X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fcontrols.c;h=7e9d73662fa69b66d83adf68892938bf8d1dec92;hb=2dfd312fa12a765a5ad311f6c9bf8dce76a63155;hp=9262bcb955d9d5eaa87abfcef8326337a97d8b1a;hpb=1f52f6e43e678c8f77625f5c96105a1bb51cc1ce;p=openldap diff --git a/libraries/libldap/controls.c b/libraries/libldap/controls.c index 9262bcb955..7e9d73662f 100644 --- a/libraries/libldap/controls.c +++ b/libraries/libldap/controls.c @@ -1,14 +1,53 @@ -/* - * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. - * COPYING RESTRICTIONS APPLY, see COPYRIGHT file +/* $OpenLDAP$ */ +/* This work is part of OpenLDAP Software . + * + * Copyright 1998-2005 The OpenLDAP Foundation. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted only as authorized by the OpenLDAP + * Public License. + * + * A copy of this license is available in the file LICENSE in the + * top-level directory of the distribution or, alternatively, at + * . */ -/* - * LDAP controls +/* This notice applies to changes, created by or for Novell, Inc., + * to preexisting works for which notices appear elsewhere in this file. + * + * Copyright (C) 1999, 2000 Novell, Inc. All Rights Reserved. + * + * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES. + * USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO VERSION + * 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS AVAILABLE AT + * HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE" IN THE + * TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION OF THIS + * WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP PUBLIC + * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE + * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY. + *--- + * Note: A verbatim copy of version 2.0.1 of the OpenLDAP Public License + * can be found in the file "build/LICENSE-2.0.1" in this distribution + * of OpenLDAP Software. + */ +/* Portions Copyright (C) The Internet Society (1997) + * ASN.1 fragments are from RFC 2251; see RFC for full legal notices. + */ + +/* LDAPv3 Controls (RFC2251) + * + * Controls ::= SEQUENCE OF Control + * + * Control ::= SEQUENCE { + * controlType LDAPOID, + * criticality BOOLEAN DEFAULT FALSE, + * controlValue OCTET STRING OPTIONAL + * } */ #include "portable.h" -#include +#include #include #include @@ -20,14 +59,16 @@ * ldap_int_put_controls */ -int ldap_int_put_controls( +int +ldap_int_put_controls( LDAP *ld, - LDAPControl **ctrls, + LDAPControl *const *ctrls, BerElement *ber ) { - LDAPControl **c; + LDAPControl *const *c; assert( ld != NULL ); + assert( LDAP_VALID(ld) ); assert( ber != NULL ); if( ctrls == NULL ) { @@ -54,13 +95,13 @@ int ldap_int_put_controls( } /* Controls are encoded as a sequence of sequences */ - if( ber_printf( ber, "t{", LDAP_TAG_CONTROLS ) == -1 ) { + if( ber_printf( ber, "t{"/*}*/, LDAP_TAG_CONTROLS ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; return ld->ld_errno; } for( c = ctrls ; *c != NULL; c++ ) { - if ( ber_printf( ber, "{s", + if ( ber_printf( ber, "{s" /*}*/, (*c)->ldctl_oid ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; @@ -69,7 +110,7 @@ int ldap_int_put_controls( if( (*c)->ldctl_iscritical /* only if true */ && ( ber_printf( ber, "b", - (*c)->ldctl_iscritical ) == -1 ) ) + (ber_int_t) (*c)->ldctl_iscritical ) == -1 ) ) { ld->ld_errno = LDAP_ENCODING_ERROR; return ld->ld_errno; @@ -84,14 +125,14 @@ int ldap_int_put_controls( } - if( ber_printf( ber, "}" ) == -1 ) { + if( ber_printf( ber, /*{*/"N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; return ld->ld_errno; } } - if( ber_printf( ber, "}" ) == -1 ) { + if( ber_printf( ber, /*{*/ "}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; return ld->ld_errno; } @@ -99,20 +140,23 @@ int ldap_int_put_controls( return LDAP_SUCCESS; } -int ldap_int_get_controls LDAP_P(( +int ldap_pvt_get_controls( BerElement *ber, - LDAPControl ***ctrls )) + LDAPControl ***ctrls ) { int nctrls; - unsigned long tag, len; + ber_tag_t tag; + ber_len_t len; char *opaque; assert( ber != NULL ); - assert( ctrls != NULL ); + if( ctrls == NULL ) { + return LDAP_SUCCESS; + } *ctrls = NULL; - len = ber_pvt_ber_remaining(ber); + len = ber_pvt_ber_remaining( ber ); if( len == 0) { /* no controls */ @@ -137,7 +181,7 @@ int ldap_int_get_controls LDAP_P(( return LDAP_NO_MEMORY; } - ctrls[nctrls] = NULL; + *ctrls[nctrls] = NULL; for( tag = ber_first_element( ber, &len, &opaque ); tag != LBER_ERROR; @@ -171,33 +215,29 @@ int ldap_int_get_controls LDAP_P(( tctrls[nctrls++] = tctrl; tctrls[nctrls] = NULL; - tag = ber_scanf( ber, "{a", &tctrl->ldctl_oid ); + tag = ber_scanf( ber, "{a" /*}*/, &tctrl->ldctl_oid ); - if( tag != LBER_ERROR ) { - tag = ber_peek_tag( ber, &len ); + if( tag == LBER_ERROR ) { + *ctrls = NULL; + ldap_controls_free( tctrls ); + return LDAP_DECODING_ERROR; } - if( tag == LBER_BOOLEAN ) { - tag = ber_scanf( ber, "b", &tctrl->ldctl_iscritical ); - } + tag = ber_peek_tag( ber, &len ); - if( tag != LBER_ERROR ) { + if( tag == LBER_BOOLEAN ) { + ber_int_t crit; + tag = ber_scanf( ber, "b", &crit ); + tctrl->ldctl_iscritical = crit ? (char) 0 : (char) ~0; tag = ber_peek_tag( ber, &len ); } if( tag == LBER_OCTETSTRING ) { tag = ber_scanf( ber, "o", &tctrl->ldctl_value ); - } else { tctrl->ldctl_value.bv_val = NULL; } - if( tag == LBER_ERROR ) { - *ctrls = NULL; - ldap_controls_free( tctrls ); - return LDAP_DECODING_ERROR; - } - *ctrls = tctrls; } @@ -210,6 +250,10 @@ int ldap_int_get_controls LDAP_P(( void ldap_control_free( LDAPControl *c ) { +#ifdef LDAP_MEMORY_DEBUG + assert( c != NULL ); +#endif + if ( c != NULL ) { if( c->ldctl_oid != NULL) { LDAP_FREE( c->ldctl_oid ); @@ -229,11 +273,15 @@ ldap_control_free( LDAPControl *c ) void ldap_controls_free( LDAPControl **controls ) { +#ifdef LDAP_MEMORY_DEBUG + assert( controls != NULL ); +#endif + if ( controls != NULL ) { - LDAPControl *c; + int i; - for(c = *controls; c != NULL; c++) { - ldap_control_free( c ); + for( i=0; controls[i] != NULL; i++) { + ldap_control_free( controls[i] ); } LDAP_FREE( controls ); @@ -243,7 +291,8 @@ ldap_controls_free( LDAPControl **controls ) /* * Duplicate an array of LDAPControl */ -LDAPControl **ldap_controls_dup( const LDAPControl **controls ) +LDAPControl ** +ldap_controls_dup( LDAPControl *const *controls ) { LDAPControl **new; int i; @@ -260,7 +309,7 @@ LDAPControl **ldap_controls_dup( const LDAPControl **controls ) return NULL; } - new = (LDAPControl **) LDAP_MALLOC( i * sizeof(LDAPControl *) ); + new = (LDAPControl **) LDAP_MALLOC( (i+1) * sizeof(LDAPControl *) ); if( new == NULL ) { /* memory allocation failure */ @@ -285,7 +334,8 @@ LDAPControl **ldap_controls_dup( const LDAPControl **controls ) /* * Duplicate a LDAPControl */ -LDAPControl *ldap_control_dup( const LDAPControl *c ) +LDAPControl * +ldap_control_dup( const LDAPControl *c ) { LDAPControl *new; @@ -311,8 +361,9 @@ LDAPControl *ldap_control_dup( const LDAPControl *c ) new->ldctl_oid = NULL; } - if( c->ldctl_value.bv_len > 0 ) { - new->ldctl_value.bv_val = (char *) LDAP_MALLOC( c->ldctl_value.bv_len ); + if( c->ldctl_value.bv_val != NULL ) { + new->ldctl_value.bv_val = + (char *) LDAP_MALLOC( c->ldctl_value.bv_len + 1 ); if(new->ldctl_value.bv_val == NULL) { if(new->ldctl_oid != NULL) { @@ -322,10 +373,12 @@ LDAPControl *ldap_control_dup( const LDAPControl *c ) return NULL; } - SAFEMEMCPY( new->ldctl_value.bv_val, c->ldctl_value.bv_val, + new->ldctl_value.bv_len = c->ldctl_value.bv_len; + + AC_MEMCPY( new->ldctl_value.bv_val, c->ldctl_value.bv_val, c->ldctl_value.bv_len ); - new->ldctl_value.bv_len = c->ldctl_value.bv_len; + new->ldctl_value.bv_val[new->ldctl_value.bv_len] = '\0'; } else { new->ldctl_value.bv_len = 0; @@ -335,3 +388,105 @@ LDAPControl *ldap_control_dup( const LDAPControl *c ) new->ldctl_iscritical = c->ldctl_iscritical; return new; } + + +LDAPControl * +ldap_find_control( + LDAP_CONST char *oid, + LDAPControl **ctrls ) +{ + if( ctrls == NULL || *ctrls == NULL ) { + return NULL; + } + + for( ; *ctrls != NULL; ctrls++ ) { + if( strcmp( (*ctrls)->ldctl_oid, oid ) == 0 ) { + return *ctrls; + } + } + + return NULL; +} + +/* + ldap_create_control + + Internal function to create an LDAP control from the encoded BerElement. + + requestOID (IN) The OID to use in creating the control. + + ber (IN) The encoded BerElement to use in creating the control. + + iscritical (IN) 0 - Indicates the control is not critical to the operation. + non-zero - The control is critical to the operation. + + ctrlp (OUT) Returns a pointer to the LDAPControl created. This control + SHOULD be freed by calling ldap_control_free() when done. +---*/ + +int +ldap_create_control( + LDAP_CONST char *requestOID, + BerElement *ber, + int iscritical, + LDAPControl **ctrlp ) +{ + LDAPControl *ctrl; + + assert( requestOID != NULL ); + assert( ber != NULL ); + assert( ctrlp != NULL ); + + ctrl = (LDAPControl *) LDAP_MALLOC( sizeof(LDAPControl) ); + if ( ctrl == NULL ) { + return LDAP_NO_MEMORY; + } + + if ( ber_flatten2( ber, &ctrl->ldctl_value, 1 ) == -1 ) { + LDAP_FREE( ctrl ); + return LDAP_NO_MEMORY; + } + + ctrl->ldctl_oid = LDAP_STRDUP( requestOID ); + ctrl->ldctl_iscritical = iscritical; + + if ( requestOID != NULL && ctrl->ldctl_oid == NULL ) { + ldap_control_free( ctrl ); + return LDAP_NO_MEMORY; + } + + *ctrlp = ctrl; + return LDAP_SUCCESS; +} + +/* + * check for critical client controls and bitch if present + * if we ever support critical controls, we'll have to + * find a means for maintaining per API call control + * information. + */ +int ldap_int_client_controls( LDAP *ld, LDAPControl **ctrls ) +{ + LDAPControl *const *c; + + assert( ld != NULL ); + assert( LDAP_VALID(ld) ); + + if( ctrls == NULL ) { + /* use default server controls */ + ctrls = ld->ld_cctrls; + } + + if( ctrls == NULL || *ctrls == NULL ) { + return LDAP_SUCCESS; + } + + for( c = ctrls ; *c != NULL; c++ ) { + if( (*c)->ldctl_iscritical ) { + ld->ld_errno = LDAP_NOT_SUPPORTED; + return ld->ld_errno; + } + } + + return LDAP_SUCCESS; +}