OpenSDE
/
package-nopast
3
0
Fork 0
Code Issues 9 Projects 1 Releases Activity
OpenSDE Packages Database (without history before r20070)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5861 Commits
49 Branches
0 Tags
34 MiB
Tree: 679de9be4b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '679de9be4b'
${ noResults }
package-nopast/security/heimdal/hdb-ldap-get_values.patch

285 lines
8.1 KiB
Raw Normal View History

Fixed heimdal to not use the deprecated ldap_get_values function from openldap
17 years ago
  1. # --- SDE-COPYRIGHT-NOTE-BEGIN ---
  2. # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
  3. #
  4. # Filename: package/.../heimdal/hdb-ldap-get_values.patch
  5. # Copyright (C) 2008 The OpenSDE Project
  6. #
  7. # More information can be found in the files COPYING and README.
  8. #
  9. # This patch file is dual-licensed. It is available under the license the
  10. # patched project is licensed under, as long as it is an OpenSource license
  11. # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
  12. # of the GNU General Public License as published by the Free Software
  13. # Foundation; either version 2 of the License, or (at your option) any later
  14. # version.
  15. # --- SDE-COPYRIGHT-NOTE-END ---
  17. Index: heimdal/lib/hdb/hdb-ldap.c
  18. ===================================================================
  19. --- heimdal/lib/hdb/hdb-ldap.c (revision 22586)
  20. +++ heimdal/lib/hdb/hdb-ldap.c (revision 22587)
  21. @@ -1,7 +1,7 @@
  22. /*
  23. * Copyright (c) 1999-2001, 2003, PADL Software Pty Ltd.
  24. * Copyright (c) 2004, Andrew Bartlett.
  25. - * Copyright (c) 2003 - 2007, Kungliga Tekniska H�gskolan.
  26. + * Copyright (c) 2003 - 2008, Kungliga Tekniska H�gskolan.
  27. * All rights reserved.
  28. *
  29. * Redistribution and use in source and binary forms, with or without
  30. @@ -307,38 +307,40 @@
  31. LDAP_get_string_value(HDB * db, LDAPMessage * entry,
  32. const char *attribute, char **ptr)
  33. {
  34. - char **vals;
  35. - int ret;
  36. + struct berval **vals;
  38. - vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute);
  39. - if (vals == NULL) {
  40. + vals = ldap_get_values_len(HDB2LDAP(db), entry, attribute);
  41. + if (vals == NULL || vals[0] == NULL) {
  42. *ptr = NULL;
  43. return HDB_ERR_NOENTRY;
  44. }
  46. - *ptr = strdup(vals[0]);
  47. - if (*ptr == NULL)
  48. - ret = ENOMEM;
  49. - else
  50. - ret = 0;
  51. + *ptr = malloc(vals[0]->bv_len + 1);
  52. + if (*ptr == NULL) {
  53. + ldap_value_free_len(vals);
  54. + return ENOMEM;
  55. + }
  57. - ldap_value_free(vals);
  58. + memcpy(*ptr, vals[0]->bv_val, vals[0]->bv_len);
  59. + (*ptr)[vals[0]->bv_len] = 0;
  61. - return ret;
  62. + ldap_value_free_len(vals);
  63. +
  64. + return 0;
  65. }
  67. static krb5_error_code
  68. LDAP_get_integer_value(HDB * db, LDAPMessage * entry,
  69. const char *attribute, int *ptr)
  70. {
  71. - char **vals;
  72. + krb5_error_code ret;
  73. + char *val;
  75. - vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute);
  76. - if (vals == NULL)
  77. - return HDB_ERR_NOENTRY;
  78. -
  79. - *ptr = atoi(vals[0]);
  80. - ldap_value_free(vals);
  81. + ret = LDAP_get_string_value(db, entry, attribute, &val);
  82. + if (ret)
  83. + return ret;
  84. + *ptr = atoi(val);
  85. + free(val);
  86. return 0;
  87. }
  89. @@ -369,6 +371,14 @@
  90. return 0;
  91. }
  93. +static int
  94. +bervalstrcmp(struct berval *v, const char *str)
  95. +{
  96. + size_t len = strlen(str);
  97. + return (v->bv_len == len) && strncasecmp(str, (char *)v->bv_val, len) == 0;
  98. +}
  99. +
  100. +
  101. static krb5_error_code
  102. LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
  103. LDAPMessage * msg, LDAPMod *** pmods)
  104. @@ -386,7 +396,7 @@
  105. krb5_boolean is_heimdal_entry = FALSE;
  106. krb5_boolean is_heimdal_principal = FALSE;
  108. - char **values;
  109. + struct berval **vals;
  111. *pmods = NULL;
  113. @@ -398,21 +408,20 @@
  115. is_new_entry = FALSE;
  117. - values = ldap_get_values(HDB2LDAP(db), msg, "objectClass");
  118. - if (values) {
  119. - int num_objectclasses = ldap_count_values(values);
  120. + vals = ldap_get_values_len(HDB2LDAP(db), msg, "objectClass");
  121. + if (vals) {
  122. + int num_objectclasses = ldap_count_values_len(vals);
  123. for (i=0; i < num_objectclasses; i++) {
  124. - if (strcasecmp(values[i], "sambaSamAccount") == 0) {
  125. + if (bervalstrcmp(vals[i], "sambaSamAccount"))
  126. is_samba_account = TRUE;
  127. - } else if (strcasecmp(values[i], structural_object) == 0) {
  128. + else if (bervalstrcmp(vals[i], structural_object))
  129. is_account = TRUE;
  130. - } else if (strcasecmp(values[i], "krb5Principal") == 0) {
  131. + else if (bervalstrcmp(vals[i], "krb5Principal"))
  132. is_heimdal_principal = TRUE;
  133. - } else if (strcasecmp(values[i], "krb5KDCEntry") == 0) {
  134. + else if (bervalstrcmp(vals[i], "krb5KDCEntry"))
  135. is_heimdal_entry = TRUE;
  136. - }
  137. }
  138. - ldap_value_free(values);
  139. + ldap_value_free_len(vals);
  140. }
  142. /*
  143. @@ -602,9 +611,9 @@
  145. /* Remove keys if they exists, and then replace keys. */
  146. if (!is_new_entry && orig.entry.keys.len > 0) {
  147. - values = ldap_get_values(HDB2LDAP(db), msg, "krb5Key");
  148. - if (values) {
  149. - ldap_value_free(values);
  150. + vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5Key");
  151. + if (vals) {
  152. + ldap_value_free_len(vals);
  154. ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL);
  155. if (ret)
  156. @@ -641,9 +650,9 @@
  157. goto out;
  159. /* have to kill the LM passwod if it exists */
  160. - values = ldap_get_values(HDB2LDAP(db), msg, "sambaLMPassword");
  161. - if (values) {
  162. - ldap_value_free(values);
  163. + vals = ldap_get_values_len(HDB2LDAP(db), msg, "sambaLMPassword");
  164. + if (vals) {
  165. + ldap_value_free_len(vals);
  166. ret = LDAP_addmod(&mods, LDAP_MOD_DELETE,
  167. "sambaLMPassword", NULL);
  168. if (ret)
  169. @@ -676,9 +685,9 @@
  170. */
  172. if (!is_new_entry) {
  173. - values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType");
  174. - if (values) {
  175. - ldap_value_free(values);
  176. + vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType");
  177. + if (vals) {
  178. + ldap_value_free_len(vals);
  179. ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType",
  180. NULL);
  181. if (ret)
  182. @@ -730,8 +739,8 @@
  183. krb5_error_code ret;
  184. int rc;
  185. const char *filter = "(objectClass=krb5Principal)";
  186. - char **values;
  187. LDAPMessage *res = NULL, *e;
  188. + char *p;
  190. ret = LDAP_no_size_limit(context, HDB2LDAP(db));
  191. if (ret)
  192. @@ -753,14 +762,14 @@
  193. goto out;
  194. }
  196. - values = ldap_get_values(HDB2LDAP(db), e, "krb5PrincipalName");
  197. - if (values == NULL) {
  198. + ret = LDAP_get_string_value(db, e, "krb5PrincipalName", &p);
  199. + if (ret) {
  200. ret = HDB_ERR_NOENTRY;
  201. goto out;
  202. }
  204. - ret = krb5_parse_name(context, values[0], principal);
  205. - ldap_value_free(values);
  206. + ret = krb5_parse_name(context, p, principal);
  207. + free(p);
  209. out:
  210. if (res)
  211. @@ -893,10 +902,9 @@
  212. {
  213. char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL;
  214. char *samba_acct_flags = NULL;
  215. - unsigned long tmp;
  216. struct berval **keys;
  217. - char **values;
  218. - int tmp_time, i, ret, have_arcfour = 0;
  219. + struct berval **vals;
  220. + int tmp, tmp_time, i, ret, have_arcfour = 0;
  222. memset(ent, 0, sizeof(*ent));
  223. ent->entry.flags = int2HDBFlags(0);
  224. @@ -962,8 +970,8 @@
  225. #endif
  226. }
  228. - values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType");
  229. - if (values != NULL) {
  230. + vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType");
  231. + if (vals != NULL) {
  232. int i;
  234. ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes)));
  235. @@ -972,17 +980,26 @@
  236. ret = ENOMEM;
  237. goto out;
  238. }
  239. - ent->entry.etypes->len = ldap_count_values(values);
  240. + ent->entry.etypes->len = ldap_count_values_len(vals);
  241. ent->entry.etypes->val = calloc(ent->entry.etypes->len, sizeof(int));
  242. if (ent->entry.etypes->val == NULL) {
  243. krb5_set_error_string(context, "malloc: out of memory");
  244. + ent->entry.etypes->len = 0;
  245. ret = ENOMEM;
  246. goto out;
  247. }
  248. for (i = 0; i < ent->entry.etypes->len; i++) {
  249. - ent->entry.etypes->val[i] = atoi(values[i]);
  250. + char buf[100];
  251. + if (vals[i]->bv_len > sizeof(buf) - 1) {
  252. + krb5_set_error_string(context, "malloc: out of memory");
  253. + ret = ENOMEM;
  254. + goto out;
  255. + }
  256. + memcpy(buf, vals[i]->bv_val, vals[i]->bv_len);
  257. + buf[vals[i]->bv_len] = '\0';
  258. + ent->entry.etypes->val[i] = atoi(buf);
  259. }
  260. - ldap_value_free(values);
  261. + ldap_value_free_len(vals);
  262. }
  264. for (i = 0; i < ent->entry.keys.len; i++) {
  265. @@ -1193,18 +1210,9 @@
  266. *ent->entry.max_renew = max_renew;
  267. }
  269. - values = ldap_get_values(HDB2LDAP(db), msg, "krb5KDCFlags");
  270. - if (values != NULL) {
  271. - errno = 0;
  272. - tmp = strtoul(values[0], (char **) NULL, 10);
  273. - if (tmp == ULONG_MAX && errno == ERANGE) {
  274. - krb5_set_error_string(context, "strtoul: could not convert flag");
  275. - ret = ERANGE;
  276. - goto out;
  277. - }
  278. - } else {
  279. + ret = LDAP_get_integer_value(db, msg, "krb5KDCFlags", &tmp);
  280. + if (ret)
  281. tmp = 0;
  282. - }
  284. ent->entry.flags = int2HDBFlags(tmp);