mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-04-12 15:10:31 +08:00
Latest changes from devel
This commit is contained in:
Kurt Zeilenga
parent
a04496e66b
commit
98416e5219
@ -713,7 +713,7 @@ static int dosearch(
|
||||
sctrls, cctrls, timelimit, sizelimit, &msgid );
|
||||
|
||||
if( rc != LDAP_SUCCESS ) {
|
||||
fprintf( stderr, "ldapsearch: ldap_search_ext: %s (%d)",
|
||||
fprintf( stderr, "ldapsearch: ldap_search_ext: %s (%d)\n",
|
||||
ldap_err2string( rc ), rc );
|
||||
return( rc );
|
||||
}
|
||||
@ -1069,7 +1069,7 @@ static int print_result(
|
||||
if( !ldif ) {
|
||||
write_ldif( LDIF_PUT_VALUE, "ref", refs[i], strlen(refs[i]) );
|
||||
} else {
|
||||
fprintf( stderr, "Referral: %s", refs[i] );
|
||||
fprintf( stderr, "Referral: %s\n", refs[i] );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -25,15 +25,27 @@
|
||||
# define sys_errlist ((char **)0)
|
||||
#elif DECL_SYS_ERRLIST
|
||||
/* have sys_errlist but need declaration */
|
||||
LDAP_LIBC_V (int) sys_nerr;
|
||||
LDAP_LIBC_V (char) *sys_errlist[];
|
||||
LDAP_LIBC_V(int) sys_nerr;
|
||||
LDAP_LIBC_V(char) *sys_errlist[];
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_STRERROR
|
||||
#define STRERROR(err) strerror(err)
|
||||
#undef _AC_ERRNO_UNKNOWN
|
||||
#define _AC_ERRNO_UNKNOWN "unknown error"
|
||||
|
||||
#ifdef HAVE_SYS_ERRLIST
|
||||
/* this is thread safe */
|
||||
# define STRERROR(e) ( (e) > -1 && (e) < sys_nerr \
|
||||
? sys_errlist[(e)] : _AC_ERRNO_UNKNOWN )
|
||||
|
||||
#elif defined( HAVE_STRERROR )
|
||||
/* this may not be thread safe */
|
||||
/* and, yes, some implementations of strerror may return NULL */
|
||||
# define STRERROR(e) ( strerror(e) \
|
||||
? strerror(e) : _AC_ERRNO_UNKNOWN )
|
||||
|
||||
#else
|
||||
#define STRERROR(err) \
|
||||
((err) > -1 && (err) < sys_nerr ? sys_errlist[(err)] : "unknown")
|
||||
/* this is thread safe */
|
||||
# define STRERROR(e) ( _AC_ERRNO_UNKNOWN )
|
||||
#endif
|
||||
|
||||
#endif /* _AC_ERRNO_H */
|
||||
|
||||
@ -914,7 +914,7 @@ sb_debug_read( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len )
|
||||
if ( ret < 0 ) {
|
||||
ber_log_printf( LDAP_DEBUG_PACKETS, sbiod->sbiod_sb->sb_debug,
|
||||
"%sread: want=%ld error=%s\n", (char *)sbiod->sbiod_pvt,
|
||||
(long)len, strerror( errno ) );
|
||||
(long)len, STRERROR( errno ) );
|
||||
}
|
||||
else {
|
||||
ber_log_printf( LDAP_DEBUG_PACKETS, sbiod->sbiod_sb->sb_debug,
|
||||
@ -936,7 +936,7 @@ sb_debug_write( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len )
|
||||
ber_log_printf( LDAP_DEBUG_PACKETS, sbiod->sbiod_sb->sb_debug,
|
||||
"%swrite: want=%ld error=%s\n",
|
||||
(char *)sbiod->sbiod_pvt, (long)len,
|
||||
strerror( errno ) );
|
||||
STRERROR( errno ) );
|
||||
}
|
||||
else {
|
||||
ber_log_printf( LDAP_DEBUG_PACKETS, sbiod->sbiod_sb->sb_debug,
|
||||
|
||||
@ -83,7 +83,7 @@ ldap_pvt_close_socket(LDAP *ld, int s)
|
||||
"ldap_is_socket_ready: errror on socket %d: errno: %d (%s)\n", \
|
||||
s, \
|
||||
errno, \
|
||||
strerror(errno) ); \
|
||||
STRERROR(errno) ); \
|
||||
} while( 0 )
|
||||
|
||||
/*
|
||||
|
||||
@ -160,6 +160,12 @@ ldap_pvt_thread_pool_submit (
|
||||
return(0);
|
||||
}
|
||||
|
||||
int
|
||||
ldap_pvt_thread_pool_maxthreads ( ldap_pvt_thread_pool_t *tpool, int max_threads )
|
||||
{
|
||||
return(0);
|
||||
}
|
||||
|
||||
int
|
||||
ldap_pvt_thread_pool_backload (
|
||||
ldap_pvt_thread_pool_t *pool )
|
||||
|
||||
@ -135,11 +135,8 @@ int ldbm_initialize( void )
|
||||
if ( err ) {
|
||||
char error[BUFSIZ];
|
||||
|
||||
if ( err < 0 ) {
|
||||
sprintf( error, "%ld\n", (long) err );
|
||||
} else {
|
||||
sprintf( error, "%s\n", strerror( err ));
|
||||
}
|
||||
sprintf( error, "%s (%d)\n", STRERROR( err ), err );
|
||||
|
||||
#ifdef LDAP_SYSLOG
|
||||
syslog( LOG_INFO,
|
||||
"ldbm_initialize(): FATAL error in db_appinit() : %s\n",
|
||||
@ -158,11 +155,8 @@ int ldbm_initialize( void )
|
||||
{
|
||||
char error[BUFSIZ];
|
||||
|
||||
if ( err < 0 ) {
|
||||
sprintf( error, "%ld\n", (long) err );
|
||||
} else {
|
||||
sprintf( error, "%s\n", strerror( err ));
|
||||
}
|
||||
sprintf( error, "%s (%d)\n", STRERROR( err ), err );
|
||||
|
||||
#ifdef LDAP_SYSLOG
|
||||
syslog( LOG_INFO,
|
||||
"ldbm_initialize(): FATAL error in db_appinit() : %s\n",
|
||||
@ -233,11 +227,8 @@ ldbm_open( char *name, int rw, int mode, int dbcachesize )
|
||||
{
|
||||
char error[BUFSIZ];
|
||||
|
||||
if ( err < 0 ) {
|
||||
sprintf( error, "%ld\n", (long) err );
|
||||
} else {
|
||||
sprintf( error, "%s\n", strerror( err ));
|
||||
}
|
||||
sprintf( error, "%s (%d)\n", STRERROR( err ), err );
|
||||
|
||||
(void)ret->close(ret, 0);
|
||||
return NULL;
|
||||
}
|
||||
@ -251,11 +242,8 @@ ldbm_open( char *name, int rw, int mode, int dbcachesize )
|
||||
{
|
||||
char error[BUFSIZ];
|
||||
|
||||
if ( err < 0 ) {
|
||||
sprintf( error, "%ld\n", (long) err );
|
||||
} else {
|
||||
sprintf( error, "%s\n", strerror( err ));
|
||||
}
|
||||
sprintf( error, "%s (%d)\n", STRERROR( err ), err );
|
||||
|
||||
(void)ret->close(ret, 0);
|
||||
return NULL;
|
||||
}
|
||||
@ -383,13 +371,9 @@ ldbm_store( LDBM ldbm, Datum key, Datum data, int flags )
|
||||
{
|
||||
char error[BUFSIZ];
|
||||
|
||||
if ( rc < 0 ) {
|
||||
sprintf( error, "%ld\n", (long) rc );
|
||||
} else {
|
||||
sprintf( error, "%s\n", strerror( rc ));
|
||||
}
|
||||
sprintf( error, "%s (%d)\n", STRERROR( rc ), rc );
|
||||
}
|
||||
rc = (-1) * rc;
|
||||
rc = (-1) * rc;
|
||||
|
||||
#elif DB_VERSION_MAJOR >= 2
|
||||
rc = (*ldbm->put)( ldbm, NULL, &key, &data, flags & ~LDBM_SYNC );
|
||||
|
||||
@ -160,7 +160,7 @@ sslapd: version.o
|
||||
|
||||
.backend: $(@PLAT@_IMPLIB) FORCE
|
||||
@for i in back-*; do \
|
||||
if [ -d $$i ]; then \
|
||||
if [ -d $$i -a -f $$i/Makefile ]; then \
|
||||
echo " "; echo " cd $$i; $(MAKE) $(MFLAGS) all"; \
|
||||
( cd $$i; $(MAKE) $(MFLAGS) all ); \
|
||||
if test $$? != 0 ; then exit 1; fi ; \
|
||||
@ -197,7 +197,7 @@ version.c: $(OBJS) $(SLAPD_LIBDEPEND)
|
||||
|
||||
depend-local-srv: FORCE
|
||||
@for i in back-* shell-backends tools; do \
|
||||
if [ -d $$i ]; then \
|
||||
if [ -d $$i -a -f $$i/Makefile ]; then \
|
||||
echo; echo " cd $$i; $(MAKE) $(MFLAGS) depend"; \
|
||||
( cd $$i; $(MAKE) $(MFLAGS) depend ); \
|
||||
if test $$? != 0 ; then exit 1; fi ; \
|
||||
@ -210,7 +210,7 @@ clean-local:
|
||||
|
||||
clean-local-srv: FORCE
|
||||
@for i in back-* shell-backends tools; do \
|
||||
if [ -d $$i ]; then \
|
||||
if [ -d $$i -a -f $$i/Makefile ]; then \
|
||||
echo; echo " cd $$i; $(MAKE) $(MFLAGS) clean"; \
|
||||
( cd $$i; $(MAKE) $(MFLAGS) clean ); \
|
||||
if test $$? != 0 ; then exit 1; fi ; \
|
||||
@ -220,7 +220,7 @@ clean-local-srv: FORCE
|
||||
|
||||
veryclean-local-srv: FORCE
|
||||
@for i in back-* shell-backends tools; do \
|
||||
if [ -d $$i ]; then \
|
||||
if [ -d $$i -a -f $$i/Makefile ]; then \
|
||||
echo; echo " cd $$i; $(MAKE) $(MFLAGS) clean"; \
|
||||
( cd $$i; $(MAKE) $(MFLAGS) veryclean ); \
|
||||
fi; \
|
||||
@ -235,7 +235,7 @@ install-slapd: FORCE
|
||||
slapd$(EXEEXT) $(DESTDIR)$(libexecdir)
|
||||
@if [ ! -z "$(SLAPD_MODULES)" ]; then \
|
||||
for i in back-* shell-backends tools; do \
|
||||
if [ -d $$i ]; then \
|
||||
if [ -d $$i -a -f $$i/Makefile ]; then \
|
||||
echo; echo " cd $$i; $(MAKE) $(MFLAGS) install"; \
|
||||
( cd $$i; $(MAKE) $(MFLAGS) install ); \
|
||||
if test $$? != 0 ; then exit 1; fi ; \
|
||||
|
||||
@ -961,9 +961,9 @@ aci_set_gather (void *cookie, char *name, char *attr)
|
||||
|
||||
if ((ndn = ch_strdup(name)) != NULL) {
|
||||
if (dn_normalize(ndn) != NULL) {
|
||||
char *text;
|
||||
const char *text;
|
||||
AttributeDescription *desc = NULL;
|
||||
if (slap_str2ad(attr, &desc, &text) == 0) {
|
||||
if (slap_str2ad(attr, &desc, &text) == LDAP_SUCCESS) {
|
||||
backend_attribute(cp->be, NULL /*cp->conn*/,
|
||||
NULL /*cp->op*/, cp->e,
|
||||
ndn, desc, &bvals);
|
||||
@ -1012,7 +1012,7 @@ aci_match_set (
|
||||
char *subjdn;
|
||||
char *setat;
|
||||
struct berval **bvals;
|
||||
char *text;
|
||||
const char *text;
|
||||
AttributeDescription *desc = NULL;
|
||||
|
||||
/* format of string is "entry/setAttrName" */
|
||||
@ -1032,7 +1032,7 @@ aci_match_set (
|
||||
}
|
||||
if ( setat != NULL ) {
|
||||
if ( dn_normalize(subjdn) != NULL
|
||||
&& slap_str2ad(setat, &desc, &text) == 0 )
|
||||
&& slap_str2ad(setat, &desc, &text) == LDAP_SUCCESS )
|
||||
{
|
||||
backend_attribute(be, NULL, NULL, e,
|
||||
subjdn, desc, &bvals);
|
||||
|
||||
@ -216,19 +216,28 @@ do_bind(
|
||||
ldap_pvt_thread_mutex_lock( &conn->c_mutex );
|
||||
|
||||
if ( conn->c_sasl_bind_mech != NULL ) {
|
||||
if((strcmp(conn->c_sasl_bind_mech, mech) != 0)) {
|
||||
/* mechanism changed, cancel in progress bind */
|
||||
/* SASL bind is in progress */
|
||||
#ifdef HAVE_CYRUS_SASL
|
||||
assert( conn->c_sasl_bind_context != NULL );
|
||||
#endif
|
||||
|
||||
if((strcmp(conn->c_sasl_bind_mech, mech) != 0)) {
|
||||
/* mechanism changed */
|
||||
#ifdef HAVE_CYRUS_SASL
|
||||
/* dispose of context */
|
||||
sasl_dispose(&conn->c_sasl_bind_context);
|
||||
conn->c_sasl_bind_context = NULL;
|
||||
#endif
|
||||
}
|
||||
|
||||
free( conn->c_sasl_bind_mech );
|
||||
conn->c_sasl_bind_mech = NULL;
|
||||
|
||||
#ifdef LDAP_DEBUG
|
||||
#ifdef HAVE_CYRUS_SASL
|
||||
} else {
|
||||
/* SASL bind is NOT in progress */
|
||||
assert( conn->c_sasl_bind_mech == NULL );
|
||||
#ifdef HAVE_CYRUS_SASL
|
||||
assert( conn->c_sasl_bind_context == NULL );
|
||||
#endif
|
||||
#endif
|
||||
@ -256,7 +265,7 @@ do_bind(
|
||||
|
||||
#ifdef HAVE_CYRUS_SASL
|
||||
} else {
|
||||
assert( conn->c_sasl_bind_context != NULL );
|
||||
assert( conn->c_sasl_bind_context == NULL );
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -374,6 +383,24 @@ do_bind(
|
||||
}
|
||||
|
||||
cleanup:
|
||||
if( rc != LDAP_SASL_BIND_IN_PROGRESS ) {
|
||||
ldap_pvt_thread_mutex_lock( &conn->c_mutex );
|
||||
|
||||
/* dispose of mech */
|
||||
free( conn->c_sasl_bind_mech );
|
||||
conn->c_sasl_bind_mech = NULL;
|
||||
|
||||
#ifdef HAVE_CYRUS_SASL
|
||||
if( conn->c_sasl_bind_context != NULL ) {
|
||||
/* dispose of context */
|
||||
sasl_dispose(&conn->c_sasl_bind_context);
|
||||
conn->c_sasl_bind_context = NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
|
||||
}
|
||||
|
||||
if( dn != NULL ) {
|
||||
free( dn );
|
||||
}
|
||||
|
||||
@ -105,6 +105,7 @@ int sasl_init( void )
|
||||
slap_sasl_mutex_unlock,
|
||||
slap_sasl_mutex_dispose );
|
||||
|
||||
/* server name should be configurable */
|
||||
rc = sasl_server_init( NULL, "slapd" );
|
||||
|
||||
if( rc != SASL_OK ) {
|
||||
@ -134,6 +135,7 @@ int sasl_init( void )
|
||||
|
||||
#ifndef SLAPD_IGNORE_RFC2829
|
||||
{
|
||||
/* security flags should be configurable */
|
||||
sasl_security_properties_t secprops;
|
||||
memset(&secprops, '\0', sizeof(secprops));
|
||||
secprops.security_flags = SASL_SEC_NOPLAINTEXT | SASL_SEC_NOANONYMOUS;
|
||||
@ -237,13 +239,15 @@ int sasl_bind(
|
||||
callbacks, SASL_SECURITY_LAYER, &conn->c_sasl_bind_context );
|
||||
|
||||
if( sc != SASL_OK ) {
|
||||
send_ldap_result( conn, op, rc = LDAP_AUTH_METHOD_NOT_SUPPORTED,
|
||||
NULL, NULL, NULL, NULL );
|
||||
send_ldap_result( conn, op, rc = slap_sasl_err2ldap( sc ),
|
||||
NULL, "could not create new SASL context", NULL, NULL );
|
||||
|
||||
} else {
|
||||
unsigned reslen;
|
||||
conn->c_authmech = ch_strdup( mech );
|
||||
|
||||
sc = sasl_server_start( conn->c_sasl_bind_context, conn->c_authmech,
|
||||
sc = sasl_server_start( conn->c_sasl_bind_context,
|
||||
conn->c_authmech,
|
||||
cred->bv_val, cred->bv_len,
|
||||
(char **)&response.bv_val, &reslen, &errstr );
|
||||
|
||||
@ -254,9 +258,11 @@ int sasl_bind(
|
||||
NULL, errstr, NULL, NULL );
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
unsigned reslen;
|
||||
sc = sasl_server_step( conn->c_sasl_bind_context, cred->bv_val, cred->bv_len,
|
||||
sc = sasl_server_step( conn->c_sasl_bind_context,
|
||||
cred->bv_val, cred->bv_len,
|
||||
(char **)&response.bv_val, &reslen, &errstr );
|
||||
|
||||
response.bv_len = reslen;
|
||||
@ -270,26 +276,35 @@ int sasl_bind(
|
||||
if ( sc == SASL_OK ) {
|
||||
char *authzid;
|
||||
|
||||
if ( ( sc = sasl_getprop( conn->c_sasl_bind_context, SASL_USERNAME,
|
||||
(void **)&authzid ) ) != SASL_OK ) {
|
||||
sc = sasl_getprop( conn->c_sasl_bind_context, SASL_USERNAME,
|
||||
(void **)&authzid );
|
||||
|
||||
if ( sc != SASL_OK ) {
|
||||
send_ldap_result( conn, op, rc = slap_sasl_err2ldap( sc ),
|
||||
NULL, NULL, NULL, NULL );
|
||||
NULL, "no SASL username", NULL, NULL );
|
||||
|
||||
} else {
|
||||
Debug(LDAP_DEBUG_TRACE, "<== sasl_bind: username=%s\n",
|
||||
Debug(LDAP_DEBUG_TRACE, "sasl_bind: username=%s\n",
|
||||
authzid, 0, 0);
|
||||
|
||||
if( strncasecmp( authzid, "anonymous", sizeof("anonyous")-1 ) &&
|
||||
if( !strncasecmp( authzid, "anonymous", sizeof("anonyous")-1 ) &&
|
||||
( ( authzid[sizeof("anonymous")] == '\0' ) ||
|
||||
( authzid[sizeof("anonymous")] == '@' ) ) )
|
||||
( authzid[sizeof("anonymous")] == '@' ) ) )
|
||||
{
|
||||
Debug(LDAP_DEBUG_TRACE, "<== sasl_bind: anonymous\n",
|
||||
0, 0, 0);
|
||||
|
||||
} else {
|
||||
*edn = ch_malloc( sizeof( "authzid=" ) + strlen( authzid ) );
|
||||
strcpy( *edn, "authzid=" );
|
||||
strcat( *edn, authzid );
|
||||
|
||||
Debug(LDAP_DEBUG_TRACE, "<== sasl_bind: authzdn: \"%s\"\n",
|
||||
*edn, 0, 0);
|
||||
}
|
||||
|
||||
send_ldap_result( conn, op, rc = LDAP_SUCCESS,
|
||||
NULL, NULL, NULL, NULL );
|
||||
send_ldap_sasl( conn, op, rc = LDAP_SUCCESS,
|
||||
NULL, NULL, NULL, NULL, &response );
|
||||
}
|
||||
|
||||
} else if ( sc == SASL_CONTINUE ) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user