Christian Wiese
17 years ago
1 changed files with 285 additions and 0 deletions
@ -0,0 +1,285 @@
|
||||
# --- SDE-COPYRIGHT-NOTE-BEGIN ---
|
||||
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
|
||||
#
|
||||
# Filename: package/.../heimdal/hdb-ldap-get_values.patch
|
||||
# Copyright (C) 2008 The OpenSDE Project
|
||||
#
|
||||
# More information can be found in the files COPYING and README.
|
||||
#
|
||||
# This patch file is dual-licensed. It is available under the license the
|
||||
# patched project is licensed under, as long as it is an OpenSource license
|
||||
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
|
||||
# of the GNU General Public License as published by the Free Software
|
||||
# Foundation; either version 2 of the License, or (at your option) any later
|
||||
# version.
|
||||
# --- SDE-COPYRIGHT-NOTE-END ---
|
||||
|
||||
Index: heimdal/lib/hdb/hdb-ldap.c
|
||||
===================================================================
|
||||
--- heimdal/lib/hdb/hdb-ldap.c (revision 22586)
|
||||
+++ heimdal/lib/hdb/hdb-ldap.c (revision 22587)
|
||||
@@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Copyright (c) 1999-2001, 2003, PADL Software Pty Ltd.
|
||||
* Copyright (c) 2004, Andrew Bartlett.
|
||||
- * Copyright (c) 2003 - 2007, Kungliga Tekniska Högskolan.
|
||||
+ * Copyright (c) 2003 - 2008, Kungliga Tekniska Högskolan.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
@@ -307,38 +307,40 @@
|
||||
LDAP_get_string_value(HDB * db, LDAPMessage * entry,
|
||||
const char *attribute, char **ptr)
|
||||
{
|
||||
- char **vals;
|
||||
- int ret;
|
||||
+ struct berval **vals;
|
||||
|
||||
- vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute);
|
||||
- if (vals == NULL) {
|
||||
+ vals = ldap_get_values_len(HDB2LDAP(db), entry, attribute);
|
||||
+ if (vals == NULL || vals[0] == NULL) {
|
||||
*ptr = NULL;
|
||||
return HDB_ERR_NOENTRY;
|
||||
}
|
||||
|
||||
- *ptr = strdup(vals[0]);
|
||||
- if (*ptr == NULL)
|
||||
- ret = ENOMEM;
|
||||
- else
|
||||
- ret = 0;
|
||||
+ *ptr = malloc(vals[0]->bv_len + 1);
|
||||
+ if (*ptr == NULL) {
|
||||
+ ldap_value_free_len(vals);
|
||||
+ return ENOMEM;
|
||||
+ }
|
||||
|
||||
- ldap_value_free(vals);
|
||||
+ memcpy(*ptr, vals[0]->bv_val, vals[0]->bv_len);
|
||||
+ (*ptr)[vals[0]->bv_len] = 0;
|
||||
|
||||
- return ret;
|
||||
+ ldap_value_free_len(vals);
|
||||
+
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
static krb5_error_code
|
||||
LDAP_get_integer_value(HDB * db, LDAPMessage * entry,
|
||||
const char *attribute, int *ptr)
|
||||
{
|
||||
- char **vals;
|
||||
+ krb5_error_code ret;
|
||||
+ char *val;
|
||||
|
||||
- vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute);
|
||||
- if (vals == NULL)
|
||||
- return HDB_ERR_NOENTRY;
|
||||
-
|
||||
- *ptr = atoi(vals[0]);
|
||||
- ldap_value_free(vals);
|
||||
+ ret = LDAP_get_string_value(db, entry, attribute, &val);
|
||||
+ if (ret)
|
||||
+ return ret;
|
||||
+ *ptr = atoi(val);
|
||||
+ free(val);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -369,6 +371,14 @@
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int
|
||||
+bervalstrcmp(struct berval *v, const char *str)
|
||||
+{
|
||||
+ size_t len = strlen(str);
|
||||
+ return (v->bv_len == len) && strncasecmp(str, (char *)v->bv_val, len) == 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static krb5_error_code
|
||||
LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
|
||||
LDAPMessage * msg, LDAPMod *** pmods)
|
||||
@@ -386,7 +396,7 @@
|
||||
krb5_boolean is_heimdal_entry = FALSE;
|
||||
krb5_boolean is_heimdal_principal = FALSE;
|
||||
|
||||
- char **values;
|
||||
+ struct berval **vals;
|
||||
|
||||
*pmods = NULL;
|
||||
|
||||
@@ -398,21 +408,20 @@
|
||||
|
||||
is_new_entry = FALSE;
|
||||
|
||||
- values = ldap_get_values(HDB2LDAP(db), msg, "objectClass");
|
||||
- if (values) {
|
||||
- int num_objectclasses = ldap_count_values(values);
|
||||
+ vals = ldap_get_values_len(HDB2LDAP(db), msg, "objectClass");
|
||||
+ if (vals) {
|
||||
+ int num_objectclasses = ldap_count_values_len(vals);
|
||||
for (i=0; i < num_objectclasses; i++) {
|
||||
- if (strcasecmp(values[i], "sambaSamAccount") == 0) {
|
||||
+ if (bervalstrcmp(vals[i], "sambaSamAccount"))
|
||||
is_samba_account = TRUE;
|
||||
- } else if (strcasecmp(values[i], structural_object) == 0) {
|
||||
+ else if (bervalstrcmp(vals[i], structural_object))
|
||||
is_account = TRUE;
|
||||
- } else if (strcasecmp(values[i], "krb5Principal") == 0) {
|
||||
+ else if (bervalstrcmp(vals[i], "krb5Principal"))
|
||||
is_heimdal_principal = TRUE;
|
||||
- } else if (strcasecmp(values[i], "krb5KDCEntry") == 0) {
|
||||
+ else if (bervalstrcmp(vals[i], "krb5KDCEntry"))
|
||||
is_heimdal_entry = TRUE;
|
||||
- }
|
||||
}
|
||||
- ldap_value_free(values);
|
||||
+ ldap_value_free_len(vals);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -602,9 +611,9 @@
|
||||
|
||||
/* Remove keys if they exists, and then replace keys. */
|
||||
if (!is_new_entry && orig.entry.keys.len > 0) {
|
||||
- values = ldap_get_values(HDB2LDAP(db), msg, "krb5Key");
|
||||
- if (values) {
|
||||
- ldap_value_free(values);
|
||||
+ vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5Key");
|
||||
+ if (vals) {
|
||||
+ ldap_value_free_len(vals);
|
||||
|
||||
ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL);
|
||||
if (ret)
|
||||
@@ -641,9 +650,9 @@
|
||||
goto out;
|
||||
|
||||
/* have to kill the LM passwod if it exists */
|
||||
- values = ldap_get_values(HDB2LDAP(db), msg, "sambaLMPassword");
|
||||
- if (values) {
|
||||
- ldap_value_free(values);
|
||||
+ vals = ldap_get_values_len(HDB2LDAP(db), msg, "sambaLMPassword");
|
||||
+ if (vals) {
|
||||
+ ldap_value_free_len(vals);
|
||||
ret = LDAP_addmod(&mods, LDAP_MOD_DELETE,
|
||||
"sambaLMPassword", NULL);
|
||||
if (ret)
|
||||
@@ -676,9 +685,9 @@
|
||||
*/
|
||||
|
||||
if (!is_new_entry) {
|
||||
- values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType");
|
||||
- if (values) {
|
||||
- ldap_value_free(values);
|
||||
+ vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType");
|
||||
+ if (vals) {
|
||||
+ ldap_value_free_len(vals);
|
||||
ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType",
|
||||
NULL);
|
||||
if (ret)
|
||||
@@ -730,8 +739,8 @@
|
||||
krb5_error_code ret;
|
||||
int rc;
|
||||
const char *filter = "(objectClass=krb5Principal)";
|
||||
- char **values;
|
||||
LDAPMessage *res = NULL, *e;
|
||||
+ char *p;
|
||||
|
||||
ret = LDAP_no_size_limit(context, HDB2LDAP(db));
|
||||
if (ret)
|
||||
@@ -753,14 +762,14 @@
|
||||
goto out;
|
||||
}
|
||||
|
||||
- values = ldap_get_values(HDB2LDAP(db), e, "krb5PrincipalName");
|
||||
- if (values == NULL) {
|
||||
+ ret = LDAP_get_string_value(db, e, "krb5PrincipalName", &p);
|
||||
+ if (ret) {
|
||||
ret = HDB_ERR_NOENTRY;
|
||||
goto out;
|
||||
}
|
||||
|
||||
- ret = krb5_parse_name(context, values[0], principal);
|
||||
- ldap_value_free(values);
|
||||
+ ret = krb5_parse_name(context, p, principal);
|
||||
+ free(p);
|
||||
|
||||
out:
|
||||
if (res)
|
||||
@@ -893,10 +902,9 @@
|
||||
{
|
||||
char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL;
|
||||
char *samba_acct_flags = NULL;
|
||||
- unsigned long tmp;
|
||||
struct berval **keys;
|
||||
- char **values;
|
||||
- int tmp_time, i, ret, have_arcfour = 0;
|
||||
+ struct berval **vals;
|
||||
+ int tmp, tmp_time, i, ret, have_arcfour = 0;
|
||||
|
||||
memset(ent, 0, sizeof(*ent));
|
||||
ent->entry.flags = int2HDBFlags(0);
|
||||
@@ -962,8 +970,8 @@
|
||||
#endif
|
||||
}
|
||||
|
||||
- values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType");
|
||||
- if (values != NULL) {
|
||||
+ vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType");
|
||||
+ if (vals != NULL) {
|
||||
int i;
|
||||
|
||||
ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes)));
|
||||
@@ -972,17 +980,26 @@
|
||||
ret = ENOMEM;
|
||||
goto out;
|
||||
}
|
||||
- ent->entry.etypes->len = ldap_count_values(values);
|
||||
+ ent->entry.etypes->len = ldap_count_values_len(vals);
|
||||
ent->entry.etypes->val = calloc(ent->entry.etypes->len, sizeof(int));
|
||||
if (ent->entry.etypes->val == NULL) {
|
||||
krb5_set_error_string(context, "malloc: out of memory");
|
||||
+ ent->entry.etypes->len = 0;
|
||||
ret = ENOMEM;
|
||||
goto out;
|
||||
}
|
||||
for (i = 0; i < ent->entry.etypes->len; i++) {
|
||||
- ent->entry.etypes->val[i] = atoi(values[i]);
|
||||
+ char buf[100];
|
||||
+ if (vals[i]->bv_len > sizeof(buf) - 1) {
|
||||
+ krb5_set_error_string(context, "malloc: out of memory");
|
||||
+ ret = ENOMEM;
|
||||
+ goto out;
|
||||
+ }
|
||||
+ memcpy(buf, vals[i]->bv_val, vals[i]->bv_len);
|
||||
+ buf[vals[i]->bv_len] = '\0';
|
||||
+ ent->entry.etypes->val[i] = atoi(buf);
|
||||
}
|
||||
- ldap_value_free(values);
|
||||
+ ldap_value_free_len(vals);
|
||||
}
|
||||
|
||||
for (i = 0; i < ent->entry.keys.len; i++) {
|
||||
@@ -1193,18 +1210,9 @@
|
||||
*ent->entry.max_renew = max_renew;
|
||||
}
|
||||
|
||||
- values = ldap_get_values(HDB2LDAP(db), msg, "krb5KDCFlags");
|
||||
- if (values != NULL) {
|
||||
- errno = 0;
|
||||
- tmp = strtoul(values[0], (char **) NULL, 10);
|
||||
- if (tmp == ULONG_MAX && errno == ERANGE) {
|
||||
- krb5_set_error_string(context, "strtoul: could not convert flag");
|
||||
- ret = ERANGE;
|
||||
- goto out;
|
||||
- }
|
||||
- } else {
|
||||
+ ret = LDAP_get_integer_value(db, msg, "krb5KDCFlags", &tmp);
|
||||
+ if (ret)
|
||||
tmp = 0;
|
||||
- }
|
||||
|
||||
ent->entry.flags = int2HDBFlags(tmp);
|
||||
|
||||
Loading…
Reference in new issue