ITS#6740 - Always enable rewrite

configure.in

@@ -268,7 +268,6 @@ OL_ARG_ENABLE(cleartext,[    --enable-cleartext	  enable cleartext passwords], y
 OL_ARG_ENABLE(crypt,[    --enable-crypt	  enable crypt(3) passwords], no)dnl
 OL_ARG_ENABLE(spasswd,[    --enable-spasswd	  enable (Cyrus) SASL password verification], no)dnl
 OL_ARG_ENABLE(modules,[    --enable-modules	  enable dynamic module support], no)dnl
-OL_ARG_ENABLE(rewrite,[    --enable-rewrite	  enable DN rewriting in back-ldap and rwm overlay], auto)dnl
 OL_ARG_ENABLE(rlookups,[    --enable-rlookups	  enable reverse lookups of client hostnames], no)dnl
 OL_ARG_ENABLE(slapi,[    --enable-slapi        enable SLAPI support (experimental)], no)dnl
 OL_ARG_ENABLE(slp,[    --enable-slp          enable SLPv2 support], no)dnl     
@@ -439,9 +438,6 @@ if test $ol_enable_slapd = no ; then
 	if test $ol_enable_aci != no ; then
 		AC_MSG_WARN([slapd disabled, ignoring --enable-aci argument])
 	fi
-	if test $ol_enable_rewrite = yes ; then
-		AC_MSG_WARN([slapd disabled, ignoring --enable-rewrite argument])
-	fi
 	dnl overlays
 	case "$ol_enable_overlays" in yes | mod)
 		AC_MSG_WARN([slapd disabled, ignoring --enable-overlays argument])
@@ -465,8 +461,6 @@ if test $ol_enable_slapd = no ; then
 	ol_enable_aci=no
 	ol_enable_wrappers=no
 
-	ol_enable_rewrite=no
-
 elif test $ol_enable_modules != yes &&
 	test $ol_enable_dnssrv = no &&
 	test $ol_enable_ldap = no &&
@@ -524,7 +518,6 @@ SLAPD_LIBS=
 
 BUILD_SLAPD=no
 
-BUILD_REWRITE=no
 BUILD_THREAD=no
 
 BUILD_SLAPI=no
@@ -2571,7 +2564,6 @@ fi
 if test "$ol_enable_meta" != no ; then
 	BUILD_SLAPD=yes
 	BUILD_META=$ol_enable_meta
-	BUILD_REWRITE=yes
 	if test "$ol_enable_meta" = mod ; then
 		SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-meta"
 		MFLAG=SLAPD_MOD_DYNAMIC
@@ -2585,7 +2577,6 @@ fi
 if test "$ol_enable_asyncmeta" != no ; then
 	BUILD_SLAPD=yes
 	BUILD_ASYNCMETA=$ol_enable_asyncmeta
-	BUILD_REWRITE=yes
 	if test "$ol_enable_asyncmeta" = mod ; then
 		SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-asyncmeta"
 		MFLAG=SLAPD_MOD_DYNAMIC
@@ -2889,7 +2880,6 @@ if test "$ol_enable_retcode" != no ; then
 fi
 
 if test "$ol_enable_rwm" != no ; then
-	BUILD_REWRITE=yes
 	BUILD_RWM=$ol_enable_rwm
 	if test "$ol_enable_rwm" = mod ; then
 		MFLAG=SLAPD_MOD_DYNAMIC
@@ -2973,11 +2963,6 @@ if test "$ol_enable_valsort" != no ; then
 	AC_DEFINE_UNQUOTED(SLAPD_OVER_VALSORT,$MFLAG,[define for Value Sorting overlay])
 fi
 
-if test "$ol_enable_rewrite" != no ; then
-	AC_DEFINE(ENABLE_REWRITE,1,[define to enable rewriting in back-ldap and back-meta])
-	BUILD_REWRITE=yes
-fi
-
 if test "$ol_enable_slapi" != no ; then
 	AC_DEFINE(ENABLE_SLAPI,1,[define to enable slapi library])
 	BUILD_SLAPI=yes
@@ -3004,7 +2989,6 @@ AC_SUBST(WITH_SASL)
 AC_SUBST(WITH_TLS)
 AC_SUBST(WITH_MODULES_ENABLED)
 AC_SUBST(WITH_ACI_ENABLED)
-AC_SUBST(BUILD_REWRITE)
 AC_SUBST(BUILD_THREAD)
 AC_SUBST(BUILD_LIBS_DYNAMIC)
 

servers/slapd/back-meta/back-meta.h

@@ -60,13 +60,7 @@ struct ldaprwmap {
 	/*
 	 * DN rewriting
 	 */
-#ifdef ENABLE_REWRITE
 	struct rewrite_info *rwm_rw;
-#else /* !ENABLE_REWRITE */
-	/* some time the suffix massaging without librewrite
-	 * will be disabled */
-	BerVarray rwm_suffix_massage;
-#endif /* !ENABLE_REWRITE */
 	BerVarray rwm_bva_rewrite;
 
 	/*
@@ -81,14 +75,9 @@ struct ldaprwmap {
 typedef struct dncookie {
 	struct metatarget_t	*target;
 
-#ifdef ENABLE_REWRITE
 	Connection		*conn;
 	char			*ctx;
 	SlapReply		*rs;
-#else
-	int			normalized;
-	int			tofrom;
-#endif
 } dncookie;
 
 int ldap_back_dn_massage(dncookie *dc, struct berval *dn,
@@ -133,14 +122,12 @@ ldap_back_filter_map_rewrite(
 	void		*memctx );
 
 /* suffix massaging by means of librewrite */
-#ifdef ENABLE_REWRITE
 extern int
 suffix_massage_config( struct rewrite_info *info,
 	struct berval *pvnc,
 	struct berval *nvnc,
 	struct berval *prnc,
 	struct berval *nrnc );
-#endif /* ENABLE_REWRITE */
 extern int
 ldap_back_referral_result_rewrite(
 	dncookie	*dc,

servers/slapd/back-meta/config.c

@@ -3200,7 +3200,6 @@ error_return:;
 }
 
 
-#ifdef ENABLE_REWRITE
 static char *
 suffix_massage_regexize( const char *s )
 {
@@ -3368,5 +3367,3 @@ suffix_massage_config(
 
 	return 0;
 }
-#endif /* ENABLE_REWRITE */
-

servers/slapd/back-meta/map.c

@@ -280,9 +280,7 @@ map_attr_value(
 	{
 		dncookie fdc = *dc;
 
-#ifdef ENABLE_REWRITE
 		fdc.ctx = "searchFilterAttrDN";
-#endif
 
 		switch ( ldap_back_dn_massage( &fdc, value, &vtmp ) ) {
 		case LDAP_SUCCESS:
@@ -684,7 +682,6 @@ ldap_back_filter_map_rewrite(
 
 	rc = ldap_back_int_filter_map_rewrite( dc, f, fstr, remap, memctx );
 
-#ifdef ENABLE_REWRITE
 	if ( rc != LDAP_SUCCESS ) {
 		return rc;
 	}
@@ -741,7 +738,6 @@ ldap_back_filter_map_rewrite(
 		ch_free( fstr->bv_val );
 		*fstr = ftmp;
 	}
-#endif /* ENABLE_REWRITE */
 
 	return rc;
 }

servers/slapd/back-meta/search.c

@@ -1289,12 +1289,7 @@ really_bad:;
 						continue;
 					}
 
-#ifdef ENABLE_REWRITE
 					dc.ctx = "referralDN";
-#else /* ! ENABLE_REWRITE */
-					dc.tofrom = 0;
-					dc.normalized = 0;
-#endif /* ! ENABLE_REWRITE */
 
 					/* FIXME: merge all and return at the end */
 	

servers/slapd/back-meta/suffixmassage.c

@@ -58,7 +58,6 @@
 #include "../back-ldap/back-ldap.h"
 #include "back-meta.h"
 
-#ifdef ENABLE_REWRITE
 int
 ldap_back_dn_massage(
 	dncookie	*dc,
@@ -109,85 +108,3 @@ ldap_back_dn_massage(
 
 	return rc;
 }
-
-#else
-/*
- * ldap_back_dn_massage
- * 
- * Aliases the suffix; based on suffix_alias (servers/slapd/suffixalias.c).
- */
-int
-ldap_back_dn_massage(
-	dncookie *dc,
-	struct berval *odn,
-	struct berval *res
-)
-{
-	int     i, src, dst;
-	struct berval pretty = {0,NULL}, *dn = odn;
-
-	assert( res != NULL );
-
-	if ( dn == NULL ) {
-		res->bv_val = NULL;
-		res->bv_len = 0;
-		return 0;
-	}
-	if ( dc->target->mt_rwmap.rwm_suffix_massage == NULL ) {
-		*res = *dn;
-		return 0;
-	}
-
-	if ( dc->tofrom ) {
-		src = 0 + dc->normalized;
-		dst = 2 + dc->normalized;
-	} else {
-		src = 2 + dc->normalized;
-		dst = 0 + dc->normalized;
-		/* DN from remote server may be in arbitrary form.
-		 * Pretty it so we can parse reliably.
-		 */
-		dnPretty( NULL, dn, &pretty, NULL );
-		if (pretty.bv_val) dn = &pretty;
-	}
-
-	for ( i = 0;
-		dc->target->mt_rwmap.rwm_suffix_massage[i].bv_val != NULL;
-		i += 4 ) {
-		int aliasLength = dc->target->mt_rwmap.rwm_suffix_massage[i+src].bv_len;
-		int diff = dn->bv_len - aliasLength;
-
-		if ( diff < 0 ) {
-			/* alias is longer than dn */
-			continue;
-		} else if ( diff > 0 && ( !DN_SEPARATOR(dn->bv_val[diff-1]))) {
-			/* boundary is not at a DN separator */
-			continue;
-			/* At a DN Separator */
-		}
-
-		if ( !strcmp( dc->target->mt_rwmap.rwm_suffix_massage[i+src].bv_val, &dn->bv_val[diff] ) ) {
-			res->bv_len = diff + dc->target->mt_rwmap.rwm_suffix_massage[i+dst].bv_len;
-			res->bv_val = ch_malloc( res->bv_len + 1 );
-			strncpy( res->bv_val, dn->bv_val, diff );
-			strcpy( &res->bv_val[diff], dc->target->mt_rwmap.rwm_suffix_massage[i+dst].bv_val );
-			Debug( LDAP_DEBUG_ARGS,
-				"ldap_back_dn_massage:"
-				" converted \"%s\" to \"%s\"\n",
-				BER_BVISNULL( dn ) ? "" : dn->bv_val,
-				BER_BVISNULL( res ) ? "" : res->bv_val );
-			break;
-		}
-	}
-	if (pretty.bv_val) {
-		ch_free(pretty.bv_val);
-		dn = odn;
-	}
-	/* Nothing matched, just return the original DN */
-	if (res->bv_val == NULL) {
-		*res = *dn;
-	}
-
-	return 0;
-}
-#endif /* !ENABLE_REWRITE */

servers/slapd/bconfig.c

@@ -331,11 +331,7 @@ static ConfigTable config_back_cf_table[] = {
 			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
 				NULL, NULL },
 	{ "authid-rewrite", "rewrite", 2, 0, STRLENOF( "authid-rewrite" ),
-#ifdef SLAP_AUTH_REWRITE
 		ARG_MAGIC|CFG_REWRITE, &config_generic,
-#else
-		ARG_IGNORED, NULL,
-#endif
 		 "( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' "
 			"EQUALITY caseIgnoreMatch "
 			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
@@ -1396,11 +1392,9 @@ config_generic(ConfigArgs *c) {
 			if ( !c->rvalue_vals ) rc = 1;
 			break;
 #endif
-#ifdef SLAP_AUTH_REWRITE
 		case CFG_REWRITE:
 			rc = slap_sasl_rewrite_unparse( &c->rvalue_vals );
 			break;
-#endif
 		default:
 			rc = 1;
 		}
@@ -1473,11 +1467,9 @@ config_generic(ConfigArgs *c) {
 			rc = slap_sasl_regexp_delete( c->valx );
 			break;
 
-#ifdef SLAP_AUTH_REWRITE
 		case CFG_REWRITE:
 			rc = slap_sasl_rewrite_delete( c->valx );
 			break;
-#endif /* SLAP_AUTH_REWRITE */
 
 		case CFG_SALT:
 			ch_free( passwd_salt );
@@ -2426,7 +2418,6 @@ sortval_reject:
 			break;
 #endif
 
-#ifdef SLAP_AUTH_REWRITE
 		case CFG_REWRITE: {
 			int rc;
 
@@ -2441,7 +2432,6 @@ sortval_reject:
 			}
 			return rc;
 			}
-#endif
 
 
 		default:

servers/slapd/overlays/rwm.h

@@ -24,10 +24,6 @@
 #ifndef RWM_H
 #define RWM_H
 
-#ifndef ENABLE_REWRITE
-#error "librewrite must be enabled!"
-#endif /* ENABLE_REWRITE */
-
 /* String rewrite library */
 #include "rewrite.h"
 

servers/slapd/proto-slap.h

@@ -1719,7 +1719,6 @@ LDAP_SLAPD_F (int) slap_sasl_regexp_config LDAP_P((
 LDAP_SLAPD_F (void) slap_sasl_regexp_unparse LDAP_P(( BerVarray *bva ));
 LDAP_SLAPD_F (int) slap_sasl_setpolicy LDAP_P(( const char * ));
 LDAP_SLAPD_F (const char *) slap_sasl_getpolicy LDAP_P(( void ));
-#ifdef SLAP_AUTH_REWRITE
 LDAP_SLAPD_F (int) slap_sasl_rewrite_config LDAP_P(( 
 	const char *fname,
 	int lineno,
@@ -1728,7 +1727,6 @@ LDAP_SLAPD_F (int) slap_sasl_rewrite_config LDAP_P((
 	int valx ));
 LDAP_SLAPD_F (int) slap_sasl_rewrite_delete LDAP_P(( int valx ));
 LDAP_SLAPD_F (int) slap_sasl_rewrite_unparse LDAP_P(( BerVarray *bva ));
-#endif /* SLAP_AUTH_REWRITE */
 LDAP_SLAPD_F (void) slap_sasl_regexp_destroy LDAP_P(( void ));
 LDAP_SLAPD_F (int) slap_sasl_regexp_delete LDAP_P(( int valx ));
 LDAP_SLAPD_F (int) authzValidate LDAP_P((

servers/slapd/sasl.c

@@ -28,9 +28,7 @@
 
 #include "slap.h"
 
-#ifdef ENABLE_REWRITE
 #include <rewrite.h>
-#endif
 
 #ifdef HAVE_CYRUS_SASL
 # ifdef HAVE_SASL_SASL_H
@@ -1012,8 +1010,6 @@ static int chk_sasl(
 
 #endif /* HAVE_CYRUS_SASL */
 
-#ifdef ENABLE_REWRITE
-
 typedef struct slapd_map_data {
 	struct berval base;
 	struct berval filter;
@@ -1234,7 +1230,6 @@ static const rewrite_mapper slapd_mapper = {
 	slapd_rw_apply,
 	slapd_rw_destroy
 };
-#endif
 
 int slap_sasl_init( void )
 {
@@ -1247,9 +1242,7 @@ int slap_sasl_init( void )
 	};
 #endif
 
-#ifdef ENABLE_REWRITE
 	rewrite_mapper_register( &slapd_mapper );
-#endif
 
 #ifdef HAVE_CYRUS_SASL
 #ifdef HAVE_SASL_VERSION

servers/slapd/saslauthz.c

@@ -70,21 +70,15 @@
 typedef struct sasl_regexp {
   char *sr_match;						/* regexp match pattern */
   char *sr_replace;					/* regexp replace pattern */
-#ifndef SLAP_AUTH_REWRITE
-  regex_t sr_workspace;					/* workspace for regexp engine */
-  int sr_offset[SASLREGEX_REPLACE+2];	/* offsets of $1,$2... in *replace */
-#endif
 } SaslRegexp_t;
 
 static int nSaslRegexp = 0;
 static SaslRegexp_t *SaslRegexp = NULL;
 
-#ifdef SLAP_AUTH_REWRITE
 #include "rewrite.h"
 struct rewrite_info	*sasl_rwinfo = NULL;
 #define AUTHID_CONTEXT	"authid"
 static BerVarray	authz_rewrites = NULL;
-#endif /* SLAP_AUTH_REWRITE */
 
 /* What SASL proxy authorization policies are allowed? */
 #define	SASL_AUTHZ_NONE	0x00
@@ -1246,43 +1240,6 @@ done:
 	return( rc );
 }
 
-#ifndef SLAP_AUTH_REWRITE
-static int slap_sasl_rx_off(char *rep, int *off)
-{
-	const char *c;
-	int n;
-
-	/* Precompile replace pattern. Find the $<n> placeholders */
-	off[0] = -2;
-	n = 1;
-	for ( c = rep;	 *c;  c++ ) {
-		if ( *c == '\\' && c[1] ) {
-			c++;
-			continue;
-		}
-		if ( *c == '$' ) {
-			if ( n == SASLREGEX_REPLACE ) {
-				Debug( LDAP_DEBUG_ANY,
-					"SASL replace pattern %s has too many $n "
-						"placeholders (max %d)\n",
-					rep, SASLREGEX_REPLACE );
-
-				return( LDAP_OTHER );
-			}
-			off[n] = c - rep;
-			n++;
-		}
-	}
-
-	/* Final placeholder, after the last $n */
-	off[n] = c - rep;
-	n++;
-	off[n] = -1;
-	return( LDAP_SUCCESS );
-}
-#endif /* ! SLAP_AUTH_REWRITE */
-
-#ifdef SLAP_AUTH_REWRITE
 static int slap_sasl_rewrite_config_argv(
 		const char	*fname,
 		int		lineno,
@@ -1530,7 +1487,6 @@ out:
 
 	return rc;
 }
-#endif /* SLAP_AUTH_REWRITE */
 
 int slap_sasl_regexp_config( const char *match, const char *replace, int valx )
 {
@@ -1541,7 +1497,6 @@ int slap_sasl_regexp_config( const char *match, const char *replace, int valx )
 	if ( valx < 0 || valx > nSaslRegexp )
 		valx = nSaslRegexp;
 
-#ifdef SLAP_AUTH_REWRITE
 	for ( i = 0; i < valx; i++) {
 		rc = slap_sasl_regexp_rewrite_config( &rw, "sasl-regexp", 0,
 				SaslRegexp[i].sr_match,
@@ -1552,18 +1507,6 @@ int slap_sasl_regexp_config( const char *match, const char *replace, int valx )
 
 	rc = slap_sasl_regexp_rewrite_config( &rw, "sasl-regexp", 0,
 			match, replace, AUTHID_CONTEXT );
-#else /* ! SLAP_AUTH_REWRITE */
-	/* Precompile matching pattern */
-	rc = regcomp( &sr.sr_workspace, match, REG_EXTENDED|REG_ICASE );
-	if ( rc ) {
-		Debug( LDAP_DEBUG_ANY,
-			"SASL match pattern %s could not be compiled by regexp engine\n",
-			match );
-		return( LDAP_OTHER );
-	}
-
-	rc = slap_sasl_rx_off( replace, sr.sr_offset );
-#endif /* ! SLAP_AUTH_REWRITE */
 
 	if ( rc == LDAP_SUCCESS ) {
 		SaslRegexp = (SaslRegexp_t *) ch_realloc( (char *) SaslRegexp,
@@ -1579,7 +1522,6 @@ int slap_sasl_regexp_config( const char *match, const char *replace, int valx )
 
 		nSaslRegexp++;
 
-#ifdef SLAP_AUTH_REWRITE
 		for ( i = valx + 1; i < nSaslRegexp; i++ ) {
 			rc = slap_sasl_regexp_rewrite_config( &rw, "sasl-regexp", 0,
 					SaslRegexp[i].sr_match,
@@ -1592,7 +1534,6 @@ int slap_sasl_regexp_config( const char *match, const char *replace, int valx )
 		sasl_rwinfo = rw;
 	} else {
 		rewrite_info_delete( &rw );
-#endif
 	}
 
 	return rc;
@@ -1603,9 +1544,6 @@ slap_sasl_regexp_destroy_one( int n )
 {
 	ch_free( SaslRegexp[ n ].sr_match );
 	ch_free( SaslRegexp[ n ].sr_replace );
-#ifndef SLAP_AUTH_REWRITE
-	regfree( &SaslRegexp[ n ].sr_workspace );
-#endif /* ! SLAP_AUTH_REWRITE */
 }
 
 void
@@ -1623,9 +1561,7 @@ slap_sasl_regexp_destroy( void )
 		nSaslRegexp = 0;
 	}
 
-#ifdef SLAP_AUTH_REWRITE
 	slap_sasl_rewrite_destroy();
-#endif /* SLAP_AUTH_REWRITE */
 }
 
 int slap_sasl_regexp_delete( int valx )
@@ -1646,7 +1582,6 @@ int slap_sasl_regexp_delete( int valx )
 			SaslRegexp[ i ] = SaslRegexp[ i + 1 ];
 		}
 
-#ifdef SLAP_AUTH_REWRITE
 		slap_sasl_rewrite_destroy();
 		for ( i = 0; i < nSaslRegexp; i++ ) {
 			rc = slap_sasl_regexp_rewrite_config( &sasl_rwinfo, "sasl-regexp", 0,
@@ -1655,7 +1590,6 @@ int slap_sasl_regexp_delete( int valx )
 					AUTHID_CONTEXT );
 			assert( rc == 0 );
 		}
-#endif /* SLAP_AUTH_REWRITE */
 	}
 
 	return rc;
@@ -1689,60 +1623,6 @@ void slap_sasl_regexp_unparse( BerVarray *out )
 	*out = bva;
 }
 
-#ifndef SLAP_AUTH_REWRITE
-/* Perform replacement on regexp matches */
-static void slap_sasl_rx_exp(
-	const char *rep,
-	const int *off,
-	regmatch_t *str,
-	const char *saslname,
-	struct berval *out,
-	void *ctx )
-{
-	int i, n, len, insert;
-
-	/* Get the total length of the final URI */
-
-	n=1;
-	len = 0;
-	while( off[n] >= 0 ) {
-		/* Len of next section from replacement string (x,y,z above) */
-		len += off[n] - off[n-1] - 2;
-		if( off[n+1] < 0)
-			break;
-
-		/* Len of string from saslname that matched next $i  (b,d above) */
-		i = rep[ off[n] + 1 ]	- '0';
-		len += str[i].rm_eo - str[i].rm_so;
-		n++;
-	}
-	out->bv_val = slap_sl_malloc( len + 1, ctx );
-	out->bv_len = len;
-
-	/* Fill in URI with replace string, replacing $i as we go */
-	n=1;
-	insert = 0;
-	while( off[n] >= 0) {
-		/* Paste in next section from replacement string (x,y,z above) */
-		len = off[n] - off[n-1] - 2;
-		strncpy( out->bv_val+insert, rep + off[n-1] + 2, len);
-		insert += len;
-		if( off[n+1] < 0)
-			break;
-
-		/* Paste in string from saslname that matched next $i  (b,d above) */
-		i = rep[ off[n] + 1 ]	- '0';
-		len = str[i].rm_eo - str[i].rm_so;
-		strncpy( out->bv_val+insert, saslname + str[i].rm_so, len );
-		insert += len;
-
-		n++;
-	}
-
-	out->bv_val[insert] = '\0';
-}
-#endif /* ! SLAP_AUTH_REWRITE */
-
 /* Take the passed in SASL name and attempt to convert it into an
    LDAP URI to find the matching LDAP entry, using the pattern matching
    strings given in the saslregexp config file directive(s) */
@@ -1750,7 +1630,6 @@ static void slap_sasl_rx_exp(
 static int slap_authz_regexp( struct berval *in, struct berval *out,
 		int flags, void *ctx )
 {
-#ifdef SLAP_AUTH_REWRITE
 	const char	*context = AUTHID_CONTEXT;
 
 	if ( sasl_rwinfo == NULL || BER_BVISNULL( in ) ) {
@@ -1783,44 +1662,6 @@ static int slap_authz_regexp( struct berval *in, struct berval *out,
 		return 0;
 	}
 
-#else /* ! SLAP_AUTH_REWRITE */
-	char *saslname = in->bv_val;
-	SaslRegexp_t *reg;
-	regmatch_t sr_strings[SASLREGEX_REPLACE];	/* strings matching $1,$2 ... */
-	int i;
-
-	memset( out, 0, sizeof( *out ) );
-
-	Debug( LDAP_DEBUG_TRACE, "slap_authz_regexp: converting SASL name %s\n",
-	   saslname );
-
-	if (( saslname == NULL ) || ( nSaslRegexp == 0 )) {
-		return( 0 );
-	}
-
-	/* Match the normalized SASL name to the saslregexp patterns */
-	for( reg = SaslRegexp,i=0;  i<nSaslRegexp;  i++,reg++ ) {
-		if ( regexec( &reg->sr_workspace, saslname, SASLREGEX_REPLACE,
-		  sr_strings, 0)  == 0 )
-			break;
-	}
-
-	if( i >= nSaslRegexp ) return( 0 );
-
-	/*
-	 * The match pattern may have been of the form "a(b.*)c(d.*)e" and the
-	 * replace pattern of the form "x$1y$2z". The returned string needs
-	 * to replace the $1,$2 with the strings that matched (b.*) and (d.*)
-	 */