schema_init.c 110 KB
Newer Older
1
2
3
/* schema_init.c - init builtin schema */
/* $OpenLDAP$ */
/*
Kurt Zeilenga's avatar
Kurt Zeilenga committed
4
 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
5
6
7
8
9
10
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 */

#include "portable.h"

#include <stdio.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
11
#include <limits.h>
12
13

#include <ac/ctype.h>
14
#include <ac/errno.h>
15
16
17
18
19
#include <ac/string.h>
#include <ac/socket.h>

#include "slap.h"
#include "ldap_pvt.h"
Pierangelo Masarati's avatar
Pierangelo Masarati committed
20
#include "lber_pvt.h"
21

22
23
#include "ldap_utf8.h"

24
25
26
27
28
29
#include "lutil_hash.h"
#define HASH_BYTES				LUTIL_HASH_BYTES
#define HASH_CONTEXT			lutil_HASH_CTX
#define HASH_Init(c)			lutil_HASHInit(c)
#define HASH_Update(c,buf,len)	lutil_HASHUpdate(c,buf,len)
#define HASH_Final(d,c)			lutil_HASHFinal(d,c)
30

31
/* recycled validatation routines */
32
#define berValidate						blobValidate
33
34

/* unimplemented pretters */
35
#define integerPretty					NULL
36
37

/* recycled matching routines */
38
#define bitStringMatch					octetStringMatch
39
#define numericStringMatch				caseIgnoreIA5Match
40
#define objectIdentifierMatch			octetStringMatch
41
#define telephoneNumberMatch			caseIgnoreIA5Match
42
#define telephoneNumberSubstringsMatch	caseIgnoreIA5SubstringsMatch
43
44
#define generalizedTimeMatch			caseIgnoreIA5Match
#define generalizedTimeOrderingMatch	caseIgnoreIA5Match
45
#define uniqueMemberMatch				dnMatch
46
#define integerFirstComponentMatch		integerMatch
47

48
49
/* approx matching rules */
#define directoryStringApproxMatchOID	"1.3.6.1.4.1.4203.666.4.4"
Gary Williams's avatar
Gary Williams committed
50
51
52
#define directoryStringApproxMatch	approxMatch
#define directoryStringApproxIndexer	approxIndexer
#define directoryStringApproxFilter	approxFilter
53
#define IA5StringApproxMatchOID			"1.3.6.1.4.1.4203.666.4.5"
Gary Williams's avatar
Gary Williams committed
54
#define IA5StringApproxMatch			approxMatch
55
#define IA5StringApproxIndexer			approxIndexer
Gary Williams's avatar
Gary Williams committed
56
#define IA5StringApproxFilter			approxFilter
57

58
/* ordering matching rules */
59
60
#define caseIgnoreOrderingMatch			caseIgnoreMatch
#define caseExactOrderingMatch			caseExactMatch
61
#define integerOrderingMatch			integerMatch
62

63
/* unimplemented matching routines */
64
65
66
67
#define caseIgnoreListMatch				NULL
#define caseIgnoreListSubstringsMatch	NULL
#define protocolInformationMatch		NULL

Kurt Zeilenga's avatar
Kurt Zeilenga committed
68
#ifdef SLAPD_ACI_ENABLED
69
#define OpenLDAPaciMatch				NULL
Kurt Zeilenga's avatar
Kurt Zeilenga committed
70
71
#endif
#ifdef SLAPD_AUTHPASSWD
72
#define authPasswordMatch				NULL
Kurt Zeilenga's avatar
Kurt Zeilenga committed
73
#endif
74
75

/* recycled indexing/filtering routines */
76
77
#define dnIndexer				caseExactIgnoreIndexer
#define dnFilter				caseExactIgnoreFilter
78
79
#define bitStringFilter			octetStringFilter
#define bitStringIndexer		octetStringIndexer
80

81
82
83
84
85
#define telephoneNumberIndexer			caseIgnoreIA5Indexer
#define telephoneNumberFilter			caseIgnoreIA5Filter
#define telephoneNumberSubstringsIndexer	caseIgnoreIA5SubstringsIndexer
#define telephoneNumberSubstringsFilter		caseIgnoreIA5SubstringsFilter

86
87
88
89
90
91
92
93
94
95
96
97
98
99
static MatchingRule *caseExactMatchingRule;
static MatchingRule *caseExactSubstringsMatchingRule;
static MatchingRule *integerFirstComponentMatchingRule;

static const struct MatchingRulePtr {
	const char   *oid;
	MatchingRule **mr;
} mr_ptr [] = {
	/* must match OIDs below */
	{ "2.5.13.5",  &caseExactMatchingRule },
	{ "2.5.13.7",  &caseExactSubstringsMatchingRule },
	{ "2.5.13.29", &integerFirstComponentMatchingRule }
};

100

101
static char *bvcasechr( struct berval *bv, unsigned char c, ber_len_t *len )
102
{
103
	ber_len_t i;
104
105
	char lower = TOLOWER( c );
	char upper = TOUPPER( c );
106
107

	if( c == 0 ) return NULL;
108
109
110
111
112
113
	
	for( i=0; i < bv->bv_len; i++ ) {
		if( upper == bv->bv_val[i] || lower == bv->bv_val[i] ) {
			*len = i;
			return &bv->bv_val[i];
		}
114
	}
115
116

	return NULL;
117
}
118

119
120
121
static int
octetStringMatch(
	int *matchp,
122
	slap_mask_t flags,
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *value,
	void *assertedValue )
{
	int match = value->bv_len - ((struct berval *) assertedValue)->bv_len;

	if( match == 0 ) {
		match = memcmp( value->bv_val,
			((struct berval *) assertedValue)->bv_val,
			value->bv_len );
	}

	*matchp = match;
	return LDAP_SUCCESS;
}

140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
static int
octetStringOrderingMatch(
	int *matchp,
	slap_mask_t flags,
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *value,
	void *assertedValue )
{
	ber_len_t v_len  = value->bv_len;
	ber_len_t av_len = ((struct berval *) assertedValue)->bv_len;
	int match = memcmp( value->bv_val,
		((struct berval *) assertedValue)->bv_val,
		(v_len < av_len ? v_len : av_len) );
	if( match == 0 )
		match = v_len - av_len;
	*matchp = match;
	return LDAP_SUCCESS;
}

160
/* Index generation function */
161
int octetStringIndexer(
162
163
	slap_mask_t use,
	slap_mask_t flags,
164
165
166
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *prefix,
167
168
	BerVarray values,
	BerVarray *keysp )
169
170
171
{
	int i;
	size_t slen, mlen;
172
	BerVarray keys;
173
	HASH_CONTEXT   HASHcontext;
Gary Williams's avatar
Gary Williams committed
174
	unsigned char	HASHdigest[HASH_BYTES];
175
	struct berval digest;
176
177
	digest.bv_val = HASHdigest;
	digest.bv_len = sizeof(HASHdigest);
178

179
	for( i=0; values[i].bv_val != NULL; i++ ) {
180
181
182
		/* just count them */
	}

Kurt Zeilenga's avatar
Kurt Zeilenga committed
183
184
185
	/* we should have at least one value at this point */
	assert( i > 0 );

186
	keys = ch_malloc( sizeof( struct berval ) * (i+1) );
187

188
189
	slen = syntax->ssyn_oidlen;
	mlen = mr->smr_oidlen;
190

191
	for( i=0; values[i].bv_val != NULL; i++ ) {
192
		HASH_Init( &HASHcontext );
193
		if( prefix != NULL && prefix->bv_len > 0 ) {
194
			HASH_Update( &HASHcontext,
195
196
				prefix->bv_val, prefix->bv_len );
		}
197
		HASH_Update( &HASHcontext,
198
			syntax->ssyn_oid, slen );
199
		HASH_Update( &HASHcontext,
200
			mr->smr_oid, mlen );
201
		HASH_Update( &HASHcontext,
202
			values[i].bv_val, values[i].bv_len );
203
		HASH_Final( HASHdigest, &HASHcontext );
204

205
		ber_dupbv( &keys[i], &digest );
206
207
	}

208
	keys[i].bv_val = NULL;
209
	keys[i].bv_len = 0;
210
211
212
213
214
215
216

	*keysp = keys;

	return LDAP_SUCCESS;
}

/* Index generation function */
217
int octetStringFilter(
218
219
	slap_mask_t use,
	slap_mask_t flags,
220
221
222
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *prefix,
223
	void * assertedValue,
224
	BerVarray *keysp )
225
226
{
	size_t slen, mlen;
227
	BerVarray keys;
228
	HASH_CONTEXT   HASHcontext;
Gary Williams's avatar
Gary Williams committed
229
	unsigned char	HASHdigest[HASH_BYTES];
230
	struct berval *value = (struct berval *) assertedValue;
231
	struct berval digest;
232
233
	digest.bv_val = HASHdigest;
	digest.bv_len = sizeof(HASHdigest);
234

235
236
	slen = syntax->ssyn_oidlen;
	mlen = mr->smr_oidlen;
237

238
	keys = ch_malloc( sizeof( struct berval ) * 2 );
239

240
	HASH_Init( &HASHcontext );
241
	if( prefix != NULL && prefix->bv_len > 0 ) {
242
		HASH_Update( &HASHcontext,
243
244
			prefix->bv_val, prefix->bv_len );
	}
245
	HASH_Update( &HASHcontext,
246
		syntax->ssyn_oid, slen );
247
	HASH_Update( &HASHcontext,
248
		mr->smr_oid, mlen );
249
	HASH_Update( &HASHcontext,
250
		value->bv_val, value->bv_len );
251
	HASH_Final( HASHdigest, &HASHcontext );
252

253
254
	ber_dupbv( keys, &digest );
	keys[1].bv_val = NULL;
255
	keys[1].bv_len = 0;
256
257
258
259
260

	*keysp = keys;

	return LDAP_SUCCESS;
}
261

262
263
264
265
266
static int
inValidate(
	Syntax *syntax,
	struct berval *in )
{
Kurt Zeilenga's avatar
Kurt Zeilenga committed
267
268
	/* no value allowed */
	return LDAP_INVALID_SYNTAX;
269
270
}

271
static int
272
blobValidate(
273
274
275
276
	Syntax *syntax,
	struct berval *in )
{
	/* any value allowed */
277
	return LDAP_SUCCESS;
278
279
}

280
281
282
283
284
285
286
287
288
289
290
291
292
static int
bitStringValidate(
	Syntax *syntax,
	struct berval *in )
{
	ber_len_t i;

	/* very unforgiving validation, requires no normalization
	 * before simplistic matching
	 */
	if( in->bv_len < 3 ) {
		return LDAP_INVALID_SYNTAX;
	}
293

294
295
296
297
298
299
300
301
302
303
	/*
	 * rfc 2252 section 6.3 Bit String
	 * bitstring = "'" *binary-digit "'"
	 * binary-digit = "0" / "1"
	 * example: '0101111101'B
	 */
	
	if( in->bv_val[0] != '\'' ||
		in->bv_val[in->bv_len-2] != '\'' ||
		in->bv_val[in->bv_len-1] != 'B' )
304
305
306
307
	{
		return LDAP_INVALID_SYNTAX;
	}

308
	for( i=in->bv_len-3; i>0; i-- ) {
309
310
311
312
313
314
315
316
		if( in->bv_val[i] != '0' && in->bv_val[i] != '1' ) {
			return LDAP_INVALID_SYNTAX;
		}
	}

	return LDAP_SUCCESS;
}

317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
static int
nameUIDValidate(
	Syntax *syntax,
	struct berval *in )
{
	int rc;
	struct berval dn;

	if( in->bv_len == 0 ) return LDAP_SUCCESS;

	ber_dupbv( &dn, in );
	if( !dn.bv_val ) return LDAP_OTHER;

	if( dn.bv_val[dn.bv_len-1] == 'B'
		&& dn.bv_val[dn.bv_len-2] == '\'' )
	{
		/* assume presence of optional UID */
		ber_len_t i;

		for(i=dn.bv_len-3; i>1; i--) {
			if( dn.bv_val[i] != '0' &&	dn.bv_val[i] != '1' ) {
				break;
			}
		}
		if( dn.bv_val[i] != '\'' || dn.bv_val[i-1] != '#' ) {
			ber_memfree( dn.bv_val );
			return LDAP_INVALID_SYNTAX;
		}

		/* trim the UID to allow use of dnValidate */
		dn.bv_val[i-1] = '\0';
		dn.bv_len = i-1;
	}

	rc = dnValidate( NULL, &dn );

	ber_memfree( dn.bv_val );
	return rc;
}

static int
nameUIDNormalize(
	Syntax *syntax,
	struct berval *val,
	struct berval *normalized )
{
	struct berval out;
	int rc;

	ber_dupbv( &out, val );
	if( out.bv_len != 0 ) {
368
		struct berval uid = { 0, NULL };
369
370
371
372
373

		if( out.bv_val[out.bv_len-1] == 'B'
			&& out.bv_val[out.bv_len-2] == '\'' )
		{
			/* assume presence of optional UID */
374
			uid.bv_val = strrchr( out.bv_val, '#' );
375

376
			if( uid.bv_val == NULL ) {
377
378
379
380
				free( out.bv_val );
				return LDAP_INVALID_SYNTAX;
			}

381
382
			uid.bv_len = out.bv_len - (uid.bv_val - out.bv_val);
			out.bv_len -= uid.bv_len--;
383
384

			/* temporarily trim the UID */
385
			*(uid.bv_val++) = '\0';
386
387
388
389
390
391
392
393
394
		}

		rc = dnNormalize2( NULL, &out, normalized );

		if( rc != LDAP_SUCCESS ) {
			free( out.bv_val );
			return LDAP_INVALID_SYNTAX;
		}

395
		if( uid.bv_len ) {
396
			normalized->bv_val = ch_realloc( normalized->bv_val,
397
				normalized->bv_len + uid.bv_len + sizeof("#") );
398
399
400
401
402
403

			/* insert the separator */
			normalized->bv_val[normalized->bv_len++] = '#';

			/* append the UID */
			AC_MEMCPY( &normalized->bv_val[normalized->bv_len],
404
405
				uid.bv_val, uid.bv_len );
			normalized->bv_len += uid.bv_len;
406
407
408
409
410
411
412
413
414
415
416

			/* terminate */
			normalized->bv_val[normalized->bv_len] = '\0';
		}

		free( out.bv_val );
	}

	return LDAP_SUCCESS;
}

417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
/*
 * Handling boolean syntax and matching is quite rigid.
 * A more flexible approach would be to allow a variety
 * of strings to be normalized and prettied into TRUE
 * and FALSE.
 */
static int
booleanValidate(
	Syntax *syntax,
	struct berval *in )
{
	/* very unforgiving validation, requires no normalization
	 * before simplistic matching
	 */

	if( in->bv_len == 4 ) {
		if( !memcmp( in->bv_val, "TRUE", 4 ) ) {
			return LDAP_SUCCESS;
		}
	} else if( in->bv_len == 5 ) {
		if( !memcmp( in->bv_val, "FALSE", 5 ) ) {
			return LDAP_SUCCESS;
		}
	}

	return LDAP_INVALID_SYNTAX;
}

static int
booleanMatch(
	int *matchp,
448
	slap_mask_t flags,
449
450
451
452
453
454
455
456
457
458
459
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *value,
	void *assertedValue )
{
	/* simplistic matching allowed by rigid validation */
	struct berval *asserted = (struct berval *) assertedValue;
	*matchp = value->bv_len != asserted->bv_len;
	return LDAP_SUCCESS;
}

460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
/*-------------------------------------------------------------------
LDAP/X.500 string syntax / matching rules have a few oddities.  This
comment attempts to detail how slapd(8) treats them.

Summary:
  StringSyntax		X.500	LDAP	Matching
  DirectoryString	CHOICE	UTF8	i/e + ignore insignificant spaces
  PrintableString	subset	subset	i/e + ignore insignificant spaces
  NumericString		subset	subset  ignore all spaces
  IA5String			ASCII	ASCII	i/e + ignore insignificant spaces
  TeletexString		T.61	T.61	i/e + ignore insignificant spaces

  TelephoneNumber subset  subset  i + ignore all spaces and "-"

  See draft-ietf-ldapbis-strpro for details (once published).


Directory String -
  In X.500(93), a directory string can be either a PrintableString,
  a bmpString, or a UniversalString (e.g., UCS (a subset of Unicode)).
  In later versions, more CHOICEs were added.  In all cases the string
  must be non-empty.

483
  In LDAPv3, a directory string is a UTF-8 encoded UCS string.
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529

  For matching, there are both case ignore and exact rules.  Both
  also require that "insignificant" spaces be ignored.
	spaces before the first non-space are ignored;
	spaces after the last non-space are ignored;
	spaces after a space are ignored.
  Note: by these rules (and as clarified in X.520), a string of only
  spaces is to be treated as if held one space, not empty (which
  would be a syntax error).

NumericString
  In ASN.1, numeric string is just a string of digits and spaces
  and could be empty.  However, in X.500, all attribute values of
  numeric string carry a non-empty constraint.  For example:

	internationalISDNNumber ATTRIBUTE ::= {
		WITH SYNTAX InternationalISDNNumber
		EQUALITY MATCHING RULE numericStringMatch
		SUBSTRINGS MATCHING RULE numericStringSubstringsMatch
		ID id-at-internationalISDNNumber }
	InternationalISDNNumber ::=
	    NumericString (SIZE(1..ub-international-isdn-number))

  Unforunately, some assertion values are don't carry the same
  constraint (but its unclear how such an assertion could ever
  be true). In LDAP, there is one syntax (numericString) not two
  (numericString with constraint, numericString without constraint).
  This should be treated as numericString with non-empty constraint.
  Note that while someone may have no ISDN number, there are no ISDN
  numbers which are zero length.

  In matching, spaces are ignored.

PrintableString
  In ASN.1, Printable string is just a string of printable characters
  and can be empty.  In X.500, semantics much like NumericString (see
  serialNumber for a like example) excepting uses insignificant space
  handling instead of ignore all spaces.  

IA5String
  Basically same as PrintableString.  There are no examples in X.500,
  but same logic applies.  So we require them to be non-empty as
  well.

-------------------------------------------------------------------*/

530
531
532
533
534
535
536
537
538
static int
UTF8StringValidate(
	Syntax *syntax,
	struct berval *in )
{
	ber_len_t count;
	int len;
	unsigned char *u = in->bv_val;

539
540
	if( !in->bv_len ) return LDAP_INVALID_SYNTAX;

541
	for( count = in->bv_len; count > 0; count-=len, u+=len ) {
542
		/* get the length indicated by the first byte */
543
		len = LDAP_UTF8_CHARLEN2( u, len );
544

Kurt Zeilenga's avatar
Kurt Zeilenga committed
545
546
547
		/* very basic checks */
		switch( len ) {
			case 6:
548
				if( (u[5] & 0xC0) != 0x80 ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
549
550
551
					return LDAP_INVALID_SYNTAX;
				}
			case 5:
552
				if( (u[4] & 0xC0) != 0x80 ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
553
554
555
					return LDAP_INVALID_SYNTAX;
				}
			case 4:
556
				if( (u[3] & 0xC0) != 0x80 ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
557
558
559
					return LDAP_INVALID_SYNTAX;
				}
			case 3:
560
				if( (u[2] & 0xC0 )!= 0x80 ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
561
562
563
					return LDAP_INVALID_SYNTAX;
				}
			case 2:
564
				if( (u[1] & 0xC0) != 0x80 ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
565
566
567
					return LDAP_INVALID_SYNTAX;
				}
			case 1:
568
				/* CHARLEN already validated it */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
569
570
571
572
				break;
			default:
				return LDAP_INVALID_SYNTAX;
		}
573
574
575

		/* make sure len corresponds with the offset
			to the next character */
576
		if( LDAP_UTF8_OFFSET( u ) != len ) return LDAP_INVALID_SYNTAX;
577
578
	}

579
	if( count != 0 ) return LDAP_INVALID_SYNTAX;
580

581
	return LDAP_SUCCESS;
582
583
584
585
586
587
}

static int
UTF8StringNormalize(
	Syntax *syntax,
	struct berval *val,
588
	struct berval *normalized )
589
{
590
	char *p, *q, *s, *e;
591
	int len = 0;
592

Kurt Zeilenga's avatar
Kurt Zeilenga committed
593
594
595
	/* validator should have refused an empty string */
	assert( val->bv_len );

596
	p = val->bv_val;
597

598
	/* Ignore initial whitespace */
599
	/* All space is ASCII. All ASCII is 1 byte */
600
	for ( ; p < val->bv_val + val->bv_len && ASCII_SPACE( p[ 0 ] ); p++ );
601

602
	normalized->bv_len = val->bv_len - (p - val->bv_val);
Kurt Zeilenga's avatar
Kurt Zeilenga committed
603
604
605
606
607
608

	if( !normalized->bv_len ) {
		ber_mem2bv( " ", 1, 1, normalized );
		return LDAP_SUCCESS;
	}

609
610
	ber_mem2bv( p, normalized->bv_len, 1, normalized );
	e = normalized->bv_val + normalized->bv_len;
611
612
613
614

	assert( normalized->bv_val );

	p = q = normalized->bv_val;
615
	s = NULL;
616

617
	while ( p < e ) {
618
619
620
621
622
		q += len;
		if ( ASCII_SPACE( *p ) ) {
			s = q - len;
			len = 1;
			*q = *p++;
623

624
			/* Ignore the extra whitespace */
625
626
			while ( ASCII_SPACE( *p ) ) {
				p++;
627
			}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
628
		} else {
629
630
631
			len = LDAP_UTF8_COPY(q,p);
			s=NULL;
			p+=len;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
632
		}
633
634
	}

635
	assert( normalized->bv_val <= p );
636
	assert( q+len <= p );
637

638
	/* cannot start with a space */
639
	assert( !ASCII_SPACE( normalized->bv_val[0] ) );
640
641
642
643
644
645
646
647

	/*
	 * If the string ended in space, backup the pointer one
	 * position.  One is enough because the above loop collapsed
	 * all whitespace to a single space.
	 */

	if ( s != NULL ) {
Howard Chu's avatar
Howard Chu committed
648
		len = q - s;
649
		q = s;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
650
	}
651

652
	/* cannot end with a space */
653
654
655
	assert( !ASCII_SPACE( *q ) );

	q += len;
656
657
658
659

	/* null terminate */
	*q = '\0';

660
	normalized->bv_len = q - normalized->bv_val;
661

662
	return LDAP_SUCCESS;
663
664
}

665
/* Returns Unicode canonically normalized copy of a substring assertion
666
 * Skipping attribute description */
667
static SubstringsAssertion *
668
669
UTF8SubstringsassertionNormalize(
	SubstringsAssertion *sa,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
670
	unsigned casefold )
671
672
673
674
{
	SubstringsAssertion *nsa;
	int i;

Julius Enarusai's avatar
   
Julius Enarusai committed
675
	nsa = (SubstringsAssertion *)SLAP_CALLOC( 1, sizeof(SubstringsAssertion) );
676
677
678
679
	if( nsa == NULL ) {
		return NULL;
	}

680
	if( sa->sa_initial.bv_val != NULL ) {
681
		UTF8bvnormalize( &sa->sa_initial, &nsa->sa_initial, casefold );
682
		if( nsa->sa_initial.bv_val == NULL ) {
683
684
685
686
687
			goto err;
		}
	}

	if( sa->sa_any != NULL ) {
688
		for( i=0; sa->sa_any[i].bv_val != NULL; i++ ) {
689
690
			/* empty */
		}
691
		nsa->sa_any = (struct berval *)
Julius Enarusai's avatar
   
Julius Enarusai committed
692
693
694
695
			SLAP_MALLOC( (i + 1) * sizeof(struct berval) );
		if( nsa->sa_any == NULL ) {
				goto err;
		}
696

697
		for( i=0; sa->sa_any[i].bv_val != NULL; i++ ) {
698
			UTF8bvnormalize( &sa->sa_any[i], &nsa->sa_any[i], 
699
				casefold );
700
			if( nsa->sa_any[i].bv_val == NULL ) {
701
702
703
				goto err;
			}
		}
704
		nsa->sa_any[i].bv_val = NULL;
705
706
	}

707
	if( sa->sa_final.bv_val != NULL ) {
708
		UTF8bvnormalize( &sa->sa_final, &nsa->sa_final, casefold );
709
		if( nsa->sa_final.bv_val == NULL ) {
710
711
712
713
714
715
716
			goto err;
		}
	}

	return nsa;

err:
Howard Chu's avatar
Howard Chu committed
717
	if ( nsa->sa_final.bv_val ) free( nsa->sa_final.bv_val );
718
	if ( nsa->sa_any ) ber_bvarray_free( nsa->sa_any );
Howard Chu's avatar
Howard Chu committed
719
	if ( nsa->sa_initial.bv_val ) free( nsa->sa_initial.bv_val );
720
721
722
723
	ch_free( nsa );
	return NULL;
}

724
#ifndef SLAPD_APPROX_OLDSINGLESTRING
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742

#if defined(SLAPD_APPROX_INITIALS)
#define SLAPD_APPROX_DELIMITER "._ "
#define SLAPD_APPROX_WORDLEN 2
#else
#define SLAPD_APPROX_DELIMITER " "
#define SLAPD_APPROX_WORDLEN 1
#endif

static int
approxMatch(
	int *matchp,
	slap_mask_t flags,
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *value,
	void *assertedValue )
{
743
744
	struct berval *nval, *assertv;
	char *val, **values, **words, *c;
745
746
	int i, count, len, nextchunk=0, nextavail=0;

747
	/* Yes, this is necessary */
748
	nval = UTF8bvnormalize( value, NULL, LDAP_UTF8_APPROX );
749
	if( nval == NULL ) {
750
751
752
753
754
		*matchp = 1;
		return LDAP_SUCCESS;
	}

	/* Yes, this is necessary */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
755
756
	assertv = UTF8bvnormalize( ((struct berval *)assertedValue),
		NULL, LDAP_UTF8_APPROX );
757
	if( assertv == NULL ) {
758
		ber_bvfree( nval );
759
760
761
		*matchp = 1;
		return LDAP_SUCCESS;
	}
762
763

	/* Isolate how many words there are */
764
	for ( c = nval->bv_val, count = 1; *c; c++ ) {
765
766
767
768
769
770
771
772
773
		c = strpbrk( c, SLAPD_APPROX_DELIMITER );
		if ( c == NULL ) break;
		*c = '\0';
		count++;
	}

	/* Get a phonetic copy of each word */
	words = (char **)ch_malloc( count * sizeof(char *) );
	values = (char **)ch_malloc( count * sizeof(char *) );
774
	for ( c = nval->bv_val, i = 0;  i < count; i++, c += strlen(c) + 1 ) {
775
776
777
778
		words[i] = c;
		values[i] = phonetic(c);
	}

779
	/* Work through the asserted value's words, to see if at least some
780
781
	   of the words are there, in the same order. */
	len = 0;
782
783
	while ( (ber_len_t) nextchunk < assertv->bv_len ) {
		len = strcspn( assertv->bv_val + nextchunk, SLAPD_APPROX_DELIMITER);
784
785
786
787
		if( len == 0 ) {
			nextchunk++;
			continue;
		}
788
#if defined(SLAPD_APPROX_INITIALS)
789
		else if( len == 1 ) {
790
791
			/* Single letter words need to at least match one word's initial */
			for( i=nextavail; i<count; i++ )
792
				if( !strncasecmp( assertv->bv_val + nextchunk, words[i], 1 )) {
793
					nextavail=i+1;
794
					break;
795
				}
796
797
		}
#endif
798
		else {
799
			/* Isolate the next word in the asserted value and phonetic it */
800
801
			assertv->bv_val[nextchunk+len] = '\0';
			val = phonetic( assertv->bv_val + nextchunk );
802
803
804
805
806
807
808
809

			/* See if this phonetic chunk is in the remaining words of *value */
			for( i=nextavail; i<count; i++ ){
				if( !strcmp( val, values[i] ) ){
					nextavail = i+1;
					break;
				}
			}
810
			ch_free( val );
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
		}

		/* This chunk in the asserted value was NOT within the *value. */
		if( i >= count ) {
			nextavail=-1;
			break;
		}

		/* Go on to the next word in the asserted value */
		nextchunk += len+1;
	}

	/* If some of the words were seen, call it a match */
	if( nextavail > 0 ) {
		*matchp = 0;
	}
	else {
		*matchp = 1;
	}

	/* Cleanup allocs */
832
	ber_bvfree( assertv );
833
834
835
836
837
	for( i=0; i<count; i++ ) {
		ch_free( values[i] );
	}
	ch_free( values );
	ch_free( words );
838
	ber_bvfree( nval );
839
840
841
842

	return LDAP_SUCCESS;
}

843
static int 
844
845
846
847
848
849
approxIndexer(
	slap_mask_t use,
	slap_mask_t flags,
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *prefix,
850
851
	BerVarray values,
	BerVarray *keysp )
852
{
853
	char *c;
854
	int i,j, len, wordcount, keycount=0;
855
	struct berval *newkeys;
856
	BerVarray keys=NULL;
857

858
	for( j=0; values[j].bv_val != NULL; j++ ) {
859
		struct berval val = { 0, NULL };
860
		/* Yes, this is necessary */
861
862
		UTF8bvnormalize( &values[j], &val, LDAP_UTF8_APPROX );
		assert( val.bv_val != NULL );
863

864
		/* Isolate how many words there are. There will be a key for each */
865
		for( wordcount = 0, c = val.bv_val; *c; c++) {
866
867
868
869
870
871
872
873
			len = strcspn(c, SLAPD_APPROX_DELIMITER);
			if( len >= SLAPD_APPROX_WORDLEN ) wordcount++;
			c+= len;
			if (*c == '\0') break;
			*c = '\0';
		}

		/* Allocate/increase storage to account for new keys */
874
875
		newkeys = (struct berval *)ch_malloc( (keycount + wordcount + 1) 
			* sizeof(struct berval) );
Kurt Zeilenga's avatar
Kurt Zeilenga committed
876
		AC_MEMCPY( newkeys, keys, keycount * sizeof(struct berval) );
877
878
879
880
		if( keys ) ch_free( keys );
		keys = newkeys;

		/* Get a phonetic copy of each word */
881
		for( c = val.bv_val, i = 0; i < wordcount; c += len + 1 ) {
882
883
			len = strlen( c );
			if( len < SLAPD_APPROX_WORDLEN ) continue;
884
			ber_str2bv( phonetic( c ), 0, 0, &keys[keycount] );
885
886
887
888
			keycount++;
			i++;
		}

889
		ber_memfree( val.bv_val );
890
	}
891
	keys[keycount].bv_val = NULL;
892
893
894
895
896
	*keysp = keys;

	return LDAP_SUCCESS;
}

897
static int 
898
899
900
901
902
903
approxFilter(
	slap_mask_t use,
	slap_mask_t flags,
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *prefix,
904
	void * assertedValue,
905
	BerVarray *keysp )
906
{
907
	char *c;
908
	int i, count, len;
909
	struct berval *val;
910
	BerVarray keys;
911

912
	/* Yes, this is necessary */
913
	val = UTF8bvnormalize( ((struct berval *)assertedValue),
Kurt Zeilenga's avatar
Kurt Zeilenga committed
914
		NULL, LDAP_UTF8_APPROX );
915
	if( val == NULL || val->bv_val == NULL ) {
916
917
		keys = (struct berval *)ch_malloc( sizeof(struct berval) );
		keys[0].bv_val = NULL;
918
		*keysp = keys;
919
		ber_bvfree( val );
920
921
922
		return LDAP_SUCCESS;
	}

923
	/* Isolate how many words there are. There will be a key for each */
924
	for( count = 0,c = val->bv_val; *c; c++) {
925
926
927
928
929
930
931
932
		len = strcspn(c, SLAPD_APPROX_DELIMITER);
		if( len >= SLAPD_APPROX_WORDLEN ) count++;
		c+= len;
		if (*c == '\0') break;
		*c = '\0';
	}

	/* Allocate storage for new keys */
933
	keys = (struct berval *)ch_malloc( (count + 1) * sizeof(struct berval) );
934
935

	/* Get a phonetic copy of each word */
936
	for( c = val->bv_val, i = 0; i < count; c += len + 1 ) {
937
938
		len = strlen(c);
		if( len < SLAPD_APPROX_WORDLEN ) continue;
939
		ber_str2bv( phonetic( c ), 0, 0, &keys[i] );
940
941
942
		i++;
	}

943
	ber_bvfree( val );
944

945
	keys[count].bv_val = NULL;
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
	*keysp = keys;

	return LDAP_SUCCESS;
}


#else
/* No other form of Approximate Matching is defined */

static int
approxMatch(
	int *matchp,
	slap_mask_t flags,
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *value,
	void *assertedValue )
{
	char *vapprox, *avapprox;
965
	char *s, *t;
966

967
	/* Yes, this is necessary */
968
	s = UTF8normalize( value, UTF8_NOCASEFOLD );
969
970
971
972
973
974
	if( s == NULL ) {
		*matchp = 1;
		return LDAP_SUCCESS;
	}

	/* Yes, this is necessary */
975
	t = UTF8normalize( ((struct berval *)assertedValue),
976
977
978
979
980
981
982
983
984
985
986
987
			   UTF8_NOCASEFOLD );
	if( t == NULL ) {
		free( s );
		*matchp = -1;
		return LDAP_SUCCESS;
	}

	vapprox = phonetic( strip8bitChars( s ) );
	avapprox = phonetic( strip8bitChars( t ) );

	free( s );
	free( t );
988
989
990
991
992
993
994
995
996

	*matchp = strcmp( vapprox, avapprox );

	ch_free( vapprox );
	ch_free( avapprox );

	return LDAP_SUCCESS;
}

997
static int 
998
999
1000
1001
1002
1003
approxIndexer(
	slap_mask_t use,
	slap_mask_t flags,
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *prefix,
1004
1005
	BerVarray values,
	BerVarray *keysp )
1006
1007
{
	int i;
1008
	BerVarray *keys;
1009
	char *s;
1010

1011
	for( i=0; values[i].bv_val != NULL; i++ ) {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1012
		/* empty - just count them */
1013
	}
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1014
1015

	/* we should have at least one value at this point */
1016
1017
	assert( i > 0 );

1018
	keys = (struct berval *)ch_malloc( sizeof( struct berval ) * (i+1) );
1019
1020

	/* Copy each value and run it through phonetic() */
1021
	for( i=0; values[i].bv_val != NULL; i++ ) {
1022
		/* Yes, this is necessary */
1023
		s = UTF8normalize( &values[i], UTF8_NOCASEFOLD );
1024
1025

		/* strip 8-bit chars and run through phonetic() */
1026
		ber_str2bv( phonetic( strip8bitChars( s ) ), 0, 0, &keys[i] );
1027
		free( s );
1028
	}
1029
	keys[i].bv_val = NULL;
1030
1031
1032
1033
1034
1035

	*keysp = keys;
	return LDAP_SUCCESS;
}


1036
static int 
1037
1038
1039
1040
1041
1042
approxFilter(
	slap_mask_t use,
	slap_mask_t flags,
	Syntax *syntax,
	MatchingRule *mr,
	struct berval *prefix,
1043
	void * assertedValue,
1044
	BerVarray *keysp )
1045
{
1046
	BerVarray keys;
1047
	char *s;
1048

1049
	keys = (struct berval *)ch_malloc( sizeof( struct berval * ) * 2 );
1050

1051
	/* Yes, this is necessary */
1052
	s = UTF8normalize( ((struct berval *)assertedValue),
1053
1054
1055
1056
1057
1058
1059
1060
1061
			     UTF8_NOCASEFOLD );
	if( s == NULL ) {
		keys[0] = NULL;
	} else {
		/* strip 8-bit chars and run through phonetic() */
		keys[0] = ber_bvstr( phonetic( strip8bitChars( s ) ) );
		free( s );
		keys[1] = NULL;
	}
1062
1063
1064
1065
1066
1067
1068

	*keysp = keys;
	return LDAP_SUCCESS;
}
#endif


1069
static int
1070
caseExactMatch(
1071
	int *matchp,