[packages/autofs.git] / autofs-5.0.2-ldap-percent-hack.patch

diff --git a/CHANGELOG b/CHANGELOG
index da8c599..c6ab15f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -15,6 +15,7 @@
 - mark map instances stale so they aren't "cleaned" during updates.
 - fix large file compile time option.
 - don't fail on empty master map.
+- add support for the "%" hack for case insensitive attribute schemas.
 
 18/06/2007 autofs-5.0.2
 -----------------------
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
index de8d515..a412797 100644
--- a/modules/lookup_ldap.c
+++ b/modules/lookup_ldap.c
@@ -1210,50 +1210,68 @@ static int read_one_map(struct autofs_point *ap,
 		}
 
 		/*
-		 * By definition keys must be unique within
-		 * each map entry
+		 * By definition keys should be unique within each map entry,
+		 * but as always there are exceptions.
 		 */
 		k_val = NULL;
 		k_len = 0;
 
 		/*
-		 * Keys must be unique so, in general, there shouldn't be
+		 * Keys should be unique so, in general, there shouldn't be
 		 * more than one attribute value. We make an exception for
 		 * wildcard entries as people may have values for '*' or
 		 * '/' for compaibility reasons. We use the '/' as the
 		 * wildcard in LDAP but allow '*' as well to allow for
 		 * people using older schemas that allow '*' as a key
-		 * value.
+		 * value. Another case where there can be multiple key
+		 * values is when people have used the "%" hack to specify
+		 * case matching ctriteria in a caase insensitive attribute.
 		 */
 		count = ldap_count_values_len(bvKey);
-		if (count > 2) {
-			error(ap->logopt,
-			      MODPREFIX
-			      "key %.*s has duplicate entries - ignoring",
-			      bvKey[0]->bv_len, bvKey[0]->bv_val);
-			goto next;
-		} else if (count == 2) {
+		if (count > 1) {
 			unsigned int i;
 
 			/* Check for the "/" and "*" and use as "/" if found */
 			for (i = 0; i < count; i++) {
-				/* check for wildcard */
-				if (bvKey[i]->bv_len != 1)
+				bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
+
+				/*
+				 * If multiple entries are present they could
+				 * be the result of people using the "%" hack so
+				 * ignore them.
+				 */
+				if (strchr(bvKey[i]->bv_val, '%'))
 					continue;
-				if (*bvKey[i]->bv_val != '/' &&
-				    *bvKey[i]->bv_val != '*')
-					continue;
-				/* always use '/' internally */
-				*bvKey[i]->bv_val = '/';
+
+				/* check for wildcard */
+				if (bvKey[i]->bv_len == 1 &&
+				    (*bvKey[i]->bv_val == '/' ||
+				     *bvKey[i]->bv_val == '*')) {
+					/* always use '/' internally */
+					*bvKey[i]->bv_val = '/';
+					k_val = bvKey[i]->bv_val;
+					k_len = 1;
+					break;
+				}
+
+				/*
+				 * We have a result from LDAP so this is a
+				 * valid entry. Set the result to the LDAP
+				 * key that isn't a wildcard and doesn't have
+				 * any "%" hack values present. This should be
+				 * the case insensitive match string for the
+				 * nis schema, the default value.
+				 */
 				k_val = bvKey[i]->bv_val;
-				k_len = 1;
+				k_len = bvKey[i]->bv_len;
+
 				break;
 			}
 
 			if (!k_val) {
 				error(ap->logopt,
 				      MODPREFIX
-				      "key %.*s has duplicate entries - ignoring",
+				      "invalid entry %.*s - ignoring",
 				      bvKey[0]->bv_len, bvKey[0]->bv_val);
 				goto next;
 			}
@@ -1495,7 +1513,10 @@ static int lookup_one(struct autofs_point *ap,
 			continue;
 		}
 
-		/* By definition keys must be unique within each map entry */
+		/*
+		 * By definition keys should be unique within each map entry,
+		 * but as always there are exceptions.
+		 */
 		k_val = NULL;
 		k_len = 0;
 
@@ -1506,37 +1527,53 @@ static int lookup_one(struct autofs_point *ap,
 		 * '/' for compaibility reasons. We use the '/' as the
 		 * wildcard in LDAP but allow '*' as well to allow for
 		 * people using older schemas that allow '*' as a key
-		 * value.
+		 * value. Another case where there can be multiple key
+		 * values is when people have used the "%" hack to specify
+		 * case matching ctriteria in a caase insensitive attribute.
 		 */
 		count = ldap_count_values_len(bvKey);
-		if (count > 2) {
-			error(ap->logopt,
-			      MODPREFIX
-			      "key %.*s has duplicate entries - ignoring",
-			      bvKey[0]->bv_len, bvKey[0]->bv_val);
-			goto next;
-		} else if (count == 2) {
+		if (count > 1) {
 			unsigned int i;
 
 			/* Check for the "/" and "*" and use as "/" if found */
 			for (i = 0; i < count; i++) {
-				/* check for wildcard */
-				if (bvKey[i]->bv_len != 1)
-					continue;
-				if (*bvKey[i]->bv_val != '/' &&
-				    *bvKey[i]->bv_val != '*')
+				bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
+
+				/*
+				 * If multiple entries are present they could
+				 * be the result of people using the "%" hack so
+				 * ignore them.
+				 */
+				if (strchr(bvKey[i]->bv_val, '%'))
 					continue;
-				/* always use '/' internally */
-				*bvKey[i]->bv_val = '/';
-				k_val = bvKey[i]->bv_val;
-				k_len = 1;
+
+				/* check for wildcard */
+				if (bvKey[i]->bv_len == 1 &&
+				    (*bvKey[i]->bv_val == '/' ||
+				     *bvKey[i]->bv_val == '*')) {
+					/* always use '/' internally */
+					*bvKey[i]->bv_val = '/';
+					k_val = bvKey[i]->bv_val;
+					k_len = 1;
+					break;
+				}
+
+				/*
+				 * The key was matched by LDAP so this is a
+				 * valid entry. Set the result key to the
+				 * lookup key to provide the mixed case
+				 * matching provided by the "%" hack.
+				 */
+				k_val = qKey;
+				k_len = strlen(qKey);
+
 				break;
 			}
 
 			if (!k_val) {
 				error(ap->logopt,
-					MODPREFIX "key %.*s has duplicate entries",
-					bvKey[0]->bv_len, bvKey[0]->bv_val);
+					MODPREFIX "no valid key found for %.*s",
+					qKey_len, qKey);
 				ret = CHE_FAIL;
 				goto next;
 			}
Commit	Line	Data
3d551623 PG	1	diff --git a/CHANGELOG b/CHANGELOG
	2	index da8c599..c6ab15f 100644
	3	--- a/CHANGELOG
	4	+++ b/CHANGELOG
	5	@@ -15,6 +15,7 @@
	6	- mark map instances stale so they aren't "cleaned" during updates.
	7	- fix large file compile time option.
	8	- don't fail on empty master map.
	9	+- add support for the "%" hack for case insensitive attribute schemas.
	10
	11	18/06/2007 autofs-5.0.2
	12	-----------------------
	13	diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
	14	index de8d515..a412797 100644
	15	--- a/modules/lookup_ldap.c
	16	+++ b/modules/lookup_ldap.c
	17	@@ -1210,50 +1210,68 @@ static int read_one_map(struct autofs_point *ap,
	18	}
	19
	20	/*
	21	- * By definition keys must be unique within
	22	- * each map entry
	23	+ * By definition keys should be unique within each map entry,
	24	+ * but as always there are exceptions.
	25	*/
	26	k_val = NULL;
	27	k_len = 0;
	28
	29	/*
	30	- * Keys must be unique so, in general, there shouldn't be
	31	+ * Keys should be unique so, in general, there shouldn't be
	32	* more than one attribute value. We make an exception for
	33	* wildcard entries as people may have values for '*' or
	34	* '/' for compaibility reasons. We use the '/' as the
	35	* wildcard in LDAP but allow '*' as well to allow for
	36	* people using older schemas that allow '*' as a key
	37	- * value.
	38	+ * value. Another case where there can be multiple key
	39	+ * values is when people have used the "%" hack to specify
	40	+ * case matching ctriteria in a caase insensitive attribute.
	41	*/
	42	count = ldap_count_values_len(bvKey);
	43	- if (count > 2) {
	44	- error(ap->logopt,
	45	- MODPREFIX
	46	- "key %.*s has duplicate entries - ignoring",
	47	- bvKey[0]->bv_len, bvKey[0]->bv_val);
	48	- goto next;
	49	- } else if (count == 2) {
	50	+ if (count > 1) {
	51	unsigned int i;
	52
	53	/* Check for the "/" and "" and use as "/" if found /
	54	for (i = 0; i < count; i++) {
	55	- /* check for wildcard */
	56	- if (bvKey[i]->bv_len != 1)
	57	+ bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
	58	+
	59	+ /*
	60	+ * If multiple entries are present they could
	61	+ * be the result of people using the "%" hack so
	62	+ * ignore them.
	63	+ */
	64	+ if (strchr(bvKey[i]->bv_val, '%'))
65	continue;
66	- if (*bvKey[i]->bv_val != '/' &&
67	- bvKey[i]->bv_val != '')
68	- continue;
69	- /* always use '/' internally */
70	- *bvKey[i]->bv_val = '/';
71	+
72	+ /* check for wildcard */
73	+ if (bvKey[i]->bv_len == 1 &&
74	+ (*bvKey[i]->bv_val == '/' \|\|
75	+ bvKey[i]->bv_val == '')) {
76	+ /* always use '/' internally */
77	+ *bvKey[i]->bv_val = '/';
78	+ k_val = bvKey[i]->bv_val;
79	+ k_len = 1;
80	+ break;
81	+ }
82	+
83	+ /*
84	+ * We have a result from LDAP so this is a
85	+ * valid entry. Set the result to the LDAP
86	+ * key that isn't a wildcard and doesn't have
87	+ * any "%" hack values present. This should be
88	+ * the case insensitive match string for the
89	+ * nis schema, the default value.
90	+ */
91	k_val = bvKey[i]->bv_val;
92	- k_len = 1;
93	+ k_len = bvKey[i]->bv_len;
94	+
95	break;
96	}
97
98	if (!k_val) {
99	error(ap->logopt,
100	MODPREFIX
101	- "key %.*s has duplicate entries - ignoring",
102	+ "invalid entry %.*s - ignoring",
103	bvKey[0]->bv_len, bvKey[0]->bv_val);
104	goto next;
105	}
106	@@ -1495,7 +1513,10 @@ static int lookup_one(struct autofs_point *ap,
107	continue;
108	}
109
110	- /* By definition keys must be unique within each map entry */
111	+ /*
112	+ * By definition keys should be unique within each map entry,
113	+ * but as always there are exceptions.
114	+ */
115	k_val = NULL;
116	k_len = 0;
117
118	@@ -1506,37 +1527,53 @@ static int lookup_one(struct autofs_point *ap,
119	* '/' for compaibility reasons. We use the '/' as the
120	* wildcard in LDAP but allow '*' as well to allow for
121	* people using older schemas that allow '*' as a key
122	- * value.
123	+ * value. Another case where there can be multiple key
124	+ * values is when people have used the "%" hack to specify
125	+ * case matching ctriteria in a caase insensitive attribute.
126	*/
127	count = ldap_count_values_len(bvKey);
128	- if (count > 2) {
129	- error(ap->logopt,
130	- MODPREFIX
131	- "key %.*s has duplicate entries - ignoring",
132	- bvKey[0]->bv_len, bvKey[0]->bv_val);
133	- goto next;
134	- } else if (count == 2) {
135	+ if (count > 1) {
136	unsigned int i;
137
138	/* Check for the "/" and "" and use as "/" if found /
139	for (i = 0; i < count; i++) {
140	- /* check for wildcard */
141	- if (bvKey[i]->bv_len != 1)
142	- continue;
143	- if (*bvKey[i]->bv_val != '/' &&
144	- bvKey[i]->bv_val != '')
145	+ bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
146	+
147	+ /*
148	+ * If multiple entries are present they could
149	+ * be the result of people using the "%" hack so
150	+ * ignore them.
151	+ */
152	+ if (strchr(bvKey[i]->bv_val, '%'))
153	continue;
154	- /* always use '/' internally */
155	- *bvKey[i]->bv_val = '/';
156	- k_val = bvKey[i]->bv_val;
157	- k_len = 1;
158	+
159	+ /* check for wildcard */
160	+ if (bvKey[i]->bv_len == 1 &&
161	+ (*bvKey[i]->bv_val == '/' \|\|
162	+ bvKey[i]->bv_val == '')) {
163	+ /* always use '/' internally */
164	+ *bvKey[i]->bv_val = '/';
165	+ k_val = bvKey[i]->bv_val;
166	+ k_len = 1;
167	+ break;
168	+ }
169	+
170	+ /*
171	+ * The key was matched by LDAP so this is a
172	+ * valid entry. Set the result key to the
173	+ * lookup key to provide the mixed case
174	+ * matching provided by the "%" hack.
175	+ */
176	+ k_val = qKey;
177	+ k_len = strlen(qKey);
178	+
179	break;
180	}
181
182	if (!k_val) {
183	error(ap->logopt,
184	- MODPREFIX "key %.*s has duplicate entries",
185	- bvKey[0]->bv_len, bvKey[0]->bv_val);
186	+ MODPREFIX "no valid key found for %.*s",
187	+ qKey_len, qKey);
188	ret = CHE_FAIL;
189	goto next;
190	}