4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright 2015 Gary Mills
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
34 #include "ldap_util.h"
36 #include "ldap_attr.h"
37 #include "ldap_ldap.h"
38 #include "ldap_ruleval.h"
42 * Free an array of 'count' rule-value elements.
45 freeRuleValue(__nis_rule_value_t
*rv
, int count
) {
51 for (n
= 0; n
< count
; n
++) {
53 if (rv
[n
].colName
!= 0) {
54 for (i
= 0; i
< rv
[n
].numColumns
; i
++) {
55 sfree(rv
[n
].colName
[i
]);
59 if (rv
[n
].colVal
!= 0) {
60 for (i
= 0; i
< rv
[n
].numColumns
; i
++) {
61 for (j
= 0; j
< rv
[n
].colVal
[i
].numVals
; j
++) {
62 sfree(rv
[n
].colVal
[i
].val
[j
].value
);
64 if (rv
[n
].colVal
[i
].numVals
> 0)
65 sfree(rv
[n
].colVal
[i
].val
);
70 if (rv
[n
].attrName
!= 0) {
71 for (i
= 0; i
< rv
[n
].numAttrs
; i
++) {
72 sfree(rv
[n
].attrName
[i
]);
76 if (rv
[n
].attrVal
!= 0) {
77 for (i
= 0; i
< rv
[n
].numAttrs
; i
++) {
78 for (j
= 0; j
< rv
[n
].attrVal
[i
].numVals
;
80 sfree(rv
[n
].attrVal
[i
].val
[j
].value
);
82 if (rv
[n
].attrVal
[i
].numVals
> 0)
83 sfree(rv
[n
].attrVal
[i
].val
);
93 * Return an array of 'count' __nis_rule_value_t elements, initialized
94 * to be copies of 'rvIn' if supplied; empty otherwise.
97 initRuleValue(int count
, __nis_rule_value_t
*rvIn
) {
98 return (growRuleValue(0, count
, 0, rvIn
));
101 static const __nis_rule_value_t rvZero
= {0};
104 * Grow 'old' from 'oldCount' to 'newCount' elements, initialize the
105 * new portion to 'rvIn' (empty if not supplied), and return a pointer
106 * to the result. Following a call to this function, the caller must
107 * refer only to the returned array, not to 'old'.
110 growRuleValue(int oldCount
, int newCount
, __nis_rule_value_t
*old
,
111 __nis_rule_value_t
*rvIn
) {
112 __nis_rule_value_t
*rv
;
114 char *myself
= "growRuleValue";
116 if (newCount
<= 0 || newCount
<= oldCount
)
125 rvIn
= (__nis_rule_value_t
*)&rvZero
;
127 rv
= reallocarray(old
, newCount
, sizeof (rv
[0]));
129 logmsg(MSG_NOMEM
, LOG_ERR
,
130 "%s: realloc(%d ((%d+%d)*%d)) => 0",
131 myself
, (oldCount
+newCount
) * sizeof (rv
[0]),
132 oldCount
, newCount
, sizeof (rv
[0]));
133 freeRuleValue(old
, oldCount
);
137 (void) memset(&rv
[oldCount
], 0, (newCount
-oldCount
)*sizeof (rv
[0]));
139 for (i
= oldCount
; i
< newCount
; i
++) {
140 rv
[i
].numColumns
= rvIn
->numColumns
;
141 if (rv
[i
].numColumns
> 0) {
142 rv
[i
].colName
= cloneName(rvIn
->colName
,
144 rv
[i
].colVal
= cloneValue(rvIn
->colVal
,
147 if (rv
[i
].numColumns
> 0 &&
148 (rv
[i
].colName
== 0 || rv
[i
].colVal
== 0)) {
149 freeRuleValue(rv
, i
);
152 rv
[i
].numAttrs
= rvIn
->numAttrs
;
153 rv
[i
].attrName
= cloneName(rvIn
->attrName
, rv
[i
].numAttrs
);
154 rv
[i
].attrVal
= cloneValue(rvIn
->attrVal
, rv
[i
].numAttrs
);
155 if (rv
[i
].numAttrs
> 0 &&
156 (rv
[i
].attrName
== 0 || rv
[i
].attrVal
== 0)) {
157 freeRuleValue(rv
, i
);
166 * Merge the source rule-value 's' into the target rule-value 't'.
167 * If successful, unless 's' is a sub-set of 't', 't' will be changed
168 * on exit, and will contain the values from 's' as well.
171 mergeRuleValue(__nis_rule_value_t
*t
, __nis_rule_value_t
*s
) {
179 for (i
= 0; i
< s
->numColumns
; i
++) {
180 for (j
= 0; j
< s
->colVal
[i
].numVals
; j
++) {
181 if (addCol2RuleValue(s
->colVal
[i
].type
, s
->colName
[i
],
182 s
->colVal
[i
].val
[j
].value
,
183 s
->colVal
[i
].val
[j
].length
,
189 for (i
= 0; i
< s
->numAttrs
; i
++) {
190 for (j
= 0; j
< s
->attrVal
[i
].numVals
; j
++) {
191 if (addAttr2RuleValue(s
->attrVal
[i
].type
,
193 s
->attrVal
[i
].val
[j
].value
,
194 s
->attrVal
[i
].val
[j
].length
,
204 addVal2RuleValue(char *msg
, int caseSens
, int snipNul
, __nis_value_type_t type
,
205 char *name
, void *value
, int valueLen
,
206 int *numP
, char ***inNameP
, __nis_value_t
**inValP
) {
207 int i
, j
, copyLen
= valueLen
;
208 __nis_single_value_t
*v
;
209 char **inName
= *inNameP
;
210 __nis_value_t
*inVal
= *inValP
;
212 int (*comp
)(const char *s1
, const char *s2
);
213 char *myself
= "addVal2RuleValue";
215 /* Internal function, so assume arguments OK */
220 /* Should we match the 'inName' value case sensitive or not ? */
227 * String-valued NIS+ entries count the concluding NUL in the
228 * length, while LDAP entries don't. In order to support this,
229 * we implement the following for vt_string value types:
231 * If the last byte of the value isn't a NUL, add one to the
232 * allocated length, so that there always is a NUL after the
233 * value, making it safe to pass to strcmp() etc.
235 * If 'snipNul' is set (presumably meaning we're inserting a
236 * value derived from a NIS+ entry), and the last byte of the
237 * value already is a NUL, decrement the length to be copied by
238 * one. This (a) doesn't count the NUL in the value length, but
239 * (b) still leaves a NUL following the value.
241 * In N2L, for all cases we set 'copyLen' to the number of non-0
242 * characters in 'value'.
244 if (type
== vt_string
&& valueLen
> 0) {
245 char *charval
= value
;
247 if (charval
[valueLen
-1] != '\0')
249 else if (yp2ldap
|| snipNul
)
251 } else if (valueLen
== 0) {
253 * If the 'value' pointer is non-NULL, we create a zero-
254 * length value with one byte allocated. This takes care
260 /* If we already have values for this attribute, add another one */
261 for (i
= 0; i
< num
; i
++) {
262 if ((*comp
)(inName
[i
], name
) == 0) {
265 * Our caller often doesn't know the type of the
266 * value; this happens because the type (vt_string
267 * or vt_ber) is determined by the format in the
268 * rule sets, and we may be invoked as a preparation
269 * for evaluating the rules. Hence, we only use the
270 * supplied 'type' if we need to create a value.
271 * Otherwise, we accept mixed types.
273 * Strings are OK in any case, since we always make
274 * sure to have a zero byte at the end of any value,
278 if (inVal
[i
].numVals
< 0) {
280 * Used to indicate deletion of attribute,
281 * so we honor that and don't add a value.
287 * If 'value' is NULL, we should delete, so
288 * remove any existing values, and set the
289 * 'numVals' field to -1.
292 for (j
= 0; j
< inVal
[i
].numVals
; j
++) {
293 sfree(inVal
[i
].val
[j
].value
);
297 inVal
[i
].numVals
= -1;
301 /* Is the value a duplicate ? */
302 for (j
= 0; j
< inVal
[i
].numVals
; j
++) {
303 if (copyLen
== inVal
[i
].val
[j
].length
&&
304 memcmp(value
, inVal
[i
].val
[j
].value
,
309 if (j
< inVal
[i
].numVals
)
312 /* Not a duplicate, so add the name/value pair */
313 v
= reallocarray(inVal
[i
].val
,
314 inVal
[i
].numVals
+ 1,
315 sizeof (inVal
[i
].val
[0]));
319 v
[inVal
[i
].numVals
].length
= copyLen
;
320 v
[inVal
[i
].numVals
].value
= am(msg
, valueLen
);
321 if (v
[inVal
[i
].numVals
].value
== 0 &&
326 memcpy(v
[inVal
[i
].numVals
].value
, value
, copyLen
);
333 /* No previous value for this attribute */
336 * value == 0 means deletion, in which case we create a
337 * __nis_value_t with the numVals field set to -1.
340 if ((v
= am(msg
, sizeof (*v
))) == 0)
343 v
->value
= am(msg
, valueLen
);
344 if (v
->value
== 0 && value
!= 0) {
348 memcpy(v
->value
, value
, copyLen
);
351 inVal
= reallocarray(inVal
, num
+ 1, sizeof (inVal
[0]));
361 inName
= reallocarray(inName
, num
+ 1, sizeof (inName
[0]));
362 if (inName
== 0 || (inName
[num
] =
363 sdup(msg
, T
, name
)) == 0) {
370 inVal
[num
].type
= type
;
371 inVal
[num
].repeat
= 0;
373 inVal
[num
].numVals
= 1;
376 inVal
[num
].numVals
= -1;
386 addAttr2RuleValue(__nis_value_type_t type
, char *name
, void *value
,
387 int valueLen
, __nis_rule_value_t
*rv
) {
388 char *myself
= "addAttr2RuleValue";
390 if (name
== 0 || rv
== 0)
393 return (addVal2RuleValue(myself
, 0, 0, type
, name
, value
, valueLen
,
394 &rv
->numAttrs
, &rv
->attrName
, &rv
->attrVal
));
398 addSAttr2RuleValue(char *name
, char *value
, __nis_rule_value_t
*rv
) {
399 return (addAttr2RuleValue(vt_string
, name
, value
, slen(value
), rv
));
403 addCol2RuleValue(__nis_value_type_t type
, char *name
, void *value
,
404 int valueLen
, __nis_rule_value_t
*rv
) {
405 char *myself
= "addCol2RuleValue";
407 if (name
== 0 || rv
== 0)
410 return (addVal2RuleValue(myself
, 1, 1, type
, name
, value
, valueLen
,
411 &rv
->numColumns
, &rv
->colName
, &rv
->colVal
));
415 addSCol2RuleValue(char *name
, char *value
, __nis_rule_value_t
*rv
) {
416 return (addCol2RuleValue(vt_string
, name
, value
, slen(value
), rv
));
420 * Given a table mapping, a NIS+ DB query, and (optionally) an existing
421 * and compatible __nis_rule_value_t, return a new __nis_rule_value_t
422 * with the values from the query added.
425 buildNisPlusRuleValue(__nis_table_mapping_t
*t
, db_query
*q
,
426 __nis_rule_value_t
*rv
) {
429 if (t
== 0 || q
== 0)
432 rv
= initRuleValue(1, rv
);
436 for (i
= 0; i
< q
->components
.components_len
; i
++) {
438 /* Ignore out-of-range column index */
439 if (q
->components
.components_val
[i
].which_index
>=
444 * Add the query value. A NULL value indicates deletion,
445 * but addCol2RuleValue() takes care of that for us.
447 if (addCol2RuleValue(vt_string
,
448 t
->column
[q
->components
.components_val
[i
].
450 q
->components
.components_val
[i
].index_value
->
451 itemvalue
.itemvalue_val
,
452 q
->components
.components_val
[i
].index_value
->
453 itemvalue
.itemvalue_len
, rv
) != 0) {
454 freeRuleValue(rv
, 1);
465 * Given a LHS rule 'rl', return an array containing the item names,
466 * and the number of elements in the array in '*numItems'.
468 * If there are 'me_match' __nis_mapping_element_t's, we use the
469 * supplied '*rval' (if any) to derive values for the items in
470 * the 'me_match', and add the values thus derived to '*rval' (in
471 * which case the '*rval' pointer will change; the old '*rval'
474 __nis_mapping_item_t
*
475 buildLvalue(__nis_mapping_rlhs_t
*rl
, __nis_value_t
**rval
, int *numItems
) {
476 __nis_value_t
*val
, *r
;
477 __nis_mapping_item_t
*item
= 0;
478 int i
, n
, ni
= 0, nv
= 0;
490 /* If there is more than one element, we concatenate the items */
491 for (i
= 0; i
< rl
->numElements
; i
++) {
492 __nis_mapping_element_t
*e
= &rl
->element
[i
];
493 __nis_mapping_item_t
*olditem
, *tmpitem
= 0;
498 tmpitem
= cloneItem(&e
->element
.item
);
502 * Obtain values for the items in the 'me_match'
505 tmp
= matchMappingItem(e
->element
.match
.fmt
, r
, &nv
,
510 for (n
= 0; n
< nv
; n
++) {
511 r
= concatenateValues(val
, tmp
[n
]);
513 freeValue(tmp
[n
], 1);
516 for (n
++; n
< nv
; n
++) {
517 freeValue(tmp
[n
], 1);
524 if (repeat
&& val
!= 0)
525 val
->repeat
= repeat
;
528 for (n
= 0; n
< e
->element
.match
.numItems
;
531 item
= concatenateMappingItem(item
, ni
,
532 &e
->element
.match
.item
[n
]);
533 freeMappingItem(olditem
, ni
);
546 /* These shouldn't show up on the LHS; ignore */
552 item
= concatenateMappingItem(item
, ni
, tmpitem
);
553 freeMappingItem(olditem
, ni
);
554 freeMappingItem(tmpitem
, 1);
570 buildRvalue(__nis_mapping_rlhs_t
*rl
, __nis_mapping_item_type_t native
,
571 __nis_rule_value_t
*rv
, int *stat
) {
572 __nis_value_t
*val
, *vold
= 0, *vnew
;
574 char *myself
= "buildRvalue";
576 if (rl
== 0 || rl
->numElements
<= 0) {
578 * No RHS indicates deletion, as does a __nis_value_t
579 * with numVals == -1, so we return such a creature.
581 val
= am(myself
, sizeof (*val
));
583 val
->type
= vt_string
;
589 /* If there is more than one element, we concatenate the values */
590 for (i
= 0; i
< rl
->numElements
; i
++) {
591 vnew
= getMappingElement(&rl
->element
[i
], native
, rv
, stat
);
592 val
= concatenateValues(vold
, vnew
);
601 * Derive values for the LDAP attributes specified by the rule 'r',
602 * and add them to the rule-value 'rv'.
604 * If 'doAssign' is set, out-of-context assignments are performed,
608 addLdapRuleValue(__nis_table_mapping_t
*t
,
609 __nis_mapping_rule_t
*r
,
610 __nis_mapping_item_type_t lnative
,
611 __nis_mapping_item_type_t rnative
,
612 __nis_rule_value_t
*rv
,
613 int doAssign
, int *stat
) {
615 __nis_value_t
*rval
, *lval
;
616 __nis_mapping_item_t
*litem
;
620 char *myself
= "addLdapRuleValue";
623 /* Do we have the required values ? */
628 * Establish appropriate search base. For rnative == mit_nisplus,
629 * we're deriving LDAP attribute values from NIS+ columns; in other
630 * words, we're writing to LDAP, and should use the write.base value.
632 __nisdb_get_tsd()->searchBase
= (rnative
== mit_nisplus
) ?
633 t
->objectDN
->write
.base
: t
->objectDN
->read
.base
;
635 /* Set escapeFlag if LHS is "dn" to escape special chars */
636 if (yp2ldap
&& r
->lhs
.numElements
== 1 &&
637 r
->lhs
.element
->type
== me_item
&&
638 r
->lhs
.element
->element
.item
.type
== mit_ldap
&&
639 strcasecmp(r
->lhs
.element
->element
.item
.name
, "dn") == 0) {
640 __nisdb_get_tsd()->escapeFlag
= '1';
643 /* Build the RHS value */
644 rval
= buildRvalue(&r
->rhs
, rnative
, rv
, stat
);
646 /* Reset escapeFlag */
647 __nisdb_get_tsd()->escapeFlag
= '\0';
653 * Special case: If we got no value for the RHS (presumably because
654 * we're missing one or more item values), we don't produce an lval.
655 * Note that this isn't the same thing as an empty value, which we
656 * faithfully try to transmit to LDAP.
658 if (rval
->numVals
== 1 && rval
->val
[0].value
== 0) {
663 /* Obtain the LHS item names */
664 litem
= buildLvalue(&r
->lhs
, &rval
, &numItems
);
670 /* Get string representations of the LHS item names */
672 for (i
= 0; i
< numItems
; i
++) {
673 __nis_value_t
*tmpval
, *old
;
675 tmpval
= getMappingItem(&litem
[i
], lnative
, 0, 0, NULL
);
678 * If the LHS item is out-of-context, we do the
679 * assignment right here.
681 if (doAssign
&& litem
[i
].type
== mit_ldap
&&
682 litem
[i
].searchSpec
.triple
.scope
!=
683 LDAP_SCOPE_UNKNOWN
&&
684 slen(litem
[i
].searchSpec
.triple
.base
) > 0 &&
685 (slen(litem
[i
].searchSpec
.triple
.attrs
) > 0 ||
686 litem
[i
].searchSpec
.triple
.element
!= 0)) {
690 dn
= findDNs(myself
, rv
, 1,
691 t
->objectDN
->write
.base
,
694 stat
= storeLDAP(&litem
[i
], i
, numItems
, rval
,
695 t
->objectDN
, dn
, numDN
);
696 if (stat
!= LDAP_SUCCESS
) {
697 char *iname
= "<unknown>";
700 tmpval
->numVals
== 1)
701 iname
= tmpval
->val
[0].value
;
702 logmsg(MSG_NOTIMECHECK
, LOG_ERR
,
703 "%s: LDAP store \"%s\": %s",
705 ldap_err2string(stat
));
708 freeValue(tmpval
, 1);
713 lval
= concatenateValues(old
, tmpval
);
714 freeValue(tmpval
, 1);
718 /* Don't need the LHS items themselves anymore */
719 freeMappingItem(litem
, numItems
);
722 * If we don't have an 'lval' (probably because all litem[i]:s
723 * were out-of-context assignments), we're done.
725 if (lval
== 0 || lval
->numVals
<= 0) {
731 for (i
= 0, j
= 0; i
< lval
->numVals
; i
++) {
732 /* Special case: rval->numVals < 0 means deletion */
733 if (rval
->numVals
< 0) {
734 (void) addAttr2RuleValue(rval
->type
,
735 lval
->val
[i
].value
, 0, 0, rv
);
738 /* If we're out of values, repeat the last one */
739 if (j
>= rval
->numVals
)
740 j
= (rval
->numVals
> 0) ? rval
->numVals
-1 : 0;
741 for (; j
< rval
->numVals
; j
++) {
743 * If this is the 'dn', and the value ends in a
744 * comma, append the appropriate search base.
746 if (strcasecmp("dn", lval
->val
[i
].value
) == 0 &&
747 lastChar(&rval
->val
[j
]) == ',' &&
748 t
->objectDN
->write
.scope
!=
749 LDAP_SCOPE_UNKNOWN
) {
753 nval
= appendString2SingleVal(
754 t
->objectDN
->write
.base
, &rval
->val
[j
],
756 if (nval
!= 0 && nlen
>= 0) {
757 sfree(rval
->val
[j
].value
);
758 rval
->val
[j
].value
= nval
;
759 rval
->val
[j
].length
= nlen
;
762 (void) addAttr2RuleValue(rval
->type
,
763 lval
->val
[i
].value
, rval
->val
[j
].value
,
764 rval
->val
[j
].length
, rv
);
766 * If the lval is multi-valued, go on to the
767 * other values; otherwise, quit (but increment
768 * the 'rval' value index).
785 * Remove the indicated attribute, and any values for it, from the
789 delAttrFromRuleValue(__nis_rule_value_t
*rv
, char *attrName
) {
792 if (rv
== 0 || attrName
== 0)
795 for (i
= 0; i
< rv
->numAttrs
; i
++) {
796 if (strcasecmp(attrName
, rv
->attrName
[i
]) == 0) {
799 for (j
= 0; j
< rv
->attrVal
[i
].numVals
; j
++)
800 sfree(rv
->attrVal
[i
].val
[j
].value
);
801 if (rv
->attrVal
[i
].numVals
> 0)
802 sfree(rv
->attrVal
[i
].val
);
804 sfree(rv
->attrName
[i
]);
806 /* Move up the rest of the attribute names/values */
807 for (j
= i
+1; j
< rv
->numAttrs
; j
++) {
808 rv
->attrName
[j
-1] = rv
->attrName
[j
];
809 rv
->attrVal
[j
-1] = rv
->attrVal
[j
];
820 * Remove the indicated column, and any values for it, from the
824 delColFromRuleValue(__nis_rule_value_t
*rv
, char *colName
) {
827 if (rv
== 0 || colName
== 0)
830 for (i
= 0; i
< rv
->numColumns
; i
++) {
831 if (strcmp(colName
, rv
->colName
[i
]) == 0) {
834 for (j
= 0; j
< rv
->colVal
[i
].numVals
; j
++)
835 sfree(rv
->colVal
[i
].val
[j
].value
);
836 if (rv
->colVal
[i
].numVals
> 0)
837 sfree(rv
->colVal
[i
].val
);
839 sfree(rv
->colName
[i
]);
841 /* Move up the rest of the column names/values */
842 for (j
= i
+1; j
< rv
->numColumns
; j
++) {
843 rv
->colName
[j
-1] = rv
->colName
[j
];
844 rv
->colVal
[j
-1] = rv
->colVal
[j
];
855 * Add the write-mode object classes specified by 'objClassAttrs' to the
857 * If there's an error, 'rv' is deleted, and NULL returned.
860 addObjectClasses(__nis_rule_value_t
*rv
, char *objClassAttrs
) {
861 char *filter
= 0, **fc
= 0;
865 * Expect to only use this for existing rule-values, so rv == 0 is
872 * If 'objClassAttrs' is NULL, we trivially have nothing to do.
873 * Assume the caller knows what it's doing, and return success.
875 if (objClassAttrs
== 0)
879 * Make an AND-filter of the object classes, and split into
880 * components. (Yes, this is a bit round-about, but leverages
881 * existing functions.)
883 filter
= makeFilter(objClassAttrs
);
885 freeRuleValue(rv
, 1);
889 fc
= makeFilterComp(filter
, &nfc
);
890 if (fc
== 0 || nfc
<= 0) {
892 freeRuleValue(rv
, 1);
896 /* Add the objectClass attributes to the rule-value */
897 for (i
= 0; i
< nfc
; i
++) {
901 /* Skip if not of the "name=value" form */
902 if ((value
= strchr(name
, '=')) == 0)
908 /* Skip if the attribute name isn't "objectClass" */
909 if (strcasecmp("objectClass", name
) != 0)
912 if (addSAttr2RuleValue(name
, value
, rv
) != 0) {
914 freeFilterComp(fc
, nfc
);
915 freeRuleValue(rv
, 1);
921 freeFilterComp(fc
, nfc
);
928 valString(__nis_value_t
*val
) {
931 if (val
== 0 || val
->type
!= vt_string
)
934 for (i
= 0; i
< val
->numVals
; i
++) {
935 /* Look for a non-NULL, non-zero length value */
936 if (val
->val
[i
].value
!= 0 && val
->val
[i
].length
> 0) {
937 char *v
= val
->val
[i
].value
;
940 * Check that there's a NUL at the end. True,
941 * if there isn't, we may be looking beyond
942 * allocated memory. However, we would have done
943 * so in any case when the supposed string was
944 * traversed (printed, etc.), very possibly by
945 * a lot more than one byte. So, it's better to
946 * take a small risk here than a large one later.
948 if (v
[val
->val
[i
].length
-1] == '\0' ||
949 v
[val
->val
[i
].length
] == '\0')
958 findVal(char *name
, __nis_rule_value_t
*rv
, __nis_mapping_item_type_t type
) {
961 if (type
== mit_nisplus
) {
962 for (i
= 0; i
< rv
->numColumns
; i
++) {
963 if (rv
->colName
[i
] == 0)
965 if (strcmp(name
, rv
->colName
[i
]) == 0) {
966 return (valString(&rv
->colVal
[i
]));
969 } else if (type
== mit_ldap
) {
970 for (i
= 0; i
< rv
->numAttrs
; i
++) {
971 if (rv
->attrName
[i
] == 0)
973 if (strcasecmp(name
, rv
->attrName
[i
]) == 0) {
974 return (valString(&rv
->attrVal
[i
]));
982 static char *norv
= "<NIL>";
983 static char *unknown
= "<unknown>";
986 * Attempt to derive a string identifying the rule-value 'rv'. The
987 * returned string is a pointer, either into 'rv', or to static
988 * storage, and must not be freed.
991 rvId(__nis_rule_value_t
*rv
, __nis_mapping_item_type_t type
) {
997 if (rv
->numColumns
> 0 && type
== mit_nisplus
) {
999 * Look for a column called "cname" or "name".
1000 * If that fails, try "key" or "alias".
1002 if ((v
= findVal("cname", rv
, type
)) != 0)
1004 else if ((v
= findVal("name", rv
, type
)) != 0)
1006 else if ((v
= findVal("key", rv
, type
)) != 0)
1008 else if ((v
= findVal("alias", rv
, type
)) != 0)
1010 } else if (rv
->numAttrs
> 0 && type
== mit_ldap
) {
1012 * Look for "dn", or "cn".
1014 if ((v
= findVal("dn", rv
, type
)) != 0)
1016 else if ((v
= findVal("cn", rv
, type
)) != 0)
1024 * Merge the rule-values with the same DN into one. Each rule-value
1025 * in the returned array will have unique 'dn'. On entry, *numVals
1026 * contains the number of rule-values in 'rv'. On exit, it contains
1027 * the number of rule-values in the returned array or -1 on error.
1029 __nis_rule_value_t
*
1030 mergeRuleValueWithSameDN(__nis_rule_value_t
*rv
, int *numVals
) {
1031 __nis_rule_value_t
*rvq
= 0;
1039 for (i
= 0; i
< *numVals
; i
++) {
1040 if ((dn
= findVal("dn", &rv
[i
], mit_ldap
)) != 0) {
1041 for (j
= 0; j
< count
; j
++) {
1042 if ((odn
= findVal("dn", &rvq
[j
],
1044 /* case sensitive compare */
1045 if (strcmp(dn
, odn
) != 0)
1047 if (mergeRuleValue(&rvq
[j
],
1049 freeRuleValue(rvq
, count
);
1055 freeRuleValue(rvq
, count
);
1060 /* if no match, then add it to the rulevalue array */
1062 rvq
= growRuleValue(count
, count
+ 1, rvq
,