change syntax plugins to register required matching rule plugins

https://bugzilla.redhat.com/show_bug.cgi?id=559315
Resolves: 559315
Description: Searching some attributes are now case sensitive when they were previously case-insensitive
Reviewed by: nhosoi (Thanks!) - also added some suggested comments
I added code to allow the syntax plugins to register corresponding
matching rules.  That is, the functions that the syntax plugins use
for filter matching and key generation can also be used for matching
rules with the new wrapper code.  I added some convenience functions
and structures in the syntax plugin code to make it easier to add
matching rules in the future.  I also added a new feature to the
matching rule code - in the LDAP spec definition of matching rule, the
syntax provided in the matching rule definition is the syntax for
the _assertion value_ used with the matching rule, which is not
necessarily the same as the syntax of the _attribute values_ to which
the matching rule can be applied.  For example, matching rules that apply
to syntax DirectoryString can also be applied in some cases to
PrintableString, CountryString, and IA5String.  There are several other
cases like this as well.  I also introduced the concept of a compat
syntax that can be used with a matching rule.  The server will now
check, when reading in the schema, if the syntax and matching rules
for an attribute are consistent.
Finally, for 05rfc4523.ldif, I changed the attributes to use
octetStringMatch instead of one of the unimplemented certificate
matching rules.

1 files changed, 7 insertions, 7 deletions

diff --git a/ldap/schema/05rfc4523.ldif b/ldap/schema/05rfc4523.ldif
index ed2d5b22..74334f3f 100644
--- a/ldap/schema/05rfc4523.ldif
+++ b/ldap/schema/05rfc4523.ldif
@@ -11,7 +11,7 @@ dn: cn=schema
 #  SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
 attributeTypes: ( 2.5.4.36 NAME 'userCertificate'
   DESC 'X.509 user certificate'
-  EQUALITY certificateExactMatch
+  EQUALITY octetStringMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
   X-ORIGIN 'RFC 4523' )
 #
@@ -23,7 +23,7 @@ attributeTypes: ( 2.5.4.36 NAME 'userCertificate'
 #  SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
 attributeTypes: ( 2.5.4.37 NAME 'cACertificate'
   DESC 'X.509 CA certificate'
-  EQUALITY certificateExactMatch
+  EQUALITY octetStringMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
   X-ORIGIN 'RFC 4523' )
 #
@@ -36,7 +36,7 @@ attributeTypes: ( 2.5.4.37 NAME 'cACertificate'
 #  X-ORIGIN 'RFC 4523' )
 attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
   DESC 'X.509 cross certificate pair'
-  EQUALITY certificatePairExactMatch
+  EQUALITY octetStringMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
   X-ORIGIN 'RFC 4523' )
 #
@@ -49,7 +49,7 @@ attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
 #  X-ORIGIN 'RFC 4523' )
 attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
   DESC 'X.509 certificate revocation list'
-  EQUALITY certificateListExactMatch
+  EQUALITY octetStringMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
   X-ORIGIN 'RFC 4523' )
 #
@@ -62,7 +62,7 @@ attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
 #  X-ORIGIN 'RFC 4523' )
 attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
   DESC 'X.509 authority revocation list'
-  EQUALITY certificateListExactMatch
+  EQUALITY octetStringMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
   X-ORIGIN 'RFC 4523' )
 #
@@ -75,7 +75,7 @@ attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
 #  X-ORIGIN 'RFC 4523' )
 attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
   DESC 'X.509 delta revocation list'
-  EQUALITY certificateListExactMatch
+  EQUALITY octetStringMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
   X-ORIGIN 'RFC 4523' )
 #
@@ -88,7 +88,7 @@ attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
 #  X-ORIGIN 'RFC 4523' )
 attributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms'
   DESC 'X.509 supported algorithms'
-  EQUALITY algorithmIdentifierMatch
+  EQUALITY octetStringMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
   X-ORIGIN 'RFC 4523' )
 #