Moved dSHeuristics to OpenLDAP to perform validation.

author Nadezhda Ivanova <nivanova@symas.com>

Fri, 12 Sep 2014 19:52:04 +0000 (22:52 +0300)

committer Nadezhda Ivanova <nivanova@symas.com>

Fri, 12 Sep 2014 19:52:04 +0000 (22:52 +0300)
author Nadezhda Ivanova <nivanova@symas.com>
Fri, 12 Sep 2014 19:52:04 +0000 (22:52 +0300)
committer Nadezhda Ivanova <nivanova@symas.com>
Fri, 12 Sep 2014 19:52:04 +0000 (22:52 +0300)
diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c

index 4f5d7d1fea03aefc2764be4bd5a9decc13dfdb5d..0ed0aacaa57d5bcd6b03a3625cd808dd0c66b255 100644 (file)
--- a/servers/slapd/schema_prep.c
+++ b/servers/slapd/schema_prep.c
@@ -310,6 +310,46 @@ static int objectSubClassIndexer(
         return rc;
  }
  
+
+static int normalize_to_int32(
+    slap_mask_t use,
+    Syntax *syntax,
+    MatchingRule *mr,
+    struct berval *val,
+    struct berval *out,
+    void *ctx)
+{
+       int32_t i, len;
+       char val_buf[ LDAP_PVT_INTTYPE_CHARS( unsigned long ) ];
+       struct berval tmp;
+       i = (int32_t) strtoll((char *)val->bv_val, NULL, 0);
+       len = sprintf(val_buf, "%d", i);
+    
+       tmp.bv_len = len;
+       tmp.bv_val = &val_buf;
+       ber_dupbv_x( out, &tmp, ctx );
+       return LDAP_SUCCESS;
+}
+
+#ifdef LDAP_AD_COMPATIBILITY
+static int
+validate_dSHeuristics(
+       Syntax *syntax,
+       struct berval *in )
+{
+       int i;
+       for (i = 10; i <=90; i+=10) {
+               char ch[3];
+               snprintf(ch, 10, "%d", i);
+               if ((in->bv_len >= i) &&
+                   (in->bv_val[i-1] != ch[0])) {
+                       return LDAP_CONSTRAINT_VIOLATION;
+               }
+       }
+       return LDAP_SUCCESS;
+}
+#endif
+
  #define objectSubClassFilter octetStringFilter
  
  static ObjectClassSchemaCheckFN rootDseObjectClass;
@@ -391,6 +431,7 @@ static struct slap_schema_oc_map {
                         "MUST ( cn $ subtreeSpecification ) )",
                 subentryObjectClass, SLAP_OC_SUBENTRY|SLAP_OC_OPERATIONAL,
                 offsetof(struct slap_internal_schema, si_oc_subentry) },
+#ifndef LDAP_AD_COMPATIBILITY
         { "subschema", "( 2.5.20.1 NAME 'subschema' "
                 "DESC 'RFC4512: controlling subschema (sub)entry' "
                 "AUXILIARY "
@@ -399,6 +440,15 @@ static struct slap_schema_oc_map {
                         "matchingRuleUse ) )",
                 subentryObjectClass, SLAP_OC_OPERATIONAL,
                 offsetof(struct slap_internal_schema, si_oc_subschema) },
+#else /* temporarily (maybe) butchered so provisioning could pass, got to fix it later */
+       { "subschema", "( 2.5.20.1 NAME 'subschema' "
+               "DESC 'RFC4512: controlling subschema (sub)entry' "
+               "MAY ( dITStructureRules $ nameForms $ dITContentRules $ "
+                       "objectClasses $ attributeTypes $ matchingRules $ "
+                       "matchingRuleUse $ modifyTimeStamp $ extendedAttributeInfo $ extendedClassInfo ) )",
+               0, SLAP_OC_OPERATIONAL,
+               offsetof(struct slap_internal_schema, si_oc_subschema) },
+#endif /*LDAP_AD_COMPATIBILITY*/
  #ifdef LDAP_COLLECTIVE_ATTRIBUTES
         { "collectiveAttributeSubentry", "( 2.5.17.2 "
                         "NAME 'collectiveAttributeSubentry' "
@@ -803,7 +853,11 @@ static struct slap_schema_ad_map {
         { "dITContentRules", "( 2.5.21.2 NAME 'dITContentRules' "
                         "DESC 'RFC4512: DIT content rules' "
                         "EQUALITY objectIdentifierFirstComponentMatch "
+#ifndef LDAP_AD_COMPATIBILITY /* temporary, to be removed (maybe)*/
                         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation )",
+#else
+         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 )",
+#endif
                 subentryAttribute, SLAP_AT_HIDE,
                 oidValidate, NULL,
                 NULL, NULL, objectClassMatch, NULL, NULL,
@@ -819,7 +873,11 @@ static struct slap_schema_ad_map {
         { "attributeTypes", "( 2.5.21.5 NAME 'attributeTypes' "
                         "DESC 'RFC4512: attribute types' "
                         "EQUALITY objectIdentifierFirstComponentMatch "
+#ifndef LDAP_AD_COMPATIBILITY /* temporary, to be removed */
                         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation )",
+#else
+         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 )",
+#endif
                 subentryAttribute, 0,
                 oidValidate, NULL,
                 NULL, NULL, attributeTypeMatch, NULL, NULL,
@@ -827,7 +885,11 @@ static struct slap_schema_ad_map {
         { "objectClasses", "( 2.5.21.6 NAME 'objectClasses' "
                         "DESC 'RFC4512: object classes' "
                         "EQUALITY objectIdentifierFirstComponentMatch "
+#ifndef LDAP_AD_COMPATIBILITY /* temporary, to be removed */
                         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation )",
+#else
+         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 )",
+#endif
                 subentryAttribute, 0,
                 oidValidate, NULL,
                 NULL, NULL, objectClassMatch, NULL, NULL,
@@ -1644,7 +1706,7 @@ static struct slap_schema_ad_map {
           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )",
           NULL, 0,
           NULL, NULL,
-         NULL, NULL, NULL, NULL, NULL,
+         NULL, normalize_to_int32, NULL, NULL, NULL,
           offsetof(struct slap_internal_schema, si_ad_systemFlags) },
  
  
@@ -1924,6 +1986,71 @@ static struct slap_schema_ad_map {
           NULL, NULL,
           NULL, NULL, NULL, NULL, NULL,
           offsetof(struct slap_internal_schema, si_ad_memberOf) },
+  
+         { "extendedClassInfo", "( 1.2.840.113556.1.4.908 NAME 'extendedClassInfo' "
+           "EQUALITY caseIgnoreMatch "
+           "SUBSTR caseIgnoreSubstringsMatch "
+           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)",
+         NULL, 0,
+         NULL, NULL,
+         NULL, NULL, NULL, NULL, NULL,
+         offsetof(struct slap_internal_schema, si_ad_extendedClassInfo) },
+
+         { "extendedAttributeInfo", "( 1.2.840.113556.1.4.909 NAME 'extendedAttributeInfo' "
+           "EQUALITY caseIgnoreMatch "
+           "SUBSTR caseIgnoreSubstringsMatch "
+           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)",
+         NULL, 0,
+         NULL, NULL,
+         NULL, NULL, NULL, NULL, NULL,
+         offsetof(struct slap_internal_schema, si_ad_extendedAttributeInfo) },
+
+         { "groupType", "( 1.2.840.113556.1.4.750 NAME 'groupType' "
+           "EQUALITY integerMatch "
+           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 "
+           "SINGLE-VALUE )",
+         NULL, 0,
+         NULL, NULL,
+         NULL, normalize_to_int32, NULL, NULL, NULL,
+         offsetof(struct slap_internal_schema, si_ad_groupType) },
+
+         { "primaryGroupID", "( 1.2.840.113556.1.4.98 NAME 'primaryGroupID' "
+           "EQUALITY integerMatch "
+           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 "
+           "SINGLE-VALUE )",
+         NULL, 0,
+         NULL, NULL,
+         NULL, normalize_to_int32, NULL, NULL, NULL,
+         offsetof(struct slap_internal_schema, si_ad_primaryGroupID) },
+
+         { "userAccountControl", "( 1.2.840.113556.1.4.8 NAME 'userAccountControl' "
+           "EQUALITY integerMatch "
+           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 "
+           "SINGLE-VALUE )",
+         NULL, 0,
+         NULL, NULL,
+         NULL, normalize_to_int32, NULL, NULL, NULL,
+         offsetof(struct slap_internal_schema, si_ad_userAccountControl) },
+
+          { "sAMAccountType", "( 1.2.840.113556.1.4.302 NAME 'sAMAccountType' "
+           "EQUALITY integerMatch "
+           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 "
+           "SINGLE-VALUE )",
+         NULL, 0,
+         NULL, NULL,
+         NULL, normalize_to_int32, NULL, NULL, NULL,
+         offsetof(struct slap_internal_schema, si_ad_sAMAccountType) },
+
+         { "dSHeuristics", "( 1.2.840.113556.1.2.212 NAME 'dSHeuristics' "
+           "EQUALITY caseIgnoreMatch "
+           "SUBSTR caseIgnoreSubstringsMatch "
+           "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 "
+           "SINGLE-VALUE )",
+         NULL, 0,
+         validate_dSHeuristics, NULL,
+         NULL, NULL, NULL, NULL, NULL,
+         offsetof(struct slap_internal_schema, si_ad_dSHeuristics) },
+         
  #endif
  
         { NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 0 }
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h

index 97ae9a1199af79a779a23225617b2c32b09c3cc8..1321d79b802774445dc13aac878a903ae493d3ae 100644 (file)
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -1084,6 +1084,13 @@ struct slap_internal_schema {
         AttributeDescription *si_ad_objectGUID;
         AttributeDescription *si_ad_msDS_NC_RO_Replica_Locations_BL;
         AttributeDescription *si_ad_memberOf;
+       AttributeDescription *si_ad_extendedClassInfo;
+       AttributeDescription *si_ad_extendedAttributeInfo;
+       AttributeDescription *si_ad_groupType;
+       AttributeDescription *si_ad_primaryGroupID;
+       AttributeDescription *si_ad_userAccountControl;
+       AttributeDescription *si_ad_sAMAccountType;
+       AttributeDescription *si_ad_dSHeuristics;
  #endif
  
         /* Undefined Attribute Type */
author	Nadezhda Ivanova <nivanova@symas.com>
	Fri, 12 Sep 2014 19:52:04 +0000 (22:52 +0300)
committer	Nadezhda Ivanova <nivanova@symas.com>
	Fri, 12 Sep 2014 19:52:04 +0000 (22:52 +0300)
servers/slapd/schema_prep.c		patch \| blob \| history
servers/slapd/slap.h		patch \| blob \| history