Make slap_passwd_parse non-destructive

This commit is contained in:
Howard Chu 2007-09-23 04:40:51 +00:00
parent a3547e2758
commit ebb9e029a7
3 changed files with 27 additions and 33 deletions

View File

@ -125,11 +125,9 @@ ldap_back_exop_passwd(
assert( rs->sr_ctrls == NULL );
if ( BER_BVISNULL( &ndn ) && op->ore_reqdata != NULL ) {
/* NOTE: most of this code is mutuated
* from slap_passwd_parse(); we can't call
* that function since now the request data
* has been destroyed by NULL-terminating
* the bervals. Luckily enough, we only need
/* NOTE: most of this code is mutated
* from slap_passwd_parse();
* But here we only need
* the first berval... */
ber_tag_t tag;
@ -154,7 +152,7 @@ ldap_back_exop_passwd(
tag = ber_peek_tag( ber, &len );
if ( tag == LDAP_TAG_EXOP_MODIFY_PASSWD_ID ) {
tag = ber_scanf( ber, "m", &tmpid );
tag = ber_get_stringbv( ber, &tmpid, LBER_BV_NOTERM );
if ( tag == LBER_ERROR ) {
return LDAP_PROTOCOL_ERROR;
@ -162,8 +160,11 @@ ldap_back_exop_passwd(
}
if ( !BER_BVISEMPTY( &tmpid ) ) {
char idNull = tmpid.bv_val[tmpid.bv_len];
tmpid.bv_val[tmpid.bv_len] = '\0';
rs->sr_err = dnPrettyNormal( NULL, &tmpid, &dn,
&ndn, op->o_tmpmemctx );
tmpid.bv_val[tmpid.bv_len] = idNull;
if ( rs->sr_err != LDAP_SUCCESS ) {
/* should have been successfully parsed earlier! */
return rs->sr_err;

View File

@ -844,8 +844,11 @@ rwm_exop_passwd( Operation *op, SlapReply *rs )
}
if ( !BER_BVISNULL( &id ) ) {
char idNul = id.bv_val[id.bv_len];
id.bv_val[id.bv_len] = '\0';
rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
&op->o_req_ndn, op->o_tmpmemctx );
id.bv_val[id.bv_len] = idNul;
if ( rs->sr_err != LDAP_SUCCESS ) {
rs->sr_text = "Invalid DN";
return rs->sr_err;
@ -865,27 +868,6 @@ rwm_exop_passwd( Operation *op, SlapReply *rs )
return -1;
}
ber = ber_alloc_t( LBER_USE_DER );
if ( !ber ) {
rs->sr_err = LDAP_OTHER;
rs->sr_text = "No memory";
return rs->sr_err;
}
ber_printf( ber, "{" );
if ( !BER_BVISNULL( &id )) {
ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_ID,
&op->o_req_dn );
}
if ( !BER_BVISNULL( &pwold )) {
ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &pwold );
}
if ( !BER_BVISNULL( &pwnew )) {
ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &pwnew );
}
ber_printf( ber, "N}" );
ber_flatten( ber, &op->ore_reqdata );
ber_free( ber, 1 );
op->o_callback = &roc->cb;
return SLAP_CB_CONTINUE;

View File

@ -53,7 +53,7 @@ int passwd_extop(
Modifications *ml;
slap_callback cb = { NULL, slap_null_cb, NULL, NULL };
int i, nhash;
char **hashes;
char **hashes, idNul;
int rc;
BackendDB *op_be;
int freenewpw = 0;
@ -77,6 +77,10 @@ int passwd_extop(
rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id,
&qpw->rs_old, &qpw->rs_new, &rs->sr_text );
if ( !BER_BVISNULL( &id )) {
idNul = id.bv_val[id.bv_len];
id.bv_val[id.bv_len] = '\0';
}
if ( rs->sr_err == LDAP_SUCCESS && !BER_BVISEMPTY( &id ) ) {
Statslog( LDAP_DEBUG_STATS, "%s PASSMOD id=\"%s\"%s%s\n",
op->o_log_prefix, id.bv_val,
@ -90,12 +94,15 @@ int passwd_extop(
}
if ( rs->sr_err != LDAP_SUCCESS ) {
if ( !BER_BVISNULL( &id ))
id.bv_val[id.bv_len] = idNul;
return rs->sr_err;
}
if ( !BER_BVISEMPTY( &id ) ) {
rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
&op->o_req_ndn, op->o_tmpmemctx );
id.bv_val[id.bv_len] = idNul;
if ( rs->sr_err != LDAP_SUCCESS ) {
rs->sr_text = "Invalid DN";
rc = rs->sr_err;
@ -318,6 +325,10 @@ error_return:;
return rc;
}
/* NOTE: The DN in *id is NOT NUL-terminated here. dnNormalize will
* reject it in this condition, the caller must NUL-terminate it.
* FIXME: should dnNormalize still be complaining about that?
*/
int slap_passwd_parse( struct berval *reqdata,
struct berval *id,
struct berval *oldpass,
@ -342,9 +353,9 @@ int slap_passwd_parse( struct berval *reqdata,
/* ber_init2 uses reqdata directly, doesn't allocate new buffers */
ber_init2( ber, reqdata, 0 );
tag = ber_scanf( ber, "{" /*}*/ );
tag = ber_skip_tag( ber, &len );
if( tag == LBER_ERROR ) {
if( tag != LBER_SEQUENCE ) {
Debug( LDAP_DEBUG_TRACE,
"slap_passwd_parse: decoding error\n", 0, 0, 0 );
rc = LDAP_PROTOCOL_ERROR;
@ -362,7 +373,7 @@ int slap_passwd_parse( struct berval *reqdata,
goto done;
}
tag = ber_scanf( ber, "m", id );
tag = ber_get_stringbv( ber, id, LBER_BV_NOTERM );
if( tag == LBER_ERROR ) {
Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: ID parse failed.\n",
@ -384,7 +395,7 @@ int slap_passwd_parse( struct berval *reqdata,
goto done;
}
tag = ber_scanf( ber, "m", oldpass );
tag = ber_get_stringbv( ber, oldpass, LBER_BV_NOTERM );
if( tag == LBER_ERROR ) {
Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: OLD parse failed.\n",
@ -415,7 +426,7 @@ int slap_passwd_parse( struct berval *reqdata,
goto done;
}
tag = ber_scanf( ber, "m", newpass );
tag = ber_get_stringbv( ber, newpass, LBER_BV_NOTERM );
if( tag == LBER_ERROR ) {
Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: NEW parse failed.\n",