mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
Make slap_passwd_parse non-destructive
This commit is contained in:
parent
a3547e2758
commit
ebb9e029a7
@ -125,11 +125,9 @@ ldap_back_exop_passwd(
|
||||
assert( rs->sr_ctrls == NULL );
|
||||
|
||||
if ( BER_BVISNULL( &ndn ) && op->ore_reqdata != NULL ) {
|
||||
/* NOTE: most of this code is mutuated
|
||||
* from slap_passwd_parse(); we can't call
|
||||
* that function since now the request data
|
||||
* has been destroyed by NULL-terminating
|
||||
* the bervals. Luckily enough, we only need
|
||||
/* NOTE: most of this code is mutated
|
||||
* from slap_passwd_parse();
|
||||
* But here we only need
|
||||
* the first berval... */
|
||||
|
||||
ber_tag_t tag;
|
||||
@ -154,7 +152,7 @@ ldap_back_exop_passwd(
|
||||
|
||||
tag = ber_peek_tag( ber, &len );
|
||||
if ( tag == LDAP_TAG_EXOP_MODIFY_PASSWD_ID ) {
|
||||
tag = ber_scanf( ber, "m", &tmpid );
|
||||
tag = ber_get_stringbv( ber, &tmpid, LBER_BV_NOTERM );
|
||||
|
||||
if ( tag == LBER_ERROR ) {
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
@ -162,8 +160,11 @@ ldap_back_exop_passwd(
|
||||
}
|
||||
|
||||
if ( !BER_BVISEMPTY( &tmpid ) ) {
|
||||
char idNull = tmpid.bv_val[tmpid.bv_len];
|
||||
tmpid.bv_val[tmpid.bv_len] = '\0';
|
||||
rs->sr_err = dnPrettyNormal( NULL, &tmpid, &dn,
|
||||
&ndn, op->o_tmpmemctx );
|
||||
tmpid.bv_val[tmpid.bv_len] = idNull;
|
||||
if ( rs->sr_err != LDAP_SUCCESS ) {
|
||||
/* should have been successfully parsed earlier! */
|
||||
return rs->sr_err;
|
||||
|
@ -844,8 +844,11 @@ rwm_exop_passwd( Operation *op, SlapReply *rs )
|
||||
}
|
||||
|
||||
if ( !BER_BVISNULL( &id ) ) {
|
||||
char idNul = id.bv_val[id.bv_len];
|
||||
id.bv_val[id.bv_len] = '\0';
|
||||
rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
|
||||
&op->o_req_ndn, op->o_tmpmemctx );
|
||||
id.bv_val[id.bv_len] = idNul;
|
||||
if ( rs->sr_err != LDAP_SUCCESS ) {
|
||||
rs->sr_text = "Invalid DN";
|
||||
return rs->sr_err;
|
||||
@ -865,27 +868,6 @@ rwm_exop_passwd( Operation *op, SlapReply *rs )
|
||||
return -1;
|
||||
}
|
||||
|
||||
ber = ber_alloc_t( LBER_USE_DER );
|
||||
if ( !ber ) {
|
||||
rs->sr_err = LDAP_OTHER;
|
||||
rs->sr_text = "No memory";
|
||||
return rs->sr_err;
|
||||
}
|
||||
ber_printf( ber, "{" );
|
||||
if ( !BER_BVISNULL( &id )) {
|
||||
ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_ID,
|
||||
&op->o_req_dn );
|
||||
}
|
||||
if ( !BER_BVISNULL( &pwold )) {
|
||||
ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &pwold );
|
||||
}
|
||||
if ( !BER_BVISNULL( &pwnew )) {
|
||||
ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &pwnew );
|
||||
}
|
||||
ber_printf( ber, "N}" );
|
||||
ber_flatten( ber, &op->ore_reqdata );
|
||||
ber_free( ber, 1 );
|
||||
|
||||
op->o_callback = &roc->cb;
|
||||
|
||||
return SLAP_CB_CONTINUE;
|
||||
|
@ -53,7 +53,7 @@ int passwd_extop(
|
||||
Modifications *ml;
|
||||
slap_callback cb = { NULL, slap_null_cb, NULL, NULL };
|
||||
int i, nhash;
|
||||
char **hashes;
|
||||
char **hashes, idNul;
|
||||
int rc;
|
||||
BackendDB *op_be;
|
||||
int freenewpw = 0;
|
||||
@ -77,6 +77,10 @@ int passwd_extop(
|
||||
rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id,
|
||||
&qpw->rs_old, &qpw->rs_new, &rs->sr_text );
|
||||
|
||||
if ( !BER_BVISNULL( &id )) {
|
||||
idNul = id.bv_val[id.bv_len];
|
||||
id.bv_val[id.bv_len] = '\0';
|
||||
}
|
||||
if ( rs->sr_err == LDAP_SUCCESS && !BER_BVISEMPTY( &id ) ) {
|
||||
Statslog( LDAP_DEBUG_STATS, "%s PASSMOD id=\"%s\"%s%s\n",
|
||||
op->o_log_prefix, id.bv_val,
|
||||
@ -90,12 +94,15 @@ int passwd_extop(
|
||||
}
|
||||
|
||||
if ( rs->sr_err != LDAP_SUCCESS ) {
|
||||
if ( !BER_BVISNULL( &id ))
|
||||
id.bv_val[id.bv_len] = idNul;
|
||||
return rs->sr_err;
|
||||
}
|
||||
|
||||
if ( !BER_BVISEMPTY( &id ) ) {
|
||||
rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
|
||||
&op->o_req_ndn, op->o_tmpmemctx );
|
||||
id.bv_val[id.bv_len] = idNul;
|
||||
if ( rs->sr_err != LDAP_SUCCESS ) {
|
||||
rs->sr_text = "Invalid DN";
|
||||
rc = rs->sr_err;
|
||||
@ -318,6 +325,10 @@ error_return:;
|
||||
return rc;
|
||||
}
|
||||
|
||||
/* NOTE: The DN in *id is NOT NUL-terminated here. dnNormalize will
|
||||
* reject it in this condition, the caller must NUL-terminate it.
|
||||
* FIXME: should dnNormalize still be complaining about that?
|
||||
*/
|
||||
int slap_passwd_parse( struct berval *reqdata,
|
||||
struct berval *id,
|
||||
struct berval *oldpass,
|
||||
@ -342,9 +353,9 @@ int slap_passwd_parse( struct berval *reqdata,
|
||||
/* ber_init2 uses reqdata directly, doesn't allocate new buffers */
|
||||
ber_init2( ber, reqdata, 0 );
|
||||
|
||||
tag = ber_scanf( ber, "{" /*}*/ );
|
||||
tag = ber_skip_tag( ber, &len );
|
||||
|
||||
if( tag == LBER_ERROR ) {
|
||||
if( tag != LBER_SEQUENCE ) {
|
||||
Debug( LDAP_DEBUG_TRACE,
|
||||
"slap_passwd_parse: decoding error\n", 0, 0, 0 );
|
||||
rc = LDAP_PROTOCOL_ERROR;
|
||||
@ -362,7 +373,7 @@ int slap_passwd_parse( struct berval *reqdata,
|
||||
goto done;
|
||||
}
|
||||
|
||||
tag = ber_scanf( ber, "m", id );
|
||||
tag = ber_get_stringbv( ber, id, LBER_BV_NOTERM );
|
||||
|
||||
if( tag == LBER_ERROR ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: ID parse failed.\n",
|
||||
@ -384,7 +395,7 @@ int slap_passwd_parse( struct berval *reqdata,
|
||||
goto done;
|
||||
}
|
||||
|
||||
tag = ber_scanf( ber, "m", oldpass );
|
||||
tag = ber_get_stringbv( ber, oldpass, LBER_BV_NOTERM );
|
||||
|
||||
if( tag == LBER_ERROR ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: OLD parse failed.\n",
|
||||
@ -415,7 +426,7 @@ int slap_passwd_parse( struct berval *reqdata,
|
||||
goto done;
|
||||
}
|
||||
|
||||
tag = ber_scanf( ber, "m", newpass );
|
||||
tag = ber_get_stringbv( ber, newpass, LBER_BV_NOTERM );
|
||||
|
||||
if( tag == LBER_ERROR ) {
|
||||
Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: NEW parse failed.\n",
|
||||
|
Loading…
Reference in New Issue
Block a user