autofs-5.0.2-ldap-percent-hack.patch

   1 diff --git a/CHANGELOG b/CHANGELOG
   2 index da8c599..c6ab15f 100644
   3 --- a/CHANGELOG
   4 +++ b/CHANGELOG
   5 @@ -15,6 +15,7 @@
   6  - mark map instances stale so they aren't "cleaned" during updates.
   7  - fix large file compile time option.
   8  - don't fail on empty master map.
   9 +- add support for the "%" hack for case insensitive attribute schemas.
  10
  11  18/06/2007 autofs-5.0.2
  12  -----------------------
  13 diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
  14 index de8d515..a412797 100644
  15 --- a/modules/lookup_ldap.c
  16 +++ b/modules/lookup_ldap.c
  17 @@ -1210,50 +1210,68 @@ static int read_one_map(struct autofs_point *ap,
  18                 }
  19
  20                 /*
  21 -                * By definition keys must be unique within
  22 -                * each map entry
  23 +                * By definition keys should be unique within each map entry,
  24 +                * but as always there are exceptions.
  25                  */
  26                 k_val = NULL;
  27                 k_len = 0;
  28
  29                 /*
  30 -                * Keys must be unique so, in general, there shouldn't be
  31 +                * Keys should be unique so, in general, there shouldn't be
  32                  * more than one attribute value. We make an exception for
  33                  * wildcard entries as people may have values for '*' or
  34                  * '/' for compaibility reasons. We use the '/' as the
  35                  * wildcard in LDAP but allow '*' as well to allow for
  36                  * people using older schemas that allow '*' as a key
  37 -                * value.
  38 +                * value. Another case where there can be multiple key
  39 +                * values is when people have used the "%" hack to specify
  40 +                * case matching ctriteria in a caase insensitive attribute.
  41                  */
  42                 count = ldap_count_values_len(bvKey);
  43 -               if (count > 2) {
  44 -                       error(ap->logopt,
  45 -                             MODPREFIX
  46 -                             "key %.*s has duplicate entries - ignoring",
  47 -                             bvKey[0]->bv_len, bvKey[0]->bv_val);
  48 -                       goto next;
  49 -               } else if (count == 2) {
  50 +               if (count > 1) {
  51                         unsigned int i;
  52
  53                         /* Check for the "/" and "*" and use as "/" if found */
  54                         for (i = 0; i < count; i++) {
  55 -                               /* check for wildcard */
  56 -                               if (bvKey[i]->bv_len != 1)
  57 +                               bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
  58 +
  59 +                               /*
  60 +                                * If multiple entries are present they could
  61 +                                * be the result of people using the "%" hack so
  62 +                                * ignore them.
  63 +                                */
  64 +                               if (strchr(bvKey[i]->bv_val, '%'))
  65                                         continue;
  66 -                               if (*bvKey[i]->bv_val != '/' &&
  67 -                                   *bvKey[i]->bv_val != '*')
  68 -                                       continue;
  69 -                               /* always use '/' internally */
  70 -                               *bvKey[i]->bv_val = '/';
  71 +
  72 +                               /* check for wildcard */
  73 +                               if (bvKey[i]->bv_len == 1 &&
  74 +                                   (*bvKey[i]->bv_val == '/' ||
  75 +                                    *bvKey[i]->bv_val == '*')) {
  76 +                                       /* always use '/' internally */
  77 +                                       *bvKey[i]->bv_val = '/';
  78 +                                       k_val = bvKey[i]->bv_val;
  79 +                                       k_len = 1;
  80 +                                       break;
  81 +                               }
  82 +
  83 +                               /*
  84 +                                * We have a result from LDAP so this is a
  85 +                                * valid entry. Set the result to the LDAP
  86 +                                * key that isn't a wildcard and doesn't have
  87 +                                * any "%" hack values present. This should be
  88 +                                * the case insensitive match string for the
  89 +                                * nis schema, the default value.
  90 +                                */
  91                                 k_val = bvKey[i]->bv_val;
  92 -                               k_len = 1;
  93 +                               k_len = bvKey[i]->bv_len;
  94 +
  95                                 break;
  96                         }
  97
  98                         if (!k_val) {
  99                                 error(ap->logopt,
 100                                       MODPREFIX
 101 -                                     "key %.*s has duplicate entries - ignoring",
 102 +                                     "invalid entry %.*s - ignoring",
 103                                       bvKey[0]->bv_len, bvKey[0]->bv_val);
 104                                 goto next;
 105                         }
 106 @@ -1495,7 +1513,10 @@ static int lookup_one(struct autofs_point *ap,
 107                         continue;
 108                 }
 109
 110 -               /* By definition keys must be unique within each map entry */
 111 +               /*
 112 +                * By definition keys should be unique within each map entry,
 113 +                * but as always there are exceptions.
 114 +                */
 115                 k_val = NULL;
 116                 k_len = 0;
 117
 118 @@ -1506,37 +1527,53 @@ static int lookup_one(struct autofs_point *ap,
 119                  * '/' for compaibility reasons. We use the '/' as the
 120                  * wildcard in LDAP but allow '*' as well to allow for
 121                  * people using older schemas that allow '*' as a key
 122 -                * value.
 123 +                * value. Another case where there can be multiple key
 124 +                * values is when people have used the "%" hack to specify
 125 +                * case matching ctriteria in a caase insensitive attribute.
 126                  */
 127                 count = ldap_count_values_len(bvKey);
 128 -               if (count > 2) {
 129 -                       error(ap->logopt,
 130 -                             MODPREFIX
 131 -                             "key %.*s has duplicate entries - ignoring",
 132 -                             bvKey[0]->bv_len, bvKey[0]->bv_val);
 133 -                       goto next;
 134 -               } else if (count == 2) {
 135 +               if (count > 1) {
 136                         unsigned int i;
 137
 138                         /* Check for the "/" and "*" and use as "/" if found */
 139                         for (i = 0; i < count; i++) {
 140 -                               /* check for wildcard */
 141 -                               if (bvKey[i]->bv_len != 1)
 142 -                                       continue;
 143 -                               if (*bvKey[i]->bv_val != '/' &&
 144 -                                   *bvKey[i]->bv_val != '*')
 145 +                               bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
 146 +
 147 +                               /*
 148 +                                * If multiple entries are present they could
 149 +                                * be the result of people using the "%" hack so
 150 +                                * ignore them.
 151 +                                */
 152 +                               if (strchr(bvKey[i]->bv_val, '%'))
 153                                         continue;
 154 -                               /* always use '/' internally */
 155 -                               *bvKey[i]->bv_val = '/';
 156 -                               k_val = bvKey[i]->bv_val;
 157 -                               k_len = 1;
 158 +
 159 +                               /* check for wildcard */
 160 +                               if (bvKey[i]->bv_len == 1 &&
 161 +                                   (*bvKey[i]->bv_val == '/' ||
 162 +                                    *bvKey[i]->bv_val == '*')) {
 163 +                                       /* always use '/' internally */
 164 +                                       *bvKey[i]->bv_val = '/';
 165 +                                       k_val = bvKey[i]->bv_val;
 166 +                                       k_len = 1;
 167 +                                       break;
 168 +                               }
 169 +
 170 +                               /*
 171 +                                * The key was matched by LDAP so this is a
 172 +                                * valid entry. Set the result key to the
 173 +                                * lookup key to provide the mixed case
 174 +                                * matching provided by the "%" hack.
 175 +                                */
 176 +                               k_val = qKey;
 177 +                               k_len = strlen(qKey);
 178 +
 179                                 break;
 180                         }
 181
 182                         if (!k_val) {
 183                                 error(ap->logopt,
 184 -                                       MODPREFIX "key %.*s has duplicate entries",
 185 -                                       bvKey[0]->bv_len, bvKey[0]->bv_val);
 186 +                                       MODPREFIX "no valid key found for %.*s",
 187 +                                       qKey_len, qKey);
 188                                 ret = CHE_FAIL;
 189                                 goto next;
 190                         }