src - OpenBSD base system

diff options


context:
space:
mode:

author	Martijn van Duren <martijn@cvs.openbsd.org>	2018-11-27 12:06:40 +0000
committer	Martijn van Duren <martijn@cvs.openbsd.org>	2018-11-27 12:06:40 +0000
commit	bd653178ffd9829d35ea94c9d1ac9cf735de001a (patch)
tree	f10199e53e07cdd5fb991206e55258ec117de048 /usr.sbin/ypldap
parent	56a4604694d8f87a8b8167fca558bdc5a28365f5 (diff)

Sync aldap and ber with ldap(1).

OK claudio@

Diffstat (limited to 'usr.sbin/ypldap')

-rw-r--r--

usr.sbin/ypldap/aldap.c

-rw-r--r--

usr.sbin/ypldap/aldap.h

-rw-r--r--

usr.sbin/ypldap/ber.c

-rw-r--r--

usr.sbin/ypldap/ber.h

-rw-r--r--

usr.sbin/ypldap/ldapclient.c

5 files changed, 91 insertions, 49 deletions

diff --git a/usr.sbin/ypldap/aldap.c b/usr.sbin/ypldap/aldap.c
index 3bd48ae59f4..eb17eb7db81 100644
--- a/usr.sbin/ypldap/aldap.c
+++ b/usr.sbin/ypldap/aldap.c

@@ -1,5 +1,5 @@

-/* $Id: aldap.c,v 1.43 2018/08/12 22:04:09 rob Exp $ */

-/* $OpenBSD: aldap.c,v 1.43 2018/08/12 22:04:09 rob Exp $ */

+/* $Id: aldap.c,v 1.44 2018/11/27 12:06:39 martijn Exp $ */

+/* $OpenBSD: aldap.c,v 1.44 2018/11/27 12:06:39 martijn Exp $ */

@@ -39,7 +39,7 @@ static struct ber_element *ldap_parse_search_filter(struct ber_element *,

char *);

static struct ber_element *ldap_do_parse_search_filter(

struct ber_element *, char **);

-char **aldap_get_stringset(struct ber_element *);

+struct aldap_stringset *aldap_get_stringset(struct ber_element *);

char *utoa(char *);

static int isu8cont(unsigned char);

char *parseval(char *, size_t);

@@ -522,7 +522,7 @@ aldap_get_dn(struct aldap_message *msg)

return utoa(dn);

}

-char **

+struct aldap_stringset *

aldap_get_references(struct aldap_message *msg)

{

if (msg->references == NULL)

@@ -576,11 +576,12 @@ aldap_count_attrs(struct aldap_message *msg)

}

int

-aldap_first_attr(struct aldap_message *msg, char **outkey, char ***outvalues)

+aldap_first_attr(struct aldap_message *msg, char **outkey,

+ struct aldap_stringset **outvalues)

{

struct ber_element *b, *c;

char *key;

- char **ret;

+ struct aldap_stringset *ret;

if (msg->body.search.attrs == NULL)

goto fail;

@@ -605,11 +606,12 @@ fail:

}

int

-aldap_next_attr(struct aldap_message *msg, char **outkey, char ***outvalues)

+aldap_next_attr(struct aldap_message *msg, char **outkey,

+ struct aldap_stringset **outvalues)

{

struct ber_element *a, *b;

char *key;

- char **ret;

+ struct aldap_stringset *ret;

if (msg->body.search.iter == NULL)

goto notfound;

@@ -640,11 +642,12 @@ notfound:

}

int

-aldap_match_attr(struct aldap_message *msg, char *inkey, char ***outvalues)

+aldap_match_attr(struct aldap_message *msg, char *inkey,

+ struct aldap_stringset **outvalues)

{

struct ber_element *a, *b;

char *descr = NULL;

- char **ret;

+ struct aldap_stringset *ret;

if (msg->body.search.attrs == NULL)

goto fail;

@@ -677,16 +680,12 @@ notfound:

}

int

-aldap_free_attr(char **values)

+aldap_free_attr(struct aldap_stringset *values)

{

- int i;

if (values == NULL)

return -1;

- for (i = 0; values[i] != NULL; i++)

- free(values[i]);

+ free(values->str);

free(values);

return (1);

@@ -836,33 +835,35 @@ fail:

* internal functions

-char **

+struct aldap_stringset *

aldap_get_stringset(struct ber_element *elm)

{

struct ber_element *a;

int i;

- char **ret;

- char *s;

+ struct aldap_stringset *ret;

if (elm->be_type != BER_TYPE_OCTETSTRING)

return NULL;

- for (a = elm, i = 1; i > 0 && a != NULL && a->be_type ==

- BER_TYPE_OCTETSTRING; a = a->be_next, i++)

+ if ((ret = malloc(sizeof(*ret))) == NULL)

+ return NULL;

+ for (a = elm, ret->len = 0; a != NULL && a->be_type ==

+ BER_TYPE_OCTETSTRING; a = a->be_next, ret->len++)

;

- if (i == 1)

+ if (ret->len == 0) {

+ free(ret);

return NULL;

+ }

- if ((ret = calloc(i + 1, sizeof(char *))) == NULL)

+ if ((ret->str = reallocarray(NULL, ret->len,

+ sizeof(*(ret->str)))) == NULL) {

+ free(ret);

return NULL;

+ }

for (a = elm, i = 0; a != NULL && a->be_type == BER_TYPE_OCTETSTRING;

- a = a->be_next, i++) {

- ber_get_string(a, &s);

- ret[i] = utoa(s);

- }

- ret[i + 1] = NULL;

+ a = a->be_next, i++)

+ (void) ber_get_ostring(a, &(ret->str[i]));

return ret;

}

diff --git a/usr.sbin/ypldap/aldap.h b/usr.sbin/ypldap/aldap.h
index 48edbd5f8af..feb76be3445 100644
--- a/usr.sbin/ypldap/aldap.h
+++ b/usr.sbin/ypldap/aldap.h

@@ -1,5 +1,5 @@

-/* $Id: aldap.h,v 1.11 2018/06/21 10:37:00 reyk Exp $ */

-/* $OpenBSD: aldap.h,v 1.11 2018/06/21 10:37:00 reyk Exp $ */

+/* $Id: aldap.h,v 1.12 2018/11/27 12:06:39 martijn Exp $ */

+/* $OpenBSD: aldap.h,v 1.12 2018/11/27 12:06:39 martijn Exp $ */

@@ -88,6 +88,11 @@ enum aldap_protocol {

LDAPI

};

+struct aldap_stringset {

+ size_t len;

+ struct ber_octetstring *str;

+};

struct aldap_url {

int protocol;

char *host;

@@ -226,7 +231,7 @@ int aldap_get_errno(struct aldap *, const char **);

int aldap_get_resultcode(struct aldap_message *);

char *aldap_get_dn(struct aldap_message *);

char *aldap_get_diagmsg(struct aldap_message *);

-char **aldap_get_references(struct aldap_message *);

+struct aldap_stringset *aldap_get_references(struct aldap_message *);

void aldap_free_references(char **values);

int aldap_parse_url(const char *, struct aldap_url *);

void aldap_free_url(struct aldap_url *);

@@ -234,10 +239,13 @@ int aldap_search_url(struct aldap *, char *, int, int, int,

struct aldap_page_control *);

int aldap_count_attrs(struct aldap_message *);

-int aldap_match_attr(struct aldap_message *, char *, char ***);

-int aldap_first_attr(struct aldap_message *, char **, char ***);

-int aldap_next_attr(struct aldap_message *, char **, char ***);

-int aldap_free_attr(char **);

+int aldap_match_attr(struct aldap_message *, char *,

+ struct aldap_stringset **);

+int aldap_first_attr(struct aldap_message *, char **, struct

+ aldap_stringset **);

+int aldap_next_attr(struct aldap_message *, char **,

+ struct aldap_stringset **);

+int aldap_free_attr(struct aldap_stringset *);

struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len);

void aldap_freepage(struct aldap_page_control *);

diff --git a/usr.sbin/ypldap/ber.c b/usr.sbin/ypldap/ber.c
index 2b41f400f54..6f6552d1a7b 100644
--- a/usr.sbin/ypldap/ber.c
+++ b/usr.sbin/ypldap/ber.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ber.c,v 1.32 2018/11/20 07:20:22 martijn Exp $ */

+/* $OpenBSD: ber.c,v 1.33 2018/11/27 12:06:39 martijn Exp $ */

@@ -282,11 +282,22 @@ ber_add_nstring(struct ber_element *prev, const char *string0, size_t len)

return elm;

}

+struct ber_element *

+ber_add_ostring(struct ber_element *prev, struct ber_octetstring *s)

+ return ber_add_nstring(prev, s->ostr_val, s->ostr_len);

int

ber_get_string(struct ber_element *elm, char **s)

{

if (elm->be_encoding != BER_TYPE_OCTETSTRING)

return -1;

+ /* Some components use getstring on binary data containing \0 */

+#if 0

+ if (memchr(elm->be_val, '\0', elm->be_len) != NULL)

+ return -1;

+#endif

*s = elm->be_val;

return 0;

@@ -303,6 +314,17 @@ ber_get_nstring(struct ber_element *elm, void **p, size_t *len)

return 0;

}

+int

+ber_get_ostring(struct ber_element *elm, struct ber_octetstring *s)

+ if (elm->be_encoding != BER_TYPE_OCTETSTRING)

+ return -1;

+ s->ostr_val = elm->be_val;

+ s->ostr_len = elm->be_len;

+ return 0;

struct ber_element *

ber_add_bitstring(struct ber_element *prev, const void *v0, size_t len)

{

diff --git a/usr.sbin/ypldap/ber.h b/usr.sbin/ypldap/ber.h
index d878d3e806f..ad9d0ae14cc 100644
--- a/usr.sbin/ypldap/ber.h
+++ b/usr.sbin/ypldap/ber.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ber.h,v 1.9 2018/08/12 22:04:09 rob Exp $ */

+/* $OpenBSD: ber.h,v 1.10 2018/11/27 12:06:39 martijn Exp $ */

@@ -20,6 +20,11 @@

#ifndef _BER_H

#define _BER_H

+struct ber_octetstring {

+ size_t ostr_len;

+ const void *ostr_val;

+};

struct ber_element {

struct ber_element *be_next;

unsigned int be_type;

@@ -104,9 +109,13 @@ int ber_get_boolean(struct ber_element *, int *);

struct ber_element *ber_add_string(struct ber_element *, const char *);

struct ber_element *ber_add_nstring(struct ber_element *, const char *,

size_t);

+struct ber_element *ber_add_ostring(struct ber_element *,

+ struct ber_octetstring *);

int ber_get_string(struct ber_element *, char **);

int ber_get_nstring(struct ber_element *, void **,

size_t *);

+int ber_get_ostring(struct ber_element *,

+ struct ber_octetstring *);

struct ber_element *ber_add_bitstring(struct ber_element *, const void *,

size_t);

int ber_get_bitstring(struct ber_element *, void **,

diff --git a/usr.sbin/ypldap/ldapclient.c b/usr.sbin/ypldap/ldapclient.c
index 981f610d109..82b640ce19c 100644
--- a/usr.sbin/ypldap/ldapclient.c
+++ b/usr.sbin/ypldap/ldapclient.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ldapclient.c,v 1.41 2017/12/07 05:09:27 zhuk Exp $ */

+/* $OpenBSD: ldapclient.c,v 1.42 2018/11/27 12:06:39 martijn Exp $ */

@@ -449,8 +449,9 @@ int

client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m,

int min_attr, int max_attr)

{

- char **ldap_attrs;

- int i, k;

+ struct aldap_stringset *ldap_attrs;

+ int i;

+ size_t k;

memset(ir, 0, sizeof(*ir));

for (i = min_attr; i < max_attr; i++) {

@@ -473,12 +474,13 @@ client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m,

}

} else if (idm->idm_list & F_LIST(i)) {

aldap_match_attr(m, idm->idm_attrs[i], &ldap_attrs);

- for (k = 0; k >= 0 && ldap_attrs && ldap_attrs[k] != NULL; k++) {

+ for (k = 0; k >= 0 && ldap_attrs && k < ldap_attrs->len; k++) {

/* XXX: Fail when attributes have illegal characters e.g. ',' */

- if (strlcat(ir->ir_line, ldap_attrs[k],

+ if (strlcat(ir->ir_line,

+ ldap_attrs->str[k].ostr_val,

sizeof(ir->ir_line)) >= sizeof(ir->ir_line))

continue;

- if (ldap_attrs[k+1] != NULL)

+ if (k + 1 < ldap_attrs->len)

if (strlcat(ir->ir_line, ",",

sizeof(ir->ir_line))

>= sizeof(ir->ir_line)) {

@@ -490,19 +492,19 @@ client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m,

} else {

if (aldap_match_attr(m, idm->idm_attrs[i], &ldap_attrs) == -1)

return (-1);

- if (ldap_attrs[0] == NULL)

- return (-1);

- if (strlcat(ir->ir_line, ldap_attrs[0],

+ if (strlcat(ir->ir_line, ldap_attrs->str[0].ostr_val,

sizeof(ir->ir_line)) >= sizeof(ir->ir_line)) {

aldap_free_attr(ldap_attrs);

return (-1);

}

if (i == ATTR_UID) {

ir->ir_key.ik_uid = strtonum(

- ldap_attrs[0], 0, UID_MAX, NULL);

+ ldap_attrs->str[0].ostr_val, 0, UID_MAX,

+ NULL);

} else if (i == ATTR_GR_GID) {

ir->ir_key.ik_uid = strtonum(

- ldap_attrs[0], 0, GID_MAX, NULL);

+ ldap_attrs->str[0].ostr_val, 0, GID_MAX,

+ NULL);

}

aldap_free_attr(ldap_attrs);

}