From d82a1127d091231eb6dea4c0fd87a0e1f935d7f3 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Wed, 5 Jan 2011 22:54:20 +0000 Subject: [PATCH] allow clients to set USERNAME in session tracking control request (6779); plug minor leaks --- clients/tools/common.c | 38 ++++++++++++++++++++++++++++++++------ doc/man/man1/ldapcompare.1 | 2 +- doc/man/man1/ldapdelete.1 | 2 +- doc/man/man1/ldapexop.1 | 2 +- doc/man/man1/ldapmodify.1 | 2 +- doc/man/man1/ldapmodrdn.1 | 2 +- doc/man/man1/ldappasswd.1 | 2 +- doc/man/man1/ldapsearch.1 | 2 +- doc/man/man1/ldapurl.1 | 2 +- doc/man/man1/ldapwhoami.1 | 2 +- 10 files changed, 41 insertions(+), 15 deletions(-) diff --git a/clients/tools/common.c b/clients/tools/common.c index 7a7bb9ff38..5ef5b4fa91 100644 --- a/clients/tools/common.c +++ b/clients/tools/common.c @@ -120,6 +120,7 @@ static int chainingContinuation = -1; #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */ #ifdef LDAP_CONTROL_X_SESSION_TRACKING static int sessionTracking = 0; +static char *sessionTrackingName; struct berval stValue; #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ ber_int_t vlvPos; @@ -207,6 +208,9 @@ st_value( LDAP *ld, struct berval *value ) } } + if ( sessionTrackingName != NULL ) { + ber_str2bv( sessionTrackingName , 0, 0, &id ); + } else #ifdef HAVE_CYRUS_SASL if ( sasl_authz_id != NULL ) { ber_str2bv( sasl_authz_id, 0, 0, &id ); @@ -277,6 +281,13 @@ tool_destroy( void ) BER_BVZERO( &passwd ); } +#ifdef HAVE_CYRUS_SASL + if ( sasl_mech != NULL ) { + ber_memfree( sasl_mech ); + sasl_mech = NULL; + } +#endif /* HAVE_CYRUS_SASL */ + if ( infile != NULL ) { ber_memfree( infile ); infile = NULL; @@ -306,6 +317,18 @@ tool_destroy( void ) ber_memfree( postread_attrs ); postread_attrs = NULL; } + +#ifdef LDAP_CONTROL_X_SESSION_TRACKING + if ( !BER_BVISNULL( &stValue ) ) { + ber_memfree( stValue.bv_val ); + BER_BVZERO( &stValue ); + } + + if ( sessionTrackingName ) { + ber_memfree( sessionTrackingName ); + sessionTrackingName = NULL; + } +#endif /* LDAP_CONTROL_X_SESSION_TRACKING */ } void @@ -338,7 +361,7 @@ N_(" [!]postread[=] (RFC 4527; comma-separated attr list)\n" N_(" [!]preread[=] (RFC 4527; comma-separated attr list)\n") N_(" [!]relax\n") #ifdef LDAP_CONTROL_X_SESSION_TRACKING -N_(" [!]sessiontracking\n") +N_(" [!]sessiontracking[=]\n") #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ N_(" abandon, cancel, ignore (SIGINT sends abandon/cancel,\n" " or ignores response; if critical, doesn't wait for SIGINT.\n" @@ -671,10 +694,13 @@ tool_args( int argc, char **argv ) exit( EXIT_FAILURE ); } sessionTracking = 1; - if( crit ) { + if ( crit ) { fprintf( stderr, "sessiontracking: critical flag not allowed\n" ); usage(); } + if ( cvalue ) { + sessionTrackingName = ber_strdup( cvalue ); + } #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ /* this shouldn't go here, really; but it's a feature... */ @@ -1471,13 +1497,13 @@ tool_bind( LDAP *ld ) if ( sessionTracking ) { LDAPControl c; - if (stValue.bv_val == NULL && st_value( ld, &stValue ) ) { + if ( BER_BVISNULL( &stValue) && st_value( ld, &stValue ) ) { exit( EXIT_FAILURE ); } c.ldctl_oid = LDAP_CONTROL_X_SESSION_TRACKING; c.ldctl_iscritical = 0; - ber_dupbv( &c.ldctl_value, &stValue ); + c.ldctl_value = stValue; sctrl[nsctrls] = c; sctrls[nsctrls] = &sctrl[nsctrls]; @@ -1904,13 +1930,13 @@ tool_server_controls( LDAP *ld, LDAPControl *extra_c, int count ) #ifdef LDAP_CONTROL_X_SESSION_TRACKING if ( sessionTracking ) { - if ( stValue.bv_val == NULL && st_value( ld, &stValue ) ) { + if ( BER_BVISNULL( &stValue ) && st_value( ld, &stValue ) ) { exit( EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_SESSION_TRACKING; c[i].ldctl_iscritical = 0; - ber_dupbv( &c[i].ldctl_value, &stValue ); + c[i].ldctl_value = stValue; ctrls[i] = &c[i]; i++; diff --git a/doc/man/man1/ldapcompare.1 b/doc/man/man1/ldapcompare.1 index 75260d1b97..18b1ef13d0 100644 --- a/doc/man/man1/ldapcompare.1 +++ b/doc/man/man1/ldapcompare.1 @@ -163,7 +163,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldapdelete.1 b/doc/man/man1/ldapdelete.1 index ffb5da5a47..cf5878a008 100644 --- a/doc/man/man1/ldapdelete.1 +++ b/doc/man/man1/ldapdelete.1 @@ -158,7 +158,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldapexop.1 b/doc/man/man1/ldapexop.1 index d20907cfa7..f14401327c 100644 --- a/doc/man/man1/ldapexop.1 +++ b/doc/man/man1/ldapexop.1 @@ -140,7 +140,7 @@ Specify general extensions. \'!\' indicates criticality. [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldapmodify.1 b/doc/man/man1/ldapmodify.1 index 8bddc963fe..0268012946 100644 --- a/doc/man/man1/ldapmodify.1 +++ b/doc/man/man1/ldapmodify.1 @@ -225,7 +225,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldapmodrdn.1 b/doc/man/man1/ldapmodrdn.1 index d0a20cac31..560b078f85 100644 --- a/doc/man/man1/ldapmodrdn.1 +++ b/doc/man/man1/ldapmodrdn.1 @@ -167,7 +167,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldappasswd.1 b/doc/man/man1/ldappasswd.1 index a9f597f402..365a364e7a 100644 --- a/doc/man/man1/ldappasswd.1 +++ b/doc/man/man1/ldappasswd.1 @@ -164,7 +164,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldapsearch.1 b/doc/man/man1/ldapsearch.1 index 8d65fc3b90..66bd726ed7 100644 --- a/doc/man/man1/ldapsearch.1 +++ b/doc/man/man1/ldapsearch.1 @@ -272,7 +272,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldapurl.1 b/doc/man/man1/ldapurl.1 index 4466f4e765..f27438f27b 100644 --- a/doc/man/man1/ldapurl.1 +++ b/doc/man/man1/ldapurl.1 @@ -76,7 +76,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) diff --git a/doc/man/man1/ldapwhoami.1 b/doc/man/man1/ldapwhoami.1 index 23aa2e1c93..9d2462863d 100644 --- a/doc/man/man1/ldapwhoami.1 +++ b/doc/man/man1/ldapwhoami.1 @@ -125,7 +125,7 @@ General extensions: [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax - sessiontracking + sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls)