From 3492452a5b808aae97b8072a7a49f15e3a9a199d Mon Sep 17 00:00:00 2001
From: Sang Seok Lim <slim@openldap.org>
Date: Mon, 13 Dec 2004 16:26:58 +0000
Subject: [PATCH] 1) <select> and <content> type component reference support 2)
attribute aliasing support - x509CertificateIssuer - x509CertificateSerial -
x509CertificateIssuerAndIssuer 3) AuthorityKeyIdentifier support(one of
certificate extension) 4) Misc. improvement - integrate OID and its decoder
mapping table - normalize and validate the values of both component asserions
and extracted components 5) Misc. bug fix
---
contrib/slapd-modules/comp_match/Makefile | 11 +-
contrib/slapd-modules/comp_match/asn.h | 1 -
.../slapd-modules/comp_match/asn_to_syn_mr.c | 6 +-
.../comp_match/authorityKeyIdentifier.asn | 65 +
.../comp_match/authorityKeyIdentifier.c | 2058 +++++++++++++++++
.../comp_match/authorityKeyIdentifier.h | 327 +++
.../slapd-modules/comp_match/certificate.asn1 | 55 +-
.../slapd-modules/comp_match/certificate.c | 223 +-
.../slapd-modules/comp_match/certificate.h | 16 +-
.../slapd-modules/comp_match/componentlib.c | 226 +-
.../{component.h => componentlib.h} | 18 +-
contrib/slapd-modules/comp_match/init.c | 527 +++--
servers/slapd/attr.c | 24 +-
servers/slapd/back-bdb/id2entry.c | 3 +
servers/slapd/component.c | 364 ++-
servers/slapd/component.h | 24 +-
servers/slapd/mra.c | 20 +-
servers/slapd/proto-slap.h | 5 +
servers/slapd/schema/test.schema | 33 +
servers/slapd/slap.h | 6 +-
tests/data/compsearch.out | 204 ++
tests/data/slapd-component.conf | 1 +
tests/scripts/test031-component-filter | 77 +
23 files changed, 3897 insertions(+), 397 deletions(-)
create mode 100644 contrib/slapd-modules/comp_match/authorityKeyIdentifier.asn
create mode 100644 contrib/slapd-modules/comp_match/authorityKeyIdentifier.c
create mode 100644 contrib/slapd-modules/comp_match/authorityKeyIdentifier.h
rename contrib/slapd-modules/comp_match/{component.h => componentlib.h} (95%)
create mode 100644 servers/slapd/schema/test.schema
diff --git a/contrib/slapd-modules/comp_match/Makefile b/contrib/slapd-modules/comp_match/Makefile
index 7afdef14d5..9327bef54d 100644
--- a/contrib/slapd-modules/comp_match/Makefile
+++ b/contrib/slapd-modules/comp_match/Makefile
@@ -17,7 +17,7 @@
topbuilddir = ../../../../build
topsrcdir = ../../..
-snaccdir = /home/slim/snacc
+snaccdir = /usr/local/snacc
LIBTOOL=$(topbuilddir)/libtool
OPT=-g -O2 -DLDAP_COMPONENT
@@ -42,19 +42,22 @@ componentlib.lo: componentlib.c
certificate.lo: certificate.c
$(LIBTOOL) --mode=compile $(CC) $(OPT) $(INCS) -c $?
+authorityKeyIdentifier.lo: authorityKeyIdentifier.c
+ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(INCS) -c $?
+
asn_to_syn_mr.lo: asn_to_syn_mr.c
$(LIBTOOL) --mode=compile $(CC) $(OPT) $(INCS) -c $?
init.lo: init.c
$(LIBTOOL) --mode=compile $(CC) $(OPT) $(INCS) -c $?
-compmatch.la: componentlib.lo init.lo certificate.lo asn_to_syn_mr.lo
+compmatch.la: componentlib.lo init.lo certificate.lo asn_to_syn_mr.lo authorityKeyIdentifier.lo
$(LIBTOOL) --mode=link $(CC) $(OPT) $(LIBS) -version-info 0:0:0 \
-rpath /usr/local/libexec/openldap -module -o $@ $? $(LIBS)
clean:
- \rm compmatch.la componentlib.lo certificate.lo asn_to_syn_mr.lo\
- init.o init.lo componentlib.o certificate.o asn_to_syn_mr.o
+ \rm compmatch.la componentlib.lo certificate.lo asn_to_syn_mr.lo authorityKeyIdentifier.lo\
+ init.o init.lo componentlib.o certificate.o asn_to_syn_mr.o authorityKeyIdentifier.o
install:
cp -r .libs $(topsrcdir)/tests/data/comp_libs
cp compmatch.la $(topsrcdir)/tests/data/comp_libs
diff --git a/contrib/slapd-modules/comp_match/asn.h b/contrib/slapd-modules/comp_match/asn.h
index d018598b9d..0bc27c081c 100644
--- a/contrib/slapd-modules/comp_match/asn.h
+++ b/contrib/slapd-modules/comp_match/asn.h
@@ -12,7 +12,6 @@
#define _H_ASN_MODULE
typedef enum { BER, GSER } EncRulesType;
-typedef enum { ASN_BASIC, ASN_COMPOSITE } AsnType;
typedef enum AsnTypeId {
BASICTYPE_BOOLEAN,
diff --git a/contrib/slapd-modules/comp_match/asn_to_syn_mr.c b/contrib/slapd-modules/comp_match/asn_to_syn_mr.c
index faf616df62..718dcb7e84 100644
--- a/contrib/slapd-modules/comp_match/asn_to_syn_mr.c
+++ b/contrib/slapd-modules/comp_match/asn_to_syn_mr.c
@@ -1,5 +1,6 @@
-#include "asn.h"
#include "component.h"
+#include "asn.h"
+#include "componentlib.h"
AsnTypetoMatchingRuleTable directory_component_matching_table = {
"1.2.36.79672281.1.13.7",
@@ -67,7 +68,8 @@ struct asntype_to_syntax asn_to_syntax_mapping_tbl[] = {
{ BASICTYPE_BITCONTAINING, NULL , NULL, NULL },
{ BASICTYPE_RELATIVE_OID, "OID", "1.3.6.1.4.1.1466.115.121.1.38", NULL },
{ BASICTYPE_ANY, NULL, NULL, NULL },
-{ RDNSequence, "RDN" , "1.2.36.79672281.1.5.0", NULL },
+{ COMPOSITE_ASN1_TYPE, NULL , NULL, NULL },
+{ RDNSequence, "Distinguished Name" , "1.3.6.1.4.1.1466.115.121.1.12", NULL },
{ RelativeDistinguishedName, "RDN", "1.2.36.79672281.1.5.0", NULL },
{ TelephoneNumber, "Telephone Number" , "1.3.6.1.4.1.1466.115.121.1.50", NULL },
{ FacsimileTelephoneNumber__telephoneNumber, "Facsimile Telephone Number","1.3.6.1.4.1.1466.115.121.1.22", NULL },
diff --git a/contrib/slapd-modules/comp_match/authorityKeyIdentifier.asn b/contrib/slapd-modules/comp_match/authorityKeyIdentifier.asn
new file mode 100644
index 0000000000..85ac92d664
--- /dev/null
+++ b/contrib/slapd-modules/comp_match/authorityKeyIdentifier.asn
@@ -0,0 +1,65 @@
+AuthorityKeyIdentifierDefinition DEFINITIONS ::=
+BEGIN
+AuthorityKeyIdentifier ::= SEQUENCE {
+ keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL,
+ authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL,
+ authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL }
+ -- authorityCertIssuer and authorityCertSerialNumber MUST both
+ -- be present or both be absent
+
+KeyIdentifier ::= OCTET STRING
+
+CertificateSerialNumber ::= INTEGER
+
+GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+
+GeneralName ::= CHOICE {
+ otherName [0] OtherName,
+ rfc822Name [1] IA5String,
+ dNSName [2] IA5String,
+ x400Address [3] ORAddress,
+ directoryName [4] Name,
+ ediPartyName [5] EDIPartyName,
+ uniformResourceIdentifier [6] IA5String,
+ iPAddress [7] OCTET STRING,
+ registeredID [8] OBJECT IDENTIFIER }
+
+OtherName ::= SEQUENCE {
+ type-id OBJECT IDENTIFIER,
+ value [0] EXPLICIT ANY DEFINED BY type-id }
+
+EDIPartyName ::= SEQUENCE {
+ nameAssigner [0] DirectoryString OPTIONAL,
+ partyName [1] DirectoryString }
+
+-- following ORAddress may not conform original def. in ASN.1
+ORAddress ::= SEQUENCE {
+-- built-in-standard-attributes BuiltInStandardAttributes,
+ type-id OBJECT IDENTIFIER,
+-- built-in-domain-defined-attributes
+ value ANY DEFINED BY type-id,
+-- BuiltInDomainDefinedAttributes OPTIONAL,
+-- see also teletex-domain-defined-attributes
+--extension-attributes ExtensionAttributes OPTIONAL }
+ extension OCTET STRING OPTIONAL }
+
+
+Name ::= CHOICE {
+ rdnSequence RDNSequence }
+
+RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+
+RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
+
+AttributeTypeAndValue ::= SEQUENCE {
+ type OBJECT IDENTIFIER,
+ value ANY DEFINED BY type}
+
+DirectoryString ::= CHOICE {
+ teletexString TeletexString (SIZE (1..MAX)),
+ printableString PrintableString (SIZE (1..MAX)),
+ universalString UniversalString (SIZE (1..MAX)),
+ utf8String UTF8String (SIZE (1..MAX)),
+ bmpString BMPString (SIZE (1..MAX)) }
+
+END
diff --git a/contrib/slapd-modules/comp_match/authorityKeyIdentifier.c b/contrib/slapd-modules/comp_match/authorityKeyIdentifier.c
new file mode 100644
index 0000000000..7a1213b62d
--- /dev/null
+++ b/contrib/slapd-modules/comp_match/authorityKeyIdentifier.c
@@ -0,0 +1,2058 @@
+/*
+ * authorityKeyIdentifier.c
+ * "AuthorityKeyIdentifierDefinition" ASN.1 module encode/decode/extracting/matching/free C src.
+ * This file was generated by modified eSMACC compiler Wed Dec 8 22:22:49 2004
+ * The generated files are supposed to be compiled as a module for OpenLDAP Software
+ */
+
+#include "authorityKeyIdentifier.h"
+
+BDecComponentAuthorityKeyIdentifierTop( void* mem_op, GenBuf* b, void *v, AsnLen* bytesDecoded,int mode) {
+ AsnTag tag;
+ AsnLen elmtLen;
+
+ tag = BDecTag ( b, bytesDecoded );
+ elmtLen = BDecLen ( b, bytesDecoded );
+ if ( elmtLen <= 0 ) return (-1);
+ if ( tag != MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE) ) {
+ return (-1);
+ }
+
+ return BDecComponentAuthorityKeyIdentifier( mem_op, b, tag, elmtLen, (ComponentSyntaxInfo*)v,(int*)bytesDecoded, mode );
+}
+
+
+void init_module_AuthorityKeyIdentifierDefinition() {
+ InstallOidDecoderMapping( "2.5.29.35", NULL,
+ GDecComponentAuthorityKeyIdentifier,
+ BDecComponentAuthorityKeyIdentifierTop,
+ ExtractingComponentAuthorityKeyIdentifier,
+ MatchingComponentAuthorityKeyIdentifier );
+}
+
+int
+MatchingComponentOtherName ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) {
+ int rc;
+ MatchingRule* mr;
+
+ if ( oid ) {
+ mr = retrieve_matching_rule( oid, csi_attr->csi_comp_desc->cd_type_id);
+ if ( mr ) return component_value_match( mr, csi_attr, csi_assert );
+ }
+
+ rc = 1;
+ rc = MatchingComponentOid ( oid, (ComponentSyntaxInfo*)&((ComponentOtherName*)csi_attr)->type_id, (ComponentSyntaxInfo*)&((ComponentOtherName*)csi_assert)->type_id );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ rc = SetAnyTypeByComponentOid ((ComponentSyntaxInfo*)&((ComponentOtherName*)csi_attr)->value, (&((ComponentOtherName*)csi_attr)->type_id));
+ rc = MatchingComponentAnyDefinedBy ( oid, (ComponentSyntaxInfo*)&((ComponentOtherName*)csi_attr)->value, (ComponentSyntaxInfo*)&((ComponentOtherName*)csi_assert)->value);
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ return LDAP_COMPARE_TRUE;
+} /* BMatchingComponentOtherName */
+
+void*
+ExtractingComponentOtherName ( void* mem_op, ComponentReference* cr, ComponentOtherName *comp )
+{
+
+ if ( ( comp->type_id.identifier.bv_val && strncmp(comp->type_id.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->type_id.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return &comp->type_id;
+ else
+ return NULL;
+ }
+ if ( ( comp->value.identifier.bv_val && strncmp(comp->value.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->value.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return &comp->value;
+ else
+ return NULL;
+ }
+ return NULL;
+} /* ExtractingComponentOtherName */
+
+int
+BDecComponentOtherName PARAMS ((b, tagId0, elmtLen0, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+AsnTag tagId0 _AND_
+AsnLen elmtLen0 _AND_
+ComponentOtherName **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ int seqDone = FALSE;
+ AsnLen totalElmtsLen1 = 0;
+ AsnLen elmtLen1;
+ AsnTag tagId1;
+ int mandatoryElmtCount1 = 0;
+ AsnLen totalElmtsLen2 = 0;
+ AsnLen elmtLen2;
+ AsnTag tagId2;
+ int old_mode = mode;
+ int rc;
+ ComponentOtherName *k, *t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, OID_TAG_CODE))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentOid (mem_op, b, tagId1, elmtLen1, (&k->type_id), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->type_id)->identifier.bv_val = (&k->type_id)->id_buf;
+ (&k->type_id)->identifier.bv_len = strlen("type_id");
+ strcpy( (&k->type_id)->identifier.bv_val, "type_id");
+ tagId1 = BDecTag (b, &totalElmtsLen1);
+ }
+ else
+ return -1;
+
+
+
+ if (((tagId1 == MAKE_TAG_ID (CNTX, CONS, 0))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = SetAnyTypeByComponentOid ((&k->value), (&k->type_id));
+ rc = BDecComponentAnyDefinedBy (mem_op,b, (&k->value), &totalElmtsLen1, mode );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->value)->identifier.bv_val = (&k->value)->id_buf;
+ (&k->value)->identifier.bv_len = strlen("value");
+ strcpy( (&k->value)->identifier.bv_val, "value");
+ if (elmtLen1 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ seqDone = TRUE;
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ else if (totalElmtsLen1 != elmtLen0)
+ return -1;
+
+ }
+ else
+ return -1;
+
+
+
+ if (!seqDone)
+ return -1;
+
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentOtherName*) CompAlloc( mem_op, sizeof(ComponentOtherName) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentOtherName ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentOtherName ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentOtherName;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentOtherName;
+ (*bytesDecoded) += totalElmtsLen1;
+ return LDAP_SUCCESS;
+} /* BDecOtherName*/
+
+int
+GDecComponentOtherName PARAMS (( mem_op,b, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+ComponentOtherName **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ char* peek_head,*peek_head2;
+ int i, strLen,strLen2, rc, old_mode = mode;
+ ComponentOtherName *k,*t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ *bytesDecoded = 0;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '{'){
+ Asn1Error("Missing { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if ( strncmp( peek_head, "type_id", strlen("type_id") ) == 0 ) {
+ rc = GDecComponentOid (mem_op, b, (&k->type_id), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->type_id)->identifier.bv_val = peek_head;
+ (&k->type_id)->identifier.bv_len = strLen;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading , ");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != ','){
+ Asn1Error("Missing , in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ }
+ if ( strncmp( peek_head, "value", strlen("value") ) == 0 ) {
+ rc = SetAnyTypeByComponentOid ((&k->value), (&k->type_id));
+ rc = GDecComponentAnyDefinedBy (mem_op, b, (&k->value), bytesDecoded, mode );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->value)->identifier.bv_val = peek_head;
+ (&k->value)->identifier.bv_len = strLen;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ) {
+ Asn1Error("Error during Reading } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '}'){
+ Asn1Error("Missing } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentOtherName*) CompAlloc( mem_op, sizeof(ComponentOtherName) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentOtherName ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentOtherName ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentOtherName;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentOtherName;
+ return LDAP_SUCCESS;
+} /* GDecOtherName*/
+
+
+int
+MatchingComponentORAddress ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) {
+ int rc;
+ MatchingRule* mr;
+
+ if ( oid ) {
+ mr = retrieve_matching_rule( oid, csi_attr->csi_comp_desc->cd_type_id);
+ if ( mr ) return component_value_match( mr, csi_attr, csi_assert );
+ }
+
+ rc = 1;
+ rc = MatchingComponentOid ( oid, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_attr)->type_id, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_assert)->type_id );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ rc = SetAnyTypeByComponentOid ((ComponentSyntaxInfo*)&((ComponentORAddress*)csi_attr)->value, (&((ComponentORAddress*)csi_attr)->type_id));
+ rc = MatchingComponentAnyDefinedBy ( oid, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_attr)->value, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_assert)->value);
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ rc = MatchingComponentOcts ( oid, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_attr)->extension, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_assert)->extension );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ return LDAP_COMPARE_TRUE;
+} /* BMatchingComponentORAddress */
+
+void*
+ExtractingComponentORAddress ( void* mem_op, ComponentReference* cr, ComponentORAddress *comp )
+{
+
+ if ( ( comp->type_id.identifier.bv_val && strncmp(comp->type_id.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->type_id.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return &comp->type_id;
+ else
+ return NULL;
+ }
+ if ( ( comp->value.identifier.bv_val && strncmp(comp->value.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->value.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return &comp->value;
+ else
+ return NULL;
+ }
+ if ( ( comp->extension.identifier.bv_val && strncmp(comp->extension.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->extension.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return &comp->extension;
+ else
+ return NULL;
+ }
+ return NULL;
+} /* ExtractingComponentORAddress */
+
+int
+BDecComponentORAddress PARAMS ((b, tagId0, elmtLen0, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+AsnTag tagId0 _AND_
+AsnLen elmtLen0 _AND_
+ComponentORAddress **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ int seqDone = FALSE;
+ AsnLen totalElmtsLen1 = 0;
+ AsnLen elmtLen1;
+ AsnTag tagId1;
+ int mandatoryElmtCount1 = 0;
+ int old_mode = mode;
+ int rc;
+ ComponentORAddress *k, *t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, OID_TAG_CODE))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentOid (mem_op, b, tagId1, elmtLen1, (&k->type_id), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->type_id)->identifier.bv_val = (&k->type_id)->id_buf;
+ (&k->type_id)->identifier.bv_len = strlen("type_id");
+ strcpy( (&k->type_id)->identifier.bv_val, "type_id");
+ }
+ else
+ return -1;
+
+
+
+ {
+ rc = SetAnyTypeByComponentOid ((&k->value), (&k->type_id));
+ rc = BDecComponentAnyDefinedBy (mem_op,b, (&k->value), &totalElmtsLen1, mode );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->value)->identifier.bv_val = (&k->value)->id_buf;
+ (&k->value)->identifier.bv_len = strlen("value");
+ strcpy( (&k->value)->identifier.bv_val, "value");
+ if ((elmtLen0 != INDEFINITE_LEN) && (totalElmtsLen1 == elmtLen0))
+ seqDone = TRUE;
+ else
+ {
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if ((elmtLen0 == INDEFINITE_LEN) && (tagId1 == EOC_TAG_ID))
+ {
+ BDEC_2ND_EOC_OCTET (b, &totalElmtsLen1 )
+ seqDone = TRUE;
+ }
+ }
+ }
+
+
+ if ((!seqDone) && ((tagId1 == MAKE_TAG_ID (UNIV, PRIM, OCTETSTRING_TAG_CODE)) ||
+(tagId1 == MAKE_TAG_ID (UNIV, CONS, OCTETSTRING_TAG_CODE))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentOcts (mem_op, b, tagId1, elmtLen1, (&k->extension), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->extension)->identifier.bv_val = (&k->extension)->id_buf;
+ (&k->extension)->identifier.bv_len = strlen("extension");
+ strcpy( (&k->extension)->identifier.bv_val, "extension");
+ seqDone = TRUE;
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ else if (totalElmtsLen1 != elmtLen0)
+ return -1;
+
+ }
+
+
+ if (!seqDone)
+ return -1;
+
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentORAddress*) CompAlloc( mem_op, sizeof(ComponentORAddress) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentORAddress ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentORAddress ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentORAddress;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentORAddress;
+ (*bytesDecoded) += totalElmtsLen1;
+ return LDAP_SUCCESS;
+} /* BDecORAddress*/
+
+int
+GDecComponentORAddress PARAMS (( mem_op,b, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+ComponentORAddress **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ char* peek_head,*peek_head2;
+ int i, strLen,strLen2, rc, old_mode = mode;
+ ComponentORAddress *k,*t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ *bytesDecoded = 0;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '{'){
+ Asn1Error("Missing { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if ( strncmp( peek_head, "type_id", strlen("type_id") ) == 0 ) {
+ rc = GDecComponentOid (mem_op, b, (&k->type_id), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->type_id)->identifier.bv_val = peek_head;
+ (&k->type_id)->identifier.bv_len = strLen;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading , ");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != ','){
+ Asn1Error("Missing , in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ }
+ if ( strncmp( peek_head, "value", strlen("value") ) == 0 ) {
+ rc = SetAnyTypeByComponentOid ((&k->value), (&k->type_id));
+ rc = GDecComponentAnyDefinedBy (mem_op, b, (&k->value), bytesDecoded, mode );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->value)->identifier.bv_val = peek_head;
+ (&k->value)->identifier.bv_len = strLen;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading , ");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != ','){
+ Asn1Error("Missing , in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ }
+ if ( strncmp( peek_head, "extension", strlen("extension") ) == 0 ) {
+ rc = GDecComponentOcts (mem_op, b, (&k->extension), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->extension)->identifier.bv_val = peek_head;
+ (&k->extension)->identifier.bv_len = strLen;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ) {
+ Asn1Error("Error during Reading } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '}'){
+ Asn1Error("Missing } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentORAddress*) CompAlloc( mem_op, sizeof(ComponentORAddress) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentORAddress ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentORAddress ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentORAddress;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentORAddress;
+ return LDAP_SUCCESS;
+} /* GDecORAddress*/
+
+
+int
+MatchingComponentDirectoryString ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) {
+ int rc;
+ MatchingRule* mr;
+ ComponentDirectoryString *v1, *v2;
+
+
+ v1 = (ComponentDirectoryString*)csi_attr;
+ v2 = (ComponentDirectoryString*)csi_assert;
+ if ( oid ) {
+ mr = retrieve_matching_rule( oid, csi_attr->csi_comp_desc->cd_type_id);
+ if ( mr ) return component_value_match( mr, csi_attr, csi_assert );
+ }
+
+ if( (v1->choiceId != v2->choiceId ) )
+ return LDAP_COMPARE_FALSE;
+ switch( v1->choiceId )
+ {
+ case DIRECTORYSTRING_TELETEXSTRING :
+ rc = MatchingComponentTeletexString ( oid, (ComponentSyntaxInfo*)(v1->a.teletexString), (ComponentSyntaxInfo*)(v2->a.teletexString) );
+ break;
+ case DIRECTORYSTRING_PRINTABLESTRING :
+ rc = MatchingComponentPrintableString ( oid, (ComponentSyntaxInfo*)(v1->a.printableString), (ComponentSyntaxInfo*)(v2->a.printableString) );
+ break;
+ case DIRECTORYSTRING_UNIVERSALSTRING :
+ rc = MatchingComponentUniversalString ( oid, (ComponentSyntaxInfo*)(v1->a.universalString), (ComponentSyntaxInfo*)(v2->a.universalString) );
+ break;
+ case DIRECTORYSTRING_UTF8STRING :
+ rc = MatchingComponentUTF8String ( oid, (ComponentSyntaxInfo*)(v1->a.utf8String), (ComponentSyntaxInfo*)(v2->a.utf8String) );
+ break;
+ case DIRECTORYSTRING_BMPSTRING :
+ rc = MatchingComponentBMPString ( oid, (ComponentSyntaxInfo*)(v1->a.bmpString), (ComponentSyntaxInfo*)(v2->a.bmpString) );
+ break;
+ default :
+ return LDAP_PROTOCOL_ERROR;
+ }
+ return rc;
+} /* BMatchingComponentDirectoryStringContent */
+
+void*
+ExtractingComponentDirectoryString ( void* mem_op, ComponentReference* cr, ComponentDirectoryString *comp )
+{
+
+
+ if( (comp->choiceId) == DIRECTORYSTRING_TELETEXSTRING &&
+ (( comp->a.teletexString->identifier.bv_val && strncmp(comp->a.teletexString->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.teletexString->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.teletexString);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentTeletexString ( mem_op, cr, (comp->a.teletexString) );
+ };
+ }
+ if( (comp->choiceId) == DIRECTORYSTRING_PRINTABLESTRING &&
+ (( comp->a.printableString->identifier.bv_val && strncmp(comp->a.printableString->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.printableString->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.printableString);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentPrintableString ( mem_op, cr, (comp->a.printableString) );
+ };
+ }
+ if( (comp->choiceId) == DIRECTORYSTRING_UNIVERSALSTRING &&
+ (( comp->a.universalString->identifier.bv_val && strncmp(comp->a.universalString->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.universalString->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.universalString);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentUniversalString ( mem_op, cr, (comp->a.universalString) );
+ };
+ }
+ if( (comp->choiceId) == DIRECTORYSTRING_UTF8STRING &&
+ (( comp->a.utf8String->identifier.bv_val && strncmp(comp->a.utf8String->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.utf8String->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.utf8String);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentUTF8String ( mem_op, cr, (comp->a.utf8String) );
+ };
+ }
+ if( (comp->choiceId) == DIRECTORYSTRING_BMPSTRING &&
+ (( comp->a.bmpString->identifier.bv_val && strncmp(comp->a.bmpString->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.bmpString->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.bmpString);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentBMPString ( mem_op, cr, (comp->a.bmpString) );
+ };
+ }
+ return NULL;
+} /* ExtractingComponentDirectoryString */
+
+int
+BDecComponentDirectoryString PARAMS ((b, tagId0, elmtLen0, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+AsnTag tagId0 _AND_
+AsnLen elmtLen0 _AND_
+ComponentDirectoryString **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ int seqDone = FALSE;
+ AsnLen totalElmtsLen1 = 0;
+ AsnLen elmtLen1;
+ AsnTag tagId1;
+ int mandatoryElmtCount1 = 0;
+ int old_mode = mode;
+ int rc;
+ ComponentDirectoryString *k, *t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ switch (tagId0)
+ {
+ case MAKE_TAG_ID (UNIV, PRIM, TELETEXSTRING_TAG_CODE):
+ case MAKE_TAG_ID (UNIV, CONS, TELETEXSTRING_TAG_CODE):
+ (k->choiceId) = DIRECTORYSTRING_TELETEXSTRING;
+ rc = BDecComponentTeletexString (mem_op, b, tagId0, elmtLen0, (&k->a.teletexString), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.teletexString)->identifier.bv_val = (k->a.teletexString)->id_buf;
+ (k->a.teletexString)->identifier.bv_len = strlen("teletexString");
+ strcpy( (k->a.teletexString)->identifier.bv_val, "teletexString");
+ break;
+
+ case MAKE_TAG_ID (UNIV, PRIM, PRINTABLESTRING_TAG_CODE):
+ case MAKE_TAG_ID (UNIV, CONS, PRINTABLESTRING_TAG_CODE):
+ (k->choiceId) = DIRECTORYSTRING_PRINTABLESTRING;
+ rc = BDecComponentPrintableString (mem_op, b, tagId0, elmtLen0, (&k->a.printableString), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.printableString)->identifier.bv_val = (k->a.printableString)->id_buf;
+ (k->a.printableString)->identifier.bv_len = strlen("printableString");
+ strcpy( (k->a.printableString)->identifier.bv_val, "printableString");
+ break;
+
+ case MAKE_TAG_ID (UNIV, PRIM, UNIVERSALSTRING_TAG_CODE):
+ case MAKE_TAG_ID (UNIV, CONS, UNIVERSALSTRING_TAG_CODE):
+ (k->choiceId) = DIRECTORYSTRING_UNIVERSALSTRING;
+ rc = BDecComponentUniversalString (mem_op, b, tagId0, elmtLen0, (&k->a.universalString), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.universalString)->identifier.bv_val = (k->a.universalString)->id_buf;
+ (k->a.universalString)->identifier.bv_len = strlen("universalString");
+ strcpy( (k->a.universalString)->identifier.bv_val, "universalString");
+ break;
+
+ case MAKE_TAG_ID (UNIV, PRIM, UTF8STRING_TAG_CODE):
+ case MAKE_TAG_ID (UNIV, CONS, UTF8STRING_TAG_CODE):
+ (k->choiceId) = DIRECTORYSTRING_UTF8STRING;
+ rc = BDecComponentUTF8String (mem_op, b, tagId0, elmtLen0, (&k->a.utf8String), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.utf8String)->identifier.bv_val = (k->a.utf8String)->id_buf;
+ (k->a.utf8String)->identifier.bv_len = strlen("utf8String");
+ strcpy( (k->a.utf8String)->identifier.bv_val, "utf8String");
+ break;
+
+ case MAKE_TAG_ID (UNIV, PRIM, BMPSTRING_TAG_CODE):
+ case MAKE_TAG_ID (UNIV, CONS, BMPSTRING_TAG_CODE):
+ (k->choiceId) = DIRECTORYSTRING_BMPSTRING;
+ rc = BDecComponentBMPString (mem_op, b, tagId0, elmtLen0, (&k->a.bmpString), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.bmpString)->identifier.bv_val = (k->a.bmpString)->id_buf;
+ (k->a.bmpString)->identifier.bv_len = strlen("bmpString");
+ strcpy( (k->a.bmpString)->identifier.bv_val, "bmpString");
+ break;
+
+ default:
+ Asn1Error ("ERROR - unexpected tag in CHOICE\n");
+ return -1;
+ break;
+ } /* end switch */
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentDirectoryString*) CompAlloc( mem_op, sizeof(ComponentDirectoryString) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentDirectoryString ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentDirectoryString ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentDirectoryString;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentDirectoryString;
+ (*bytesDecoded) += totalElmtsLen1;
+ return LDAP_SUCCESS;
+} /* BDecDirectoryStringContent */
+
+int
+GDecComponentDirectoryString PARAMS (( mem_op,b, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+ComponentDirectoryString **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ char* peek_head,*peek_head2;
+ int i, strLen,strLen2, rc, old_mode = mode;
+ ComponentDirectoryString *k,*t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen2 = LocateNextGSERToken(mem_op,b,&peek_head2,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head2 != ':'){
+ Asn1Error("Missing : in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( strncmp("teletexString",peek_head, strlen("teletexString")) == 0){
+ (k->choiceId) = DIRECTORYSTRING_TELETEXSTRING;
+ rc = GDecComponentTeletexString (mem_op, b, (&k->a.teletexString), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.teletexString)->identifier.bv_val = peek_head;
+ (k->a.teletexString)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("printableString",peek_head,strlen("printableString")) == 0){
+ (k->choiceId) = DIRECTORYSTRING_PRINTABLESTRING;
+ rc = GDecComponentPrintableString (mem_op, b, (&k->a.printableString), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.printableString)->identifier.bv_val = peek_head;
+ (k->a.printableString)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("universalString",peek_head,strlen("universalString")) == 0){
+ (k->choiceId) = DIRECTORYSTRING_UNIVERSALSTRING;
+ rc = GDecComponentUniversalString (mem_op, b, (&k->a.universalString), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.universalString)->identifier.bv_val = peek_head;
+ (k->a.universalString)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("utf8String",peek_head,strlen("utf8String")) == 0){
+ (k->choiceId) = DIRECTORYSTRING_UTF8STRING;
+ rc = GDecComponentUTF8String (mem_op, b, (&k->a.utf8String), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.utf8String)->identifier.bv_val = peek_head;
+ (k->a.utf8String)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("bmpString",peek_head,strlen("bmpString")) == 0){
+ (k->choiceId) = DIRECTORYSTRING_BMPSTRING;
+ rc = GDecComponentBMPString (mem_op, b, (&k->a.bmpString), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.bmpString)->identifier.bv_val = peek_head;
+ (k->a.bmpString)->identifier.bv_len = strLen;
+ }
+ else {
+ Asn1Error("Undefined Identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentDirectoryString*) CompAlloc( mem_op, sizeof(ComponentDirectoryString) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentDirectoryString ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentDirectoryString ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentDirectoryString;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentDirectoryString;
+ return LDAP_SUCCESS;
+} /* GDecDirectoryStringContent */
+
+
+int
+MatchingComponentEDIPartyName ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) {
+ int rc;
+ MatchingRule* mr;
+
+ if ( oid ) {
+ mr = retrieve_matching_rule( oid, csi_attr->csi_comp_desc->cd_type_id);
+ if ( mr ) return component_value_match( mr, csi_attr, csi_assert );
+ }
+
+ rc = 1;
+ if(COMPONENTNOT_NULL( ((ComponentEDIPartyName*)csi_attr)->nameAssigner ) ) {
+ rc = MatchingComponentDirectoryString ( oid, (ComponentSyntaxInfo*)((ComponentEDIPartyName*)csi_attr)->nameAssigner, (ComponentSyntaxInfo*)((ComponentEDIPartyName*)csi_assert)->nameAssigner );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ }
+ rc = MatchingComponentDirectoryString ( oid, (ComponentSyntaxInfo*)((ComponentEDIPartyName*)csi_attr)->partyName, (ComponentSyntaxInfo*)((ComponentEDIPartyName*)csi_assert)->partyName );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ return LDAP_COMPARE_TRUE;
+} /* BMatchingComponentEDIPartyName */
+
+void*
+ExtractingComponentEDIPartyName ( void* mem_op, ComponentReference* cr, ComponentEDIPartyName *comp )
+{
+
+ if ( ( comp->nameAssigner->identifier.bv_val && strncmp(comp->nameAssigner->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->nameAssigner->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return comp->nameAssigner;
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentDirectoryString ( mem_op, cr, comp->nameAssigner );
+ }
+ }
+ if ( ( comp->partyName->identifier.bv_val && strncmp(comp->partyName->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->partyName->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return comp->partyName;
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentDirectoryString ( mem_op, cr, comp->partyName );
+ }
+ }
+ return NULL;
+} /* ExtractingComponentEDIPartyName */
+
+int
+BDecComponentEDIPartyName PARAMS ((b, tagId0, elmtLen0, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+AsnTag tagId0 _AND_
+AsnLen elmtLen0 _AND_
+ComponentEDIPartyName **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ int seqDone = FALSE;
+ AsnLen totalElmtsLen1 = 0;
+ AsnLen elmtLen1;
+ AsnTag tagId1;
+ int mandatoryElmtCount1 = 0;
+ AsnLen totalElmtsLen2 = 0;
+ AsnLen elmtLen2;
+ AsnTag tagId2;
+ AsnLen totalElmtsLen3 = 0;
+ AsnLen elmtLen3;
+ AsnTag tagId3;
+ int old_mode = mode;
+ int rc;
+ ComponentEDIPartyName *k, *t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if (((tagId1 == MAKE_TAG_ID (CNTX, CONS, 0))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = tagId2 = BDecTag (b, &totalElmtsLen1 );
+ elmtLen2 = BDecLen (b, &totalElmtsLen1 );
+ BDecComponentDirectoryString (mem_op, b, tagId2, elmtLen2, (&k->nameAssigner), &totalElmtsLen1, mode);
+ if (elmtLen1 == INDEFINITE_LEN)
+ BDecEoc(b, &totalElmtsLen1 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->nameAssigner)->identifier.bv_val = (k->nameAssigner)->id_buf;
+ (k->nameAssigner)->identifier.bv_len = strlen("nameAssigner");
+ strcpy( (k->nameAssigner)->identifier.bv_val, "nameAssigner");
+ if (elmtLen1 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ tagId1 = BDecTag (b, &totalElmtsLen1);
+ }
+
+
+ if (((tagId1 == MAKE_TAG_ID (CNTX, CONS, 1))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = tagId2 = BDecTag (b, &totalElmtsLen1 );
+ elmtLen2 = BDecLen (b, &totalElmtsLen1 );
+ BDecComponentDirectoryString (mem_op, b, tagId2, elmtLen2, (&k->partyName), &totalElmtsLen1, mode);
+ if (elmtLen1 == INDEFINITE_LEN)
+ BDecEoc(b, &totalElmtsLen1 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->partyName)->identifier.bv_val = (k->partyName)->id_buf;
+ (k->partyName)->identifier.bv_len = strlen("partyName");
+ strcpy( (k->partyName)->identifier.bv_val, "partyName");
+ if (elmtLen1 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ seqDone = TRUE;
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ else if (totalElmtsLen1 != elmtLen0)
+ return -1;
+
+ }
+ else
+ return -1;
+
+
+
+ if (!seqDone)
+ return -1;
+
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentEDIPartyName*) CompAlloc( mem_op, sizeof(ComponentEDIPartyName) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentEDIPartyName ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentEDIPartyName ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentEDIPartyName;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentEDIPartyName;
+ (*bytesDecoded) += totalElmtsLen1;
+ return LDAP_SUCCESS;
+} /* BDecEDIPartyName*/
+
+int
+GDecComponentEDIPartyName PARAMS (( mem_op,b, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+ComponentEDIPartyName **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ char* peek_head,*peek_head2;
+ int i, strLen,strLen2, rc, old_mode = mode;
+ ComponentEDIPartyName *k,*t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ *bytesDecoded = 0;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '{'){
+ Asn1Error("Missing { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if ( strncmp( peek_head, "nameAssigner", strlen("nameAssigner") ) == 0 ) {
+ rc = GDecComponentDirectoryString (mem_op, b, (&k->nameAssigner), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ ( k->nameAssigner)->identifier.bv_val = peek_head;
+ ( k->nameAssigner)->identifier.bv_len = strLen;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading , ");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != ','){
+ Asn1Error("Missing , in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ }
+ if ( strncmp( peek_head, "partyName", strlen("partyName") ) == 0 ) {
+ rc = GDecComponentDirectoryString (mem_op, b, (&k->partyName), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ ( k->partyName)->identifier.bv_val = peek_head;
+ ( k->partyName)->identifier.bv_len = strLen;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ) {
+ Asn1Error("Error during Reading } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '}'){
+ Asn1Error("Missing } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentEDIPartyName*) CompAlloc( mem_op, sizeof(ComponentEDIPartyName) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentEDIPartyName ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentEDIPartyName ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentEDIPartyName;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentEDIPartyName;
+ return LDAP_SUCCESS;
+} /* GDecEDIPartyName*/
+
+
+
+int
+MatchingComponentGeneralName ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) {
+ int rc;
+ MatchingRule* mr;
+ ComponentGeneralName *v1, *v2;
+
+
+ v1 = (ComponentGeneralName*)csi_attr;
+ v2 = (ComponentGeneralName*)csi_assert;
+ if ( oid ) {
+ mr = retrieve_matching_rule( oid, csi_attr->csi_comp_desc->cd_type_id);
+ if ( mr ) return component_value_match( mr, csi_attr, csi_assert );
+ }
+
+ if( (v1->choiceId != v2->choiceId ) )
+ return LDAP_COMPARE_FALSE;
+ switch( v1->choiceId )
+ {
+ case GENERALNAME_OTHERNAME :
+ rc = MatchingComponentOtherName ( oid, (ComponentSyntaxInfo*)(v1->a.otherName), (ComponentSyntaxInfo*)(v2->a.otherName) );
+ break;
+ case GENERALNAME_RFC822NAME :
+ rc = MatchingComponentIA5String ( oid, (ComponentSyntaxInfo*)(v1->a.rfc822Name), (ComponentSyntaxInfo*)(v2->a.rfc822Name) );
+ break;
+ case GENERALNAME_DNSNAME :
+ rc = MatchingComponentIA5String ( oid, (ComponentSyntaxInfo*)(v1->a.dNSName), (ComponentSyntaxInfo*)(v2->a.dNSName) );
+ break;
+ case GENERALNAME_X400ADDRESS :
+ rc = MatchingComponentORAddress ( oid, (ComponentSyntaxInfo*)(v1->a.x400Address), (ComponentSyntaxInfo*)(v2->a.x400Address) );
+ break;
+ case GENERALNAME_DIRECTORYNAME :
+ rc = MatchingComponentName ( oid, (ComponentSyntaxInfo*)(v1->a.directoryName), (ComponentSyntaxInfo*)(v2->a.directoryName) );
+ break;
+ case GENERALNAME_EDIPARTYNAME :
+ rc = MatchingComponentEDIPartyName ( oid, (ComponentSyntaxInfo*)(v1->a.ediPartyName), (ComponentSyntaxInfo*)(v2->a.ediPartyName) );
+ break;
+ case GENERALNAME_UNIFORMRESOURCEIDENTIFIER :
+ rc = MatchingComponentIA5String ( oid, (ComponentSyntaxInfo*)(v1->a.uniformResourceIdentifier), (ComponentSyntaxInfo*)(v2->a.uniformResourceIdentifier) );
+ break;
+ case GENERALNAME_IPADDRESS :
+ rc = MatchingComponentOcts ( oid, (ComponentSyntaxInfo*)(v1->a.iPAddress), (ComponentSyntaxInfo*)(v2->a.iPAddress) );
+ break;
+ case GENERALNAME_REGISTEREDID :
+ rc = MatchingComponentOid ( oid, (ComponentSyntaxInfo*)(v1->a.registeredID), (ComponentSyntaxInfo*)(v2->a.registeredID) );
+ break;
+ default :
+ return LDAP_PROTOCOL_ERROR;
+ }
+ return rc;
+} /* BMatchingComponentGeneralNameContent */
+
+void*
+ExtractingComponentGeneralName ( void* mem_op, ComponentReference* cr, ComponentGeneralName *comp )
+{
+
+
+ if( (comp->choiceId) == GENERALNAME_OTHERNAME &&
+ (( comp->a.otherName->identifier.bv_val && strncmp(comp->a.otherName->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.otherName->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.otherName);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentOtherName ( mem_op, cr, (comp->a.otherName) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_RFC822NAME &&
+ (( comp->a.rfc822Name->identifier.bv_val && strncmp(comp->a.rfc822Name->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.rfc822Name->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.rfc822Name);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentIA5String ( mem_op, cr, (comp->a.rfc822Name) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_DNSNAME &&
+ (( comp->a.dNSName->identifier.bv_val && strncmp(comp->a.dNSName->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.dNSName->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.dNSName);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentIA5String ( mem_op, cr, (comp->a.dNSName) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_X400ADDRESS &&
+ (( comp->a.x400Address->identifier.bv_val && strncmp(comp->a.x400Address->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.x400Address->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.x400Address);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentORAddress ( mem_op, cr, (comp->a.x400Address) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_DIRECTORYNAME &&
+ (( comp->a.directoryName->identifier.bv_val && strncmp(comp->a.directoryName->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.directoryName->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.directoryName);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentName ( mem_op, cr, (comp->a.directoryName) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_EDIPARTYNAME &&
+ (( comp->a.ediPartyName->identifier.bv_val && strncmp(comp->a.ediPartyName->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.ediPartyName->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.ediPartyName);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentEDIPartyName ( mem_op, cr, (comp->a.ediPartyName) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_UNIFORMRESOURCEIDENTIFIER &&
+ (( comp->a.uniformResourceIdentifier->identifier.bv_val && strncmp(comp->a.uniformResourceIdentifier->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.uniformResourceIdentifier->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.uniformResourceIdentifier);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentIA5String ( mem_op, cr, (comp->a.uniformResourceIdentifier) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_IPADDRESS &&
+ (( comp->a.iPAddress->identifier.bv_val && strncmp(comp->a.iPAddress->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.iPAddress->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.iPAddress);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentOcts ( mem_op, cr, (comp->a.iPAddress) );
+ };
+ }
+ if( (comp->choiceId) == GENERALNAME_REGISTEREDID &&
+ (( comp->a.registeredID->identifier.bv_val && strncmp(comp->a.registeredID->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0) ||
+ ( strncmp(comp->a.registeredID->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0))) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return (comp->a.registeredID);
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentOid ( mem_op, cr, (comp->a.registeredID) );
+ };
+ }
+ return NULL;
+} /* ExtractingComponentGeneralName */
+
+int
+BDecComponentGeneralName PARAMS ((b, tagId0, elmtLen0, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+AsnTag tagId0 _AND_
+AsnLen elmtLen0 _AND_
+ComponentGeneralName **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ int seqDone = FALSE;
+ AsnLen totalElmtsLen1 = 0;
+ AsnLen elmtLen1;
+ AsnTag tagId1;
+ int mandatoryElmtCount1 = 0;
+ AsnLen totalElmtsLen2 = 0;
+ AsnLen elmtLen2;
+ AsnTag tagId2;
+ AsnLen totalElmtsLen3 = 0;
+ AsnLen elmtLen3;
+ AsnTag tagId3;
+ int old_mode = mode;
+ int rc;
+ ComponentGeneralName *k, *t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ switch (tagId0)
+ {
+ case MAKE_TAG_ID (CNTX, CONS, 0):
+if (BDecTag (b, &totalElmtsLen1 ) != MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_OTHERNAME;
+ rc = BDecComponentOtherName (mem_op, b, tagId1, elmtLen1, (&k->a.otherName), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.otherName)->identifier.bv_val = (k->a.otherName)->id_buf;
+ (k->a.otherName)->identifier.bv_len = strlen("otherName");
+ strcpy( (k->a.otherName)->identifier.bv_val, "otherName");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 1):
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+if ((tagId1 != MAKE_TAG_ID (UNIV, PRIM, IA5STRING_TAG_CODE)) &&
+ (tagId1 != MAKE_TAG_ID (UNIV, CONS, IA5STRING_TAG_CODE)))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_RFC822NAME;
+ rc = BDecComponentIA5String (mem_op, b, tagId1, elmtLen1, (&k->a.rfc822Name), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.rfc822Name)->identifier.bv_val = (k->a.rfc822Name)->id_buf;
+ (k->a.rfc822Name)->identifier.bv_len = strlen("rfc822Name");
+ strcpy( (k->a.rfc822Name)->identifier.bv_val, "rfc822Name");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 2):
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+if ((tagId1 != MAKE_TAG_ID (UNIV, PRIM, IA5STRING_TAG_CODE)) &&
+ (tagId1 != MAKE_TAG_ID (UNIV, CONS, IA5STRING_TAG_CODE)))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_DNSNAME;
+ rc = BDecComponentIA5String (mem_op, b, tagId1, elmtLen1, (&k->a.dNSName), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.dNSName)->identifier.bv_val = (k->a.dNSName)->id_buf;
+ (k->a.dNSName)->identifier.bv_len = strlen("dNSName");
+ strcpy( (k->a.dNSName)->identifier.bv_val, "dNSName");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 3):
+if (BDecTag (b, &totalElmtsLen1 ) != MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_X400ADDRESS;
+ rc = BDecComponentORAddress (mem_op, b, tagId1, elmtLen1, (&k->a.x400Address), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.x400Address)->identifier.bv_val = (k->a.x400Address)->id_buf;
+ (k->a.x400Address)->identifier.bv_len = strlen("x400Address");
+ strcpy( (k->a.x400Address)->identifier.bv_val, "x400Address");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 4):
+ (k->choiceId) = GENERALNAME_DIRECTORYNAME;
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentName (mem_op, b, tagId1, elmtLen1, (&k->a.directoryName), &totalElmtsLen1, mode);
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc(b, &totalElmtsLen1 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.directoryName)->identifier.bv_val = (k->a.directoryName)->id_buf;
+ (k->a.directoryName)->identifier.bv_len = strlen("directoryName");
+ strcpy( (k->a.directoryName)->identifier.bv_val, "directoryName");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 5):
+if (BDecTag (b, &totalElmtsLen1 ) != MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_EDIPARTYNAME;
+ rc = BDecComponentEDIPartyName (mem_op, b, tagId1, elmtLen1, (&k->a.ediPartyName), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.ediPartyName)->identifier.bv_val = (k->a.ediPartyName)->id_buf;
+ (k->a.ediPartyName)->identifier.bv_len = strlen("ediPartyName");
+ strcpy( (k->a.ediPartyName)->identifier.bv_val, "ediPartyName");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 6):
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+if ((tagId1 != MAKE_TAG_ID (UNIV, PRIM, IA5STRING_TAG_CODE)) &&
+ (tagId1 != MAKE_TAG_ID (UNIV, CONS, IA5STRING_TAG_CODE)))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_UNIFORMRESOURCEIDENTIFIER;
+ rc = BDecComponentIA5String (mem_op, b, tagId1, elmtLen1, (&k->a.uniformResourceIdentifier), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.uniformResourceIdentifier)->identifier.bv_val = (k->a.uniformResourceIdentifier)->id_buf;
+ (k->a.uniformResourceIdentifier)->identifier.bv_len = strlen("uniformResourceIdentifier");
+ strcpy( (k->a.uniformResourceIdentifier)->identifier.bv_val, "uniformResourceIdentifier");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 7):
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+if ((tagId1 != MAKE_TAG_ID (UNIV, PRIM, OCTETSTRING_TAG_CODE)) &&
+ (tagId1 != MAKE_TAG_ID (UNIV, CONS, OCTETSTRING_TAG_CODE)))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_IPADDRESS;
+ rc = BDecComponentOcts (mem_op, b, tagId1, elmtLen1, (&k->a.iPAddress), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.iPAddress)->identifier.bv_val = (k->a.iPAddress)->id_buf;
+ (k->a.iPAddress)->identifier.bv_len = strlen("iPAddress");
+ strcpy( (k->a.iPAddress)->identifier.bv_val, "iPAddress");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ case MAKE_TAG_ID (CNTX, CONS, 8):
+if (BDecTag (b, &totalElmtsLen1 ) != MAKE_TAG_ID (UNIV, PRIM, OID_TAG_CODE))
+ {
+ Asn1Error ("Unexpected Tag\n");
+ return -1;
+ }
+
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ (k->choiceId) = GENERALNAME_REGISTEREDID;
+ rc = BDecComponentOid (mem_op, b, tagId1, elmtLen1, (&k->a.registeredID), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.registeredID)->identifier.bv_val = (k->a.registeredID)->id_buf;
+ (k->a.registeredID)->identifier.bv_len = strlen("registeredID");
+ strcpy( (k->a.registeredID)->identifier.bv_val, "registeredID");
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ break;
+
+ default:
+ Asn1Error ("ERROR - unexpected tag in CHOICE\n");
+ return -1;
+ break;
+ } /* end switch */
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentGeneralName*) CompAlloc( mem_op, sizeof(ComponentGeneralName) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentGeneralName ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentGeneralName ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentGeneralName;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentGeneralName;
+ (*bytesDecoded) += totalElmtsLen1;
+ return LDAP_SUCCESS;
+} /* BDecGeneralNameContent */
+
+int
+GDecComponentGeneralName PARAMS (( mem_op,b, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+ComponentGeneralName **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ char* peek_head,*peek_head2;
+ int i, strLen,strLen2, rc, old_mode = mode;
+ ComponentGeneralName *k,*t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen2 = LocateNextGSERToken(mem_op,b,&peek_head2,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head2 != ':'){
+ Asn1Error("Missing : in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( strncmp("otherName",peek_head, strlen("otherName")) == 0){
+ (k->choiceId) = GENERALNAME_OTHERNAME;
+ rc = GDecComponentOtherName (mem_op, b, (&k->a.otherName), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.otherName)->identifier.bv_val = peek_head;
+ (k->a.otherName)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("rfc822Name",peek_head,strlen("rfc822Name")) == 0){
+ (k->choiceId) = GENERALNAME_RFC822NAME;
+ rc = GDecComponentIA5String (mem_op, b, (&k->a.rfc822Name), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.rfc822Name)->identifier.bv_val = peek_head;
+ (k->a.rfc822Name)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("dNSName",peek_head,strlen("dNSName")) == 0){
+ (k->choiceId) = GENERALNAME_DNSNAME;
+ rc = GDecComponentIA5String (mem_op, b, (&k->a.dNSName), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.dNSName)->identifier.bv_val = peek_head;
+ (k->a.dNSName)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("x400Address",peek_head,strlen("x400Address")) == 0){
+ (k->choiceId) = GENERALNAME_X400ADDRESS;
+ rc = GDecComponentORAddress (mem_op, b, (&k->a.x400Address), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.x400Address)->identifier.bv_val = peek_head;
+ (k->a.x400Address)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("directoryName",peek_head,strlen("directoryName")) == 0){
+ (k->choiceId) = GENERALNAME_DIRECTORYNAME;
+ rc = GDecComponentName (mem_op, b, (&k->a.directoryName), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.directoryName)->identifier.bv_val = peek_head;
+ (k->a.directoryName)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("ediPartyName",peek_head,strlen("ediPartyName")) == 0){
+ (k->choiceId) = GENERALNAME_EDIPARTYNAME;
+ rc = GDecComponentEDIPartyName (mem_op, b, (&k->a.ediPartyName), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.ediPartyName)->identifier.bv_val = peek_head;
+ (k->a.ediPartyName)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("uniformResourceIdentifier",peek_head,strlen("uniformResourceIdentifier")) == 0){
+ (k->choiceId) = GENERALNAME_UNIFORMRESOURCEIDENTIFIER;
+ rc = GDecComponentIA5String (mem_op, b, (&k->a.uniformResourceIdentifier), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.uniformResourceIdentifier)->identifier.bv_val = peek_head;
+ (k->a.uniformResourceIdentifier)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("iPAddress",peek_head,strlen("iPAddress")) == 0){
+ (k->choiceId) = GENERALNAME_IPADDRESS;
+ rc = GDecComponentOcts (mem_op, b, (&k->a.iPAddress), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.iPAddress)->identifier.bv_val = peek_head;
+ (k->a.iPAddress)->identifier.bv_len = strLen;
+ }
+ else if( strncmp("registeredID",peek_head,strlen("registeredID")) == 0){
+ (k->choiceId) = GENERALNAME_REGISTEREDID;
+ rc = GDecComponentOid (mem_op, b, (&k->a.registeredID), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->a.registeredID)->identifier.bv_val = peek_head;
+ (k->a.registeredID)->identifier.bv_len = strLen;
+ }
+ else {
+ Asn1Error("Undefined Identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentGeneralName*) CompAlloc( mem_op, sizeof(ComponentGeneralName) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentGeneralName ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentGeneralName ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentGeneralName;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentGeneralName;
+ return LDAP_SUCCESS;
+} /* GDecGeneralNameContent */
+
+
+int
+MatchingComponentGeneralNames ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) {
+ int rc;
+ MatchingRule* mr;
+ void* component1, *component2;
+ AsnList *v1, *v2, t_list;
+
+
+ if ( oid ) {
+ mr = retrieve_matching_rule( oid, csi_attr->csi_comp_desc->cd_type_id);
+ if ( mr ) return component_value_match( mr, csi_attr, csi_assert );
+ }
+
+ v1 = &((ComponentGeneralNames*)csi_attr)->comp_list;
+ v2 = &((ComponentGeneralNames*)csi_assert)->comp_list;
+ FOR_EACH_LIST_PAIR_ELMT(component1, component2, v1, v2)
+ {
+ if( MatchingComponentGeneralName(oid, (ComponentSyntaxInfo*)component1, (ComponentSyntaxInfo*)component2) == LDAP_COMPARE_FALSE) {
+ return LDAP_COMPARE_FALSE;
+ }
+ } /* end of for */
+
+ AsnListFirst( v1 );
+ AsnListFirst( v2 );
+ if( (!component1 && component2) || (component1 && !component2))
+ return LDAP_COMPARE_FALSE;
+ else
+ return LDAP_COMPARE_TRUE;
+} /* BMatchingComponentGeneralNamesContent */
+
+void*
+ExtractingComponentGeneralNames ( void* mem_op, ComponentReference* cr, ComponentGeneralNames *comp )
+{
+ int count = 0;
+ int total;
+ AsnList *v = &comp->comp_list;
+ ComponentInt *k;
+ ComponentGeneralName *component;
+
+
+ switch ( cr->cr_curr->ci_type ) {
+ case LDAP_COMPREF_FROM_BEGINNING :
+ count = cr->cr_curr->ci_val.ci_from_beginning;
+ FOR_EACH_LIST_ELMT( component , v ) {
+ if( --count == 0 ) {
+ if( cr->cr_curr->ci_next == NULL )
+ return component;
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentGeneralName ( mem_op, cr, component );
+ }
+ }
+ }
+ break;
+ case LDAP_COMPREF_FROM_END :
+ total = AsnListCount ( v );
+ count = cr->cr_curr->ci_val.ci_from_end;
+ count = total + count +1;
+ FOR_EACH_LIST_ELMT ( component, v ) {
+ if( --count == 0 ) {
+ if( cr->cr_curr->ci_next == NULL )
+ return component;
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentGeneralName ( mem_op, cr, component );
+ }
+ }
+ }
+ break;
+ case LDAP_COMPREF_ALL :
+ return comp;
+ case LDAP_COMPREF_COUNT :
+ k = (ComponentInt*)CompAlloc( mem_op, sizeof(ComponentInt));
+ k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ k->comp_desc->cd_tag = NULL;
+ k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentInt;
+ k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentInt;
+ k->comp_desc->cd_extract_i = (extract_component_from_id_func*)NULL;
+ k->comp_desc->cd_type = ASN_BASIC;
+ k->comp_desc->cd_type_id = BASICTYPE_INTEGER;
+ k->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentInt;
+ k->value = AsnListCount(v);
+ return k;
+ default :
+ return NULL;
+ }
+} /* ExtractingComponentGeneralNames */
+
+int
+BDecComponentGeneralNames PARAMS ((b, tagId0, elmtLen0, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+AsnTag tagId0 _AND_
+AsnLen elmtLen0 _AND_
+ComponentGeneralNames **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ int seqDone = FALSE;
+ AsnLen totalElmtsLen1 = 0;
+ AsnLen elmtLen1;
+ AsnTag tagId1;
+ int mandatoryElmtCount1 = 0;
+ int old_mode = mode;
+ int rc;
+ ComponentGeneralNames *k, *t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ AsnListInit(&k->comp_list,sizeof(ComponentGeneralName));
+ for (totalElmtsLen1 = 0; (totalElmtsLen1 < elmtLen0) || (elmtLen0 == INDEFINITE_LEN);)
+ {
+ ComponentGeneralName **tmpVar;
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if ((tagId1 == EOC_TAG_ID) && (elmtLen0 == INDEFINITE_LEN))
+ {
+ BDEC_2ND_EOC_OCTET (b, &totalElmtsLen1 )
+ break; /* got EOC so can exit this SET OF/SEQ OF's for loop*/
+ }
+ elmtLen1 = BDecLen (b, &totalElmtsLen1);
+ tmpVar = (ComponentGeneralName**) CompAsnListAppend (mem_op,&k->comp_list);
+ rc = BDecComponentGeneralName (mem_op, b, tagId1, elmtLen1, tmpVar, &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ } /* end of for */
+
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentGeneralNames*) CompAlloc( mem_op, sizeof(ComponentGeneralNames) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentGeneralNames ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentGeneralNames ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentGeneralNames;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentGeneralNames;
+ (*bytesDecoded) += totalElmtsLen1;
+ return LDAP_SUCCESS;
+} /* BDecGeneralNamesContent */
+
+int
+GDecComponentGeneralNames PARAMS (( mem_op,b, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+ComponentGeneralNames **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ char* peek_head,*peek_head2;
+ int i, strLen,strLen2, rc, old_mode = mode;
+ ComponentGeneralNames *k,*t, c_temp;
+
+
+ int ElmtsLen1;
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ AsnListInit( &k->comp_list, sizeof( ComponentGeneralName ) );
+ *bytesDecoded = 0;
+ if( !(strLen = LocateNextGSERToken(mem_op,b, &peek_head, GSER_PEEK)) ){
+ Asn1Error("Error during Reading { in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '{'){
+ Asn1Error("Missing { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ for (ElmtsLen1 = 0; ElmtsLen1 >= INDEFINITE_LEN; ElmtsLen1++)
+ {
+ ComponentGeneralName **tmpVar;
+ if( !(strLen = LocateNextGSERToken(mem_op,b, &peek_head, GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading{ in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head == '}') break;
+ if( !(*peek_head == '{' || *peek_head ==',') ) {
+ return LDAP_PROTOCOL_ERROR;
+ }
+ tmpVar = (ComponentGeneralName**) CompAsnListAppend (mem_op, &k->comp_list);
+ if ( tmpVar == NULL ) {
+ Asn1Error("Error during Reading{ in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ rc = GDecComponentGeneralName (mem_op, b, tmpVar, bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ } /* end of for */
+
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentGeneralNames*) CompAlloc( mem_op, sizeof(ComponentGeneralNames) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentGeneralNames ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentGeneralNames ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentGeneralNames;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentGeneralNames;
+ return LDAP_SUCCESS;
+} /* GDecGeneralNamesContent */
+
+
+int
+MatchingComponentAuthorityKeyIdentifier ( char* oid, ComponentSyntaxInfo* csi_attr, ComponentSyntaxInfo* csi_assert ) {
+ int rc;
+ MatchingRule* mr;
+
+ if ( oid ) {
+ mr = retrieve_matching_rule( oid, csi_attr->csi_comp_desc->cd_type_id);
+ if ( mr ) return component_value_match( mr, csi_attr, csi_assert );
+ }
+
+ rc = 1;
+ rc = MatchingComponentKeyIdentifier ( oid, (ComponentSyntaxInfo*)&((ComponentAuthorityKeyIdentifier*)csi_attr)->keyIdentifier, (ComponentSyntaxInfo*)&((ComponentAuthorityKeyIdentifier*)csi_assert)->keyIdentifier );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ if(COMPONENTNOT_NULL( ((ComponentAuthorityKeyIdentifier*)csi_attr)->authorityCertIssuer ) ) {
+ rc = MatchingComponentGeneralNames ( oid, (ComponentSyntaxInfo*)((ComponentAuthorityKeyIdentifier*)csi_attr)->authorityCertIssuer, (ComponentSyntaxInfo*)((ComponentAuthorityKeyIdentifier*)csi_assert)->authorityCertIssuer );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ }
+ if(COMPONENTNOT_NULL( ((ComponentAuthorityKeyIdentifier*)csi_attr)->authorityCertSerialNumber ) ) {
+ rc = MatchingComponentCertificateSerialNumber ( oid, (ComponentSyntaxInfo*)((ComponentAuthorityKeyIdentifier*)csi_attr)->authorityCertSerialNumber, (ComponentSyntaxInfo*)((ComponentAuthorityKeyIdentifier*)csi_assert)->authorityCertSerialNumber );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ }
+ return LDAP_COMPARE_TRUE;
+} /* BMatchingComponentAuthorityKeyIdentifier */
+
+void*
+ExtractingComponentAuthorityKeyIdentifier ( void* mem_op, ComponentReference* cr, ComponentAuthorityKeyIdentifier *comp )
+{
+
+ if ( ( comp->keyIdentifier.identifier.bv_val && strncmp(comp->keyIdentifier.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->keyIdentifier.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return &comp->keyIdentifier;
+ else
+ return NULL;
+ }
+ if ( ( comp->authorityCertIssuer->identifier.bv_val && strncmp(comp->authorityCertIssuer->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->authorityCertIssuer->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return comp->authorityCertIssuer;
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentGeneralNames ( mem_op, cr, comp->authorityCertIssuer );
+ }
+ }
+ if ( ( comp->authorityCertSerialNumber->identifier.bv_val && strncmp(comp->authorityCertSerialNumber->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->authorityCertSerialNumber->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return comp->authorityCertSerialNumber;
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentCertificateSerialNumber ( mem_op, cr, comp->authorityCertSerialNumber );
+ }
+ }
+ return NULL;
+} /* ExtractingComponentAuthorityKeyIdentifier */
+
+int
+BDecComponentAuthorityKeyIdentifier PARAMS ((b, tagId0, elmtLen0, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+AsnTag tagId0 _AND_
+AsnLen elmtLen0 _AND_
+ComponentAuthorityKeyIdentifier **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ int seqDone = FALSE;
+ AsnLen totalElmtsLen1 = 0;
+ AsnLen elmtLen1;
+ AsnTag tagId1;
+ int mandatoryElmtCount1 = 0;
+ AsnLen totalElmtsLen2 = 0;
+ AsnLen elmtLen2;
+ AsnTag tagId2;
+ int old_mode = mode;
+ int rc;
+ ComponentAuthorityKeyIdentifier *k, *t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ if ((elmtLen0 != INDEFINITE_LEN) && (totalElmtsLen1 == elmtLen0))
+ seqDone = TRUE;
+ else
+ {
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if ((elmtLen0 == INDEFINITE_LEN) && (tagId1 == EOC_TAG_ID))
+ {
+ BDEC_2ND_EOC_OCTET (b, &totalElmtsLen1 )
+ seqDone = TRUE;
+ }
+ }
+
+ if ((!seqDone) && ((tagId1 == MAKE_TAG_ID (CNTX, PRIM, 0)) ||
+(tagId1 == MAKE_TAG_ID (CNTX, CONS, 0))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentKeyIdentifier (mem_op, b, tagId1, elmtLen1, (&k->keyIdentifier), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->keyIdentifier)->identifier.bv_val = (&k->keyIdentifier)->id_buf;
+ (&k->keyIdentifier)->identifier.bv_len = strlen("keyIdentifier");
+ strcpy( (&k->keyIdentifier)->identifier.bv_val, "keyIdentifier");
+ if ((elmtLen0 != INDEFINITE_LEN) && (totalElmtsLen1 == elmtLen0))
+ seqDone = TRUE;
+ else
+ {
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if ((elmtLen0 == INDEFINITE_LEN) && (tagId1 == EOC_TAG_ID))
+ {
+ BDEC_2ND_EOC_OCTET (b, &totalElmtsLen1 )
+ seqDone = TRUE;
+ }
+ }
+ }
+
+ if ((!seqDone) && ((tagId1 == MAKE_TAG_ID (CNTX, CONS, 1))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentGeneralNames (mem_op, b, tagId1, elmtLen1,
+(&k->authorityCertIssuer), &totalElmtsLen1, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->authorityCertIssuer)->identifier.bv_val = (k->authorityCertIssuer)->id_buf;
+ (k->authorityCertIssuer)->identifier.bv_len = strlen("authorityCertIssuer");
+ strcpy( (k->authorityCertIssuer)->identifier.bv_val, "authorityCertIssuer");
+ if ((elmtLen0 != INDEFINITE_LEN) && (totalElmtsLen1 == elmtLen0))
+ seqDone = TRUE;
+ else
+ {
+ tagId1 = BDecTag (b, &totalElmtsLen1 );
+
+ if ((elmtLen0 == INDEFINITE_LEN) && (tagId1 == EOC_TAG_ID))
+ {
+ BDEC_2ND_EOC_OCTET (b, &totalElmtsLen1 )
+ seqDone = TRUE;
+ }
+ }
+ }
+
+ if ((!seqDone) && ((tagId1 == MAKE_TAG_ID (CNTX, PRIM, 2))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentCertificateSerialNumber (mem_op, b, tagId1, elmtLen1, (&k->authorityCertSerialNumber), &totalElmtsLen1, DEC_ALLOC_MODE_0 ); if ( rc != LDAP_SUCCESS ) return rc;
+ (k->authorityCertSerialNumber)->identifier.bv_val = (k->authorityCertSerialNumber)->id_buf;
+ (k->authorityCertSerialNumber)->identifier.bv_len = strlen("authorityCertSerialNumber");
+ strcpy( (k->authorityCertSerialNumber)->identifier.bv_val, "authorityCertSerialNumber");
+ seqDone = TRUE;
+ if (elmtLen0 == INDEFINITE_LEN)
+ BDecEoc (b, &totalElmtsLen1 );
+ else if (totalElmtsLen1 != elmtLen0)
+ return -1;
+
+ }
+
+ if (!seqDone)
+ return -1;
+
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentAuthorityKeyIdentifier*) CompAlloc( mem_op, sizeof(ComponentAuthorityKeyIdentifier) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentAuthorityKeyIdentifier ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentAuthorityKeyIdentifier ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentAuthorityKeyIdentifier;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentAuthorityKeyIdentifier;
+ (*bytesDecoded) += totalElmtsLen1;
+ return LDAP_SUCCESS;
+} /* BDecAuthorityKeyIdentifier*/
+
+int
+GDecComponentAuthorityKeyIdentifier PARAMS (( mem_op,b, v, bytesDecoded, mode),
+void* mem_op _AND_
+GenBuf * b _AND_
+ComponentAuthorityKeyIdentifier **v _AND_
+AsnLen *bytesDecoded _AND_
+int mode)
+{
+ char* peek_head,*peek_head2;
+ int i, strLen,strLen2, rc, old_mode = mode;
+ ComponentAuthorityKeyIdentifier *k,*t, c_temp;
+
+
+ if ( !(mode & DEC_ALLOC_MODE_1) ) {
+ memset(&c_temp,0,sizeof(c_temp));
+ k = &c_temp;
+ } else
+ k = t = *v;
+ mode = DEC_ALLOC_MODE_2;
+ *bytesDecoded = 0;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '{'){
+ Asn1Error("Missing { in encoded data");
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if ( strncmp( peek_head, "keyIdentifier", strlen("keyIdentifier") ) == 0 ) {
+ rc = GDecComponentKeyIdentifier (mem_op, b, (&k->keyIdentifier), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (&k->keyIdentifier)->identifier.bv_val = peek_head;
+ (&k->keyIdentifier)->identifier.bv_len = strLen;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading , ");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != ','){
+ Asn1Error("Missing , in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ }
+ if ( strncmp( peek_head, "authorityCertIssuer", strlen("authorityCertIssuer") ) == 0 ) {
+ rc = GDecComponentGeneralNames (mem_op, b, (&k->authorityCertIssuer), bytesDecoded, mode);
+ if ( rc != LDAP_SUCCESS ) return rc;
+ ( k->authorityCertIssuer)->identifier.bv_val = peek_head;
+ ( k->authorityCertIssuer)->identifier.bv_len = strLen;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading , ");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != ','){
+ Asn1Error("Missing , in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ }
+ if ( strncmp( peek_head, "authorityCertSerialNumber", strlen("authorityCertSerialNumber") ) == 0 ) {
+ rc = GDecComponentCertificateSerialNumber (mem_op, b, (&k->authorityCertSerialNumber), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ ( k->authorityCertSerialNumber)->identifier.bv_val = peek_head;
+ ( k->authorityCertSerialNumber)->identifier.bv_len = strLen;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ) {
+ Asn1Error("Error during Reading } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != '}'){
+ Asn1Error("Missing } in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(old_mode & DEC_ALLOC_MODE_1) ) {
+ *v = t = (ComponentAuthorityKeyIdentifier*) CompAlloc( mem_op, sizeof(ComponentAuthorityKeyIdentifier) );
+ if ( !t ) return -1;
+ *t = *k;
+ }
+ t->syntax = (Syntax*)NULL;
+ t->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !t->comp_desc ) {
+ free ( t );
+ return -1;
+ }
+ t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentAuthorityKeyIdentifier ;
+ t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentAuthorityKeyIdentifier ;
+ t->comp_desc->cd_free = (comp_free_func*)NULL;
+ t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentAuthorityKeyIdentifier;
+ t->comp_desc->cd_type = ASN_COMPOSITE;
+ t->comp_desc->cd_type_id = COMPOSITE_ASN1_TYPE;
+ t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentAuthorityKeyIdentifier;
+ return LDAP_SUCCESS;
+} /* GDecAuthorityKeyIdentifier*/
+
+
diff --git a/contrib/slapd-modules/comp_match/authorityKeyIdentifier.h b/contrib/slapd-modules/comp_match/authorityKeyIdentifier.h
new file mode 100644
index 0000000000..5fa4ab5d02
--- /dev/null
+++ b/contrib/slapd-modules/comp_match/authorityKeyIdentifier.h
@@ -0,0 +1,327 @@
+
+#include "asn-incl.h"
+/*
+ * authorityKeyIdentifier.h
+ * "AuthorityKeyIdentifierDefinition" ASN.1 module encode/decode/extracting/matching/free C src.
+ * This file was generated by modified eSMACC compiler Sat Dec 11 10:15:39 2004
+ * The generated files are strongly encouraged to be
+ * compiled as a module for OpenLDAP Software
+ */
+
+#ifndef _authorityKeyIdentifier_h_
+#define _authorityKeyIdentifier_h_
+
+
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+#ifdef _WIN32
+#pragma warning( disable : 4101 )
+#endif
+#include "componentlib.h"
+typedef ComponentOcts ComponentKeyIdentifier; /* OCTET STRING */
+
+#define MatchingComponentKeyIdentifier MatchingComponentOcts
+
+#define ExtractingComponentKeyIdentifier ExtractingComponentOcts
+
+#define BDecComponentKeyIdentifier BDecComponentOcts
+
+#define GDecComponentKeyIdentifier GDecComponentOcts
+
+
+typedef ComponentInt ComponentCertificateSerialNumber; /* INTEGER */
+
+#define MatchingComponentCertificateSerialNumber MatchingComponentInt
+
+#define ExtractingComponentCertificateSerialNumber ExtractingComponentInt
+
+#define BDecComponentCertificateSerialNumber BDecComponentInt
+
+#define GDecComponentCertificateSerialNumber GDecComponentInt
+
+
+typedef struct OtherName /* SEQUENCE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ ComponentOid type_id; /* OBJECT IDENTIFIER */
+ ComponentAnyDefinedBy value; /* [0] EXPLICIT ANY DEFINED BY type-id */
+} ComponentOtherName;
+
+int MatchingComponentOtherName PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentOtherName PROTO (( void* mem_op, ComponentReference *cr, ComponentOtherName *comp ));
+
+
+int BDecComponentOtherName PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentOtherName **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentOtherName PROTO (( void* mem_op, GenBuf * b, ComponentOtherName **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef struct ORAddress /* SEQUENCE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ ComponentOid type_id; /* OBJECT IDENTIFIER */
+ ComponentAnyDefinedBy value; /* ANY DEFINED BY type-id */
+ ComponentOcts extension; /* OCTET STRING OPTIONAL */
+} ComponentORAddress;
+
+int MatchingComponentORAddress PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentORAddress PROTO (( void* mem_op, ComponentReference *cr, ComponentORAddress *comp ));
+
+
+int BDecComponentORAddress PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentORAddress **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentORAddress PROTO (( void* mem_op, GenBuf * b, ComponentORAddress **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef struct AttributeTypeAndValue /* SEQUENCE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ ComponentOid type; /* OBJECT IDENTIFIER */
+ ComponentAnyDefinedBy value; /* ANY DEFINED BY type */
+} ComponentAttributeTypeAndValue;
+
+int MatchingComponentAttributeTypeAndValue PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentAttributeTypeAndValue PROTO (( void* mem_op, ComponentReference *cr, ComponentAttributeTypeAndValue *comp ));
+
+
+int BDecComponentAttributeTypeAndValue PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentAttributeTypeAndValue **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentAttributeTypeAndValue PROTO (( void* mem_op, GenBuf * b, ComponentAttributeTypeAndValue **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef struct DirectoryString /* CHOICE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ enum DirectoryStringChoiceId
+ {
+ DIRECTORYSTRING_TELETEXSTRING,
+ DIRECTORYSTRING_PRINTABLESTRING,
+ DIRECTORYSTRING_UNIVERSALSTRING,
+ DIRECTORYSTRING_UTF8STRING,
+ DIRECTORYSTRING_BMPSTRING
+ } choiceId;
+ union DirectoryStringChoiceUnion
+ {
+ ComponentTeletexString* teletexString; /* TeletexString SIZE 1..MAX */
+ ComponentPrintableString* printableString; /* PrintableString SIZE 1..MAX */
+ ComponentUniversalString* universalString; /* UniversalString SIZE 1..MAX */
+ ComponentUTF8String* utf8String; /* UTF8String SIZE 1..MAX */
+ ComponentBMPString* bmpString; /* BMPString SIZE 1..MAX */
+ } a;
+} ComponentDirectoryString;
+
+int MatchingComponentDirectoryString PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentDirectoryString PROTO (( void* mem_op, ComponentReference *cr, ComponentDirectoryString *comp ));
+
+
+int BDecComponentDirectoryString PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentDirectoryString **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentDirectoryString PROTO (( void* mem_op, GenBuf * b, ComponentDirectoryString **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef struct EDIPartyName /* SEQUENCE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ ComponentDirectoryString* nameAssigner; /* [0] DirectoryString OPTIONAL */
+ ComponentDirectoryString* partyName; /* [1] DirectoryString */
+} ComponentEDIPartyName;
+
+int MatchingComponentEDIPartyName PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentEDIPartyName PROTO (( void* mem_op, ComponentReference *cr, ComponentEDIPartyName *comp ));
+
+
+int BDecComponentEDIPartyName PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentEDIPartyName **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentEDIPartyName PROTO (( void* mem_op, GenBuf * b, ComponentEDIPartyName **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef ComponentList ComponentRelativeDistinguishedName; /* SET OF AttributeTypeAndValue */
+
+int MatchingComponentRelativeDistinguishedName PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentRelativeDistinguishedName PROTO (( void* mem_op, ComponentReference *cr, ComponentRelativeDistinguishedName *comp ));
+
+
+int BDecComponentRelativeDistinguishedName PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentRelativeDistinguishedName **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentRelativeDistinguishedName PROTO (( void* mem_op, GenBuf * b, ComponentRelativeDistinguishedName **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef ComponentList ComponentRDNSequence; /* SEQUENCE OF RelativeDistinguishedName */
+
+int MatchingComponentRDNSequence PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentRDNSequence PROTO (( void* mem_op, ComponentReference *cr, ComponentRDNSequence *comp ));
+
+
+int BDecComponentRDNSequence PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentRDNSequence **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentRDNSequence PROTO (( void* mem_op, GenBuf * b, ComponentRDNSequence **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef struct Name /* CHOICE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ enum NameChoiceId
+ {
+ NAME_RDNSEQUENCE
+ } choiceId;
+ union NameChoiceUnion
+ {
+ ComponentRDNSequence* rdnSequence; /* RDNSequence */
+ } a;
+} ComponentName;
+
+int MatchingComponentName PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentName PROTO (( void* mem_op, ComponentReference *cr, ComponentName *comp ));
+
+
+int BDecComponentName PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentName **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentName PROTO (( void* mem_op, GenBuf * b, ComponentName **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef struct GeneralName /* CHOICE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ enum GeneralNameChoiceId
+ {
+ GENERALNAME_OTHERNAME,
+ GENERALNAME_RFC822NAME,
+ GENERALNAME_DNSNAME,
+ GENERALNAME_X400ADDRESS,
+ GENERALNAME_DIRECTORYNAME,
+ GENERALNAME_EDIPARTYNAME,
+ GENERALNAME_UNIFORMRESOURCEIDENTIFIER,
+ GENERALNAME_IPADDRESS,
+ GENERALNAME_REGISTEREDID
+ } choiceId;
+ union GeneralNameChoiceUnion
+ {
+ ComponentOtherName* otherName; /* [0] OtherName */
+ ComponentIA5String* rfc822Name; /* [1] IA5String */
+ ComponentIA5String* dNSName; /* [2] IA5String */
+ ComponentORAddress* x400Address; /* [3] ORAddress */
+ ComponentName* directoryName; /* [4] Name */
+ ComponentEDIPartyName* ediPartyName; /* [5] EDIPartyName */
+ ComponentIA5String* uniformResourceIdentifier; /* [6] IA5String */
+ ComponentOcts* iPAddress; /* [7] OCTET STRING */
+ ComponentOid* registeredID; /* [8] OBJECT IDENTIFIER */
+ } a;
+} ComponentGeneralName;
+
+int MatchingComponentGeneralName PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentGeneralName PROTO (( void* mem_op, ComponentReference *cr, ComponentGeneralName *comp ));
+
+
+int BDecComponentGeneralName PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentGeneralName **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentGeneralName PROTO (( void* mem_op, GenBuf * b, ComponentGeneralName **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef ComponentList ComponentGeneralNames; /* SEQUENCE SIZE 1..MAX OF GeneralName */
+
+int MatchingComponentGeneralNames PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentGeneralNames PROTO (( void* mem_op, ComponentReference *cr, ComponentGeneralNames *comp ));
+
+
+int BDecComponentGeneralNames PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentGeneralNames **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentGeneralNames PROTO (( void* mem_op, GenBuf * b, ComponentGeneralNames **v, AsnLen *bytesDecoded, int mode));
+
+
+
+typedef struct AuthorityKeyIdentifier /* SEQUENCE */
+{
+ Syntax* syntax;
+ ComponentDesc* comp_desc;
+ struct berval identifier;
+ char id_buf[MAX_IDENTIFIER_LEN];
+ ComponentKeyIdentifier keyIdentifier; /* [0] KeyIdentifier OPTIONAL */
+ ComponentGeneralNames* authorityCertIssuer; /* [1] GeneralNames OPTIONAL */
+ ComponentCertificateSerialNumber* authorityCertSerialNumber; /* [2] CertificateSerialNumber OPTIONAL */
+} ComponentAuthorityKeyIdentifier;
+
+int MatchingComponentAuthorityKeyIdentifier PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
+
+
+void* ExtractingComponentAuthorityKeyIdentifier PROTO (( void* mem_op, ComponentReference *cr, ComponentAuthorityKeyIdentifier *comp ));
+
+
+int BDecComponentAuthorityKeyIdentifier PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentAuthorityKeyIdentifier **v, AsnLen *bytesDecoded, int mode));
+
+
+int GDecComponentAuthorityKeyIdentifier PROTO (( void* mem_op, GenBuf * b, ComponentAuthorityKeyIdentifier **v, AsnLen *bytesDecoded, int mode));
+
+
+
+/* ========== Object Declarations ========== */
+
+
+/* ========== Object Set Declarations ========== */
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#endif /* conditional include of authorityKeyIdentifier.h */
diff --git a/contrib/slapd-modules/comp_match/certificate.asn1 b/contrib/slapd-modules/comp_match/certificate.asn1
index ee85d08395..25bad93547 100644
--- a/contrib/slapd-modules/comp_match/certificate.asn1
+++ b/contrib/slapd-modules/comp_match/certificate.asn1
@@ -63,7 +63,7 @@ Extensions ::= SEQUENCE SIZE(1..MAX) OF Extension
Extension ::= SEQUENCE {
extnID OBJECT IDENTIFIER,
--- critical BOOLEAN DEFAULT FALSE,
+ critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING
-- contains a DER encoding of a value of type &ExtnType
-- for the extension object identified by extnId --
@@ -82,10 +82,63 @@ nullOid2 OBJECT-TYPE
::= { 1 2 840 113549 1 1 1 }
printableStringOid OBJECT-TYPE
+ SYNTAX PrintableString
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 5 4 3 }
+
+printableStringOid2 OBJECT-TYPE
SYNTAX PrintableString
ACCESS read-write
STATUS mandatory
::= { 2 5 4 6 }
+printableStringOid3 OBJECT-TYPE
+ SYNTAX PrintableString
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 5 4 7 }
+
+printableStringOid4 OBJECT-TYPE
+ SYNTAX PrintableString
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 5 4 8 }
+
+printableStringOid5 OBJECT-TYPE
+ SYNTAX PrintableString
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 5 4 10 }
+
+printableStringOid6 OBJECT-TYPE
+ SYNTAX PrintableString
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 5 4 11 }
+
+iA5StringOid OBJECT-TYPE
+ SYNTAX IA5String
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 1 2 840 113549 1 9 1 }
+
+octetStringOid OBJECT-TYPE
+ SYNTAX OCTET STRING
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 5 29 19 }
+
+octetStringOid2 OBJECT-TYPE
+ SYNTAX OCTET STRING
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 16 840 1 113730 1 13 }
+
+octetStringOid3 OBJECT-TYPE
+ SYNTAX OCTET STRING
+ ACCESS read-write
+ STATUS mandatory
+ ::= { 2 5 29 14 }
END
diff --git a/contrib/slapd-modules/comp_match/certificate.c b/contrib/slapd-modules/comp_match/certificate.c
index fd0b22a1f6..5c815206fe 100644
--- a/contrib/slapd-modules/comp_match/certificate.c
+++ b/contrib/slapd-modules/comp_match/certificate.c
@@ -1,24 +1,51 @@
/*
* certificate.c
* "AuthenticationFramework" ASN.1 module encode/decode/extracting/matching/free C src.
- * This file was generated by modified eSMACC compiler Sun Dec 5 19:16:59 2004
+ * This file was generated by modified eSMACC compiler Sat Dec 11 11:22:49 2004
* The generated files are supposed to be compiled as a module for OpenLDAP Software
*/
#include "certificate.h"
+BDecComponentCertificateTop( void* mem_op, GenBuf* b, void **v, AsnLen* bytesDecoded,int mode) {
+ AsnTag tag;
+ AsnLen elmtLen;
+
+ tag = BDecTag ( b, bytesDecoded );
+ elmtLen = BDecLen ( b, bytesDecoded );
+ if ( elmtLen <= 0 ) return (-1);
+ if ( tag != MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE) ) {
+ return (-1);
+ }
+
+ return BDecComponentCertificate( mem_op, b, tag, elmtLen, (ComponentSyntaxInfo*)v,(int*)bytesDecoded, mode );
+}
void init_module_AuthenticationFramework() {
- add_OD_entry ( "2.5.4.36", GDecComponentCertificate,
- BDecComponentCertificate, NULL);
+ /* Register Certificate OID and its decoder */
+ InstallOidDecoderMapping( "2.5.4.36", NULL,
+ GDecComponentCertificate,
+ BDecComponentCertificateTop,
+ ExtractingComponentCertificate,
+ MatchingComponentCertificate );
InitAnyAuthenticationFramework();
}
+
void InitAnyAuthenticationFramework()
{
AsnOid oid0 ={ 9, "\52\206\110\206\367\15\1\1\4" };
AsnOid oid1 ={ 9, "\52\206\110\206\367\15\1\1\1" };
- AsnOid oid2 ={ 3, "\125\4\6" };
+ AsnOid oid2 ={ 3, "\125\4\3" };
+ AsnOid oid3 ={ 3, "\125\4\6" };
+ AsnOid oid4 ={ 3, "\125\4\7" };
+ AsnOid oid5 ={ 3, "\125\4\10" };
+ AsnOid oid6 ={ 3, "\125\4\12" };
+ AsnOid oid7 ={ 3, "\125\4\13" };
+ AsnOid oid8 ={ 9, "\52\206\110\206\367\15\1\11\1" };
+ AsnOid oid9 ={ 3, "\125\35\23" };
+ AsnOid oid10 ={ 9, "\140\206\110\1\206\370\102\1\15" };
+ AsnOid oid11 ={ 3, "\125\35\16" };
InstallAnyByComponentOid (nullOid_ANY_ID, &oid0, sizeof (ComponentNull), (EncodeFcn)BEncAsnNull, (gser_decoder_func*)GDecComponentNull, (ber_tag_decoder_func*)BDecComponentNullTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentNull,(FreeFcn)FreeComponentNull, (PrintFcn)NULL);
@@ -27,6 +54,24 @@ void InitAnyAuthenticationFramework()
InstallAnyByComponentOid (printableStringOid_ANY_ID, &oid2, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL);
+ InstallAnyByComponentOid (printableStringOid2_ANY_ID, &oid3, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (printableStringOid3_ANY_ID, &oid4, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (printableStringOid4_ANY_ID, &oid5, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (printableStringOid5_ANY_ID, &oid6, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (printableStringOid6_ANY_ID, &oid7, sizeof (ComponentPrintableString), (EncodeFcn)BEncPrintableString, (gser_decoder_func*)GDecComponentPrintableString, (ber_tag_decoder_func*)BDecComponentPrintableStringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentPrintableString,(FreeFcn)FreeComponentPrintableString, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (iA5StringOid_ANY_ID, &oid8, sizeof (ComponentIA5String), (EncodeFcn)BEncIA5String, (gser_decoder_func*)GDecComponentIA5String, (ber_tag_decoder_func*)BDecComponentIA5StringTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentIA5String,(FreeFcn)FreeComponentIA5String, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (octetStringOid_ANY_ID, &oid9, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (octetStringOid2_ANY_ID, &oid10, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL);
+
+ InstallAnyByComponentOid (octetStringOid3_ANY_ID, &oid11, sizeof (ComponentOcts), (EncodeFcn)BEncAsnOcts, (gser_decoder_func*)GDecComponentOcts, (ber_tag_decoder_func*)BDecComponentOctsTag, (ExtractFcn)NULL,(MatchFcn)MatchingComponentOcts,(FreeFcn)FreeComponentOcts, (PrintFcn)NULL);
+
} /* InitAnyAuthenticationFramework */
@@ -64,8 +109,12 @@ ExtractingComponentAlgorithmIdentifier ( void* mem_op, ComponentReference* cr, C
if ( ( comp->parameters.identifier.bv_val && strncmp(comp->parameters.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->parameters.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return &comp->parameters;
- else
+ else if ( cr->cr_curr->ci_next->ci_type == LDAP_COMPREF_CONTENT) {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return &comp->parameters;
+ } else {
return NULL;
+ }
}
return NULL;
} /* ExtractingComponentAlgorithmIdentifier */
@@ -101,7 +150,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, OID_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentOid (mem_op, b, tagId1, elmtLen1, (&k->algorithm), &totalElmtsLen1, mode);
+ rc = BDecComponentOid (mem_op, b, tagId1, elmtLen1, (&k->algorithm), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->algorithm)->identifier.bv_val = (&k->algorithm)->id_buf;
(&k->algorithm)->identifier.bv_len = strlen("algorithm");
@@ -124,7 +173,7 @@ int mode)
if (!seqDone) {
- rc = SetAnyTypeByComponentOid ((&k->parameters), (&k->algorithm));
+ rc = SetAnyTypeByComponentOid ((&k->parameters), (&k->algorithm));
rc = BDecComponentAnyDefinedBy (mem_op,b, (&k->parameters), &totalElmtsLen1, mode );
if ( rc != LDAP_SUCCESS ) return rc;
(&k->parameters)->identifier.bv_val = (&k->parameters)->id_buf;
@@ -216,7 +265,7 @@ int mode)
}
}
if ( strncmp( peek_head, "parameters", strlen("parameters") ) == 0 ) {
- rc = SetAnyTypeByComponentOid ((&k->parameters), (&k->algorithm));
+ rc = rc = SetAnyTypeByComponentOid ((&k->parameters), (&k->algorithm));
rc = GDecComponentAnyDefinedBy (mem_op, b, (&k->parameters), bytesDecoded, mode );
if ( rc != LDAP_SUCCESS ) return rc;
(&k->parameters)->identifier.bv_val = peek_head;
@@ -341,7 +390,7 @@ int mode)
case MAKE_TAG_ID (UNIV, PRIM, UTCTIME_TAG_CODE):
case MAKE_TAG_ID (UNIV, CONS, UTCTIME_TAG_CODE):
(k->choiceId) = TIME_UTCTIME;
- rc = BDecComponentUTCTime (mem_op, b, tagId0, elmtLen0, (&k->a.utcTime), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ rc = BDecComponentUTCTime (mem_op, b, tagId0, elmtLen0, (&k->a.utcTime), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
if ( rc != LDAP_SUCCESS ) return rc;
(k->a.utcTime)->identifier.bv_val = (k->a.utcTime)->id_buf;
(k->a.utcTime)->identifier.bv_len = strlen("utcTime");
@@ -351,7 +400,7 @@ int mode)
case MAKE_TAG_ID (UNIV, PRIM, GENERALIZEDTIME_TAG_CODE):
case MAKE_TAG_ID (UNIV, CONS, GENERALIZEDTIME_TAG_CODE):
(k->choiceId) = TIME_GENERALIZEDTIME;
- rc = BDecComponentGeneralizedTime (mem_op, b, tagId0, elmtLen0, (&k->a.generalizedTime), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ rc = BDecComponentGeneralizedTime (mem_op, b, tagId0, elmtLen0, (&k->a.generalizedTime), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
if ( rc != LDAP_SUCCESS ) return rc;
(k->a.generalizedTime)->identifier.bv_val = (k->a.generalizedTime)->id_buf;
(k->a.generalizedTime)->identifier.bv_len = strlen("generalizedTime");
@@ -416,14 +465,14 @@ int mode)
Asn1Error("Missing : in encoded data");
return LDAP_PROTOCOL_ERROR;
}
- if( strncmp("utcTime",peek_head,sizeof("utcTime")-1) == 0){
+ if( strncmp("utcTime",peek_head, strlen("utcTime")) == 0){
(k->choiceId) = TIME_UTCTIME;
rc = GDecComponentUTCTime (mem_op, b, (&k->a.utcTime), bytesDecoded, DEC_ALLOC_MODE_0 );
if ( rc != LDAP_SUCCESS ) return rc;
(k->a.utcTime)->identifier.bv_val = peek_head;
(k->a.utcTime)->identifier.bv_len = strLen;
}
- else if( strncmp("generalizedTime",peek_head,sizeof("generalizedTime")-1) == 0){
+ else if( strncmp("generalizedTime",peek_head,strlen("generalizedTime")) == 0){
(k->choiceId) = TIME_GENERALIZEDTIME;
rc = GDecComponentGeneralizedTime (mem_op, b, (&k->a.generalizedTime), bytesDecoded, DEC_ALLOC_MODE_0 );
if ( rc != LDAP_SUCCESS ) return rc;
@@ -468,6 +517,9 @@ MatchingComponentExtension ( char* oid, ComponentSyntaxInfo* csi_attr, Component
rc = 1;
rc = MatchingComponentOid ( oid, (ComponentSyntaxInfo*)&((ComponentExtension*)csi_attr)->extnID, (ComponentSyntaxInfo*)&((ComponentExtension*)csi_assert)->extnID );
+ if ( rc != LDAP_COMPARE_TRUE )
+ return rc;
+ rc = MatchingComponentBool ( oid, (ComponentSyntaxInfo*)((ComponentExtension*)csi_attr)->critical, (ComponentSyntaxInfo*)((ComponentExtension*)csi_assert)->critical );
if ( rc != LDAP_COMPARE_TRUE )
return rc;
rc = MatchingComponentOcts ( oid, (ComponentSyntaxInfo*)&((ComponentExtension*)csi_attr)->extnValue, (ComponentSyntaxInfo*)&((ComponentExtension*)csi_assert)->extnValue );
@@ -486,11 +538,23 @@ ExtractingComponentExtension ( void* mem_op, ComponentReference* cr, ComponentEx
else
return NULL;
}
+ if ( ( comp->critical->identifier.bv_val && strncmp(comp->critical->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->critical->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
+ if ( cr->cr_curr->ci_next == NULL )
+ return comp->critical;
+ else {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return ExtractingComponentBool ( mem_op, cr, comp->critical );
+ }
+ }
if ( ( comp->extnValue.identifier.bv_val && strncmp(comp->extnValue.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->extnValue.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return &comp->extnValue;
- else
+ else if ( cr->cr_curr->ci_next->ci_type == LDAP_COMPREF_CONTENT) {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return &comp->extnValue;
+ } else {
return NULL;
+ }
}
return NULL;
} /* ExtractingComponentExtension */
@@ -526,7 +590,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, OID_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentOid (mem_op, b, tagId1, elmtLen1, (&k->extnID), &totalElmtsLen1, mode);
+ rc = BDecComponentOid (mem_op, b, tagId1, elmtLen1, (&k->extnID), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->extnID)->identifier.bv_val = (&k->extnID)->id_buf;
(&k->extnID)->identifier.bv_len = strlen("extnID");
@@ -538,11 +602,23 @@ int mode)
+ if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, BOOLEAN_TAG_CODE))))
+ {
+ elmtLen1 = BDecLen (b, &totalElmtsLen1 );
+ rc = BDecComponentBool (mem_op, b, tagId1, elmtLen1, (&k->critical), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ (k->critical)->identifier.bv_val = (k->critical)->id_buf;
+ (k->critical)->identifier.bv_len = strlen("critical");
+ strcpy( (k->critical)->identifier.bv_val, "critical");
+ tagId1 = BDecTag (b, &totalElmtsLen1);
+ }
+
+
if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, OCTETSTRING_TAG_CODE)) ||
(tagId1 == MAKE_TAG_ID (UNIV, CONS, OCTETSTRING_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentOcts (mem_op, b, tagId1, elmtLen1, (&k->extnValue), &totalElmtsLen1, mode);
+ rc = BDecComponentOcts (mem_op, b, tagId1, elmtLen1, (&k->extnValue), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->extnValue)->identifier.bv_val = (&k->extnValue)->id_buf;
(&k->extnValue)->identifier.bv_len = strlen("extnValue");
@@ -562,6 +638,14 @@ int mode)
if (!seqDone)
return -1;
+ if(!COMPONENTNOT_NULL ((k->critical)))
+ {
+(k->critical) = CompAlloc( mem_op, sizeof(ComponentBool));
+ (k->critical)->identifier.bv_val = (k->critical)->id_buf;
+ (k->critical)->identifier.bv_len = strlen("critical");
+ strcpy( (k->critical)->identifier.bv_val, "critical");
+ (k->critical)->value = 0;
+ }
if( !(old_mode & DEC_ALLOC_MODE_1) ) {
*v = t = (ComponentExtension*) CompAlloc( mem_op, sizeof(ComponentExtension) );
if ( !t ) return -1;
@@ -635,6 +719,28 @@ int mode)
return LDAP_PROTOCOL_ERROR;
}
}
+ if ( strncmp( peek_head, "critical", strlen("critical") ) == 0 ) {
+ rc = GDecComponentBool (mem_op, b, (&k->critical), bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ ( k->critical)->identifier.bv_val = peek_head;
+ ( k->critical)->identifier.bv_len = strLen;
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading , ");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if(*peek_head != ','){
+ Asn1Error("Missing , in encoding");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
+ Asn1Error("Error during Reading identifier");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ }
+ else {
+(k->critical) = CompAlloc( mem_op, sizeof(ComponentBool));
+ (k->critical)->value = 0;
+ }
if ( strncmp( peek_head, "extnValue", strlen("extnValue") ) == 0 ) {
rc = GDecComponentOcts (mem_op, b, (&k->extnValue), bytesDecoded, mode);
if ( rc != LDAP_SUCCESS ) return rc;
@@ -705,8 +811,12 @@ ExtractingComponentAttributeTypeAndValue ( void* mem_op, ComponentReference* cr,
if ( ( comp->value.identifier.bv_val && strncmp(comp->value.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->value.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return &comp->value;
- else
+ else if ( cr->cr_curr->ci_next->ci_type == LDAP_COMPREF_SELECT ) {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return &comp->value;
+ } else {
return NULL;
+ }
}
return NULL;
} /* ExtractingComponentAttributeTypeAndValue */
@@ -742,7 +852,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, OID_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentAttributeType (mem_op, b, tagId1, elmtLen1, (&k->type), &totalElmtsLen1, mode);
+ rc = BDecComponentAttributeType (mem_op, b, tagId1, elmtLen1, (&k->type), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->type)->identifier.bv_val = (&k->type)->id_buf;
(&k->type)->identifier.bv_len = strlen("type");
@@ -754,7 +864,7 @@ int mode)
{
- rc = SetAnyTypeByComponentOid ((&k->value), (&k->type));
+ rc = SetAnyTypeByComponentOid ((&k->value), (&k->type));
rc = BDecComponentAnyDefinedBy (mem_op,b, (&k->value), &totalElmtsLen1, mode );
if ( rc != LDAP_SUCCESS ) return rc;
(&k->value)->identifier.bv_val = (&k->value)->id_buf;
@@ -846,7 +956,7 @@ int mode)
}
}
if ( strncmp( peek_head, "value", strlen("value") ) == 0 ) {
- rc = SetAnyTypeByComponentOid ((&k->value), (&k->type));
+ rc = rc = SetAnyTypeByComponentOid ((&k->value), (&k->type));
rc = GDecComponentAnyDefinedBy (mem_op, b, (&k->value), bytesDecoded, mode );
if ( rc != LDAP_SUCCESS ) return rc;
(&k->value)->identifier.bv_val = peek_head;
@@ -962,7 +1072,7 @@ int mode)
(tagId1 == MAKE_TAG_ID (UNIV, CONS, GENERALIZEDTIME_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentTime (mem_op, b, tagId1, elmtLen1, (&k->notBefore), &totalElmtsLen1, mode);
+ rc = BDecComponentTime (mem_op, b, tagId1, elmtLen1, (&k->notBefore), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->notBefore)->identifier.bv_val = (k->notBefore)->id_buf;
(k->notBefore)->identifier.bv_len = strlen("notBefore");
@@ -980,7 +1090,7 @@ int mode)
(tagId1 == MAKE_TAG_ID (UNIV, CONS, GENERALIZEDTIME_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentTime (mem_op, b, tagId1, elmtLen1, (&k->notAfter), &totalElmtsLen1, mode);
+ rc = BDecComponentTime (mem_op, b, tagId1, elmtLen1, (&k->notAfter), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->notAfter)->identifier.bv_val = (k->notAfter)->id_buf;
(k->notAfter)->identifier.bv_len = strlen("notAfter");
@@ -1144,8 +1254,12 @@ ExtractingComponentSubjectPublicKeyInfo ( void* mem_op, ComponentReference* cr,
if ( ( comp->subjectPublicKey.identifier.bv_val && strncmp(comp->subjectPublicKey.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->subjectPublicKey.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return &comp->subjectPublicKey;
- else
+ else if ( cr->cr_curr->ci_next->ci_type == LDAP_COMPREF_CONTENT) {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return &comp->subjectPublicKey;
+ } else {
return NULL;
+ }
}
return NULL;
} /* ExtractingComponentSubjectPublicKeyInfo */
@@ -1181,7 +1295,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentAlgorithmIdentifier (mem_op, b, tagId1, elmtLen1, (&k->algorithm), &totalElmtsLen1, mode);
+ rc = BDecComponentAlgorithmIdentifier (mem_op, b, tagId1, elmtLen1, (&k->algorithm), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->algorithm)->identifier.bv_val = (k->algorithm)->id_buf;
(k->algorithm)->identifier.bv_len = strlen("algorithm");
@@ -1197,7 +1311,7 @@ int mode)
(tagId1 == MAKE_TAG_ID (UNIV, CONS, BITSTRING_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentBits (mem_op, b, tagId1, elmtLen1, (&k->subjectPublicKey), &totalElmtsLen1, mode);
+ rc = BDecComponentBits (mem_op, b, tagId1, elmtLen1, (&k->subjectPublicKey), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->subjectPublicKey)->identifier.bv_val = (&k->subjectPublicKey)->id_buf;
(&k->subjectPublicKey)->identifier.bv_len = strlen("subjectPublicKey");
@@ -1455,7 +1569,7 @@ int mode)
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
tmpVar = (ComponentExtension**) CompAsnListAppend (mem_op,&k->comp_list);
- rc = BDecComponentExtension (mem_op, b, tagId1, elmtLen1, tmpVar, &totalElmtsLen1, mode);
+ rc = BDecComponentExtension (mem_op, b, tagId1, elmtLen1, tmpVar, &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
} /* end of tag check if */
else /* wrong tag */
@@ -1698,7 +1812,7 @@ int mode)
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
tmpVar = (ComponentAttributeTypeAndValue**) CompAsnListAppend (mem_op,&k->comp_list);
- rc = BDecComponentAttributeTypeAndValue (mem_op, b, tagId1, elmtLen1, tmpVar, &totalElmtsLen1, mode);
+ rc = BDecComponentAttributeTypeAndValue (mem_op, b, tagId1, elmtLen1, tmpVar, &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
} /* end of tag check if */
else /* wrong tag */
@@ -1932,7 +2046,7 @@ int mode)
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
tmpVar = (ComponentRelativeDistinguishedName**) CompAsnListAppend (mem_op,&k->comp_list);
- rc = BDecComponentRelativeDistinguishedName (mem_op, b, tagId1, elmtLen1, tmpVar, &totalElmtsLen1, mode);
+ rc = BDecComponentRelativeDistinguishedName (mem_op, b, tagId1, elmtLen1, tmpVar, &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
} /* end of tag check if */
else /* wrong tag */
@@ -2031,7 +2145,7 @@ int mode)
t->comp_desc->cd_free = (comp_free_func*)NULL;
t->comp_desc->cd_extract_i = (extract_component_from_id_func*)ExtractingComponentRDNSequence;
t->comp_desc->cd_type = ASN_COMPOSITE;
- t->comp_desc->cd_type_id = RDNSequence;
+ t->comp_desc->cd_type_id = RDNSequence ;
t->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentRDNSequence;
return LDAP_SUCCESS;
} /* GDecRDNSequenceContent */
@@ -2112,7 +2226,7 @@ int mode)
{
case MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE):
(k->choiceId) = NAME_RDNSEQUENCE;
- rc = BDecComponentRDNSequence (mem_op, b, tagId0, elmtLen0, (&k->a.rdnSequence), &totalElmtsLen1, mode);
+ rc = BDecComponentRDNSequence (mem_op, b, tagId0, elmtLen0, (&k->a.rdnSequence), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->a.rdnSequence)->identifier.bv_val = (k->a.rdnSequence)->id_buf;
(k->a.rdnSequence)->identifier.bv_len = strlen("rdnSequence");
@@ -2177,7 +2291,7 @@ int mode)
Asn1Error("Missing : in encoded data");
return LDAP_PROTOCOL_ERROR;
}
- if( strncmp("rdnSequence",peek_head,sizeof("rdnSequence")-1) == 0){
+ if( strncmp("rdnSequence",peek_head, strlen("rdnSequence")) == 0){
(k->choiceId) = NAME_RDNSEQUENCE;
rc = GDecComponentRDNSequence (mem_op, b, (&k->a.rdnSequence), bytesDecoded, mode);
if ( rc != LDAP_SUCCESS ) return rc;
@@ -2317,14 +2431,22 @@ ExtractingComponentTBSCertificate ( void* mem_op, ComponentReference* cr, Compon
if ( ( comp->issuerUniqueIdentifier.identifier.bv_val && strncmp(comp->issuerUniqueIdentifier.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->issuerUniqueIdentifier.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return &comp->issuerUniqueIdentifier;
- else
+ else if ( cr->cr_curr->ci_next->ci_type == LDAP_COMPREF_CONTENT) {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return &comp->issuerUniqueIdentifier;
+ } else {
return NULL;
+ }
}
if ( ( comp->subjectUniqueIdentifier.identifier.bv_val && strncmp(comp->subjectUniqueIdentifier.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->subjectUniqueIdentifier.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return &comp->subjectUniqueIdentifier;
- else
+ else if ( cr->cr_curr->ci_next->ci_type == LDAP_COMPREF_CONTENT) {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return &comp->subjectUniqueIdentifier;
+ } else {
return NULL;
+ }
}
if ( ( comp->extensions->identifier.bv_val && strncmp(comp->extensions->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->extensions->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
@@ -2380,7 +2502,7 @@ int mode)
}
elmtLen2 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentVersion (mem_op, b, tagId2, elmtLen2, (&k->version), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
+ rc = BDecComponentVersion (mem_op, b, tagId2, elmtLen2, (&k->version), &totalElmtsLen1, DEC_ALLOC_MODE_0 );
if ( rc != LDAP_SUCCESS ) return rc;
(k->version)->identifier.bv_val = (k->version)->id_buf;
(k->version)->identifier.bv_len = strlen("version");
@@ -2394,7 +2516,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, PRIM, INTEGER_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentCertificateSerialNumber (mem_op, b, tagId1, elmtLen1, (&k->serialNumber), &totalElmtsLen1, mode);
+ rc = BDecComponentCertificateSerialNumber (mem_op, b, tagId1, elmtLen1, (&k->serialNumber), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->serialNumber)->identifier.bv_val = (&k->serialNumber)->id_buf;
(&k->serialNumber)->identifier.bv_len = strlen("serialNumber");
@@ -2409,7 +2531,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentAlgorithmIdentifier (mem_op, b, tagId1, elmtLen1, (&k->signature), &totalElmtsLen1, mode);
+ rc = BDecComponentAlgorithmIdentifier (mem_op, b, tagId1, elmtLen1, (&k->signature), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->signature)->identifier.bv_val = (k->signature)->id_buf;
(k->signature)->identifier.bv_len = strlen("signature");
@@ -2424,7 +2546,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentName (mem_op, b, tagId1, elmtLen1, (&k->issuer), &totalElmtsLen1, mode);
+ rc = BDecComponentName (mem_op, b, tagId1, elmtLen1, (&k->issuer), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->issuer)->identifier.bv_val = (k->issuer)->id_buf;
(k->issuer)->identifier.bv_len = strlen("issuer");
@@ -2439,7 +2561,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentValidity (mem_op, b, tagId1, elmtLen1, (&k->validity), &totalElmtsLen1, mode);
+ rc = BDecComponentValidity (mem_op, b, tagId1, elmtLen1, (&k->validity), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->validity)->identifier.bv_val = (k->validity)->id_buf;
(k->validity)->identifier.bv_len = strlen("validity");
@@ -2454,7 +2576,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentName (mem_op, b, tagId1, elmtLen1, (&k->subject), &totalElmtsLen1, mode);
+ rc = BDecComponentName (mem_op, b, tagId1, elmtLen1, (&k->subject), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->subject)->identifier.bv_val = (k->subject)->id_buf;
(k->subject)->identifier.bv_len = strlen("subject");
@@ -2469,7 +2591,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentSubjectPublicKeyInfo (mem_op, b, tagId1, elmtLen1, (&k->subjectPublicKeyInfo), &totalElmtsLen1, mode);
+ rc = BDecComponentSubjectPublicKeyInfo (mem_op, b, tagId1, elmtLen1, (&k->subjectPublicKeyInfo), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->subjectPublicKeyInfo)->identifier.bv_val = (k->subjectPublicKeyInfo)->id_buf;
(k->subjectPublicKeyInfo)->identifier.bv_len = strlen("subjectPublicKeyInfo");
@@ -2496,7 +2618,7 @@ int mode)
(tagId1 == MAKE_TAG_ID (CNTX, CONS, 1))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentUniqueIdentifier (mem_op, b, tagId1, elmtLen1, (&k->issuerUniqueIdentifier), &totalElmtsLen1, mode);
+ rc = BDecComponentUniqueIdentifier (mem_op, b, tagId1, elmtLen1, (&k->issuerUniqueIdentifier), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->issuerUniqueIdentifier)->identifier.bv_val = (&k->issuerUniqueIdentifier)->id_buf;
(&k->issuerUniqueIdentifier)->identifier.bv_len = strlen("issuerUniqueIdentifier");
@@ -2520,7 +2642,7 @@ int mode)
(tagId1 == MAKE_TAG_ID (CNTX, CONS, 2))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentUniqueIdentifier (mem_op, b, tagId1, elmtLen1, (&k->subjectUniqueIdentifier), &totalElmtsLen1, mode);
+ rc = BDecComponentUniqueIdentifier (mem_op, b, tagId1, elmtLen1, (&k->subjectUniqueIdentifier), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->subjectUniqueIdentifier)->identifier.bv_val = (&k->subjectUniqueIdentifier)->id_buf;
(&k->subjectUniqueIdentifier)->identifier.bv_len = strlen("subjectUniqueIdentifier");
@@ -2552,7 +2674,7 @@ int mode)
}
elmtLen2 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentExtensions (mem_op, b, tagId2, elmtLen2, (&k->extensions), &totalElmtsLen1, mode);
+ rc = BDecComponentExtensions (mem_op, b, tagId2, elmtLen2, (&k->extensions), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->extensions)->identifier.bv_val = (k->extensions)->id_buf;
(k->extensions)->identifier.bv_len = strlen("extensions");
@@ -2573,6 +2695,10 @@ int mode)
if(!COMPONENTNOT_NULL ((k->version)))
{
+(k->version) = CompAlloc( mem_op, sizeof(ComponentVersion));
+ (k->version)->identifier.bv_val = (k->version)->id_buf;
+ (k->version)->identifier.bv_len = strlen("version");
+ strcpy( (k->version)->identifier.bv_val, "version");
(k->version)->value = 0;
}
if( !(old_mode & DEC_ALLOC_MODE_1) ) {
@@ -2649,6 +2775,7 @@ int mode)
}
}
else {
+(k->version) = CompAlloc( mem_op, sizeof(ComponentVersion));
(k->version)->value = 0;
}
if ( strncmp( peek_head, "serialNumber", strlen("serialNumber") ) == 0 ) {
@@ -2877,8 +3004,12 @@ ExtractingComponentCertificate ( void* mem_op, ComponentReference* cr, Component
if ( ( comp->signature.identifier.bv_val && strncmp(comp->signature.identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->signature.id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return &comp->signature;
- else
+ else if ( cr->cr_curr->ci_next->ci_type == LDAP_COMPREF_CONTENT) {
+ cr->cr_curr = cr->cr_curr->ci_next;
+ return &comp->signature;
+ } else {
return NULL;
+ }
}
return NULL;
} /* ExtractingComponentCertificate */
@@ -2914,7 +3045,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentTBSCertificate (mem_op, b, tagId1, elmtLen1, (&k->tbsCertificate), &totalElmtsLen1, mode);
+ rc = BDecComponentTBSCertificate (mem_op, b, tagId1, elmtLen1, (&k->tbsCertificate), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->tbsCertificate)->identifier.bv_val = (k->tbsCertificate)->id_buf;
(k->tbsCertificate)->identifier.bv_len = strlen("tbsCertificate");
@@ -2929,7 +3060,7 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentAlgorithmIdentifier (mem_op, b, tagId1, elmtLen1, (&k->signatureAlgorithm), &totalElmtsLen1, mode);
+ rc = BDecComponentAlgorithmIdentifier (mem_op, b, tagId1, elmtLen1, (&k->signatureAlgorithm), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->signatureAlgorithm)->identifier.bv_val = (k->signatureAlgorithm)->id_buf;
(k->signatureAlgorithm)->identifier.bv_len = strlen("signatureAlgorithm");
@@ -2945,7 +3076,7 @@ int mode)
(tagId1 == MAKE_TAG_ID (UNIV, CONS, BITSTRING_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
- rc = BDecComponentBits (mem_op, b, tagId1, elmtLen1, (&k->signature), &totalElmtsLen1, mode);
+ rc = BDecComponentBits (mem_op, b, tagId1, elmtLen1, (&k->signature), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(&k->signature)->identifier.bv_val = (&k->signature)->id_buf;
(&k->signature)->identifier.bv_len = strlen("signature");
diff --git a/contrib/slapd-modules/comp_match/certificate.h b/contrib/slapd-modules/comp_match/certificate.h
index 13503ea7f1..4d5d6b2780 100644
--- a/contrib/slapd-modules/comp_match/certificate.h
+++ b/contrib/slapd-modules/comp_match/certificate.h
@@ -3,7 +3,7 @@
/*
* certificate.h
* "AuthenticationFramework" ASN.1 module encode/decode/extracting/matching/free C src.
- * This file was generated by modified eSMACC compiler Sun Dec 5 19:16:59 2004
+ * This file was generated by modified eSMACC compiler Sat Dec 11 11:22:49 2004
* The generated files are strongly encouraged to be
* compiled as a module for OpenLDAP Software
*/
@@ -20,12 +20,21 @@ extern "C" {
#ifdef _WIN32
#pragma warning( disable : 4101 )
#endif
-#include "component.h"
+#include "componentlib.h"
typedef enum AuthenticationFrameworkAnyId
{
nullOid_ANY_ID = 0,
nullOid2_ANY_ID = 1,
- printableStringOid_ANY_ID = 2} AuthenticationFrameworkAnyId;
+ printableStringOid_ANY_ID = 2,
+ printableStringOid2_ANY_ID = 3,
+ printableStringOid3_ANY_ID = 4,
+ printableStringOid4_ANY_ID = 5,
+ printableStringOid5_ANY_ID = 6,
+ printableStringOid6_ANY_ID = 7,
+ iA5StringOid_ANY_ID = 8,
+ octetStringOid_ANY_ID = 9,
+ octetStringOid2_ANY_ID = 10,
+ octetStringOid3_ANY_ID = 11} AuthenticationFrameworkAnyId;
void InitAnyAuthenticationFramework();
@@ -140,6 +149,7 @@ typedef struct Extension /* SEQUENCE */
struct berval identifier;
char id_buf[MAX_IDENTIFIER_LEN];
ComponentOid extnID; /* OBJECT IDENTIFIER */
+ ComponentBool* critical; /* BOOLEAN DEFAULT FALSE */
ComponentOcts extnValue; /* OCTET STRING */
} ComponentExtension;
diff --git a/contrib/slapd-modules/comp_match/componentlib.c b/contrib/slapd-modules/comp_match/componentlib.c
index 55bfef3a69..1d17da7e5e 100644
--- a/contrib/slapd-modules/comp_match/componentlib.c
+++ b/contrib/slapd-modules/comp_match/componentlib.c
@@ -16,8 +16,9 @@
#include "lutil.h"
#include <ldap.h>
#include "slap.h"
-
#include "component.h"
+
+#include "componentlib.h"
#include "asn.h"
#include <asn-gser.h>
#include <stdlib.h>
@@ -1935,6 +1936,37 @@ BDecComponentVisibleString ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len,
/*
* Routines for handling an ANY DEFINED Type
*/
+
+/* Check if the <select> type CR and the OID of the given ANY type */
+int
+CheckSelectTypeCorrect ( void* mem_op, ComponentAnyInfo* cai, struct berval* select ) {
+ int strLen;
+ AttributeType* ad_type;
+ char* oid;
+ char* result;
+
+ if ( IsNumericOid ( select->bv_val , select->bv_len ) ) {
+ oid = select->bv_val;
+ strLen = select->bv_len;
+ } else {
+ ad_type = at_bvfind( select );
+
+ if ( !ad_type )
+ return LDAP_DECODING_ERROR;
+
+ oid = ad_type->sat_atype.at_oid;
+ strLen = strlen ( oid );
+ }
+ result = EncodeComponentOid ( mem_op, oid , &strLen );
+ if ( !result || strLen <= 0 ) return (-1);
+
+ if ( cai->oid.octetLen == strLen &&
+ strncmp ( cai->oid.octs, result, strLen ) == 0 )
+ return (1);
+ else
+ return (-1);
+}
+
int
SetAnyTypeByComponentOid ( ComponentAny *v, ComponentOid *id ) {
Hash hash;
@@ -1977,7 +2009,8 @@ GEncComponentAny ( GenBuf *b, ComponentAny *in )
}
int
-BDecComponentAny ( void* mem_op, GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode) {
+BEncComponentAny ( void* mem_op, GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode)
+{
ComponentAny *k, **k2;
k = (ComponentAny*) result;
@@ -2018,6 +2051,55 @@ BDecComponentAny ( void* mem_op, GenBuf *b, ComponentAny *result, AsnLen *bytesD
}
}
+int
+BDecComponentAny ( void* mem_op, GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode) {
+ int rc;
+ ComponentAny *k, **k2;
+
+ k = (ComponentAny*) result;
+
+ if ( !k ) return (-1);
+
+ if ( mode & DEC_ALLOC_MODE_0 ) {
+ k2 = (ComponentAny**) result;
+ *k2 = (ComponentAny*) CompAlloc( mem_op, sizeof( ComponentAny ) );
+ if ( !*k2 ) return LDAP_DECODING_ERROR;
+ k = *k2;
+ }
+
+ if ((result->cai != NULL) && (result->cai->BER_Decode != NULL)) {
+#if 0
+ result->value = (void*) CompAlloc ( mem_op, result->cai->size );
+ if ( !result->value ) return 0;
+#endif
+ result->cai->BER_Decode ( mem_op, b, &result->value, (int*)bytesDecoded, DEC_ALLOC_MODE_0 );
+#if 0
+ rc = BDecComponentTop( result->cai->BER_Decode, mem_op, 0, 0, &result->value, bytesDecoded, DEC_ALLOC_MODE_0 );
+ if ( rc != LDAP_SUCCESS ) return rc;
+#endif
+
+ k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
+ if ( !k->comp_desc ) {
+ if ( k ) CompFree ( mem_op, k );
+ return LDAP_DECODING_ERROR;
+ }
+ k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentAny;
+ k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentAny;
+ k->comp_desc->cd_free = (comp_free_func*)FreeComponentAny;
+ k->comp_desc->cd_pretty = (slap_syntax_transform_func*)NULL;
+ k->comp_desc->cd_validate = (slap_syntax_validate_func*)NULL;
+ k->comp_desc->cd_extract_i = NULL;
+ k->comp_desc->cd_type = ASN_BASIC;
+ k->comp_desc->cd_type_id = BASICTYPE_ANY;
+ k->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentAny;
+ return LDAP_SUCCESS;
+ }
+ else {
+ Asn1Error ("ERROR - Component ANY Decode routine is NULL\n");
+ return 0;
+ }
+}
+
int
GDecComponentAny ( void* mem_op, GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode) {
ComponentAny *k, **k2;
@@ -2137,6 +2219,112 @@ InstallAnyByComponentInt (int anyId, ComponentInt intId, unsigned int size,
Insert(anyIntHashTblG, a, h);
}
+
+/*
+ * OID and its corresponding decoder can be registerd with this func.
+ * If contained types constrained by <select> are used,
+ * their OID and decoder MUST be registered, otherwise it will return no entry.
+ * An open type(ANY type) also need be registered.
+ */
+void
+InstallOidDecoderMapping ( char* ch_oid, EncodeFcn encode, gser_decoder_func* G_decode, ber_tag_decoder_func* B_decode, ExtractFcn extract, MatchFcn match ) {
+ AsnOid oid;
+ int strLen;
+ void* mem_op;
+
+ strLen = strlen( ch_oid );
+ if( strLen <= 0 ) return;
+ mem_op = comp_nibble_memory_allocator ( 128, 16 );
+ oid.octs = EncodeComponentOid ( mem_op, ch_oid, &strLen );
+ oid.octetLen = strLen;
+ if( strLen <= 0 ) return;
+
+
+ InstallAnyByComponentOid ( 0, &oid, 0, encode, G_decode, B_decode,
+ extract, match, NULL, NULL);
+ comp_nibble_memory_free(mem_op);
+}
+
+/*
+ * Look up Oid-decoder mapping table by berval have either
+ * oid or description
+ */
+OidDecoderMapping*
+RetrieveOidDecoderMappingbyBV( struct berval* in ) {
+ if ( IsNumericOid ( in->bv_val, in->bv_len ) )
+ return RetrieveOidDecoderMappingbyOid( in->bv_val, in->bv_len );
+ else
+ return RetrieveOidDecoderMappingbyDesc( in->bv_val, in->bv_len );
+}
+
+/*
+ * Look up Oid-decoder mapping table by dotted OID
+ */
+OidDecoderMapping*
+RetrieveOidDecoderMappingbyOid( char* ch_oid, int oid_len ) {
+ Hash hash;
+ void *anyInfo;
+ AsnOid oid;
+ int strLen;
+ void* mem_op;
+
+ mem_op = comp_nibble_memory_allocator ( 128, 16 );
+ oid.octs = EncodeComponentOid ( mem_op, ch_oid, &oid_len);
+ oid.octetLen = oid_len;
+ if( strLen <= 0 ) {
+ comp_nibble_memory_free( mem_op );
+ return;
+ }
+
+ /* use encoded oid as hash string */
+ hash = MakeHash ( oid.octs, oid.octetLen);
+ comp_nibble_memory_free( mem_op );
+ if (CheckForAndReturnValue (anyOidHashTblG, hash, &anyInfo))
+ return (OidDecoderMapping*) anyInfo;
+ else
+ return (OidDecoderMapping*) NULL;
+
+}
+
+/*
+ * Look up Oid-decoder mapping table by description
+ */
+OidDecoderMapping*
+RetrieveOidDecoderMappingbyDesc( char* desc, int desc_len ) {
+ Hash hash;
+ void *anyInfo;
+ AsnOid oid;
+ AttributeType* ad_type;
+ struct berval bv;
+ void* mem_op;
+
+ bv.bv_val = desc;
+ bv.bv_len = desc_len;
+ ad_type = at_bvfind( &bv );
+
+ oid.octs = ad_type->sat_atype.at_oid;
+ oid.octetLen = strlen ( oid.octs );
+
+ if ( !ad_type )
+ return (OidDecoderMapping*) NULL;
+
+ mem_op = comp_nibble_memory_allocator ( 128, 16 );
+
+ oid.octs = EncodeComponentOid ( mem_op, oid.octs , &oid.octetLen );
+ if( oid.octetLen <= 0 ) {
+ comp_nibble_memory_free( mem_op );
+ return (OidDecoderMapping*) NULL;
+ }
+
+ /* use encoded oid as hash string */
+ hash = MakeHash ( oid.octs, oid.octetLen);
+ comp_nibble_memory_free( mem_op );
+ if (CheckForAndReturnValue (anyOidHashTblG, hash, &anyInfo))
+ return (OidDecoderMapping*) anyInfo;
+ else
+ return (OidDecoderMapping*) NULL;
+
+}
void
InstallAnyByComponentOid (int anyId, AsnOid *oid, unsigned int size,
EncodeFcn encode, gser_decoder_func* G_decode,
@@ -2148,8 +2336,11 @@ InstallAnyByComponentOid (int anyId, AsnOid *oid, unsigned int size,
a = (ComponentAnyInfo*) malloc (sizeof (ComponentAnyInfo));
a->anyId = anyId;
- a->oid.octs = NULL;
- a->oid.octetLen = 0;
+ if ( oid ) {
+ a->oid.octs = malloc( oid->octetLen );
+ memcpy ( a->oid.octs, oid->octs, oid->octetLen );
+ a->oid.octetLen = oid->octetLen;
+ }
a->size = size;
a->Encode = encode;
a->GSER_Decode = G_decode;
@@ -2180,9 +2371,9 @@ AsnLen *bytesDecoded _AND_
int mode) {
tag = BDecTag ( b, bytesDecoded );
elmtLen = BDecLen ( b, bytesDecoded );
+ if ( elmtLen <= 0 ) return (-1);
if ( tag != MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE) ) {
- printf("Invliad Tag\n");
- exit (1);
+ return (-1);
}
return (*decoder)( mem_op, b, tag, elmtLen, (ComponentSyntaxInfo*)v,(int*)bytesDecoded, mode );
@@ -2212,9 +2403,8 @@ int mode) {
* LDAP Encodings : cn=sang,o=ibm,c=us
*/
-int
-increment_bv_mem ( struct berval* in ) {
- int new_size = in->bv_len + INCREMENT_SIZE;
+increment_bv_mem_by_size ( struct berval* in, int size ) {
+ int new_size = in->bv_len + size;
in->bv_val = realloc( in->bv_val, new_size );
in->bv_len = new_size;
}
@@ -2245,7 +2435,7 @@ ConvertBER2Desc( char* in, int size, struct berval* out, int* pos ) {
/*check if the buffer can store the first/second arc and two dots*/
if ( out->bv_len < *pos + 2 + 1 + rc )
- increment_bv_mem ( out );
+ increment_bv_mem_by_size ( out, INCREMENT_SIZE );
if ( firstArcNum == 1)
out->bv_val[*pos] = '1';
@@ -2269,7 +2459,7 @@ ConvertBER2Desc( char* in, int size, struct berval* out, int* pos ) {
rc = intToAscii ( arcNum, buf );
if ( out->bv_len < *pos + rc + 1 )
- increment_bv_mem ( out );
+ increment_bv_mem_by_size ( out, INCREMENT_SIZE );
memcpy( out->bv_val + *pos, buf, rc );
*pos += rc;
@@ -2303,14 +2493,14 @@ ConvertComponentAttributeTypeAndValue2RFC2253 ( irAttributeTypeAndValue* in, str
rc = ConvertBER2Desc( in->type.value.octs, in->type.value.octetLen, out, pos );
if ( rc != LDAP_SUCCESS ) return rc;
if ( out->bv_len < *pos + 1/*for '='*/ )
- increment_bv_mem ( out );
+ increment_bv_mem_by_size ( out, INCREMENT_SIZE );
/*Between type and value, put '='*/
out->bv_val[*pos] = '=';
(*pos)++;
/*Assume it is string*/
if ( out->bv_len < *pos + value_size )
- increment_bv_mem ( out );
+ increment_bv_mem_by_size ( out, INCREMENT_SIZE );
memcpy( out->bv_val + *pos, value_ptr, value_size );
out->bv_len += value_size;
*pos += value_size;
@@ -2329,10 +2519,10 @@ ConvertRelativeDistinguishedName2RFC2253 ( irRelativeDistinguishedName* in, stru
rc = ConvertComponentAttributeTypeAndValue2RFC2253( attr_typeNvalue, out, pos );
if ( rc != LDAP_SUCCESS ) return LDAP_INVALID_SYNTAX;
- if ( out->bv_len < pos + 1/*for '+'*/ )
- increment_bv_mem ( out );
+ if ( out->bv_len < *pos + 1/*for '+'*/ )
+ increment_bv_mem_by_size ( out, INCREMENT_SIZE );
/*between multivalued RDNs, put comma*/
- out->bv_val[*pos++] = '+';
+ out->bv_val[(*pos)++] = '+';
}
(*pos)--;/*remove the last '+'*/
return LDAP_SUCCESS;
@@ -2366,13 +2556,13 @@ ConvertRDNSequence2RFC2253( irRDNSequence *in, struct berval* out ) {
if ( rc != LDAP_SUCCESS ) return LDAP_INVALID_SYNTAX;
if ( out->bv_len < pos + 1/*for ','*/ )
- increment_bv_mem ( out );
+ increment_bv_mem_by_size ( out, INCREMENT_SIZE );
/*Between RDN, put comma*/
out->bv_val[pos++] = ',';
}
pos--;/*remove the last '+'*/
out->bv_val[pos] = '\0';
- out->bv_len = pos;
+ out->bv_len =pos;
return LDAP_SUCCESS;
}
diff --git a/contrib/slapd-modules/comp_match/component.h b/contrib/slapd-modules/comp_match/componentlib.h
similarity index 95%
rename from contrib/slapd-modules/comp_match/component.h
rename to contrib/slapd-modules/comp_match/componentlib.h
index 07c6ccddb6..c41d1d9e3b 100644
--- a/contrib/slapd-modules/comp_match/component.h
+++ b/contrib/slapd-modules/comp_match/componentlib.h
@@ -19,6 +19,7 @@
#include "lutil.h"
#include <ldap.h>
#include <slap.h>
+#include <component.h>
#include <asn-incl.h>
#include "asn.h"
@@ -115,6 +116,8 @@ typedef struct ComponentIA5String {
#define GEncComponentIA5String GEncComponentUTF8String
#define GDecComponentIA5String GDecComponentUTF8String
+int
+BDecComponentIA5StringTag ( void* mem_op, GenBuf *b, void *v, AsnLen *bytesDecoded, int mode );
int BDecComponentIA5String ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
#define MatchingComponentIA5String MatchingComponentOcts
#define ExtractingComponentIA5String(mem_op, cr,data) NULL
@@ -202,6 +205,7 @@ typedef struct ComponentOcts {
#define GASNOCTS_PRESENT(aocts) ((aocts)->value.octs != NULL)
int GEncComponentOcts (GenBuf *b, ComponentOcts *octs);
int GDecComponentOcts (void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
+int BDecComponentOctsTag ( void* mem_op, GenBuf *b, void *v, AsnLen *bytesDecoded, int mode );
int BDecComponentOcts (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentOcts (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentOcts(mem_op,cr,data) NULL
@@ -376,6 +380,8 @@ typedef struct ComponentAnyInfo
PrintFcn Print;
} ComponentAnyInfo;
+typedef struct ComponentAnyInfo OidDecoderMapping ;
+
typedef struct ComponentAny{
void* syntax;
ComponentDesc *comp_desc;
@@ -402,7 +408,11 @@ void InstallAnyByComponentInt (int anyId, ComponentInt intId, unsigned int size,
void InstallAnyByComponentOid (int anyId, AsnOid *oid, unsigned int size, EncodeFcn encode, gser_decoder_func* G_decode, ber_tag_decoder_func* B_decode, ExtractFcn extract, MatchFcn match, FreeFcn free, PrintFcn print);
+int CheckSelectTypeCorrect ( void* mem_op, ComponentAnyInfo *v, struct berval* select );
+OidDecoderMapping* RetrieveOidDecoderMappingbyBV( struct berval* in );
+OidDecoderMapping* RetrieveOidDecoderMappingbyOid( char* ch_oid, int oid_len );
+OidDecoderMapping* RetrieveOidDecoderMappingbyDesc( char* desc, int desc_len );
/*
* UTCTime
*/
@@ -511,12 +521,17 @@ retrieve_matching_rule( char* mr_oid, AsnTypeId type );
#define INITIAL_DN_SIZE 128
#define INITIAL_ATTR_SIZE 256
#define INCREMENT_SIZE 32
+/*
+ * Followings are for conversion from ASN.1 RDN and DN to
+ * LDAP encodings
+ */
+#define MAX_ALIASING_ENTRY 128
int increment_bv_mem ( struct berval* in );
int intToAscii ( int value, char* buf );
typedef ComponentList irRDNSequence;
typedef ComponentList irRelativeDistinguishedName;
typedef ComponentOid irAttributeType;
-typedef struct irAttributeTypeAndValue /* SEQUENCE */
+typedef struct comp_irAttributeTypeAndValue /* SEQUENCE */
{
Syntax* syntax;
ComponentDesc* comp_desc;
@@ -527,4 +542,5 @@ typedef struct irAttributeTypeAndValue /* SEQUENCE */
} irAttributeTypeAndValue;
#define RDN_MATCH_OID "1.2.36.79672281.1.13.3"
#define DN_MATCH_OID "2.5.13.1"
+
#endif
diff --git a/contrib/slapd-modules/comp_match/init.c b/contrib/slapd-modules/comp_match/init.c
index 16c2b817db..fd9419a6fe 100644
--- a/contrib/slapd-modules/comp_match/init.c
+++ b/contrib/slapd-modules/comp_match/init.c
@@ -16,8 +16,9 @@
#include "lutil.h"
#include <ldap.h>
#include "slap.h"
-
#include "component.h"
+
+#include "componentlib.h"
#include "asn.h"
#include <asn-gser.h>
@@ -27,6 +28,11 @@
#define SLAPD_COMP_MATCH SLAPD_MOD_DYNAMIC
#endif
+/*
+ * Attribute and MatchingRule aliasing table
+ */
+AttributeAliasing aa_table [ MAX_ALIASING_ENTRY ];
+MatchingRuleAliasing mra_table [ MAX_ALIASING_ENTRY ];
OD_entry* gOD_table = NULL;
AsnTypetoMatchingRuleTable* gATMR_table = NULL;
@@ -35,6 +41,90 @@ int
load_derived_matching_rule ( char* cfg_path ){
}
+AttributeAliasing*
+comp_is_aliased_attribute( void *in )
+{
+ AttributeAliasing* curr_aa;
+ int i;
+ AttributeDescription *ad = (AttributeDescription*)in;
+
+ for ( i = 0; aa_table[i].aa_aliasing_ad && i < MAX_ALIASING_ENTRY; i++ ) {
+ if ( strncmp(aa_table[i].aa_aliasing_ad->ad_cname.bv_val , ad->ad_cname.bv_val, ad->ad_cname.bv_len) == 0 )
+ return &aa_table[i];
+ }
+ return NULL;
+}
+
+static int
+add_aa_entry( int index, char* aliasing_at_name, char* aliased_at_name, char* mr_name, char* component_filter )
+{
+ char text[1][128];
+ int rc;
+ struct berval type;
+
+ /* get and store aliasing AttributeDescription */
+ type.bv_val = aliasing_at_name;
+ type.bv_len = strlen ( aliasing_at_name );
+ rc = slap_bv2ad ( &type, &aa_table[index].aa_aliasing_ad,(char**)text );
+ if ( rc != LDAP_SUCCESS ) return rc;
+
+ /* get and store aliased AttributeDescription */
+ type.bv_val = aliased_at_name;
+ type.bv_len = strlen ( aliased_at_name );
+ rc = slap_bv2ad ( &type, &aa_table[index].aa_aliased_ad,(char**)text );
+ if ( rc != LDAP_SUCCESS ) return rc;
+
+ /* get and store componentFilterMatch */
+ type.bv_val = mr_name;
+ type.bv_len = strlen ( mr_name);
+ aa_table[index].aa_mr = mr_bvfind ( &type );
+
+ /* get and store a component filter */
+ type.bv_val = component_filter;
+ type.bv_len = strlen ( component_filter );
+ rc = get_comp_filter( NULL, &type, &aa_table[index].aa_cf,(char**)text);
+
+ aa_table[index].aa_cf_str = component_filter;
+
+ return rc;
+}
+
+/*
+ * Initialize attribute aliasing table when this module is loaded
+ * add_aa_entry ( index for the global table,
+ * name of the aliasing attribute,
+ * component filter with filling value parts "xxx"
+ * )
+ * "xxx" will be replaced with effective values later.
+ * See RFC3687 to understand the content of a component filter.
+ */
+char* pre_processed_comp_filter[] = {
+/*1*/"item:{ component \"tbsCertificate.issuer.rdnSequence\", rule distinguishedNameMatch, value xxx }",
+/*2*/"item:{ component \"tbsCertificate.serialNumber\", rule integerMatch, value xxx }",
+/*3*/"and:{ item:{ component \"tbsCertificate.serialNumber\", rule integerMatch, value xxx }, item:{ component \"tbsCertificate.issuer.rdnSequence\", rule distinguishedNameMatch, value xxx } }"
+};
+
+static int
+init_attribute_aliasing_table ()
+{
+ int rc;
+ int index = 0 ;
+
+ rc = add_aa_entry ( index, "x509CertificateIssuer", "userCertificate","componentFilterMatch", pre_processed_comp_filter[index] );
+ if ( rc != LDAP_SUCCESS ) return LDAP_PARAM_ERROR;
+ index++;
+
+ rc = add_aa_entry ( index, "x509CertificateSerial","userCertificate", "componentFilterMatch", pre_processed_comp_filter[index] );
+ if ( rc != LDAP_SUCCESS ) return LDAP_PARAM_ERROR;
+ index++;
+
+ rc = add_aa_entry ( index, "x509CertificateSerialAndIssuer", "userCertificate", "componentFilterMatch", pre_processed_comp_filter[index] );
+ if ( rc != LDAP_SUCCESS ) return LDAP_PARAM_ERROR;
+ index++;
+
+ return LDAP_SUCCESS;
+}
+
MatchingRule*
retrieve_matching_rule( char* mr_oid, AsnTypeId type ) {
char* tmp;
@@ -54,65 +144,6 @@ retrieve_matching_rule( char* mr_oid, AsnTypeId type ) {
return (MatchingRule*)NULL;
}
-OD_entry*
-retrieve_oid_decoder_table ( char* oid ) {
- OD_entry* curr_entry;
- for ( curr_entry = gOD_table ; curr_entry != NULL ;
- curr_entry = curr_entry->oe_next ) {
- if ( strcmp ( curr_entry->oe_oid , oid ) == 0 )
- return curr_entry;
- }
- return (OD_entry*) NULL;
-}
-
-int
-add_OD_entry ( char* oid, gser_decoder_func* gser_decoder ,
- ber_decoder_func ber_decoder, converter_func* converter ) {
- OD_entry* new_entry;
-
- if ( !gOD_table ) {
- gOD_table = new_entry = (OD_entry*) malloc( sizeof ( OD_entry ) );
- gOD_table->oe_next = NULL;
- gOD_table->oe_prev = NULL;
- }
- else {
- new_entry = (OD_entry*) malloc( sizeof ( OD_entry ) );
- if ( !new_entry ) return -1;
- gOD_table->oe_prev = new_entry;
- new_entry->oe_next = gOD_table;
- new_entry->oe_prev = NULL;
- gOD_table = new_entry;
- }
-
- strcpy ( new_entry->oe_oid ,oid );
- new_entry->oe_gser_decoder = gser_decoder;
- new_entry->oe_ber_decoder = ber_decoder;
- new_entry->oe_converter = converter;
-
- return 1;
-}
-
-int
-remove_OD_entry ( char* oid ) {
- OD_entry* curr_entry;
- for ( curr_entry = gOD_table ; curr_entry != NULL ;
- curr_entry = curr_entry->oe_next ) {
- if ( strcmp ( curr_entry->oe_oid , oid ) == 0 ) {
- if ( !curr_entry->oe_next ) {
- if ( curr_entry->oe_prev ) {
- curr_entry->oe_prev->oe_next = NULL;
- }
- } else {
- curr_entry->oe_prev->oe_next = curr_entry->oe_next;
- curr_entry->oe_next->oe_prev = curr_entry->oe_prev;
- }
- free ( curr_entry );
- return 1;
- }
- }
- return -1;
-}
-
void*
comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv ))
{
@@ -123,15 +154,13 @@ comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv
char* oid = a->a_desc->ad_type->sat_atype.at_oid ;
GenBuf* b;
ExpBuf* buf;
- OD_entry* od_entry;
+ OidDecoderMapping* odm;
/* look for the decoder registered for the given attribute */
- od_entry = retrieve_oid_decoder_table ( oid );
- if ( !od_entry || !od_entry->oe_ber_decoder ) return (void*)NULL;
- if ( od_entry->oe_converter ) {
- size = (*od_entry->oe_converter)( bv );
- if ( size <= 0 ) return (void*)NULL;
- }
+ odm = RetrieveOidDecoderMappingbyOid( oid, strlen(oid) );
+
+ if ( !odm || (!odm->BER_Decode && odm->GSER_Decode) )
+ return (void*)NULL;
buf = ExpBufAllocBuf();
ExpBuftoGenBuf( buf, &b );
@@ -145,16 +174,20 @@ comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv
* The flag of Attribute will say something about it in the future
*/
if ( slap_syntax_is_ber ( syn ) ) {
- rc =BDecComponentTop(od_entry->oe_ber_decoder, a->a_comp_data->cd_mem_op, b, 0,0, &component,&bytesDecoded,mode ) ;
+#if 0
+ rc =BDecComponentTop(odm->BER_Decode, a->a_comp_data->cd_mem_op, b, 0,0, &component,&bytesDecoded,mode ) ;
+#endif
+ rc = odm->BER_Decode ( a->a_comp_data->cd_mem_op,b,&component,&bytesDecoded, mode );
}
else {
- rc = od_entry->oe_gser_decoder( a->a_comp_data->cd_mem_op, b, component,&bytesDecoded,mode);
+ rc = odm->GSER_Decode( a->a_comp_data->cd_mem_op, b, component,&bytesDecoded,mode);
}
ExpBufFreeBuf( buf );
if ( rc == -1 ) {
ShutdownNibbleMemLocal ( a->a_comp_data->cd_mem_op );
- a->a_comp_data->cd_mem_op = NULL;
+ free ( a->a_comp_data );
+ a->a_comp_data = NULL;
return (void*)NULL;
}
else {
@@ -225,7 +258,8 @@ int intToAscii( int value, char* buf ) {
int
comp_convert_asn_to_ldap ( MatchingRule* mr, ComponentSyntaxInfo* csi, struct berval* bv, int *allocated )
{
- int value, rc;
+ int rc;
+ struct berval prettied;
Syntax* syn;
AsnTypetoSyntax* asn_to_syn =
@@ -307,14 +341,16 @@ comp_convert_asn_to_ldap ( MatchingRule* mr, ComponentSyntaxInfo* csi, struct be
return LDAP_INVALID_SYNTAX;
*allocated = 1;
rc = ConvertRDNSequence2RFC2253( (irRDNSequence*)csi, bv );
- return rc;
+ if ( rc != LDAP_SUCCESS ) return rc;
+ break;
case RelativeDistinguishedName :
/*rdnMatch*/
if( strncmp( mr->smr_mrule.mr_oid, RDN_MATCH_OID, strlen(RDN_MATCH_OID) ) != 0 )
return LDAP_INVALID_SYNTAX;
*allocated = 1;
rc = ConvertRDN2RFC2253((irRelativeDistinguishedName*)csi,bv);
- return rc;
+ if ( rc != LDAP_SUCCESS ) return rc;
+ break;
case TelephoneNumber :
case FacsimileTelephoneNumber__telephoneNumber :
break;
@@ -328,9 +364,22 @@ comp_convert_asn_to_ldap ( MatchingRule* mr, ComponentSyntaxInfo* csi, struct be
return LDAP_INVALID_SYNTAX;
}
- if ( csi->csi_syntax && csi->csi_syntax->ssyn_validate ) {
- if ( csi->csi_syntax->ssyn_validate(csi->csi_syntax, bv) != LDAP_SUCCESS )
- return LDAP_INVALID_SYNTAX;
+ if ( csi->csi_syntax ) {
+ if ( csi->csi_syntax->ssyn_validate ) {
+ rc = csi->csi_syntax->ssyn_validate(csi->csi_syntax, bv);
+ if ( rc != LDAP_SUCCESS )
+ return LDAP_INVALID_SYNTAX;
+ }
+ if ( csi->csi_syntax->ssyn_pretty ) {
+ rc = csi->csi_syntax->ssyn_pretty(csi->csi_syntax, bv, &prettied , NULL );
+ if ( rc != LDAP_SUCCESS )
+ return LDAP_INVALID_SYNTAX;
+#if 0
+ free ( bv->bv_val );/*potential memory leak?*/
+#endif
+ bv->bv_val = prettied.bv_val;
+ bv->bv_len = prettied.bv_len;
+ }
}
return LDAP_SUCCESS;
@@ -343,7 +392,8 @@ comp_convert_asn_to_ldap ( MatchingRule* mr, ComponentSyntaxInfo* csi, struct be
#define IS_TERMINAL_COMPREF(cr) (cr->cr_curr->ci_next == NULL)
int
comp_test_all_components (
- void* mem_op,
+ void* attr_mem_op,
+ void* assert_mem_op,
ComponentSyntaxInfo *csi_attr,
ComponentAssertion* ca )
{
@@ -353,40 +403,11 @@ comp_test_all_components (
struct berval *ca_val = &ca->ca_ma_value;
switch ( cr->cr_curr->ci_type ) {
- case LDAP_COMPREF_IDENTIFIER:
- case LDAP_COMPREF_FROM_BEGINNING:
- case LDAP_COMPREF_FROM_END:
- csi_temp = (ComponentSyntaxInfo*)csi_attr->csi_comp_desc->cd_extract_i( mem_op, cr, csi_attr );
- if ( cr->cr_curr->ci_type == LDAP_COMPREF_ALL ) {
- rc = comp_test_all_components ( mem_op, csi_temp, ca );
- } else {
- rc = comp_test_one_component( mem_op, csi_temp, ca );
- }
- break;
- case LDAP_COMPREF_COUNT:
- /* "count" component reference should be the last component id */
- if ( IS_TERMINAL_COMPREF(cr) ) {
- ComponentInt *k;
- k = (ComponentInt*)CompAlloc( mem_op, sizeof(ComponentInt) );
- k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
- k->comp_desc->cd_tag = 0;
- k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentInt;
- k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentInt;
- k->comp_desc->cd_extract_i = (extract_component_from_id_func*)NULL;
- k->comp_desc->cd_type = ASN_BASIC;
- k->comp_desc->cd_type_id = BASICTYPE_INTEGER;
- k->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentInt;
- k->value = AsnListCount(&((ComponentList*)csi_attr)->comp_list);
- rc = comp_test_one_component( mem_op, k, ca );
- } else {
- rc = LDAP_INVALID_SYNTAX;
- }
- break;
case LDAP_COMPREF_ALL:
if ( IS_TERMINAL_COMPREF(cr) ) {
FOR_EACH_LIST_ELMT( comp_elmt, &((ComponentList*)csi_attr)->comp_list )
{
- rc = comp_test_one_component( mem_op, comp_elmt, ca );
+ rc = comp_test_one_component( attr_mem_op, assert_mem_op, comp_elmt, ca );
if ( rc == LDAP_COMPARE_TRUE ) {
break;
}
@@ -396,13 +417,8 @@ comp_test_all_components (
FOR_EACH_LIST_ELMT( comp_elmt, &((ComponentList*)csi_attr)->comp_list )
{
cr->cr_curr = start_compid;
- csi_temp = comp_elmt->csi_comp_desc->cd_extract_i( mem_op, cr, comp_elmt );
- if ( cr->cr_curr->ci_type == LDAP_COMPREF_ALL ) {
- rc = comp_test_all_components ( mem_op, csi_temp, ca );
- } else {
- rc = comp_test_one_component ( mem_op, csi_temp, ca );
- }
-
+ rc = comp_test_components ( attr_mem_op, assert_mem_op, comp_elmt, ca );
+
if ( rc == LDAP_COMPARE_TRUE ) {
break;
}
@@ -413,6 +429,10 @@ comp_test_all_components (
case LDAP_COMPREF_SELECT:
case LDAP_COMPREF_DEFINED:
case LDAP_COMPREF_UNDEFINED:
+ case LDAP_COMPREF_IDENTIFIER:
+ case LDAP_COMPREF_FROM_BEGINNING:
+ case LDAP_COMPREF_FROM_END:
+ case LDAP_COMPREF_COUNT:
rc = LDAP_OPERATIONS_ERROR;
break;
default:
@@ -430,109 +450,6 @@ eat_bv_whsp ( struct berval* in )
}
}
-int
-get_primitive_GSER_value ( struct berval* in )
-{
- int count, sequent_dquote, unclosed_brace, succeed;
- char* ptr = in->bv_val;
- char* end = in->bv_val + in->bv_len;
-
- eat_bv_whsp( in );
- /*
- * Four cases of GSER <Values>
- * 1) "..." :
- * StringVal, GeneralizedTimeVal, UTCTimeVal, ObjectDescriptorVal
- * 2) '...'B or '...'H :
- * BitStringVal, OctetStringVal
- * 3) {...} :
- * SEQUENCE, SEQUENCEOF, SETOF, SET, CHOICE, BIT STRING(bit list)
- * 4) Between two white spaces
- * INTEGER, BOOLEAN, NULL,ENUMERATE, REAL
- */
-
- if ( in->bv_len <= 0 )
- return LDAP_INVALID_SYNTAX;
-
- succeed = 0;
- if ( ptr[0] == '"' ) {
- for( count = 1, sequent_dquote = 0 ; ; count++ ) {
- /* In order to find escaped double quote */
- if ( ptr[count] == '"' ) sequent_dquote++;
- else sequent_dquote = 0;
-
- if ( ptr[count] == '\0' || (ptr + count) > end ) {
- break;
- }
-
- if ( ( ptr[count] == '"' && ptr[count-1] != '"') ||
- ( sequent_dquote > 2 && (sequent_dquote%2) == 1 ) ) {
- succeed = 1;
- break;
- }
- }
-
- if ( !succeed || ptr[count] != '"' )
- return LDAP_FILTER_ERROR;
-
- in->bv_val = ptr+1; /*the next to '"'*/
- in->bv_len = count - 1; /* exclude '"' */
- }
- else if ( ptr[0] == '\'' ) {
- for( count = 1 ; ; count++ ) {
- if ( ptr[count] == '\0' || (ptr+count) > end ) {
- break;
- }
- if ((ptr[count-1] == '\'' && ptr[count] == 'B')||
- (ptr[count-1] == '\'' && ptr[count] == 'H') ) {
- succeed = 1;
- break;
- }
- }
-
- if ( !succeed || !(ptr[count] == 'H' || ptr[count] == 'B') )
- return LDAP_FILTER_ERROR;
-
- in->bv_val = ptr+1; /* the next to '"' */
- in->bv_len = count - 2; /* exclude "'H" or "'B" */
-
- }
- else if ( ptr[0] == '{' ) {
- for( count = 1, unclosed_brace = 1 ; ; count++ ) {
- if ( ptr[count] == '{' ) unclosed_brace++;
- if ( ptr[count] == '}' ) unclosed_brace--;
-
- if ( ptr[count] == '\0' || (ptr+count) > end )
- break;
- if ( unclosed_brace == 0 ) {
- succeed = 1;
- break;
- }
- }
-
- if ( !succeed || ptr[count] != '}' )
- return LDAP_FILTER_ERROR;
-
- in->bv_val = ptr+1; /*the next to '"'*/
- in->bv_len = count - 1; /* exclude '"' */
- }
- else {
- /*Find following white space where the value is ended*/
- for( count = 1 ; ; count++ ) {
- if ( ptr[count] == '\0' || ptr[count] == ' ' ||
- (ptr+count) >end ) {
- break;
- }
- }
- if ( ptr[count] != ' ' )
- return LDAP_FILTER_ERROR;
-
- in->bv_val = ptr; /*the next to '"'*/
- in->bv_len = count; /* exclude '"' */
- }
-
- return LDAP_SUCCESS;
-}
-
/*
* Perform matching one referenced component against assertion
* If the matching rule in a component filter is allComponentsMatch
@@ -543,7 +460,8 @@ get_primitive_GSER_value ( struct berval* in )
*/
int
comp_test_one_component (
- void* mem_op,
+ void* attr_mem_op,
+ void* assert_mem_op,
ComponentSyntaxInfo *csi_attr,
ComponentAssertion *ca )
{
@@ -555,7 +473,7 @@ comp_test_one_component (
if ( mr->smr_usage & SLAP_MR_COMPONENT ) {
/* If allComponentsMatch or its derivatives */
if ( !ca->ca_comp_data.cd_tree ) {
- comp_convert_assert_to_comp( mem_op, csi_attr, &ca->ca_ma_value, &csi_assert, &len, DEC_ALLOC_MODE_0 );
+ comp_convert_assert_to_comp( assert_mem_op, csi_attr, &ca->ca_ma_value, &csi_assert, &len, DEC_ALLOC_MODE_0 );
ca->ca_comp_data.cd_tree = (void*)csi_assert;
} else {
csi_assert = ca->ca_comp_data.cd_tree;
@@ -575,32 +493,173 @@ comp_test_one_component (
} else {
/* LDAP existing matching rules */
struct berval attr_bv = BER_BVNULL;
+ struct berval n_attr_bv = BER_BVNULL;
struct berval* assert_bv = &ca->ca_ma_value;
int allocated = 0;
/*Attribute is converted to compatible LDAP encodings*/
if ( comp_convert_asn_to_ldap( mr, csi_attr, &attr_bv, &allocated ) != LDAP_SUCCESS )
return LDAP_INAPPROPRIATE_MATCHING;
-
+ /* extracted component value is not normalized */
+ if ( ca->ca_ma_rule->smr_normalize ) {
+ rc = ca->ca_ma_rule->smr_normalize (
+ SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
+ NULL, ca->ca_ma_rule,
+ &attr_bv, &n_attr_bv, NULL );
+ if ( rc != LDAP_SUCCESS )
+ return rc;
+ if ( allocated && attr_bv.bv_val )
+ free (attr_bv.bv_val);
+ } else {
+ n_attr_bv = attr_bv;
+ }
+#if 0
/*Assertion value is validated by MR's syntax*/
if ( !ca->ca_comp_data.cd_tree ) {
- if ( get_primitive_GSER_value( assert_bv ) != LDAP_SUCCESS )
- return LDAP_INVALID_SYNTAX;
- assert_bv->bv_val[assert_bv->bv_len] = '\0';
- if ( mr->smr_syntax->ssyn_validate( mr->smr_syntax, assert_bv ) != LDAP_SUCCESS ) {
- return LDAP_INVALID_SYNTAX;
- }
ca->ca_comp_data.cd_tree = assert_bv;
}
else {
assert_bv = ca->ca_comp_data.cd_tree;
}
-
- rc = csi_value_match( mr, &attr_bv, assert_bv );
- if ( allocated ) free (attr_bv.bv_val);
+#endif
+ rc = csi_value_match( mr, &n_attr_bv, assert_bv );
+ if ( n_attr_bv.bv_val )
+ free ( n_attr_bv.bv_val );
return rc;
}
}
+int
+comp_test_components( void* attr_nm, void* assert_nm, ComponentSyntaxInfo* csi_attr, ComponentAssertion* ca) {
+ char* peek_head;
+ int mode, bytesDecoded = 0, rc;
+ GenBuf* b;
+ ExpBuf* buf;
+ OidDecoderMapping* odm;
+ struct berval bv;
+ char oid[MAX_OID_LEN];
+ void* contained_comp, *anytype_comp;
+ ComponentReference* cr = ca->ca_comp_ref;
+
+ /* Extracting the component refrenced by ca->ca_comp_ref */
+ csi_attr = (ComponentSyntaxInfo*)csi_attr->csi_comp_desc->cd_extract_i( attr_nm, cr, csi_attr );
+ if ( !csi_attr ) return LDAP_INVALID_SYNTAX;
+ /* perform matching, considering the type of a Component Reference(CR)*/
+ switch( cr->cr_curr->ci_type ) {
+ case LDAP_COMPREF_IDENTIFIER:
+ case LDAP_COMPREF_FROM_BEGINNING:
+ case LDAP_COMPREF_FROM_END:
+ case LDAP_COMPREF_COUNT:
+ /*
+ * Exactly one component is referenced
+ * Fast Path for matching for this case
+ */
+ rc = comp_test_one_component ( attr_nm, assert_nm, csi_attr, ca );
+ break;
+ case LDAP_COMPREF_ALL:
+ /*
+ * If <all> type CR is used
+ * more than one component will be tested
+ */
+ rc = comp_test_all_components ( attr_nm, assert_nm, csi_attr, ca );
+ break;
+
+ case LDAP_COMPREF_CONTENT:
+ /*
+ * <content> type CR is used
+ * check if it is followed by <select> type CR.
+ * 1) If so, look up the corresponding decoder in the mapping
+ * table(OID to decoder) by <select>
+ * and then decode the OCTET/BIT STRING with the decoder
+ * Finially, extreact the target component with the remaining CR.
+ * 2) If not, just return the current component, It SHOULD not be
+ * extracted further, because the component MUST be BIT/OCTET
+ * string.
+ */
+
+ cr->cr_curr = cr->cr_curr->ci_next;
+ if ( !cr->cr_curr ) {
+ /* case 2) in above description */
+ rc = comp_test_one_component ( attr_nm, assert_nm, csi_attr, ca );
+ break;
+ }
+
+ if ( cr->cr_curr->ci_type == LDAP_COMPREF_SELECT ) {
+ /* Look up OID mapping table */
+ odm = RetrieveOidDecoderMappingbyBV( &cr->cr_curr->ci_val.ci_select_value );
+
+ if ( !odm || !odm->BER_Decode )
+ return LDAP_PROTOCOL_ERROR;
+
+ /* current componet MUST be either BIT or OCTET STRING */
+ if ( csi_attr->csi_comp_desc->cd_type_id != BASICTYPE_BITSTRING ) {
+ bv.bv_val = ((ComponentBits*)csi_attr)->value.bits;
+ bv.bv_len = ((ComponentBits*)csi_attr)->value.bitLen;
+ }
+ else if ( csi_attr->csi_comp_desc->cd_type_id != BASICTYPE_BITSTRING ) {
+ bv.bv_val = ((ComponentOcts*)csi_attr)->value.octs;
+ bv.bv_len = ((ComponentOcts*)csi_attr)->value.octetLen;
+ }
+ else
+ return LDAP_PROTOCOL_ERROR;
+
+ buf = ExpBufAllocBuf();
+ ExpBuftoGenBuf( buf, &b );
+ ExpBufInstallDataInBuf ( buf, bv.bv_val, bv.bv_len );
+ BufResetInReadMode( b );
+ mode = DEC_ALLOC_MODE_2;
+
+ /* Try to decode with BER/DER decoder */
+#if 0
+ rc =BDecComponentTop( odm->BER_Decode, attr_nm, b, 0,0, &contained_comp,&bytesDecoded, mode );
+#endif
+ rc = odm->BER_Decode ( attr_nm,b,&contained_comp,&bytesDecoded, mode );
+
+#if 0
+ if ( rc != LDAP_SUCCESS ) {
+ /* If fails with BER/DER decoder, try with GSER */
+ bytesDecoded = 0;
+ BufResetInReadMode( b );
+ rc = odm->GSER_decoder( attr_nm, b, contained_comp, &bytesDecoded, mode);
+ }
+#endif
+ ExpBufFreeBuf( buf );
+
+ if ( rc != LDAP_SUCCESS ) return LDAP_PROTOCOL_ERROR;
+
+ /* xxx.content.(x.xy.xyz).rfc822Name */
+ /* In the aboe Ex. move CR to the right to (x.xy.xyz)*/
+ cr->cr_curr = cr->cr_curr->ci_next;
+ if (!cr->cr_curr )
+ rc = comp_test_one_component ( attr_nm, assert_nm, csi_attr, ca );
+ else
+ rc = comp_test_components( attr_nm, assert_nm, contained_comp, ca );
+ }
+ else {
+ /* Ivalid Component reference */
+ rc = LDAP_PROTOCOL_ERROR;
+ }
+ break;
+ case LDAP_COMPREF_SELECT:
+ if (csi_attr->csi_comp_desc->cd_type_id != BASICTYPE_ANY )
+ return LDAP_INVALID_SYNTAX;
+ rc = CheckSelectTypeCorrect( attr_nm, ((ComponentAny*)csi_attr)->cai, &cr->cr_curr->ci_val.ci_select_value );
+ if ( rc < 0 ) return LDAP_INVALID_SYNTAX;
+
+ /* point to the real component, not any type component */
+ csi_attr = ((ComponentAny*)csi_attr)->value;
+ cr->cr_curr = cr->cr_curr->ci_next;
+ if ( cr->cr_curr )
+ rc = comp_test_components( attr_nm, assert_nm, csi_attr, ca);
+ else
+ rc = comp_test_one_component( attr_nm, assert_nm, csi_attr, ca);
+ break;
+ default:
+ rc = LDAP_INVALID_SYNTAX;
+ }
+ return rc;
+}
+
+
void*
comp_nibble_memory_allocator ( int init_mem, int inc_mem ) {
void* nm;
@@ -622,10 +681,10 @@ extern convert_attr_to_comp_func* attr_converter;
extern convert_assert_to_comp_func* assert_converter;
extern convert_asn_to_ldap_func* csi_converter;
extern free_component_func* component_destructor;
-extern test_component_func* test_one_component;
-extern test_component_func* test_all_components;
+extern test_component_func* test_components;
extern alloc_nibble_func* nibble_mem_allocator;
extern free_nibble_func* nibble_mem_free;
+extern test_membership_func* is_aliased_attribute;
int init_module(int argc, char *argv[]) {
@@ -635,16 +694,18 @@ int init_module(int argc, char *argv[]) {
attr_converter = comp_convert_attr_to_comp;
assert_converter = comp_convert_assert_to_comp;
component_destructor = comp_free_component;
- test_one_component = comp_test_one_component;
- test_all_components = comp_test_all_components;
+ test_components = comp_test_components;
nibble_mem_allocator = comp_nibble_memory_allocator;
nibble_mem_free = comp_nibble_memory_free;
+ is_aliased_attribute = (test_membership_func*)comp_is_aliased_attribute;
/* file path needs to be */
load_derived_matching_rule ("derived_mr.cfg");
/* the initialization for example X.509 certificate */
init_module_AuthenticationFramework();
+ init_module_AuthorityKeyIdentifierDefinition();
+ init_attribute_aliasing_table ();
return 0;
}
diff --git a/servers/slapd/attr.c b/servers/slapd/attr.c
index 07c3e4df31..e1e64c8566 100644
--- a/servers/slapd/attr.c
+++ b/servers/slapd/attr.c
@@ -40,23 +40,31 @@
#include "slap.h"
-#ifdef LDAP_COMP_MATCH
-extern free_component_func* component_destructor;
-#endif
void
attr_free( Attribute *a )
{
if ( a->a_nvals && a->a_nvals != a->a_vals )
ber_bvarray_free( a->a_nvals );
ber_bvarray_free( a->a_vals );
+ free( a );
+}
+
#ifdef LDAP_COMP_MATCH
- if ( component_destructor && a->a_comp_data && a->a_comp_data->cd_mem_op ) {
- component_destructor( a->a_comp_data->cd_mem_op );
- free ( a->a_comp_data );
+void
+comp_tree_free( Attribute *a )
+{
+ Attribute *next;
+
+ for( ; a != NULL ; a = next ) {
+ next = a->a_next;
+ if ( component_destructor && a->a_comp_data &&
+ a->a_comp_data->cd_mem_op ) {
+ component_destructor( a->a_comp_data->cd_mem_op );
+ free ( a->a_comp_data );
+ }
}
-#endif
- free( a );
}
+#endif
void
attrs_free( Attribute *a )
diff --git a/servers/slapd/back-bdb/id2entry.c b/servers/slapd/back-bdb/id2entry.c
index 0bb1ced380..1ef56e71d3 100644
--- a/servers/slapd/back-bdb/id2entry.c
+++ b/servers/slapd/back-bdb/id2entry.c
@@ -168,6 +168,9 @@ int bdb_entry_return(
* is when an entry has been modified, in which case we also need
* to free e_attrs.
*/
+#ifdef LDAP_COMP_MATCH
+ comp_tree_free( e->e_attrs );
+#endif
if( !e->e_bv.bv_val ) { /* A regular entry, from do_add */
entry_free( e );
return 0;
diff --git a/servers/slapd/component.c b/servers/slapd/component.c
index 9b76edfa1b..ced9d9baea 100644
--- a/servers/slapd/component.c
+++ b/servers/slapd/component.c
@@ -29,7 +29,7 @@
#include "component.h"
/*
- * This three function pointers are initialized
+ * Following function pointers are initialized
* when a component module is loaded
*/
alloc_nibble_func* nibble_mem_allocator = NULL;
@@ -37,8 +37,8 @@ free_nibble_func* nibble_mem_free = NULL;
convert_attr_to_comp_func* attr_converter = NULL ;
convert_assert_to_comp_func* assert_converter = NULL ;
free_component_func* component_destructor = NULL ;
-test_component_func* test_one_component = NULL;
-test_component_func* test_all_components = NULL;
+test_component_func* test_components = NULL;
+test_membership_func* is_aliased_attribute = NULL;
#define OID_ALL_COMP_MATCH "1.2.36.79672281.1.13.6"
#define OID_COMP_FILTER_MATCH "1.2.36.79672281.1.13.2"
@@ -149,7 +149,7 @@ allComponentsMatch(
}
static int
-slapd_ber2cav( struct berval* bv, ComponentAssertionValue* cav)
+slapd_ber2cav( struct berval* bv, ComponentAssertionValue* cav )
{
int len;
@@ -159,6 +159,168 @@ slapd_ber2cav( struct berval* bv, ComponentAssertionValue* cav)
return LDAP_SUCCESS;
}
+static ComponentReference*
+dup_comp_ref ( Operation* op, ComponentReference* cr )
+{
+ int rc, count = 0;
+ ComponentReference* dup_cr;
+ ComponentId* ci_curr;
+ ComponentId** ci_temp;
+ ber_int_t type;
+
+ dup_cr = op->o_tmpalloc( sizeof( ComponentReference ), op->o_tmpmemctx );
+
+ dup_cr->cr_len = cr->cr_len;
+ dup_cr->cr_string = cr->cr_string;
+
+ ci_temp = &dup_cr->cr_list;
+ ci_curr = cr->cr_list;
+
+ for ( ; ci_curr ; ci_curr = ci_curr->ci_next, ci_temp = &(*ci_temp)->ci_next ) {
+ *ci_temp = op->o_tmpalloc( sizeof( ComponentId ), op->o_tmpmemctx );
+ if ( !ci_temp ) return NULL;
+ **ci_temp = *ci_curr;
+ }
+
+ dup_cr->cr_curr = dup_cr->cr_list;
+
+ return dup_cr;
+}
+
+static int
+dup_comp_filter_list (
+ Operation *op,
+ struct berval *bv,
+ ComponentFilter* in_f,
+ ComponentFilter** out_f )
+{
+ ComponentFilter **new, *f;
+ int rc;
+
+ new = out_f;
+ for ( f = in_f; f != NULL; f = f->cf_next ) {
+ rc = dup_comp_filter( op, bv, f, new );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+ new = &(*new)->cf_next;
+ }
+ return LDAP_SUCCESS;
+}
+
+int
+get_len_of_next_assert_value ( struct berval* bv, char separator )
+{
+ int i = 0;
+ while (1) {
+ if ( (bv->bv_val[ i ] == separator) || ( i >= bv->bv_len) )
+ break;
+ i++;
+ }
+ bv->bv_val += (i + 1);
+ bv->bv_len -= (i + 1);
+ return i;
+}
+
+int
+dup_comp_filter_item (
+ Operation *op,
+ struct berval* assert_bv,
+ ComponentAssertion* in_ca,
+ ComponentAssertion** out_ca )
+{
+ ComponentAssertion* ca;
+ int len;
+
+ if ( !in_ca->ca_comp_ref )
+ return SLAPD_DISCONNECT;
+
+ *out_ca = op->o_tmpalloc( sizeof( ComponentAssertion ), op->o_tmpmemctx );
+ if ( !(*out_ca) )
+ return LDAP_NO_MEMORY;
+
+ (*out_ca)->ca_comp_data.cd_tree = NULL;
+ (*out_ca)->ca_comp_data.cd_mem_op = NULL;
+
+ (*out_ca)->ca_comp_ref = dup_comp_ref ( op, in_ca->ca_comp_ref );
+ (*out_ca)->ca_use_def = 0;
+ (*out_ca)->ca_ma_rule = in_ca->ca_ma_rule;
+
+ (*out_ca)->ca_ma_value.bv_val = assert_bv->bv_val;
+ len = get_len_of_next_assert_value ( assert_bv, '$' );
+ if ( len <= 0 )
+ return SLAPD_DISCONNECT;
+ (*out_ca)->ca_ma_value.bv_len = len;
+
+ return LDAP_SUCCESS;
+}
+
+int
+dup_comp_filter (
+ Operation* op,
+ struct berval *bv,
+ ComponentFilter *in_f,
+ ComponentFilter **out_f )
+{
+ int rc;
+ ComponentFilter dup_f;
+ bzero( &dup_f, sizeof(dup_f));
+
+ if ( !in_f ) return LDAP_PROTOCOL_ERROR;
+
+ switch ( in_f->cf_choice ) {
+ case LDAP_COMP_FILTER_AND:
+ rc = dup_comp_filter_list( op, bv, in_f->cf_and, &dup_f.cf_and);
+ dup_f.cf_choice = LDAP_COMP_FILTER_AND;
+ break;
+ case LDAP_COMP_FILTER_OR:
+ rc = dup_comp_filter_list( op, bv, in_f->cf_or, &dup_f.cf_or);
+ dup_f.cf_choice = LDAP_COMP_FILTER_OR;
+ break;
+ case LDAP_COMP_FILTER_NOT:
+ rc = dup_comp_filter( op, bv, in_f->cf_not, &dup_f.cf_not);
+ dup_f.cf_choice = LDAP_COMP_FILTER_NOT;
+ break;
+ case LDAP_COMP_FILTER_ITEM:
+ rc = dup_comp_filter_item( op, bv, in_f->cf_ca ,&dup_f.cf_ca );
+ dup_f.cf_choice = LDAP_COMP_FILTER_ITEM;
+ break;
+ default:
+ rc = LDAP_PROTOCOL_ERROR;
+ }
+
+ if ( rc == LDAP_SUCCESS ) {
+ *out_f = op->o_tmpalloc( sizeof(dup_f), op->o_tmpmemctx );
+ **out_f = dup_f;
+ }
+
+ return( rc );
+}
+
+
+int
+get_aliased_filter ( Operation* op, MatchingRuleAssertion* ma, AttributeAliasing* aa, const char** text )
+{
+ int rc;
+ struct berval assert_bv;
+ ComponentAssertion* ca;
+
+ Debug( LDAP_DEBUG_FILTER, "get_aliased_filter\n", 0, 0, 0 );
+
+ if ( !aa->aa_cf ) return LDAP_PROTOCOL_ERROR;
+
+ assert_bv = ma->ma_value;
+ /* Attribute Description is replaced with aliased one */
+ ma->ma_desc = aa->aa_aliased_ad;
+ ma->ma_rule = aa->aa_mr;
+ /*
+ * Duplicate aa->aa_cf to ma->ma_cf by replacing the
+ * the component assertion value in assert_bv
+ * Multiple values may be separated with '$'
+ */
+ rc = dup_comp_filter ( op, &assert_bv, aa->aa_cf, &ma->ma_cf );
+}
+
int
get_comp_filter( Operation* op, struct berval* bv, ComponentFilter** filt,
const char **text )
@@ -292,11 +454,11 @@ get_componentId( Operation *op, ComponentAssertionValue* cav,
if ( cav->cav_ptr[len] != '(' )
return LDAP_COMPREF_UNDEFINED;
for( ;cav->cav_ptr[len] != ' ' && cav->cav_ptr[len] != '\0' &&
- cav->cav_ptr[len] != '.' && cav->cav_ptr[len] != '\"' &&
- cav->cav_ptr[len] != ')' ; len++ );
+ cav->cav_ptr[len] != '\"' && cav->cav_ptr[len] != ')'
+ ; len++ );
_cid.ci_val.ci_select_value.bv_val = cav->cav_ptr + 1;
_cid.ci_val.ci_select_value.bv_len = len - 1 ;
- cav->cav_ptr += len;
+ cav->cav_ptr += len + 1;
break;
case LDAP_COMPREF_ALL :
_cid.ci_val.ci_all = '*';
@@ -306,7 +468,10 @@ get_componentId( Operation *op, ComponentAssertionValue* cav,
return LDAP_COMPREF_UNDEFINED;
}
- *cid = op->o_tmpalloc( sizeof( ComponentId ), op->o_tmpmemctx );
+ if ( op )
+ *cid = op->o_tmpalloc( sizeof( ComponentId ), op->o_tmpmemctx );
+ else
+ *cid = malloc( sizeof( ComponentId ) );
**cid = _cid;
return LDAP_SUCCESS;
}
@@ -321,8 +486,6 @@ peek_componentId_type( ComponentAssertionValue* cav )
return LDAP_COMPREF_SELECT;
else if ( cav->cav_ptr[0] == '*' )
return LDAP_COMPREF_ALL;
- else if ( strncmp(cav->cav_ptr,"all",3) == 0 )
- return LDAP_COMPREF_ALL;
else if ( cav->cav_ptr[0] == '0' )
return LDAP_COMPREF_COUNT;
else if ( cav->cav_ptr[0] > '0' && cav->cav_ptr[0] <= '9' )
@@ -353,7 +516,7 @@ static int
get_component_reference( Operation *op, ComponentAssertionValue* cav,
ComponentReference** cr, const char** text )
{
- int rc,count=0;
+ int rc, count = 0;
ber_int_t type;
ComponentReference* ca_comp_ref;
ComponentId** cr_list;
@@ -363,8 +526,12 @@ get_component_reference( Operation *op, ComponentAssertionValue* cav,
if ( ( rc = strip_cav_str( cav,"\"") ) != LDAP_SUCCESS )
return rc;
- ca_comp_ref =
- op->o_tmpalloc( sizeof( ComponentReference ), op->o_tmpmemctx );
+ if ( op )
+ ca_comp_ref = op->o_tmpalloc( sizeof( ComponentReference ), op->o_tmpmemctx );
+ else
+ ca_comp_ref = malloc( sizeof( ComponentReference ) );
+
+ if ( !ca_comp_ref ) return LDAP_NO_MEMORY;
cr_list = &ca_comp_ref->cr_list;
@@ -381,7 +548,10 @@ get_component_reference( Operation *op, ComponentAssertionValue* cav,
ca_comp_ref->cr_len = count;
if ( ( rc = strip_cav_str( cav,"\"") ) != LDAP_SUCCESS ) {
- op->o_tmpfree( ca_comp_ref , op->o_tmpmemctx );
+ if ( op )
+ op->o_tmpfree( ca_comp_ref , op->o_tmpmemctx );
+ else
+ free( ca_comp_ref );
return rc;
}
@@ -389,7 +559,10 @@ get_component_reference( Operation *op, ComponentAssertionValue* cav,
*cr = ca_comp_ref;
**cr = *ca_comp_ref;
}
- else op->o_tmpfree( ca_comp_ref , op->o_tmpmemctx );
+ else if ( op )
+ op->o_tmpfree( ca_comp_ref , op->o_tmpmemctx );
+ else
+ free( ca_comp_ref ) ;
return rc;
}
@@ -480,6 +653,12 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
break;
}
}
+
+ if ( !succeed || cav->cav_ptr[count] != '"' )
+ return LDAP_FILTER_ERROR;
+
+ bv->bv_val = cav->cav_ptr + 1;
+ bv->bv_len = count - 1; /* exclude '"' */
}
else if ( cav->cav_ptr[0] == '\'' ) {
for( count = 1 ; ; count++ ) {
@@ -492,6 +671,12 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
break;
}
}
+
+ if ( !succeed || !(cav->cav_ptr[count] == 'H' || cav->cav_ptr[count] == 'B') )
+ return LDAP_FILTER_ERROR;
+
+ bv->bv_val = cav->cav_ptr + 1;/*the next to '"' */
+ bv->bv_len = count - 2;/* exclude "'H" or "'B" */
}
else if ( cav->cav_ptr[0] == '{' ) {
@@ -506,6 +691,12 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
break;
}
}
+
+ if ( !succeed || cav->cav_ptr[count] != '}' )
+ return LDAP_FILTER_ERROR;
+
+ bv->bv_val = cav->cav_ptr + 1;/*the next to '"' */
+ bv->bv_len = count - 1;/* exclude "'B" */
}
else {
succeed = 1;
@@ -515,13 +706,12 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
break;
}
}
+ bv->bv_val = cav->cav_ptr;
+ bv->bv_len = count;
}
- if ( !succeed ) return LDAP_FILTER_ERROR;
+ cav->cav_ptr += bv->bv_len;
- bv->bv_val = cav->cav_ptr;
- bv->bv_len = count ;
- cav->cav_ptr += count;
return LDAP_SUCCESS;
}
@@ -611,9 +801,17 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
{
int rc;
ComponentAssertion* _ca;
+ struct berval t_bv;
+ struct berval value;
+ MatchingRule* mr;
- Debug( LDAP_DEBUG_FILTER, "get_item: %s\n", 0, 0, 0 );
- _ca = op->o_tmpalloc( sizeof( ComponentAssertion ), op->o_tmpmemctx );
+ Debug( LDAP_DEBUG_FILTER, "get_item \n", 0, 0, 0 );
+ if ( op )
+ _ca = op->o_tmpalloc( sizeof( ComponentAssertion ), op->o_tmpmemctx );
+ else
+ _ca = malloc( sizeof( ComponentAssertion ) );
+
+ if ( !_ca ) return LDAP_NO_MEMORY;
_ca->ca_comp_data.cd_tree = NULL;
_ca->ca_comp_data.cd_mem_op = NULL;
@@ -623,9 +821,11 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
strip_cav_str( cav, "component" );
rc = get_component_reference( op, cav, &_ca->ca_comp_ref, text );
if ( rc != LDAP_SUCCESS ) {
- rc = LDAP_INVALID_SYNTAX;
- op->o_tmpfree( _ca, op->o_tmpmemctx );
- return rc;
+ if ( op )
+ op->o_tmpfree( _ca, op->o_tmpmemctx );
+ else
+ free( _ca );
+ return LDAP_INVALID_SYNTAX;
}
}
@@ -636,9 +836,11 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
if ( rc == LDAP_SUCCESS ) {
rc = get_ca_use_default( op, cav, &_ca->ca_use_def, text );
if ( rc != LDAP_SUCCESS ) {
- rc = LDAP_INVALID_SYNTAX;
- op->o_tmpfree( _ca, op->o_tmpmemctx );
- return rc;
+ if ( op )
+ op->o_tmpfree( _ca, op->o_tmpmemctx );
+ else
+ free( _ca );
+ return LDAP_INVALID_SYNTAX;
}
if ( ( rc = strip_cav_str( cav,",") ) != LDAP_SUCCESS )
return rc;
@@ -647,20 +849,49 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
if ( !( strip_cav_str( cav, "rule" ) == LDAP_SUCCESS &&
get_matching_rule( op, cav , &_ca->ca_ma_rule, text ) == LDAP_SUCCESS )) {
- rc = LDAP_INAPPROPRIATE_MATCHING;
- op->o_tmpfree( _ca, op->o_tmpmemctx );
- return rc;
+ if ( op )
+ op->o_tmpfree( _ca, op->o_tmpmemctx );
+ else
+ free( _ca );
+ return LDAP_INAPPROPRIATE_MATCHING;
}
if ( ( rc = strip_cav_str( cav,",") ) != LDAP_SUCCESS )
return rc;
if ( !(strip_cav_str( cav, "value" ) == LDAP_SUCCESS &&
- get_matching_value( op, _ca, cav, &_ca->ca_ma_value,text ) == LDAP_SUCCESS )) {
- rc = LDAP_INVALID_SYNTAX;
- op->o_tmpfree( _ca, op->o_tmpmemctx );
- return rc;
+ get_matching_value( op, _ca, cav,&value ,text ) == LDAP_SUCCESS )) {
+ if ( op )
+ op->o_tmpfree( _ca, op->o_tmpmemctx );
+ else
+ free( _ca );
+ return LDAP_INVALID_SYNTAX;
}
+ /*
+ * Normalize the value of this component assertion when the matching
+ * rule is one of existing matching rules
+ */
+ mr = _ca->ca_ma_rule;
+ if ( op && !(mr->smr_usage & (SLAP_MR_COMPONENT)) && mr->smr_normalize ) {
+
+ value.bv_val[value.bv_len] = '\0';
+ rc = mr->smr_normalize (
+ SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
+ NULL, mr,
+ &value, &_ca->ca_ma_value, op->o_tmpmemctx );
+ if ( rc != LDAP_SUCCESS )
+ return rc;
+ }
+ else
+ _ca->ca_ma_value = value;
+ /*
+ * Validate the value of this component assertion
+ */
+ if ( op && mr->smr_syntax->ssyn_validate( mr->smr_syntax, &_ca->ca_ma_value) != LDAP_SUCCESS ) {
+ return LDAP_INVALID_SYNTAX;
+ }
+
+
/* componentFilterMatch contains componentFilterMatch in it */
if ( strcmp(_ca->ca_ma_rule->smr_mrule.mr_oid, OID_COMP_FILTER_MATCH ) == 0) {
struct berval bv;
@@ -668,7 +899,10 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
bv.bv_len = cav_cur_len( cav );
rc = get_comp_filter( op, &bv,(ComponentFilter**)&_ca->ca_cf, text );
if ( rc != LDAP_SUCCESS ) {
- op->o_tmpfree( _ca, op->o_tmpmemctx );
+ if ( op )
+ op->o_tmpfree( _ca, op->o_tmpmemctx );
+ else
+ free( _ca );
return rc;
}
cav->cav_ptr = bv.bv_val;
@@ -781,18 +1015,20 @@ parse_comp_filter( Operation* op, ComponentAssertionValue* cav,
break;
}
- if ( tag != LDAP_COMP_FILTER_NOT )
- strip_cav_str( cav, "}");
-
if ( err != LDAP_SUCCESS && err != SLAPD_DISCONNECT ) {
- *text = NULL;
- f.cf_choice = SLAPD_FILTER_COMPUTED;
- f.cf_result = SLAPD_COMPARE_UNDEFINED;
- err = LDAP_SUCCESS;
+ *text = "Component Filter Syntax Error";
+ return err;
}
+ if ( tag != LDAP_COMP_FILTER_NOT )
+ strip_cav_str( cav, "}");
+
if ( err == LDAP_SUCCESS ) {
- *filt = op->o_tmpalloc( sizeof(f), op->o_tmpmemctx );
+ if ( op ) {
+ *filt = op->o_tmpalloc( sizeof(f), op->o_tmpmemctx );
+ } else {
+ *filt = malloc( sizeof(f) );
+ }
**filt = f;
}
@@ -901,50 +1137,33 @@ test_comp_filter_item(
}
if ( a->a_comp_data->cd_tree == NULL ) {
+ nibble_mem_free( a->a_comp_data->cd_mem_op );
free ( a->a_comp_data );
+ a->a_comp_data = NULL;
return LDAP_PROTOCOL_ERROR;
}
/* Memory for storing will-be-extracted attribute values */
- attr_nm = nibble_mem_allocator ( 256, 64 );
+ attr_nm = nibble_mem_allocator ( 1024*4 , 1024 );
if ( !attr_nm )return LDAP_PROTOCOL_ERROR;
- /* component reference initialization */
- ca->ca_comp_ref->cr_curr = ca->ca_comp_ref->cr_list;
- /* load component containg the referenced component */
- csi_attr = (((ComponentSyntaxInfo*)a->a_comp_data->cd_tree)->csi_comp_desc->cd_extract_i)( attr_nm, ca->ca_comp_ref, a->a_comp_data->cd_tree );
- if ( !csi_attr )
- return LDAP_PROTOCOL_ERROR;
/* Memory for storing component assertion values */
if( !ca->ca_comp_data.cd_mem_op ) {
assert_nm = nibble_mem_allocator ( 256, 64 );
- if ( !assert_nm )
+ if ( !assert_nm ) {
+ nibble_mem_free ( attr_nm );
return LDAP_PROTOCOL_ERROR;
+ }
ca->ca_comp_data.cd_mem_op = assert_nm;
}
else {
assert_nm = ca->ca_comp_data.cd_mem_op;
}
- /* perform matching */
- if ( ca->ca_comp_ref->cr_curr->ci_type == LDAP_COMPREF_ALL ) {
- /*
- * If <all> type component referenced is used
- * more than one component will be tested
- */
- if ( test_all_components )
- rc = test_all_components ( assert_nm, csi_attr, ca );
- else
- rc = LDAP_PROTOCOL_ERROR;
- } else {
- /*
- * Exactly one component is referenced
- * Fast Path for matching for this case
- */
- if ( test_one_component )
- rc = test_one_component ( assert_nm, csi_attr, ca );
- else
- rc = LDAP_PROTOCOL_ERROR;
- }
+
+ /* component reference initialization */
+ ca->ca_comp_ref->cr_curr = ca->ca_comp_ref->cr_list;
+ rc = test_components( attr_nm, assert_nm, (ComponentSyntaxInfo*)a->a_comp_data->cd_tree, ca );
+
/* free memory used for storing extracted attribute value */
nibble_mem_free ( attr_nm );
return rc;
@@ -1010,10 +1229,11 @@ free_comp_filter( ComponentFilter* f )
switch ( f->cf_choice ) {
case LDAP_COMP_FILTER_AND:
case LDAP_COMP_FILTER_OR:
+ free_comp_filter_list( f->cf_any );
+ break;
case LDAP_COMP_FILTER_NOT:
free_comp_filter( f->cf_any );
break;
-
case LDAP_COMP_FILTER_ITEM:
if ( nibble_mem_free && f->cf_ca->ca_comp_data.cd_mem_op )
nibble_mem_free( f->cf_ca->ca_comp_data.cd_mem_op );
diff --git a/servers/slapd/component.h b/servers/slapd/component.h
index e7ce72e957..876e96b799 100644
--- a/servers/slapd/component.h
+++ b/servers/slapd/component.h
@@ -4,12 +4,12 @@
#include "portable.h"
#include <ac/string.h>
#include <ac/socket.h>
-#include "ldap_pvt.h"
+#include <ldap_pvt.h>
#include "lutil.h"
#include <ldap.h>
#include "slap.h"
-typedef enum {ASN_BASIC, ASN_COMPOSITE } AsnType;
+typedef enum { ASN_BASIC, ASN_COMPOSITE } AsnType;
/*
* Decoder Modes
* Different operation is required to handle Decoding(2), Extracted Component
@@ -34,5 +34,25 @@ typedef enum {ASN_BASIC, ASN_COMPOSITE } AsnType;
#define DEC_ALLOC_MODE_2 0x04
#define CALL_TAG_DECODER 0x08
#define CALL_CONTENT_DECODER ~0x08
+/*
+ * For Attribute Aliasing
+ */
+#define MAX_ALIASING_ENTRY 128
+typedef struct comp_attribute_aliasing {
+ AttributeDescription* aa_aliasing_ad;
+ AttributeDescription* aa_aliased_ad;
+ ComponentFilter* aa_cf;
+ MatchingRule* aa_mr;
+ char* aa_cf_str;
+} AttributeAliasing;
+
+typedef struct comp_matchingrule_aliasing {
+ MatchingRule* mra_aliasing_attr;
+ MatchingRule* mra_aliased_attr;
+ AttributeDescription* mra_attr;
+ ComponentFilter* mra_cf;
+ MatchingRule* mra_mr;
+ char* aa_cf_str;
+} MatchingRuleAliasing;
#endif
diff --git a/servers/slapd/mra.c b/servers/slapd/mra.c
index 688786e313..b518e72735 100644
--- a/servers/slapd/mra.c
+++ b/servers/slapd/mra.c
@@ -23,6 +23,10 @@
#include "slap.h"
+#ifdef LDAP_COMP_MATCH
+#include "component.h"
+#endif
+
void
mra_free(
Operation *op,
@@ -31,7 +35,7 @@ mra_free(
{
#ifdef LDAP_COMP_MATCH
/* free component assertion */
- if ( mra->ma_rule->smr_usage & SLAP_MR_COMPONENT ) {
+ if ( mra->ma_rule->smr_usage & SLAP_MR_COMPONENT && mra->ma_cf ) {
component_free( mra->ma_cf );
}
#endif
@@ -54,6 +58,9 @@ get_mra(
struct berval value = BER_BVNULL;
struct berval rule_text = BER_BVNULL;
MatchingRuleAssertion ma;
+#ifdef LDAP_COMP_MATCH
+ AttributeAliasing* aa = NULL;
+#endif
memset( &ma, 0, sizeof ma);
@@ -189,10 +196,13 @@ get_mra(
if( rc != LDAP_SUCCESS ) return rc;
#ifdef LDAP_COMP_MATCH
- /* Matching Rule for Component Matching */
- Debug( LDAP_DEBUG_FILTER, "matchingrule %s\n",
- ma.ma_rule->smr_mrule.mr_oid, 0, 0);
- if( ma.ma_rule && ma.ma_rule->smr_usage & SLAP_MR_COMPONENT ) {
+ /* Check If this attribute is aliased */
+ if ( is_aliased_attribute && ma.ma_desc && ( aa = is_aliased_attribute ( ma.ma_desc ) ) ) {
+ rc = get_aliased_filter ( op, &ma, aa, text );
+ if ( rc != LDAP_SUCCESS ) return rc;
+ }
+ else if ( ma.ma_rule && ma.ma_rule->smr_usage & SLAP_MR_COMPONENT ) {
+ /* Matching Rule for Component Matching */
rc = get_comp_filter( op, &ma.ma_value, &ma.ma_cf, text );
if ( rc != LDAP_SUCCESS ) return rc;
}
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index 60b9a488ae..1aeab3f09c 100644
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -375,6 +375,11 @@ LDAP_SLAPD_F (int) componentFilterValidate LDAP_P((
LDAP_SLAPD_F (int) allComponentsValidate LDAP_P((
Syntax *syntax,
struct berval* bv ));
+
+LDAP_SLAPD_V (test_membership_func*) is_aliased_attribute;
+
+LDAP_SLAPD_V (free_component_func*) component_destructor;
+
#endif
/*
diff --git a/servers/slapd/schema/test.schema b/servers/slapd/schema/test.schema
new file mode 100644
index 0000000000..0fca74166a
--- /dev/null
+++ b/servers/slapd/schema/test.schema
@@ -0,0 +1,33 @@
+# OpenLDAP Test schema
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2004 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+#
+
+# For testing purposes only.
+
+# For Attribute Aliasing.
+attributetype ( 1.3.6.1.4.1.4203.666.1.34 NAME 'x509CertificateIssuer'
+ EQUALITY distinguishedNameMatch
+ DESC 'Aliasing attribute: Issuer, use'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
+
+attributetype ( 1.3.6.1.4.1.4203.666.1.35 NAME 'x509CertificateSerial'
+ DESC 'Aliasing attribute: Serial, use'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+
+attributetype ( 1.3.6.1.4.1.4203.666.1.36 NAME 'x509CertificateSerialAndIssuer'
+ DESC 'Aliasing attribute: Serial and Issuer together, use'
+ EQUALITY certificateExactMatch
+ SYNTAX 1.2.826.0.1.3344810.7.1 )
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index 285a93ccc1..3527503339 100644
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -2803,10 +2803,14 @@ typedef void free_component_func LDAP_P ((
void* mem_op));
typedef int test_component_func LDAP_P ((
- void* mem_op,
+ void* attr_mem_op,
+ void* assert_mem_op,
struct slap_component_syntax_info* csi,
struct slap_component_assertion* ca));
+typedef void* test_membership_func LDAP_P ((
+ void* in ));
+
typedef int allcomponent_matching_func LDAP_P((
char* oid,
struct slap_component_syntax_info* comp1,
diff --git a/tests/data/compsearch.out b/tests/data/compsearch.out
index c9594a60e3..73ca370b68 100644
--- a/tests/data/compsearch.out
+++ b/tests/data/compsearch.out
@@ -304,3 +304,207 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
EkBJ/Q=
+dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: beta
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: charlie
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: beta
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: charlie
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: beta
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: charlie
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: beta
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: charlie
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: beta
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: charlie
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: beta
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
+dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
+objectClass: OpenLDAPperson
+objectClass: extensibleObject
+uid:: Y2hhcmxpZSA=
+cn: charlie
+sn: Jee
+userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
+ QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
+ 0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
+ NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
+ KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
+ zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
+ 0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
+ uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
+ dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
+ EkBJ/Q=
+
diff --git a/tests/data/slapd-component.conf b/tests/data/slapd-component.conf
index 7bd1e260e7..1d52888a2b 100644
--- a/tests/data/slapd-component.conf
+++ b/tests/data/slapd-component.conf
@@ -15,6 +15,7 @@
## <http://www.OpenLDAP.org/license.html>.
include ./schema/core.schema
+include ./schema/test.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema
include ./schema/openldap.schema
diff --git a/tests/scripts/test031-component-filter b/tests/scripts/test031-component-filter
index 97afbd67eb..3d16080fcd 100755
--- a/tests/scripts/test031-component-filter
+++ b/tests/scripts/test031-component-filter
@@ -212,7 +212,84 @@ if test $RC != 0 ; then
exit $RC
fi
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.extensions.\2a.extnValue.content.\282.5.29.35\29.authorityCertSerialNumber\", rule integerMatch, value 0 })"
+echo " f=$FILTER ..."
+echo "# f=$FILTER ..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ "$FILTER" >> $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.subject.rdnSequence.\2a\", rule rdnMatch, value \"c=US\" })"
+echo " f=$FILTER ..."
+echo "# f=$FILTER ..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ "$FILTER" >> $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.subject.rdnSequence.\2a.\2a.value.\282.5.4.6\29\", rule caseExactMatch, value \"US\" })"
+echo " f=$FILTER ..."
+echo "# f=$FILTER ..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ "$FILTER" >> $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+FILTER="(x509CertificateIssuer:distinguishedNameMatch:=c=US)"
+echo " f=$FILTER ..."
+echo "# f=$FILTER ..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ "$FILTER" >> $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+FILTER="(x509CertificateSerial:integerMatch:=0)"
+echo " f=$FILTER ..."
+echo "# f=$FILTER ..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ "$FILTER" >> $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+FILTER="(x509CertificateSerialAndIssuer:certificateExactMatch:=0\$c=US)"
+echo " f=$FILTER ..."
+echo "# f=$FILTER ..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ "$FILTER" >> $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
test $KILLSERVERS != no && kill -HUP $KILLPIDS
--
GitLab