summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorMartijn van Duren <martijn@cvs.openbsd.org>2018-11-27 12:06:40 +0000
committerMartijn van Duren <martijn@cvs.openbsd.org>2018-11-27 12:06:40 +0000
commitbd653178ffd9829d35ea94c9d1ac9cf735de001a (patch)
treef10199e53e07cdd5fb991206e55258ec117de048 /usr.sbin
parent56a4604694d8f87a8b8167fca558bdc5a28365f5 (diff)
Sync aldap and ber with ldap(1).
OK claudio@
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/ypldap/aldap.c59
-rw-r--r--usr.sbin/ypldap/aldap.h22
-rw-r--r--usr.sbin/ypldap/ber.c24
-rw-r--r--usr.sbin/ypldap/ber.h11
-rw-r--r--usr.sbin/ypldap/ldapclient.c24
5 files changed, 91 insertions, 49 deletions
diff --git a/usr.sbin/ypldap/aldap.c b/usr.sbin/ypldap/aldap.c
index 3bd48ae59f4..eb17eb7db81 100644
--- a/usr.sbin/ypldap/aldap.c
+++ b/usr.sbin/ypldap/aldap.c
@@ -1,5 +1,5 @@
-/* $Id: aldap.c,v 1.43 2018/08/12 22:04:09 rob Exp $ */
-/* $OpenBSD: aldap.c,v 1.43 2018/08/12 22:04:09 rob Exp $ */
+/* $Id: aldap.c,v 1.44 2018/11/27 12:06:39 martijn Exp $ */
+/* $OpenBSD: aldap.c,v 1.44 2018/11/27 12:06:39 martijn Exp $ */
/*
* Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
@@ -39,7 +39,7 @@ static struct ber_element *ldap_parse_search_filter(struct ber_element *,
char *);
static struct ber_element *ldap_do_parse_search_filter(
struct ber_element *, char **);
-char **aldap_get_stringset(struct ber_element *);
+struct aldap_stringset *aldap_get_stringset(struct ber_element *);
char *utoa(char *);
static int isu8cont(unsigned char);
char *parseval(char *, size_t);
@@ -522,7 +522,7 @@ aldap_get_dn(struct aldap_message *msg)
return utoa(dn);
}
-char **
+struct aldap_stringset *
aldap_get_references(struct aldap_message *msg)
{
if (msg->references == NULL)
@@ -576,11 +576,12 @@ aldap_count_attrs(struct aldap_message *msg)
}
int
-aldap_first_attr(struct aldap_message *msg, char **outkey, char ***outvalues)
+aldap_first_attr(struct aldap_message *msg, char **outkey,
+ struct aldap_stringset **outvalues)
{
struct ber_element *b, *c;
char *key;
- char **ret;
+ struct aldap_stringset *ret;
if (msg->body.search.attrs == NULL)
goto fail;
@@ -605,11 +606,12 @@ fail:
}
int
-aldap_next_attr(struct aldap_message *msg, char **outkey, char ***outvalues)
+aldap_next_attr(struct aldap_message *msg, char **outkey,
+ struct aldap_stringset **outvalues)
{
struct ber_element *a, *b;
char *key;
- char **ret;
+ struct aldap_stringset *ret;
if (msg->body.search.iter == NULL)
goto notfound;
@@ -640,11 +642,12 @@ notfound:
}
int
-aldap_match_attr(struct aldap_message *msg, char *inkey, char ***outvalues)
+aldap_match_attr(struct aldap_message *msg, char *inkey,
+ struct aldap_stringset **outvalues)
{
struct ber_element *a, *b;
char *descr = NULL;
- char **ret;
+ struct aldap_stringset *ret;
if (msg->body.search.attrs == NULL)
goto fail;
@@ -677,16 +680,12 @@ notfound:
}
int
-aldap_free_attr(char **values)
+aldap_free_attr(struct aldap_stringset *values)
{
- int i;
-
if (values == NULL)
return -1;
- for (i = 0; values[i] != NULL; i++)
- free(values[i]);
-
+ free(values->str);
free(values);
return (1);
@@ -836,33 +835,35 @@ fail:
* internal functions
*/
-char **
+struct aldap_stringset *
aldap_get_stringset(struct ber_element *elm)
{
struct ber_element *a;
int i;
- char **ret;
- char *s;
+ struct aldap_stringset *ret;
if (elm->be_type != BER_TYPE_OCTETSTRING)
return NULL;
- for (a = elm, i = 1; i > 0 && a != NULL && a->be_type ==
- BER_TYPE_OCTETSTRING; a = a->be_next, i++)
+ if ((ret = malloc(sizeof(*ret))) == NULL)
+ return NULL;
+ for (a = elm, ret->len = 0; a != NULL && a->be_type ==
+ BER_TYPE_OCTETSTRING; a = a->be_next, ret->len++)
;
- if (i == 1)
+ if (ret->len == 0) {
+ free(ret);
return NULL;
+ }
- if ((ret = calloc(i + 1, sizeof(char *))) == NULL)
+ if ((ret->str = reallocarray(NULL, ret->len,
+ sizeof(*(ret->str)))) == NULL) {
+ free(ret);
return NULL;
+ }
for (a = elm, i = 0; a != NULL && a->be_type == BER_TYPE_OCTETSTRING;
- a = a->be_next, i++) {
-
- ber_get_string(a, &s);
- ret[i] = utoa(s);
- }
- ret[i + 1] = NULL;
+ a = a->be_next, i++)
+ (void) ber_get_ostring(a, &(ret->str[i]));
return ret;
}
diff --git a/usr.sbin/ypldap/aldap.h b/usr.sbin/ypldap/aldap.h
index 48edbd5f8af..feb76be3445 100644
--- a/usr.sbin/ypldap/aldap.h
+++ b/usr.sbin/ypldap/aldap.h
@@ -1,5 +1,5 @@
-/* $Id: aldap.h,v 1.11 2018/06/21 10:37:00 reyk Exp $ */
-/* $OpenBSD: aldap.h,v 1.11 2018/06/21 10:37:00 reyk Exp $ */
+/* $Id: aldap.h,v 1.12 2018/11/27 12:06:39 martijn Exp $ */
+/* $OpenBSD: aldap.h,v 1.12 2018/11/27 12:06:39 martijn Exp $ */
/*
* Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
@@ -88,6 +88,11 @@ enum aldap_protocol {
LDAPI
};
+struct aldap_stringset {
+ size_t len;
+ struct ber_octetstring *str;
+};
+
struct aldap_url {
int protocol;
char *host;
@@ -226,7 +231,7 @@ int aldap_get_errno(struct aldap *, const char **);
int aldap_get_resultcode(struct aldap_message *);
char *aldap_get_dn(struct aldap_message *);
char *aldap_get_diagmsg(struct aldap_message *);
-char **aldap_get_references(struct aldap_message *);
+struct aldap_stringset *aldap_get_references(struct aldap_message *);
void aldap_free_references(char **values);
int aldap_parse_url(const char *, struct aldap_url *);
void aldap_free_url(struct aldap_url *);
@@ -234,10 +239,13 @@ int aldap_search_url(struct aldap *, char *, int, int, int,
struct aldap_page_control *);
int aldap_count_attrs(struct aldap_message *);
-int aldap_match_attr(struct aldap_message *, char *, char ***);
-int aldap_first_attr(struct aldap_message *, char **, char ***);
-int aldap_next_attr(struct aldap_message *, char **, char ***);
-int aldap_free_attr(char **);
+int aldap_match_attr(struct aldap_message *, char *,
+ struct aldap_stringset **);
+int aldap_first_attr(struct aldap_message *, char **, struct
+ aldap_stringset **);
+int aldap_next_attr(struct aldap_message *, char **,
+ struct aldap_stringset **);
+int aldap_free_attr(struct aldap_stringset *);
struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len);
void aldap_freepage(struct aldap_page_control *);
diff --git a/usr.sbin/ypldap/ber.c b/usr.sbin/ypldap/ber.c
index 2b41f400f54..6f6552d1a7b 100644
--- a/usr.sbin/ypldap/ber.c
+++ b/usr.sbin/ypldap/ber.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ber.c,v 1.32 2018/11/20 07:20:22 martijn Exp $ */
+/* $OpenBSD: ber.c,v 1.33 2018/11/27 12:06:39 martijn Exp $ */
/*
* Copyright (c) 2007, 2012 Reyk Floeter <reyk@openbsd.org>
@@ -282,11 +282,22 @@ ber_add_nstring(struct ber_element *prev, const char *string0, size_t len)
return elm;
}
+struct ber_element *
+ber_add_ostring(struct ber_element *prev, struct ber_octetstring *s)
+{
+ return ber_add_nstring(prev, s->ostr_val, s->ostr_len);
+}
+
int
ber_get_string(struct ber_element *elm, char **s)
{
if (elm->be_encoding != BER_TYPE_OCTETSTRING)
return -1;
+ /* Some components use getstring on binary data containing \0 */
+#if 0
+ if (memchr(elm->be_val, '\0', elm->be_len) != NULL)
+ return -1;
+#endif
*s = elm->be_val;
return 0;
@@ -303,6 +314,17 @@ ber_get_nstring(struct ber_element *elm, void **p, size_t *len)
return 0;
}
+int
+ber_get_ostring(struct ber_element *elm, struct ber_octetstring *s)
+{
+ if (elm->be_encoding != BER_TYPE_OCTETSTRING)
+ return -1;
+
+ s->ostr_val = elm->be_val;
+ s->ostr_len = elm->be_len;
+ return 0;
+}
+
struct ber_element *
ber_add_bitstring(struct ber_element *prev, const void *v0, size_t len)
{
diff --git a/usr.sbin/ypldap/ber.h b/usr.sbin/ypldap/ber.h
index d878d3e806f..ad9d0ae14cc 100644
--- a/usr.sbin/ypldap/ber.h
+++ b/usr.sbin/ypldap/ber.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ber.h,v 1.9 2018/08/12 22:04:09 rob Exp $ */
+/* $OpenBSD: ber.h,v 1.10 2018/11/27 12:06:39 martijn Exp $ */
/*
* Copyright (c) 2007, 2012 Reyk Floeter <reyk@openbsd.org>
@@ -20,6 +20,11 @@
#ifndef _BER_H
#define _BER_H
+struct ber_octetstring {
+ size_t ostr_len;
+ const void *ostr_val;
+};
+
struct ber_element {
struct ber_element *be_next;
unsigned int be_type;
@@ -104,9 +109,13 @@ int ber_get_boolean(struct ber_element *, int *);
struct ber_element *ber_add_string(struct ber_element *, const char *);
struct ber_element *ber_add_nstring(struct ber_element *, const char *,
size_t);
+struct ber_element *ber_add_ostring(struct ber_element *,
+ struct ber_octetstring *);
int ber_get_string(struct ber_element *, char **);
int ber_get_nstring(struct ber_element *, void **,
size_t *);
+int ber_get_ostring(struct ber_element *,
+ struct ber_octetstring *);
struct ber_element *ber_add_bitstring(struct ber_element *, const void *,
size_t);
int ber_get_bitstring(struct ber_element *, void **,
diff --git a/usr.sbin/ypldap/ldapclient.c b/usr.sbin/ypldap/ldapclient.c
index 981f610d109..82b640ce19c 100644
--- a/usr.sbin/ypldap/ldapclient.c
+++ b/usr.sbin/ypldap/ldapclient.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ldapclient.c,v 1.41 2017/12/07 05:09:27 zhuk Exp $ */
+/* $OpenBSD: ldapclient.c,v 1.42 2018/11/27 12:06:39 martijn Exp $ */
/*
* Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
@@ -449,8 +449,9 @@ int
client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m,
int min_attr, int max_attr)
{
- char **ldap_attrs;
- int i, k;
+ struct aldap_stringset *ldap_attrs;
+ int i;
+ size_t k;
memset(ir, 0, sizeof(*ir));
for (i = min_attr; i < max_attr; i++) {
@@ -473,12 +474,13 @@ client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m,
}
} else if (idm->idm_list & F_LIST(i)) {
aldap_match_attr(m, idm->idm_attrs[i], &ldap_attrs);
- for (k = 0; k >= 0 && ldap_attrs && ldap_attrs[k] != NULL; k++) {
+ for (k = 0; k >= 0 && ldap_attrs && k < ldap_attrs->len; k++) {
/* XXX: Fail when attributes have illegal characters e.g. ',' */
- if (strlcat(ir->ir_line, ldap_attrs[k],
+ if (strlcat(ir->ir_line,
+ ldap_attrs->str[k].ostr_val,
sizeof(ir->ir_line)) >= sizeof(ir->ir_line))
continue;
- if (ldap_attrs[k+1] != NULL)
+ if (k + 1 < ldap_attrs->len)
if (strlcat(ir->ir_line, ",",
sizeof(ir->ir_line))
>= sizeof(ir->ir_line)) {
@@ -490,19 +492,19 @@ client_build_req(struct idm *idm, struct idm_req *ir, struct aldap_message *m,
} else {
if (aldap_match_attr(m, idm->idm_attrs[i], &ldap_attrs) == -1)
return (-1);
- if (ldap_attrs[0] == NULL)
- return (-1);
- if (strlcat(ir->ir_line, ldap_attrs[0],
+ if (strlcat(ir->ir_line, ldap_attrs->str[0].ostr_val,
sizeof(ir->ir_line)) >= sizeof(ir->ir_line)) {
aldap_free_attr(ldap_attrs);
return (-1);
}
if (i == ATTR_UID) {
ir->ir_key.ik_uid = strtonum(
- ldap_attrs[0], 0, UID_MAX, NULL);
+ ldap_attrs->str[0].ostr_val, 0, UID_MAX,
+ NULL);
} else if (i == ATTR_GR_GID) {
ir->ir_key.ik_uid = strtonum(
- ldap_attrs[0], 0, GID_MAX, NULL);
+ ldap_attrs->str[0].ostr_val, 0, GID_MAX,
+ NULL);
}
aldap_free_attr(ldap_attrs);
}