use of javax.naming.directory.InvalidSearchFilterException in project jdk8u_jdk by JetBrains.
the class Filter method encodeFilter.
private static void encodeFilter(BerEncoder ber, byte[] filter, int filterStart, int filterEnd) throws IOException, NamingException {
if (dbg) {
dprint("encFilter: ", filter, filterStart, filterEnd);
dbgIndent++;
}
if ((filterEnd - filterStart) <= 0) {
throw new InvalidSearchFilterException("Empty filter");
}
int nextOffset;
int parens, balance;
boolean escape;
parens = 0;
int[] filtOffset = new int[1];
for (filtOffset[0] = filterStart; filtOffset[0] < filterEnd; ) {
switch(filter[filtOffset[0]]) {
case '(':
filtOffset[0]++;
parens++;
switch(filter[filtOffset[0]]) {
case '&':
encodeComplexFilter(ber, filter, LDAP_FILTER_AND, filtOffset, filterEnd);
// filtOffset[0] has pointed to char after right paren
parens--;
break;
case '|':
encodeComplexFilter(ber, filter, LDAP_FILTER_OR, filtOffset, filterEnd);
// filtOffset[0] has pointed to char after right paren
parens--;
break;
case '!':
encodeComplexFilter(ber, filter, LDAP_FILTER_NOT, filtOffset, filterEnd);
// filtOffset[0] has pointed to char after right paren
parens--;
break;
default:
balance = 1;
escape = false;
nextOffset = filtOffset[0];
while (nextOffset < filterEnd && balance > 0) {
if (!escape) {
if (filter[nextOffset] == '(')
balance++;
else if (filter[nextOffset] == ')')
balance--;
}
if (filter[nextOffset] == '\\' && !escape)
escape = true;
else
escape = false;
if (balance > 0)
nextOffset++;
}
if (balance != 0)
throw new InvalidSearchFilterException("Unbalanced parenthesis");
encodeSimpleFilter(ber, filter, filtOffset[0], nextOffset);
// points to the char after right paren.
filtOffset[0] = nextOffset + 1;
parens--;
break;
}
break;
case ')':
//
// End of sequence
//
ber.endSeq();
filtOffset[0]++;
parens--;
break;
case ' ':
filtOffset[0]++;
break;
default:
// assume simple type=value filter
encodeSimpleFilter(ber, filter, filtOffset[0], filterEnd);
// force break from outer
filtOffset[0] = filterEnd;
break;
}
if (parens < 0) {
throw new InvalidSearchFilterException("Unbalanced parenthesis");
}
}
if (parens != 0) {
throw new InvalidSearchFilterException("Unbalanced parenthesis");
}
if (dbg) {
dbgIndent--;
}
}
use of javax.naming.directory.InvalidSearchFilterException in project directory-ldap-api by apache.
the class WrappedPartialResultException method wrap.
/**
* Wraps a LDAP exception into a NaingException
*
* @param t The original exception
* @throws NamingException The wrapping JNDI exception
*/
public static void wrap(Throwable t) throws NamingException {
if (t instanceof NamingException) {
throw (NamingException) t;
}
NamingException ne;
if ((t instanceof LdapAffectMultipleDsaException) || (t instanceof LdapAliasDereferencingException) || (t instanceof LdapLoopDetectedException) || (t instanceof LdapAliasException) || (t instanceof LdapOperationErrorException) || (t instanceof LdapOtherException)) {
ne = new NamingException(t.getLocalizedMessage());
} else if (t instanceof LdapAttributeInUseException) {
ne = new AttributeInUseException(t.getLocalizedMessage());
} else if (t instanceof LdapAuthenticationException) {
ne = new AuthenticationException(t.getLocalizedMessage());
} else if (t instanceof LdapAuthenticationNotSupportedException) {
ne = new AuthenticationNotSupportedException(t.getLocalizedMessage());
} else if (t instanceof LdapContextNotEmptyException) {
ne = new ContextNotEmptyException(t.getLocalizedMessage());
} else if (t instanceof LdapEntryAlreadyExistsException) {
ne = new NameAlreadyBoundException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidAttributeTypeException) {
ne = new InvalidAttributeIdentifierException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidAttributeValueException) {
ne = new InvalidAttributeValueException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidDnException) {
ne = new InvalidNameException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidSearchFilterException) {
ne = new InvalidSearchFilterException(t.getLocalizedMessage());
} else if (t instanceof LdapNoPermissionException) {
ne = new NoPermissionException(t.getLocalizedMessage());
} else if (t instanceof LdapNoSuchAttributeException) {
ne = new NoSuchAttributeException(t.getLocalizedMessage());
} else if (t instanceof LdapNoSuchObjectException) {
ne = new NameNotFoundException(t.getLocalizedMessage());
} else if (t instanceof LdapProtocolErrorException) {
ne = new CommunicationException(t.getLocalizedMessage());
} else if (t instanceof LdapReferralException) {
ne = new WrappedReferralException((LdapReferralException) t);
} else if (t instanceof LdapPartialResultException) {
ne = new WrappedPartialResultException((LdapPartialResultException) t);
} else if (t instanceof LdapSchemaViolationException) {
ne = new SchemaViolationException(t.getLocalizedMessage());
} else if (t instanceof LdapServiceUnavailableException) {
ne = new ServiceUnavailableException(t.getLocalizedMessage());
} else if (t instanceof LdapTimeLimitExceededException) {
ne = new TimeLimitExceededException(t.getLocalizedMessage());
} else if (t instanceof LdapUnwillingToPerformException) {
ne = new OperationNotSupportedException(t.getLocalizedMessage());
} else {
ne = new NamingException(t.getLocalizedMessage());
}
ne.setRootCause(t);
throw ne;
}
use of javax.naming.directory.InvalidSearchFilterException in project jdk8u_jdk by JetBrains.
the class Filter method encodeSimpleFilter.
private static void encodeSimpleFilter(BerEncoder ber, byte[] filter, int filtStart, int filtEnd) throws IOException, NamingException {
if (dbg) {
dprint("encSimpleFilter: ", filter, filtStart, filtEnd);
dbgIndent++;
}
String type, value;
int valueStart, valueEnd, typeStart, typeEnd;
int eq;
if ((eq = indexOf(filter, '=', filtStart, filtEnd)) == -1) {
throw new InvalidSearchFilterException("Missing 'equals'");
}
// value starts after equal sign
valueStart = eq + 1;
valueEnd = filtEnd;
// beginning of string
typeStart = filtStart;
int ftype;
switch(filter[eq - 1]) {
case '<':
ftype = LDAP_FILTER_LE;
typeEnd = eq - 1;
break;
case '>':
ftype = LDAP_FILTER_GE;
typeEnd = eq - 1;
break;
case '~':
ftype = LDAP_FILTER_APPROX;
typeEnd = eq - 1;
break;
case ':':
ftype = LDAP_FILTER_EXT;
typeEnd = eq - 1;
break;
default:
typeEnd = eq;
//initializing ftype to make the compiler happy
ftype = 0x00;
break;
}
if (dbg) {
System.err.println("type: " + typeStart + ", " + typeEnd);
System.err.println("value: " + valueStart + ", " + valueEnd);
}
// check validity of type
//
// RFC4512 defines the type as the following ABNF:
// attr = attributedescription
// attributedescription = attributetype options
// attributetype = oid
// oid = descr / numericoid
// descr = keystring
// keystring = leadkeychar *keychar
// leadkeychar = ALPHA
// keychar = ALPHA / DIGIT / HYPHEN
// numericoid = number 1*( DOT number )
// number = DIGIT / ( LDIGIT 1*DIGIT )
// options = *( SEMI option )
// option = 1*keychar
//
// And RFC4515 defines the extensible type as the following ABNF:
// attr [dnattrs] [matchingrule] / [dnattrs] matchingrule
int optionsStart = -1;
int extensibleStart = -1;
if ((filter[typeStart] >= '0' && filter[typeStart] <= '9') || (filter[typeStart] >= 'A' && filter[typeStart] <= 'Z') || (filter[typeStart] >= 'a' && filter[typeStart] <= 'z')) {
boolean isNumericOid = filter[typeStart] >= '0' && filter[typeStart] <= '9';
for (int i = typeStart + 1; i < typeEnd; i++) {
// ';' is an indicator of attribute options
if (filter[i] == ';') {
if (isNumericOid && filter[i - 1] == '.') {
throw new InvalidSearchFilterException("invalid attribute description");
}
// attribute options
optionsStart = i;
break;
}
// ':' is an indicator of extensible rules
if (filter[i] == ':' && ftype == LDAP_FILTER_EXT) {
if (isNumericOid && filter[i - 1] == '.') {
throw new InvalidSearchFilterException("invalid attribute description");
}
// extensible matching
extensibleStart = i;
break;
}
if (isNumericOid) {
// numeric object identifier
if ((filter[i] == '.' && filter[i - 1] == '.') || (filter[i] != '.' && !(filter[i] >= '0' && filter[i] <= '9'))) {
throw new InvalidSearchFilterException("invalid attribute description");
}
} else {
// tolerate the incorrect use in practice.
if (filter[i] != '-' && filter[i] != '_' && !(filter[i] >= '0' && filter[i] <= '9') && !(filter[i] >= 'A' && filter[i] <= 'Z') && !(filter[i] >= 'a' && filter[i] <= 'z')) {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
} else if (ftype == LDAP_FILTER_EXT && filter[typeStart] == ':') {
// extensible matching
extensibleStart = typeStart;
} else {
throw new InvalidSearchFilterException("invalid attribute description");
}
// check attribute options
if (optionsStart > 0) {
for (int i = optionsStart + 1; i < typeEnd; i++) {
if (filter[i] == ';') {
if (filter[i - 1] == ';') {
throw new InvalidSearchFilterException("invalid attribute description");
}
continue;
}
// ':' is an indicator of extensible rules
if (filter[i] == ':' && ftype == LDAP_FILTER_EXT) {
if (filter[i - 1] == ';') {
throw new InvalidSearchFilterException("invalid attribute description");
}
// extensible matching
extensibleStart = i;
break;
}
// tolerate the incorrect use in practice.
if (filter[i] != '-' && filter[i] != '_' && !(filter[i] >= '0' && filter[i] <= '9') && !(filter[i] >= 'A' && filter[i] <= 'Z') && !(filter[i] >= 'a' && filter[i] <= 'z')) {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
// check extensible matching
if (extensibleStart > 0) {
boolean isMatchingRule = false;
for (int i = extensibleStart + 1; i < typeEnd; i++) {
if (filter[i] == ':') {
throw new InvalidSearchFilterException("invalid attribute description");
} else if ((filter[i] >= '0' && filter[i] <= '9') || (filter[i] >= 'A' && filter[i] <= 'Z') || (filter[i] >= 'a' && filter[i] <= 'z')) {
boolean isNumericOid = filter[i] >= '0' && filter[i] <= '9';
i++;
for (int j = i; j < typeEnd; j++, i++) {
// allows no more than two extensible rules
if (filter[j] == ':') {
if (isMatchingRule) {
throw new InvalidSearchFilterException("invalid attribute description");
}
if (isNumericOid && filter[j - 1] == '.') {
throw new InvalidSearchFilterException("invalid attribute description");
}
isMatchingRule = true;
break;
}
if (isNumericOid) {
// numeric object identifier
if ((filter[j] == '.' && filter[j - 1] == '.') || (filter[j] != '.' && !(filter[j] >= '0' && filter[j] <= '9'))) {
throw new InvalidSearchFilterException("invalid attribute description");
}
} else {
// tolerate the incorrect use in practice.
if (filter[j] != '-' && filter[j] != '_' && !(filter[j] >= '0' && filter[j] <= '9') && !(filter[j] >= 'A' && filter[j] <= 'Z') && !(filter[j] >= 'a' && filter[j] <= 'z')) {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
} else {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
// ensure the latest byte is not isolated
if (filter[typeEnd - 1] == '.' || filter[typeEnd - 1] == ';' || filter[typeEnd - 1] == ':') {
throw new InvalidSearchFilterException("invalid attribute description");
}
if (typeEnd == eq) {
// filter type is of "equal"
if (findUnescaped(filter, '*', valueStart, valueEnd) == -1) {
ftype = LDAP_FILTER_EQUALITY;
} else if (filter[valueStart] == '*' && valueStart == (valueEnd - 1)) {
ftype = LDAP_FILTER_PRESENT;
} else {
encodeSubstringFilter(ber, filter, typeStart, typeEnd, valueStart, valueEnd);
return;
}
}
if (ftype == LDAP_FILTER_PRESENT) {
ber.encodeOctetString(filter, ftype, typeStart, typeEnd - typeStart);
} else if (ftype == LDAP_FILTER_EXT) {
encodeExtensibleMatch(ber, filter, typeStart, typeEnd, valueStart, valueEnd);
} else {
ber.beginSeq(ftype);
ber.encodeOctetString(filter, Ber.ASN_OCTET_STR, typeStart, typeEnd - typeStart);
ber.encodeOctetString(unescapeFilterValue(filter, valueStart, valueEnd), Ber.ASN_OCTET_STR);
ber.endSeq();
}
if (dbg) {
dbgIndent--;
}
}
Aggregations