diff options
author | Martijn van Duren <martijn@cvs.openbsd.org> | 2018-11-27 12:06:40 +0000 |
---|---|---|
committer | Martijn van Duren <martijn@cvs.openbsd.org> | 2018-11-27 12:06:40 +0000 |
commit | bd653178ffd9829d35ea94c9d1ac9cf735de001a (patch) | |
tree | f10199e53e07cdd5fb991206e55258ec117de048 /usr.sbin | |
parent | 56a4604694d8f87a8b8167fca558bdc5a28365f5 (diff) |
Sync aldap and ber with ldap(1).
OK claudio@
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/ypldap/aldap.c | 59 | ||||
-rw-r--r-- | usr.sbin/ypldap/aldap.h | 22 | ||||
-rw-r--r-- | usr.sbin/ypldap/ber.c | 24 | ||||
-rw-r--r-- | usr.sbin/ypldap/ber.h | 11 | ||||
-rw-r--r-- | usr.sbin/ypldap/ldapclient.c | 24 |
5 files changed, 91 insertions, 49 deletions
diff --git a/usr.sbin/ypldap/aldap.c b/usr.sbin/ypldap/aldap.c index 3bd48ae59f4..eb17eb7db81 100644 --- a/usr.sbin/ypldap/aldap.c +++ b/usr.sbin/ypldap/aldap.c @@ -1,5 +1,5 @@ -/* $Id: aldap.c,v 1.43 2018/08/12 22:04:09 rob Exp $ */ -/* $OpenBSD: aldap.c,v 1.43 2018/08/12 22:04:09 rob Exp $ */ +/* $Id: aldap.c,v 1.44 2018/11/27 12:06:39 martijn Exp $ */ +/* $OpenBSD: aldap.c,v 1.44 2018/11/27 12:06:39 martijn Exp $ */ /* * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org> @@ -39,7 +39,7 @@ static struct ber_element *ldap_parse_search_filter(struct ber_element *, char *); static struct ber_element *ldap_do_parse_search_filter( struct ber_element *, char **); -char **aldap_get_stringset(struct ber_element *); +struct aldap_stringset *aldap_get_stringset(struct ber_element *); char *utoa(char *); static int isu8cont(unsigned char); char *parseval(char *, size_t); @@ -522,7 +522,7 @@ aldap_get_dn(struct aldap_message *msg) return utoa(dn); } -char ** +struct aldap_stringset * aldap_get_references(struct aldap_message *msg) { if (msg->references == NULL) @@ -576,11 +576,12 @@ aldap_count_attrs(struct aldap_message *msg) } int -aldap_first_attr(struct aldap_message *msg, char **outkey, char ***outvalues) +aldap_first_attr(struct aldap_message *msg, char **outkey, + struct aldap_stringset **outvalues) { struct ber_element *b, *c; char *key; - char **ret; + struct aldap_stringset *ret; if (msg->body.search.attrs == NULL) goto fail; @@ -605,11 +606,12 @@ fail: } int -aldap_next_attr(struct aldap_message *msg, char **outkey, char ***outvalues) +aldap_next_attr(struct aldap_message *msg, char **outkey, + struct aldap_stringset **outvalues) { struct ber_element *a, *b; char *key; - char **ret; + struct aldap_stringset *ret; if (msg->body.search.iter == NULL) goto notfound; @@ -640,11 +642,12 @@ notfound: } int -aldap_match_attr(struct aldap_message *msg, char *inkey, char ***outvalues) +aldap_match_attr(struct aldap_message *msg, char *inkey, + struct aldap_stringset **outvalues) { struct ber_element *a, *b; char *descr = NULL; - char **ret; + struct aldap_stringset *ret; if (msg->body.search.attrs == NULL) goto fail; @@ -677,16 +680,12 @@ notfound: } int -aldap_free_attr(char **values) +aldap_free_attr(struct aldap_stringset *values) { - int i; - if (values == NULL) return -1; - for (i = 0; values[i] != NULL; i++) - free(values[i]); - + free(values->str); free(values); return (1); @@ -836,33 +835,35 @@ fail: * internal functions */ -char ** +struct aldap_stringset * aldap_get_stringset(struct ber_element *elm) { struct ber_element *a; int i; - char **ret; - char *s; + struct aldap_stringset *ret; if (elm->be_type != BER_TYPE_OCTETSTRING) return NULL; - for (a = elm, i = 1; i > 0 && a != NULL && a->be_type == - BER_TYPE_OCTETSTRING; a = a->be_next, i++) + if ((ret = malloc(sizeof(*ret))) == NULL) + return NULL; + for (a = elm, ret->len = 0; a != NULL && a->be_type == + BER_TYPE_OCTETSTRING; a = a->be_next, ret->len++) ; - if (i == 1) + if (ret->len == 0) { + free(ret); return NULL; + } - if ((ret = calloc(i + 1, sizeof(char *))) == NULL) + if ((ret->str = reallocarray(NULL, ret->len, + sizeof(*(ret->str)))) == NULL) { + free(ret); return NULL; + } for (a = elm, i = 0; a != NULL && a->be_type == BER_TYPE_OCTETSTRING; - a = a->be_next, i++) { - - ber_get_string(a, &s); - ret[i] = utoa(s); - } - ret[i + 1] = NULL; + a = a->be_next, i++) + (void) ber_get_ostring(a, &(ret->str[i])); return ret; } diff --git a/usr.sbin/ypldap/aldap.h b/usr.sbin/ypldap/aldap.h index 48edbd5f8af..feb76be3445 100644 --- a/usr.sbin/ypldap/aldap.h +++ b/usr.sbin/ypldap/aldap.h @@ -1,5 +1,5 @@ -/* $Id: aldap.h,v 1.11 2018/06/21 10:37:00 reyk Exp $ */ -/* $OpenBSD: aldap.h,v 1.11 2018/06/21 10:37:00 reyk Exp $ */ +/* $Id: aldap.h,v 1.12 2018/11/27 12:06:39 martijn Exp $ */ +/* $OpenBSD: aldap.h,v 1.12 2018/11/27 12:06:39 martijn Exp $ */ /* * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org> @@ -88,6 +88,11 @@ enum aldap_protocol { LDAPI }; +struct aldap_stringset { + size_t len; + struct ber_octetstring *str; +}; + struct aldap_url { int protocol; char *host; @@ -226,7 +231,7 @@ int aldap_get_errno(struct aldap *, const char **); int aldap_get_resultcode(struct aldap_message *); char *aldap_get_dn(struct aldap_message *); char *aldap_get_diagmsg(struct aldap_message *); -char **aldap_get_references(struct aldap_message *); +struct aldap_stringset *aldap_get_references(struct aldap_message *); void aldap_free_references(char **values); int aldap_parse_url(const char *, struct aldap_url *); void aldap_free_url(struct aldap_url *); @@ -234,10 +239,13 @@ int aldap_search_url(struct aldap *, char *, int, int, int, struct aldap_page_control *); int aldap_count_attrs(struct aldap_message *); -int aldap_match_attr(struct aldap_message *, char *, char ***); -int aldap_first_attr(struct aldap_message *, char **, char ***); -int aldap_next_attr(struct aldap_message *, char **, char ***); -int aldap_free_attr(char **); +int aldap_match_attr(struct aldap_message *, char *, + struct aldap_stringset **); +int aldap_first_attr(struct aldap_message *, char **, struct + aldap_stringset **); +int aldap_next_attr(struct aldap_message *, char **, + struct aldap_stringset **); +int aldap_free_attr(struct aldap_stringset *); struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len); void aldap_freepage(struct aldap_page_control *); diff --git a/usr.sbin/ypldap/ber.c b/usr.sbin/ypldap/ber.c index 2b41f400f54..6f6552d1a7b 100644 --- a/usr.sbin/ypldap/ber.c +++ b/usr.sbin/ypldap/ber.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ber.c,v 1.32 2018/11/20 07:20:22 martijn Exp $ */ +/* $OpenBSD: ber.c,v 1.33 2018/11/27 12:06:39 martijn Exp $ */ /* * Copyright (c) 2007, 2012 Reyk Floeter <reyk@openbsd.org> @@ -282,11 +282,22 @@ ber_add_nstring(struct ber_element *prev, const char *string0, size_t len) return elm; } +struct ber_element * +ber_add_ostring(struct ber_element *prev, struct ber_octetstring *s) +{ + return ber_add_nstring(prev, s->ostr_val, s->ostr_len); +} + int ber_get_string(struct ber_element *elm, char **s) { if (elm->be_encoding != BER_TYPE_OCTETSTRING) return -1; + /* Some components use getstring on binary data containing \0 */ +#if 0 + if (memchr(elm->be_val, '\0', elm->be_len) != NULL) + return -1; +#endif *s = elm->be_val; return 0; @@ -303,6 +314,17 @@ ber_get_nstring(struct ber_element *elm, void **p, size_t *len) return 0; } +int +ber_get_ostring(struct ber_element *elm, struct ber_octetstring *s) +{ + if (elm->be_encoding != BER_TYPE_OCTETSTRING) + return -1; + + s->ostr_val = elm->be_val; + s->ostr_len = elm->be_len; + return 0; +} + struct ber_element * ber_add_bitstring(struct ber_element *prev, const void *v0, size_t len) { diff --git a/usr.sbin/ypldap/ber.h b/usr.sbin/ypldap/ber.h index d878d3e806f..ad9d0ae14cc 100644 --- a/usr.sbin/ypldap/ber.h +++ b/usr.sbin/ypldap/ber.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ber.h,v 1.9 2018/08/12 22:04:09 rob Exp $ */ +/* $OpenBSD: ber.h,v 1.10 2018/11/27 12:06:39 martijn Exp $ */ /* * Copyright (c) 2007, 2012 Reyk Floeter <reyk@openbsd.org> @@ -20,6 +20,11 @@ #ifndef _BER_H #define _BER_H +struct ber_octetstring { + size_t ostr_len; + const void *ostr_val; +}; + struct ber_element { struct ber_element *be_next; unsigned int be_type; @@ -104,9 +109,13 @@ int ber_get_boolean(struct ber_element *, int *); struct ber_element *ber_add_string(struct ber_element *, const char *); struct ber_element *ber_add_nstring(struct ber_element *, const char *, size_t); +struct ber_element *ber_add_ostring(struct ber_element *, + struct ber_octetstring *); int ber_get_string(struct ber_element *, char **); int ber_get_nstring(struct ber_element *, void **, size_t *); +int ber_get_ostring(struct ber_element *, + struct ber_octetstring *); struct ber_element *ber_add_bitstring(struct ber_element *, const void *, size_t); int ber_get_bitstring(struct ber_element *, void **, diff --git a/usr.sbin/ypldap/ldapclient.c b/usr.sbin/ypldap/ldapclient.c index 981f610d109..82b640ce19c 100644 --- a/usr.sbin/ypldap/ldapclient.c +++ b/usr.sbin/ypldap/ldapclient.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldapclient.c,v 1.41 2017/12/07 05:09:27 zhuk Exp $ */ +/* $OpenBSD: ldapclient.c,v 1.42 2018/11/27 12:06:39 martijn Exp $ */ /* * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org> @@ -449,8 +449,9 @@ int client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m, int min_attr, int max_attr) { - char **ldap_attrs; - int i, k; + struct aldap_stringset *ldap_attrs; + int i; + size_t k; memset(ir, 0, sizeof(*ir)); for (i = min_attr; i < max_attr; i++) { @@ -473,12 +474,13 @@ client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m, } } else if (idm->idm_list & F_LIST(i)) { aldap_match_attr(m, idm->idm_attrs[i], &ldap_attrs); - for (k = 0; k >= 0 && ldap_attrs && ldap_attrs[k] != NULL; k++) { + for (k = 0; k >= 0 && ldap_attrs && k < ldap_attrs->len; k++) { /* XXX: Fail when attributes have illegal characters e.g. ',' */ - if (strlcat(ir->ir_line, ldap_attrs[k], + if (strlcat(ir->ir_line, + ldap_attrs->str[k].ostr_val, sizeof(ir->ir_line)) >= sizeof(ir->ir_line)) continue; - if (ldap_attrs[k+1] != NULL) + if (k + 1 < ldap_attrs->len) if (strlcat(ir->ir_line, ",", sizeof(ir->ir_line)) >= sizeof(ir->ir_line)) { @@ -490,19 +492,19 @@ client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m, } else { if (aldap_match_attr(m, idm->idm_attrs[i], &ldap_attrs) == -1) return (-1); - if (ldap_attrs[0] == NULL) - return (-1); - if (strlcat(ir->ir_line, ldap_attrs[0], + if (strlcat(ir->ir_line, ldap_attrs->str[0].ostr_val, sizeof(ir->ir_line)) >= sizeof(ir->ir_line)) { aldap_free_attr(ldap_attrs); return (-1); } if (i == ATTR_UID) { ir->ir_key.ik_uid = strtonum( - ldap_attrs[0], 0, UID_MAX, NULL); + ldap_attrs->str[0].ostr_val, 0, UID_MAX, + NULL); } else if (i == ATTR_GR_GID) { ir->ir_key.ik_uid = strtonum( - ldap_attrs[0], 0, GID_MAX, NULL); + ldap_attrs->str[0].ostr_val, 0, GID_MAX, + NULL); } aldap_free_attr(ldap_attrs); } |