configure | 1 ldap/servers/plugins/acl/acl.c | 4 ldap/servers/plugins/acl/acl.h | 2 ldap/servers/plugins/chainingdb/cb_bind.c | 9 ldap/servers/plugins/collation/orfilter.c | 2 ldap/servers/plugins/cos/cos_cache.c | 2 ldap/servers/plugins/http/http_impl.c | 31 ldap/servers/plugins/memberof/memberof.c | 2 ldap/servers/plugins/memberof/memberof_config.c | 2 ldap/servers/plugins/posix-winsync/posix-winsync.c | 24 ldap/servers/plugins/pwdstorage/sha_pwd.c | 2 ldap/servers/plugins/pwdstorage/smd5_pwd.c | 2 ldap/servers/plugins/replication/repl5_protocol_util.c | 7 ldap/servers/plugins/replication/repl5_replica_config.c | 35 ldap/servers/plugins/replication/repl5_total.c | 8 ldap/servers/plugins/replication/windows_private.c | 2 ldap/servers/plugins/replication/windows_protocol_util.c | 6 ldap/servers/plugins/rootdn_access/rootdn_access.c | 4 ldap/servers/plugins/syntaxes/bin.c | 101 +- ldap/servers/plugins/syntaxes/bitstring.c | 53 - ldap/servers/plugins/syntaxes/ces.c | 307 ++++-- ldap/servers/plugins/syntaxes/cis.c | 725 ++++++++++----- ldap/servers/plugins/syntaxes/dn.c | 66 - ldap/servers/plugins/syntaxes/facsimile.c | 2 ldap/servers/plugins/syntaxes/int.c | 121 +- ldap/servers/plugins/syntaxes/nameoptuid.c | 65 - ldap/servers/plugins/syntaxes/numericstring.c | 124 +- ldap/servers/plugins/syntaxes/syntax.h | 86 + ldap/servers/plugins/syntaxes/syntax_common.c | 4 ldap/servers/plugins/syntaxes/tel.c | 122 +- ldap/servers/slapd/add.c | 3 ldap/servers/slapd/agtmmap.c | 4 ldap/servers/slapd/back-ldbm/cache.c | 3 ldap/servers/slapd/back-ldbm/dbverify.c | 4 ldap/servers/slapd/back-ldbm/dbversion.c | 4 ldap/servers/slapd/back-ldbm/idl_new.c | 2 ldap/servers/slapd/back-ldbm/import.c | 2 ldap/servers/slapd/back-ldbm/import.h | 2 ldap/servers/slapd/back-ldbm/ldbm_config.c | 4 ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 3 ldap/servers/slapd/back-ldbm/perfctrs.c | 30 ldap/servers/slapd/back-ldbm/vlv.c | 8 ldap/servers/slapd/backend.c | 6 ldap/servers/slapd/configdse.c | 2 ldap/servers/slapd/control.c | 4 ldap/servers/slapd/filter.c | 2 ldap/servers/slapd/ldaputil.c | 5 ldap/servers/slapd/log.c | 228 ++-- ldap/servers/slapd/main.c | 12 ldap/servers/slapd/plugin.c | 4 ldap/servers/slapd/pw.c | 7 ldap/servers/slapd/regex.c | 3 ldap/servers/slapd/result.c | 3 ldap/servers/slapd/sasl_io.c | 2 ldap/servers/slapd/time.c | 4 ldap/servers/slapd/tools/dbscan.c | 4 ldap/servers/slapd/tools/ldclt/ldapfct.c | 2 ldap/servers/slapd/tools/ldclt/ldclt.c | 9 ldap/servers/slapd/tools/rsearch/addthread.c | 2 ldap/servers/slapd/tools/rsearch/infadd.c | 2 ldap/servers/slapd/tools/rsearch/nametable.c | 6 ldap/servers/slapd/tools/rsearch/sdattable.c | 6 ldap/servers/slapd/tools/rsearch/searchthread.c | 2 ldap/servers/slapd/uniqueid.c | 37 ldap/servers/slapd/utf8compare.c | 2 ldap/servers/slapd/util.c | 18 ldap/servers/slapd/uuid.c | 29 ldap/servers/slapd/valueset.c | 29 lib/libaccess/lasip.cpp | 11 lib/libsi18n/txtfile.c | 71 - 70 files changed, 1620 insertions(+), 882 deletions(-)
New commits: commit 3e7d6d62f3b2889d0250cb0a3892982e42ada878 Author: William Brown firstyear@redhat.com Date: Tue Aug 30 13:26:39 2016 +1000
Ticket 48805 - Sign comparison checks.
Bug Description: We perform a lot of checks on values that do not have the correct or same sign type. This often indicates the incorrect type of the variable, or incorrect use and design of the application.
Fix Description: * Cast some variables as needed where the type cannot be changed. * Change the type of some variables where correct. * Ignore others due to fundamental library issues.
https://fedorahosted.org/389/ticket/48805
Author: wibrown
Review by: mreynolds, nhosoi (Thanks!)
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c index ba6b774..9ddf96e 100644 --- a/ldap/servers/plugins/acl/acl.c +++ b/ldap/servers/plugins/acl/acl.c @@ -660,7 +660,7 @@ print_access_control_summary( char *source, int ret_val, char *clientDn, aclResultReason_t *acl_reason) { struct codebook { - int code; + aclReasonCode_t code; char *text; };
@@ -693,7 +693,7 @@ print_access_control_summary( char *source, int ret_val, char *clientDn, char acl_info[ BUFSIZ ]; Slapi_Operation *op = NULL; int loglevel; - int i; + size_t i; PRUint64 o_connid = 0xffffffffffffffff; /* no op */ int o_opid = -1; /* no op */
diff --git a/ldap/servers/plugins/acl/acl.h b/ldap/servers/plugins/acl/acl.h index 6e3198f..9818c03 100644 --- a/ldap/servers/plugins/acl/acl.h +++ b/ldap/servers/plugins/acl/acl.h @@ -649,7 +649,7 @@ typedef struct {
/* reasons why the subject allowed/denied access--good for logs */ - +/* This is a uint by default */ typedef enum{ ACL_REASON_NO_ALLOWS, ACL_REASON_RESULT_CACHED_DENY, diff --git a/ldap/servers/plugins/pwdstorage/sha_pwd.c b/ldap/servers/plugins/pwdstorage/sha_pwd.c index 9594ac9..8d8479e 100644 --- a/ldap/servers/plugins/pwdstorage/sha_pwd.c +++ b/ldap/servers/plugins/pwdstorage/sha_pwd.c @@ -50,7 +50,7 @@ sha_pw_cmp (const char *userpwd, const char *dbpwd, unsigned int shaLen ) char quick_dbhash[MAX_SHA_HASH_SIZE + SHA_SALT_LENGTH + 3]; char *dbhash = quick_dbhash; struct berval salt; - int hash_len; /* must be a signed valued -- see below */ + PRUint32 hash_len; unsigned int secOID; char *schemeName; char *hashresult = NULL; diff --git a/ldap/servers/plugins/pwdstorage/smd5_pwd.c b/ldap/servers/plugins/pwdstorage/smd5_pwd.c index f4c92f1..5d6fecf 100644 --- a/ldap/servers/plugins/pwdstorage/smd5_pwd.c +++ b/ldap/servers/plugins/pwdstorage/smd5_pwd.c @@ -36,7 +36,7 @@ smd5_pw_cmp( const char *userpwd, const char *dbpwd ) PK11Context *ctx=NULL; unsigned int outLen; unsigned char userhash[MD5_LENGTH]; - int hash_len; + PRUint32 hash_len; char quick_dbhash[MD5_LENGTH + MD5_DEFAULT_SALT_LENGTH + 1]; char *dbhash = quick_dbhash; struct berval salt; diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c index 5d46a51..603ce8e 100644 --- a/ldap/servers/plugins/replication/windows_protocol_util.c +++ b/ldap/servers/plugins/replication/windows_protocol_util.c @@ -3457,7 +3457,7 @@ decrypt_guid(char *guid) 20,21,22,23,24,25,26,27,28,29,30,31};
char *p = guid; - int i = 0; + size_t i = 0; char *cpy = slapi_ch_strdup(guid);
while (*p && i < (sizeof(decrypt_offsets)/sizeof(int))) diff --git a/ldap/servers/plugins/rootdn_access/rootdn_access.c b/ldap/servers/plugins/rootdn_access/rootdn_access.c index fe4a451..a0f5ec2 100644 --- a/ldap/servers/plugins/rootdn_access/rootdn_access.c +++ b/ldap/servers/plugins/rootdn_access/rootdn_access.c @@ -691,7 +691,7 @@ rootdn_check_host_wildcard(char *host, char *client_host) static int rootdn_check_ip_wildcard(char *ip, char *client_ip) { - int ip_len = strlen(ip); + size_t ip_len = strlen(ip); int i; /* * Start at the beginning of the string and move forward, and skip the last char "*" @@ -711,7 +711,7 @@ rootdn_check_ip_wildcard(char *ip, char *client_ip)
char * strToLower(char *str){ - int i; + size_t i;
for(i = 0; str && i < strlen(str); i++){ str[i] = tolower(str[i]); diff --git a/ldap/servers/plugins/syntaxes/ces.c b/ldap/servers/plugins/syntaxes/ces.c index 13f72ec..6e86905 100644 --- a/ldap/servers/plugins/syntaxes/ces.c +++ b/ldap/servers/plugins/syntaxes/ces.c @@ -449,8 +449,8 @@ ia5_validate( struct berval *val ) { - int rc = 0; /* assume the value is valid */ - int i = 0; + int rc = 0; /* assume the value is valid */ + uint i = 0;
if (val == NULL) { rc = 1; diff --git a/ldap/servers/plugins/syntaxes/cis.c b/ldap/servers/plugins/syntaxes/cis.c index 8f2f9c7..07e6318 100644 --- a/ldap/servers/plugins/syntaxes/cis.c +++ b/ldap/servers/plugins/syntaxes/cis.c @@ -1324,30 +1324,30 @@ exit: }
static int printable_validate( - struct berval *val + struct berval *val ) { - int rc = 0; /* assume the value is valid */ - int i = 0; - - /* Per RFC4517: - * - * PrintableString = 1*PrintableCharacter - */ - if ((val != NULL) && (val->bv_len > 0)) { - /* Make sure all chars are a PrintableCharacter */ - for (i=0; i < val->bv_len; i++) { - if (!IS_PRINTABLE(val->bv_val[i])) { - rc = 1; - goto exit; - } - } - } else { - rc = 1; - } + int rc = 0; /* assume the value is valid */ + uint i = 0; + + /* Per RFC4517: + * + * PrintableString = 1*PrintableCharacter + */ + if ((val != NULL) && (val->bv_len > 0)) { + /* Make sure all chars are a PrintableCharacter */ + for (i=0; i < val->bv_len; i++) { + if (!IS_PRINTABLE(val->bv_val[i])) { + rc = 1; + goto exit; + } + } + } else { + rc = 1; + }
exit: - return( rc ); + return( rc ); }
static void cis_normalize( diff --git a/ldap/servers/plugins/syntaxes/facsimile.c b/ldap/servers/plugins/syntaxes/facsimile.c index a1e3337..98b92e1 100644 --- a/ldap/servers/plugins/syntaxes/facsimile.c +++ b/ldap/servers/plugins/syntaxes/facsimile.c @@ -169,7 +169,7 @@ facsimile_validate( ) { int rc = 0; /* assume the value is valid */ - int i = 0; + uint i = 0;
/* Per RFC4517: * diff --git a/ldap/servers/plugins/syntaxes/syntax_common.c b/ldap/servers/plugins/syntaxes/syntax_common.c index 591e808..c8aa80d 100644 --- a/ldap/servers/plugins/syntaxes/syntax_common.c +++ b/ldap/servers/plugins/syntaxes/syntax_common.c @@ -20,7 +20,7 @@ syntax_register_matching_rule_plugins( ) { int rc = -1; - int ii; + size_t ii;
for (ii = 0; ii < mr_plugin_table_size; ++ii) { char *argv[2]; @@ -44,7 +44,7 @@ syntax_matching_rule_plugin_init( size_t mr_plugin_table_size ) { - int ii; + size_t ii; char **argv = NULL; int rc = -1; struct mr_plugin_def *mrpd = NULL; diff --git a/ldap/servers/plugins/syntaxes/tel.c b/ldap/servers/plugins/syntaxes/tel.c index 698714f..7e3087b 100644 --- a/ldap/servers/plugins/syntaxes/tel.c +++ b/ldap/servers/plugins/syntaxes/tel.c @@ -272,7 +272,7 @@ tel_validate( ) { int rc = 0; /* assume the value is valid */ - int i = 0; + uint i = 0;
/* Per RFC4517: * diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c index 708d3e7..0f38318 100644 --- a/ldap/servers/slapd/add.c +++ b/ldap/servers/slapd/add.c @@ -54,7 +54,7 @@ do_add( Slapi_PBlock *pb ) Slapi_Operation *operation; BerElement *ber; char *last; - ber_len_t len = -1; + ber_len_t len = LBER_ERROR; ber_tag_t tag; Slapi_Entry *e = NULL; int err; @@ -197,6 +197,7 @@ do_add( Slapi_PBlock *pb ) goto free_and_return; }
+ /* len, is ber_len_t, which is uint. Can't be -1. May be better to remove (len != 0) check */ if ( (tag != LBER_END_OF_SEQORSET) && (len != -1) ) { op_shared_log_error_access (pb, "ADD", slapi_sdn_get_dn (slapi_entry_get_sdn_const(e)), "decoding error"); send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL, diff --git a/ldap/servers/slapd/agtmmap.c b/ldap/servers/slapd/agtmmap.c index b9d66d9..bb6155e 100644 --- a/ldap/servers/slapd/agtmmap.c +++ b/ldap/servers/slapd/agtmmap.c @@ -155,8 +155,8 @@ agt_mopen_stats (char * statsfile, int mode, int *hdl) }
sz = sizeof (struct agt_stats_t); - - if (fileinfo.st_size < sz) + /* st_size is an off_t, which is signed. sz, size_t is unsigned. */ + if (fileinfo.st_size < (off_t)sz) { /* Without this we will get segv when we try to read/write later */ buf = calloc (1, sz); diff --git a/ldap/servers/slapd/back-ldbm/cache.c b/ldap/servers/slapd/back-ldbm/cache.c index 015cd48..b34bec9 100644 --- a/ldap/servers/slapd/back-ldbm/cache.c +++ b/ldap/servers/slapd/back-ldbm/cache.c @@ -146,7 +146,8 @@ Hashtable *new_hash(u_long size, u_long offset, HashFn hfn, { static u_long prime[] = { 3, 5, 7, 11, 13, 17, 19 }; Hashtable *ht; - int ok = 0, i; + int ok = 0; + size_t i = 0;
if (size < MINHASHSIZE) size = MINHASHSIZE; diff --git a/ldap/servers/slapd/back-ldbm/dbverify.c b/ldap/servers/slapd/back-ldbm/dbverify.c index 315ef93..42d2210 100644 --- a/ldap/servers/slapd/back-ldbm/dbverify.c +++ b/ldap/servers/slapd/back-ldbm/dbverify.c @@ -23,8 +23,8 @@ dbverify_ext( ldbm_instance *inst, int verbose ) PRDir *dirhandle = NULL; PRDirEntry *direntry = NULL; DB *dbp = NULL; - int tmplen = 0; - int filelen = 0; + size_t tmplen = 0; + size_t filelen = 0; int rval = 1; int rval_main = 0; struct ldbminfo *li = inst->inst_li; diff --git a/ldap/servers/slapd/back-ldbm/dbversion.c b/ldap/servers/slapd/back-ldbm/dbversion.c index 11ad125..4d28cd6 100644 --- a/ldap/servers/slapd/back-ldbm/dbversion.c +++ b/ldap/servers/slapd/back-ldbm/dbversion.c @@ -98,7 +98,7 @@ dbversion_write(struct ldbminfo *li, const char *directory, /* end in a newline */ PL_strncpyz(ptr, "\n", sizeof(buf) - len); len = strlen(buf); - if ( slapi_write_buffer( prfd, buf, len ) != len ) + if ( slapi_write_buffer( prfd, buf, len ) != (PRInt32)len ) { LDAPDebug( LDAP_DEBUG_ANY, "Could not write to file "%s"\n", filename, 0, 0 ); rc= -1; @@ -107,7 +107,7 @@ dbversion_write(struct ldbminfo *li, const char *directory, { sprintf( buf, "%s\n", dataversion ); len = strlen( buf ); - if ( slapi_write_buffer( prfd, buf, len ) != len ) + if ( slapi_write_buffer( prfd, buf, len ) != (PRInt32)len ) { LDAPDebug( LDAP_DEBUG_ANY, "Could not write to file "%s"\n", filename, 0, 0 ); rc= -1; diff --git a/ldap/servers/slapd/back-ldbm/idl_new.c b/ldap/servers/slapd/back-ldbm/idl_new.c index a8d76d8..ab87b04 100644 --- a/ldap/servers/slapd/back-ldbm/idl_new.c +++ b/ldap/servers/slapd/back-ldbm/idl_new.c @@ -559,7 +559,7 @@ idl_new_range_fetch( /* Otherwise, keep the {key,id} in leftover array */ if (!leftover) { leftover = (idl_range_id_pair *)slapi_ch_calloc(leftoverlen, sizeof(idl_range_id_pair)); - } else if (leftovercnt == leftoverlen) { + } else if (leftovercnt == (int)leftoverlen) { leftover = (idl_range_id_pair *)slapi_ch_realloc((char *)leftover, 2 * leftoverlen * sizeof(idl_range_id_pair)); memset(leftover + leftovercnt, 0, leftoverlen); leftoverlen *= 2; diff --git a/ldap/servers/slapd/back-ldbm/import.c b/ldap/servers/slapd/back-ldbm/import.c index 78aefbf..8ddbf70 100644 --- a/ldap/servers/slapd/back-ldbm/import.c +++ b/ldap/servers/slapd/back-ldbm/import.c @@ -81,7 +81,7 @@ static int import_fifo_init(ImportJob *job) * * \return int: If able to hold the entry, returns 0. If unable to, but resize was sucessful, so now able to hold the entry, 0. If unable to hold the entry and unable to resize, 1. */ -int import_fifo_validate_capacity_or_expand(ImportJob *job, int entrysize) { +int import_fifo_validate_capacity_or_expand(ImportJob *job, size_t entrysize) { int result = 1; /* We shoot for four times as much to start with. */ size_t request = entrysize * 4; diff --git a/ldap/servers/slapd/back-ldbm/import.h b/ldap/servers/slapd/back-ldbm/import.h index a109bba..6ff8828 100644 --- a/ldap/servers/slapd/back-ldbm/import.h +++ b/ldap/servers/slapd/back-ldbm/import.h @@ -197,7 +197,7 @@ struct _import_worker_info {
/* import.c */ -int import_fifo_validate_capacity_or_expand(ImportJob *job, int entrysize); +int import_fifo_validate_capacity_or_expand(ImportJob *job, size_t entrysize); FifoItem *import_fifo_fetch(ImportJob *job, ID id, int worker); void import_free_job(ImportJob *job); void import_log_notice(ImportJob *job, char *format, ...) diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.c b/ldap/servers/slapd/back-ldbm/ldbm_config.c index 11cc373..ef849d8 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_config.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_config.c @@ -1042,7 +1042,7 @@ static int ldbm_config_db_cache_set(void *arg, void *value, char *errorbuf, int { struct ldbminfo *li = (struct ldbminfo *) arg; int retval = LDAP_SUCCESS; - size_t val = (size_t) ((uintptr_t)value); + int val = ((uintptr_t)value); size_t delta = 0;
/* There is an error here. We check the new val against our current mem-alloc @@ -1060,7 +1060,7 @@ static int ldbm_config_db_cache_set(void *arg, void *value, char *errorbuf, int delta = val - li->li_dblayer_private->dblayer_cache_config; if (!util_is_cachesize_sane(&delta)){ slapi_create_errormsg(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "Error: db cachesize value is too large"); - LDAPDebug1Arg(LDAP_DEBUG_ANY,"Error: db cachesize value is too large.\n", val); + LDAPDebug0Args(LDAP_DEBUG_ANY,"Error: db cachesize value is too large.\n"); return LDAP_UNWILLING_TO_PERFORM; } } diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c index f934305..2af1f3a 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c @@ -2039,7 +2039,8 @@ moddn_rename_children( struct ldbminfo *li = (struct ldbminfo *) be->be_database->plg_private; Slapi_Operation *operation; CSN *opcsn; - int retval= -1, i; + int retval= -1; + uint i = 0; char **newsuperiordns = NULL; int newsuperiordncomps= 0; int parentdncomps= 0; diff --git a/ldap/servers/slapd/back-ldbm/perfctrs.c b/ldap/servers/slapd/back-ldbm/perfctrs.c index 19db28b..2bd18bd 100644 --- a/ldap/servers/slapd/back-ldbm/perfctrs.c +++ b/ldap/servers/slapd/back-ldbm/perfctrs.c @@ -287,25 +287,25 @@ static SlapiLDBMPerfctrATMap perfctr_at_map[] = { void perfctrs_as_entry( Slapi_Entry *e, perfctrs_private *priv, DB_ENV *db_env ) { - performance_counters *perf; - int i; + performance_counters *perf; + size_t i;
- if (priv == NULL) return; + if (priv == NULL) return;
- perf = (performance_counters*)priv->memory; + perf = (performance_counters*)priv->memory;
- /* - * First, update the values so they are current. - */ - perfctrs_update( priv, db_env ); + /* + * First, update the values so they are current. + */ + perfctrs_update( priv, db_env );
- /* - * Then convert all the counters to attribute values. - */ - for ( i = 0; i < SLAPI_LDBM_PERFCTR_AT_MAP_COUNT; ++i ) { - perfctr_add_to_entry( e, perfctr_at_map[i].pam_type, - *((PRUint32 *)((char *)perf + perfctr_at_map[i].pam_offset))); - } + /* + * Then convert all the counters to attribute values. + */ + for ( i = 0; i < SLAPI_LDBM_PERFCTR_AT_MAP_COUNT; ++i ) { + perfctr_add_to_entry( e, perfctr_at_map[i].pam_type, + *((PRUint32 *)((char *)perf + perfctr_at_map[i].pam_offset))); + } }
diff --git a/ldap/servers/slapd/back-ldbm/vlv.c b/ldap/servers/slapd/back-ldbm/vlv.c index b15e83e..7f210e3 100644 --- a/ldap/servers/slapd/back-ldbm/vlv.c +++ b/ldap/servers/slapd/back-ldbm/vlv.c @@ -885,7 +885,7 @@ determine_result_range(const struct vlv_request *vlv_request_control, PRUint32 i else { /* Make sure we don't run off the start */ - if(index < vlv_request_control->beforeCount) + if((ber_int_t)index < vlv_request_control->beforeCount) { *pstart= 0; } @@ -894,7 +894,11 @@ determine_result_range(const struct vlv_request *vlv_request_control, PRUint32 i *pstart= index - vlv_request_control->beforeCount; } /* Make sure we don't run off the end */ - if(UINT_MAX - index > vlv_request_control->afterCount) + /* + * if(UINT_MAX - index > vlv_request_control->afterCount), but after is int, + * so right now, it could overflow before this condition .... + */ + if(INT_MAX - (ber_int_t)index > vlv_request_control->afterCount) { *pstop= index + vlv_request_control->afterCount; } diff --git a/ldap/servers/slapd/backend.c b/ldap/servers/slapd/backend.c index 54bccb3..54b9381 100644 --- a/ldap/servers/slapd/backend.c +++ b/ldap/servers/slapd/backend.c @@ -245,7 +245,11 @@ slapi_be_getsuffix(Slapi_Backend *be,int n) return NULL;
if(be->be_state != BE_STATE_DELETED) { - if (be->be_suffixlist !=NULL && n < slapi_counter_get_value(be->be_suffixcounter)) { + /* slapi_counter_get_value returns a PRUint64, not an int. cast it to the int to avoid loss, + * may wish to change slapi_be_getsuffix to take PRUint64 in function def. + * Somehow I don't see us having greater than 0xFFFFFFFE databases on a deployment though ... + */ + if (be->be_suffixlist !=NULL && n < (int)slapi_counter_get_value(be->be_suffixcounter)) { int i = 0;
list = be->be_suffixlist; diff --git a/ldap/servers/slapd/configdse.c b/ldap/servers/slapd/configdse.c index 3668027..71ab27a 100644 --- a/ldap/servers/slapd/configdse.c +++ b/ldap/servers/slapd/configdse.c @@ -101,7 +101,7 @@ read_config_dse (Slapi_PBlock *pb, Slapi_Entry* e, Slapi_Entry* entryAfter, int slapdFrontendConfig_t *slapdFrontendConfig; struct slapdplugin *pPlugin; char *cookie; - int i; + size_t i;
slapdFrontendConfig = getFrontendConfig();
diff --git a/ldap/servers/slapd/control.c b/ldap/servers/slapd/control.c index 24a481f..79a639d 100644 --- a/ldap/servers/slapd/control.c +++ b/ldap/servers/slapd/control.c @@ -176,7 +176,8 @@ get_ldapmessage_controls_ext( { LDAPControl **ctrls, *new; ber_tag_t tag; - ber_len_t len = -1; + /* ber_len_t is uint, cannot be -1 */ + ber_len_t len = LBER_ERROR; int rc, maxcontrols, curcontrols; char *last; int managedsait, pwpolicy_ctrl; @@ -340,6 +341,7 @@ get_ldapmessage_controls_ext( slapi_log_error(SLAPI_LOG_CONNS, "connection", "Warning: conn=%" NSPRIu64 " op=%d contains an empty list of controls\n", pb->pb_conn->c_connid, pb->pb_op->o_opid); } else { + /* len, ber_len_t is uint, not int, cannot be != -1, may be better to remove this check. */ if ((tag != LBER_END_OF_SEQORSET) && (len != -1)) { goto free_and_return; } diff --git a/ldap/servers/slapd/filter.c b/ldap/servers/slapd/filter.c index 0c31bff..9336a79 100644 --- a/ldap/servers/slapd/filter.c +++ b/ldap/servers/slapd/filter.c @@ -384,7 +384,7 @@ get_filter_list( Connection *conn, BerElement *ber, struct slapi_filter **new; int err; ber_tag_t tag; - ber_len_t len = -1; + ber_len_t len = LBER_ERROR; char *last;
LDAPDebug( LDAP_DEBUG_FILTER, "=> get_filter_list\n", 0, 0, 0 ); diff --git a/ldap/servers/slapd/ldaputil.c b/ldap/servers/slapd/ldaputil.c index f7cbbf6..053dc3f 100644 --- a/ldap/servers/slapd/ldaputil.c +++ b/ldap/servers/slapd/ldaputil.c @@ -516,6 +516,7 @@ slapi_ldap_create_proxyauth_control ( ctrloid = LDAP_CONTROL_PROXYAUTH; }
+ /* Curiously, LBER_ERROR is uint, but set to -1 (0xffffffffU), even though ber_printf is int ... */ if (LBER_ERROR == ber_printf(ber, berfmtstr, dn)) { ber_free(ber, 1); return LDAP_ENCODING_ERROR; diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c index 56bf937..94757fd 100644 --- a/ldap/servers/slapd/log.c +++ b/ldap/servers/slapd/log.c @@ -131,14 +131,14 @@ slapd_log_error_proc_internal( (((fd) = PR_Open((filename), PR_WRONLY | PR_TRUNCATE | \ PR_CREATE_FILE, mode)) != NULL) #define LOG_WRITE(fd, buffer, size, headersize) \ - if ( slapi_write_buffer((fd), (buffer), (size)) != (size) ) \ + if ( slapi_write_buffer((fd), (buffer), (PRInt32)(size)) != (PRInt32)(size) ) \ { \ PRErrorCode prerr = PR_GetError(); \ syslog(LOG_ERR, "Failed to write log, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s): %s\n", prerr, slapd_pr_strerror(prerr), (buffer)+(headersize) ); \ } #define LOG_WRITE_NOW(fd, buffer, size, headersize, err) do {\ (err) = 0; \ - if ( slapi_write_buffer((fd), (buffer), (size)) != (size) ) \ + if ( slapi_write_buffer((fd), (buffer), (PRInt32)(size)) != (PRInt32)(size) ) \ { \ PRErrorCode prerr = PR_GetError(); \ syslog(LOG_ERR, "Failed to write log, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s): %s\n", prerr, slapd_pr_strerror(prerr), (buffer)+(headersize) ); \ @@ -148,7 +148,7 @@ slapd_log_error_proc_internal( PR_Sync(fd); \ } while (0) #define LOG_WRITE_NOW_NO_ERR(fd, buffer, size, headersize) do {\ - if ( slapi_write_buffer((fd), (buffer), (size)) != (size) ) \ + if ( slapi_write_buffer((fd), (buffer), (PRInt32)(size)) != (PRInt32)(size) ) \ { \ PRErrorCode prerr = PR_GetError(); \ syslog(LOG_ERR, "Failed to write log, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s): %s\n", prerr, slapd_pr_strerror(prerr), (buffer)+(headersize) ); \ diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c index e7d88eb..1349e1b 100644 --- a/ldap/servers/slapd/main.c +++ b/ldap/servers/slapd/main.c @@ -175,6 +175,7 @@ chown_dir_files(char *name, struct passwd *pw, PRBool strip_fn, PRBool both) char file[MAXPATHLEN + 1]; char *log=NULL, *ptr=NULL; int rc=0; + gid_t gid = -1;
log=slapi_ch_strdup(name); if(strip_fn) @@ -200,9 +201,14 @@ chown_dir_files(char *name, struct passwd *pw, PRBool strip_fn, PRBool both) while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL ) { PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name); - if(slapd_chown_if_not_owner( file, pw->pw_uid, both?pw->pw_gid:-1 )){ - LDAPDebug(LDAP_DEBUG_ANY, "chown_dir_files: file (%s) chown failed (%d) %s.\n", - file, errno, slapd_system_strerror(errno)); + if (both) { + gid = pw->pw_gid; + } else { + gid = -1; + } + if(slapd_chown_if_not_owner( file, pw->pw_uid, gid )){ + LDAPDebug(LDAP_DEBUG_ANY, "chown_dir_files: file (%s) chown failed (%d) %s.\n", + file, errno, slapd_system_strerror(errno)); } } PR_CloseDir( dir ); diff --git a/ldap/servers/slapd/plugin.c b/ldap/servers/slapd/plugin.c index c801bf4..2c2081c 100644 --- a/ldap/servers/slapd/plugin.c +++ b/ldap/servers/slapd/plugin.c @@ -641,7 +641,7 @@ plugin_get_pwd_storage_scheme(char *name, int len, int index) struct slapdplugin *p;
for ( p = global_plugin_list[index]; p != NULL; p = p->plg_next ) { - if (strlen(p->plg_pwdstorageschemename) == len) { + if ((int)strlen(p->plg_pwdstorageschemename) == len) { if (strncasecmp(p->plg_pwdstorageschemename, name, len) == 0) { return( p ); } @@ -3155,7 +3155,7 @@ get_dep_plugin_list(char **plugins) { char output[1024]; int first_plugin = 1; - int len = 0; + PRUint32 len = 0; int i ;
for(i = 0; plugins && plugins[i]; i++){ diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c index 6f02f90..7658064 100644 --- a/ldap/servers/slapd/pw.c +++ b/ldap/servers/slapd/pw.c @@ -866,7 +866,7 @@ check_pw_syntax_ext ( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals,
/* check for the minimum password length */ if ( pwpolicy->pw_minlength > - ldap_utf8characters((char *)slapi_value_get_string( vals[i] )) ) + (int)ldap_utf8characters((char *)slapi_value_get_string( vals[i] )) ) { PR_snprintf( errormsg, sizeof(errormsg) - 1, "invalid password syntax - password must be at least %d characters long", pwpolicy->pw_minlength ); @@ -1492,7 +1492,7 @@ check_trivial_words (Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Value **vals, char { /* If the value is smaller than the max token length, * we don't need to check the password */ - if ( ldap_utf8characters(slapi_value_get_string( valp )) < toklen ) + if ( (int)ldap_utf8characters(slapi_value_get_string( valp )) < toklen ) continue;
/* See if the password contains the value */ @@ -2441,7 +2441,8 @@ slapi_pwpolicy_is_locked(Slapi_PWPolicy *pwpolicy, Slapi_Entry *e, time_t *unloc if (pwpolicy && e) { /* Check if account is locked */ if ( pwpolicy->pw_lockout == 1) { - if (slapi_entry_attr_get_uint(e, "passwordRetryCount") >= pwpolicy->pw_maxfailure) { + /* Despite get_uint, we still compare to an int ... */ + if ((int)slapi_entry_attr_get_uint(e, "passwordRetryCount") >= pwpolicy->pw_maxfailure) { is_locked = 1; } } diff --git a/ldap/servers/slapd/regex.c b/ldap/servers/slapd/regex.c index 8fbcd08..19a9b1d 100644 --- a/ldap/servers/slapd/regex.c +++ b/ldap/servers/slapd/regex.c @@ -128,7 +128,8 @@ slapi_re_subs_ext( Slapi_Regex *re_handle, const char *subject, const char *src, char **dst, unsigned long dstlen, int filter ) { int thislen = 0; - int len = 0; + /* was int, should match the type we compare to in the end! */ + unsigned long len = 0; int pin; int *ovector; char *mydst; diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c index c2a0206..9a0b217 100644 --- a/ldap/servers/slapd/result.c +++ b/ldap/servers/slapd/result.c @@ -1894,7 +1894,8 @@ static char * notes2str( unsigned int notes, char *buf, size_t buflen ) { char *p; - int i; + /* SLAPI_NOTEMAP_COUNT uses sizeof, size_t is unsigned. Was int */ + uint i; size_t len;
*buf = '\0'; diff --git a/ldap/servers/slapd/time.c b/ldap/servers/slapd/time.c index 4471a6f..96d50fb 100644 --- a/ldap/servers/slapd/time.c +++ b/ldap/servers/slapd/time.c @@ -210,7 +210,7 @@ format_localTime_log(time_t t, int initsize, char *buf, int *bufsize) return 1; } if (PR_snprintf( buf, *bufsize, "[%s %c%02d%02d] ", tbuf, sign, - (int)( tz / 3600 ), (int)( tz % 3600)) == -1) { + (int)( tz / 3600 ), (int)( tz % 3600)) == (PRUint32)-1) { return 1; } *bufsize = strlen(buf); @@ -262,7 +262,7 @@ format_localTime_hr_log(time_t t, long nsec, int initsize, char *buf, int *bufsi return 1; } if (PR_snprintf( buf, *bufsize, "[%s.%09ld %c%02d%02d] ", tbuf, nsec, sign, - (int)( tz / 3600 ), (int)( tz % 3600)) == -1) { + (int)( tz / 3600 ), (int)( tz % 3600)) == (PRUint32)-1) { return 1; } *bufsize = strlen(buf); diff --git a/ldap/servers/slapd/tools/dbscan.c b/ldap/servers/slapd/tools/dbscan.c index 70b9409..1765549 100644 --- a/ldap/servers/slapd/tools/dbscan.c +++ b/ldap/servers/slapd/tools/dbscan.c @@ -141,8 +141,8 @@ void db_printfln(char *fmt, ...) fprintf(stdout, "\n"); }
-int MAX_BUFFER = 4096; -int MIN_BUFFER = 20; +size_t MAX_BUFFER = 4096; +size_t MIN_BUFFER = 20;
static IDL *idl_make(DBT *data) { diff --git a/ldap/servers/slapd/tools/ldclt/ldclt.c b/ldap/servers/slapd/tools/ldclt/ldclt.c index 67b34ff..126108c 100644 --- a/ldap/servers/slapd/tools/ldclt/ldclt.c +++ b/ldap/servers/slapd/tools/ldclt/ldclt.c @@ -927,7 +927,8 @@ parseFilter ( char **tail, int *ndigits) { - int i, j; + size_t i; + size_t j;
if (!src) { printf ("Error: NULL source string is passed.\n"); @@ -975,7 +976,7 @@ int basicInit (void) { struct rlimit rlp; /* For setrlimit() */ - int i; /* For the loops */ /*JLS 21-11-00*/ + size_t i; /* For the loops */ /*JLS 21-11-00*/ int ret; /* Return value */ int oflags;/* open() flags */ /*JLS 05-04-01*/ struct stat file_st ; /* file status checker for attreplacefile option */ @@ -1726,8 +1727,8 @@ int addAttrToList ( char *list) { - int start; /* Start of the attr name */ - int end; /* End of the attr name */ + size_t start; /* Start of the attr name */ + size_t end; /* End of the attr name */
/* * Sanity check diff --git a/ldap/servers/slapd/tools/rsearch/infadd.c b/ldap/servers/slapd/tools/rsearch/infadd.c index 5bf5e66..49a0315 100644 --- a/ldap/servers/slapd/tools/rsearch/infadd.c +++ b/ldap/servers/slapd/tools/rsearch/infadd.c @@ -312,7 +312,7 @@ int main(int argc, char **argv) (double)total/(double)numThreads, val, (double)1000.0/val, ntotal, numThreads); } - if (lmtCount && ntotal >= lmtCount) { + if (lmtCount && (int)ntotal >= lmtCount) { if (!quiet) { tmpv = (double)ntotal*1000.0/(counter*sampleInterval); fprintf(stdout, diff --git a/ldap/servers/slapd/tools/rsearch/nametable.c b/ldap/servers/slapd/tools/rsearch/nametable.c index 59048bc..936fc4d 100644 --- a/ldap/servers/slapd/tools/rsearch/nametable.c +++ b/ldap/servers/slapd/tools/rsearch/nametable.c @@ -84,7 +84,7 @@ NameTable *nt_new(int capacity) /* destroy nametable */ void nt_destroy(NameTable *nt) { - int i; + PRUint32 i;
if (nt->size) { for (i = 0; i < nt->size; i++) @@ -136,7 +136,7 @@ int nt_load(NameTable *nt, const char *filename) int nt_save(NameTable *nt, const char *filename) { PRFileDesc *fd; - int i; + PRUint32 i;
fd = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 0644); if (!fd) return 0; @@ -152,7 +152,7 @@ int nt_save(NameTable *nt, const char *filename) /* painstakingly determine if a given entry is already in the list */ int nt_cis_check(NameTable *nt, const char *name) { - int i; + PRUint32 i;
for (i = 0; i < nt->size; i++) if (strcasecmp(nt->data[i], name) == 0) diff --git a/ldap/servers/slapd/tools/rsearch/sdattable.c b/ldap/servers/slapd/tools/rsearch/sdattable.c index 47da646..1c9afe7 100644 --- a/ldap/servers/slapd/tools/rsearch/sdattable.c +++ b/ldap/servers/slapd/tools/rsearch/sdattable.c @@ -57,7 +57,7 @@ SDatTable *sdt_new(int capacity) /* destroy searchdata table */ void sdt_destroy(SDatTable *sdt) { - int i; + PRUint32 i;
if (sdt->size) { for (i = 0; i < sdt->size; i++) { @@ -159,7 +159,7 @@ out: int sdt_save(SDatTable *sdt, const char *filename) { PRFileDesc *fd; - int i; + PRUint32 i;
fd = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 0644); if (!fd) return 0; @@ -183,7 +183,7 @@ int sdt_save(SDatTable *sdt, const char *filename) /* painstakingly determine if a given entry is already in the list */ int sdt_cis_check(SDatTable *sdt, const char *name) { - int i; + PRUint32 i;
for (i = 0; i < sdt->size; i++) { if (strcasecmp(sdt->dns[i], name) == 0) diff --git a/ldap/servers/slapd/uniqueid.c b/ldap/servers/slapd/uniqueid.c index 169db01..0e3f5ac 100644 --- a/ldap/servers/slapd/uniqueid.c +++ b/ldap/servers/slapd/uniqueid.c @@ -265,19 +265,21 @@ static size_t format_len = 35; format (specified above). */ static int isValidFormat (const char * buff) { - int i; + size_t i;
- if (strlen (buff) != strlen (format)) - return UID_BADDATA; + if (strlen (buff) != strlen (format)) { + return UID_BADDATA; + }
- for (i = 0; i < format_len; i++) - { - if (format[i] == '-' && buff [i] != '-') - return 0; - else if (format[i] == 'X' && ! isxdigit (buff[i])) - return 0; - } + for (i = 0; i < format_len; i++) + { + if (format[i] == '-' && buff [i] != '-') { + return 0; + } else if (format[i] == 'X' && ! isxdigit (buff[i])) { + return 0; + } + }
- return 1; + return 1; }
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c index 1ebdf2e..c3c0551 100644 --- a/ldap/servers/slapd/util.c +++ b/ldap/servers/slapd/util.c @@ -258,7 +258,7 @@ filter_stuff_func(void *arg, const char *val, PRUint32 slen) #endif char *buf = (char *)val; int extra_space; - int filter_len = slen; + int filter_len = (int)slen;
/* look at val - if val is one of our special keywords, and make a note of it for the next pass */ if (strcmp(val, ESC_NEXT_VAL) == 0){ @@ -381,7 +381,7 @@ filter_stuff_func(void *arg, const char *val, PRUint32 slen) return filter_len; } else { /* process arg as is */ /* check if we have enough room in our buffer */ - if (ctx->buf_size + slen >= ctx->buf_len){ + if (ctx->buf_size + (int)slen >= ctx->buf_len){ /* increase buffer for this filter */ extra_space = (ctx->buf_len + slen + BUF_INCR); ctx->buf = slapi_ch_realloc((char *)ctx->buf, sizeof(char) * extra_space); @@ -1145,18 +1145,19 @@ slapd_chown_if_not_owner(const char *filename, uid_t uid, gid_t gid) int fd = -1; struct stat statbuf; int result = 1; - if (!filename) - return result; + if (!filename) { + return result; + }
fd = open(filename, O_RDONLY); if (fd == -1) { - return result; + return result; } memset(&statbuf, '\0', sizeof(statbuf)); if (!(result = fstat(fd, &statbuf))) { if (((uid != -1) && (uid != statbuf.st_uid)) || - ((gid != -1) && (gid != statbuf.st_gid))) + ((gid != -1) && (gid != statbuf.st_gid))) { result = fchown(fd, uid, gid); } @@ -1377,7 +1378,8 @@ slapi_get_plugin_name(const char *path, const char *lib) char *ptr = PL_strrstr(fullname, lib);
/* see if /lib was added */ - if (ptr && ((ptr - fullname) >= libstrlen)) { + /* This check is ridiculous and hard to comprehend ... */ + if (ptr && ((ptr - fullname) >= (int)libstrlen)) { /* ptr is at the libname in fullname, and there is something before it */ ptr -= libstrlen; /* ptr now points at the "/" in "/lib" if it is there */ if (0 == PL_strncmp(ptr, libstr, libstrlen)) { @@ -1421,7 +1423,7 @@ slapi_is_special_rdn(const char *rdn, int flag) return 0; /* not a special rdn/dn */ }
- if (strlen(rdn) < util_uniqueidlen) { + if (strlen(rdn) < (size_t)util_uniqueidlen) { return 0; /* not a special rdn/dn */ } rp = (char *)rdn;
commit ea9d4bb162da15c39c61f410b214e4f5676bcbb5 Author: William Brown firstyear@redhat.com Date: Fri Aug 26 10:43:30 2016 +1000
Ticket 48805 - Misleading indent and Uninitialised struct member
Bug Description: Gcc 6.0 adds a number of new warning types that will help us proactively find errors. We should apply these fixes.
Fix Description: * Fix misleading indent. This led to the infamous goto fail; goto fail;. This involves wrapping if branches in {}, and retabbing in some places. This means that as the developer reading the code, we can correct see what statements are guarded, and what is not. * Missing struct members: We were not completely intialising structs completely in many cases. Gcc was helping by padding the rest as '0', but we should be explicit in our code and actions.
https://fedorahosted.org/389/ticket/48805
Author: wibrown
Review by: mreynolds (Thanks!)
diff --git a/configure b/configure index c2a4af6..a456450 100755 --- a/configure +++ b/configure @@ -3507,6 +3507,7 @@ _ACEOF
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 $as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } # Check whether --enable-maintainer-mode was given. diff --git a/ldap/servers/plugins/chainingdb/cb_bind.c b/ldap/servers/plugins/chainingdb/cb_bind.c index 7e77bd3..6c09b97 100644 --- a/ldap/servers/plugins/chainingdb/cb_bind.c +++ b/ldap/servers/plugins/chainingdb/cb_bind.c @@ -45,12 +45,13 @@ cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries, LDAPControl ***resctrlsp ,int *status) { int rc; - + do { /* check to see if operation has been abandoned...*/
- if (LDAP_AUTH_SIMPLE!=method) - return LDAP_AUTH_METHOD_NOT_SUPPORTED; + if (LDAP_AUTH_SIMPLE!=method) { + return LDAP_AUTH_METHOD_NOT_SUPPORTED; + }
if ( slapi_op_abandoned( pb )) { rc = LDAP_USER_CANCELLED; @@ -59,7 +60,7 @@ cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries, matcheddnp, errmsgp, refurlsp, resctrlsp ,status); } } while ( CB_LDAP_CONN_ERROR( rc ) && --tries > 0 ); - + return( rc ); }
diff --git a/ldap/servers/plugins/collation/orfilter.c b/ldap/servers/plugins/collation/orfilter.c index 084fdf6..a6d374d 100644 --- a/ldap/servers/plugins/collation/orfilter.c +++ b/ldap/servers/plugins/collation/orfilter.c @@ -55,7 +55,7 @@ or_filter_get (Slapi_PBlock* pb) { auto void* obj = NULL; if ( ! slapi_pblock_get (pb, SLAPI_PLUGIN_OBJECT, &obj)) { - return (or_filter_t*)obj; + return (or_filter_t*)obj; } return NULL; } diff --git a/ldap/servers/plugins/cos/cos_cache.c b/ldap/servers/plugins/cos/cos_cache.c index 8a32630..e2394dd 100644 --- a/ldap/servers/plugins/cos/cos_cache.c +++ b/ldap/servers/plugins/cos/cos_cache.c @@ -1256,7 +1256,7 @@ static int cos_cache_add_dn_tmpls(char *dn, cosAttrValue *pCosSpecifier, cosAttr { void *plugin_id; int scope; - struct tmpl_info info = {NULL, 0, 0}; + struct tmpl_info info = {NULL, 0, 0, 0}; Slapi_PBlock *pDnSearch = 0;
LDAPDebug( LDAP_DEBUG_TRACE, "--> cos_cache_add_dn_tmpls\n",0,0,0); diff --git a/ldap/servers/plugins/http/http_impl.c b/ldap/servers/plugins/http/http_impl.c index ac3d62a..82ba0c9 100644 --- a/ldap/servers/plugins/http/http_impl.c +++ b/ldap/servers/plugins/http/http_impl.c @@ -933,25 +933,26 @@ static char * isHttpReq(const char *url, int *sslOn) { static const char http_protopol_header[] = "http://"; static const char https_protopol_header[] = "https://"; - char *newstr = NULL; + char *newstr = NULL; /* skip leading white space */ - while (isAsciiSpace(*url)) + while (isAsciiSpace(*url)) { url++; + }
- if (strncmp(url, http_protopol_header, strlen(http_protopol_header)) == 0) { - newstr = (char *)PR_Calloc(1, (strlen(url)-strlen(http_protopol_header) + 1)); - strcpy(newstr, url+7); - strcat(newstr,"\0"); - *sslOn = 0; - } - else if (strncmp(url, https_protopol_header, strlen(https_protopol_header)) == 0) { - newstr = (char *)PR_Calloc(1, (strlen(url)-strlen(https_protopol_header) + 1)); - strcpy(newstr, url+8); - strcat(newstr,"\0"); - *sslOn = 1; - } + if (strncmp(url, http_protopol_header, strlen(http_protopol_header)) == 0) { + newstr = (char *)PR_Calloc(1, (strlen(url)-strlen(http_protopol_header) + 1)); + strcpy(newstr, url+7); + strcat(newstr,"\0"); + *sslOn = 0; + } + else if (strncmp(url, https_protopol_header, strlen(https_protopol_header)) == 0) { + newstr = (char *)PR_Calloc(1, (strlen(url)-strlen(https_protopol_header) + 1)); + strcpy(newstr, url+8); + strcat(newstr,"\0"); + *sslOn = 1; + }
- return newstr; + return newstr; }
PRFileDesc* setupSSLSocket(PRFileDesc* fd) diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c index aad300f..eae2b43 100644 --- a/ldap/servers/plugins/memberof/memberof.c +++ b/ldap/servers/plugins/memberof/memberof.c @@ -2634,7 +2634,7 @@ typedef struct _task_data
void memberof_fixup_task_thread(void *arg) { - MemberOfConfig configCopy = {0, 0, 0, 0}; + MemberOfConfig configCopy = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; Slapi_Task *task = (Slapi_Task *)arg; task_data *td = NULL; int rc = 0; diff --git a/ldap/servers/plugins/memberof/memberof_config.c b/ldap/servers/plugins/memberof/memberof_config.c index 99132d8..d2f8414 100644 --- a/ldap/servers/plugins/memberof/memberof_config.c +++ b/ldap/servers/plugins/memberof/memberof_config.c @@ -48,7 +48,7 @@ static int memberof_search (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_En /* This is the main configuration which is updated from dse.ldif. The * config will be copied when it is used by the plug-in to prevent it * being changed out from under a running memberOf operation. */ -static MemberOfConfig theConfig = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +static MemberOfConfig theConfig = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; static Slapi_RWLock *memberof_config_lock = 0; static int inited = 0;
diff --git a/ldap/servers/plugins/posix-winsync/posix-winsync.c b/ldap/servers/plugins/posix-winsync/posix-winsync.c index 5e36792..bdc9bdd 100644 --- a/ldap/servers/plugins/posix-winsync/posix-winsync.c +++ b/ldap/servers/plugins/posix-winsync/posix-winsync.c @@ -100,21 +100,21 @@ static windows_attribute_map user_attribute_map[] = { };
static windows_attribute_map user_mssfu_attribute_map[] = - { { "msSFU30homedirectory", "homeDirectory" }, - { "msSFU30loginshell", "loginShell" }, - { "msSFU30uidnumber", "uidNumber" }, - { "msSFU30gidnumber", "gidNumber" }, - { "msSFU30gecos", "gecos" }, - { NULL, NULL } }; + { { "msSFU30homedirectory", "homeDirectory", 1 }, + { "msSFU30loginshell", "loginShell", 0 }, + { "msSFU30uidnumber", "uidNumber", 1 }, + { "msSFU30gidnumber", "gidNumber", 1 }, + { "msSFU30gecos", "gecos", 0 }, + { NULL, NULL, 0 } };
/* memberUid must be first element or fixup in pre_ad_mod/add_group is required */ -static windows_attribute_map group_attribute_map[] = { { "memberUid", "memberUid" }, - { "gidNumber", "gidNumber" }, - { NULL, NULL } }; +static windows_attribute_map group_attribute_map[] = { { "memberUid", "memberUid", 0 }, + { "gidNumber", "gidNumber", 1 }, + { NULL, NULL, 0 } };
-static windows_attribute_map group_mssfu_attribute_map[] = { { "msSFU30memberUid", "memberUid" }, - { "msSFU30gidNumber", "gidNumber" }, - { NULL, NULL } }; +static windows_attribute_map group_mssfu_attribute_map[] = { { "msSFU30memberUid", "memberUid", 0 }, + { "msSFU30gidNumber", "gidNumber", 1 }, + { NULL, NULL, 0 } };
static char *posix_winsync_plugin_name = POSIX_WINSYNC_PLUGIN_NAME; static PRUint64 g_plugin_started = 0; diff --git a/ldap/servers/plugins/replication/repl5_protocol_util.c b/ldap/servers/plugins/replication/repl5_protocol_util.c index ce6281a..8be5d9b 100644 --- a/ldap/servers/plugins/replication/repl5_protocol_util.c +++ b/ldap/servers/plugins/replication/repl5_protocol_util.c @@ -585,9 +585,10 @@ release_replica(Private_Repl_Protocol *prp) PR_ASSERT(NULL != prp); PR_ASSERT(NULL != prp->conn);
- if (!prp->replica_acquired) - return; - + if (!prp->replica_acquired) { + return; + } + replarea_sdn = agmt_get_replarea(prp->agmt); payload = NSDS50EndReplicationRequest_new((char *)slapi_sdn_get_dn(replarea_sdn)); /* XXXggood had to cast away const */ slapi_sdn_free(&replarea_sdn); diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c index 59e5298..7da8970 100644 --- a/ldap/servers/plugins/replication/repl5_replica_config.c +++ b/ldap/servers/plugins/replication/repl5_replica_config.c @@ -639,21 +639,22 @@ replica_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry* }
done: - if (mtnode_ext->replica) - object_release (mtnode_ext->replica); + if (mtnode_ext->replica) { + object_release (mtnode_ext->replica); + }
- /* slapi_ch_free accepts NULL pointer */ - slapi_ch_free_string(&replica_root); + /* slapi_ch_free accepts NULL pointer */ + slapi_ch_free_string(&replica_root);
- PR_Unlock (s_configLock); + PR_Unlock (s_configLock);
- if (*returncode != LDAP_SUCCESS) - { - return SLAPI_DSE_CALLBACK_ERROR; - } - else + if (*returncode != LDAP_SUCCESS) + { + return SLAPI_DSE_CALLBACK_ERROR; + } + else { - return SLAPI_DSE_CALLBACK_OK; + return SLAPI_DSE_CALLBACK_OK; } }
@@ -969,12 +970,12 @@ replica_config_change_type_and_id (Replica *r, const char *new_type, } }
- /* disallow changing type to itself just to permit a replica ID change */ - if (oldtype == type) - { - PR_snprintf (returntext, SLAPI_DSE_RETURNTEXT_SIZE, "replica type is already %d - not changing", type); - return LDAP_OPERATIONS_ERROR; - } + /* disallow changing type to itself just to permit a replica ID change */ + if (oldtype == type) + { + PR_snprintf (returntext, SLAPI_DSE_RETURNTEXT_SIZE, "replica type is already %d - not changing", type); + return LDAP_OPERATIONS_ERROR; + }
if (type == REPLICA_TYPE_READONLY) { diff --git a/ldap/servers/plugins/replication/repl5_total.c b/ldap/servers/plugins/replication/repl5_total.c index dcb7af5..e326a9a 100644 --- a/ldap/servers/plugins/replication/repl5_total.c +++ b/ldap/servers/plugins/replication/repl5_total.c @@ -533,10 +533,10 @@ my_ber_scanf_value(BerElement *ber, Slapi_Value **value, PRBool *deleted) goto loser; } - if (attrval) - ber_bvfree(attrval); - - return 0; + if (attrval) { + ber_bvfree(attrval); + } + return 0;
loser: /* Free any stuff we allocated */ diff --git a/ldap/servers/plugins/replication/windows_private.c b/ldap/servers/plugins/replication/windows_private.c index c118236..28364e4 100644 --- a/ldap/servers/plugins/replication/windows_private.c +++ b/ldap/servers/plugins/replication/windows_private.c @@ -1570,7 +1570,7 @@ windows_private_set_move_action(const Repl_Agmt *ra, int value) LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= windows_private_set_move_action\n" ); }
-static PRCallOnceType winsync_callOnce = {0,0}; +static PRCallOnceType winsync_callOnce = {0,0,0};
struct winsync_plugin { struct winsync_plugin *next; /* see PRCList - declare here to avoid lots of casting */ diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c index 084b520..5d46a51 100644 --- a/ldap/servers/plugins/replication/windows_protocol_util.c +++ b/ldap/servers/plugins/replication/windows_protocol_util.c @@ -213,7 +213,7 @@ static windows_attribute_map user_attribute_map[] = { "name", "cn", fromwindowsonly, always, normal}, { "manager", "manager", bidirectional, always, dnmap}, { "seealso", "seealso", bidirectional, always, dnmap}, - {NULL, NULL, -1} + {NULL, NULL, -1, 0, 0} };
static windows_attribute_map group_attribute_map[] = @@ -224,7 +224,7 @@ static windows_attribute_map group_attribute_map[] = { "streetAddress", "street", towindowsonly, always, normal}, { FAKE_STREET_ATTR_NAME, "street", fromwindowsonly, always, normal}, { "member", "uniquemember", bidirectional, always, dnmap}, - {NULL, NULL, -1} + {NULL, NULL, -1, 0, 0} };
/* diff --git a/ldap/servers/plugins/syntaxes/bin.c b/ldap/servers/plugins/syntaxes/bin.c index 7f41f60..36f6026 100644 --- a/ldap/servers/plugins/syntaxes/bin.c +++ b/ldap/servers/plugins/syntaxes/bin.c @@ -81,35 +81,78 @@ static const char *octetStringOrderingMatch_names[] = {"octetStringOrderingMatch static char *octetStringCompat_syntaxes[] = {BINARY_SYNTAX_OID, JPEG_SYNTAX_OID, FAX_SYNTAX_OID, CERTIFICATE_SYNTAX_OID, CERTIFICATELIST_SYNTAX_OID, CERTIFICATEPAIR_SYNTAX_OID, SUPPORTEDALGORITHM_SYNTAX_OID, NULL};
static struct mr_plugin_def mr_plugin_table[] = { -{{"2.5.13.17", NULL, "octetStringMatch", "The octetStringMatch rule compares an assertion value of the Octet " -"String syntax to an attribute value of a syntax (e.g., the Octet " -"String or JPEG syntax) whose corresponding ASN.1 type is the OCTET " -"STRING ASN.1 type. " -"The rule evaluates to TRUE if and only if the attribute value and the " -"assertion value are the same length and corresponding octets (by " -"position) are the same.", OCTETSTRING_SYNTAX_OID, 0, octetStringCompat_syntaxes}, /* matching rule desc */ - {"octetStringMatch-mr", VENDOR, DS_PACKAGE_VERSION, "octetStringMatch matching rule plugin"}, /* plugin desc */ - octetStringMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, bin_filter_ava, NULL, bin_values2keys, - bin_assertion2keys_ava, NULL, bin_compare}, -{{"2.5.13.18", NULL, "octetStringOrderingMatch", "The octetStringOrderingMatch rule compares an assertion value of the " -"Octet String syntax to an attribute value of a syntax (e.g., the " -"Octet String or JPEG syntax) whose corresponding ASN.1 type is the " -"OCTET STRING ASN.1 type. " -"The rule evaluates to TRUE if and only if the attribute value appears " -"earlier in the collation order than the assertion value. The rule " -"compares octet strings from the first octet to the last octet, and " -"from the most significant bit to the least significant bit within the " -"octet. The first occurrence of a different bit determines the " -"ordering of the strings. A zero bit precedes a one bit. If the " -"strings contain different numbers of octets but the longer string is " -"identical to the shorter string up to the length of the shorter " -"string, then the shorter string precedes the longer string.", -OCTETSTRING_SYNTAX_OID, 0, octetStringCompat_syntaxes}, /* matching rule desc */ - {"octetStringOrderingMatch-mr", VENDOR, DS_PACKAGE_VERSION, "octetStringOrderingMatch matching rule plugin"}, /* plugin desc */ - octetStringOrderingMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, bin_filter_ava, NULL, bin_values2keys, - bin_assertion2keys_ava, NULL, bin_compare} + { + { + "2.5.13.17", + NULL, + "octetStringMatch", + "The octetStringMatch rule compares an assertion value of the Octet " + "String syntax to an attribute value of a syntax (e.g., the Octet " + "String or JPEG syntax) whose corresponding ASN.1 type is the OCTET " + "STRING ASN.1 type. " + "The rule evaluates to TRUE if and only if the attribute value and the " + "assertion value are the same length and corresponding octets (by " + "position) are the same.", + OCTETSTRING_SYNTAX_OID, + 0, + octetStringCompat_syntaxes + }, /* matching rule desc */ + { + "octetStringMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "octetStringMatch matching rule plugin" + }, /* plugin desc */ + octetStringMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + bin_filter_ava, + NULL, + bin_values2keys, + bin_assertion2keys_ava, + NULL, + bin_compare, + NULL /* mr_normalize */ + }, + { + { + "2.5.13.18", + NULL, + "octetStringOrderingMatch", + "The octetStringOrderingMatch rule compares an assertion value of the " + "Octet String syntax to an attribute value of a syntax (e.g., the " + "Octet String or JPEG syntax) whose corresponding ASN.1 type is the " + "OCTET STRING ASN.1 type. " + "The rule evaluates to TRUE if and only if the attribute value appears " + "earlier in the collation order than the assertion value. The rule " + "compares octet strings from the first octet to the last octet, and " + "from the most significant bit to the least significant bit within the " + "octet. The first occurrence of a different bit determines the " + "ordering of the strings. A zero bit precedes a one bit. If the " + "strings contain different numbers of octets but the longer string is " + "identical to the shorter string up to the length of the shorter " + "string, then the shorter string precedes the longer string.", + OCTETSTRING_SYNTAX_OID, + 0, + octetStringCompat_syntaxes + }, /* matching rule desc */ + { + "octetStringOrderingMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "octetStringOrderingMatch matching rule plugin" + }, /* plugin desc */ + octetStringOrderingMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + bin_filter_ava, + NULL, + bin_values2keys, + bin_assertion2keys_ava, + NULL, + bin_compare, + NULL /* mr_normalize */ + } }; /* certificateExactMatch diff --git a/ldap/servers/plugins/syntaxes/bitstring.c b/ldap/servers/plugins/syntaxes/bitstring.c index 50e8ad3..be066fb 100644 --- a/ldap/servers/plugins/syntaxes/bitstring.c +++ b/ldap/servers/plugins/syntaxes/bitstring.c @@ -46,22 +46,43 @@ static Slapi_PluginDesc pdesc = { "bitstring-syntax", VENDOR, DS_PACKAGE_VERSION static const char *bitStringMatch_names[] = {"bitStringMatch", "2.5.13.16", NULL};
static struct mr_plugin_def mr_plugin_table[] = { - {{"2.5.13.16", NULL, "bitStringMatch", "The bitStringMatch rule compares an assertion value of the Bit String " - "syntax to an attribute value of a syntax (e.g., the Bit String " - "syntax) whose corresponding ASN.1 type is BIT STRING. " - "If the corresponding ASN.1 type of the attribute syntax does not have " - "a named bit list [ASN.1] (which is the case for the Bit String " - "syntax), then the rule evaluates to TRUE if and only if the attribute " - "value has the same number of bits as the assertion value and the bits " - "match on a bitwise basis. " - "If the corresponding ASN.1 type does have a named bit list, then " - "bitStringMatch operates as above, except that trailing zero bits in " - "the attribute and assertion values are treated as absent.", - BITSTRING_SYNTAX_OID, 0, NULL /* only the specified syntax is supported */}, /* matching rule desc */ - {"bitStringMatch-mr", VENDOR, DS_PACKAGE_VERSION, "bitStringMatch matching rule plugin"}, /* plugin desc */ - bitStringMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, bitstring_filter_ava, NULL, bitstring_values2keys, - bitstring_assertion2keys_ava, NULL, bitstring_compare} + { + { + "2.5.13.16", + NULL, + "bitStringMatch", + "The bitStringMatch rule compares an assertion value of the Bit String " + "syntax to an attribute value of a syntax (e.g., the Bit String " + "syntax) whose corresponding ASN.1 type is BIT STRING. " + "If the corresponding ASN.1 type of the attribute syntax does not have " + "a named bit list [ASN.1] (which is the case for the Bit String " + "syntax), then the rule evaluates to TRUE if and only if the attribute " + "value has the same number of bits as the assertion value and the bits " + "match on a bitwise basis. " + "If the corresponding ASN.1 type does have a named bit list, then " + "bitStringMatch operates as above, except that trailing zero bits in " + "the attribute and assertion values are treated as absent.", + BITSTRING_SYNTAX_OID, + 0, + NULL /* only the specified syntax is supported */ + }, /* matching rule desc */ + { + "bitStringMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "bitStringMatch matching rule plugin" + }, /* plugin desc */ + bitStringMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + bitstring_filter_ava, + NULL, + bitstring_values2keys, + bitstring_assertion2keys_ava, + NULL, + bitstring_compare, + NULL /* mr_normalize; */ + } };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/plugins/syntaxes/ces.c b/ldap/servers/plugins/syntaxes/ces.c index a59a7dd..13f72ec 100644 --- a/ldap/servers/plugins/syntaxes/ces.c +++ b/ldap/servers/plugins/syntaxes/ces.c @@ -77,105 +77,210 @@ static char *caseExactSubstrings_syntaxes[] = {IA5STRING_SYNTAX_OID, /* allow IA static char *caseExactIA5Match_syntaxes[] = {DIRSTRING_SYNTAX_OID, NULL};
static struct mr_plugin_def mr_plugin_table[] = { -{{"1.3.6.1.4.1.1466.109.114.1", NULL, "caseExactIA5Match", "The caseExactIA5Match rule compares an assertion value of the IA5 " -"String syntax to an attribute value of a syntax (e.g., the IA5 String " -"syntax) whose corresponding ASN.1 type is IA5String. " -"The rule evaluates to TRUE if and only if the prepared attribute " -"value character string and the prepared assertion value character " -"string have the same number of characters and corresponding " -"characters have the same code point. " -"In preparing the attribute value and assertion value for comparison, " -"characters are not case folded in the Map preparation step, and only " -"Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", -IA5STRING_SYNTAX_OID, 0, caseExactIA5Match_syntaxes}, /* matching rule desc */ - {"caseExactIA5Match-mr", VENDOR, DS_PACKAGE_VERSION, "caseExactIA5Match matching rule plugin"}, /* plugin desc */ - caseExactIA5Match_names, /* matching rule name/oid/aliases */ - NULL, NULL, ces_filter_ava, NULL, ces_values2keys, - ces_assertion2keys_ava, NULL, ces_compare, ces_normalize}, -{{"2.5.13.5", NULL, "caseExactMatch", "The caseExactMatch rule compares an assertion value of the Directory " -"String syntax to an attribute value of a syntax (e.g., the Directory " -"String, Printable String, Country String, or Telephone Number syntax) " -"whose corresponding ASN.1 type is DirectoryString or one of the " -"alternative string types of DirectoryString, such as PrintableString " -"(the other alternatives do not correspond to any syntax defined in " -"this document). " -"The rule evaluates to TRUE if and only if the prepared attribute " -"value character string and the prepared assertion value character " -"string have the same number of characters and corresponding " -"characters have the same code point. " -"In preparing the attribute value and assertion value for comparison, " -"characters are not case folded in the Map preparation step, and only " -"Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", -DIRSTRING_SYNTAX_OID, 0, dirStringCompat_syntaxes}, /* matching rule desc */ - {"caseExactMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseExactMatch matching rule plugin"}, /* plugin desc */ - caseExactMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, ces_filter_ava, NULL, ces_values2keys, - ces_assertion2keys_ava, NULL, ces_compare, ces_normalize}, -{{"2.5.13.6", NULL, "caseExactOrderingMatch", "The caseExactOrderingMatch rule compares an assertion value of the " -"Directory String syntax to an attribute value of a syntax (e.g., the " -"Directory String, Printable String, Country String, or Telephone " -"Number syntax) whose corresponding ASN.1 type is DirectoryString or " -"one of its alternative string types. " -"The rule evaluates to TRUE if and only if, in the code point " -"collation order, the prepared attribute value character string " -"appears earlier than the prepared assertion value character string; " -"i.e., the attribute value is "less than" the assertion value. " -"In preparing the attribute value and assertion value for comparison, " -"characters are not case folded in the Map preparation step, and only " -"Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", -DIRSTRING_SYNTAX_OID, 0, dirStringCompat_syntaxes}, /* matching rule desc */ - {"caseExactOrderingMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseExactOrderingMatch matching rule plugin"}, /* plugin desc */ - caseExactOrderingMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, ces_filter_ava, NULL, ces_values2keys, - ces_assertion2keys_ava, NULL, ces_compare, ces_normalize}, -{{"2.5.13.7", NULL, "caseExactSubstringsMatch", "The caseExactSubstringsMatch rule compares an assertion value of the " -"Substring Assertion syntax to an attribute value of a syntax (e.g., " -"the Directory String, Printable String, Country String, or Telephone " -"Number syntax) whose corresponding ASN.1 type is DirectoryString or " -"one of its alternative string types. " -"The rule evaluates to TRUE if and only if (1) the prepared substrings " -"of the assertion value match disjoint portions of the prepared " -"attribute value character string in the order of the substrings in " -"the assertion value, (2) an <initial> substring, if present, matches " -"the beginning of the prepared attribute value character string, and " -"(3) a <final> substring, if present, matches the end of the prepared " -"attribute value character string. A prepared substring matches a " -"portion of the prepared attribute value character string if " -"corresponding characters have the same code point. " -"In preparing the attribute value and assertion value substrings for " -"comparison, characters are not case folded in the Map preparation " -"step, and only Insignificant Space Handling is applied in the " -"Insignificant Character Handling step.", -"1.3.6.1.4.1.1466.115.121.1.58", 0, caseExactSubstrings_syntaxes}, /* matching rule desc */ - {"caseExactSubstringsMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseExactSubstringsMatch matching rule plugin"}, /* plugin desc */ - caseExactSubstringsMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, NULL, ces_filter_sub, ces_values2keys, - NULL, ces_assertion2keys_sub, ces_compare, ces_normalize}, -{{CASEEXACTIA5SUBSTRINGSMATCH_OID, NULL, "caseExactIA5SubstringsMatch", "The caseExactIA5SubstringsMatch rule compares an assertion value of the " -"Substring Assertion syntax to an attribute value of a syntax (e.g., " -"the IA5 syntax) whose corresponding ASN.1 type is IA5 String or " -"one of its alternative string types. " -"The rule evaluates to TRUE if and only if (1) the prepared substrings " -"of the assertion value match disjoint portions of the prepared " -"attribute value character string in the order of the substrings in " -"the assertion value, (2) an <initial> substring, if present, matches " -"the beginning of the prepared attribute value character string, and " -"(3) a <final> substring, if present, matches the end of the prepared " -"attribute value character string. A prepared substring matches a " -"portion of the prepared attribute value character string if " -"corresponding characters have the same code point. " -"In preparing the attribute value and assertion value substrings for " -"comparison, characters are not case folded in the Map preparation " -"step, and only Insignificant Space Handling is applied in the " -"Insignificant Character Handling step.", -"1.3.6.1.4.1.1466.115.121.1.58", 0, ia5String_syntaxes}, /* matching rule desc */ - {"caseExactIA5SubstringsMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseExactIA5SubstringsMatch matching rule plugin"}, /* plugin desc */ - caseExactIA5SubstringsMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, NULL, ces_filter_sub, ces_values2keys, - NULL, ces_assertion2keys_sub, ces_compare, ces_normalize} + { + { + "1.3.6.1.4.1.1466.109.114.1", + NULL, + "caseExactIA5Match", + "The caseExactIA5Match rule compares an assertion value of the IA5 " + "String syntax to an attribute value of a syntax (e.g., the IA5 String " + "syntax) whose corresponding ASN.1 type is IA5String. " + "The rule evaluates to TRUE if and only if the prepared attribute " + "value character string and the prepared assertion value character " + "string have the same number of characters and corresponding " + "characters have the same code point. " + "In preparing the attribute value and assertion value for comparison, " + "characters are not case folded in the Map preparation step, and only " + "Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + IA5STRING_SYNTAX_OID, + 0, + caseExactIA5Match_syntaxes + }, /* matching rule desc */ + { + "caseExactIA5Match-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseExactIA5Match matching rule plugin" + }, /* plugin desc */ + caseExactIA5Match_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + ces_filter_ava, + NULL, + ces_values2keys, + ces_assertion2keys_ava, + NULL, + ces_compare, + ces_normalize + }, + { + { + "2.5.13.5", + NULL, + "caseExactMatch", + "The caseExactMatch rule compares an assertion value of the Directory " + "String syntax to an attribute value of a syntax (e.g., the Directory " + "String, Printable String, Country String, or Telephone Number syntax) " + "whose corresponding ASN.1 type is DirectoryString or one of the " + "alternative string types of DirectoryString, such as PrintableString " + "(the other alternatives do not correspond to any syntax defined in " + "this document). " + "The rule evaluates to TRUE if and only if the prepared attribute " + "value character string and the prepared assertion value character " + "string have the same number of characters and corresponding " + "characters have the same code point. " + "In preparing the attribute value and assertion value for comparison, " + "characters are not case folded in the Map preparation step, and only " + "Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + DIRSTRING_SYNTAX_OID, + 0, + dirStringCompat_syntaxes + }, /* matching rule desc */ + { + "caseExactMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseExactMatch matching rule plugin" + }, /* plugin desc */ + caseExactMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + ces_filter_ava, + NULL, + ces_values2keys, + ces_assertion2keys_ava, + NULL, + ces_compare, + ces_normalize + }, + { + { + "2.5.13.6", + NULL, + "caseExactOrderingMatch", + "The caseExactOrderingMatch rule compares an assertion value of the " + "Directory String syntax to an attribute value of a syntax (e.g., the " + "Directory String, Printable String, Country String, or Telephone " + "Number syntax) whose corresponding ASN.1 type is DirectoryString or " + "one of its alternative string types. " + "The rule evaluates to TRUE if and only if, in the code point " + "collation order, the prepared attribute value character string " + "appears earlier than the prepared assertion value character string; " + "i.e., the attribute value is "less than" the assertion value. " + "In preparing the attribute value and assertion value for comparison, " + "characters are not case folded in the Map preparation step, and only " + "Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + DIRSTRING_SYNTAX_OID, + 0, + dirStringCompat_syntaxes + }, /* matching rule desc */ + { + "caseExactOrderingMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseExactOrderingMatch matching rule plugin" + }, /* plugin desc */ + caseExactOrderingMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + ces_filter_ava, + NULL, + ces_values2keys, + ces_assertion2keys_ava, + NULL, + ces_compare, + ces_normalize + }, + { + { + "2.5.13.7", + NULL, + "caseExactSubstringsMatch", + "The caseExactSubstringsMatch rule compares an assertion value of the " + "Substring Assertion syntax to an attribute value of a syntax (e.g., " + "the Directory String, Printable String, Country String, or Telephone " + "Number syntax) whose corresponding ASN.1 type is DirectoryString or " + "one of its alternative string types. " + "The rule evaluates to TRUE if and only if (1) the prepared substrings " + "of the assertion value match disjoint portions of the prepared " + "attribute value character string in the order of the substrings in " + "the assertion value, (2) an <initial> substring, if present, matches " + "the beginning of the prepared attribute value character string, and " + "(3) a <final> substring, if present, matches the end of the prepared " + "attribute value character string. A prepared substring matches a " + "portion of the prepared attribute value character string if " + "corresponding characters have the same code point. " + "In preparing the attribute value and assertion value substrings for " + "comparison, characters are not case folded in the Map preparation " + "step, and only Insignificant Space Handling is applied in the " + "Insignificant Character Handling step.", + "1.3.6.1.4.1.1466.115.121.1.58", + 0, + caseExactSubstrings_syntaxes + }, /* matching rule desc */ + { + "caseExactSubstringsMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseExactSubstringsMatch matching rule plugin" + }, /* plugin desc */ + caseExactSubstringsMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + NULL, + ces_filter_sub, + ces_values2keys, + NULL, + ces_assertion2keys_sub, + ces_compare, + ces_normalize + }, + { + { + CASEEXACTIA5SUBSTRINGSMATCH_OID, + NULL, + "caseExactIA5SubstringsMatch", + "The caseExactIA5SubstringsMatch rule compares an assertion value of the " + "Substring Assertion syntax to an attribute value of a syntax (e.g., " + "the IA5 syntax) whose corresponding ASN.1 type is IA5 String or " + "one of its alternative string types. " + "The rule evaluates to TRUE if and only if (1) the prepared substrings " + "of the assertion value match disjoint portions of the prepared " + "attribute value character string in the order of the substrings in " + "the assertion value, (2) an <initial> substring, if present, matches " + "the beginning of the prepared attribute value character string, and " + "(3) a <final> substring, if present, matches the end of the prepared " + "attribute value character string. A prepared substring matches a " + "portion of the prepared attribute value character string if " + "corresponding characters have the same code point. " + "In preparing the attribute value and assertion value substrings for " + "comparison, characters are not case folded in the Map preparation " + "step, and only Insignificant Space Handling is applied in the " + "Insignificant Character Handling step.", + "1.3.6.1.4.1.1466.115.121.1.58", + 0, + ia5String_syntaxes + }, /* matching rule desc */ + { + "caseExactIA5SubstringsMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseExactIA5SubstringsMatch matching rule plugin" + }, /* plugin desc */ + caseExactIA5SubstringsMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + NULL, + ces_filter_sub, + ces_values2keys, + NULL, + ces_assertion2keys_sub, + ces_compare, + ces_normalize + } };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/plugins/syntaxes/cis.c b/ldap/servers/plugins/syntaxes/cis.c index dca27e1..8f2f9c7 100644 --- a/ldap/servers/plugins/syntaxes/cis.c +++ b/ldap/servers/plugins/syntaxes/cis.c @@ -180,209 +180,488 @@ static char *caseIgnoreListSubstringsMatch_syntaxes[] = {POSTALADDRESS_SYNTAX_OI static char *objectIdentifierFirstComponentMatch_syntaxes[] = {DIRSTRING_SYNTAX_OID, NULL};
static struct mr_plugin_def mr_plugin_table[] = { -{{GENERALIZEDTIMEMATCH_OID, NULL /* no alias? */, - "generalizedTimeMatch", "The rule evaluates to TRUE if and only if the attribute value represents the same universal coordinated time as the assertion value.", - GENERALIZEDTIME_SYNTAX_OID, 0 /* not obsolete */, NULL /* no other syntaxes supported */ }, - {"generalizedTimeMatch-mr", VENDOR, DS_PACKAGE_VERSION, "generalizedTimeMatch matching rule plugin"}, /* plugin desc */ - generalizedTimeMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -{{GENERALIZEDTIMEORDERINGMATCH_OID, NULL /* no alias? */, - "generalizedTimeOrderingMatch", "The rule evaluates to TRUE if and only if the attribute value represents a universal coordinated time that is earlier than the universal coordinated time represented by the assertion value.", - GENERALIZEDTIME_SYNTAX_OID, 0 /* not obsolete */, NULL /* no other syntaxes supported */ }, - {"generalizedTimeOrderingMatch-mr", VENDOR, DS_PACKAGE_VERSION, "generalizedTimeOrderingMatch matching rule plugin"}, /* plugin desc */ - generalizedTimeOrderingMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -/* strictly speaking, boolean is case sensitive */ -{{"2.5.13.13", NULL, "booleanMatch", "The booleanMatch rule compares an assertion value of the Boolean " -"syntax to an attribute value of a syntax (e.g., the Boolean syntax) " -"whose corresponding ASN.1 type is BOOLEAN. " -"The rule evaluates to TRUE if and only if the attribute value and the " -"assertion value are both TRUE or both FALSE.", BOOLEAN_SYNTAX_OID, 0, NULL /* no other syntaxes supported */}, /* matching rule desc */ - {"booleanMatch-mr", VENDOR, DS_PACKAGE_VERSION, "booleanMatch matching rule plugin"}, /* plugin desc */ - booleanMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -{{"1.3.6.1.4.1.1466.109.114.2", NULL, "caseIgnoreIA5Match", "The caseIgnoreIA5Match rule compares an assertion value of the IA5 " -"String syntax to an attribute value of a syntax (e.g., the IA5 String " -"syntax) whose corresponding ASN.1 type is IA5String. " -"The rule evaluates to TRUE if and only if the prepared attribute " -"value character string and the prepared assertion value character " -"string have the same number of characters and corresponding " -"characters have the same code point. " -"In preparing the attribute value and assertion value for comparison, " -"characters are case folded in the Map preparation step, and only " -"Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", IA5STRING_SYNTAX_OID, 0, NULL /* no other syntaxes supported */}, /* matching rule desc */ - {"caseIgnoreIA5Match-mr", VENDOR, DS_PACKAGE_VERSION, "caseIgnoreIA5Match matching rule plugin"}, /* plugin desc */ - caseIgnoreIA5Match_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -{{"1.3.6.1.4.1.1466.109.114.3", NULL, "caseIgnoreIA5SubstringsMatch", "The caseIgnoreIA5SubstringsMatch rule compares an assertion value of " -"the Substring Assertion syntax to an attribute value of a syntax " -"(e.g., the IA5 String syntax) whose corresponding ASN.1 type is " -"IA5String. " -"The rule evaluates to TRUE if and only if (1) the prepared substrings " -"of the assertion value match disjoint portions of the prepared " -"attribute value character string in the order of the substrings in " -"the assertion value, (2) an <initial> substring, if present, matches " -"the beginning of the prepared attribute value character string, and " -"(3) a <final> substring, if present, matches the end of the prepared " -"attribute value character string. A prepared substring matches a " -"portion of the prepared attribute value character string if " -"corresponding characters have the same code point. " -"In preparing the attribute value and assertion value substrings for " -"comparison, characters are case folded in the Map preparation step, " -"and only Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", "1.3.6.1.4.1.1466.115.121.1.58", 0, caseIgnoreIA5SubstringsMatch_syntaxes}, /* matching rule desc */ - {"caseIgnoreIA5SubstringsMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseIgnoreIA5SubstringsMatch matching rule plugin"}, /* plugin desc */ - caseIgnoreIA5SubstringsMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, NULL, cis_filter_sub, cis_values2keys, - NULL, cis_assertion2keys_sub, NULL, cis_normalize}, -{{"2.5.13.2", NULL, "caseIgnoreMatch", "The caseIgnoreMatch rule compares an assertion value of the Directory " -"String syntax to an attribute value of a syntax (e.g., the Directory " -"String, Printable String, Country String, or Telephone Number syntax) " -"whose corresponding ASN.1 type is DirectoryString or one of its " -"alternative string types. " -"The rule evaluates to TRUE if and only if the prepared attribute " -"value character string and the prepared assertion value character " -"string have the same number of characters and corresponding " -"characters have the same code point. " -"In preparing the attribute value and assertion value for comparison, " -"characters are case folded in the Map preparation step, and only " -"Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", DIRSTRING_SYNTAX_OID, 0, dirStringCompat_syntaxes}, /* matching rule desc */ - {"caseIgnoreMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseIgnoreMatch matching rule plugin"}, /* plugin desc */ - caseIgnoreMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -{{"2.5.13.3", NULL, "caseIgnoreOrderingMatch", "The caseIgnoreOrderingMatch rule compares an assertion value of the " -"Directory String syntax to an attribute value of a syntax (e.g., the " -"Directory String, Printable String, Country String, or Telephone " -"Number syntax) whose corresponding ASN.1 type is DirectoryString or " -"one of its alternative string types. " -"The rule evaluates to TRUE if and only if, in the code point " -"collation order, the prepared attribute value character string " -"appears earlier than the prepared assertion value character string; " -"i.e., the attribute value is "less than" the assertion value. " -"In preparing the attribute value and assertion value for comparison, " -"characters are case folded in the Map preparation step, and only " -"Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", DIRSTRING_SYNTAX_OID, 0, dirStringCompat_syntaxes}, /* matching rule desc */ - {"caseIgnoreOrderingMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseIgnoreOrderingMatch matching rule plugin"}, /* plugin desc */ - caseIgnoreOrderingMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -{{"2.5.13.4", NULL, "caseIgnoreSubstringsMatch", "The caseIgnoreSubstringsMatch rule compares an assertion value of the " -"Substring Assertion syntax to an attribute value of a syntax (e.g., " -"the Directory String, Printable String, Country String, or Telephone " -"Number syntax) whose corresponding ASN.1 type is DirectoryString or " -"one of its alternative string types. " -"The rule evaluates to TRUE if and only if (1) the prepared substrings " -"of the assertion value match disjoint portions of the prepared " -"attribute value character string in the order of the substrings in " -"the assertion value, (2) an <initial> substring, if present, matches " -"the beginning of the prepared attribute value character string, and " -"(3) a <final> substring, if present, matches the end of the prepared " -"attribute value character string. A prepared substring matches a " -"portion of the prepared attribute value character string if " -"corresponding characters have the same code point. " -"In preparing the attribute value and assertion value substrings for " -"comparison, characters are case folded in the Map preparation step, " -"and only Insignificant Space Handling is applied in the Insignificant " -"Character Handling step.", "1.3.6.1.4.1.1466.115.121.1.58", 0, dirString_syntaxes}, /* matching rule desc */ - {"caseIgnoreSubstringsMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseIgnoreSubstringsMatch matching rule plugin"}, /* plugin desc */ - caseIgnoreSubstringsMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, NULL, cis_filter_sub, cis_values2keys, - NULL, cis_assertion2keys_sub, cis_compare, cis_normalize}, -{{"2.5.13.11", NULL, "caseIgnoreListMatch", "The caseIgnoreListMatch rule compares an assertion value that is a " -"sequence of strings to an attribute value of a syntax (e.g., the " -"Postal Address syntax) whose corresponding ASN.1 type is a SEQUENCE " -"OF the DirectoryString ASN.1 type. " -"The rule evaluates to TRUE if and only if the attribute value and the " -"assertion value have the same number of strings and corresponding " -"strings (by position) match according to the caseIgnoreMatch matching " -"rule. " -"In [X.520], the assertion syntax for this matching rule is defined to " -"be: " -" SEQUENCE OF DirectoryString {ub-match} " -"That is, it is different from the corresponding type for the Postal " -"Address syntax. The choice of the Postal Address syntax for the " -"assertion syntax of the caseIgnoreListMatch in LDAP should not be " -"seen as limiting the matching rule to apply only to attributes with " -"the Postal Address syntax.", POSTALADDRESS_SYNTAX_OID, 0, NULL /* postal syntax only */}, /* matching rule desc */ - {"caseIgnoreListMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseIgnoreListMatch matching rule plugin"}, /* plugin desc */ - caseIgnoreListMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -{{"2.5.13.12", NULL, "caseIgnoreListSubstringsMatch", "The caseIgnoreListSubstringsMatch rule compares an assertion value of " -"the Substring Assertion syntax to an attribute value of a syntax " -"(e.g., the Postal Address syntax) whose corresponding ASN.1 type is a " -"SEQUENCE OF the DirectoryString ASN.1 type. " -"The rule evaluates to TRUE if and only if the assertion value " -"matches, per the caseIgnoreSubstringsMatch rule, the character string " -"formed by concatenating the strings of the attribute value, except " -"that none of the <initial>, <any>, or <final> substrings of the " -"assertion value are considered to match a substring of the " -"concatenated string which spans more than one of the original strings " -"of the attribute value. " -"Note that, in terms of the LDAP-specific encoding of the Postal " -"Address syntax, the concatenated string omits the <DOLLAR> line " -"separator and the escaping of "\" and "$" characters.", -"1.3.6.1.4.1.1466.115.121.1.58", 0, caseIgnoreListSubstringsMatch_syntaxes}, /* matching rule desc */ - {"caseIgnoreListSubstringsMatch-mr", VENDOR, DS_PACKAGE_VERSION, "caseIgnoreListSubstringsMatch matching rule plugin"}, /* plugin desc */ - caseIgnoreListSubstringsMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, NULL, cis_filter_sub, cis_values2keys, - NULL, cis_assertion2keys_sub, cis_compare, cis_normalize}, -{{"2.5.13.0", NULL, "objectIdentifierMatch", "The objectIdentifierMatch rule compares an assertion value of the OID " -"syntax to an attribute value of a syntax (e.g., the OID syntax) whose " -"corresponding ASN.1 type is OBJECT IDENTIFIER. " -"The rule evaluates to TRUE if and only if the assertion value and the " -"attribute value represent the same object identifier; that is, the " -"same sequence of integers, whether represented explicitly in the " -"<numericoid> form of <oid> or implicitly in the <descr> form (see " -"[RFC4512]). " -"If an LDAP client supplies an assertion value in the <descr> form and " -"the chosen descriptor is not recognized by the server, then the " -"objectIdentifierMatch rule evaluates to Undefined.", -OID_SYNTAX_OID, 0, NULL /* OID syntax only for now */}, /* matching rule desc */ - {"objectIdentifierMatch-mr", VENDOR, DS_PACKAGE_VERSION, "objectIdentifierMatch matching rule plugin"}, /* plugin desc */ - objectIdentifierMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, cis_compare, cis_normalize}, -{{"2.5.13.31", NULL, "directoryStringFirstComponentMatch", "The directoryStringFirstComponentMatch rule compares an assertion " -"value of the Directory String syntax to an attribute value of a " -"syntax whose corresponding ASN.1 type is a SEQUENCE with a mandatory " -"first component of the DirectoryString ASN.1 type. " -"Note that the assertion syntax of this matching rule differs from the " -"attribute syntax of attributes for which this is the equality " -"matching rule. " -"The rule evaluates to TRUE if and only if the assertion value matches " -"the first component of the attribute value using the rules of " -"caseIgnoreMatch.", DIRSTRING_SYNTAX_OID, 0, dirStringCompat_syntaxes}, /* matching rule desc */ - {"directoryStringFirstComponentMatch-mr", VENDOR, DS_PACKAGE_VERSION, "directoryStringFirstComponentMatch matching rule plugin"}, /* plugin desc */ - directoryStringFirstComponentMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, NULL, cis_normalize}, -{{"2.5.13.30", NULL, "objectIdentifierFirstComponentMatch", -"The objectIdentifierFirstComponentMatch rule compares an assertion " -"value of the OID syntax to an attribute value of a syntax (e.g., the " -"Attribute Type Description, DIT Content Rule Description, LDAP Syntax " -"Description, Matching Rule Description, Matching Rule Use " -"Description, Name Form Description, or Object Class Description " -"syntax) whose corresponding ASN.1 type is a SEQUENCE with a mandatory " -"first component of the OBJECT IDENTIFIER ASN.1 type. " -"Note that the assertion syntax of this matching rule differs from the " -"attribute syntax of attributes for which this is the equality " -"matching rule. " -"The rule evaluates to TRUE if and only if the assertion value matches " -"the first component of the attribute value using the rules of " -"objectIdentifierMatch.", OID_SYNTAX_OID, 0, objectIdentifierFirstComponentMatch_syntaxes}, /* matching rule desc */ - {"objectIdentifierFirstComponentMatch-mr", VENDOR, DS_PACKAGE_VERSION, "objectIdentifierFirstComponentMatch matching rule plugin"}, /* plugin desc */ - objectIdentifierFirstComponentMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, cis_filter_ava, NULL, cis_values2keys, - cis_assertion2keys_ava, NULL, NULL, cis_normalize} + { + { + GENERALIZEDTIMEMATCH_OID, + NULL /* no alias? */, + "generalizedTimeMatch", + "The rule evaluates to TRUE if and only if the attribute value represents the same universal coordinated time as the assertion value.", + GENERALIZEDTIME_SYNTAX_OID, + 0 /* not obsolete */, + NULL /* no other syntaxes supported */ + }, + { + "generalizedTimeMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "generalizedTimeMatch matching rule plugin" + }, /* plugin desc */ + generalizedTimeMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + { + { + GENERALIZEDTIMEORDERINGMATCH_OID, + NULL /* no alias? */, + "generalizedTimeOrderingMatch", + "The rule evaluates to TRUE if and only if the attribute value represents a universal coordinated time that is earlier than the universal coordinated time represented by the assertion value.", + GENERALIZEDTIME_SYNTAX_OID, + 0 /* not obsolete */, + NULL /* no other syntaxes supported */ + }, + { + "generalizedTimeOrderingMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "generalizedTimeOrderingMatch matching rule plugin" + }, /* plugin desc */ + generalizedTimeOrderingMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + /* strictly speaking, boolean is case sensitive */ + { + { + "2.5.13.13", + NULL, + "booleanMatch", + "The booleanMatch rule compares an assertion value of the Boolean " + "syntax to an attribute value of a syntax (e.g., the Boolean syntax) " + "whose corresponding ASN.1 type is BOOLEAN. " + "The rule evaluates to TRUE if and only if the attribute value and the " + "assertion value are both TRUE or both FALSE.", + BOOLEAN_SYNTAX_OID, + 0, + NULL /* no other syntaxes supported */ + }, /* matching rule desc */ + { + "booleanMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "booleanMatch matching rule plugin" + }, /* plugin desc */ + booleanMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + { + { + "1.3.6.1.4.1.1466.109.114.2", + NULL, + "caseIgnoreIA5Match", + "The caseIgnoreIA5Match rule compares an assertion value of the IA5 " + "String syntax to an attribute value of a syntax (e.g., the IA5 String " + "syntax) whose corresponding ASN.1 type is IA5String. " + "The rule evaluates to TRUE if and only if the prepared attribute " + "value character string and the prepared assertion value character " + "string have the same number of characters and corresponding " + "characters have the same code point. " + "In preparing the attribute value and assertion value for comparison, " + "characters are case folded in the Map preparation step, and only " + "Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + IA5STRING_SYNTAX_OID, + 0, + NULL /* no other syntaxes supported */ + }, /* matching rule desc */ + { + "caseIgnoreIA5Match-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseIgnoreIA5Match matching rule plugin" + }, /* plugin desc */ + caseIgnoreIA5Match_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + { + { + "1.3.6.1.4.1.1466.109.114.3", + NULL, + "caseIgnoreIA5SubstringsMatch", + "The caseIgnoreIA5SubstringsMatch rule compares an assertion value of " + "the Substring Assertion syntax to an attribute value of a syntax " + "(e.g., the IA5 String syntax) whose corresponding ASN.1 type is " + "IA5String. " + "The rule evaluates to TRUE if and only if (1) the prepared substrings " + "of the assertion value match disjoint portions of the prepared " + "attribute value character string in the order of the substrings in " + "the assertion value, (2) an <initial> substring, if present, matches " + "the beginning of the prepared attribute value character string, and " + "(3) a <final> substring, if present, matches the end of the prepared " + "attribute value character string. A prepared substring matches a " + "portion of the prepared attribute value character string if " + "corresponding characters have the same code point. " + "In preparing the attribute value and assertion value substrings for " + "comparison, characters are case folded in the Map preparation step, " + "and only Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + "1.3.6.1.4.1.1466.115.121.1.58", + 0, + caseIgnoreIA5SubstringsMatch_syntaxes + }, /* matching rule desc */ + { + "caseIgnoreIA5SubstringsMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseIgnoreIA5SubstringsMatch matching rule plugin" + }, /* plugin desc */ + caseIgnoreIA5SubstringsMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + NULL, + cis_filter_sub, + cis_values2keys, + NULL, + cis_assertion2keys_sub, + NULL, + cis_normalize + }, + { + { + "2.5.13.2", + NULL, + "caseIgnoreMatch", + "The caseIgnoreMatch rule compares an assertion value of the Directory " + "String syntax to an attribute value of a syntax (e.g., the Directory " + "String, Printable String, Country String, or Telephone Number syntax) " + "whose corresponding ASN.1 type is DirectoryString or one of its " + "alternative string types. " + "The rule evaluates to TRUE if and only if the prepared attribute " + "value character string and the prepared assertion value character " + "string have the same number of characters and corresponding " + "characters have the same code point. " + "In preparing the attribute value and assertion value for comparison, " + "characters are case folded in the Map preparation step, and only " + "Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + DIRSTRING_SYNTAX_OID, + 0, + dirStringCompat_syntaxes + }, /* matching rule desc */ + { + "caseIgnoreMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseIgnoreMatch matching rule plugin" + }, /* plugin desc */ + caseIgnoreMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + { + { + "2.5.13.3", + NULL, + "caseIgnoreOrderingMatch", + "The caseIgnoreOrderingMatch rule compares an assertion value of the " + "Directory String syntax to an attribute value of a syntax (e.g., the " + "Directory String, Printable String, Country String, or Telephone " + "Number syntax) whose corresponding ASN.1 type is DirectoryString or " + "one of its alternative string types. " + "The rule evaluates to TRUE if and only if, in the code point " + "collation order, the prepared attribute value character string " + "appears earlier than the prepared assertion value character string; " + "i.e., the attribute value is "less than" the assertion value. " + "In preparing the attribute value and assertion value for comparison, " + "characters are case folded in the Map preparation step, and only " + "Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + DIRSTRING_SYNTAX_OID, + 0, + dirStringCompat_syntaxes + }, /* matching rule desc */ + { + "caseIgnoreOrderingMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseIgnoreOrderingMatch matching rule plugin" + }, /* plugin desc */ + caseIgnoreOrderingMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + { + { + "2.5.13.4", + NULL, + "caseIgnoreSubstringsMatch", + "The caseIgnoreSubstringsMatch rule compares an assertion value of the " + "Substring Assertion syntax to an attribute value of a syntax (e.g., " + "the Directory String, Printable String, Country String, or Telephone " + "Number syntax) whose corresponding ASN.1 type is DirectoryString or " + "one of its alternative string types. " + "The rule evaluates to TRUE if and only if (1) the prepared substrings " + "of the assertion value match disjoint portions of the prepared " + "attribute value character string in the order of the substrings in " + "the assertion value, (2) an <initial> substring, if present, matches " + "the beginning of the prepared attribute value character string, and " + "(3) a <final> substring, if present, matches the end of the prepared " + "attribute value character string. A prepared substring matches a " + "portion of the prepared attribute value character string if " + "corresponding characters have the same code point. " + "In preparing the attribute value and assertion value substrings for " + "comparison, characters are case folded in the Map preparation step, " + "and only Insignificant Space Handling is applied in the Insignificant " + "Character Handling step.", + "1.3.6.1.4.1.1466.115.121.1.58", + 0, + dirString_syntaxes + }, /* matching rule desc */ + { + "caseIgnoreSubstringsMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseIgnoreSubstringsMatch matching rule plugin" + }, /* plugin desc */ + caseIgnoreSubstringsMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + NULL, + cis_filter_sub, + cis_values2keys, + NULL, + cis_assertion2keys_sub, + cis_compare, + cis_normalize + }, + { + { + "2.5.13.11", + NULL, + "caseIgnoreListMatch", + "The caseIgnoreListMatch rule compares an assertion value that is a " + "sequence of strings to an attribute value of a syntax (e.g., the " + "Postal Address syntax) whose corresponding ASN.1 type is a SEQUENCE " + "OF the DirectoryString ASN.1 type. " + "The rule evaluates to TRUE if and only if the attribute value and the " + "assertion value have the same number of strings and corresponding " + "strings (by position) match according to the caseIgnoreMatch matching " + "rule. " + "In [X.520], the assertion syntax for this matching rule is defined to " + "be: " + " SEQUENCE OF DirectoryString {ub-match} " + "That is, it is different from the corresponding type for the Postal " + "Address syntax. The choice of the Postal Address syntax for the " + "assertion syntax of the caseIgnoreListMatch in LDAP should not be " + "seen as limiting the matching rule to apply only to attributes with " + "the Postal Address syntax.", + POSTALADDRESS_SYNTAX_OID, + 0, + NULL /* postal syntax only */ + }, /* matching rule desc */ + { + "caseIgnoreListMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseIgnoreListMatch matching rule plugin" + }, /* plugin desc */ + caseIgnoreListMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + { + { + "2.5.13.12", + NULL, + "caseIgnoreListSubstringsMatch", + "The caseIgnoreListSubstringsMatch rule compares an assertion value of " + "the Substring Assertion syntax to an attribute value of a syntax " + "(e.g., the Postal Address syntax) whose corresponding ASN.1 type is a " + "SEQUENCE OF the DirectoryString ASN.1 type. " + "The rule evaluates to TRUE if and only if the assertion value " + "matches, per the caseIgnoreSubstringsMatch rule, the character string " + "formed by concatenating the strings of the attribute value, except " + "that none of the <initial>, <any>, or <final> substrings of the " + "assertion value are considered to match a substring of the " + "concatenated string which spans more than one of the original strings " + "of the attribute value. " + "Note that, in terms of the LDAP-specific encoding of the Postal " + "Address syntax, the concatenated string omits the <DOLLAR> line " + "separator and the escaping of "\" and "$" characters.", + "1.3.6.1.4.1.1466.115.121.1.58", + 0, + caseIgnoreListSubstringsMatch_syntaxes + }, /* matching rule desc */ + { + "caseIgnoreListSubstringsMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "caseIgnoreListSubstringsMatch matching rule plugin" + }, /* plugin desc */ + caseIgnoreListSubstringsMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + NULL, + cis_filter_sub, + cis_values2keys, + NULL, + cis_assertion2keys_sub, + cis_compare, + cis_normalize + }, + { + { + "2.5.13.0", + NULL, + "objectIdentifierMatch", + "The objectIdentifierMatch rule compares an assertion value of the OID " + "syntax to an attribute value of a syntax (e.g., the OID syntax) whose " + "corresponding ASN.1 type is OBJECT IDENTIFIER. " + "The rule evaluates to TRUE if and only if the assertion value and the " + "attribute value represent the same object identifier; that is, the " + "same sequence of integers, whether represented explicitly in the " + "<numericoid> form of <oid> or implicitly in the <descr> form (see " + "[RFC4512]). " + "If an LDAP client supplies an assertion value in the <descr> form and " + "the chosen descriptor is not recognized by the server, then the " + "objectIdentifierMatch rule evaluates to Undefined.", + OID_SYNTAX_OID, + 0, + NULL /* OID syntax only for now */ + }, /* matching rule desc */ + { + "objectIdentifierMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "objectIdentifierMatch matching rule plugin" + }, /* plugin desc */ + objectIdentifierMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + cis_compare, + cis_normalize + }, + { + { + "2.5.13.31", + NULL, + "directoryStringFirstComponentMatch", + "The directoryStringFirstComponentMatch rule compares an assertion " + "value of the Directory String syntax to an attribute value of a " + "syntax whose corresponding ASN.1 type is a SEQUENCE with a mandatory " + "first component of the DirectoryString ASN.1 type. " + "Note that the assertion syntax of this matching rule differs from the " + "attribute syntax of attributes for which this is the equality " + "matching rule. " + "The rule evaluates to TRUE if and only if the assertion value matches " + "the first component of the attribute value using the rules of " + "caseIgnoreMatch.", + DIRSTRING_SYNTAX_OID, + 0, + dirStringCompat_syntaxes + }, /* matching rule desc */ + { + "directoryStringFirstComponentMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "directoryStringFirstComponentMatch matching rule plugin" + }, /* plugin desc */ + directoryStringFirstComponentMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + NULL, + cis_normalize + }, + { + { + "2.5.13.30", + NULL, + "objectIdentifierFirstComponentMatch", + "The objectIdentifierFirstComponentMatch rule compares an assertion " + "value of the OID syntax to an attribute value of a syntax (e.g., the " + "Attribute Type Description, DIT Content Rule Description, LDAP Syntax " + "Description, Matching Rule Description, Matching Rule Use " + "Description, Name Form Description, or Object Class Description " + "syntax) whose corresponding ASN.1 type is a SEQUENCE with a mandatory " + "first component of the OBJECT IDENTIFIER ASN.1 type. " + "Note that the assertion syntax of this matching rule differs from the " + "attribute syntax of attributes for which this is the equality " + "matching rule. " + "The rule evaluates to TRUE if and only if the assertion value matches " + "the first component of the attribute value using the rules of " + "objectIdentifierMatch.", + OID_SYNTAX_OID, + 0, + objectIdentifierFirstComponentMatch_syntaxes + }, /* matching rule desc */ + { + "objectIdentifierFirstComponentMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "objectIdentifierFirstComponentMatch matching rule plugin" + }, /* plugin desc */ + objectIdentifierFirstComponentMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + cis_filter_ava, + NULL, + cis_values2keys, + cis_assertion2keys_ava, + NULL, + NULL, + cis_normalize + } };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/plugins/syntaxes/dn.c b/ldap/servers/plugins/syntaxes/dn.c index 6ae79be..1c43633 100644 --- a/ldap/servers/plugins/syntaxes/dn.c +++ b/ldap/servers/plugins/syntaxes/dn.c @@ -45,28 +45,50 @@ static Slapi_PluginDesc pdesc = { "dn-syntax", VENDOR, static const char *distinguishedNameMatch_names[] = {"distinguishedNameMatch", "2.5.13.1", NULL};
static struct mr_plugin_def mr_plugin_table[] = { -{{"2.5.13.1", NULL, "distinguishedNameMatch", "The distinguishedNameMatch rule compares an assertion value of the DN " -"syntax to an attribute value of a syntax (e.g., the DN syntax) whose " -"corresponding ASN.1 type is DistinguishedName. " -"The rule evaluates to TRUE if and only if the attribute value and the " -"assertion value have the same number of relative distinguished names " -"and corresponding relative distinguished names (by position) are the " -"same. A relative distinguished name (RDN) of the assertion value is " -"the same as an RDN of the attribute value if and only if they have " -"the same number of attribute value assertions and each attribute " -"value assertion (AVA) of the first RDN is the same as the AVA of the " -"second RDN with the same attribute type. The order of the AVAs is " -"not significant. Also note that a particular attribute type may " -"appear in at most one AVA in an RDN. Two AVAs with the same " -"attribute type are the same if their values are equal according to " -"the equality matching rule of the attribute type. If one or more of " -"the AVA comparisons evaluate to Undefined and the remaining AVA " -"comparisons return TRUE then the distinguishedNameMatch rule " -"evaluates to Undefined.", DN_SYNTAX_OID, 0, NULL /* dn only for now */}, /* matching rule desc */ - {"distinguishedNameMatch-mr", VENDOR, DS_PACKAGE_VERSION, "distinguishedNameMatch matching rule plugin"}, /* plugin desc */ - distinguishedNameMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, dn_filter_ava, NULL, dn_values2keys, - dn_assertion2keys_ava, NULL, NULL}, + { + { + "2.5.13.1", + NULL, + "distinguishedNameMatch", + "The distinguishedNameMatch rule compares an assertion value of the DN " + "syntax to an attribute value of a syntax (e.g., the DN syntax) whose " + "corresponding ASN.1 type is DistinguishedName. " + "The rule evaluates to TRUE if and only if the attribute value and the " + "assertion value have the same number of relative distinguished names " + "and corresponding relative distinguished names (by position) are the " + "same. A relative distinguished name (RDN) of the assertion value is " + "the same as an RDN of the attribute value if and only if they have " + "the same number of attribute value assertions and each attribute " + "value assertion (AVA) of the first RDN is the same as the AVA of the " + "second RDN with the same attribute type. The order of the AVAs is " + "not significant. Also note that a particular attribute type may " + "appear in at most one AVA in an RDN. Two AVAs with the same " + "attribute type are the same if their values are equal according to " + "the equality matching rule of the attribute type. If one or more of " + "the AVA comparisons evaluate to Undefined and the remaining AVA " + "comparisons return TRUE then the distinguishedNameMatch rule " + "evaluates to Undefined.", + DN_SYNTAX_OID, + 0, + NULL /* dn only for now */ + }, /* matching rule desc */ + { + "distinguishedNameMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "distinguishedNameMatch matching rule plugin" + }, /* plugin desc */ + distinguishedNameMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + dn_filter_ava, + NULL, + dn_values2keys, + dn_assertion2keys_ava, + NULL, + NULL, + NULL /* mr_nomalise */ + }, };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/plugins/syntaxes/int.c b/ldap/servers/plugins/syntaxes/int.c index cab5d81..bbd7dfe 100644 --- a/ldap/servers/plugins/syntaxes/int.c +++ b/ldap/servers/plugins/syntaxes/int.c @@ -50,36 +50,97 @@ static const char *integerFirstComponentMatch_names[] = {"integerFirstComponentM static char *integerFirstComponentMatch_syntaxes[] = {DIRSTRING_SYNTAX_OID, NULL};
static struct mr_plugin_def mr_plugin_table[] = { -{{INTEGERMATCH_OID, NULL /* no alias? */, - "integerMatch", "The rule evaluates to TRUE if and only if the attribute value and the assertion value are the same integer value.", - INTEGER_SYNTAX_OID, 0 /* not obsolete */, NULL /* no other compatible syntaxes */ }, - {"integerMatch-mr", VENDOR, DS_PACKAGE_VERSION, "integerMatch matching rule plugin" }, - integerMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, int_filter_ava, NULL, int_values2keys, - int_assertion2keys, NULL, int_compare}, -{{INTEGERORDERINGMATCH_OID, NULL /* no alias? */, - "integerOrderingMatch", "The rule evaluates to TRUE if and only if the integer value of the attribute value is less than the integer value of the assertion value.", - INTEGER_SYNTAX_OID, 0 /* not obsolete */, NULL /* no other compatible syntaxes */ }, - {"integerOrderingMatch-mr", VENDOR, DS_PACKAGE_VERSION, "integerOrderingMatch matching rule plugin" }, - integerOrderingMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, int_filter_ava, NULL, int_values2keys, - int_assertion2keys, NULL, int_compare}, -/* NOTE: THIS IS BROKEN - WE DON'T SUPPORT THE FIRSTCOMPONENT match */ -{{"2.5.13.29", NULL, "integerFirstComponentMatch", "The integerFirstComponentMatch rule compares an assertion value of " -"the Integer syntax to an attribute value of a syntax (e.g., the DIT " -"Structure Rule Description syntax) whose corresponding ASN.1 type is " -"a SEQUENCE with a mandatory first component of the INTEGER ASN.1 " -"type. " -"Note that the assertion syntax of this matching rule differs from the " -"attribute syntax of attributes for which this is the equality " -"matching rule. " -"The rule evaluates to TRUE if and only if the assertion value and the " -"first component of the attribute value are the same integer value.", -INTEGER_SYNTAX_OID, 0, integerFirstComponentMatch_syntaxes}, /* matching rule desc */ - {"integerFirstComponentMatch-mr", VENDOR, DS_PACKAGE_VERSION, "integerFirstComponentMatch matching rule plugin"}, /* plugin desc */ - integerFirstComponentMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, int_filter_ava, NULL, int_values2keys, - int_assertion2keys, NULL, int_compare}, + { + { + INTEGERMATCH_OID, + NULL /* no alias? */, + "integerMatch", + "The rule evaluates to TRUE if and only if the attribute value and the assertion value are the same integer value.", + INTEGER_SYNTAX_OID, + 0 /* not obsolete */, + NULL /* no other compatible syntaxes */ + }, + { + "integerMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "integerMatch matching rule plugin" + }, + integerMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + int_filter_ava, + NULL, + int_values2keys, + int_assertion2keys, + NULL, + int_compare, + NULL /* mr_normalise */ + }, + { + { + INTEGERORDERINGMATCH_OID, + NULL /* no alias? */, + "integerOrderingMatch", + "The rule evaluates to TRUE if and only if the integer value of the attribute value is less than the integer value of the assertion value.", + INTEGER_SYNTAX_OID, + 0 /* not obsolete */, + NULL /* no other compatible syntaxes */ + }, + { + "integerOrderingMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "integerOrderingMatch matching rule plugin" + }, + integerOrderingMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + int_filter_ava, + NULL, + int_values2keys, + int_assertion2keys, + NULL, + int_compare, + NULL /* mr_normalise */ + }, + /* NOTE: THIS IS BROKEN - WE DON'T SUPPORT THE FIRSTCOMPONENT match */ + { + { + "2.5.13.29", + NULL, + "integerFirstComponentMatch", + "The integerFirstComponentMatch rule compares an assertion value of " + "the Integer syntax to an attribute value of a syntax (e.g., the DIT " + "Structure Rule Description syntax) whose corresponding ASN.1 type is " + "a SEQUENCE with a mandatory first component of the INTEGER ASN.1 " + "type. " + "Note that the assertion syntax of this matching rule differs from the " + "attribute syntax of attributes for which this is the equality " + "matching rule. " + "The rule evaluates to TRUE if and only if the assertion value and the " + "first component of the attribute value are the same integer value.", + INTEGER_SYNTAX_OID, + 0, + integerFirstComponentMatch_syntaxes + }, /* matching rule desc */ + { + "integerFirstComponentMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "integerFirstComponentMatch matching rule plugin" + }, /* plugin desc */ + integerFirstComponentMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + int_filter_ava, + NULL, + int_values2keys, + int_assertion2keys, + NULL, + int_compare, + NULL /* mr_normalise */ + }, };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/plugins/syntaxes/nameoptuid.c b/ldap/servers/plugins/syntaxes/nameoptuid.c index 87b0b32..605603d 100644 --- a/ldap/servers/plugins/syntaxes/nameoptuid.c +++ b/ldap/servers/plugins/syntaxes/nameoptuid.c @@ -45,28 +45,49 @@ static Slapi_PluginDesc pdesc = { "nameoptuid-syntax", VENDOR, DS_PACKAGE_VERSIO
static const char *uniqueMemberMatch_names[] = {"uniqueMemberMatch", "2.5.13.23", NULL}; static struct mr_plugin_def mr_plugin_table[] = { -{{"2.5.13.23", NULL, "uniqueMemberMatch", "The uniqueMemberMatch rule compares an assertion value of the Name " -"And Optional UID syntax to an attribute value of a syntax (e.g., the " -"Name And Optional UID syntax) whose corresponding ASN.1 type is " -"NameAndOptionalUID. " -"The rule evaluates to TRUE if and only if the <distinguishedName> " -"components of the assertion value and attribute value match according " -"to the distinguishedNameMatch rule and either, (1) the <BitString> " -"component is absent from both the attribute value and assertion " -"value, or (2) the <BitString> component is present in both the " -"attribute value and the assertion value and the <BitString> component " -"of the assertion value matches the <BitString> component of the " -"attribute value according to the bitStringMatch rule. " -"Note that this matching rule has been altered from its description in " -"X.520 [X.520] in order to make the matching rule commutative. Server " -"implementors should consider using the original X.520 semantics " -"(where the matching was less exact) for approximate matching of " -"attributes with uniqueMemberMatch as the equality matching rule.", -NAMEANDOPTIONALUID_SYNTAX_OID, 0, NULL /* no other syntaxes supported */}, /* matching rule desc */ - {"uniqueMemberMatch-mr", VENDOR, DS_PACKAGE_VERSION, "uniqueMemberMatch matching rule plugin"}, /* plugin desc */ - uniqueMemberMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, nameoptuid_filter_ava, NULL, nameoptuid_values2keys, - nameoptuid_assertion2keys_ava, NULL, nameoptuid_compare}, + { + { + "2.5.13.23", + NULL, + "uniqueMemberMatch", + "The uniqueMemberMatch rule compares an assertion value of the Name " + "And Optional UID syntax to an attribute value of a syntax (e.g., the " + "Name And Optional UID syntax) whose corresponding ASN.1 type is " + "NameAndOptionalUID. " + "The rule evaluates to TRUE if and only if the <distinguishedName> " + "components of the assertion value and attribute value match according " + "to the distinguishedNameMatch rule and either, (1) the <BitString> " + "component is absent from both the attribute value and assertion " + "value, or (2) the <BitString> component is present in both the " + "attribute value and the assertion value and the <BitString> component " + "of the assertion value matches the <BitString> component of the " + "attribute value according to the bitStringMatch rule. " + "Note that this matching rule has been altered from its description in " + "X.520 [X.520] in order to make the matching rule commutative. Server " + "implementors should consider using the original X.520 semantics " + "(where the matching was less exact) for approximate matching of " + "attributes with uniqueMemberMatch as the equality matching rule.", + NAMEANDOPTIONALUID_SYNTAX_OID, + 0, + NULL /* no other syntaxes supported */ + }, /* matching rule desc */ + { + "uniqueMemberMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "uniqueMemberMatch matching rule plugin" + }, /* plugin desc */ + uniqueMemberMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + nameoptuid_filter_ava, + NULL, + nameoptuid_values2keys, + nameoptuid_assertion2keys_ava, + NULL, + nameoptuid_compare, + NULL /* mr_normalise */ + }, };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/plugins/syntaxes/numericstring.c b/ldap/servers/plugins/syntaxes/numericstring.c index dbc2bfb..c4853d6 100644 --- a/ldap/servers/plugins/syntaxes/numericstring.c +++ b/ldap/servers/plugins/syntaxes/numericstring.c @@ -54,38 +54,98 @@ static const char *numericStringSubstringsMatch_names[] = {"numericStringSubstri static char *numericStringSubstringsMatch_syntaxes[] = {NUMERICSTRING_SYNTAX_OID,NULL};
static struct mr_plugin_def mr_plugin_table[] = { -{{NUMERICSTRINGMATCH_OID, NULL /* no alias? */, - "numericStringMatch", "The rule evaluates to TRUE if and only if the prepared " - "attribute value character string and the prepared assertion value character " - "string have the same number of characters and corresponding characters have " - "the same code point.", - NUMERICSTRING_SYNTAX_OID, 0 /* not obsolete */, NULL /* numstr syntax only for now */ }, - {"numericStringMatch-mr", VENDOR, DS_PACKAGE_VERSION, "numericStringMatch matching rule plugin"}, /* plugin desc */ - numericStringMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, numstr_filter_ava, NULL, numstr_values2keys, - numstr_assertion2keys, NULL, numstr_compare}, -{{NUMERICSTRINGORDERINGMATCH_OID, NULL /* no alias? */, - "numericStringOrderingMatch", "The rule evaluates to TRUE if and only if, " - "in the code point collation order, the prepared attribute value character " - "string appears earlier than the prepared assertion value character string; " - "i.e., the attribute value is less than the assertion value.", - NUMERICSTRING_SYNTAX_OID, 0 /* not obsolete */, NULL /* numstr syntax only for now */ }, - {"numericStringOrderingMatch-mr", VENDOR, DS_PACKAGE_VERSION, "numericStringOrderingMatch matching rule plugin"}, /* plugin desc */ - numericStringOrderingMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, numstr_filter_ava, NULL, numstr_values2keys, - numstr_assertion2keys, NULL, numstr_compare}, -{{NUMERICSTRINGSUBSTRINGSMATCH_OID, NULL /* no alias? */, - "numericStringSubstringsMatch", "The rule evaluates to TRUE if and only if (1) " - "the prepared substrings of the assertion value match disjoint portions of " - "the prepared attribute value, (2) an initial substring, if present, matches " - "the beginning of the prepared attribute value character string, and (3) a " - "final substring, if present, matches the end of the prepared attribute value " - "character string.", - "1.3.6.1.4.1.1466.115.121.1.58", 0 /* not obsolete */, numericStringSubstringsMatch_syntaxes}, /* matching rule desc */ - {"numericStringSubstringsMatch-mr", VENDOR, DS_PACKAGE_VERSION, "numericStringSubstringsMatch matching rule plugin"}, /* plugin desc */ - numericStringSubstringsMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, NULL, numstr_filter_sub, numstr_values2keys, - NULL, numstr_assertion2keys_sub, numstr_compare}, + { + { + NUMERICSTRINGMATCH_OID, + NULL /* no alias? */, + "numericStringMatch", + "The rule evaluates to TRUE if and only if the prepared " + "attribute value character string and the prepared assertion value character " + "string have the same number of characters and corresponding characters have " + "the same code point.", + NUMERICSTRING_SYNTAX_OID, + 0 /* not obsolete */, + NULL /* numstr syntax only for now */ + }, + { + "numericStringMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "numericStringMatch matching rule plugin" + }, /* plugin desc */ + numericStringMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + numstr_filter_ava, + NULL, + numstr_values2keys, + numstr_assertion2keys, + NULL, + numstr_compare, + NULL /* mr_normalise */ + }, + { + { + NUMERICSTRINGORDERINGMATCH_OID, + NULL /* no alias? */, + "numericStringOrderingMatch", + "The rule evaluates to TRUE if and only if, " + "in the code point collation order, the prepared attribute value character " + "string appears earlier than the prepared assertion value character string; " + "i.e., the attribute value is less than the assertion value.", + NUMERICSTRING_SYNTAX_OID, + 0 /* not obsolete */, + NULL /* numstr syntax only for now */ + }, + { + "numericStringOrderingMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "numericStringOrderingMatch matching rule plugin" + }, /* plugin desc */ + numericStringOrderingMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + numstr_filter_ava, + NULL, + numstr_values2keys, + numstr_assertion2keys, + NULL, + numstr_compare, + NULL /* mr_normalise */ + }, + { + { + NUMERICSTRINGSUBSTRINGSMATCH_OID, + NULL /* no alias? */, + "numericStringSubstringsMatch", + "The rule evaluates to TRUE if and only if (1) " + "the prepared substrings of the assertion value match disjoint portions of " + "the prepared attribute value, (2) an initial substring, if present, matches " + "the beginning of the prepared attribute value character string, and (3) a " + "final substring, if present, matches the end of the prepared attribute value " + "character string.", + "1.3.6.1.4.1.1466.115.121.1.58", + 0 /* not obsolete */, + numericStringSubstringsMatch_syntaxes + }, /* matching rule desc */ + { + "numericStringSubstringsMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "numericStringSubstringsMatch matching rule plugin" + }, /* plugin desc */ + numericStringSubstringsMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + NULL, + numstr_filter_sub, + numstr_values2keys, + NULL, + numstr_assertion2keys_sub, + numstr_compare, + NULL /* mr_normalise */ + }, };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/plugins/syntaxes/syntax.h b/ldap/servers/plugins/syntaxes/syntax.h index 9310c9e..3554a20 100644 --- a/ldap/servers/plugins/syntaxes/syntax.h +++ b/ldap/servers/plugins/syntaxes/syntax.h @@ -128,27 +128,69 @@ static const char *keywordMatch_names[] = {"keywordMatch", "2.5.13.33", NULL}; static const char *wordMatch_names[] = {"wordMatch", "2.5.13.32", NULL}; /* table of matching rule plugin defs for mr register and plugin register */ static struct mr_plugin_def mr_plugin_table[] = { -{{"2.5.13.33", NULL, "keywordMatch", "The keywordMatch rule compares an assertion value of the Directory" -"String syntax to an attribute value of a syntax (e.g., the Directory" -"String syntax) whose corresponding ASN.1 type is DirectoryString." -"The rule evaluates to TRUE if and only if the assertion value" -"character string matches any keyword in the attribute value. The" -"identification of keywords in the attribute value and the exactness" -"of the match are both implementation specific.", "1.3.6.1.4.1.1466.115.121.1.15", 0}, /* matching rule desc */ - {"keywordMatch-mr", VENDOR, DS_PACKAGE_VERSION, "keywordMatch matching rule plugin"}, /* plugin desc */ - keywordMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, mr_filter_ava, mr_filter_sub, mr_values2keys, - mr_assertion2keys_ava, mr_assertion2keys_sub, mr_compare, keywordMatch_syntaxes},, -{{"2.5.13.32", NULL, "wordMatch", "The wordMatch rule compares an assertion value of the Directory" -"String syntax to an attribute value of a syntax (e.g., the Directory" -"String syntax) whose corresponding ASN.1 type is DirectoryString." -"The rule evaluates to TRUE if and only if the assertion value word" -"matches, according to the semantics of caseIgnoreMatch, any word in" -"the attribute value. The precise definition of a word is" -"implementation specific.", "1.3.6.1.4.1.1466.115.121.1.15", 0}, /* matching rule desc */ - {"wordMatch-mr", VENDOR, DS_PACKAGE_VERSION, "wordMatch matching rule plugin"}, /* plugin desc */ - wordMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, mr_filter_ava, mr_filter_sub, mr_values2keys, - mr_assertion2keys_ava, mr_assertion2keys_sub, mr_compare, wordMatch_syntaxes}, + { + { + "2.5.13.33", + NULL, + "keywordMatch", + "The keywordMatch rule compares an assertion value of the Directory" + "String syntax to an attribute value of a syntax (e.g., the Directory" + "String syntax) whose corresponding ASN.1 type is DirectoryString." + "The rule evaluates to TRUE if and only if the assertion value" + "character string matches any keyword in the attribute value. The" + "identification of keywords in the attribute value and the exactness" + "of the match are both implementation specific.", + "1.3.6.1.4.1.1466.115.121.1.15", + 0 + }, /* matching rule desc */ + { + "keywordMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "keywordMatch matching rule plugin" + }, /* plugin desc */ + keywordMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + mr_filter_ava, + mr_filter_sub, + mr_values2keys, + mr_assertion2keys_ava, + mr_assertion2keys_sub, + mr_compare, + keywordMatch_syntaxes + }, + { + { + "2.5.13.32", + NULL, + "wordMatch", + "The wordMatch rule compares an assertion value of the Directory" + "String syntax to an attribute value of a syntax (e.g., the Directory" + "String syntax) whose corresponding ASN.1 type is DirectoryString." + "The rule evaluates to TRUE if and only if the assertion value word" + "matches, according to the semantics of caseIgnoreMatch, any word in" + "the attribute value. The precise definition of a word is" + "implementation specific.", + "1.3.6.1.4.1.1466.115.121.1.15", + 0 + }, /* matching rule desc */ + { + "wordMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "wordMatch matching rule plugin" + }, /* plugin desc */ + wordMatch_names, /* matching rule name/oid/aliases */ + NULL, + NULL, + mr_filter_ava, + mr_filter_sub, + mr_values2keys, + mr_assertion2keys_ava, + mr_assertion2keys_sub, + mr_compare, + wordMatch_syntaxes + }, }; #endif /* UNSUPPORTED_MATCHING_RULES */ diff --git a/ldap/servers/plugins/syntaxes/tel.c b/ldap/servers/plugins/syntaxes/tel.c index 48230c5..698714f 100644 --- a/ldap/servers/plugins/syntaxes/tel.c +++ b/ldap/servers/plugins/syntaxes/tel.c @@ -49,45 +49,87 @@ static const char *telephoneNumberSubstringsMatch_names[] = {"telephoneNumberSub static char *telephoneNumberSubstringsMatch_syntaxes[] = {TELEPHONE_SYNTAX_OID, NULL};
static struct mr_plugin_def mr_plugin_table[] = { -{{"2.5.13.20", NULL, "telephoneNumberMatch", "The telephoneNumberMatch rule compares an assertion value of the " -"Telephone Number syntax to an attribute value of a syntax (e.g., the " -"Telephone Number syntax) whose corresponding ASN.1 type is a " -"PrintableString representing a telephone number. " -"The rule evaluates to TRUE if and only if the prepared attribute " -"value character string and the prepared assertion value character " -"string have the same number of characters and corresponding " -"characters have the same code point. " -"In preparing the attribute value and assertion value for comparison, " -"characters are case folded in the Map preparation step, and only " -"telephoneNumber Insignificant Character Handling is applied in the " -"Insignificant Character Handling step.", -TELEPHONE_SYNTAX_OID, 0, NULL /* tel syntax only */}, /* matching rule desc */ - {"telephoneNumberMatch-mr", VENDOR, DS_PACKAGE_VERSION, "telephoneNumberMatch matching rule plugin"}, /* plugin desc */ - telephoneNumberMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, tel_filter_ava, NULL, tel_values2keys, - tel_assertion2keys_ava, NULL, tel_compare}, -{{"2.5.13.21", NULL, "telephoneNumberSubstringsMatch", "The telephoneNumberSubstringsMatch rule compares an assertion value " -"of the Substring Assertion syntax to an attribute value of a syntax " -"(e.g., the Telephone Number syntax) whose corresponding ASN.1 type is " -"a PrintableString representing a telephone number. " -"The rule evaluates to TRUE if and only if (1) the prepared substrings " -"of the assertion value match disjoint portions of the prepared " -"attribute value character string in the order of the substrings in " -"the assertion value, (2) an <initial> substring, if present, matches " -"the beginning of the prepared attribute value character string, and " -"(3) a <final> substring, if present, matches the end of the prepared " -"attribute value character string. A prepared substring matches a " -"portion of the prepared attribute value character string if " -"corresponding characters have the same code point. " -"In preparing the attribute value and assertion value substrings for " -"comparison, characters are case folded in the Map preparation step, " -"and only telephoneNumber Insignificant Character Handling is applied " -"in the Insignificant Character Handling step.", -"1.3.6.1.4.1.1466.115.121.1.58", 0, telephoneNumberSubstringsMatch_syntaxes}, /* matching rule desc */ - {"telephoneNumberSubstringsMatch-mr", VENDOR, DS_PACKAGE_VERSION, "telephoneNumberSubstringsMatch matching rule plugin"}, /* plugin desc */ - telephoneNumberSubstringsMatch_names, /* matching rule name/oid/aliases */ - NULL, NULL, NULL, tel_filter_sub, tel_values2keys, - NULL, tel_assertion2keys_sub, tel_compare}, + { + { + "2.5.13.20", + NULL, + "telephoneNumberMatch", + "The telephoneNumberMatch rule compares an assertion value of the " + "Telephone Number syntax to an attribute value of a syntax (e.g., the " + "Telephone Number syntax) whose corresponding ASN.1 type is a " + "PrintableString representing a telephone number. " + "The rule evaluates to TRUE if and only if the prepared attribute " + "value character string and the prepared assertion value character " + "string have the same number of characters and corresponding " + "characters have the same code point. " + "In preparing the attribute value and assertion value for comparison, " + "characters are case folded in the Map preparation step, and only " + "telephoneNumber Insignificant Character Handling is applied in the " + "Insignificant Character Handling step.", + TELEPHONE_SYNTAX_OID, + 0, + NULL /* tel syntax only */ + }, /* matching rule desc */ + { + "telephoneNumberMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "telephoneNumberMatch matching rule plugin" + }, /* plugin desc */ + telephoneNumberMatch_names, /* matching rule name/oid/aliases */ + NULL, /* mr_filter_create */ + NULL, /* mr_indexer_create */ + tel_filter_ava, /* mr_filter_ava */ + NULL, /* mr_filter_sub */ + tel_values2keys, /* mr_values2keys */ + tel_assertion2keys_ava, /* mr_assertion2keys_ava */ + NULL, /* mr_assertion2keys_sub */ + tel_compare, /* mr_compare */ + NULL /* mr_normalize */ + }, + { + { + "2.5.13.21", + NULL, + "telephoneNumberSubstringsMatch", + "The telephoneNumberSubstringsMatch rule compares an assertion value " + "of the Substring Assertion syntax to an attribute value of a syntax " + "(e.g., the Telephone Number syntax) whose corresponding ASN.1 type is " + "a PrintableString representing a telephone number. " + "The rule evaluates to TRUE if and only if (1) the prepared substrings " + "of the assertion value match disjoint portions of the prepared " + "attribute value character string in the order of the substrings in " + "the assertion value, (2) an <initial> substring, if present, matches " + "the beginning of the prepared attribute value character string, and " + "(3) a <final> substring, if present, matches the end of the prepared " + "attribute value character string. A prepared substring matches a " + "portion of the prepared attribute value character string if " + "corresponding characters have the same code point. " + "In preparing the attribute value and assertion value substrings for " + "comparison, characters are case folded in the Map preparation step, " + "and only telephoneNumber Insignificant Character Handling is applied " + "in the Insignificant Character Handling step.", + "1.3.6.1.4.1.1466.115.121.1.58", + 0, + telephoneNumberSubstringsMatch_syntaxes + }, /* matching rule desc */ + { + "telephoneNumberSubstringsMatch-mr", + VENDOR, + DS_PACKAGE_VERSION, + "telephoneNumberSubstringsMatch matching rule plugin" + }, /* plugin desc */ + telephoneNumberSubstringsMatch_names, /* matching rule name/oid/aliases */ + NULL, /* IFP mr_filter_create; */ + NULL, /* IFP mr_indexer_create; */ + NULL, /* mr_filter_ava */ + tel_filter_sub, /* mr_filter_sub */ + tel_values2keys, /* mr_values2keys */ + NULL, /*mr_assertion2keys_ava */ + tel_assertion2keys_sub, /* mr_assertion2keys_sub */ + tel_compare, /* mr_compare */ + NULL /* mr_normalize */ + }, };
static size_t mr_plugin_table_size = sizeof(mr_plugin_table)/sizeof(mr_plugin_table[0]); diff --git a/ldap/servers/slapd/ldaputil.c b/ldap/servers/slapd/ldaputil.c index 45a7dac..f7cbbf6 100644 --- a/ldap/servers/slapd/ldaputil.c +++ b/ldap/servers/slapd/ldaputil.c @@ -67,7 +67,7 @@ #include <ldappr.h> #else /* need mutex around ldap_initialize - see https://fedorahosted.org/389/ticket/348 */ -static PRCallOnceType ol_init_callOnce = {0,0}; +static PRCallOnceType ol_init_callOnce = {0,0,0}; static PRLock *ol_init_lock = NULL;
#if defined(USE_OPENLDAP) @@ -1799,7 +1799,7 @@ cleanup: return myrc; }
-static PRCallOnceType krb5_callOnce = {0,0}; +static PRCallOnceType krb5_callOnce = {0,0,0}; static PRLock *krb5_lock = NULL;
static PRStatus diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c index ae8b5f8..56bf937 100644 --- a/ldap/servers/slapd/log.c +++ b/ldap/servers/slapd/log.c @@ -184,120 +184,122 @@ void g_set_detached(int val) ******************************************************************************/ void g_log_init(int log_enabled) { - slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
- /* ACCESS LOG */ - loginfo.log_access_state = 0; - loginfo.log_access_mode = SLAPD_DEFAULT_FILE_MODE; - loginfo.log_access_maxnumlogs = 1; - loginfo.log_access_maxlogsize = -1; - loginfo.log_access_rotationsync_enabled = 0; - loginfo.log_access_rotationsynchour = -1; - loginfo.log_access_rotationsyncmin = -1; - loginfo.log_access_rotationsyncclock = -1; - loginfo.log_access_rotationtime = 1; /* default: 1 */ - loginfo.log_access_rotationunit = LOG_UNIT_DAYS; /* default: day */ - loginfo.log_access_rotationtime_secs = _SEC_PER_DAY; /* default: 1 day */ - loginfo.log_access_maxdiskspace = -1; - loginfo.log_access_minfreespace = -1; - loginfo.log_access_exptime = -1; /* default: -1 */ - loginfo.log_access_exptimeunit = LOG_UNIT_MONTHS; /* default: month */ - loginfo.log_access_exptime_secs = -1; /* default: -1 */ - loginfo.log_access_level = LDAP_DEBUG_STATS; - loginfo.log_access_ctime = 0L; - loginfo.log_access_fdes = NULL; - loginfo.log_access_file = NULL; - loginfo.log_accessinfo_file = NULL; - loginfo.log_numof_access_logs = 1; - loginfo.log_access_logchain = NULL; + /* ACCESS LOG */ + loginfo.log_access_state = 0; + loginfo.log_access_mode = SLAPD_DEFAULT_FILE_MODE; + loginfo.log_access_maxnumlogs = 1; + loginfo.log_access_maxlogsize = -1; + loginfo.log_access_rotationsync_enabled = 0; + loginfo.log_access_rotationsynchour = -1; + loginfo.log_access_rotationsyncmin = -1; + loginfo.log_access_rotationsyncclock = -1; + loginfo.log_access_rotationtime = 1; /* default: 1 */ + loginfo.log_access_rotationunit = LOG_UNIT_DAYS; /* default: day */ + loginfo.log_access_rotationtime_secs = _SEC_PER_DAY; /* default: 1 day */ + loginfo.log_access_maxdiskspace = -1; + loginfo.log_access_minfreespace = -1; + loginfo.log_access_exptime = -1; /* default: -1 */ + loginfo.log_access_exptimeunit = LOG_UNIT_MONTHS; /* default: month */ + loginfo.log_access_exptime_secs = -1; /* default: -1 */ + loginfo.log_access_level = LDAP_DEBUG_STATS; + loginfo.log_access_ctime = 0L; + loginfo.log_access_fdes = NULL; + loginfo.log_access_file = NULL; + loginfo.log_accessinfo_file = NULL; + loginfo.log_numof_access_logs = 1; + loginfo.log_access_logchain = NULL; loginfo.log_access_buffer = log_create_buffer(LOG_BUFFER_MAXSIZE); - if (loginfo.log_access_buffer == NULL) + if (loginfo.log_access_buffer == NULL) { exit(-1); - if ((loginfo.log_access_buffer->lock = PR_NewLock())== NULL ) - exit (-1); - slapdFrontendConfig->accessloglevel = LDAP_DEBUG_STATS; - - /* ERROR LOG */ - loginfo.log_error_state = 0; - loginfo.log_error_mode = SLAPD_DEFAULT_FILE_MODE; - loginfo.log_error_maxnumlogs = 1; - loginfo.log_error_maxlogsize = -1; - loginfo.log_error_rotationsync_enabled = 0; - loginfo.log_error_rotationsynchour = -1; - loginfo.log_error_rotationsyncmin = -1; - loginfo.log_error_rotationsyncclock = -1; - loginfo.log_error_rotationtime = 1; /* default: 1 */ - loginfo.log_error_rotationunit = LOG_UNIT_WEEKS; /* default: week */ - loginfo.log_error_rotationtime_secs = 604800; /* default: 1 week */ - loginfo.log_error_maxdiskspace = -1; - loginfo.log_error_minfreespace = -1; - loginfo.log_error_exptime = -1; /* default: -1 */ - loginfo.log_error_exptimeunit = LOG_UNIT_MONTHS; /* default: month */ - loginfo.log_error_exptime_secs = -1; /* default: -1 */ - loginfo.log_error_ctime = 0L; - loginfo.log_error_file = NULL; - loginfo.log_errorinfo_file = NULL; - loginfo.log_error_fdes = NULL; - loginfo.log_numof_error_logs = 1; - loginfo.log_error_logchain = NULL; - if ((loginfo.log_error_rwlock =slapi_new_rwlock())== NULL ) { - exit (-1); - } - - /* AUDIT LOG */ - loginfo.log_audit_state = 0; - loginfo.log_audit_mode = SLAPD_DEFAULT_FILE_MODE; - loginfo.log_audit_maxnumlogs = 1; - loginfo.log_audit_maxlogsize = -1; - loginfo.log_audit_rotationsync_enabled = 0; - loginfo.log_audit_rotationsynchour = -1; - loginfo.log_audit_rotationsyncmin = -1; - loginfo.log_audit_rotationsyncclock = -1; - loginfo.log_audit_rotationtime = 1; /* default: 1 */ - loginfo.log_audit_rotationunit = LOG_UNIT_WEEKS; /* default: week */ - loginfo.log_audit_rotationtime_secs = 604800; /* default: 1 week */ - loginfo.log_audit_maxdiskspace = -1; - loginfo.log_audit_minfreespace = -1; - loginfo.log_audit_exptime = -1; /* default: -1 */ - loginfo.log_audit_exptimeunit = LOG_UNIT_WEEKS; /* default: week */ - loginfo.log_audit_exptime_secs = -1; /* default: -1 */ - loginfo.log_audit_ctime = 0L; - loginfo.log_audit_file = NULL; - loginfo.log_auditinfo_file = NULL; - loginfo.log_numof_audit_logs = 1; - loginfo.log_audit_fdes = NULL; - loginfo.log_audit_logchain = NULL; - if ((loginfo.log_audit_rwlock =slapi_new_rwlock())== NULL ) { - exit (-1); - } - - /* AUDIT LOG */ - loginfo.log_auditfail_state = 0; - loginfo.log_auditfail_mode = SLAPD_DEFAULT_FILE_MODE; - loginfo.log_auditfail_maxnumlogs = 1; - loginfo.log_auditfail_maxlogsize = -1; - loginfo.log_auditfail_rotationsync_enabled = 0; - loginfo.log_auditfail_rotationsynchour = -1; - loginfo.log_auditfail_rotationsyncmin = -1; - loginfo.log_auditfail_rotationsyncclock = -1; - loginfo.log_auditfail_rotationtime = 1; /* default: 1 */ - loginfo.log_auditfail_rotationunit = LOG_UNIT_WEEKS; /* default: week */ - loginfo.log_auditfail_rotationtime_secs = 604800; /* default: 1 week */ - loginfo.log_auditfail_maxdiskspace = -1; - loginfo.log_auditfail_minfreespace = -1; - loginfo.log_auditfail_exptime = -1; /* default: -1 */ - loginfo.log_auditfail_exptimeunit = LOG_UNIT_WEEKS; /* default: week */ - loginfo.log_auditfail_exptime_secs = -1; /* default: -1 */ - loginfo.log_auditfail_ctime = 0L; - loginfo.log_auditfail_file = NULL; - loginfo.log_auditfailinfo_file = NULL; - loginfo.log_numof_auditfail_logs = 1; - loginfo.log_auditfail_fdes = NULL; - loginfo.log_auditfail_logchain = NULL; + } + if ((loginfo.log_access_buffer->lock = PR_NewLock())== NULL ) { + exit (-1); + } + slapdFrontendConfig->accessloglevel = LDAP_DEBUG_STATS; + + /* ERROR LOG */ + loginfo.log_error_state = 0; + loginfo.log_error_mode = SLAPD_DEFAULT_FILE_MODE; + loginfo.log_error_maxnumlogs = 1; + loginfo.log_error_maxlogsize = -1; + loginfo.log_error_rotationsync_enabled = 0; + loginfo.log_error_rotationsynchour = -1; + loginfo.log_error_rotationsyncmin = -1; + loginfo.log_error_rotationsyncclock = -1; + loginfo.log_error_rotationtime = 1; /* default: 1 */ + loginfo.log_error_rotationunit = LOG_UNIT_WEEKS; /* default: week */ + loginfo.log_error_rotationtime_secs = 604800; /* default: 1 week */ + loginfo.log_error_maxdiskspace = -1; + loginfo.log_error_minfreespace = -1; + loginfo.log_error_exptime = -1; /* default: -1 */ + loginfo.log_error_exptimeunit = LOG_UNIT_MONTHS; /* default: month */ + loginfo.log_error_exptime_secs = -1; /* default: -1 */ + loginfo.log_error_ctime = 0L; + loginfo.log_error_file = NULL; + loginfo.log_errorinfo_file = NULL; + loginfo.log_error_fdes = NULL; + loginfo.log_numof_error_logs = 1; + loginfo.log_error_logchain = NULL; + if ((loginfo.log_error_rwlock =slapi_new_rwlock())== NULL ) { + exit (-1); + } + + /* AUDIT LOG */ + loginfo.log_audit_state = 0; + loginfo.log_audit_mode = SLAPD_DEFAULT_FILE_MODE; + loginfo.log_audit_maxnumlogs = 1; + loginfo.log_audit_maxlogsize = -1; + loginfo.log_audit_rotationsync_enabled = 0; + loginfo.log_audit_rotationsynchour = -1; + loginfo.log_audit_rotationsyncmin = -1; + loginfo.log_audit_rotationsyncclock = -1; + loginfo.log_audit_rotationtime = 1; /* default: 1 */ + loginfo.log_audit_rotationunit = LOG_UNIT_WEEKS; /* default: week */ + loginfo.log_audit_rotationtime_secs = 604800; /* default: 1 week */ + loginfo.log_audit_maxdiskspace = -1; + loginfo.log_audit_minfreespace = -1; + loginfo.log_audit_exptime = -1; /* default: -1 */ + loginfo.log_audit_exptimeunit = LOG_UNIT_WEEKS; /* default: week */ + loginfo.log_audit_exptime_secs = -1; /* default: -1 */ + loginfo.log_audit_ctime = 0L; + loginfo.log_audit_file = NULL; + loginfo.log_auditinfo_file = NULL; + loginfo.log_numof_audit_logs = 1; + loginfo.log_audit_fdes = NULL; + loginfo.log_audit_logchain = NULL; + if ((loginfo.log_audit_rwlock =slapi_new_rwlock())== NULL ) { + exit (-1); + } + + /* AUDIT LOG */ + loginfo.log_auditfail_state = 0; + loginfo.log_auditfail_mode = SLAPD_DEFAULT_FILE_MODE; + loginfo.log_auditfail_maxnumlogs = 1; + loginfo.log_auditfail_maxlogsize = -1; + loginfo.log_auditfail_rotationsync_enabled = 0; + loginfo.log_auditfail_rotationsynchour = -1; + loginfo.log_auditfail_rotationsyncmin = -1; + loginfo.log_auditfail_rotationsyncclock = -1; + loginfo.log_auditfail_rotationtime = 1; /* default: 1 */ + loginfo.log_auditfail_rotationunit = LOG_UNIT_WEEKS; /* default: week */ + loginfo.log_auditfail_rotationtime_secs = 604800; /* default: 1 week */ + loginfo.log_auditfail_maxdiskspace = -1; + loginfo.log_auditfail_minfreespace = -1; + loginfo.log_auditfail_exptime = -1; /* default: -1 */ + loginfo.log_auditfail_exptimeunit = LOG_UNIT_WEEKS; /* default: week */ + loginfo.log_auditfail_exptime_secs = -1; /* default: -1 */ + loginfo.log_auditfail_ctime = 0L; + loginfo.log_auditfail_file = NULL; + loginfo.log_auditfailinfo_file = NULL; + loginfo.log_numof_auditfail_logs = 1; + loginfo.log_auditfail_fdes = NULL; + loginfo.log_auditfail_logchain = NULL; loginfo.log_backend = LOGGING_BACKEND_INTERNAL; - if ((loginfo.log_auditfail_rwlock =slapi_new_rwlock())== NULL ) { - exit (-1); - } + if ((loginfo.log_auditfail_rwlock =slapi_new_rwlock())== NULL ) { + exit (-1); + } }
/****************************************************************************** diff --git a/ldap/servers/slapd/sasl_io.c b/ldap/servers/slapd/sasl_io.c index 52351b8..12fec85 100644 --- a/ldap/servers/slapd/sasl_io.c +++ b/ldap/servers/slapd/sasl_io.c @@ -161,7 +161,7 @@ sasl_io_finished_packet(sasl_io_private *sp) static const char* const sasl_LayerName = "SASL"; static PRDescIdentity sasl_LayerID; static PRIOMethods sasl_IoMethods; -static PRCallOnceType sasl_callOnce = {0,0}; +static PRCallOnceType sasl_callOnce = {0,0,0};
static sasl_io_private * sasl_get_io_private(PRFileDesc *fd) diff --git a/ldap/servers/slapd/tools/ldclt/ldapfct.c b/ldap/servers/slapd/tools/ldclt/ldapfct.c index f084cb4..c1de555 100644 --- a/ldap/servers/slapd/tools/ldclt/ldapfct.c +++ b/ldap/servers/slapd/tools/ldclt/ldapfct.c @@ -451,7 +451,7 @@ done: }
/* need mutex around ldap_initialize - see https://fedorahosted.org/389/ticket/348 */ -static PRCallOnceType ol_init_callOnce = {0,0}; +static PRCallOnceType ol_init_callOnce = {0,0,0}; static PRLock *ol_init_lock = NULL;
static PRStatus diff --git a/ldap/servers/slapd/tools/rsearch/addthread.c b/ldap/servers/slapd/tools/rsearch/addthread.c index 6c81b2d..4f3a6e2 100644 --- a/ldap/servers/slapd/tools/rsearch/addthread.c +++ b/ldap/servers/slapd/tools/rsearch/addthread.c @@ -147,7 +147,7 @@ static void at_disconnect(AddThread *at)
#if defined(USE_OPENLDAP) /* need mutex around ldap_initialize - see https://fedorahosted.org/389/ticket/348 */ -static PRCallOnceType ol_init_callOnce = {0,0}; +static PRCallOnceType ol_init_callOnce = {0,0,0}; static PRLock *ol_init_lock = NULL;
static PRStatus diff --git a/ldap/servers/slapd/tools/rsearch/searchthread.c b/ldap/servers/slapd/tools/rsearch/searchthread.c index 2aa227a..a32b15c 100644 --- a/ldap/servers/slapd/tools/rsearch/searchthread.c +++ b/ldap/servers/slapd/tools/rsearch/searchthread.c @@ -151,7 +151,7 @@ static int st_bind_core(SearchThread *st, LDAP **ld, char *dn, char *pw)
#if defined(USE_OPENLDAP) /* need mutex around ldap_initialize - see https://fedorahosted.org/389/ticket/348 */ -static PRCallOnceType ol_init_callOnce = {0,0}; +static PRCallOnceType ol_init_callOnce = {0,0,0}; static PRLock *ol_init_lock = NULL;
static PRStatus diff --git a/ldap/servers/slapd/uniqueid.c b/ldap/servers/slapd/uniqueid.c index 8bf3f6c..169db01 100644 --- a/ldap/servers/slapd/uniqueid.c +++ b/ldap/servers/slapd/uniqueid.c @@ -227,10 +227,11 @@ int slapi_uniqueIDScan (Slapi_UniqueID *uId, const char *buff){ Note: LPXXX - This call is not used currently. Keep it ??? */ int slapi_uniqueIDIsUUID (const Slapi_UniqueID *uId){ - if (uId == NULL) - return UID_BADDATA; - /* Shortening Slapi_UniqueID: This call does nothing */ - return (0); + if (uId == NULL) { + return UID_BADDATA; + } + /* Shortening Slapi_UniqueID: This call does nothing */ + return (0); }
/* Name: slapi_uniqueIDSize diff --git a/ldap/servers/slapd/utf8compare.c b/ldap/servers/slapd/utf8compare.c index 592f039..8f50994 100644 --- a/ldap/servers/slapd/utf8compare.c +++ b/ldap/servers/slapd/utf8compare.c @@ -1132,7 +1132,7 @@ UpperLowerTbl_t Lower2UpperTbl21[] = { {"\304\271", "\304\272", 2}, {"\304\273", "\304\274", 2}, {"\304\275", "\304\276", 2}, - {NULL, NULL} + {NULL, NULL, 0} };
UpperLowerTbl_t Lower2UpperTbl22[] = { diff --git a/ldap/servers/slapd/uuid.c b/ldap/servers/slapd/uuid.c index 83415b4..7e2596c 100644 --- a/ldap/servers/slapd/uuid.c +++ b/ldap/servers/slapd/uuid.c @@ -195,23 +195,26 @@ int uuid_init (const char *configDir, const Slapi_DN *configDN, PRBool mtGen)
/* uuid_cleanup -- saves state, destroys generator data */ void uuid_cleanup () -{ - if (_state.initialized) - { - _state.genstate.last_update = 1; - write_state (PR_FALSE); - } - - if (_state.lock) +{ + if (_state.initialized) + { + _state.genstate.last_update = 1; + write_state (PR_FALSE); + } + + if (_state.lock) { PR_DestroyLock (_state.lock); + }
- if (_state.fd) + if (_state.fd) { PR_Close (_state.fd); - - if (_state.configDN) - slapi_sdn_free(&_state.configDN); + }
- memset (&_state, 0, sizeof (_state)); + if (_state.configDN) { + slapi_sdn_free(&_state.configDN); + } + + memset (&_state, 0, sizeof (_state)); }
/* uuid_create - main generating function */ diff --git a/ldap/servers/slapd/valueset.c b/ldap/servers/slapd/valueset.c index 50c0e52..35f02c1 100644 --- a/ldap/servers/slapd/valueset.c +++ b/ldap/servers/slapd/valueset.c @@ -209,20 +209,21 @@ valuearray_init_bervalarray(struct berval **bvals, Slapi_Value ***cvals) { int n; for(n=0; bvals != NULL && bvals[n] != NULL; n++); - if(n==0) - { - *cvals = NULL; - } - else - { - int i; - *cvals = (Slapi_Value **) slapi_ch_malloc((n + 1) * sizeof(Slapi_Value *)); - for(i=0;i<n;i++) - { - (*cvals)[i] = slapi_value_new_berval(bvals[i]); - } - (*cvals)[i] = NULL; - } + + if(n==0) + { + *cvals = NULL; + } + else + { + int i; + *cvals = (Slapi_Value **) slapi_ch_malloc((n + 1) * sizeof(Slapi_Value *)); + for(i=0;i<n;i++) + { + (*cvals)[i] = slapi_value_new_berval(bvals[i]); + } + (*cvals)[i] = NULL; + } return n; }
diff --git a/lib/libaccess/lasip.cpp b/lib/libaccess/lasip.cpp index 52864cf..eea7aff 100644 --- a/lib/libaccess/lasip.cpp +++ b/lib/libaccess/lasip.cpp @@ -71,16 +71,17 @@ dotdecimal(char *ipstr, const char *netmaskstr, int *ip, int *netmask) return LAS_EVAL_INVALID;
/* IP can only have digits, periods and "*" */ - if (strcspn(ipstr, "0123456789.*")) + if (strcspn(ipstr, "0123456789.*")) { return LAS_EVAL_INVALID; + }
- if (strlen(netmaskstr) >= sizeof(token)) { + if (strlen(netmaskstr) >= sizeof(token)) { return LAS_EVAL_INVALID; - } + }
- if (strlen(ipstr) >= sizeof(token)) { + if (strlen(ipstr) >= sizeof(token)) { return LAS_EVAL_INVALID; - } + }
*netmask = *ip = 0; /* Start with "don't care" */
diff --git a/lib/libsi18n/txtfile.c b/lib/libsi18n/txtfile.c index 78a84a9..fcfff7d 100644 --- a/lib/libsi18n/txtfile.c +++ b/lib/libsi18n/txtfile.c @@ -36,11 +36,11 @@ TEXTFILE * OpenTextFile(char *filename, int access)
if (access == TEXT_OPEN_FOR_WRITE) { status = TEXT_FILE_WRITING; - file = fopen(filename, "w+"); + file = fopen(filename, "w+"); } else { status = TEXT_FILE_READING; - file = fopen(filename, "r"); + file = fopen(filename, "r"); }
if (file == NULL) @@ -87,29 +87,30 @@ int FillTextBuffer(TEXTFILE *txtfile)
int ReadTextLine(TEXTFILE *txtfile, char *linebuf) { - char *p, *q; + char *p, *q;
- if (txtfile->fbStatus == TEXT_FILE_DONE) + if (txtfile->fbStatus == TEXT_FILE_DONE) { return -1; + }
- p = txtfile->fbCurrent; - q = strchr(p, '\n'); - if (q) - { - *q = '\0'; - strcpy(linebuf, p); - txtfile->fbCurrent = q + 1; - return strlen(linebuf); - } - else - { - if (FillTextBuffer(txtfile) == 0) - { /* Done with file reading, + p = txtfile->fbCurrent; + q = strchr(p, '\n'); + if (q) + { + *q = '\0'; + strcpy(linebuf, p); + txtfile->fbCurrent = q + 1; + return strlen(linebuf); + } + else + { + if (FillTextBuffer(txtfile) == 0) + { /* Done with file reading, return last line */ txtfile->fbStatus = TEXT_FILE_DONE; if (*txtfile->fbCurrent) { - strcpy(linebuf, txtfile->fbCurrent); + strcpy(linebuf, txtfile->fbCurrent); CloseTextFile(txtfile); return strlen(linebuf); } @@ -117,22 +118,22 @@ int ReadTextLine(TEXTFILE *txtfile, char *linebuf) CloseTextFile(txtfile); return -1; } - } - else { - p = txtfile->fbCurrent; - q = strchr(p, '\n'); - if (q) - { - *q = '\0'; - strcpy(linebuf, p); - txtfile->fbCurrent = q + 1; - } - else - { - strcpy(linebuf, txtfile->fbCurrent); - txtfile->fbCurrent = txtfile->fbCurrent + strlen(linebuf); - } } - return strlen(linebuf); - } + else { + p = txtfile->fbCurrent; + q = strchr(p, '\n'); + if (q) + { + *q = '\0'; + strcpy(linebuf, p); + txtfile->fbCurrent = q + 1; + } + else + { + strcpy(linebuf, txtfile->fbCurrent); + txtfile->fbCurrent = txtfile->fbCurrent + strlen(linebuf); + } + } + return strlen(linebuf); + } }
389-commits@lists.fedoraproject.org