I've got my bitwise match plugin to load and run, but now I have an
issue. it appears that my matching rule needs to limit what attributes
it applies itself to.
That is, when I step though to code, from this query:
[abartlet@piglett source]$ bin/ldbsearch -H
ldapi:///data/samba/samba4/svn/source/st/dc/ldap/ldapi -b
"dc=samba,dc=example,dc=com" -s sub
'(|(&(!(groupType:1.2.840.113556.1.4.803:=1))(groupType:1.2.840.113556.1.4.803:=2147483648)(groupType:1.2.840.113556.1.4.804:=10)))' sAMAccountName groupType
# returned 0 records
I seem to be walking all the attributes, not just the attributes in the
search expression:
75 errno = 0;
76 a = strtoull((*vals)->bv_val, NULL, 10);
77 if (errno == ERANGE) {
78 ber_bvecfree( vals );
79 vals = NULL;
80 continue;
81 }
(gdb) p (*vals)->bv_val
$5 = 0x8411038 "(targetattr = \"*\") (version 3.0;acl \"full access to
all by all\";allow (all)(userdn = \"ldap:///anyone\";);)\n"
The collation plugin is again to opaque for me to quite get how I'm
meant to handle this...
My plugin in attached.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
/** BEGIN COPYRIGHT BLOCK
* This Program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free Software
* Foundation; version 2 of the License.
*
* This Program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with
* this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
* Place, Suite 330, Boston, MA 02111-1307 USA.
*
* In addition, as a special exception, Red Hat, Inc. gives You the additional
* right to link the code of this Program with code not covered under the GNU
* General Public License ("Non-GPL Code") and to distribute linked combinations
* including the two, subject to the limitations in this paragraph. Non-GPL Code
* permitted under this exception must only link to the code of this Program
* through those well defined interfaces identified in the file named EXCEPTION
* found in the source code files (the "Approved Interfaces"). The files of
* Non-GPL Code may instantiate templates or use macros or inline functions from
* the Approved Interfaces without causing the resulting work to be covered by
* the GNU General Public License. Only Red Hat, Inc. may make changes or
* additions to the list of Approved Interfaces. You must obey the GNU General
* Public License in all respects for all of the Program code and other code used
* in conjunction with the Program except the Non-GPL Code covered by this
* exception. If you modify this file, you may extend this exception to your
* version of the file, but you are not obligated to do so. If you do not wish to
* provide this exception without modification, you must delete this exception
* statement from your version and license this file solely under the GPL without
* exception.
*
*
* Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
* Copyright (C) 2005 Red Hat, Inc.
* All rights reserved.
* END COPYRIGHT BLOCK **/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
/* orfilter.c - implementation of ordering rule filter */
#include <ldap.h> /* LDAP_UTF8INC */
#include <slap.h> /* for debug macros */
#include <slapi-plugin.h> /* slapi_berval_cmp, SLAPI_BERVAL_EQ */
#ifdef HPUX11
#include <dl.h>
#endif /* HPUX11 */
static int
bitwise_filter_match_and (void* obj, Slapi_Entry* entry, Slapi_Attr* attr)
/* returns: 0 filter matched
* -1 filter did not match
* >0 an LDAP error code
*/
{
struct berval *match = obj;
unsigned long long a, b;
auto int rc = -1; /* no match */
for (; attr != NULL; slapi_entry_next_attr (entry, attr, &attr)) {
auto char* type = NULL;
auto struct berval** vals = NULL;
/*
* XXXmcs 1-March-2001: This code would perform better if it did not make
* a copy of the values here, but that would require re-writing the code
* in this file to use Slapi_ValueSet's instead of struct berval **'s
* (and that is not a small project).
*/
if (!slapi_attr_get_type (attr, &type) && type != NULL &&
!slapi_attr_get_bervals_copy(attr, &vals) && vals != NULL) {
errno = 0;
a = strtoull((*vals)->bv_val, NULL, 10);
if (errno == ERANGE) {
ber_bvecfree( vals );
vals = NULL;
continue;
}
errno = 0;
b = strtoull(match->bv_val, NULL, 10);
if (errno == ERANGE) {
rc = LDAP_CONSTRAINT_VIOLATION;
ber_bvecfree( vals );
vals = NULL;
continue;
}
if (a & b) {
rc = 0;
}
ber_bvecfree( vals );
vals = NULL;
if (rc >= 0) break;
}
}
return rc;
}
static int
bitwise_filter_match_or (void* obj, Slapi_Entry* entry, Slapi_Attr* attr)
/* returns: 0 filter matched
* -1 filter did not match
* >0 an LDAP error code
*/
{
struct berval *match = obj;
unsigned long long a, b;
auto int rc = -1; /* no match */
for (; attr != NULL; slapi_entry_next_attr (entry, attr, &attr)) {
auto char* type = NULL;
auto struct berval** vals = NULL;
/*
* XXXmcs 1-March-2001: This code would perform better if it did not make
* a copy of the values here, but that would require re-writing the code
* in this file to use Slapi_ValueSet's instead of struct berval **'s
* (and that is not a small project).
*/
if (!slapi_attr_get_type (attr, &type) && type != NULL &&
!slapi_attr_get_bervals_copy(attr, &vals) && vals != NULL) {
errno = 0;
a = strtoull((*vals)->bv_val, NULL, 10);
if (errno == ERANGE) {
continue;
ber_bvecfree( vals );
vals = NULL;
}
errno = 0;
b = strtoull(match->bv_val, NULL, 10);
if (errno == ERANGE) {
rc = LDAP_CONSTRAINT_VIOLATION;
ber_bvecfree( vals );
vals = NULL;
continue;
}
if (a | b) {
rc = 0;
}
ber_bvecfree( vals );
vals = NULL;
if (rc >= 0) break;
}
}
return rc;
}
static int
bitwise_filter_create (Slapi_PBlock* pb)
{
auto int rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION; /* failed to initialize */
auto char* mrOID = NULL;
auto char* mrTYPE = NULL;
auto struct berval* mrVALUE = NULL;
if (!slapi_pblock_get (pb, SLAPI_PLUGIN_MR_OID, &mrOID) && mrOID != NULL &&
!slapi_pblock_get (pb, SLAPI_PLUGIN_MR_TYPE, &mrTYPE) && mrTYPE != NULL &&
!slapi_pblock_get (pb, SLAPI_PLUGIN_MR_VALUE, &mrVALUE) && mrVALUE != NULL) {
slapi_pblock_set (pb, SLAPI_PLUGIN_OBJECT, mrVALUE);
if (strcmp(mrOID, "1.2.840.113556.1.4.803") == 0) {
slapi_pblock_set (pb, SLAPI_PLUGIN_MR_FILTER_MATCH_FN, (void*)bitwise_filter_match_and);
} else if (strcmp(mrOID, "1.2.840.113556.1.4.804") == 0) {
slapi_pblock_set (pb, SLAPI_PLUGIN_MR_FILTER_MATCH_FN, (void*)bitwise_filter_match_or);
}
rc = LDAP_SUCCESS;
} else {
LDAPDebug (LDAP_DEBUG_FILTER, "=> bitwise_filter_create missing parameter(s)\n", 0, 0, 0);
}
LDAPDebug (LDAP_DEBUG_FILTER, "<= bitwise_filter_create %i\n", rc, 0, 0);
return LDAP_SUCCESS;
}
static Slapi_PluginDesc pdesc = { "bitwise", PLUGIN_MAGIC_VENDOR_STR, PRODUCTTEXT,
"bitwise match plugin" };
int /* LDAP error code */
bitwise_init (Slapi_PBlock* pb)
{
int rc;
int argc;
char** argv;
char* cfgpath;
rc = slapi_pblock_set (pb, SLAPI_PLUGIN_MR_FILTER_CREATE_FN, (void*)bitwise_filter_create);
if ( rc == 0 ) {
rc = slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&pdesc );
}
LDAPDebug (LDAP_DEBUG_FILTER, "bitwise_init %i\n", rc, 0, 0);
return rc;
}
Attachment:
signature.asc
Description: This is a digitally signed message part
-- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
