oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use ldap_get_values_len, from LaMont Jones via Brian May and Debian.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22587 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-02-11 21:43:27 +00:00
parent 56d2b3bdf1
commit 9215d6ea7b
1 changed files with 70 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

132
lib/hdb/hdb-ldap.c
View File

@@ -1,7 +1,7 @@
/* /*
* Copyright (c) 1999-2001, 2003, PADL Software Pty Ltd. * Copyright (c) 1999-2001, 2003, PADL Software Pty Ltd.
* Copyright (c) 2004, Andrew Bartlett. * Copyright (c) 2004, Andrew Bartlett.
* Copyright (c) 2003 - 2007, Kungliga Tekniska H<>gskolan. * Copyright (c) 2003 - 2008, Kungliga Tekniska H<>gskolan.
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
@@ -307,38 +307,40 @@ static krb5_error_code
LDAP_get_string_value(HDB * db, LDAPMessage * entry, LDAP_get_string_value(HDB * db, LDAPMessage * entry,
const char *attribute, char **ptr) const char *attribute, char **ptr)
{ {
char **vals; struct berval **vals;
int ret;
vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute); vals = ldap_get_values_len(HDB2LDAP(db), entry, attribute);
if (vals == NULL) { if (vals == NULL || vals[0] == NULL) {
*ptr = NULL; *ptr = NULL;
return HDB_ERR_NOENTRY; return HDB_ERR_NOENTRY;
} }
*ptr = strdup(vals[0]); *ptr = malloc(vals[0]->bv_len + 1);
if (*ptr == NULL) if (*ptr == NULL) {
ret = ENOMEM; ldap_value_free_len(vals);
else return ENOMEM;
ret = 0; }
ldap_value_free(vals); memcpy(*ptr, vals[0]->bv_val, vals[0]->bv_len);
(*ptr)[vals[0]->bv_len] = 0;
return ret; ldap_value_free_len(vals);
return 0;
} }
static krb5_error_code static krb5_error_code
LDAP_get_integer_value(HDB * db, LDAPMessage * entry, LDAP_get_integer_value(HDB * db, LDAPMessage * entry,
const char *attribute, int *ptr) const char *attribute, int *ptr)
{ {
char **vals; krb5_error_code ret;
char *val;
vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute); ret = LDAP_get_string_value(db, entry, attribute, &val);
if (vals == NULL) if (ret)
return HDB_ERR_NOENTRY; return ret;
*ptr = atoi(val);
*ptr = atoi(vals[0]); free(val);
ldap_value_free(vals);
return 0; return 0;
} }
@@ -369,6 +371,14 @@ LDAP_get_generalized_time_value(HDB * db, LDAPMessage * entry,
return 0; return 0;
} }
static int
bervalstrcmp(struct berval *v, const char *str)
{
size_t len = strlen(str);
return (v->bv_len == len) && strncasecmp(str, (char *)v->bv_val, len) == 0;
}
static krb5_error_code static krb5_error_code
LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
LDAPMessage * msg, LDAPMod *** pmods) LDAPMessage * msg, LDAPMod *** pmods)
@@ -386,7 +396,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
krb5_boolean is_heimdal_entry = FALSE; krb5_boolean is_heimdal_entry = FALSE;
krb5_boolean is_heimdal_principal = FALSE; krb5_boolean is_heimdal_principal = FALSE;
char **values; struct berval **vals;
*pmods = NULL; *pmods = NULL;
@@ -398,21 +408,20 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
is_new_entry = FALSE; is_new_entry = FALSE;
values = ldap_get_values(HDB2LDAP(db), msg, "objectClass"); vals = ldap_get_values_len(HDB2LDAP(db), msg, "objectClass");
if (values) { if (vals) {
int num_objectclasses = ldap_count_values(values); int num_objectclasses = ldap_count_values_len(vals);
for (i=0; i < num_objectclasses; i++) { for (i=0; i < num_objectclasses; i++) {
if (strcasecmp(values[i], "sambaSamAccount") == 0) { if (bervalstrcmp(vals[i], "sambaSamAccount"))
is_samba_account = TRUE; is_samba_account = TRUE;
} else if (strcasecmp(values[i], structural_object) == 0) { else if (bervalstrcmp(vals[i], structural_object))
is_account = TRUE; is_account = TRUE;
} else if (strcasecmp(values[i], "krb5Principal") == 0) { else if (bervalstrcmp(vals[i], "krb5Principal"))
is_heimdal_principal = TRUE; is_heimdal_principal = TRUE;
} else if (strcasecmp(values[i], "krb5KDCEntry") == 0) { else if (bervalstrcmp(vals[i], "krb5KDCEntry"))
is_heimdal_entry = TRUE; is_heimdal_entry = TRUE;
} }
} ldap_value_free_len(vals);
ldap_value_free(values);
} }
/* /*
@@ -602,9 +611,9 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
/* Remove keys if they exists, and then replace keys. */ /* Remove keys if they exists, and then replace keys. */
if (!is_new_entry && orig.entry.keys.len > 0) { if (!is_new_entry && orig.entry.keys.len > 0) {
values = ldap_get_values(HDB2LDAP(db), msg, "krb5Key"); vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5Key");
if (values) { if (vals) {
ldap_value_free(values); ldap_value_free_len(vals);
ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL); ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL);
if (ret) if (ret)
@@ -641,9 +650,9 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
goto out; goto out;
/* have to kill the LM passwod if it exists */ /* have to kill the LM passwod if it exists */
values = ldap_get_values(HDB2LDAP(db), msg, "sambaLMPassword"); vals = ldap_get_values_len(HDB2LDAP(db), msg, "sambaLMPassword");
if (values) { if (vals) {
ldap_value_free(values); ldap_value_free_len(vals);
ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, ret = LDAP_addmod(&mods, LDAP_MOD_DELETE,
"sambaLMPassword", NULL); "sambaLMPassword", NULL);
if (ret) if (ret)
@@ -676,9 +685,9 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
*/ */
if (!is_new_entry) { if (!is_new_entry) {
values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType"); vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType");
if (values) { if (vals) {
ldap_value_free(values); ldap_value_free_len(vals);
ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType", ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType",
NULL); NULL);
if (ret) if (ret)
@@ -730,8 +739,8 @@ LDAP_dn2principal(krb5_context context, HDB * db, const char *dn,
krb5_error_code ret; krb5_error_code ret;
int rc; int rc;
const char *filter = "(objectClass=krb5Principal)"; const char *filter = "(objectClass=krb5Principal)";
char **values;
LDAPMessage *res = NULL, *e; LDAPMessage *res = NULL, *e;
char *p;
ret = LDAP_no_size_limit(context, HDB2LDAP(db)); ret = LDAP_no_size_limit(context, HDB2LDAP(db));
if (ret) if (ret)
@@ -753,14 +762,14 @@ LDAP_dn2principal(krb5_context context, HDB * db, const char *dn,
goto out; goto out;
} }
values = ldap_get_values(HDB2LDAP(db), e, "krb5PrincipalName"); ret = LDAP_get_string_value(db, e, "krb5PrincipalName", &p);
if (values == NULL) { if (ret) {
ret = HDB_ERR_NOENTRY; ret = HDB_ERR_NOENTRY;
goto out; goto out;
} }
ret = krb5_parse_name(context, values[0], principal); ret = krb5_parse_name(context, p, principal);
ldap_value_free(values); free(p);
out: out:
if (res) if (res)
@@ -893,10 +902,9 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
{ {
char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL; char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL;
char *samba_acct_flags = NULL; char *samba_acct_flags = NULL;
unsigned long tmp;
struct berval **keys; struct berval **keys;
char **values; struct berval **vals;
int tmp_time, i, ret, have_arcfour = 0; int tmp, tmp_time, i, ret, have_arcfour = 0;
memset(ent, 0, sizeof(*ent)); memset(ent, 0, sizeof(*ent));
ent->entry.flags = int2HDBFlags(0); ent->entry.flags = int2HDBFlags(0);
@@ -962,8 +970,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
#endif #endif
} }
values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType"); vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType");
if (values != NULL) { if (vals != NULL) {
int i; int i;
ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes))); ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes)));
@@ -972,17 +980,26 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
ret = ENOMEM; ret = ENOMEM;
goto out; goto out;
} }
ent->entry.etypes->len = ldap_count_values(values); ent->entry.etypes->len = ldap_count_values_len(vals);
ent->entry.etypes->val = calloc(ent->entry.etypes->len, sizeof(int)); ent->entry.etypes->val = calloc(ent->entry.etypes->len, sizeof(int));
if (ent->entry.etypes->val == NULL) { if (ent->entry.etypes->val == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_string(context, "malloc: out of memory");
ent->entry.etypes->len = 0;
ret = ENOMEM; ret = ENOMEM;
goto out; goto out;
} }
for (i = 0; i < ent->entry.etypes->len; i++) { for (i = 0; i < ent->entry.etypes->len; i++) {
ent->entry.etypes->val[i] = atoi(values[i]); char buf[100];
if (vals[i]->bv_len > sizeof(buf) - 1) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
} }
ldap_value_free(values); memcpy(buf, vals[i]->bv_val, vals[i]->bv_len);
buf[vals[i]->bv_len] = '\0';
ent->entry.etypes->val[i] = atoi(buf);
}
ldap_value_free_len(vals);
} }
for (i = 0; i < ent->entry.keys.len; i++) { for (i = 0; i < ent->entry.keys.len; i++) {
@@ -1193,18 +1210,9 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
*ent->entry.max_renew = max_renew; *ent->entry.max_renew = max_renew;
} }
values = ldap_get_values(HDB2LDAP(db), msg, "krb5KDCFlags"); ret = LDAP_get_integer_value(db, msg, "krb5KDCFlags", &tmp);
if (values != NULL) { if (ret)
errno = 0;
tmp = strtoul(values[0], (char **) NULL, 10);
if (tmp == ULONG_MAX && errno == ERANGE) {
krb5_set_error_string(context, "strtoul: could not convert flag");
ret = ERANGE;
goto out;
}
} else {
tmp = 0; tmp = 0;
}
ent->entry.flags = int2HDBFlags(tmp); ent->entry.flags = int2HDBFlags(tmp);