as being the original software. Since few users 38 * ever read sources, credits should appear in the documentation. 39 * 40 * 4. This notice may not be removed or altered. 41 * 42 * 43 * 44 * Copyright 2000, Pierangelo Masarati, All rights reserved. <ando@sys-net.it> 45 * 46 * This software is being modified by Pierangelo Masarati. 47 * The previously reported conditions apply to the modified code as well. 48 * Changes in the original code are highlighted where required. 49 * Credits for the original code go to the author, Howard Chu. 50 */ 51 52#include "portable.h" 53 54#include <stdio.h> 55 56#include <ac/string.h> 57#include <ac/socket.h> 58 59#include "slap.h" 60#include "lutil.h" 61#include "../back-ldap/back-ldap.h" 62#include "back-meta.h" 63 64#undef ldap_debug /* silence a warning in ldap-int.h */ 65#include "../../../libraries/libldap/ldap-int.h" 66 67int 68mapping_cmp ( const void *c1, const void *c2 ) 69{ 70 struct ldapmapping *map1 = (struct ldapmapping *)c1; 71 struct ldapmapping *map2 = (struct ldapmapping *)c2; 72 int rc = map1->src.bv_len - map2->src.bv_len; 73 if (rc) return rc; 74 return ( strcasecmp( map1->src.bv_val, map2->src.bv_val ) ); 75} 76 77int 78mapping_dup ( void *c1, void *c2 ) 79{ 80 struct ldapmapping *map1 = (struct ldapmapping *)c1; 81 struct ldapmapping *map2 = (struct ldapmapping *)c2; 82 83 return ( ( strcasecmp( map1->src.bv_val, map2->src.bv_val ) == 0 ) ? -1 : 0 ); 84} 85 86void 87ldap_back_map_init ( struct ldapmap *lm, struct ldapmapping **m ) 88{ 89 struct ldapmapping *mapping; 90 91 assert( m != NULL ); 92 93 *m = NULL; 94 95 mapping = (struct ldapmapping *)ch_calloc( 2, 96 sizeof( struct ldapmapping ) ); 97 if ( mapping == NULL ) { 98 return; 99 } 100 101 ber_str2bv( "objectclass", STRLENOF("objectclass"), 1, &mapping[0].src); 102 ber_dupbv( &mapping[0].dst, &mapping[0].src ); 103 mapping[1].src = mapping[0].src; 104 mapping[1].dst = mapping[0].dst; 105 106 avl_insert( &lm->map, (caddr_t)&mapping[0], 107 mapping_cmp, mapping_dup ); 108 avl_insert( &lm->remap, (caddr_t)&mapping[1], 109 mapping_cmp, mapping_dup ); 110 *m = mapping; 111} 112 113int 114ldap_back_mapping ( struct ldapmap *map, struct berval *s, struct ldapmapping **m, 115 int remap ) 116{ 117 Avlnode *tree; 118 struct ldapmapping fmapping; 119 120 assert( m != NULL ); 121 122 if ( remap == BACKLDAP_REMAP ) { 123 tree = map->remap; 124 125 } else { 126 tree = map->map; 127 } 128 129 fmapping.src = *s; 130 *m = (struct ldapmapping *)avl_find( tree, (caddr_t)&fmapping, mapping_cmp ); 131 if ( *m == NULL ) { 132 return map->drop_missing; 133 } 134 135 return 0; 136} 137 138void 139ldap_back_map ( struct ldapmap *map, struct berval *s, struct berval *bv, 140 int remap ) 141{ 142 struct ldapmapping *mapping; 143 144 /* map->map may be NULL when mapping is configured, 145 * but map->remap can't */ 146 if ( map->remap == NULL ) { 147 *bv = *s; 148 return; 149 } 150 151 BER_BVZERO( bv ); 152 ( void )ldap_back_mapping( map, s, &mapping, remap ); 153 if ( mapping != NULL ) { 154 if ( !BER_BVISNULL( &mapping->dst ) ) { 155 *bv = mapping->dst; 156 } 157 return; 158 } 159 160 if ( !map->drop_missing ) { 161 *bv = *s; 162 } 163} 164 165int 166ldap_back_map_attrs( 167 struct ldapmap *at_map, 168 AttributeName *an, 169 int remap, 170 char ***mapped_attrs 171) 172{ 173 int i, j; 174 char **na; 175 struct berval mapped; 176 177 if ( an == NULL ) { 178 *mapped_attrs = NULL; 179 return LDAP_SUCCESS; 180 } 181 182 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) 183 /* */ ; 184 185 na = (char **)ch_calloc( i + 1, sizeof(char *) ); 186 if ( na == NULL ) { 187 *mapped_attrs = NULL; 188 return LDAP_NO_MEMORY; 189 } 190 191 for ( i = j = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) { 192 ldap_back_map( at_map, &an[i].an_name, &mapped, remap ); 193 if ( !BER_BVISNULL( &mapped ) && !BER_BVISEMPTY( &mapped ) ) { 194 na[j++] = mapped.bv_val; 195 } 196 } 197 if ( j == 0 && i != 0 ) { 198 na[j++] = LDAP_NO_ATTRS; 199 } 200 na[j] = NULL; 201 202 *mapped_attrs = na; 203 return LDAP_SUCCESS; 204} 205 206int 207map_attr_value( 208 dncookie *dc, 209 AttributeDescription *ad, 210 struct berval *mapped_attr, 211 struct berval *value, 212 struct berval *mapped_value, 213 int remap ) 214{ 215 struct berval vtmp; 216 int freeval = 0; 217 218 ldap_back_map( &dc->target->mt_rwmap.rwm_at, &ad->ad_cname, mapped_attr, remap ); 219 if ( BER_BVISNULL( mapped_attr ) || BER_BVISEMPTY( mapped_attr ) ) { 220#if 0 221 /* 222 * FIXME: are we sure we need to search oc_map if at_map fails? 223 */ 224 ldap_back_map( &dc->target->mt_rwmap.rwm_oc, &ad->ad_cname, mapped_attr, remap ); 225 if ( BER_BVISNULL( mapped_attr ) || BER_BVISEMPTY( mapped_attr ) ) { 226 *mapped_attr = ad->ad_cname; 227 } 228#endif 229 if ( dc->target->mt_rwmap.rwm_at.drop_missing ) { 230 return -1; 231 } 232 233 *mapped_attr = ad->ad_cname; 234 } 235 236 if ( value == NULL ) { 237 return 0; 238 } 239 240 if ( ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) 241 { 242 dncookie fdc = *dc; 243 244#ifdef ENABLE_REWRITE 245 fdc.ctx = "searchFilterAttrDN"; 246#endif 247 248 switch ( ldap_back_dn_massage( &fdc, value, &vtmp ) ) { 249 case LDAP_SUCCESS: 250 if ( vtmp.bv_val != value->bv_val ) { 251 freeval = 1; 252 } 253 break; 254 255 case LDAP_UNWILLING_TO_PERFORM: 256 return -1; 257 258 case LDAP_OTHER: 259 return -1; 260 } 261 262 } else if ( ad->ad_type->sat_equality->smr_usage & SLAP_MR_MUTATION_NORMALIZER ) { 263 if ( ad->ad_type->sat_equality->smr_normalize( 264 (SLAP_MR_DENORMALIZE|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX), 265 NULL, NULL, value, &vtmp, NULL ) ) 266 { 267 return -1; 268 } 269 freeval = 1; 270 271 } else if ( ad == slap_schema.si_ad_objectClass || ad == slap_schema.si_ad_structuralObjectClass ) { 272 ldap_back_map( &dc->target->mt_rwmap.rwm_oc, value, &vtmp, remap ); 273 if ( BER_BVISNULL( &vtmp ) || BER_BVISEMPTY( &vtmp ) ) { 274 vtmp = *value; 275 } 276 277 } else { 278 vtmp = *value; 279 } 280 281 filter_escape_value( &vtmp, mapped_value ); 282 283 if ( freeval ) { 284 ber_memfree( vtmp.bv_val ); 285 } 286 287 return 0; 288} 289 290static int 291ldap_back_int_filter_map_rewrite( 292 dncookie *dc, 293 Filter *f, 294 struct berval *fstr, 295 int remap ) 296{ 297 int i; 298 Filter *p; 299 struct berval atmp, 300 vtmp, 301 *tmp; 302 static struct berval 303 /* better than nothing... */ 304 ber_bvfalse = BER_BVC( "(!(objectClass=*))" ), 305 ber_bvtf_false = BER_BVC( "(|)" ), 306 /* better than nothing... */ 307 ber_bvtrue = BER_BVC( "(objectClass=*)" ), 308 ber_bvtf_true = BER_BVC( "(&)" ), 309#if 0 310 /* no longer needed; preserved for completeness */ 311 ber_bvundefined = BER_BVC( "(?=undefined)" ), 312#endif 313 ber_bverror = BER_BVC( "(?=error)" ), 314 ber_bvunknown = BER_BVC( "(?=unknown)" ), 315 ber_bvnone = BER_BVC( "(?=none)" ); 316 ber_len_t len; 317 318 assert( fstr != NULL ); 319 BER_BVZERO( fstr ); 320 321 if ( f == NULL ) { 322 ber_dupbv( fstr, &ber_bvnone ); 323 return LDAP_OTHER; 324 } 325 326 switch ( f->f_choice ) { 327 case LDAP_FILTER_EQUALITY: 328 if ( map_attr_value( dc, f->f_av_desc, &atmp, 329 &f->f_av_value, &vtmp, remap ) ) 330 { 331 goto computed; 332 } 333 334 fstr->bv_len = atmp.bv_len + vtmp.bv_len 335 + ( sizeof("(=)") - 1 ); 336 fstr->bv_val = malloc( fstr->bv_len + 1 ); 337 338 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=%s)", 339 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); 340 341 ber_memfree( vtmp.bv_val ); 342 break; 343 344 case LDAP_FILTER_GE: 345 if ( map_attr_value( dc, f->f_av_desc, &atmp, 346 &f->f_av_value, &vtmp, remap ) ) 347 { 348 goto computed; 349 } 350 351 fstr->bv_len = atmp.bv_len + vtmp.bv_len 352 + ( sizeof("(>=)") - 1 ); 353 fstr->bv_val = malloc( fstr->bv_len + 1 ); 354 355 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s>=%s)", 356 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); 357 358 ber_memfree( vtmp.bv_val ); 359 break; 360 361 case LDAP_FILTER_LE: 362 if ( map_attr_value( dc, f->f_av_desc, &atmp, 363 &f->f_av_value, &vtmp, remap ) ) 364 { 365 goto computed; 366 } 367 368 fstr->bv_len = atmp.bv_len + vtmp.bv_len 369 + ( sizeof("(<=)") - 1 ); 370 fstr->bv_val = malloc( fstr->bv_len + 1 ); 371 372 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s<=%s)", 373 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); 374 375 ber_memfree( vtmp.bv_val ); 376 break; 377 378 case LDAP_FILTER_APPROX: 379 if ( map_attr_value( dc, f->f_av_desc, &atmp, 380 &f->f_av_value, &vtmp, remap ) ) 381 { 382 goto computed; 383 } 384 385 fstr->bv_len = atmp.bv_len + vtmp.bv_len 386 + ( sizeof("(~=)") - 1 ); 387 fstr->bv_val = malloc( fstr->bv_len + 1 ); 388 389 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s~=%s)", 390 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); 391 392 ber_memfree( vtmp.bv_val ); 393 break; 394 395 case LDAP_FILTER_SUBSTRINGS: 396 if ( map_attr_value( dc, f->f_sub_desc, &atmp, 397 NULL, NULL, remap ) ) 398 { 399 goto computed; 400 } 401 402 /* cannot be a DN ... */ 403 404 fstr->bv_len = atmp.bv_len + ( STRLENOF( "(=*)" ) ); 405 fstr->bv_val = malloc( fstr->bv_len + 128 ); /* FIXME: why 128 ? */ 406 407 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)", 408 atmp.bv_val ); 409 410 if ( !BER_BVISNULL( &f->f_sub_initial ) ) { 411 len = fstr->bv_len; 412 413 filter_escape_value( &f->f_sub_initial, &vtmp ); 414 415 fstr->bv_len += vtmp.bv_len; 416 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 ); 417 418 snprintf( &fstr->bv_val[len - 2], vtmp.bv_len + 3, 419 /* "(attr=" */ "%s*)", 420 vtmp.bv_len ? vtmp.bv_val : "" ); 421 422 ber_memfree( vtmp.bv_val ); 423 } 424 425 if ( f->f_sub_any != NULL ) { 426 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[i] ); i++ ) { 427 len = fstr->bv_len; 428 filter_escape_value( &f->f_sub_any[i], &vtmp ); 429 430 fstr->bv_len += vtmp.bv_len + 1; 431 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 ); 432 433 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3, 434 /* "(attr=[init]*[any*]" */ "%s*)", 435 vtmp.bv_len ? vtmp.bv_val : "" ); 436 ber_memfree( vtmp.bv_val ); 437 } 438 } 439 440 if ( !BER_BVISNULL( &f->f_sub_final ) ) { 441 len = fstr->bv_len; 442 443 filter_escape_value( &f->f_sub_final, &vtmp ); 444 445 fstr->bv_len += vtmp.bv_len; 446 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 ); 447 448 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3, 449 /* "(attr=[init*][any*]" */ "%s)", 450 vtmp.bv_len ? vtmp.bv_val : "" ); 451 452 ber_memfree( vtmp.bv_val ); 453 } 454 455 break; 456 457 case LDAP_FILTER_PRESENT: 458 if ( map_attr_value( dc, f->f_desc, &atmp, 459 NULL, NULL, remap ) ) 460 { 461 goto computed; 462 } 463 464 fstr->bv_len = atmp.bv_len + ( STRLENOF( "(=*)" ) ); 465 fstr->bv_val = malloc( fstr->bv_len + 1 ); 466 467 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)", 468 atmp.bv_val ); 469 break; 470 471 case LDAP_FILTER_AND: 472 case LDAP_FILTER_OR: 473 case LDAP_FILTER_NOT: 474 fstr->bv_len = STRLENOF( "(%)" ); 475 fstr->bv_val = malloc( fstr->bv_len + 128 ); /* FIXME: why 128? */ 476 477 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%c)", 478 f->f_choice == LDAP_FILTER_AND ? '&' : 479 f->f_choice == LDAP_FILTER_OR ? '|' : '!' ); 480 481 for ( p = f->f_list; p != NULL; p = p->f_next ) { 482 int rc; 483 484 len = fstr->bv_len; 485 486 rc = ldap_back_int_filter_map_rewrite( dc, p, &vtmp, remap ); 487 if ( rc != LDAP_SUCCESS ) { 488 return rc; 489 } 490 491 fstr->bv_len += vtmp.bv_len; 492 fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 ); 493 494 snprintf( &fstr->bv_val[len-1], vtmp.bv_len + 2, 495 /*"("*/ "%s)", vtmp.bv_len ? vtmp.bv_val : "" ); 496 497 ch_free( vtmp.bv_val ); 498 } 499 500 break; 501 502 case LDAP_FILTER_EXT: 503 if ( f->f_mr_desc ) { 504 if ( map_attr_value( dc, f->f_mr_desc, &atmp, 505 &f->f_mr_value, &vtmp, remap ) ) 506 { 507 goto computed; 508 } 509 510 } else { 511 BER_BVSTR( &atmp, "" ); 512 filter_escape_value( &f->f_mr_value, &vtmp ); 513 } 514 515 /* FIXME: cleanup (less ?: operators...) */ 516 fstr->bv_len = atmp.bv_len + 517 ( f->f_mr_dnattrs ? STRLENOF( ":dn" ) : 0 ) + 518 ( !BER_BVISEMPTY( &f->f_mr_rule_text ) ? f->f_mr_rule_text.bv_len + 1 : 0 ) + 519 vtmp.bv_len + ( STRLENOF( "(:=)" ) ); 520 fstr->bv_val = malloc( fstr->bv_len + 1 ); 521 522 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)", 523 atmp.bv_val, 524 f->f_mr_dnattrs ? ":dn" : "", 525 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? ":" : "", 526 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? f->f_mr_rule_text.bv_val : "", 527 vtmp.bv_len ? vtmp.bv_val : "" ); 528 ber_memfree( vtmp.bv_val ); 529 break; 530 531 case SLAPD_FILTER_COMPUTED: 532 switch ( f->f_result ) { 533 case LDAP_COMPARE_FALSE: 534 /* FIXME: treat UNDEFINED as FALSE */ 535 case SLAPD_COMPARE_UNDEFINED: 536computed:; 537 if ( META_BACK_TGT_T_F( dc->target ) ) { 538 tmp = &ber_bvtf_false; 539 break; 540 } 541 tmp = &ber_bvfalse; 542 break; 543 544 case LDAP_COMPARE_TRUE: 545 if ( META_BACK_TGT_T_F( dc->target ) ) { 546 tmp = &ber_bvtf_true; 547 break; 548 } 549 550 tmp = &ber_bvtrue; 551 break; 552 553 default: 554 tmp = &ber_bverror; 555 break; 556 } 557 558 ber_dupbv( fstr, tmp ); 559 break; 560 561 default: 562 ber_dupbv( fstr, &ber_bvunknown ); 563 break; 564 } 565 566 return 0; 567} 568 569int 570ldap_back_filter_map_rewrite( 571 dncookie *dc, 572 Filter *f, 573 struct berval *fstr, 574 int remap ) 575{ 576 int rc; 577 dncookie fdc; 578 struct berval ftmp; 579 static char *dmy = ""; 580 581 rc = ldap_back_int_filter_map_rewrite( dc, f, fstr, remap ); 582 583#ifdef ENABLE_REWRITE 584 if ( rc != LDAP_SUCCESS ) { 585 return rc; 586 } 587 588 fdc = *dc; 589 ftmp = *fstr; 590 591 fdc.ctx = "searchFilter"; 592 593 switch ( rewrite_session( fdc.target->mt_rwmap.rwm_rw, fdc.ctx, 594 ( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : dmy ), 595 fdc.conn, &fstr->bv_val ) ) 596 { 597 case REWRITE_REGEXEC_OK: 598 if ( !BER_BVISNULL( fstr ) ) { 599 fstr->bv_len = strlen( fstr->bv_val ); 600 601 } else { 602 *fstr = ftmp; 603 } 604 Debug( LDAP_DEBUG_ARGS, 605 "[rw] %s: \"%s\" -> \"%s\"\n", 606 fdc.ctx, BER_BVISNULL( &ftmp ) ? "" : ftmp.bv_val, 607 BER_BVISNULL( fstr ) ? "" : fstr->bv_val ); 608 rc = LDAP_SUCCESS; 609 break; 610 611 case REWRITE_REGEXEC_UNWILLING: 612 if ( fdc.rs ) { 613 fdc.rs->sr_err = LDAP_UNWILLING_TO_PERFORM; 614 fdc.rs->sr_text = "Operation not allowed"; 615 } 616 rc = LDAP_UNWILLING_TO_PERFORM; 617 break; 618 619 case REWRITE_REGEXEC_ERR: 620 if ( fdc.rs ) { 621 fdc.rs->sr_err = LDAP_OTHER; 622 fdc.rs->sr_text = "Rewrite error"; 623 } 624 rc = LDAP_OTHER; 625 break; 626 } 627 628 if ( fstr->bv_val == dmy ) { 629 BER_BVZERO( fstr ); 630 } 631#endif /* ENABLE_REWRITE */ 632 633 return rc; 634} 635 636int 637ldap_back_referral_result_rewrite( 638 dncookie *dc, 639 BerVarray a_vals 640) 641{ 642 int i, last; 643 644 assert( dc != NULL ); 645 assert( a_vals != NULL ); 646 647 for ( last = 0; !BER_BVISNULL( &a_vals[ last ] ); last++ ) 648 ; 649 last--; 650 651 for ( i = 0; !BER_BVISNULL( &a_vals[ i ] ); i++ ) { 652 struct berval dn, 653 olddn = BER_BVNULL; 654 int rc; 655 LDAPURLDesc *ludp; 656 657 rc = ldap_url_parse( a_vals[ i ].bv_val, &ludp ); 658 if ( rc != LDAP_URL_SUCCESS ) { 659 /* leave attr untouched if massage failed */ 660 continue; 661 } 662 663 /* FIXME: URLs like "ldap:///dc=suffix" if passed 664 * thru ldap_url_parse() and ldap_url_desc2str() 665 * get rewritten as "ldap:///dc=suffix??base"; 666 * we don't want this to occur... */ 667 if ( ludp->lud_scope == LDAP_SCOPE_BASE ) { 668 ludp->lud_scope = LDAP_SCOPE_DEFAULT; 669 } 670 671 ber_str2bv( ludp->lud_dn, 0, 0, &olddn ); 672 673 rc = ldap_back_dn_massage( dc, &olddn, &dn ); 674 switch ( rc ) { 675 case LDAP_UNWILLING_TO_PERFORM: 676 /* 677 * FIXME: need to check if it may be considered 678 * legal to trim values when adding/modifying; 679 * it should be when searching (e.g. ACLs). 680 */ 681 LBER_FREE( a_vals[ i ].bv_val ); 682 if ( last > i ) { 683 a_vals[ i ] = a_vals[ last ]; 684 } 685 BER_BVZERO( &a_vals[ last ] ); 686 last--; 687 i--; 688 break; 689 690 default: 691 /* leave attr untouched if massage failed */ 692 if ( !BER_BVISNULL( &dn ) && olddn.bv_val != dn.bv_val ) 693 { 694 char *newurl; 695 696 ludp->lud_dn = dn.bv_val; 697 newurl = ldap_url_desc2str( ludp ); 698 free( dn.bv_val ); 699 if ( newurl == NULL ) { 700 /* FIXME: leave attr untouched 701 * even if ldap_url_desc2str failed... 702 */ 703 break; 704 } 705 706 LBER_FREE( a_vals[ i ].bv_val ); 707 ber_str2bv( newurl, 0, 1, &a_vals[ i ] ); 708 LDAP_FREE( newurl ); 709 ludp->lud_dn = olddn.bv_val; 710 } 711 break; 712 } 713 714 ldap_free_urldesc( ludp ); 715 } 716 717 return 0; 718} 719 720/* 721 * I don't like this much, but we need two different 722 * functions because different heap managers may be 723 * in use in back-ldap/meta to reduce the amount of 724 * calls to malloc routines, and some of the free() 725 * routines may be macros with args 726 */ 727int 728ldap_dnattr_rewrite( 729 dncookie *dc, 730 BerVarray a_vals 731) 732{ 733 struct berval bv; 734 int i, last; 735 736 assert( a_vals != NULL ); 737 738 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ ) 739 ; 740 last--; 741 742 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) { 743 switch ( ldap_back_dn_massage( dc, &a_vals[i], &bv ) ) { 744 case LDAP_UNWILLING_TO_PERFORM: 745 /* 746 * FIXME: need to check if it may be considered 747 * legal to trim values when adding/modifying; 748 * it should be when searching (e.g. ACLs). 749 */ 750 ch_free( a_vals[i].bv_val ); 751 if ( last > i ) { 752 a_vals[i] = a_vals[last]; 753 } 754 BER_BVZERO( &a_vals[last] ); 755 last--; 756 break; 757 758 default: 759 /* leave attr untouched if massage failed */ 760 if ( !BER_BVISNULL( &bv ) && bv.bv_val != a_vals[i].bv_val ) { 761 ch_free( a_vals[i].bv_val ); 762 a_vals[i] = bv; 763 } 764 break; 765 } 766 } 767 768 return 0; 769} 770 771int 772ldap_dnattr_result_rewrite( 773 dncookie *dc, 774 BerVarray a_vals 775) 776{ 777 struct berval bv; 778 int i, last; 779 780 assert( a_vals != NULL ); 781 782 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ ) 783 ; 784 last--; 785 786 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) { 787 switch ( ldap_back_dn_massage( dc, &a_vals[i], &bv ) ) { 788 case LDAP_UNWILLING_TO_PERFORM: 789 /* 790 * FIXME: need to check if it may be considered 791 * legal to trim values when adding/modifying; 792 * it should be when searching (e.g. ACLs). 793 */ 794 LBER_FREE( a_vals[i].bv_val ); 795 if ( last > i ) { 796 a_vals[i] = a_vals[last]; 797 } 798 BER_BVZERO( &a_vals[last] ); 799 last--; 800 break; 801 802 default: 803 /* leave attr untouched if massage failed */ 804 if ( !BER_BVISNULL( &bv ) && a_vals[i].bv_val != bv.bv_val ) { 805 LBER_FREE( a_vals[i].bv_val ); 806 a_vals[i] = bv; 807 } 808 break; 809 } 810 } 811 812 return 0; 813} 814 815