SLAPD_SCHEMA_NOT_COMPAT: framework for value_match() and value_find()

servers/slapd/add.c

@@ -273,7 +273,7 @@ do_add( Connection *conn, Operation *op )
 	} else {
 	    Debug( LDAP_DEBUG_ARGS, "    do_add: HHH\n", 0, 0, 0 );
 		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-			NULL, "read function not implemented", NULL, NULL );
+			NULL, "operation not supported within namingContext", NULL, NULL );
 	}
 
 done:

servers/slapd/back-ldbm/modify.c

@@ -52,12 +52,7 @@ int ldbm_modify_internal(
 	for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
 		mod = &ml->sml_mod;
 
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-		switch ( mod->sm_op )
-#else
-		switch ( mod->mod_op )
-#endif
-		{
+		switch ( mod->sm_op ) {
 		case LDAP_MOD_ADD:
 			err = add_values( e, mod, op->o_ndn );
 			break;
@@ -74,11 +69,7 @@ int ldbm_modify_internal(
  			/* Avoid problems in index_add_mods()
  			 * We need to add index if necessary.
  			 */
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
  			mod->sm_op = LDAP_MOD_ADD;
-#else
- 			mod->mod_op = LDAP_MOD_ADD;
-#endif
 			err = add_values( e, mod, op->o_ndn );
 
  			if ( err == LDAP_TYPE_OR_VALUE_EXISTS ) {
@@ -129,21 +120,16 @@ int ldbm_modify_internal(
 	for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
 		mod = &ml->sml_mod;
 
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-		switch ( mod->sm_op )
-#else
-		switch ( mod->mod_op )
-#endif
-		{
+		switch ( mod->sm_op ) {
 		case LDAP_MOD_REPLACE: {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-			/* not yet implemented */
-#else
 			/* Need to remove all values from indexes */
 			Attribute *a = save_attrs
-				? attr_find( save_attrs, mod->mod_type )
+				? attr_find( save_attrs, mod->sm_desc )
 				: NULL;
 
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+			/* not yet implemented */
+#else
 			if( a != NULL ) {
 				(void) index_change_values( be,
 					mod->mod_type,
@@ -175,12 +161,7 @@ int ldbm_modify_internal(
 	for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
 		mod = &ml->sml_mod;
 
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-		switch ( mod->sm_op )
-#else
-		switch ( mod->mod_op )
-#endif
-		{
+		switch ( mod->sm_op ) {
 		case LDAP_MOD_REPLACE:
 		case LDAP_MOD_ADD:
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
@@ -195,14 +176,14 @@ int ldbm_modify_internal(
 			break;
 
 		case LDAP_MOD_DELETE: {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-			/* not yet implemented */
-#else
 			/* Need to add all remaining values */
 			Attribute *a = e->e_attrs
-				? attr_find( e->e_attrs, mod->mod_type )
+				? attr_find( e->e_attrs, mod->sm_desc )
 				: NULL;
 
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+			/* not yet implemented */
+#else
 			if( a != NULL ) {
 				(void) index_change_values( be,
 					mod->mod_type,
@@ -317,27 +298,36 @@ add_values(
     char	*dn
 )
 {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-	/* not yet implemented */
-#else
 	int		i;
 	Attribute	*a;
 
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+	AttributeDescription *desc = mod->sm_desc;
+#else
+	char *desc = mod->mod_type;
+#endif
+
+	a = attr_find( e->e_attrs, desc );
+
 	/* check if the values we're adding already exist */
-	if ( (a = attr_find( e->e_attrs, mod->mod_type )) != NULL ) {
-		for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) {
-			if ( value_find( a->a_vals, mod->mod_bvalues[i],
-			    a->a_syntax, 3 ) == 0 ) {
+	if ( a != NULL ) {
+		for ( i = 0; mod->sm_bvalues[i] != NULL; i++ ) {
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+			/* not yet implemented */
+#else
+			if ( value_find( a->a_vals, mod->sm_bvalues[i],
+			    a->a_syntax, 3 ) == 0 )
+			{
 				return( LDAP_TYPE_OR_VALUE_EXISTS );
 			}
+#endif
 		}
 	}
 
 	/* no - add them */
-	if( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) {
+	if( attr_merge( e, desc, mod->sm_bvalues ) != 0 ) {
 		return( LDAP_CONSTRAINT_VIOLATION );
 	}
-#endif
 
 	return( LDAP_SUCCESS );
 }
@@ -420,17 +410,13 @@ replace_values(
     char	*dn
 )
 {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-	/* not yet implemented */
-#else
-	(void) attr_delete( &e->e_attrs, mod->mod_type );
+	(void) attr_delete( &e->e_attrs, mod->sm_desc );
 
-	if ( mod->mod_bvalues != NULL &&
-		attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 )
+	if ( mod->sm_bvalues != NULL &&
+		attr_merge( e, mod->sm_desc, mod->sm_bvalues ) != 0 )
 	{
 		return( LDAP_CONSTRAINT_VIOLATION );
 	}
-#endif
 
 	return( LDAP_SUCCESS );
 }

servers/slapd/back-ldbm/passwd.c

@@ -127,20 +127,18 @@ ldbm_back_exop_passwd(
 		vals[1] = NULL;
 
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
-		/* not yet implemented */
+		ml.sml_desc = slap_schema.si_ad_userPassword;
 #else
-		ml.ml_type = ch_strdup("userPassword");
-		ml.ml_bvalues = vals;
-		ml.ml_op = LDAP_MOD_REPLACE;
-		ml.ml_next = NULL;
+		ml.sml_type = ch_strdup("userPassword");
 #endif
+		ml.sml_bvalues = vals;
+		ml.sml_op = LDAP_MOD_REPLACE;
+		ml.sml_next = NULL;
 
 		rc = ldbm_modify_internal( be,
 			conn, op, op->o_ndn, &ml, e );
 
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-		/* not yet implemented */
-#else
+#ifndef SLAPD_SCHEMA_NOT_COMPAT
 		ch_free(ml.ml_type);
 #endif
 	}

servers/slapd/bind.c

@@ -370,7 +370,7 @@ do_bind(
 
 	} else {
 		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-			NULL, "bind function not implemented", NULL, NULL );
+			NULL, "operation not supported within namingContext", NULL, NULL );
 	}
 
 cleanup:

servers/slapd/compare.c

@@ -106,6 +106,13 @@ do_compare(
 		goto cleanup;
 	}
 
+	if( !ava.aa_desc->ad_type->sat_equality ) {
+		/* no equality matching rule */
+		send_ldap_result( conn, op, rc = LDAP_INAPPROPRIATE_MATCHING, NULL,
+		    "no equality matching rule defined", NULL, NULL );
+		goto cleanup;
+	}
+
 	rc = value_normalize( ava.aa_desc, SLAP_MR_EQUALITY, &value, &nvalue, &text );
 
 	if( rc != LDAP_SUCCESS ) {
@@ -164,7 +171,7 @@ do_compare(
 		(*be->be_compare)( be, conn, op, dn, ndn, &ava );
 	} else {
 		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-			NULL, "compare function not implemented", NULL, NULL );
+			NULL, "operation not supported within namingContext", NULL, NULL );
 	}
 
 cleanup:

servers/slapd/connection.c

@@ -590,7 +590,6 @@ void connection_closing( Connection *c )
 	/* c_mutex must be locked by caller */
 
 	if( c->c_conn_state != SLAP_C_CLOSING ) {
-
 		Debug( LDAP_DEBUG_TRACE,
 			"connection_closing: readying conn=%ld sd=%d for close\n",
 			c->c_connid, ber_pvt_sb_get_desc( c->c_sb ), 0 );

servers/slapd/delete.c

@@ -90,9 +90,8 @@ do_delete(
 	if ( global_readonly || be->be_readonly ) {
 		Debug( LDAP_DEBUG_ANY, "do_delete: database is read-only\n",
 		       0, 0, 0 );
-		send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
+		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
 		                  NULL, "directory is read-only", NULL, NULL );
-		rc = LDAP_UNWILLING_TO_PERFORM;
 		goto cleanup;
 	}
 
@@ -130,7 +129,7 @@ do_delete(
 
 	} else {
 		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-			NULL, "delete function not implemented", NULL, NULL );
+			NULL, "operation not supported within namingContext", NULL, NULL );
 	}
 cleanup:
 	if( ndn != NULL ) free( ndn );

servers/slapd/filterentry.c

@@ -230,7 +230,28 @@ test_ava_filter(
 	if ( a != NULL )
 #endif
 	{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+		MatchingRule *mr;
+
+		switch ( type ) {
+		case LDAP_FILTER_EQUALITY:
+		case LDAP_FILTER_APPROX:
+			mr = a->a_desc->ad_type->sat_equality;
+			break;
+
+		case LDAP_FILTER_GE:
+		case LDAP_FILTER_LE:
+			mr = a->a_desc->ad_type->sat_ordering;
+			break;
+
+		default:
+			mr = NULL;
+		}
+
+		if( mr == NULL ) {
+			continue;
+		}
+#else
 		if ( a->a_syntax == 0 ) {
 			a->a_syntax = attr_syntax( ava->ava_type );
 		}
@@ -239,10 +260,7 @@ test_ava_filter(
 		for ( i = 0; a->a_vals[i] != NULL; i++ ) {
 			int rc;
 
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-			/* not yet implemented */
-			rc = 0;
-#else
+#ifndef SLAPD_SCHEMA_NOT_COMPAT
 			rc = value_cmp( a->a_vals[i], &ava->ava_value, a->a_syntax,
 				3 );
 #endif
@@ -283,7 +301,7 @@ test_presence_filter(
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription *desc
 #else
-    char	*desc
+    char *desc
 #endif
 )
 {

servers/slapd/modify.c

@@ -269,7 +269,7 @@ do_modify(
 		}
 	} else {
 		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-		    NULL, "modify function not implemented", NULL, NULL );
+		    NULL, "operation not supported within namingContext", NULL, NULL );
 	}
 
 cleanup:

servers/slapd/modrdn.c

@@ -240,7 +240,7 @@ do_modrdn(
 		}
 	} else {
 		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-			NULL, "modrdn/moddn function not implemented", NULL, NULL );
+			NULL, "operation not supported within namingContext", NULL, NULL );
 	}
 
 cleanup:

servers/slapd/oc.c

@@ -18,19 +18,29 @@
 
 int is_entry_objectclass(
 	Entry*	e,
-	const char*	oc)
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+	ObjectClass *oc
+#else
+	const char*	oc
+#endif
+)
 {
 	Attribute *attr;
-	struct berval bv;
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
+	int i;
 	AttributeDescription *objectClass = slap_schema.si_ad_objectClass;
+	assert(!( e == NULL || oc == NULL ));
 #else
+	struct berval bv;
 	static const char *objectClass = "objectclass";
-#endif
-
 	assert(!( e == NULL || oc == NULL || *oc == '\0' ));
+#endif
 
-	if( e == NULL || oc == NULL || *oc == '\0' ) {
+	if( e == NULL || oc == NULL
+#ifndef SLAPD_SCHEMA_NOT_COMPAT
+		|| *oc == '\0'
+#endif
+	) {
 		return 0;
 	}
 
@@ -48,19 +58,28 @@ int is_entry_objectclass(
 		return 0;
 	}
 
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+	for( i=0; attr->a_vals[i]; i++ ) {
+		ObjectClass *objectClass = oc_find( attr->a_vals[i]->bv_val );
+
+		if( objectClass == oc ) {
+			return 1;
+		}
+	}
+
+	return 0;
+
+#else
 	bv.bv_val = (char *) oc;
 	bv.bv_len = strlen( bv.bv_val );
 
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
-	/* not yet implemented */
-#else
 	if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
 		/* entry is not of this objectclass */
 		return 0;
 	}
-#endif
 
 	return 1;
+#endif
 }
 
 

servers/slapd/proto-slap.h

@@ -605,10 +605,18 @@ LIBSLAPD_F (int) register_matching_rule LDAP_P((
 
 LIBSLAPD_F (int) schema_info LDAP_P(( Entry **entry, char **text ));
 
+#ifdef SLAPD_SCHEMA_NOT_COMPAT
+LIBSLAPD_F (int) is_entry_objectclass LDAP_P((
+	Entry *, ObjectClass *oc ));
+#define is_entry_alias(e)		is_entry_objectclass((e), slap_schema.si_oc_alias)
+#define is_entry_referral(e)	is_entry_objectclass((e), slap_schema.si_oc_referral)
+#else
 LIBSLAPD_F (int) is_entry_objectclass LDAP_P((
 	Entry *, const char* objectclass ));
 #define is_entry_alias(e)		is_entry_objectclass((e), "ALIAS")
 #define is_entry_referral(e)	is_entry_objectclass((e), "REFERRAL")
+#endif
+
 
 /*
  * schema_check.c
@@ -667,7 +675,6 @@ LIBSLAPD_F (char *) suffix_alias LDAP_P(( Backend *be, char *ndn ));
 /*
  * value.c
  */
-
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
 LIBSLAPD_F (int) value_normalize LDAP_P((
 	AttributeDescription *ad,
@@ -675,6 +682,18 @@ LIBSLAPD_F (int) value_normalize LDAP_P((
 	struct berval *in,
 	struct berval **out,
 	char ** text ));
+LIBSLAPD_F (int) value_match LDAP_P((
+	AttributeDescription *ad,
+	MatchingRule *mr,
+	struct berval *v1,
+	struct berval *v2,
+	char ** text ));
+LIBSLAPD_F (int) value_find LDAP_P((
+	AttributeDescription *ad,
+	MatchingRule *mr,
+	struct berval **values,
+	struct berval *value,
+	char ** text ));
 #else
 LIBSLAPD_F (int) value_add_fast LDAP_P(( struct berval ***vals, struct berval **addvals, int nvals, int naddvals, int *maxvals ));
 LIBSLAPD_F (void) value_normalize LDAP_P(( char *s, int syntax ));

servers/slapd/repl.c

@@ -58,20 +58,23 @@ replog(
 		fprintf( fp, "changetype: modify\n" );
 		ml = change;
 		for ( ; ml != NULL; ml = ml->sml_next ) {
+			char *type;
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
-			/* not yet implemented */
+			type = ml->sml_desc->ad_cname->bv_val;
 #else
+			type = ml->sml_type;
+#endif
 			switch ( ml->sml_op ) {
 			case LDAP_MOD_ADD:
-				fprintf( fp, "add: %s\n", ml->sml_type );
+				fprintf( fp, "add: %s\n", type );
 				break;
 
 			case LDAP_MOD_DELETE:
-				fprintf( fp, "delete: %s\n", ml->sml_type );
+				fprintf( fp, "delete: %s\n", type );
 				break;
 
 			case LDAP_MOD_REPLACE:
-				fprintf( fp, "replace: %s\n", ml->sml_type );
+				fprintf( fp, "replace: %s\n", type );
 				break;
 			}
 
@@ -79,14 +82,14 @@ replog(
 			    ml->sml_bvalues[i] != NULL; i++ ) {
 				char	*buf, *bufp;
 
-				len = strlen( ml->sml_type );
+				len = strlen( type );
 				len = LDIF_SIZE_NEEDED( len,
 				    ml->sml_bvalues[i]->bv_len ) + 1;
 				buf = (char *) ch_malloc( len );
 
 				bufp = buf;
 				ldif_sput( &bufp, LDIF_PUT_VALUE,
-					ml->sml_type,
+					type,
 				    ml->sml_bvalues[i]->bv_val,
 				    ml->sml_bvalues[i]->bv_len );
 				*bufp = '\0';
@@ -95,7 +98,6 @@ replog(
 
 				free( buf );
 			}
-#endif
 			fprintf( fp, "-\n" );
 		}
 		break;

servers/slapd/root_dse.c

@@ -33,9 +33,9 @@ root_dse_info( Entry **entry, char **text )
 	AttributeDescription *ad_supportedExtension = slap_schema.si_ad_supportedExtension;
 	AttributeDescription *ad_supportedLDAPVersion = slap_schema.si_ad_supportedLDAPVersion;
 	AttributeDescription *ad_supportedSASLMechanisms = slap_schema.si_ad_supportedSASLMechanisms;
-#ifdef SLAPD_ACI_ENABLED
+#	ifdef SLAPD_ACI_ENABLED
 	AttributeDescription *ad_supportedACIMechanisms = slap_schema.si_ad_supportedACIMechanisms;
-#endif
+#	endif
 	AttributeDescription *ad_ref = slap_schema.si_ad_ref;
 #else
 	char *ad_objectClass = "objectClass";
@@ -44,9 +44,9 @@ root_dse_info( Entry **entry, char **text )
 	char *ad_supportedExtension = "supportedExtension";
 	char *ad_supportedLDAPVersion = "supportedLDAPVersion";
 	char *ad_supportedSASLMechanisms = "supportedSASLMechanisms";
-#ifdef SLAPD_ACI_ENABLED
+#	ifdef SLAPD_ACI_ENABLED
 	char *ad_supportedACIMechanisms = "supportedACIMechanisms";
-#endif
+#	endif
 	char *ad_ref = "ref";
 #endif
 

servers/slapd/schema_init.c

@@ -656,10 +656,19 @@ schema_init( void )
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
 struct slap_internal_schema slap_schema;
 
+struct slap_schema_oc_map {
+	char *ssom_name;
+	size_t ssom_offset;
+} oc_map[] = {
+	{ "alias", offsetof(struct slap_internal_schema, si_oc_alias) },
+	{ "referral", offsetof(struct slap_internal_schema, si_oc_referral) },
+	{ NULL, 0 }
+};
+
 struct slap_schema_ad_map {
-	char *ssm_type;
-	size_t ssm_offset;
-} ad_map[]  = {
+	char *ssam_name;
+	size_t ssam_offset;
+} ad_map[] = {
 	{ "objectClass",
 		offsetof(struct slap_internal_schema, si_ad_objectClass) },
 
@@ -702,6 +711,16 @@ struct slap_schema_ad_map {
 		offsetof(struct slap_internal_schema, si_ad_entry) },
 	{ "children",
 		offsetof(struct slap_internal_schema, si_ad_children) },
+
+	{ "userPassword",
+		offsetof(struct slap_internal_schema, si_ad_userPassword) },
+	{ "authPassword",
+		offsetof(struct slap_internal_schema, si_ad_authPassword) },
+#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
+	{ "krbName",
+		offsetof(struct slap_internal_schema, si_ad_krbName) },
+#endif
+
 	{ NULL, 0 }
 };
 
@@ -712,26 +731,40 @@ schema_prep( void )
 {
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
 	int i;
-	char *text;
 #endif
 	/* we should only be called once after schema_init() was called */
 	assert( schema_init_done == 1 );
 
 #ifdef SLAPD_SCHEMA_NOT_COMPAT
-	for( i=0; ad_map[i].ssm_type; i++ ) {
+	for( i=0; oc_map[i].ssom_name; i++ ) {
+		ObjectClass ** ocp = (ObjectClass **)
+			&(((char *) &slap_schema)[oc_map[i].ssom_offset]);
+
+		*ocp = oc_find( oc_map[i].ssom_name );
+
+		if( *ocp == NULL ) {
+			fprintf( stderr,
+				"No objectClass \"%s\" defined in schema\n",
+				oc_map[i].ssom_name );
+			return LDAP_OBJECT_CLASS_VIOLATION;
+		}
+	}
+
+	for( i=0; ad_map[i].ssam_name; i++ ) {
 		int rc;
+		char *text;
 
 		AttributeDescription ** adp = (AttributeDescription **)
-			&(((char *) &slap_schema)[ad_map[i].ssm_offset]);
+			&(((char *) &slap_schema)[ad_map[i].ssam_offset]);
 
 		*adp = NULL;
 
-		rc = slap_str2ad( ad_map[i].ssm_type, adp, &text );
+		rc = slap_str2ad( ad_map[i].ssam_name, adp, &text );
 
 		if( rc != LDAP_SUCCESS ) {
 			fprintf( stderr,
 				"No attribute \"%s\" defined in schema\n",
-				ad_map[i].ssm_type );
+				ad_map[i].ssam_name );
 			return rc;
 		}
 	}

servers/slapd/search.c

@@ -236,7 +236,7 @@ do_search(
 		    timelimit, filter, fstr, attrs, attrsonly );
 	} else {
 		send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-			NULL, "search function not implemented", NULL, NULL );
+			NULL, "operation not supported within namingContext", NULL, NULL );
 	}
 
 return_results:;

servers/slapd/slap.h

@@ -317,6 +317,10 @@ typedef struct slap_attr_desc {
  * pointers to schema elements used internally
  */
 struct slap_internal_schema {
+	/* objectClass */
+	ObjectClass *si_oc_alias;
+	ObjectClass *si_oc_referral;
+
 	/* objectClass attribute */