upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-23 08:09:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

1) <all> type component reference support

Browse source 
2) nibble type memory support when decoding
3) description type object identifier support
4) OPTIONAL, DEFAULT support in certificate decoder/extractor/matching
5) Misc bug fix
This commit is contained in:
Sang Seok Lim 2004-11-29 20:21:38 +00:00
parent 7bdf2ab549
commit decfd7217f
16 changed files with 1559 additions and 1141 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
configure vendored
View file

@ -1797,9 +1797,11 @@ if test "${enable_modules+set}" = set; then
{ echo "configure: error: bad value $enableval for --enable-modules" 1>&2; exit 1; }
fi
ol_enable_modules="$ol_arg"
WITH_MODULES_ENABLED=yes
else
ol_enable_modules="no"
WITH_MODULES_ENABLED=no
fi
# end --enable-modules
ol_enable_multimaster=${ol_enable_multimaster-no}
@ -24839,6 +24841,7 @@ EOF
fi
WITH_MODULES_ENABLED=no
if test "$ol_link_modules" != no ; then
cat >> confdefs.h <<\EOF
#define SLAPD_MODULES 1
@ -24846,6 +24849,7 @@ EOF
BUILD_SLAPD=yes
SLAPD_MODULES_LDFLAGS="-dlopen self"
WITH_MODULES_ENABLED=yes
fi
cat >> confdefs.h <<\EOF

1
configure.in
View file

@ -2588,6 +2588,7 @@ if test "$ol_link_modules" != no ; then
AC_DEFINE(SLAPD_MODULES,1,[define to support modules])
BUILD_SLAPD=yes
SLAPD_MODULES_LDFLAGS="-dlopen self"
WITH_MODULES_ENABLED=yes
fi
AC_DEFINE(SLAPD_MOD_STATIC,1,[statically linked module])

6
contrib/slapd-modules/comp_match/README
View file

@ -51,7 +51,7 @@ you will get compmatch.la and other necessary files in ./libs
--component search filter example
"componentCertificate:componentCertificateMatch:=item:{ component
\"tbsCertificate.serialNumber\", rule allComponentsMatch, value 2 }"
You can find more examples in "test031-component-filter", a test script.
You can find more examples in "test031-component-filter", the test script.
How to add a new ASN.1 syntax other than the example
@ -83,5 +83,5 @@ before using it, don't forget to check following status of development,
See componentlib.c to check which ASN.1 types are currently supported
2) Component version of GSER encoders are not supported yet
3) Not all ComponentId of a component reference are supported yet
supported : identifier, from-beginning, count, from-end
not supported : all, select, content
supported : identifier, from-beginning, count, from-end, <all>
not supported : select, content

1003
contrib/slapd-modules/comp_match/certificate.c
View file

File diff suppressed because it is too large Load diff

114
contrib/slapd-modules/comp_match/certificate.h
View file

@ -3,7 +3,7 @@
/*
* certificate.h
* "AuthenticationFramework" ASN.1 module encode/decode/extracting/matching/free C src.
* This file was generated by modified eSMACC compiler Sat Oct 23 20:25:08 2004
* This file was generated by modified eSMACC compiler Tue Nov 23 23:28:16 2004
* The generated files are strongly encouraged to be
* compiled as a module for OpenLDAP Software
*/
@ -45,7 +45,6 @@ typedef ComponentInt ComponentVersion; /* INTEGER { V1 (0), V2 (1), V3 (2) } */
#define GDecComponentVersion GDecComponentInt
#define FreeComponentVersion FreeComponentInt
typedef ComponentInt ComponentCertificateSerialNumber; /* INTEGER */
@ -57,7 +56,6 @@ typedef ComponentInt ComponentCertificateSerialNumber; /* INTEGER */
#define GDecComponentCertificateSerialNumber GDecComponentInt
#define FreeComponentCertificateSerialNumber FreeComponentInt
typedef ComponentOid ComponentAttributeType; /* OBJECT IDENTIFIER */
@ -69,7 +67,6 @@ typedef ComponentOid ComponentAttributeType; /* OBJECT IDENTIFIER */
#define GDecComponentAttributeType GDecComponentOid
#define FreeComponentAttributeType FreeComponentOid
typedef ComponentBits ComponentUniqueIdentifier; /* BIT STRING */
@ -81,7 +78,6 @@ typedef ComponentBits ComponentUniqueIdentifier; /* BIT STRING */
#define GDecComponentUniqueIdentifier GDecComponentBits
#define FreeComponentUniqueIdentifier FreeComponentBits
typedef struct AlgorithmIdentifier /* SEQUENCE */
{
@ -96,16 +92,13 @@ typedef struct AlgorithmIdentifier /* SEQUENCE */
int MatchingComponentAlgorithmIdentifier PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentAlgorithmIdentifier PROTO ((ComponentReference *cr, ComponentAlgorithmIdentifier *comp ));
void* ExtractingComponentAlgorithmIdentifier PROTO (( void* mem_op, ComponentReference *cr, ComponentAlgorithmIdentifier *comp ));
int BDecComponentAlgorithmIdentifier PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentAlgorithmIdentifier **v, AsnLen *bytesDecoded, int mode));
int BDecComponentAlgorithmIdentifier PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentAlgorithmIdentifier **v, AsnLen *bytesDecoded, int mode));
int GDecComponentAlgorithmIdentifier PROTO ((GenBuf * b, ComponentAlgorithmIdentifier **v, AsnLen *bytesDecoded, int mode));
void FreeComponentAlgorithmIdentifier(ComponentAlgorithmIdentifier *v);
int GDecComponentAlgorithmIdentifier PROTO (( void* mem_op, GenBuf * b, ComponentAlgorithmIdentifier **v, AsnLen *bytesDecoded, int mode));
@ -130,16 +123,13 @@ typedef struct Time /* CHOICE */
int MatchingComponentTime PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentTime PROTO ((ComponentReference *cr, ComponentTime *comp ));
void* ExtractingComponentTime PROTO (( void* mem_op, ComponentReference *cr, ComponentTime *comp ));
int BDecComponentTime PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentTime **v, AsnLen *bytesDecoded, int mode));
int BDecComponentTime PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentTime **v, AsnLen *bytesDecoded, int mode));
int GDecComponentTime PROTO ((GenBuf * b, ComponentTime **v, AsnLen *bytesDecoded, int mode));
void FreeComponentTime(ComponentTime *v);
int GDecComponentTime PROTO (( void* mem_op, GenBuf * b, ComponentTime **v, AsnLen *bytesDecoded, int mode));
@ -156,16 +146,13 @@ typedef struct Extension /* SEQUENCE */
int MatchingComponentExtension PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentExtension PROTO ((ComponentReference *cr, ComponentExtension *comp ));
void* ExtractingComponentExtension PROTO (( void* mem_op, ComponentReference *cr, ComponentExtension *comp ));
int BDecComponentExtension PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentExtension **v, AsnLen *bytesDecoded, int mode));
int BDecComponentExtension PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentExtension **v, AsnLen *bytesDecoded, int mode));
int GDecComponentExtension PROTO ((GenBuf * b, ComponentExtension **v, AsnLen *bytesDecoded, int mode));
void FreeComponentExtension(ComponentExtension *v);
int GDecComponentExtension PROTO (( void* mem_op, GenBuf * b, ComponentExtension **v, AsnLen *bytesDecoded, int mode));
@ -182,16 +169,13 @@ typedef struct AttributeTypeAndValue /* SEQUENCE */
int MatchingComponentAttributeTypeAndValue PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentAttributeTypeAndValue PROTO ((ComponentReference *cr, ComponentAttributeTypeAndValue *comp ));
void* ExtractingComponentAttributeTypeAndValue PROTO (( void* mem_op, ComponentReference *cr, ComponentAttributeTypeAndValue *comp ));
int BDecComponentAttributeTypeAndValue PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentAttributeTypeAndValue **v, AsnLen *bytesDecoded, int mode));
int BDecComponentAttributeTypeAndValue PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentAttributeTypeAndValue **v, AsnLen *bytesDecoded, int mode));
int GDecComponentAttributeTypeAndValue PROTO ((GenBuf * b, ComponentAttributeTypeAndValue **v, AsnLen *bytesDecoded, int mode));
void FreeComponentAttributeTypeAndValue(ComponentAttributeTypeAndValue *v);
int GDecComponentAttributeTypeAndValue PROTO (( void* mem_op, GenBuf * b, ComponentAttributeTypeAndValue **v, AsnLen *bytesDecoded, int mode));
@ -208,16 +192,13 @@ typedef struct Validity /* SEQUENCE */
int MatchingComponentValidity PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentValidity PROTO ((ComponentReference *cr, ComponentValidity *comp ));
void* ExtractingComponentValidity PROTO (( void* mem_op, ComponentReference *cr, ComponentValidity *comp ));
int BDecComponentValidity PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentValidity **v, AsnLen *bytesDecoded, int mode));
int BDecComponentValidity PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentValidity **v, AsnLen *bytesDecoded, int mode));
int GDecComponentValidity PROTO ((GenBuf * b, ComponentValidity **v, AsnLen *bytesDecoded, int mode));
void FreeComponentValidity(ComponentValidity *v);
int GDecComponentValidity PROTO (( void* mem_op, GenBuf * b, ComponentValidity **v, AsnLen *bytesDecoded, int mode));
@ -234,16 +215,13 @@ typedef struct SubjectPublicKeyInfo /* SEQUENCE */
int MatchingComponentSubjectPublicKeyInfo PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentSubjectPublicKeyInfo PROTO ((ComponentReference *cr, ComponentSubjectPublicKeyInfo *comp ));
void* ExtractingComponentSubjectPublicKeyInfo PROTO (( void* mem_op, ComponentReference *cr, ComponentSubjectPublicKeyInfo *comp ));
int BDecComponentSubjectPublicKeyInfo PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentSubjectPublicKeyInfo **v, AsnLen *bytesDecoded, int mode));
int BDecComponentSubjectPublicKeyInfo PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentSubjectPublicKeyInfo **v, AsnLen *bytesDecoded, int mode));
int GDecComponentSubjectPublicKeyInfo PROTO ((GenBuf * b, ComponentSubjectPublicKeyInfo **v, AsnLen *bytesDecoded, int mode));
void FreeComponentSubjectPublicKeyInfo(ComponentSubjectPublicKeyInfo *v);
int GDecComponentSubjectPublicKeyInfo PROTO (( void* mem_op, GenBuf * b, ComponentSubjectPublicKeyInfo **v, AsnLen *bytesDecoded, int mode));
@ -252,16 +230,13 @@ typedef ComponentList ComponentExtensions; /* SEQUENCE SIZE 1..MAX OF Extension
int MatchingComponentExtensions PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentExtensions PROTO ((ComponentReference *cr, ComponentExtensions *comp ));
void* ExtractingComponentExtensions PROTO (( void* mem_op, ComponentReference *cr, ComponentExtensions *comp ));
int BDecComponentExtensions PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentExtensions **v, AsnLen *bytesDecoded, int mode));
int BDecComponentExtensions PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentExtensions **v, AsnLen *bytesDecoded, int mode));
int GDecComponentExtensions PROTO ((GenBuf * b, ComponentExtensions **v, AsnLen *bytesDecoded, int mode));
void FreeComponentExtensions(ComponentExtensions *v);
int GDecComponentExtensions PROTO (( void* mem_op, GenBuf * b, ComponentExtensions **v, AsnLen *bytesDecoded, int mode));
@ -270,16 +245,13 @@ typedef ComponentList ComponentRelativeDistinguishedName; /* SET OF AttributeTyp
int MatchingComponentRelativeDistinguishedName PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentRelativeDistinguishedName PROTO ((ComponentReference *cr, ComponentRelativeDistinguishedName *comp ));
void* ExtractingComponentRelativeDistinguishedName PROTO (( void* mem_op, ComponentReference *cr, ComponentRelativeDistinguishedName *comp ));
int BDecComponentRelativeDistinguishedName PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentRelativeDistinguishedName **v, AsnLen *bytesDecoded, int mode));
int BDecComponentRelativeDistinguishedName PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentRelativeDistinguishedName **v, AsnLen *bytesDecoded, int mode));
int GDecComponentRelativeDistinguishedName PROTO ((GenBuf * b, ComponentRelativeDistinguishedName **v, AsnLen *bytesDecoded, int mode));
void FreeComponentRelativeDistinguishedName(ComponentRelativeDistinguishedName *v);
int GDecComponentRelativeDistinguishedName PROTO (( void* mem_op, GenBuf * b, ComponentRelativeDistinguishedName **v, AsnLen *bytesDecoded, int mode));
@ -288,16 +260,13 @@ typedef ComponentList ComponentRDNSequence; /* SEQUENCE OF RelativeDistinguished
int MatchingComponentRDNSequence PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentRDNSequence PROTO ((ComponentReference *cr, ComponentRDNSequence *comp ));
void* ExtractingComponentRDNSequence PROTO (( void* mem_op, ComponentReference *cr, ComponentRDNSequence *comp ));
int BDecComponentRDNSequence PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentRDNSequence **v, AsnLen *bytesDecoded, int mode));
int BDecComponentRDNSequence PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentRDNSequence **v, AsnLen *bytesDecoded, int mode));
int GDecComponentRDNSequence PROTO ((GenBuf * b, ComponentRDNSequence **v, AsnLen *bytesDecoded, int mode));
void FreeComponentRDNSequence(ComponentRDNSequence *v);
int GDecComponentRDNSequence PROTO (( void* mem_op, GenBuf * b, ComponentRDNSequence **v, AsnLen *bytesDecoded, int mode));
@ -320,16 +289,13 @@ typedef struct Name /* CHOICE */
int MatchingComponentName PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentName PROTO ((ComponentReference *cr, ComponentName *comp ));
void* ExtractingComponentName PROTO (( void* mem_op, ComponentReference *cr, ComponentName *comp ));
int BDecComponentName PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentName **v, AsnLen *bytesDecoded, int mode));
int BDecComponentName PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentName **v, AsnLen *bytesDecoded, int mode));
int GDecComponentName PROTO ((GenBuf * b, ComponentName **v, AsnLen *bytesDecoded, int mode));
void FreeComponentName(ComponentName *v);
int GDecComponentName PROTO (( void* mem_op, GenBuf * b, ComponentName **v, AsnLen *bytesDecoded, int mode));
@ -354,16 +320,13 @@ typedef struct TBSCertificate /* SEQUENCE */
int MatchingComponentTBSCertificate PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentTBSCertificate PROTO ((ComponentReference *cr, ComponentTBSCertificate *comp ));
void* ExtractingComponentTBSCertificate PROTO (( void* mem_op, ComponentReference *cr, ComponentTBSCertificate *comp ));
int BDecComponentTBSCertificate PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentTBSCertificate **v, AsnLen *bytesDecoded, int mode));
int BDecComponentTBSCertificate PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentTBSCertificate **v, AsnLen *bytesDecoded, int mode));
int GDecComponentTBSCertificate PROTO ((GenBuf * b, ComponentTBSCertificate **v, AsnLen *bytesDecoded, int mode));
void FreeComponentTBSCertificate(ComponentTBSCertificate *v);
int GDecComponentTBSCertificate PROTO (( void* mem_op, GenBuf * b, ComponentTBSCertificate **v, AsnLen *bytesDecoded, int mode));
@ -381,16 +344,13 @@ typedef struct Certificate /* SEQUENCE */
int MatchingComponentCertificate PROTO (( char *oid, ComponentSyntaxInfo *, ComponentSyntaxInfo *v2 ));
void* ExtractingComponentCertificate PROTO ((ComponentReference *cr, ComponentCertificate *comp ));
void* ExtractingComponentCertificate PROTO (( void* mem_op, ComponentReference *cr, ComponentCertificate *comp ));
int BDecComponentCertificate PROTO ((GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentCertificate **v, AsnLen *bytesDecoded, int mode));
int BDecComponentCertificate PROTO ((void* mem_op, GenBuf * b, AsnTag tagId0, AsnLen elmtLen0, ComponentCertificate **v, AsnLen *bytesDecoded, int mode));
int GDecComponentCertificate PROTO ((GenBuf * b, ComponentCertificate **v, AsnLen *bytesDecoded, int mode));
void FreeComponentCertificate(ComponentCertificate *v);
int GDecComponentCertificate PROTO (( void* mem_op, GenBuf * b, ComponentCertificate **v, AsnLen *bytesDecoded, int mode));

138
contrib/slapd-modules/comp_match/component.h
View file

@ -41,11 +41,10 @@ typedef struct ComponentBits {
#define GASNBITS_PRESENT(abits) ((abits)->value.bits != NULL)
#define COMPONENTBITS_PRESENT(abits) ((abits)->value.bits != NULL)
int GDecComponentBits (GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentBits (GenBuf *b, AsnTag tagId, AsnLen len, void *result,
AsnLen *bytesDecoded, int mode);
int GDecComponentBits (void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentBits (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentBits (char* oid, ComponentSyntaxInfo *bits1 , ComponentSyntaxInfo* bits2);
#define ExtractingComponentBits(cr,data) NULL
#define ExtractingComponentBits( mem_op, cr,data ) NULL
/*
* BMP String
@ -58,12 +57,10 @@ typedef struct ComponentBMPString {
BMPString value;
} ComponentBMPString;
int GDecComponentBMPString (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentBMPString (GenBuf *b, AsnTag tagId, AsnLen len, void *result,
AsnLen *bytesDecoded, int mode);
int GDecComponentBMPString (void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentBMPString (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
#define MatchingComponentBMPString MatchingComponentOcts
#define ExtractingComponentBMPString(cr,data) NULL
#define ExtractingComponentBMPString( mem_op, cr, data ) NULL
#define FreeComponentBMPString FreeComponentOcts
/*
@ -77,12 +74,10 @@ typedef struct ComponentBool {
AsnBool value;
} ComponentBool;
int GDecComponentBool (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentBool (GenBuf *b, AsnTag tagId, AsnLen len, void *result,
AsnLen *bytesDecoded, int mode);
int GDecComponentBool ( void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentBool ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentBool (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentBool(cr,data) NULL
#define ExtractingComponentBool( mem_op, cr, data ) NULL
#define FreeComponentBool(v) NULL
/*
@ -97,11 +92,10 @@ typedef struct ComponentEnum {
struct berval value_identifier;/*Why this value is defined here?*/
} ComponentEnum;
int GDecComponentEnum (GenBuf *a, void *result, AsnLen *bytesDecoded,int mode);
int BDecComponentEnum (GenBuf *b, AsnTag tagId, AsnLen len, void *result,
AsnLen *bytesDecoded, int mode);
int GDecComponentEnum ( void* mem_op, GenBuf *a, void *result, AsnLen *bytesDecoded,int mode);
int BDecComponentEnum ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentEnum (char *oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo * b);
#define ExtractingComponentEnum(cr,data) NULL
#define ExtractingComponentEnum( mem_op, cr, data ) NULL
#define FreeComponentEnum FreeComponentInt
/*
@ -116,10 +110,9 @@ typedef struct ComponentIA5String {
} ComponentIA5String;
#define GDecComponentIA5String GDecComponentUTF8String
int BDecComponentIA5String (GenBuf *b, AsnTag tagId, AsnLen len, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentIA5String ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
#define MatchingComponentIA5String MatchingComponentOcts
#define ExtractingComponentIA5String(cr,data) NULL
#define ExtractingComponentIA5String(mem_op, cr,data) NULL
#define FreeComponentIA5String FreeComponentOcts
@ -136,11 +129,10 @@ typedef struct ComponentInt {
#define GNOT_NULL(ptr) ((ptr) != NULL)
int GDecComponentInt (GenBuf *b, void *result, AsnLen *bytesDecoded, int mode );
int BDecComponentInt (GenBuf *b, AsnTag tagId, AsnLen len, void *result,
AsnLen *bytesDecoded, int mode);
int GDecComponentInt ( void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode );
int BDecComponentInt ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentInt (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentInt(cr,data) NULL
#define ExtractingComponentInt(mem_op, cr,data) NULL
#define FreeComponentInt(v) NULL
/*
@ -165,13 +157,11 @@ typedef struct ComponentNull {
AsnNull value;
} ComponentNull;
int GDecComponentNull (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentNull (GenBuf *b, AsnTag tagId, AsnLen len, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentNullTag ( GenBuf *b, void *v, AsnLen *bytesDecoded, int mode );
int GDecComponentNull ( void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentNull ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentNullTag ( void* mem_op, GenBuf *b, void *v, AsnLen *bytesDecoded, int mode );
int MatchingComponentNull (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentNull(cr,data) NULL
#define ExtractingComponentNull(mem_op, cr, data) NULL
#define FreeComponentNull NULL
/*
@ -186,10 +176,9 @@ typedef struct ComponentNumericString {
} ComponentNumericString;
#define GDecComponentNumericString GDecComponentUTF8String
int BDecComponentNumericString (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentNumericString ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
#define MatchingComponentNumericString MatchingComponentOcts
#define ExtractingComponentNumericString(cr,data) NULL
#define ExtractingComponentNumericString(mem_op, cr,data) NULL
#define FreeComponentNumericString FreeComponentOcts
/*
@ -205,12 +194,10 @@ typedef struct ComponentOcts {
#define GASNOCTS_PRESENT(aocts) ((aocts)->value.octs != NULL)
int GDecComponentOcts (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentOcts (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int GDecComponentOcts (void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentOcts (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentOcts (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentOcts(cr,data) NULL
#define ExtractingComponentOcts(mem_op,cr,data) NULL
void FreeComponentOcts( ComponentOcts* octs );
/*
@ -226,12 +213,10 @@ typedef struct ComponentOid {
#define GASNOID_PRESENT(aoid) ASNOCTS_PRESENT(aoid)
int GDecComponentOid (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentOid (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int GDecComponentOid (void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentOid (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentOid (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentOid(cr,data) NULL
#define ExtractingComponentOid(mem_op, cr, data) NULL
#define FreeComponentOid FreeComponentOcts
/*
@ -246,11 +231,10 @@ typedef struct ComponentPrintableString{
} ComponentPrintableString;
#define GDecComponentPrintableString GDecComponentUTF8String
int BDecComponentPrintableString (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentPrintableStringTag ( GenBuf *b, void *v, AsnLen *bytesDecoded, int mode );
int BDecComponentPrintableString (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentPrintableStringTag (void* mem_op, GenBuf *b, void *v, AsnLen *bytesDecoded, int mode );
#define MatchingComponentPrintableString MatchingComponentOcts
#define ExtractingComponentPrintableString(cr,data) NULL
#define ExtractingComponentPrintableString(mem_op, cr, data) NULL
#define FreeComponentPrintableString FreeComponentOcts
/*
@ -264,12 +248,10 @@ typedef struct ComponentReal{
AsnReal value;
} ComponentReal;
int GDecComponentReal (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentReal (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int GDecComponentReal (void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentReal (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentReal (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentReal(cr,data) NULL
#define ExtractingComponentReal( mem_op, cr, data ) NULL
#define FreeComponentReal(v) NULL
/*
@ -284,12 +266,10 @@ typedef struct ComponentRelativeOid {
AsnRelativeOid value;
} ComponentRelativeOid;
int GDecComponentRelativeOid (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentRelativeOid (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int GDecComponentRelativeOid ( void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentRelativeOid ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentRelativeOid (char* oid, ComponentSyntaxInfo *a, ComponentSyntaxInfo *b);
#define ExtractingComponentRelativeOid(cr,data)
#define ExtractingComponentRelativeOid( mem_op, cr, data ) NULL
#define FreeComponentRelativeOid FreeComponentOid
/*
@ -303,11 +283,10 @@ typedef struct ComponentTeletexString {
TeletexString value;
} ComponentTeletexString;
int GDecComponentTeletexString (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int GDecComponentTeletexString ( void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode );
#define BDecComponentTeletexString BDecComponentOcts
#define MatchingComponentTeletexString MatchingComponentOcts
#define ExtractingComponentTeletexString(cr,data)
#define ExtractingComponentTeletexString(mem_op,cr,data)
#define FreeComponentTeletexString FreeComponentOcts
@ -322,12 +301,10 @@ typedef struct ComponentUniversalString{
UniversalString value;
} ComponentUniversalString;
int GDecComponentUniversalString (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentUniversalString (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int GDecComponentUniversalString ( void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentUniversalString ( void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
#define MatchingComponentUniversalString MatchingComponentOcts
#define ExtractingComponentUniversalString(cr,data)
#define ExtractingComponentUniversalString(mem_op,cr,data)
#define FreeComponentUniversalString FreeComponentOcts
/*
@ -341,12 +318,10 @@ typedef struct ComponentUTF8String{
UTF8String value;
} ComponentUTF8String;
int GDecComponentUTF8String (GenBuf *b, void *result,
AsnLen *bytesDecoded, int mode);
int BDecComponentUTF8String (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int GDecComponentUTF8String (void* mem_op, GenBuf *b, void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentUTF8String (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
#define MatchingComponentUTF8String MatchingComponentOcts
#define ExtractingComponentUTF8String(cr,data)
#define ExtractingComponentUTF8String(mem_op,cr,data)
#define FreeComponentUTF8String FreeComponentOcts
/*
@ -361,10 +336,9 @@ typedef struct ComponentVisibleString{
} ComponentVisibleString;
#define GDecComponentVisibleString GDecComponentUTF8String
int BDecComponentVisibleString (GenBuf *b, AsnTag tagId, AsnLen len,
void *result, AsnLen *bytesDecoded, int mode);
int BDecComponentVisibleString (void* mem_op, GenBuf *b, AsnTag tagId, AsnLen len, void *result, AsnLen *bytesDecoded, int mode);
#define MatchingComponentVisibleString MatchingComponentOcts
#define ExtractingComponentVisibleString(cr,data)
#define ExtractingComponentVisibleString(mem_op,cr,data)
#define FreeComponentVisibleString FreeComponentOcts
/*
@ -372,7 +346,7 @@ int BDecComponentVisibleString (GenBuf *b, AsnTag tagId, AsnLen len,
*/
typedef int (*MatchFcn) (char*, void*, void*);
typedef void* (*ExtractFcn) (ComponentReference*, void * );
typedef void* (*ExtractFcn) (void*, ComponentReference*, void * );
typedef struct ComponentAnyInfo
{
@ -405,8 +379,8 @@ typedef ComponentAny ComponentAnyDefinedBy;
#define MatchingComponentAnyDefinedBy MatchingComponentAny
#define FreeComponentAnyDefinedBy FreeComponentAny
int BDecComponentAny (GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode);
int GDecComponentAny (GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode);
int BDecComponentAny ( void* mem_op, GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode);
int GDecComponentAny ( void* mem_op, GenBuf *b, ComponentAny *result, AsnLen *bytesDecoded, int mode);
int MatchingComponentAny (char* oid, ComponentAny *a, ComponentAny *b);
void FreeComponentAny ( ComponentAny*);
@ -422,7 +396,7 @@ typedef ComponentVisibleString ComponentUTCTime;
#define GDecComponentUTCTime GDecComponentVisibleString
#define BDecComponentUTCTime BDecComponentOcts
#define MatchingComponentUTCTime MatchingComponentOcts
#define ExtractingComponentUTCTime(cr,data)
#define ExtractingComponentUTCTime(mem_op,cr,data) NULL
#define FreeComponentUTCTime FreeComponentOcts
/*
@ -432,7 +406,7 @@ typedef ComponentVisibleString ComponentGeneralizedTime;
#define GDecComponentGeneralizedTime GDecComponentVisibleString
#define BDecComponentGeneralizedTime BDecComponentOcts
#define MatchingComponentGeneralizedTime MatchingComponentOcts
#define ExtractingComponentGeneralizedTime(cr,data)
#define ExtractingComponentGeneralizedTime(mem_op,cr,data) NULL
#define FreeComponentGeneralizedTime FreeComponentOcts
typedef int converter_func LDAP_P ((
@ -479,7 +453,7 @@ typedef struct OID_Decoder_entry {
} OD_entry;
void
m_convert_asn_to_ldap( ComponentSyntaxInfo* csi, struct berval* bv);
m_convert_asn_to_ldap ( ComponentSyntaxInfo* csi, struct berval* bv);
int
m_convert_assert_to_comp ( gser_decoder_func* decoder, struct berval* bv,
ComponentSyntaxInfo** csi, int len, int mode );
@ -511,6 +485,10 @@ m_convert_attr_to_comp ( Attribute* a, struct berval* bv );
#define CALL_TAG_DECODER 0x08
#define CALL_CONTENT_DECODER ~0x08
#define OID_ALL_COMP_MATCH "1.2.36.79672281.1.13.6"
#define OID_COMP_FILTER_MATCH "1.2.36.79672281.1.13.2"
#define MAX_LDAP_STR_LEN 128
MatchingRule*
retrieve_matching_rule( char* mr_oid, AsnTypeId type );

785
contrib/slapd-modules/comp_match/componentlib.c
View file

File diff suppressed because it is too large Load diff

319
contrib/slapd-modules/comp_match/init.c
View file

@ -147,30 +147,34 @@ comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv
* The flag of Attribute will say something about it in the future
*/
if ( slap_syntax_is_ber ( syn ) ) {
rc =BDecComponentTop(od_entry->oe_ber_decoder, b, 0,0,
&component,&bytesDecoded,mode ) ;
rc =BDecComponentTop(od_entry->oe_ber_decoder, a->a_comp_data->cd_mem_op, b, 0,0, &component,&bytesDecoded,mode ) ;
}
else {
rc = od_entry->oe_gser_decoder(b, component,&bytesDecoded,mode);
rc = od_entry->oe_gser_decoder( a->a_comp_data->cd_mem_op, b, component,&bytesDecoded,mode);
}
if ( rc == -1 )
if ( rc == -1 ) {
ShutdownNibbleMemLocal ( a->a_comp_data->cd_mem_op );
a->a_comp_data->cd_mem_op = NULL;
return (void*)NULL;
}
else
return component;
}
#include <nibble-alloc.h>
void
comp_free_component LDAP_P (( ComponentSyntaxInfo *csi )) {
if ( csi->csi_comp_desc->cd_free )
csi->csi_comp_desc->cd_free(csi);
free ( csi->csi_comp_desc );
free ( csi );
comp_free_component ( void* mem_op ) {
ShutdownNibbleMemLocal( (NibbleMem*)mem_op );
return;
}
int
comp_convert_assert_to_comp LDAP_P (( ComponentSyntaxInfo *csi_attr, struct berval* bv,
ComponentSyntaxInfo** csi, int* len, int mode ))
comp_convert_assert_to_comp (
void* mem_op,
ComponentSyntaxInfo *csi_attr,
struct berval* bv,
ComponentSyntaxInfo** csi, int* len, int mode )
{
GenBuf* genBuf;
ExpBuf* buf;
@ -186,12 +190,11 @@ comp_convert_assert_to_comp LDAP_P (( ComponentSyntaxInfo *csi_attr, struct berv
if ( csi_attr->csi_comp_desc->cd_type_id == BASICTYPE_ANY )
decoder = ((ComponentAny*)csi_attr)->cai->GSER_Decode;
return (*decoder)( genBuf, csi, len, mode );
return (*decoder)( mem_op, genBuf, csi, len, mode );
}
int intToAscii( int value, char* buf ) {
int minus=0,i,temp;
char digit;
int total_num_digits;
if ( value == 0 ){
@ -212,7 +215,7 @@ int intToAscii( int value, char* buf ) {
total_num_digits += minus;
for ( i = minus ; value ; i++ ) {
buf[ total_num_digits - i ]= (char)(value%10 + '0');
buf[ total_num_digits - i - 1 ]= (char)(value%10 + '0');
value = value/10;
}
return i;
@ -312,6 +315,283 @@ comp_convert_asn_to_ldap LDAP_P(( ComponentSyntaxInfo* csi, struct berval* bv ))
return LDAP_SUCCESS;
}
/*
* If <all> type component referenced is used
* more than one component will be tested
*/
#define IS_TERMINAL_COMPREF(cr) (cr->cr_curr->ci_next == NULL)
int
comp_test_all_components (
void* mem_op,
ComponentSyntaxInfo *csi_attr,
ComponentAssertion* ca )
{
int rc;
ComponentSyntaxInfo *csi_temp = NULL, *csi_assert = NULL, *comp_elmt = NULL;
ComponentReference *cr = ca->ca_comp_ref;
struct berval *ca_val = &ca->ca_ma_value;
switch ( cr->cr_curr->ci_type ) {
case LDAP_COMPREF_IDENTIFIER:
case LDAP_COMPREF_FROM_BEGINNING:
case LDAP_COMPREF_FROM_END:
csi_temp = (ComponentSyntaxInfo*)csi_attr->csi_comp_desc->cd_extract_i( mem_op, cr, csi_attr );
if ( cr->cr_curr->ci_type == LDAP_COMPREF_ALL ) {
rc = comp_test_all_components ( mem_op, csi_temp, ca );
} else {
rc = comp_test_one_component( mem_op, csi_temp, ca );
}
break;
case LDAP_COMPREF_COUNT:
/* "count" component reference should be the last component id */
if ( IS_TERMINAL_COMPREF(cr) ) {
ComponentInt *k;
k = (ComponentInt*)CompAlloc( mem_op, sizeof(ComponentInt) );
k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
k->comp_desc->cd_tag = 0;
k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentInt;
k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentInt;
k->comp_desc->cd_extract_i = (extract_component_from_id_func*)NULL;
k->comp_desc->cd_type = ASN_BASIC;
k->comp_desc->cd_type_id = BASICTYPE_INTEGER;
k->comp_desc->cd_all_match = (allcomponent_matching_func*)MatchingComponentInt;
k->value = AsnListCount(&((ComponentList*)csi_attr)->comp_list);
rc = comp_test_one_component( mem_op, k, ca );
} else {
rc = LDAP_INVALID_SYNTAX;
}
break;
case LDAP_COMPREF_ALL:
if ( IS_TERMINAL_COMPREF(cr) ) {
FOR_EACH_LIST_ELMT( comp_elmt, &((ComponentList*)csi_attr)->comp_list )
{
rc = comp_test_one_component( mem_op, comp_elmt, ca );
if ( rc == LDAP_COMPARE_TRUE ) {
break;
}
}
} else {
ComponentId *start_compid = ca->ca_comp_ref->cr_curr->ci_next;
FOR_EACH_LIST_ELMT( comp_elmt, &((ComponentList*)csi_attr)->comp_list )
{
cr->cr_curr = start_compid;
csi_temp = comp_elmt->csi_comp_desc->cd_extract_i( mem_op, cr, comp_elmt );
if ( cr->cr_curr->ci_type == LDAP_COMPREF_ALL ) {
rc = comp_test_all_components ( mem_op, csi_temp, ca );
} else {
rc = comp_test_one_component ( mem_op, csi_temp, ca );
}
if ( rc == LDAP_COMPARE_TRUE ) {
break;
}
}
}
break;
case LDAP_COMPREF_CONTENT:
case LDAP_COMPREF_SELECT:
case LDAP_COMPREF_DEFINED:
case LDAP_COMPREF_UNDEFINED:
rc = LDAP_OPERATIONS_ERROR;
break;
default:
rc = LDAP_OPERATIONS_ERROR;
}
return rc;
}
void
eat_bv_whsp ( struct berval* in )
{
char* end = in->bv_val + in->bv_len;
for ( ; ( *in->bv_val == ' ' ) && ( in->bv_val < end ) ; ) {
in->bv_val++;
}
}
int
get_primitive_GSER_value ( struct berval* in )
{
int count, sequent_dquote, unclosed_brace, succeed;
char* ptr = in->bv_val;
char* end = in->bv_val + in->bv_len;
eat_bv_whsp( in );
/*
* Four cases of GSER <Values>
* 1) "..." :
* StringVal, GeneralizedTimeVal, UTCTimeVal, ObjectDescriptorVal
* 2) '...'B or '...'H :
* BitStringVal, OctetStringVal
* 3) {...} :
* SEQUENCE, SEQUENCEOF, SETOF, SET, CHOICE, BIT STRING(bit list)
* 4) Between two white spaces
* INTEGER, BOOLEAN, NULL,ENUMERATE, REAL
*/
if ( in->bv_len <= 0 )
return LDAP_INVALID_SYNTAX;
succeed = 0;
if ( ptr[0] == '"' ) {
for( count = 1, sequent_dquote = 0 ; ; count++ ) {
/* In order to find escaped double quote */
if ( ptr[count] == '"' ) sequent_dquote++;
else sequent_dquote = 0;
if ( ptr[count] == '\0' || (ptr + count) > end ) {
break;
}
if ( ( ptr[count] == '"' && ptr[count-1] != '"') ||
( sequent_dquote > 2 && (sequent_dquote%2) == 1 ) ) {
succeed = 1;
break;
}
}
if ( !succeed || ptr[count] != '"' )
return LDAP_FILTER_ERROR;
in->bv_val = ptr+1; /*the next to '"'*/
in->bv_len = count - 1; /* exclude '"' */
}
else if ( ptr[0] == '\'' ) {
for( count = 1 ; ; count++ ) {
if ( ptr[count] == '\0' || (ptr+count) > end ) {
break;
}
if ((ptr[count-1] == '\'' && ptr[count] == 'B')||
(ptr[count-1] == '\'' && ptr[count] == 'H') ) {
succeed = 1;
break;
}
}
if ( !succeed || !(ptr[count] == 'H' || ptr[count] == 'B') )
return LDAP_FILTER_ERROR;
in->bv_val = ptr+1; /* the next to '"' */
in->bv_len = count - 2; /* exclude "'H" or "'B" */
}
else if ( ptr[0] == '{' ) {
for( count = 1, unclosed_brace = 1 ; ; count++ ) {
if ( ptr[count] == '{' ) unclosed_brace++;
if ( ptr[count] == '}' ) unclosed_brace--;
if ( ptr[count] == '\0' || (ptr+count) > end )
break;
if ( unclosed_brace == 0 ) {
succeed = 1;
break;
}
}
if ( !succeed || ptr[count] != '}' )
return LDAP_FILTER_ERROR;
in->bv_val = ptr+1; /*the next to '"'*/
in->bv_len = count - 1; /* exclude '"' */
}
else {
/*Find following white space where the value is ended*/
for( count = 1 ; ; count++ ) {
if ( ptr[count] == '\0' || ptr[count] == ' ' ||
(ptr+count) >end ) {
break;
}
}
if ( ptr[count] != ' ' )
return LDAP_FILTER_ERROR;
in->bv_val = ptr; /*the next to '"'*/
in->bv_len = count; /* exclude '"' */
}
return LDAP_SUCCESS;
}
/*
* Perform matching one referenced component against assertion
* If the matching rule in a component filter is allComponentsMatch
* or its derivatives the extracted component's ASN.1 specification
* is applied to the assertion value as its syntax
* Otherwise, the matching rule's syntax is applied to the assertion value
* By RFC 3687
*/
int
comp_test_one_component (
void* mem_op,
ComponentSyntaxInfo *csi_attr,
ComponentAssertion *ca )
{
int len;
ComponentSyntaxInfo *csi_assert = NULL;
char* oid = NULL;
MatchingRule* mr = ca->ca_ma_rule;
if ( mr->smr_usage & SLAP_MR_COMPONENT ) {
/* If allComponentsMatch or its derivatives */
if ( !ca->ca_comp_data.cd_tree ) {
comp_convert_assert_to_comp( mem_op, csi_attr, &ca->ca_ma_value, &csi_assert, &len, DEC_ALLOC_MODE_0 );
ca->ca_comp_data.cd_tree = (void*)csi_assert;
} else {
csi_assert = ca->ca_comp_data.cd_tree;
}
if ( !csi_assert )
return LDAP_PROTOCOL_ERROR;
if ( strcmp( mr->smr_mrule.mr_oid, OID_ALL_COMP_MATCH ) != 0 )
{
/* allComponentMatch's derivatives */
oid = mr->smr_mrule.mr_oid;
}
return csi_attr->csi_comp_desc->cd_all_match(
oid, csi_attr, csi_assert );
} else {
/* LDAP existing matching rules */
struct berval attr_bv;
struct berval* assert_bv = &ca->ca_ma_value;
char attr_buf[MAX_LDAP_STR_LEN];
if ( csi_attr->csi_comp_desc->cd_type == ASN_BASIC ) {
/*Attribute component is converted to compatible LDAP encodings*/
attr_bv.bv_val = attr_buf;
if ( comp_convert_asn_to_ldap( csi_attr, &attr_bv ) != LDAP_SUCCESS )
return LDAP_INAPPROPRIATE_MATCHING;
/*Assertion value is validated by MR's syntax*/
if ( get_primitive_GSER_value( assert_bv ) != LDAP_SUCCESS )
return LDAP_INVALID_SYNTAX;
if ( mr->smr_syntax->ssyn_validate( mr->smr_syntax, assert_bv ) != LDAP_SUCCESS ) {
return LDAP_INVALID_SYNTAX;
}
return csi_value_match( mr, &attr_bv, assert_bv );
} else if ( csi_attr->csi_comp_desc->cd_type == ASN_COMPOSITE ) {
return LDAP_INAPPROPRIATE_MATCHING;
}
}
}
void*
comp_nibble_memory_allocator ( int init_mem, int inc_mem ) {
void* nm;
nm = InitNibbleMemLocal( init_mem, inc_mem );
if ( !nm ) return NULL;
else return (void*)nm;
}
void
comp_nibble_memory_free ( void* nm ) {
ShutdownNibbleMemLocal( nm );
}
#if SLAPD_COMP_MATCH == SLAPD_MOD_DYNAMIC
#include "certificate.h"
@ -320,6 +600,11 @@ extern convert_attr_to_comp_func* attr_converter;
extern convert_assert_to_comp_func* assert_converter;
extern convert_asn_to_ldap_func* csi_converter;
extern free_component_func* component_destructor;
extern test_component_func* test_one_component;
extern test_component_func* test_all_components;
extern alloc_nibble_func* nibble_mem_allocator;
extern free_nibble_func* nibble_mem_free;
int init_module(int argc, char *argv[]) {
/*
@ -329,8 +614,14 @@ int init_module(int argc, char *argv[]) {
assert_converter = comp_convert_assert_to_comp;
csi_converter = comp_convert_asn_to_ldap;
component_destructor = comp_free_component;
test_one_component = comp_test_one_component;
test_all_components = comp_test_all_components;
nibble_mem_allocator = comp_nibble_memory_allocator;
nibble_mem_free = comp_nibble_memory_free;
/* file path needs to be */
load_derived_matching_rule ("derived_mr.cfg");
/* the initialization for example X.509 certificate */
init_module_AuthenticationFramework();
return 0;

12
servers/slapd/attr.c
View file

@ -50,9 +50,9 @@ attr_free( Attribute *a )
ber_bvarray_free( a->a_nvals );
ber_bvarray_free( a->a_vals );
#ifdef LDAP_COMP_MATCH
if ( component_destructor && a->a_component_values ) {
component_destructor(a->a_component_values);
a->a_component_values = NULL;
if ( component_destructor && a->a_comp_data && a->a_comp_data->cd_mem_op ) {
component_destructor( a->a_comp_data->cd_mem_op );
free ( a->a_comp_data );
}
#endif
free( a );
@ -118,7 +118,7 @@ attr_dup( Attribute *a )
tmp->a_next = NULL;
tmp->a_flags = 0;
#ifdef LDAP_COMP_MATCH
tmp->a_component_values = NULL;
tmp->a_comp_data = NULL;
#endif
return tmp;
@ -181,7 +181,7 @@ attr_merge(
(*a)->a_next = NULL;
(*a)->a_flags = 0;
#ifdef LDAP_COMP_MATCH
(*a)->a_component_values = NULL;
(*a)->a_comp_data = NULL;
#endif
}
@ -265,7 +265,7 @@ attr_merge_one(
(*a)->a_next = NULL;
(*a)->a_flags = 0;
#ifdef LDAP_COMP_MATCH
(*a)->a_component_values = NULL;
(*a)->a_comp_data = NULL;
#endif
}

170
servers/slapd/component.c
View file

@ -32,10 +32,14 @@
* This three function pointers are initialized
* when a component module is loaded
*/
alloc_nibble_func* nibble_mem_allocator = NULL;
free_nibble_func* nibble_mem_free = NULL;
convert_attr_to_comp_func* attr_converter = NULL ;
convert_assert_to_comp_func* assert_converter = NULL ;
convert_asn_to_ldap_func* csi_converter = NULL ;
free_component_func* component_destructor = NULL ;
test_component_func* test_one_component = NULL;
test_component_func* test_all_components = NULL;
#define OID_ALL_COMP_MATCH "1.2.36.79672281.1.13.6"
#define OID_COMP_FILTER_MATCH "1.2.36.79672281.1.13.2"
@ -117,6 +121,19 @@ componentFilterMatch (
}
}
int
directoryComponentsMatch(
int *matchp,
slap_mask_t flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
void *assertedValue )
{
/* Only for Registeration */
*matchp = 0;
return LDAP_SUCCESS;
}
int
allComponentsMatch(
@ -137,12 +154,8 @@ slapd_ber2cav( struct berval* bv, ComponentAssertionValue* cav)
{
int len;
len = ldap_pvt_filter_value_unescape( bv->bv_val );
if ( len == -1 ) {
return LDAP_FILTER_ERROR;
}
cav->cav_ptr = cav->cav_buf = bv->bv_val;
cav->cav_end = bv->bv_val + len;
cav->cav_end = bv->bv_val + bv->bv_len;
return LDAP_SUCCESS;
}
@ -273,15 +286,22 @@ get_componentId( Operation *op, ComponentAssertionValue* cav,
cav->cav_ptr++;
break;
case LDAP_COMPREF_CONTENT :
/* FIXEME: yet to be implemented */
_cid.ci_val.ci_content = 1;
cav->cav_ptr += strlen("content");
break;
case LDAP_COMPREF_SELECT :
/* FIXEME: yet to be implemented */
if ( cav->cav_ptr[len] != '(' )
return LDAP_COMPREF_UNDEFINED;
for( ;cav->cav_ptr[len] != ' ' && cav->cav_ptr[len] != '\0' &&
cav->cav_ptr[len] != '.' && cav->cav_ptr[len] != '\"' &&
cav->cav_ptr[len] != ')' ; len++ );
_cid.ci_val.ci_select_value.bv_val = cav->cav_ptr + 1;
_cid.ci_val.ci_select_value.bv_len = len - 1 ;
cav->cav_ptr += len;
break;
case LDAP_COMPREF_ALL :
_cid.ci_val.ci_all = '*';
cav->cav_ptr++;
Debug( LDAP_DEBUG_FILTER, "get_compId : ALL\n", 0, 0, 0 );
break;
default :
return LDAP_COMPREF_UNDEFINED;
@ -302,6 +322,8 @@ peek_componentId_type( ComponentAssertionValue* cav )
return LDAP_COMPREF_SELECT;
else if ( cav->cav_ptr[0] == '*' )
return LDAP_COMPREF_ALL;
else if ( strncmp(cav->cav_ptr,"all",3) == 0 )
return LDAP_COMPREF_ALL;
else if ( cav->cav_ptr[0] == '0' )
return LDAP_COMPREF_COUNT;
else if ( cav->cav_ptr[0] > '0' && cav->cav_ptr[0] <= '9' )
@ -338,11 +360,15 @@ get_component_reference( Operation *op, ComponentAssertionValue* cav,
ComponentId** cr_list;
eat_whsp( cav );
if ( ( rc = strip_cav_str( cav,"\"") ) != LDAP_SUCCESS )
return rc;
ca_comp_ref =
op->o_tmpalloc( sizeof( ComponentReference ), op->o_tmpmemctx );
cr_list = &ca_comp_ref->cr_list;
strip_cav_str( cav, "\"");
for ( type = peek_componentId_type( cav ) ; type != LDAP_COMPREF_UNDEFINED
; type = comp_next_id( cav ), count++ ) {
rc = get_componentId( op, cav, cr_list, text );
@ -354,7 +380,11 @@ get_component_reference( Operation *op, ComponentAssertionValue* cav,
return rc;
}
ca_comp_ref->cr_len = count;
strip_cav_str( cav, "\"");
if ( ( rc = strip_cav_str( cav,"\"") ) != LDAP_SUCCESS ) {
op->o_tmpfree( ca_comp_ref , op->o_tmpmemctx );
return rc;
}
if ( rc == LDAP_SUCCESS ) {
*cr = ca_comp_ref;
@ -369,21 +399,15 @@ static int
get_ca_use_default( Operation *op, ComponentAssertionValue* cav,
int* ca_use_def, const char** text )
{
if ( peek_cav_str( cav, "useDefaultValues" ) == LDAP_SUCCESS ) {
strip_cav_str( cav, "useDefaultValues" );
if ( peek_cav_str( cav, "TRUE" ) == LDAP_SUCCESS ) {
strip_cav_str( cav, "TRUE" );
*ca_use_def = 1;
} else if ( peek_cav_str( cav, "FALSE" ) == LDAP_SUCCESS ) {
strip_cav_str( cav, "FALSE" );
*ca_use_def = 0;
} else {
return LDAP_INVALID_SYNTAX;
}
} else {
/* If not defined, default value is TRUE */
strip_cav_str( cav, "useDefaultValues" );
if ( peek_cav_str( cav, "TRUE" ) == LDAP_SUCCESS ) {
strip_cav_str( cav, "TRUE" );
*ca_use_def = 1;
} else if ( peek_cav_str( cav, "FALSE" ) == LDAP_SUCCESS ) {
strip_cav_str( cav, "FALSE" );
*ca_use_def = 0;
} else {
return LDAP_INVALID_SYNTAX;
}
return LDAP_SUCCESS;
@ -447,7 +471,7 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
if ( cav->cav_ptr[count] == '"' ) sequent_dquote++;
else sequent_dquote = 0;
if ( cav->cav_ptr[count] == '\0' || cav->cav_ptr > cav->cav_end ) {
if ( cav->cav_ptr[count] == '\0' || (cav->cav_ptr+count) > cav->cav_end ) {
break;
}
@ -460,7 +484,7 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
}
else if ( cav->cav_ptr[0] == '\'' ) {
for( count = 1 ; ; count++ ) {
if ( cav->cav_ptr[count] == '\0' || cav->cav_ptr > cav->cav_end ) {
if ( cav->cav_ptr[count] == '\0' || (cav->cav_ptr+count) > cav->cav_end ) {
break;
}
if ((cav->cav_ptr[count-1] == '\'' && cav->cav_ptr[count] == 'B')||
@ -476,7 +500,7 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
if ( cav->cav_ptr[count] == '{' ) unclosed_brace++;
if ( cav->cav_ptr[count] == '}' ) unclosed_brace--;
if ( cav->cav_ptr[count] == '\0' || cav->cav_ptr > cav->cav_end )
if ( cav->cav_ptr[count] == '\0' || (cav->cav_ptr+count) > cav->cav_end )
break;
if ( unclosed_brace == 0 ) {
succeed = 1;
@ -486,13 +510,18 @@ get_GSER_value( ComponentAssertionValue* cav, struct berval* bv )
}
else {
succeed = 1;
count = cav->cav_end - cav->cav_ptr;
/*Find following white space where the value is ended*/
for( count = 1 ; ; count++ ) {
if ( cav->cav_ptr[count] == '\0' || cav->cav_ptr[count] == ' ' || (cav->cav_ptr+count) > cav->cav_end ) {
break;
}
}
}
if ( !succeed ) return LDAP_FILTER_ERROR;
bv->bv_val = cav->cav_ptr;
bv->bv_len = count + 1 ;
bv->bv_len = count ;
cav->cav_ptr += count;
return LDAP_SUCCESS;
}
@ -587,7 +616,8 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
Debug( LDAP_DEBUG_FILTER, "get_item: %s\n", 0, 0, 0 );
_ca = op->o_tmpalloc( sizeof( ComponentAssertion ), op->o_tmpmemctx );
_ca->ca_component_values = NULL;
_ca->ca_comp_data.cd_tree = NULL;
_ca->ca_comp_data.cd_mem_op = NULL;
rc = peek_cav_str( cav, "component" );
if ( rc == LDAP_SUCCESS ) {
@ -600,7 +630,9 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
}
}
strip_cav_str( cav,",");
if ( ( rc = strip_cav_str( cav,",") ) != LDAP_SUCCESS )
return rc;
rc = peek_cav_str( cav, "useDefaultValues");
if ( rc == LDAP_SUCCESS ) {
rc = get_ca_use_default( op, cav, &_ca->ca_use_def, text );
@ -609,8 +641,10 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
op->o_tmpfree( _ca, op->o_tmpmemctx );
return rc;
}
strip_cav_str( cav,",");
if ( ( rc = strip_cav_str( cav,",") ) != LDAP_SUCCESS )
return rc;
}
else _ca->ca_use_def = 1;
if ( !( strip_cav_str( cav, "rule" ) == LDAP_SUCCESS &&
get_matching_rule( op, cav , &_ca->ca_ma_rule, text ) == LDAP_SUCCESS )) {
@ -619,7 +653,8 @@ get_item( Operation *op, ComponentAssertionValue* cav, ComponentAssertion** ca,
return rc;
}
strip_cav_str( cav,",");
if ( ( rc = strip_cav_str( cav,",") ) != LDAP_SUCCESS )
return rc;
if ( !(strip_cav_str( cav, "value" ) == LDAP_SUCCESS &&
get_matching_value( op, _ca, cav, &_ca->ca_ma_value,text ) == LDAP_SUCCESS )) {
rc = LDAP_INVALID_SYNTAX;
@ -815,7 +850,7 @@ test_comp_filter_or(
return rtn;
}
static int
int
csi_value_match( MatchingRule *mr, struct berval* bv_attr,
struct berval* bv_assert )
{
@ -873,15 +908,11 @@ component_value_match( MatchingRule* mr,
return LDAP_INAPPROPRIATE_MATCHING;
}
}
/* FIXME: what should be returned here? Is this rachable at all? */
return LDAP_INAPPROPRIATE_MATCHING;
}
/*
* return codes : LDAP_COMPARE_TRUE, LDAP_COMPARE_FALSE
*/
static int
test_comp_filter_item(
Syntax *syn,
@ -891,6 +922,7 @@ test_comp_filter_item(
{
int rc, len;
ComponentSyntaxInfo* csi_attr, *csi_assert=NULL;
void *attr_nm, *assert_nm;
if ( strcmp(ca->ca_ma_rule->smr_mrule.mr_oid,
OID_COMP_FILTER_MATCH ) == 0 && ca->ca_cf ) {
@ -900,32 +932,54 @@ test_comp_filter_item(
}
/* load attribute containg components */
/* For a testing purpose, link following function here */
if ( !a->a_component_values && attr_converter )
a->a_component_values = attr_converter (a, syn, bv);
if ( !a->a_comp_data && attr_converter && nibble_mem_allocator ) {
a->a_comp_data = malloc( sizeof( ComponentData ) );
/* Memory chunk pre-allocation for decoders */
a->a_comp_data->cd_mem_op = (void*) nibble_mem_allocator ( 1024, 128 );
a->a_comp_data->cd_tree = attr_converter (a, syn, bv);
}
if ( a->a_component_values == NULL )
if ( a->a_comp_data->cd_tree == NULL ) {
free ( a->a_comp_data );
return LDAP_PROTOCOL_ERROR;
}
/* load component containg the referenced component */
/* Memory for storing will-be-extracted attribute values */
attr_nm = nibble_mem_allocator ( 256, 64 );
if ( !attr_nm )return LDAP_PROTOCOL_ERROR;
/* component reference initialization */
ca->ca_comp_ref->cr_curr = ca->ca_comp_ref->cr_list;
csi_attr = (((ComponentSyntaxInfo*)a->a_component_values)->csi_comp_desc->cd_extract_i)( ca->ca_comp_ref, a->a_component_values );
/* load component containg the referenced component */
csi_attr = (((ComponentSyntaxInfo*)a->a_comp_data->cd_tree)->csi_comp_desc->cd_extract_i)( attr_nm, ca->ca_comp_ref, a->a_comp_data->cd_tree );
if ( !csi_attr )
return LDAP_PROTOCOL_ERROR;
/* decode the asserted value */
if( !ca->ca_component_values && assert_converter ) {
assert_converter ( csi_attr, &ca->ca_ma_value,
&csi_assert, &len, DEC_ALLOC_MODE_0 );
ca->ca_component_values = (void*)csi_assert;
/* Memory for storing component assertion values */
assert_nm = nibble_mem_allocator ( 256, 64 );
if ( !assert_nm ) return LDAP_PROTOCOL_ERROR;
/* perform matching */
if ( ca->ca_comp_ref->cr_curr->ci_type == LDAP_COMPREF_ALL ) {
/*
* If <all> type component referenced is used
* more than one component will be tested
*/
if ( test_all_components )
rc = test_all_components ( assert_nm, csi_attr, ca );
else
rc = LDAP_PROTOCOL_ERROR;
} else {
/*
* Exactly one component is referenced
* Fast Path for matching for this case
*/
if ( test_one_component )
rc = test_one_component ( assert_nm, csi_attr, ca );
else
rc = LDAP_PROTOCOL_ERROR;
}
else csi_assert = ca->ca_component_values;
if ( !csi_assert )
return LDAP_PROTOCOL_ERROR;
return component_value_match( ca->ca_ma_rule, csi_attr, csi_assert);
/* free memory used for storing extracted attribute value */
nibble_mem_free ( attr_nm );
return rc;
}
static int
@ -993,8 +1047,8 @@ free_comp_filter( ComponentFilter* f )
break;
case LDAP_COMP_FILTER_ITEM:
if ( component_destructor && f->cf_ca->ca_component_values )
component_destructor( f->cf_ca->ca_component_values );
if ( nibble_mem_free && f->cf_ca->ca_comp_data.cd_mem_op )
nibble_mem_free( f->cf_ca->ca_comp_data.cd_mem_op );
break;
default:

2
servers/slapd/entry.c
View file

@ -663,7 +663,7 @@ int entry_decode(struct berval *bv, Entry **e)
a->a_vals = bptr;
a->a_flags = 0;
#ifdef LDAP_COMP_MATCH
a->a_component_values = NULL;
a->a_comp_data = NULL;
#endif
count = j = entry_getlen(&ptr);

12
servers/slapd/proto-slap.h
View file

@ -352,11 +352,13 @@ LDAP_SLAPD_F (int) componentFilterMatch LDAP_P((
struct berval *value,
void *assertedValue ));
#define componentCertificateMatch componentFilterMatch
LDAP_SLAPD_F (int) componentCertificateValidate LDAP_P((
Syntax *syntax,
struct berval* bv ));
LDAP_SLAPD_F (int) directoryComponentsMatch LDAP_P((
int *matchp,
slap_mask_t flags,
Syntax *syntax,
MatchingRule *mr,
struct berval *value,
void *assertedValue ));
LDAP_SLAPD_F (int) allComponentsMatch LDAP_P((
int *matchp,

7
servers/slapd/schema_init.c
View file

@ -3339,6 +3339,13 @@ static slap_mrule_defs_rec mrule_defs[] = {
NULL, NULL , allComponentsMatch,
octetStringIndexer, octetStringFilter,
NULL },
{"( 1.2.36.79672281.1.13.7 NAME 'directoryComponentsMatch' "
"SYNTAX 1.2.36.79672281.1.5.3 )",
SLAP_MR_EQUALITY|SLAP_MR_EXT|SLAP_MR_COMPONENT, NULL,
NULL, NULL , directoryComponentsMatch,
octetStringIndexer, octetStringFilter,
NULL },
#endif
{"( 2.5.13.2 NAME 'caseIgnoreMatch' "

37
servers/slapd/slap.h
View file

@ -1028,6 +1028,13 @@ typedef struct slap_valuesreturnfilter {
struct slap_valuesreturnfilter *vrf_next;
} ValuesReturnFilter;
#ifdef LDAP_COMP_MATCH
typedef struct slap_component_data {
void* cd_mem_op;/* nibble memory handler */
void* cd_tree; /* component tree */
} ComponentData;
#endif
/*
* represents an attribute (description + values)
*/
@ -1035,13 +1042,13 @@ typedef struct slap_attr {
AttributeDescription *a_desc;
BerVarray a_vals; /* preserved values */
BerVarray a_nvals; /* normalized values */
#ifdef LDAP_COMP_MATCH
ComponentData *a_comp_data; /* component values */
#endif
struct slap_attr *a_next;
unsigned a_flags;
#define SLAP_ATTR_IXADD 0x1U
#define SLAP_ATTR_IXDEL 0x2U
#ifdef LDAP_COMP_MATCH
void* a_component_values; /* component values */
#endif
} Attribute;
@ -2677,6 +2684,7 @@ typedef struct slap_component_id{
ber_int_t ci_from_beginning;
ber_int_t ci_count;
ber_int_t ci_from_end;
ber_int_t ci_content;
BerValue ci_select_value;
char ci_all;
} ci_val;
@ -2694,7 +2702,7 @@ typedef struct slap_component_assertion {
ber_int_t ca_use_def;
MatchingRule *ca_ma_rule;
struct berval ca_ma_value;
void* ca_component_values;
ComponentData ca_comp_data; /* componentized assertion */
struct slap_component_filter *ca_cf;
MatchingRuleAssertion *ca_mra;
} ComponentAssertion;
@ -2730,6 +2738,7 @@ typedef int encoder_func LDAP_P((
struct slap_component_syntax_info;
typedef int gser_decoder_func LDAP_P((
void* mem_op,
void* b,
struct slap_component_syntax_info** comp_syn_info,
int* len,
@ -2739,6 +2748,7 @@ typedef int comp_free_func LDAP_P((
void* b));
typedef int ber_decoder_func LDAP_P((
void* mem_op,
void* b,
int tag,
int elmtLen,
@ -2747,12 +2757,14 @@ typedef int ber_decoder_func LDAP_P((
int mode));
typedef int ber_tag_decoder_func LDAP_P((
void* mem_op,
void* b,
struct slap_component_syntax_info* comp_syn_info,
int* len,
int mode));
typedef void* extract_component_from_id_func LDAP_P((
void* mem_op,
ComponentReference* cr,
void* comp ));
@ -2761,8 +2773,15 @@ typedef void* convert_attr_to_comp_func LDAP_P ((
Syntax* syn,
struct berval* bv ));
typedef void* alloc_nibble_func LDAP_P ((
int initial_size,
int increment_size ));
typedef void free_nibble_func LDAP_P ((
void* nm ));
struct slap_component_syntax_info;
typedef int convert_assert_to_comp_func LDAP_P ((
typedef void* convert_assert_to_comp_func LDAP_P ((
struct slap_component_syntax_info* csi_attr,
struct berval* bv,
struct slap_component_syntax_info** csi,
@ -2774,7 +2793,12 @@ typedef int convert_asn_to_ldap_func LDAP_P ((
struct berval *bv ));
typedef void free_component_func LDAP_P ((
struct slap_component_syntax_info* csi ));
void* mem_op));
typedef int test_component_func LDAP_P ((
void* mem_op,
struct slap_component_syntax_info* csi,
struct slap_component_assertion* ca));
typedef int allcomponent_matching_func LDAP_P((
char* oid,
@ -2785,6 +2809,7 @@ typedef struct slap_component_desc{
int cd_tag;
int cd_type;
int cd_type_id;
int cd_compref_type;
gser_decoder_func *cd_gser_decoder;
ber_decoder_func *cd_ber_decoder;
comp_free_func *cd_free;

51
tests/data/compsearch.out
View file

@ -32,6 +32,57 @@ userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
EkBJ/Q=
dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
objectClass: OpenLDAPperson
objectClass: extensibleObject
uid:: Y2hhcmxpZSA=
cn: charlie
sn: Jee
userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
EkBJ/Q=
dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
objectClass: OpenLDAPperson
objectClass: extensibleObject
uid:: Y2hhcmxpZSA=
cn: beta
sn: Jee
userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
EkBJ/Q=
dn: cn=charlie,ou=Alumni Association,ou=People,dc=example,dc=com
objectClass: OpenLDAPperson
objectClass: extensibleObject
uid:: Y2hhcmxpZSA=
cn: charlie
sn: Jee
userCertificate;binary:: MIIB9jCCAV+gAwIBAgIBADANBgkqhkiG9w0BAQQFADANMQswCQYDV
QQGEwJVUzAeFw0wNDEwMTIwMDAxNTBaFw0wNDExMTEwMDAxNTBaMA0xCzAJBgNVBAYTAlVTMIGfMA
0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQcTs4uD+gAoQ1XkYN4woLtZaEi7XVEVIJQ6Rsn2QP3MO
NBT9jvrhVcnUJQtvEEkfnsNANKeYntUTvih76jErFNTmg7zl0govFSkiuS+tfrZnn/Ebix3+tTMnA
KUQXkYi5Mr+x3U44yYo1EPLpZlcV1Caafc30EMRQ/Gv/PdrqYwIDAQABo2YwZDAdBgNVHQ4EFgQUA
zNnruNiI38IPf39ZJGFx8mDsxgwNQYDVR0jBC4wLIAUAzNnruNiI38IPf39ZJGFx8mDsxihEaQPMA
0xCzAJBgNVBAYTAlVTggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAf44laoKcTyS
uz3yQb/lfOBVDh6oMxysal0eEij+nypQJ1H+rsZ+ebUlKMiTYhrTk3n3H6moHaxICENIu4P5rD5Ue
dAWtMjWq2ZJIa26bbvB4enGOF66KH5S823ZdKa0Kr2JcHAAYFpf+TQoGg5JO7TD3AECd7Qo9a+4Xr
EkBJ/Q=
dn: cn=beta,ou=Alumni Association,ou=People,dc=example,dc=com
objectClass: OpenLDAPperson
objectClass: extensibleObject

39
tests/scripts/test031-component-filter
View file

@ -147,6 +147,45 @@ if test $RC != 0 ; then
exit $RC
fi
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.extensions.0\", rule integerMatch, value 3 })"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"$FILTER" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
FILTER="(userCertificate:componentFilterMatch:=item:{component \"tbsCertificate.extensions.\2a.extnID\",rule allComponentsMatch, value 2.5.29.14 })"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"$FILTER" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
FILTER="(userCertificate:componentFilterMatch:=not:item:{component \"tbsCertificate.extensions.\2a\",rule allComponentsMatch, value { extnID 2.5.29.19 , extnValue '30030101FF'H })"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"$FILTER" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
test $KILLSERVERS != no && kill -HUP $KILLPIDS