]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/controls.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix one-time leak
[openldap] / servers / slapd / controls.c
diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index 93476070d1a8b3a86e03933ef59d78cedca8d0ca..6caa711acec2dc7c9eb513099ba8487330497485 100644 (file)
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2012 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -344,6 +344,38 @@ register_supported_control2(const char *controloid,
        return LDAP_SUCCESS;
 }
 
+#ifdef SLAP_CONFIG_DELETE
+int
+unregister_supported_control( const char *controloid )
+{
+       struct slap_control *sc;
+       int i;
+
+       if ( controloid == NULL || (sc = find_ctrl( controloid )) == NULL ){
+               return -1;
+       }
+
+       for ( i = 0; slap_known_controls[ i ]; i++ ) {
+               if ( strcmp( controloid, slap_known_controls[ i ] ) == 0 ) {
+                       do {
+                               slap_known_controls[ i ] = slap_known_controls[ i+1 ];
+                       } while ( slap_known_controls[ i++ ] );
+                       num_known_controls--;
+                       break;
+               }
+       }
+
+       LDAP_SLIST_REMOVE(&controls_list, sc, slap_control, sc_next);
+       ch_free( sc->sc_oid );
+       if ( sc->sc_extendedopsbv != NULL ) {
+               ber_bvarray_free( sc->sc_extendedopsbv );
+       }
+       ch_free( sc );
+
+       return 0;
+}
+#endif /* SLAP_CONFIG_DELETE */
+
 /*
  * One-time initialization of internal controls.
  */
@@ -1137,14 +1169,13 @@ static int parseProxyAuthz (
        }
 
        ch_free( op->o_ndn.bv_val );
-       ch_free( op->o_dn.bv_val );
 
        /*
         * NOTE: since slap_sasl_getdn() returns a normalized dn,
         * from now on op->o_dn is normalized
         */
        op->o_ndn = dn;
-       ber_dupbv( &op->o_dn, &dn );
+       ber_bvreplace( &op->o_dn, &dn );
 
        Statslog( LDAP_DEBUG_STATS, "%s PROXYAUTHZ dn=\"%s\"\n",
            op->o_log_prefix, dn.bv_val, 0, 0, 0 );
@@ -1234,6 +1265,8 @@ static int parsePagedResults (
        if ( !cookie.bv_len ) {
                ps->ps_count = 0;
                ps->ps_cookie = 0;
+               /* taint ps_cookie, to detect whether it's set */
+               op->o_conn->c_pagedresults_state.ps_cookie = NOID;
        }
 
        /* NOTE: according to RFC 2696 3.:
@@ -1414,7 +1447,7 @@ parseReadAttrs(
 
                an[i].an_desc = NULL;
                an[i].an_oc = NULL;
-               an[i].an_oc_exclude = 0;
+               an[i].an_flags = 0;
                rc = slap_bv2ad( &an[i].an_name, &an[i].an_desc, &dummy );
                if ( rc == LDAP_SUCCESS ) {
                        an[i].an_name = an[i].an_desc->ad_cname;
@@ -1580,7 +1613,7 @@ static int parsePermissiveModify (
                return LDAP_PROTOCOL_ERROR;
        }
 
-       if ( BER_BVISNULL( &ctrl->ldctl_value )) {
+       if ( !BER_BVISNULL( &ctrl->ldctl_value )) {
                rs->sr_text = "permissiveModify control value not absent";
                return LDAP_PROTOCOL_ERROR;
        }
@@ -1671,6 +1704,24 @@ static int parseSearchOptions (
                return LDAP_PROTOCOL_ERROR;
        }
 
+       if ( search_flags & ~(LDAP_SEARCH_FLAG_DOMAIN_SCOPE) ) {
+               /* Search flags not recognised so far,
+                * including:
+                *              LDAP_SEARCH_FLAG_PHANTOM_ROOT
+                */
+               if ( ctrl->ldctl_iscritical ) {
+                       rs->sr_text = "searchOptions contained unrecognized flag";
+                       return LDAP_UNWILLING_TO_PERFORM;
+               }
+
+               /* Ignore */
+               Debug( LDAP_DEBUG_TRACE,
+                       "searchOptions: conn=%lu unrecognized flag(s) 0x%x (non-critical)\n", 
+                       op->o_connid, (unsigned)search_flags, 0 );
+
+               return LDAP_SUCCESS;
+       }
+
        if ( search_flags & LDAP_SEARCH_FLAG_DOMAIN_SCOPE ) {
                if ( op->o_domain_scope != SLAP_CONTROL_NONE ) {
                        rs->sr_text = "searchOptions control specified multiple times "
@@ -1683,15 +1734,6 @@ static int parseSearchOptions (
                        : SLAP_CONTROL_NONCRITICAL;
        }
 
-       if ( search_flags & ~(LDAP_SEARCH_FLAG_DOMAIN_SCOPE) ) {
-               /* Other search flags not recognised so far,
-                * including:
-                *              LDAP_SEARCH_FLAG_PHANTOM_ROOM
-                */
-               rs->sr_text = "searchOptions contained unrecognized flag";
-               return LDAP_UNWILLING_TO_PERFORM;
-       }
-
        return LDAP_SUCCESS;
 }
 
Cloned from git://git.openldap.org/openldap.git