(*
Module: Ldif
Parses the LDAP Data Interchange Format (LDIF)
Author: Dominic Cleal <dcleal@redhat.com>
About: Reference
This lens tries to keep as close as possible to RFC2849
<http://tools.ietf.org/html/rfc2849>
and OpenLDAP's ldif(5)
About: Licence
This file is licensed under the LGPLv2+, like the rest of Augeas.
*)
module Ldif =
autoload xfm
(************************************************************************
* Group: USEFUL PRIMITIVES
************************************************************************)
(* View: comment *)
let comment = Util.comment_generic /#[ \t]*/ "# "
(* View: empty
Map empty lines, including empty comments *)
let empty = [ del /#?[ \t]*\n/ "\n" ]
(* View: eol
Only eol, don't include whitespace *)
let eol = Util.del_str "\n"
(* View: sep_colon
The separator for attributes and values *)
let sep_colon = del /:[ \t]*/ ": "
(* View: sep_base64
The separator for attributes and base64 encoded values *)
let sep_base64 = del /::[ \t]*/ ":: "
(* View: sep_url
The separator for attributes and URL-sourced values *)
let sep_url = del /:<[ \t]*/ ":< "
(* Variable: ldapoid_re
Format of an LDAP OID from RFC 2251 *)
let ldapoid_re = /[0-9][0-9\.]*/
(* View: sep_modspec
Separator between modify operations *)
let sep_modspec = Util.del_str "-" . eol
(************************************************************************
* Group: BASIC ATTRIBUTES
************************************************************************)
(* Different types of values, all permitting continuation where the next line
begins with whitespace *)
let attr_safe_string =
let line = /[^ \t\n:<][^\n]*/
in let lines = line . (/\n[ \t]+[^ \t\n][^\n]*/)*
in sep_colon . store lines
let attr_base64_string =
let line = /[a-zA-Z0-9=+]+/
in let lines = line . (/\n[ \t]+/ . line)*
in sep_base64 . [ label "@base64" . store lines ]
let attr_url_string =
let line = /[^ \t\n][^\n]*/
in let lines = line . (/\n[ \t]+/ . line)*
in sep_url . [ label "@url" . store lines ]
let attr_intflag = sep_colon . store /0|1/
(* View: attr_version
version-spec = "version:" FILL version-number *)
let attr_version = Build.key_value_line "version" sep_colon (store /[0-9]+/)
(* View: attr_dn
dn-spec = "dn:" (FILL distinguishedName /
":" FILL base64-distinguishedName) *)
let attr_dn = del /dn/i "dn"
. ( attr_safe_string | attr_base64_string )
. eol
(* View: attr_type
AttributeType = ldap-oid / (ALPHA *(attr-type-chars)) *)
let attr_type = ldapoid_re | /[a-zA-Z][a-zA-Z0-9-]*/
- /dn/i
- /changeType/i
- /include/i
(* View: attr_option
options = option / (option ";" options) *)
let attr_option = Util.del_str ";"
. [ label "@option" . store /[a-zA-Z0-9-]+/ ]
(* View: attr_description
Attribute name, possibly with options *)
let attr_description = key attr_type . attr_option*
(* View: attr_val_spec
Generic attribute with a value *)
let attr_val_spec = [ attr_description
. ( attr_safe_string
| attr_base64_string
| attr_url_string )
. eol ]
(* View: attr_changetype
Parameters:
t:regexp - value of changeType *)
let attr_changetype (t:regexp) =
key /changeType/i . sep_colon . store t . eol
(* View: attr_modspec *)
let attr_modspec = key /add|delete|replace/ . sep_colon . store attr_type
. attr_option* . eol
(* View: attr_dn_value
Parses an attribute line with a DN on the RHS
Parameters:
k:regexp - match attribute name as key *)
let attr_dn_value (k:regexp) =
[ key k . ( attr_safe_string | attr_base64_string ) . eol ]
(* View: sep_line *)
let sep_line = empty | comment
(* View: attr_include
OpenLDAP extension, must be separated by blank lines *)
let attr_include = eol . [ key "include" . sep_colon
. store /[^ \t\n][^\n]*/ . eol . comment* . eol ]
(* View: sep_record *)
let sep_record = ( sep_line | attr_include )*
(************************************************************************
* Group: LDIF CONTENT RECORDS
************************************************************************)
(* View: ldif_attrval_record
ldif-attrval-record = dn-spec SEP 1*attrval-spec *)
let ldif_attrval_record = [ seq "record"
. attr_dn
. ( sep_line* . attr_val_spec )+ ]
(* View: ldif_content
ldif-content = version-spec 1*(1*SEP ldif-attrval-record) *)
let ldif_content = [ label "@content"
. ( sep_record . attr_version )?
. ( sep_record . ldif_attrval_record )+
. sep_record ]
(************************************************************************
* Group: LDIF CHANGE RECORDS
************************************************************************)
(* View: change_add
change-add = "add" SEP 1*attrval-spec *)
let change_add = [ attr_changetype "add" ] . ( sep_line* . attr_val_spec )+
(* View: change_delete
change-delete = "add" SEP 1*attrval-spec *)
let change_delete = [ attr_changetype "delete" ]
(* View: change_modspec
change-modspec = add/delete/replace: AttributeDesc SEP *attrval-spec "-" *)
let change_modspec = attr_modspec . ( sep_line* . attr_val_spec )*
(* View: change_modify
change-modify = "modify" SEP *mod-spec *)
let change_modify = [ attr_changetype "modify" ]
. ( sep_line* . [ change_modspec
. sep_line* . sep_modspec ] )+
(* View: change_modrdn
("modrdn" / "moddn") SEP newrdn/newsuperior/deleteoldrdn *)
let change_modrdn =
let attr_deleteoldrdn = [ key "deleteoldrdn" . attr_intflag . eol ]
in let attrs_modrdn = attr_dn_value "newrdn"
| attr_dn_value "newsuperior"
| attr_deleteoldrdn
in [ attr_changetype /modr?dn/ ]
. ( sep_line | attrs_modrdn )* . attrs_modrdn
(* View: change_record
changerecord = "changetype:" FILL (changeadd/delete/modify/moddn) *)
let change_record = ( change_add | change_delete | change_modify
| change_modrdn)
(* View: change_control
"control:" FILL ldap-oid 0*1(1*SPACE ("true" / "false")) 0*1(value-spec) *)
let change_control =
let attr_criticality = [ Util.del_ws_spc . label "criticality"
. store /true|false/ ]
in let attr_ctrlvalue = [ label "value" . (attr_safe_string
| attr_base64_string
| attr_url_string ) ]
in [ key "control" . sep_colon . store ldapoid_re
. attr_criticality? . attr_ctrlvalue? . eol ]
(* View: ldif_change_record
ldif-change-record = dn-spec SEP *control changerecord *)
let ldif_change_record = [ seq "record" . attr_dn
. ( ( sep_line | change_control )* . change_control )?
. sep_line* . change_record ]
(* View: ldif_changes
ldif-changes = version-spec 1*(1*SEP ldif-change-record) *)
let ldif_changes = [ label "@changes"
. ( sep_record . attr_version )?
. ( sep_record . ldif_change_record )+
. sep_record ]
(************************************************************************
* Group: LENS
************************************************************************)
(* View: lns *)
let lns = sep_record | ldif_content | ldif_changes
let filter = incl "/etc/openldap/schema/*.ldif"
let xfm = transform lns filter