fix, clarify and document previous commit

2025-12-24 00:29:35 -05:00 · 2003-12-29 17:06:43 +00:00 · 2003-12-29 17:06:43 +00:00 · c860ba6a23
commit c860ba6a23
parent 8b797f70e2
3 changed files with 43 additions and 30 deletions
--- a/doc/man/man5/slapd-meta.5
+++ b/doc/man/man5/slapd-meta.5
@ -362,20 +362,41 @@ use POSIX Basic Regular Expressions (default is Extended)
 apply the rule once only (default is recursive)
 .TP
 .B `@'
-stop applying rules in case of match.
+stop applying rules in case of match; the current rule is still applied 
+recursively; combine with `:' to apply the current rule only once 
+and then stop.
 .TP
 .B `#'
 stop current operation if the rule matches, and issue an `unwilling to
 perform' error.
 .TP
 .B `G{n}'
-jump n rules back and forth (watch for loops!).
+jump
+.B n
+rules back and forth (watch for loops!).
 Note that `G{1}' is implicit in every rule.
 .TP
 .B `I'
 ignores errors in rule; this means, in case of error, e.g. issued by a
 map, the error is treated as a missed match.
 The `unwilling to perform' is not overridden.
+.TP
+.B `U{n}'
+uses
+.B
+n
+as return code if the rule matches; the flag does not alter the recursive
+behavior of the rule, so, to have it performed only once, it must be used 
+in combination with `:', e.g.
+.B `:U{16}'
+returns the value `16' after exactly one execution of the rule, if the
+pattern matches.
+As a consequence, its behavior is equivalent to `@', with the return
+code set to
+.BR n ;
+or, in other words, `@' is equivalent to `U{0}'.
+By convention, the freely available codes are above 16 included;
+the others are reserved.
 .LP
 The ordering of the flags is significant.
 For instance: `IG{2}' means ignore errors and jump two lines ahead
@ -616,7 +637,7 @@ rewriteMap ldap attr2dn "ldap://host/dc=my,dc=org?dn?sub"
 # regular DNs, because the definition of a bindDn
 # rewrite context overrides the default definition.
 rewriteContext bindDn
-rewriteRule "^mail=[^,]+@[^,]+$" "%{attr2dn(%0)}" "@I"
+rewriteRule "^mail=[^,]+@[^,]+$" "%{attr2dn(%0)}" ":@I"

 # This is a rather sophisticated example. It massages a
 # search filter in case who performs the search has
@ -645,7 +666,7 @@ rewriteRule "(.*\e\e()uid=([a-z0-9_]+)(\e\e).*)"
  "%{**binddn}<>%{&prefix(%1)}%{&arg(%2)}%{&suffix(%3)}"
  ":I"
 rewriteRule "[^,]+,ou=admin,dc=home,dc=net"
-  "%{*prefix}|(uid=%{*arg})(cn=%{*arg})%{*suffix}" "@I"
+  "%{*prefix}|(uid=%{*arg})(cn=%{*arg})%{*suffix}" ":@I"
 rewriteRule ".*<>" "%{*prefix}uid=%{*arg}%{*suffix}" ":"

 # This example shows how to strip unwanted DN-valued
@ -655,7 +676,7 @@ rewriteRule ".*<>" "%{*prefix}uid=%{*arg}%{*suffix}" ":"
 # The second rule matches everything else and causes
 # the value to be rejected.
 rewriteContext searchResult
-rewriteRule ".*,ou=People,dc=example,dc=com" "%0" "@"
+rewriteRule ".*,ou=People,dc=example,dc=com" "%0" ":@"
 rewriteRule ".*" "" "#"
 .fi
 .SH "LDAP Proxy resolution (a possible evolution of slapd\-ldap(5)):"
@ -666,16 +687,16 @@ E.g.:
 .LP
 .nf
  rewriteRule '^cn=root,.*' '%0'                     'G{3}'
-  rewriteRule '^cn=[a-l].*' 'ldap://ldap1.my.org/%0' '@'
-  rewriteRule '^cn=[m-z].*' 'ldap://ldap2.my.org/%0' '@'
-  rewriteRule '.*'          'ldap://ldap3.my.org/%0' '@'
+  rewriteRule '^cn=[a-l].*' 'ldap://ldap1.my.org/%0' ':@'
+  rewriteRule '^cn=[m-z].*' 'ldap://ldap2.my.org/%0' ':@'
+  rewriteRule '.*'          'ldap://ldap3.my.org/%0' ':@'
 .fi
 .LP
 (Rule 1 is simply there to illustrate the `G{n}' action; it could have
 been written:
 .LP
 .nf
-  rewriteRule '^cn=root,.*' 'ldap://ldap3.my.org/%0' '@'
+  rewriteRule '^cn=root,.*' 'ldap://ldap3.my.org/%0' ':@'
 .fi
 .LP
 with the advantage of saving one rewrite pass ...)
--- a/libraries/librewrite/info.c
+++ b/libraries/librewrite/info.c
@ -259,11 +259,13 @@ rewrite_session(
 	 */
 	case REWRITE_REGEXEC_UNWILLING:
 	case REWRITE_REGEXEC_ERR:
-	default:
 		if ( *result != NULL ) {
 			free( *result );
 			*result = NULL;
 		}
+
+	default:
+		break;
 	}

 rc_return:;
--- a/libraries/librewrite/rule.c
+++ b/libraries/librewrite/rule.c
@ -189,8 +189,8 @@ rewrite_rule_compile(
 				return REWRITE_ERR;
 			}
 			
-			mode &= ~REWRITE_RECURSE;
-			mode |= REWRITE_EXEC_ONCE;
+			//mode &= ~REWRITE_RECURSE;
+			//mode |= REWRITE_EXEC_ONCE;
 			action->la_type = REWRITE_ACTION_STOP;
 			break;
 			
@ -219,8 +219,7 @@ rewrite_rule_compile(
 			 * After applying rule, return user-defined
 			 * error code
 			 */
-			char buf[16], *q;
-			size_t l;
+			char *next = NULL;
 			int *d;
 			
 			if ( p[ 1 ] != '{' ) {
@ -228,26 +227,17 @@ rewrite_rule_compile(
 				return REWRITE_ERR;
 			}

-			q = strchr( p + 2, '}' );
-			if ( q == NULL ) {
-				/* XXX Need to free stuff */
-				return REWRITE_ERR;
-			}
-
-			l = q - p + 1;
-			if ( l >= sizeof( buf ) ) {
-				/* XXX Need to free stuff */
-				return REWRITE_ERR;
-			}
-			AC_MEMCPY( buf, p + 2, l );
-			buf[ l ] = '\0';
-
 			d = malloc( sizeof( int ) );
 			if ( d == NULL ) {
 				/* XXX Need to free stuff */
 				return REWRITE_ERR;
 			}
-			d[ 0 ] = atoi( buf );
+
+			d[ 0 ] = strtol( &p[ 2 ], &next, 0 );
+			if ( next == NULL || next == &p[ 2 ] || next[0] != '}' ) {
+				/* XXX Need to free stuff */
+				return REWRITE_ERR;
+			}

 			action = calloc( sizeof( struct rewrite_action ), 1 );
 			if ( action == NULL ) {
@ -269,7 +259,7 @@ rewrite_rule_compile(

 			action->la_args = (void *)d;

-			p = q;	/* p is incremented by the for ... */
+			p = next;	/* p is incremented by the for ... */
 		
 			break;
 		}