Commit eb5d285a authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

allow attribute inheritance with syntax restriction (please review)

parent dd3f101f
......@@ -676,6 +676,7 @@ aci_init( void )
static slap_syntax_defs_rec aci_syntax_def = {
"( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental ACI' )",
SLAP_SYNTAX_HIDE,
NULL,
OpenLDAPaciValidate,
OpenLDAPaciPretty
};
......
......@@ -754,9 +754,16 @@ at_add(
goto error_return;
}
if( sat->sat_syntax != NULL && sat->sat_syntax != syn ) {
code = SLAP_SCHERR_ATTR_BAD_SUP;
goto error_return;
if ( sat->sat_syntax != NULL && sat->sat_syntax != syn ) {
Syntax *supsyn = syn->ssyn_sup;
for ( ; supsyn && supsyn != sat->sat_syntax;
supsyn = supsyn->ssyn_sup )
;
if ( supsyn == NULL ) {
code = SLAP_SCHERR_ATTR_BAD_SUP;
goto error_return;
}
}
sat->sat_syntax = syn;
......
......@@ -92,9 +92,18 @@ attributetype ( 2.5.4.5 NAME 'serialNumber'
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
# RFC 4519 definition (cannot be loaded because SYNTAX conflicts
# with that of name).
#
attributetype ( 2.5.4.6 NAME 'c'
DESC 'RFC2256: ISO-3166 country 2-letter code'
SUP name SINGLE-VALUE )
SUP name
SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
SINGLE-VALUE )
#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
# DESC 'RFC2256: ISO-3166 country 2-letter code'
# SUP name SINGLE-VALUE )
attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
DESC 'RFC2256: locality which this object resides in'
......
......@@ -4012,176 +4012,187 @@ firstComponentNormalize(
static slap_syntax_defs_rec syntax_defs[] = {
{"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' "
X_BINARY X_NOT_H_R ")",
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL},
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' " X_NOT_H_R ")",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' "
X_NOT_H_R ")",
SLAP_SYNTAX_BLOB, blobValidate, NULL},
SLAP_SYNTAX_BLOB, NULL, blobValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' "
X_NOT_H_R ")",
SLAP_SYNTAX_BER, berValidate, NULL},
SLAP_SYNTAX_BER, NULL, berValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )",
0, bitStringValidate, NULL },
0, NULL, bitStringValidate, NULL },
{"( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )",
0, booleanValidate, NULL},
0, NULL, booleanValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' "
X_BINARY X_NOT_H_R ")",
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, certificateValidate, NULL},
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER,
NULL, certificateValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' "
X_BINARY X_NOT_H_R ")",
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, sequenceValidate, NULL},
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER,
NULL, sequenceValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' "
X_BINARY X_NOT_H_R ")",
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, sequenceValidate, NULL},
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER,
NULL, sequenceValidate, NULL},
#if 0 /* need to go __after__ printableString */
{"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )",
0, countryStringValidate, NULL},
0, "1.3.6.1.4.1.1466.115.121.1.44",
countryStringValidate, NULL},
#endif
{"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )",
0, dnValidate, dnPretty},
0, NULL, dnValidate, dnPretty},
{"( 1.2.36.79672281.1.5.0 DESC 'RDN' )",
0, rdnValidate, rdnPretty},
0, NULL, rdnValidate, rdnPretty},
#ifdef LDAP_COMP_MATCH
{"( 1.2.36.79672281.1.5.3 DESC 'allComponents' )",
0, allComponentsValidate, NULL},
0, NULL, allComponentsValidate, NULL},
{"( 1.2.36.79672281.1.5.2 DESC 'componentFilterMatch assertion') ",
0, componentFilterValidate, NULL},
0, NULL, componentFilterValidate, NULL},
#endif
{"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )",
0, deliveryMethodValidate, NULL},
0, NULL, deliveryMethodValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )",
0, UTF8StringValidate, NULL},
0, NULL, UTF8StringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure Rule Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )",
0, printablesStringValidate, NULL},
0, NULL, printablesStringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' " X_NOT_H_R ")",
SLAP_SYNTAX_BLOB, NULL, NULL},
SLAP_SYNTAX_BLOB, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )",
0, generalizedTimeValidate, NULL},
0, NULL, generalizedTimeValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )",
0, IA5StringValidate, NULL},
0, NULL, IA5StringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )",
0, integerValidate, NULL},
0, NULL, integerValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' " X_NOT_H_R ")",
SLAP_SYNTAX_BLOB, blobValidate, NULL},
SLAP_SYNTAX_BLOB, NULL, blobValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Access Points' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )",
0, nameUIDValidate, nameUIDPretty },
0, NULL, nameUIDValidate, nameUIDPretty },
{"( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )",
0, numericStringValidate, NULL},
0, NULL, numericStringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )",
0, numericoidValidate, NULL},
0, NULL, numericoidValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )",
0, IA5StringValidate, NULL},
0, NULL, IA5StringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )",
0, blobValidate, NULL},
0, NULL, blobValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )",
0, UTF8StringValidate, NULL},
0, NULL, UTF8StringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol Information' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation Address' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )",
0, printableStringValidate, NULL},
0, "1.3.6.1.4.1.1466.115.121.1.15",
printableStringValidate, NULL},
/* moved here because now depends on printable string */
{"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )",
0, "1.3.6.1.4.1.1466.115.121.1.44",
countryStringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.45 DESC 'SubtreeSpecification' )",
#define subtreeSpecificationValidate UTF8StringValidate /* FIXME */
0, subtreeSpecificationValidate, NULL},
0, NULL, subtreeSpecificationValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' "
X_BINARY X_NOT_H_R ")",
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL},
SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, berValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )",
0, printableStringValidate, NULL},
0, NULL, printableStringValidate, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )",
0, printablesStringValidate, NULL},
0, NULL, printablesStringValidate, NULL},
#ifdef SUPPORT_OBSOLETE_UTC_SYNTAX
{"( 1.3.6.1.4.1.1466.115.121.1.53 DESC 'UTC Time' )",
0, utcTimeValidate, NULL},
0, NULL, utcTimeValidate, NULL},
#endif
{"( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema Definition' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema Description' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
{"( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring Assertion' )",
0, NULL, NULL},
0, NULL, NULL, NULL},
/* RFC 2307 NIS Syntaxes */
{"( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )",
0, nisNetgroupTripleValidate, NULL},
0, NULL, nisNetgroupTripleValidate, NULL},
{"( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )",
0, bootParameterValidate, NULL},
0, NULL, bootParameterValidate, NULL},
/* draft-zeilenga-ldap-x509 */
{"( 1.3.6.1.1.15.1 DESC 'Certificate Exact Assertion' )",
SLAP_SYNTAX_HIDE,
SLAP_SYNTAX_HIDE, NULL,
serialNumberAndIssuerValidate,
serialNumberAndIssuerPretty},
{"( 1.3.6.1.1.15.2 DESC 'Certificate Assertion' )",
SLAP_SYNTAX_HIDE, NULL, NULL},
SLAP_SYNTAX_HIDE, NULL, NULL, NULL},
{"( 1.3.6.1.1.15.3 DESC 'Certificate Pair Exact Assertion' )",
SLAP_SYNTAX_HIDE, NULL, NULL},
SLAP_SYNTAX_HIDE, NULL, NULL, NULL},
{"( 1.3.6.1.1.15.4 DESC 'Certificate Pair Assertion' )",
SLAP_SYNTAX_HIDE, NULL, NULL},
SLAP_SYNTAX_HIDE, NULL, NULL, NULL},
{"( 1.3.6.1.1.15.5 DESC 'Certificate List Exact Assertion' )",
SLAP_SYNTAX_HIDE, NULL, NULL},
SLAP_SYNTAX_HIDE, NULL, NULL, NULL},
{"( 1.3.6.1.1.15.6 DESC 'Certificate List Assertion' )",
SLAP_SYNTAX_HIDE, NULL, NULL},
SLAP_SYNTAX_HIDE, NULL, NULL, NULL},
{"( 1.3.6.1.1.15.7 DESC 'Algorithm Identifier' )",
SLAP_SYNTAX_HIDE, NULL, NULL},
SLAP_SYNTAX_HIDE, NULL, NULL, NULL},
#ifdef SLAPD_AUTHPASSWD
/* needs updating */
{"( 1.3.6.1.4.1.4203.666.2.2 DESC 'OpenLDAP authPassword' )",
SLAP_SYNTAX_HIDE, NULL, NULL},
SLAP_SYNTAX_HIDE, NULL, NULL, NULL},
#endif
{"( 1.3.6.1.1.16.1 DESC 'UUID' )",
0, UUIDValidate, UUIDPretty},
0, NULL, UUIDValidate, UUIDPretty},
{"( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' )",
SLAP_SYNTAX_HIDE, csnValidate, NULL},
SLAP_SYNTAX_HIDE, NULL, csnValidate, NULL},
/* OpenLDAP Void Syntax */
{"( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )" ,
SLAP_SYNTAX_HIDE, inValidate, NULL},
SLAP_SYNTAX_HIDE, NULL, inValidate, NULL},
/* FIXME: OID is unused, but not registered yet */
{"( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' )",
SLAP_SYNTAX_HIDE, authzValidate, authzPretty},
SLAP_SYNTAX_HIDE, NULL, authzValidate, authzPretty},
{NULL, 0, NULL, NULL}
{NULL, 0, NULL, NULL, NULL}
};
char *certificateExactMatchSyntaxes[] = {
......
......@@ -49,6 +49,7 @@ static char *const err2text[] = {
"Duplicate matchingRule",
"Syntax not found",
"Duplicate ldapSyntax",
"Superior syntax not found",
"OID or name required",
"Qualifier not supported",
"Invalid NAME",
......
......@@ -268,7 +268,7 @@ typedef struct slap_ssf_set {
#define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3"
#define SLAP_SYNTAX_OBJECTCLASSES_OID "1.3.6.1.4.1.1466.115.121.1.37"
#define SLAP_SYNTAX_MATCHINGRULEUSES_OID "1.3.6.1.4.1.1466.115.121.1.31"
#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16"
#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16"
/*
* represents schema information for a database
......@@ -292,6 +292,7 @@ enum {
SLAP_SCHERR_MR_DUP,
SLAP_SCHERR_SYN_NOT_FOUND,
SLAP_SCHERR_SYN_DUP,
SLAP_SCHERR_SYN_SUP_NOT_FOUND,
SLAP_SCHERR_NO_NAME,
SLAP_SCHERR_NOT_SUPPORTED,
SLAP_SCHERR_BAD_DESCR,
......@@ -408,6 +409,8 @@ struct Syntax {
#define SLAP_SYNTAX_HIDE 0x8000U /* hide (do not publish) */
#endif
Syntax *ssyn_sup;
slap_syntax_validate_func *ssyn_validate;
slap_syntax_transform_func *ssyn_pretty;
......@@ -433,6 +436,7 @@ struct Syntax {
typedef struct slap_syntax_defs_rec {
char *sd_desc;
int sd_flags;
char *sd_sup;
slap_syntax_validate_func *sd_validate;
slap_syntax_transform_func *sd_pretty;
#ifdef SLAPD_BINARY_CONVERSION
......
......@@ -129,7 +129,7 @@ syn_add(
)
{
Syntax *ssyn;
int code;
int code = 0;
ssyn = (Syntax *) SLAP_CALLOC( 1, sizeof(Syntax) );
if( ssyn == NULL ) {
......@@ -156,7 +156,18 @@ syn_add(
ssyn->ssyn_str2ber = def->sd_str2ber;
#endif
code = syn_insert(ssyn, err);
if ( def->sd_sup != NULL ) {
ssyn->ssyn_sup = syn_find( def->sd_sup );
if ( ssyn->ssyn_sup == NULL ) {
*err = def->sd_sup;
code = SLAP_SCHERR_SYN_SUP_NOT_FOUND;
}
}
if ( code == 0 ) {
code = syn_insert(ssyn, err);
}
return code;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment