summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Hedenfal <martinh@cvs.openbsd.org>2010-11-04 15:35:01 +0000
committerMartin Hedenfal <martinh@cvs.openbsd.org>2010-11-04 15:35:01 +0000
commit6efef39574dae700daacc8195b566ee0f0bb7dcb (patch)
treeb390e50e031892cc35a0946ee52b58e46256025d
parent1603c39f4bdda930f5ef64cfa0b5a0dd078e5113 (diff)
Publish matching rules in the cn=schema subentry as the matchingRules
attribute. This is an operational attribute and only returned if explicitly asked for. Required by RFC 4517.
-rw-r--r--usr.sbin/ldapd/matching.c6
-rw-r--r--usr.sbin/ldapd/schema.c17
-rw-r--r--usr.sbin/ldapd/schema.h6
-rw-r--r--usr.sbin/ldapd/search.c19
4 files changed, 42 insertions, 6 deletions
diff --git a/usr.sbin/ldapd/matching.c b/usr.sbin/ldapd/matching.c
index eb8f4fbf4e9..932d4d35633 100644
--- a/usr.sbin/ldapd/matching.c
+++ b/usr.sbin/ldapd/matching.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: matching.c,v 1.1 2010/11/03 14:17:01 martinh Exp $ */
+/* $OpenBSD: matching.c,v 1.2 2010/11/04 15:35:00 martinh Exp $ */
/*
* Copyright (c) 2010 Martin Hedenfalk <martinh@openbsd.org>
@@ -75,7 +75,7 @@ static const char *oid_first_component_syntaxes[] = {
NULL
};
-static struct match_rule match_rules[] = {
+struct match_rule match_rules[] = {
{ "1.3.6.1.1.16.2", "uuidMatch", MATCH_EQUALITY, NULL, "1.3.6.1.1.16.1", NULL },
{ "1.3.6.1.1.16.3", "uuidOrderingMatch", MATCH_ORDERING, NULL, "1.3.6.1.1.16.1", NULL },
@@ -116,6 +116,8 @@ static struct match_rule match_rules[] = {
#endif
};
+int num_match_rules = nitems(match_rules);
+
static struct match_rule_alias {
char *name;
char *oid;
diff --git a/usr.sbin/ldapd/schema.c b/usr.sbin/ldapd/schema.c
index 57548b59478..48943ec1ecf 100644
--- a/usr.sbin/ldapd/schema.c
+++ b/usr.sbin/ldapd/schema.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: schema.c,v 1.13 2010/11/03 14:17:01 martinh Exp $ */
+/* $OpenBSD: schema.c,v 1.14 2010/11/04 15:35:00 martinh Exp $ */
/*
* Copyright (c) 2010 Martin Hedenfalk <martinh@openbsd.org>
@@ -1333,3 +1333,18 @@ schema_dump_attribute(struct attr_type *at, char *buf, size_t size)
return 0;
}
+int
+schema_dump_match_rule(struct match_rule *mr, char *buf, size_t size)
+{
+ if (strlcpy(buf, "( ", size) >= size ||
+ strlcat(buf, mr->oid, size) >= size ||
+ strlcat(buf, " NAME '", size) >= size ||
+ strlcat(buf, mr->name, size) >= size ||
+ strlcat(buf, "' SYNTAX ", size) >= size ||
+ strlcat(buf, mr->syntax_oid, size) >= size ||
+ strlcat(buf, " )", size) >= size)
+ return -1;
+
+ return 0;
+}
+
diff --git a/usr.sbin/ldapd/schema.h b/usr.sbin/ldapd/schema.h
index 750c5eb3abf..9699f1330b8 100644
--- a/usr.sbin/ldapd/schema.h
+++ b/usr.sbin/ldapd/schema.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: schema.h,v 1.6 2010/11/03 14:17:01 martinh Exp $ */
+/* $OpenBSD: schema.h,v 1.7 2010/11/04 15:35:00 martinh Exp $ */
/*
* Copyright (c) 2010 Martin Hedenfalk <martinh@openbsd.org>
@@ -158,6 +158,8 @@ int schema_dump_object(struct object *obj,
char *buf, size_t size);
int schema_dump_attribute(struct attr_type *obj,
char *buf, size_t size);
+int schema_dump_match_rule(struct match_rule *mr,
+ char *buf, size_t size);
struct attr_type *lookup_attribute_by_oid(struct schema *schema, char *oid);
struct attr_type *lookup_attribute_by_name(struct schema *schema, char *name);
@@ -172,6 +174,8 @@ int is_oidstr(const char *oidstr);
const struct syntax *syntax_lookup(const char *oid);
/* matching.c */
+extern struct match_rule match_rules[];
+extern int num_match_rules;
const struct match_rule *match_rule_lookup(const char *oid);
#endif
diff --git a/usr.sbin/ldapd/search.c b/usr.sbin/ldapd/search.c
index dc94444962d..51ca2a39192 100644
--- a/usr.sbin/ldapd/search.c
+++ b/usr.sbin/ldapd/search.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: search.c,v 1.11 2010/11/03 10:33:17 martinh Exp $ */
+/* $OpenBSD: search.c,v 1.12 2010/11/04 15:35:00 martinh Exp $ */
/*
* Copyright (c) 2009, 2010 Martin Hedenfalk <martin@bzero.se>
@@ -531,7 +531,7 @@ ldap_search_subschema(struct search *search)
struct ber_element *root, *elm, *key, *val;
struct object *obj;
struct attr_type *at;
- int rc;
+ int rc, i;
if ((root = ber_add_sequence(NULL)) == NULL) {
return;
@@ -586,6 +586,21 @@ ldap_search_subschema(struct search *search)
}
}
+ if (should_include_attribute("matchingRules", search, 1)) {
+ elm = ber_add_sequence(elm);
+ key = ber_add_string(elm, "matchingRules");
+ val = ber_add_set(key);
+
+ for (i = 0; i < num_match_rules; i++) {
+ if (schema_dump_match_rule(&match_rules[i], buf,
+ sizeof(buf)) != 0) {
+ rc = LDAP_OTHER;
+ goto done;
+ }
+ val = ber_add_string(val, buf);
+ }
+ }
+
search_result("cn=schema", 9, root, search);
rc = LDAP_SUCCESS;