summaryrefslogtreecommitdiffstats
path: root/servers/slapd/cr.c
diff options
context:
space:
mode:
Diffstat (limited to 'servers/slapd/cr.c')
-rw-r--r--servers/slapd/cr.c501
1 files changed, 501 insertions, 0 deletions
diff --git a/servers/slapd/cr.c b/servers/slapd/cr.c
new file mode 100644
index 0000000..a828aa8
--- /dev/null
+++ b/servers/slapd/cr.c
@@ -0,0 +1,501 @@
+/* cr.c - content rule routines */
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2022 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/ctype.h>
+#include <ac/string.h>
+#include <ac/socket.h>
+
+#include "slap.h"
+
+struct cindexrec {
+ struct berval cir_name;
+ ContentRule *cir_cr;
+};
+
+static Avlnode *cr_index = NULL;
+static LDAP_STAILQ_HEAD(CRList, ContentRule) cr_list
+ = LDAP_STAILQ_HEAD_INITIALIZER(cr_list);
+
+static int
+cr_index_cmp(
+ const void *v_cir1,
+ const void *v_cir2 )
+{
+ const struct cindexrec *cir1 = v_cir1;
+ const struct cindexrec *cir2 = v_cir2;
+ int i = cir1->cir_name.bv_len - cir2->cir_name.bv_len;
+ if (i) return i;
+ return strcasecmp( cir1->cir_name.bv_val, cir2->cir_name.bv_val );
+}
+
+static int
+cr_index_name_cmp(
+ const void *v_name,
+ const void *v_cir )
+{
+ const struct berval *name = v_name;
+ const struct cindexrec *cir = v_cir;
+ int i = name->bv_len - cir->cir_name.bv_len;
+ if (i) return i;
+ return strncasecmp( name->bv_val, cir->cir_name.bv_val, name->bv_len );
+}
+
+ContentRule *
+cr_find( const char *crname )
+{
+ struct berval bv;
+
+ bv.bv_val = (char *)crname;
+ bv.bv_len = strlen( crname );
+
+ return( cr_bvfind( &bv ) );
+}
+
+ContentRule *
+cr_bvfind( struct berval *crname )
+{
+ struct cindexrec *cir;
+
+ cir = ldap_avl_find( cr_index, crname, cr_index_name_cmp );
+
+ if ( cir != NULL ) {
+ return( cir->cir_cr );
+ }
+
+ return( NULL );
+}
+
+static int
+cr_destroy_one( ContentRule *c )
+{
+ assert( c != NULL );
+
+ if (c->scr_auxiliaries) ldap_memfree(c->scr_auxiliaries);
+ if (c->scr_required) ldap_memfree(c->scr_required);
+ if (c->scr_allowed) ldap_memfree(c->scr_allowed);
+ if (c->scr_precluded) ldap_memfree(c->scr_precluded);
+ ldap_contentrule_free((LDAPContentRule *)c);
+
+ return 0;
+}
+
+void
+cr_destroy( void )
+{
+ ContentRule *c;
+
+ ldap_avl_free(cr_index, ldap_memfree);
+
+ while( !LDAP_STAILQ_EMPTY(&cr_list) ) {
+ c = LDAP_STAILQ_FIRST(&cr_list);
+ LDAP_STAILQ_REMOVE_HEAD(&cr_list, scr_next);
+
+ cr_destroy_one( c );
+ }
+}
+
+static int
+cr_insert(
+ ContentRule *scr,
+ const char **err
+)
+{
+ struct cindexrec *cir;
+ char **names;
+
+ assert( scr != NULL );
+
+ if ( scr->scr_oid ) {
+ cir = (struct cindexrec *)
+ ch_calloc( 1, sizeof(struct cindexrec) );
+ cir->cir_name.bv_val = scr->scr_oid;
+ cir->cir_name.bv_len = strlen( scr->scr_oid );
+ cir->cir_cr = scr;
+
+ if ( ldap_avl_insert( &cr_index, (caddr_t) cir,
+ cr_index_cmp, ldap_avl_dup_error ) )
+ {
+ *err = scr->scr_oid;
+ ldap_memfree(cir);
+ return SLAP_SCHERR_CR_DUP;
+ }
+
+ /* FIX: temporal consistency check */
+ assert( cr_bvfind(&cir->cir_name) != NULL );
+ }
+
+ if ( (names = scr->scr_names) ) {
+ while ( *names ) {
+ cir = (struct cindexrec *)
+ ch_calloc( 1, sizeof(struct cindexrec) );
+ cir->cir_name.bv_val = *names;
+ cir->cir_name.bv_len = strlen( *names );
+ cir->cir_cr = scr;
+
+ if ( ldap_avl_insert( &cr_index, (caddr_t) cir,
+ cr_index_cmp, ldap_avl_dup_error ) )
+ {
+ *err = *names;
+ ldap_memfree(cir);
+ return SLAP_SCHERR_CR_DUP;
+ }
+
+ /* FIX: temporal consistency check */
+ assert( cr_bvfind(&cir->cir_name) != NULL );
+
+ names++;
+ }
+ }
+
+ LDAP_STAILQ_INSERT_TAIL(&cr_list, scr, scr_next);
+
+ return 0;
+}
+
+static int
+cr_add_auxiliaries(
+ ContentRule *scr,
+ int *op,
+ const char **err )
+{
+ int naux;
+
+ if( scr->scr_oc_oids_aux == NULL ) return 0;
+
+ for( naux=0; scr->scr_oc_oids_aux[naux]; naux++ ) {
+ /* count them */ ;
+ }
+
+ scr->scr_auxiliaries = ch_calloc( naux+1, sizeof(ObjectClass *));
+
+ for( naux=0; scr->scr_oc_oids_aux[naux]; naux++ ) {
+ ObjectClass *soc = scr->scr_auxiliaries[naux]
+ = oc_find(scr->scr_oc_oids_aux[naux]);
+ if ( !soc ) {
+ *err = scr->scr_oc_oids_aux[naux];
+ return SLAP_SCHERR_CLASS_NOT_FOUND;
+ }
+
+ if( soc->soc_flags & SLAP_OC_OPERATIONAL &&
+ soc != slap_schema.si_oc_extensibleObject )
+ {
+ (*op)++;
+ }
+
+ if( soc->soc_kind != LDAP_SCHEMA_AUXILIARY ) {
+ *err = scr->scr_oc_oids_aux[naux];
+ return SLAP_SCHERR_CR_BAD_AUX;
+ }
+ }
+
+ scr->scr_auxiliaries[naux] = NULL;
+ return 0;
+}
+
+static int
+cr_create_required(
+ ContentRule *scr,
+ int *op,
+ const char **err )
+{
+ char **attrs = scr->scr_at_oids_must;
+ char **attrs1;
+ AttributeType *sat;
+
+ if ( attrs ) {
+ attrs1 = attrs;
+ while ( *attrs1 ) {
+ sat = at_find(*attrs1);
+ if ( !sat ) {
+ *err = *attrs1;
+ return SLAP_SCHERR_ATTR_NOT_FOUND;
+ }
+
+ if( is_at_operational( sat )) (*op)++;
+
+ if ( at_find_in_list(sat, scr->scr_required) < 0) {
+ if ( at_append_to_list(sat, &scr->scr_required) ) {
+ *err = *attrs1;
+ return SLAP_SCHERR_OUTOFMEM;
+ }
+ } else {
+ *err = *attrs1;
+ return SLAP_SCHERR_CR_BAD_AT;
+ }
+ attrs1++;
+ }
+ }
+ return 0;
+}
+
+static int
+cr_create_allowed(
+ ContentRule *scr,
+ int *op,
+ const char **err )
+{
+ char **attrs = scr->scr_at_oids_may;
+ char **attrs1;
+ AttributeType *sat;
+
+ if ( attrs ) {
+ attrs1 = attrs;
+ while ( *attrs1 ) {
+ sat = at_find(*attrs1);
+ if ( !sat ) {
+ *err = *attrs1;
+ return SLAP_SCHERR_ATTR_NOT_FOUND;
+ }
+
+ if( is_at_operational( sat )) (*op)++;
+
+ if ( at_find_in_list(sat, scr->scr_required) < 0 &&
+ at_find_in_list(sat, scr->scr_allowed) < 0 )
+ {
+ if ( at_append_to_list(sat, &scr->scr_allowed) ) {
+ *err = *attrs1;
+ return SLAP_SCHERR_OUTOFMEM;
+ }
+ } else {
+ *err = *attrs1;
+ return SLAP_SCHERR_CR_BAD_AT;
+ }
+ attrs1++;
+ }
+ }
+ return 0;
+}
+
+static int
+cr_create_precluded(
+ ContentRule *scr,
+ int *op,
+ const char **err )
+{
+ char **attrs = scr->scr_at_oids_not;
+ char **attrs1;
+ AttributeType *sat;
+
+ if ( attrs ) {
+ attrs1 = attrs;
+ while ( *attrs1 ) {
+ sat = at_find(*attrs1);
+ if ( !sat ) {
+ *err = *attrs1;
+ return SLAP_SCHERR_ATTR_NOT_FOUND;
+ }
+
+ if( is_at_operational( sat )) (*op)++;
+
+ /* FIXME: should also make sure attribute type is not
+ a required attribute of the structural class or
+ any auxiliary class */
+ if ( at_find_in_list(sat, scr->scr_required) < 0 &&
+ at_find_in_list(sat, scr->scr_allowed) < 0 &&
+ at_find_in_list(sat, scr->scr_precluded) < 0 )
+ {
+ if ( at_append_to_list(sat, &scr->scr_precluded) ) {
+ *err = *attrs1;
+ return SLAP_SCHERR_OUTOFMEM;
+ }
+ } else {
+ *err = *attrs1;
+ return SLAP_SCHERR_CR_BAD_AT;
+ }
+ attrs1++;
+ }
+ }
+ return 0;
+}
+
+int
+cr_add(
+ LDAPContentRule *cr,
+ int user,
+ ContentRule **rscr,
+ const char **err
+)
+{
+ ContentRule *scr;
+ int code;
+ int op = 0;
+ char *oidm = NULL;
+
+ if ( cr->cr_names != NULL ) {
+ int i;
+
+ for( i=0; cr->cr_names[i]; i++ ) {
+ if( !slap_valid_descr( cr->cr_names[i] ) ) {
+ return SLAP_SCHERR_BAD_DESCR;
+ }
+ }
+ }
+
+ if ( !OID_LEADCHAR( cr->cr_oid[0] )) {
+ /* Expand OID macros */
+ char *oid = oidm_find( cr->cr_oid );
+ if ( !oid ) {
+ *err = cr->cr_oid;
+ return SLAP_SCHERR_OIDM;
+ }
+ if ( oid != cr->cr_oid ) {
+ oidm = cr->cr_oid;
+ cr->cr_oid = oid;
+ }
+ }
+
+ scr = (ContentRule *) ch_calloc( 1, sizeof(ContentRule) );
+ AC_MEMCPY( &scr->scr_crule, cr, sizeof(LDAPContentRule) );
+
+ scr->scr_oidmacro = oidm;
+ scr->scr_sclass = oc_find(cr->cr_oid);
+ if ( !scr->scr_sclass ) {
+ *err = cr->cr_oid;
+ code = SLAP_SCHERR_CLASS_NOT_FOUND;
+ goto fail;
+ }
+
+ /* check object class usage */
+ if( scr->scr_sclass->soc_kind != LDAP_SCHEMA_STRUCTURAL )
+ {
+ *err = cr->cr_oid;
+ code = SLAP_SCHERR_CR_BAD_STRUCT;
+ goto fail;
+ }
+
+ if( scr->scr_sclass->soc_flags & SLAP_OC_OPERATIONAL ) op++;
+
+ code = cr_add_auxiliaries( scr, &op, err );
+ if ( code != 0 ) goto fail;
+
+ code = cr_create_required( scr, &op, err );
+ if ( code != 0 ) goto fail;
+
+ code = cr_create_allowed( scr, &op, err );
+ if ( code != 0 ) goto fail;
+
+ code = cr_create_precluded( scr, &op, err );
+ if ( code != 0 ) goto fail;
+
+ if( user && op ) {
+ code = SLAP_SCHERR_CR_BAD_AUX;
+ goto fail;
+ }
+
+ code = cr_insert(scr,err);
+ if ( code == 0 && rscr )
+ *rscr = scr;
+ return code;
+fail:
+ ch_free( scr );
+ return code;
+}
+
+void
+cr_unparse( BerVarray *res, ContentRule *start, ContentRule *end, int sys )
+{
+ ContentRule *cr;
+ int i, num;
+ struct berval bv, *bva = NULL, idx;
+ char ibuf[32];
+
+ if ( !start )
+ start = LDAP_STAILQ_FIRST( &cr_list );
+
+ /* count the result size */
+ i = 0;
+ for ( cr=start; cr; cr=LDAP_STAILQ_NEXT(cr, scr_next)) {
+ if ( sys && !(cr->scr_flags & SLAP_CR_HARDCODE)) continue;
+ i++;
+ if ( cr == end ) break;
+ }
+ if (!i) return;
+
+ num = i;
+ bva = ch_malloc( (num+1) * sizeof(struct berval) );
+ BER_BVZERO( bva );
+ idx.bv_val = ibuf;
+ if ( sys ) {
+ idx.bv_len = 0;
+ ibuf[0] = '\0';
+ }
+ i = 0;
+ for ( cr=start; cr; cr=LDAP_STAILQ_NEXT(cr, scr_next)) {
+ LDAPContentRule lcr, *lcrp;
+ if ( sys && !(cr->scr_flags & SLAP_CR_HARDCODE)) continue;
+ if ( cr->scr_oidmacro ) {
+ lcr = cr->scr_crule;
+ lcr.cr_oid = cr->scr_oidmacro;
+ lcrp = &lcr;
+ } else {
+ lcrp = &cr->scr_crule;
+ }
+ if ( ldap_contentrule2bv( lcrp, &bv ) == NULL ) {
+ ber_bvarray_free( bva );
+ }
+ if ( !sys ) {
+ idx.bv_len = sprintf(idx.bv_val, "{%d}", i);
+ }
+ bva[i].bv_len = idx.bv_len + bv.bv_len;
+ bva[i].bv_val = ch_malloc( bva[i].bv_len + 1 );
+ strcpy( bva[i].bv_val, ibuf );
+ strcpy( bva[i].bv_val + idx.bv_len, bv.bv_val );
+ i++;
+ bva[i].bv_val = NULL;
+ ldap_memfree( bv.bv_val );
+ if ( cr == end ) break;
+ }
+ *res = bva;
+}
+
+int
+cr_schema_info( Entry *e )
+{
+ AttributeDescription *ad_ditContentRules
+ = slap_schema.si_ad_ditContentRules;
+ ContentRule *cr;
+
+ struct berval val;
+ struct berval nval;
+
+ LDAP_STAILQ_FOREACH(cr, &cr_list, scr_next) {
+ if ( ldap_contentrule2bv( &cr->scr_crule, &val ) == NULL ) {
+ return -1;
+ }
+
+#if 0
+ if( cr->scr_flags & SLAP_CR_HIDE ) continue;
+#endif
+#if 0
+ Debug( LDAP_DEBUG_TRACE, "Merging cr [%ld] %s\n",
+ (long) val.bv_len, val.bv_val );
+#endif
+
+ nval.bv_val = cr->scr_oid;
+ nval.bv_len = strlen(cr->scr_oid);
+
+ if( attr_merge_one( e, ad_ditContentRules, &val, &nval ) )
+ {
+ return -1;
+ }
+ ldap_memfree( val.bv_val );
+ }
+ return 0;
+}