Fix access_allowed() error checking bug

[openldap] / servers / slapd / back-passwd / search.c
diff --git a/servers/slapd/back-passwd/search.c b/servers/slapd/back-passwd/search.c

index 8e985cf0f1108f4f95c8447539f3c5346bca0754..bab8871253dd1f4c6fb0f6b211d1379df7c1024c 100644 (file)
--- a/servers/slapd/back-passwd/search.c
+++ b/servers/slapd/back-passwd/search.c
@@ -13,9 +13,11 @@
  #include <pwd.h>
  
  #include "slap.h"
-#include "external.h"
+#include "back-passwd.h"
  #include <ldap_pvt.h>
  
+static void pw_start( Backend *be );
+
  static Entry *pw2entry(
         Backend *be,
         struct passwd *pw,
@@ -47,7 +49,7 @@ passwd_back_search(
         int err = LDAP_SUCCESS;
  
         LDAPRDN *rdn = NULL;
-       char *parent = NULL;
+       struct berval parent = { 0, NULL };
         char *matched = NULL;
         const char *text = NULL;
  
@@ -59,16 +61,8 @@ passwd_back_search(
         slimit = (slimit > be->be_sizelimit || slimit < 1) ? be->be_sizelimit
             : slimit;
  
-       endpwent();
-
-#ifdef HAVE_SETPWFILE
-       if ( be->be_private != NULL ) {
-               (void) setpwfile( (char *) be->be_private );
-       }
-#endif /* HAVE_SETPWFILE */
-
         /* Handle a query for the base of this backend */
-       if ( be_issuffix( be,  nbase->bv_val ) ) {
+       if ( be_issuffix( be, nbase ) ) {
                 struct berval   vals[2];
  
                 vals[1].bv_val = NULL;
@@ -90,8 +84,9 @@ passwd_back_search(
                         /* Use the first attribute of the DN
                         * as an attribute within the entry itself.
                         */
-                       if( ldap_str2rdn( base->bv_val, &rdn, &text, 
-                               LDAP_DN_FORMAT_LDAP ) ) {
+                       if( ldap_bv2rdn( base, &rdn, (char **)&text, 
+                               LDAP_DN_FORMAT_LDAP ) )
+                       {
                                 err = LDAP_INVALID_DN_SYNTAX;
                                 goto done;
                         }
@@ -129,27 +124,29 @@ passwd_back_search(
                 if ( scope != LDAP_SCOPE_BASE ) {
                         /* check all our "children" */
  
+                       ldap_pvt_thread_mutex_lock( &passwd_mutex );
+                       pw_start( be );
                         for ( pw = getpwent(); pw != NULL; pw = getpwent() ) {
                                 /* check for abandon */
-                               ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
                                 if ( op->o_abandon ) {
-                                       ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
                                         endpwent();
+                                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                         return( -1 );
                                 }
-                               ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
  
                                 /* check time limit */
                                 if ( slap_get_time() > stoptime ) {
                                         send_ldap_result( conn, op, LDAP_TIMELIMIT_EXCEEDED,
                                         NULL, NULL, NULL, NULL );
                                         endpwent();
+                                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                         return( 0 );
                                 }
  
                                 if ( !(e = pw2entry( be, pw, &text )) ) {
-                                       err = LDAP_OPERATIONS_ERROR;
+                                       err = LDAP_OTHER;
                                         endpwent();
+                                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                         goto done;
                                 }
  
@@ -159,6 +156,7 @@ passwd_back_search(
                                                 send_ldap_result( conn, op, LDAP_SIZELIMIT_EXCEEDED,
                                                 NULL, NULL, NULL, NULL );
                                                 endpwent();
+                                               ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                                 return( 0 );
                                         }
  
@@ -170,19 +168,22 @@ passwd_back_search(
                                 entry_free( e );
                         }
                         endpwent();
+                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                 }
  
         } else {
-               parent = dn_parent( be, nbase->bv_val );
+               if (! be_issuffix( be, nbase ) ) {
+                       dnParent( nbase, &parent );
+               }
  
                 /* This backend is only one layer deep. Don't answer requests for
                  * anything deeper than that.
                  */
-               if( !be_issuffix( be, parent ) ) {
+               if( !be_issuffix( be, &parent ) ) {
                         int i;
-                       for( i=0; be->be_nsuffix[i] != NULL; i++ ) {
-                               if( dnIsSuffix( nbase, be->be_nsuffix[i] ) ) {
-                                       matched = be->be_suffix[i]->bv_val;
+                       for( i=0; be->be_nsuffix[i].bv_val != NULL; i++ ) {
+                               if( dnIsSuffix( nbase, &be->be_nsuffix[i] ) ) {
+                                       matched = be->be_suffix[i].bv_val;
                                         break;
                                 }
                         }
@@ -194,19 +195,26 @@ passwd_back_search(
                         goto done;
                 }
  
-               if ( ldap_str2rdn( base->bv_val, &rdn, &text, LDAP_DN_FORMAT_LDAP )) { 
-                       err = LDAP_OPERATIONS_ERROR;
+               if ( ldap_bv2rdn( base, &rdn, (char **)&text,
+                       LDAP_DN_FORMAT_LDAP ))
+               { 
+                       err = LDAP_OTHER;
                         goto done;
                 }
  
+               ldap_pvt_thread_mutex_lock( &passwd_mutex );
+               pw_start( be );
                 if ( (pw = getpwnam( rdn[0][0]->la_value.bv_val )) == NULL ) {
-                       matched = parent;
+                       matched = parent.bv_val;
                         err = LDAP_NO_SUCH_OBJECT;
+                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                         goto done;
                 }
  
-               if ( !(e = pw2entry( be, pw, &text )) ) {
-                       err = LDAP_OPERATIONS_ERROR;
+               e = pw2entry( be, pw, &text );
+               ldap_pvt_thread_mutex_unlock( &passwd_mutex );
+               if ( !e ) {
+                       err = LDAP_OTHER;
                         goto done;
                 }
  
@@ -229,6 +237,20 @@ done:
         return( 0 );
  }
  
+static void
+pw_start(
+       Backend *be
+)
+{
+       endpwent();
+
+#ifdef HAVE_SETPWFILE
+       if ( be->be_private != NULL ) {
+               (void) setpwfile( (char *) be->be_private );
+       }
+#endif /* HAVE_SETPWFILE */
+}
+
  static Entry *
  pw2entry( Backend *be, struct passwd *pw, const char **text )
  {
@@ -260,12 +282,12 @@ pw2entry( Backend *be, struct passwd *pw, const char **text )
          */
  
         pwlen = strlen( pw->pw_name );
-       vals[0].bv_len = (sizeof("uid=,")-1) + ( pwlen + be->be_suffix[0]->bv_len );
+       vals[0].bv_len = (sizeof("uid=,")-1) + ( pwlen + be->be_suffix[0].bv_len );
         vals[0].bv_val = ch_malloc( vals[0].bv_len + 1 );
  
         /* rdn attribute type should be a configuratable item */
         sprintf( vals[0].bv_val, "uid=%s,%s",
-               pw->pw_name, be->be_suffix[0]->bv_val );
+               pw->pw_name, be->be_suffix[0].bv_val );
  
         rc = dnNormalize2( NULL, vals, &bv );
         if( rc != LDAP_SUCCESS ) {
@@ -318,18 +340,24 @@ pw2entry( Backend *be, struct passwd *pw, const char **text )
  
                 s = strchr(vals[0].bv_val, '&');
                 if (s) {
-                       char buf[256];
-                       int i = s - vals[0].bv_val;
-                       strncpy(buf, vals[0].bv_val, i);
-                       s = buf+i;
-                       strcpy(s, pw->pw_name);
-                       *s = TOUPPER(*s);
-                       strcat(s, vals[0].bv_val+i+1);
-                       vals[0].bv_val = buf;
+                       char buf[1024];
+
+                       if( vals[0].bv_len + pwlen < sizeof(buf) ) {
+                               int i = s - vals[0].bv_val;
+                               strncpy(buf, vals[0].bv_val, i);
+                               s = buf+i;
+                               strcpy(s, pw->pw_name);
+                               *s = TOUPPER((unsigned char)*s);
+                               strcat(s, vals[0].bv_val+i+1);
+                               vals[0].bv_val = buf;
+                       }
                 }
                 vals[0].bv_len = strlen(vals[0].bv_val);
-               if ( strcmp( vals[0].bv_val, pw->pw_name ))
+
+               if ( vals[0].bv_len && strcasecmp( vals[0].bv_val, pw->pw_name )) {
                         attr_merge( e, ad_cn, vals );
+               }
+
                 if ( (s=strrchr(vals[0].bv_val, ' '))) {
                         vals[0].bv_val = s + 1;
                         vals[0].bv_len = strlen(vals[0].bv_val);