summaryrefslogtreecommitdiffstats
path: root/servers/slapd/matchedValues.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:35:32 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:35:32 +0000
commit5ea77a75dd2d2158401331879f3c8f47940a732c (patch)
treed89dc06e9f4850a900f161e25f84e922c4f86cc8 /servers/slapd/matchedValues.c
parentInitial commit. (diff)
downloadopenldap-5ea77a75dd2d2158401331879f3c8f47940a732c.tar.xz
openldap-5ea77a75dd2d2158401331879f3c8f47940a732c.zip
Adding upstream version 2.5.13+dfsg.upstream/2.5.13+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'servers/slapd/matchedValues.c')
-rw-r--r--servers/slapd/matchedValues.c348
1 files changed, 348 insertions, 0 deletions
diff --git a/servers/slapd/matchedValues.c b/servers/slapd/matchedValues.c
new file mode 100644
index 0000000..574e085
--- /dev/null
+++ b/servers/slapd/matchedValues.c
@@ -0,0 +1,348 @@
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1999-2022 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
+#include "slap.h"
+
+static int
+test_mra_vrFilter(
+ Operation *op,
+ Attribute *a,
+ MatchingRuleAssertion *mra,
+ char ***e_flags
+);
+
+static int
+test_substrings_vrFilter(
+ Operation *op,
+ Attribute *a,
+ ValuesReturnFilter *f,
+ char ***e_flags
+);
+
+static int
+test_presence_vrFilter(
+ Operation *op,
+ Attribute *a,
+ AttributeDescription *desc,
+ char ***e_flags
+);
+
+static int
+test_ava_vrFilter(
+ Operation *op,
+ Attribute *a,
+ AttributeAssertion *ava,
+ int type,
+ char ***e_flags
+);
+
+
+int
+filter_matched_values(
+ Operation *op,
+ Attribute *a,
+ char ***e_flags )
+{
+ ValuesReturnFilter *vrf;
+ int rc = LDAP_SUCCESS;
+
+ Debug( LDAP_DEBUG_FILTER, "=> filter_matched_values\n" );
+
+ for ( vrf = op->o_vrFilter; vrf != NULL; vrf = vrf->vrf_next ) {
+ switch ( vrf->vrf_choice ) {
+ case SLAPD_FILTER_COMPUTED:
+ Debug( LDAP_DEBUG_FILTER, " COMPUTED %s (%d)\n",
+ vrf->vrf_result == LDAP_COMPARE_FALSE ? "false"
+ : vrf->vrf_result == LDAP_COMPARE_TRUE ? "true"
+ : vrf->vrf_result == SLAPD_COMPARE_UNDEFINED ? "undefined"
+ : "error",
+ vrf->vrf_result );
+ /*This type of filter does not affect the result */
+ rc = LDAP_SUCCESS;
+ break;
+
+ case LDAP_FILTER_EQUALITY:
+ Debug( LDAP_DEBUG_FILTER, " EQUALITY\n" );
+ rc = test_ava_vrFilter( op, a, vrf->vrf_ava,
+ LDAP_FILTER_EQUALITY, e_flags );
+ if( rc == -1 ) return rc;
+ break;
+
+ case LDAP_FILTER_SUBSTRINGS:
+ Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n" );
+ rc = test_substrings_vrFilter( op, a,
+ vrf, e_flags );
+ if( rc == -1 ) return rc;
+ break;
+
+ case LDAP_FILTER_PRESENT:
+ Debug( LDAP_DEBUG_FILTER, " PRESENT\n" );
+ rc = test_presence_vrFilter( op, a,
+ vrf->vrf_desc, e_flags );
+ if( rc == -1 ) return rc;
+ break;
+
+ case LDAP_FILTER_GE:
+ rc = test_ava_vrFilter( op, a, vrf->vrf_ava,
+ LDAP_FILTER_GE, e_flags );
+ if( rc == -1 ) return rc;
+ break;
+
+ case LDAP_FILTER_LE:
+ rc = test_ava_vrFilter( op, a, vrf->vrf_ava,
+ LDAP_FILTER_LE, e_flags );
+ if( rc == -1 ) return rc;
+ break;
+
+ case LDAP_FILTER_EXT:
+ Debug( LDAP_DEBUG_FILTER, " EXT\n" );
+ rc = test_mra_vrFilter( op, a,
+ vrf->vrf_mra, e_flags );
+ if( rc == -1 ) return rc;
+ break;
+
+ default:
+ Debug( LDAP_DEBUG_ANY, " unknown filter type %lu\n",
+ vrf->vrf_choice );
+ rc = LDAP_PROTOCOL_ERROR;
+ }
+ }
+
+ Debug( LDAP_DEBUG_FILTER, "<= filter_matched_values %d\n", rc );
+ return( rc );
+}
+
+static int
+test_ava_vrFilter(
+ Operation *op,
+ Attribute *a,
+ AttributeAssertion *ava,
+ int type,
+ char ***e_flags )
+{
+ int i, j;
+
+ for ( i=0; a != NULL; a = a->a_next, i++ ) {
+ MatchingRule *mr;
+ struct berval *bv;
+
+ if ( !is_ad_subtype( a->a_desc, ava->aa_desc ) ) {
+ continue;
+ }
+
+ switch ( type ) {
+ case LDAP_FILTER_APPROX:
+ mr = a->a_desc->ad_type->sat_approx;
+ if( mr != NULL ) break;
+ /* use EQUALITY matching rule if no APPROX rule */
+
+ case LDAP_FILTER_EQUALITY:
+ mr = a->a_desc->ad_type->sat_equality;
+ break;
+
+ case LDAP_FILTER_GE:
+ case LDAP_FILTER_LE:
+ mr = a->a_desc->ad_type->sat_ordering;
+ break;
+
+ default:
+ mr = NULL;
+ }
+
+ if( mr == NULL ) continue;
+
+ bv = a->a_nvals;
+ for ( j=0; !BER_BVISNULL( bv ); bv++, j++ ) {
+ int rc, match;
+ const char *text;
+
+ rc = value_match( &match, a->a_desc, mr, 0,
+ bv, &ava->aa_value, &text );
+ if( rc != LDAP_SUCCESS ) return rc;
+
+ switch ( type ) {
+ case LDAP_FILTER_EQUALITY:
+ case LDAP_FILTER_APPROX:
+ if ( match == 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ break;
+
+ case LDAP_FILTER_GE:
+ if ( match >= 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ break;
+
+ case LDAP_FILTER_LE:
+ if ( match <= 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ break;
+ }
+ }
+ }
+ return LDAP_SUCCESS;
+}
+
+static int
+test_presence_vrFilter(
+ Operation *op,
+ Attribute *a,
+ AttributeDescription *desc,
+ char ***e_flags )
+{
+ int i, j;
+
+ for ( i=0; a != NULL; a = a->a_next, i++ ) {
+ struct berval *bv;
+
+ if ( !is_ad_subtype( a->a_desc, desc ) ) continue;
+
+ for ( bv = a->a_vals, j = 0; !BER_BVISNULL( bv ); bv++, j++ );
+ memset( (*e_flags)[i], 1, j);
+ }
+
+ return( LDAP_SUCCESS );
+}
+
+static int
+test_substrings_vrFilter(
+ Operation *op,
+ Attribute *a,
+ ValuesReturnFilter *vrf,
+ char ***e_flags )
+{
+ int i, j;
+
+ for ( i=0; a != NULL; a = a->a_next, i++ ) {
+ MatchingRule *mr = a->a_desc->ad_type->sat_substr;
+ struct berval *bv;
+
+ if ( !is_ad_subtype( a->a_desc, vrf->vrf_sub_desc ) ) {
+ continue;
+ }
+
+ if( mr == NULL ) continue;
+
+ bv = a->a_nvals;
+ for ( j = 0; !BER_BVISNULL( bv ); bv++, j++ ) {
+ int rc, match;
+ const char *text;
+
+ rc = value_match( &match, a->a_desc, mr, 0,
+ bv, vrf->vrf_sub, &text );
+
+ if( rc != LDAP_SUCCESS ) return rc;
+
+ if ( match == 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ }
+ }
+
+ return LDAP_SUCCESS;
+}
+
+static int
+test_mra_vrFilter(
+ Operation *op,
+ Attribute *a,
+ MatchingRuleAssertion *mra,
+ char ***e_flags )
+{
+ int i, j;
+
+ for ( i = 0; a != NULL; a = a->a_next, i++ ) {
+ struct berval *bv, assertedValue;
+ int normalize_attribute = 0;
+
+ if ( mra->ma_desc ) {
+ if ( !is_ad_subtype( a->a_desc, mra->ma_desc ) ) {
+ continue;
+ }
+ assertedValue = mra->ma_value;
+
+ } else {
+ int rc;
+ const char *text = NULL;
+
+ /* check if matching is appropriate */
+ if ( !mr_usable_with_at( mra->ma_rule, a->a_desc->ad_type ) ) {
+ continue;
+ }
+
+ rc = asserted_value_validate_normalize( a->a_desc, mra->ma_rule,
+ SLAP_MR_EXT|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
+ &mra->ma_value, &assertedValue, &text, op->o_tmpmemctx );
+
+ if ( rc != LDAP_SUCCESS ) continue;
+ }
+
+ /* check match */
+ if ( mra->ma_rule == a->a_desc->ad_type->sat_equality ) {
+ bv = a->a_nvals;
+
+ } else {
+ bv = a->a_vals;
+ normalize_attribute = 1;
+ }
+
+ for ( j = 0; !BER_BVISNULL( bv ); bv++, j++ ) {
+ int rc, match;
+ const char *text;
+ struct berval nbv = BER_BVNULL;
+
+ if ( normalize_attribute && mra->ma_rule->smr_normalize ) {
+ /* see comment in filterentry.c */
+ if ( mra->ma_rule->smr_normalize(
+ SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
+ mra->ma_rule->smr_syntax,
+ mra->ma_rule,
+ bv, &nbv, op->o_tmpmemctx ) != LDAP_SUCCESS )
+ {
+ /* FIXME: stop processing? */
+ continue;
+ }
+
+ } else {
+ nbv = *bv;
+ }
+
+ rc = value_match( &match, a->a_desc, mra->ma_rule, 0,
+ &nbv, &assertedValue, &text );
+
+ if ( nbv.bv_val != bv->bv_val ) {
+ op->o_tmpfree( nbv.bv_val, op->o_tmpmemctx );
+ }
+
+ if ( rc != LDAP_SUCCESS ) return rc;
+
+ if ( match == 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ }
+ }
+
+ return LDAP_SUCCESS;
+}
+