Check for critical client controls.

2025-01-18 11:05:48 +08:00 · 2001-07-06 03:13:42 +00:00 · 2001-07-06 03:13:42 +00:00 · f61152ccbd
commit f61152ccbd
parent e03f96f093
11 changed files with 77 additions and 1 deletions
--- a/libraries/libldap/abandon.c
+++ b/libraries/libldap/abandon.c
@ -56,8 +56,13 @@ ldap_abandon_ext(
 	LDAPControl **sctrls,
 	LDAPControl **cctrls )
 {
+	int rc;
 	Debug( LDAP_DEBUG_TRACE, "ldap_abandon_ext %d\n", msgid, 0, 0 );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	return do_abandon( ld, msgid, msgid, sctrls, cctrls );
 }

@ -77,7 +82,7 @@ int
 ldap_abandon( LDAP *ld, int msgid )
 {
 	Debug( LDAP_DEBUG_TRACE, "ldap_abandon %d\n", msgid, 0, 0 );
-	return do_abandon( ld, msgid, msgid, NULL, NULL ) == LDAP_SUCCESS
+	return ldap_abandon_ext( ld, msgid, NULL, NULL ) == LDAP_SUCCESS
 		? 0 : -1;
 }

--- a/libraries/libldap/add.c
+++ b/libraries/libldap/add.c
@ -105,6 +105,10 @@ ldap_add_ext(
 	assert( dn != NULL );
 	assert( msgidp != NULL );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	/* create a message to send */
 	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
 		ld->ld_errno = LDAP_NO_MEMORY;
--- a/libraries/libldap/compare.c
+++ b/libraries/libldap/compare.c
@ -51,6 +51,7 @@ ldap_compare_ext(
 	LDAPControl **cctrls,
 	int	*msgidp )
 {
+	int rc;
 	BerElement	*ber;

 	Debug( LDAP_DEBUG_TRACE, "ldap_compare\n", 0, 0, 0 );
@ -61,6 +62,10 @@ ldap_compare_ext(
 	assert( attr != NULL );
 	assert( msgidp != NULL );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	/* create a message to send */
 	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
 		return( LDAP_NO_MEMORY );
--- a/libraries/libldap/controls.c
+++ b/libraries/libldap/controls.c
@ -441,3 +441,34 @@ ldap_create_control(
 	*ctrlp = ctrl;
 	return LDAP_SUCCESS;
 }
+
+/*
+ * check for critical client controls and bitch if present
+ * if we ever support critical controls, we'll have to
+ * find a means for maintaining per API call control
+ * information.
+ */
+int ldap_int_client_controls( LDAP *ld, LDAPControl **ctrls )
+{
+	LDAPControl *const *c;
+
+	assert( ld != NULL );
+
+	if( ctrls == NULL ) {
+		/* use default server controls */
+		ctrls = ld->ld_cctrls;
+	}
+
+	if( ctrls == NULL || *ctrls == NULL ) {
+		return LDAP_SUCCESS;
+	}
+
+	for( c = ctrls ; *c != NULL; c++ ) {
+		if( (*c)->ldctl_iscritical ) {
+			ld->ld_errno = LDAP_NOT_SUPPORTED;
+			return ld->ld_errno;
+		}
+	}
+
+	return LDAP_SUCCESS;
+}
--- a/libraries/libldap/delete.c
+++ b/libraries/libldap/delete.c
@ -45,6 +45,7 @@ ldap_delete_ext(
 	LDAPControl **cctrls,
 	int *msgidp )
 {
+	int rc;
 	BerElement	*ber;

 	Debug( LDAP_DEBUG_TRACE, "ldap_delete\n", 0, 0, 0 );
@ -54,6 +55,10 @@ ldap_delete_ext(
 	assert( dn != NULL );
 	assert( msgidp != NULL );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	/* create a message to send */
 	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
 		ld->ld_errno = LDAP_NO_MEMORY;
--- a/libraries/libldap/ldap-int.h
+++ b/libraries/libldap/ldap-int.h
@ -367,6 +367,9 @@ LDAP_F (int) ldap_int_put_controls LDAP_P((
 	LDAPControl *const *ctrls,
 	BerElement *ber ));

+LDAP_F (int) ldap_int_client_controls LDAP_P((
+	LDAP *ld,
+	LDAPControl **ctrlp ));

 /*
 * in dsparse.c
--- a/libraries/libldap/modify.c
+++ b/libraries/libldap/modify.c
@ -73,6 +73,10 @@ ldap_modify_ext( LDAP *ld,

 	Debug( LDAP_DEBUG_TRACE, "ldap_modify_ext\n", 0, 0, 0 );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	/* create a message to send */
 	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
 		return( LDAP_NO_MEMORY );
--- a/libraries/libldap/modrdn.c
+++ b/libraries/libldap/modrdn.c
@ -70,6 +70,10 @@ ldap_rename(

 	Debug( LDAP_DEBUG_TRACE, "ldap_rename\n", 0, 0, 0 );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	/* create a message to send */
 	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
 		return( LDAP_NO_MEMORY );
--- a/libraries/libldap/sasl.c
+++ b/libraries/libldap/sasl.c
@ -67,6 +67,10 @@ ldap_sasl_bind(
 	assert( LDAP_VALID( ld ) );
 	assert( msgidp != NULL );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	if( msgidp == NULL ) {
 		ld->ld_errno = LDAP_PARAM_ERROR;
 		return ld->ld_errno;
--- a/libraries/libldap/search.c
+++ b/libraries/libldap/search.c
@ -91,6 +91,7 @@ ldap_search_ext(
 	int sizelimit,
 	int *msgidp )
 {
+	int rc;
 	BerElement	*ber;
 	int timelimit;

@ -99,6 +100,10 @@ ldap_search_ext(
 	assert( ld != NULL );
 	assert( LDAP_VALID( ld ) );

+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	/*
 	 * if timeout is provided, both tv_sec and tv_usec must
 	 * be non-zero
--- a/libraries/libldap/unbind.c
+++ b/libraries/libldap/unbind.c
@ -34,6 +34,12 @@ ldap_unbind_ext(
 	LDAPControl **sctrls,
 	LDAPControl **cctrls )
 {
+	int rc;
+
+	/* check client controls */
+	rc = ldap_int_client_controls( ld, cctrls );
+	if( rc != LDAP_SUCCESS ) return rc;
+
 	return ldap_ld_free( ld, 1, sctrls, cctrls );
 }