X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fkbind.c;h=5e63698ddc7e2d4fbf58fe7286a97d05cbc224c7;hb=f3880e56334b477054b3a0049aa4fbb69632a1ca;hp=5ab59d846359d06a2189c45abfdf9fa398c316a3;hpb=22d98c85c3ece96dd2e3d9b76195973d0639cd49;p=openldap

diff --git a/libraries/libldap/kbind.c b/libraries/libldap/kbind.c
index 5ab59d8463..5e63698ddc 100644
--- a/libraries/libldap/kbind.c
+++ b/libraries/libldap/kbind.c
@@ -9,12 +9,33 @@
  *  kbind.c
  */
 
+/*
+ *	BindRequest ::= SEQUENCE {
+ *		version		INTEGER,
+ *		name		DistinguishedName,	 -- who
+ *		authentication	CHOICE {
+ *			simple		[0] OCTET STRING -- passwd
+#ifdef HAVE_KERBEROS
+ *			krbv42ldap	[1] OCTET STRING
+ *			krbv42dsa	[2] OCTET STRING
+#endif
+ *			sasl		[3] SaslCredentials	-- LDAPv3
+ *		}
+ *	}
+ *
+ *	BindResponse ::= SEQUENCE {
+ *		COMPONENTS OF LDAPResult,
+ *		serverSaslCreds		OCTET STRING OPTIONAL -- LDAPv3
+ *	}
+ *
+ */
+
 #include "portable.h"
 
 #ifdef HAVE_KERBEROS
 
 #include <stdio.h>
-#include <stdlib.h>
+#include <ac/stdlib.h>
 
 #include <ac/krb.h>
 #include <ac/socket.h>
@@ -39,24 +60,12 @@ ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn )
 {
 	BerElement	*ber;
 	char		*cred;
-	int		rc, credlen;
+	int		rc;
+	ber_len_t credlen;
 #ifdef STR_TRANSLATION
 	int		str_translation_on;
 #endif /* STR_TRANSLATION */
 
-	/*
-	 * The bind request looks like this:
-	 *	BindRequest ::= SEQUENCE {
-	 *		version		INTEGER,
-	 *		name		DistinguishedName,
-	 *		authentication	CHOICE {
-	 *			krbv42ldap	[1] OCTET STRING
-	 *			krbv42dsa	[2] OCTET STRING
-	 *		}
-	 *	}
-	 * all wrapped up in an LDAPMessage sequence.
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_kerberos_bind1\n", 0, 0, 0 );
 
 	if ( dn == NULL )
@@ -68,8 +77,8 @@ ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn )
 	}
 
 	/* create a message to send */
-	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULLBER ) {
-		free( cred );
+	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
+		LDAP_FREE( cred );
 		return( -1 );
 	}
 
@@ -91,13 +100,13 @@ ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn )
 #endif /* STR_TRANSLATION */
 
 	if ( rc == -1 ) {
-		free( cred );
+		LDAP_FREE( cred );
 		ber_free( ber, 1 );
 		ld->ld_errno = LDAP_ENCODING_ERROR;
 		return( -1 );
 	}
 
-	free( cred );
+	LDAP_FREE( cred );
 
 #ifndef LDAP_NOCACHE
 	if ( ld->ld_cache != NULL ) {
@@ -145,7 +154,8 @@ ldap_kerberos_bind2( LDAP *ld, LDAP_CONST char *dn )
 {
 	BerElement	*ber;
 	char		*cred;
-	int		rc, credlen;
+	int		rc;
+	ber_len_t credlen;
 #ifdef STR_TRANSLATION
 	int		str_translation_on;
 #endif /* STR_TRANSLATION */
@@ -161,8 +171,8 @@ ldap_kerberos_bind2( LDAP *ld, LDAP_CONST char *dn )
 	}
 
 	/* create a message to send */
-	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULLBER ) {
-		free( cred );
+	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
+		LDAP_FREE( cred );
 		return( -1 );
 	}
 
@@ -184,7 +194,7 @@ ldap_kerberos_bind2( LDAP *ld, LDAP_CONST char *dn )
 	}
 #endif /* STR_TRANSLATION */
 
-	free( cred );
+	LDAP_FREE( cred );
 
 	if ( rc == -1 ) {
 		ber_free( ber, 1 );
@@ -245,7 +255,7 @@ ldap_get_kerberosv4_credentials(
 	LDAP *ld,
 	LDAP_CONST char *who,
 	LDAP_CONST char *service,
-	int *len )
+	ber_len_t *len )
 {
 	KTEXT_ST	ktxt;
 	int		err;
@@ -273,7 +283,7 @@ ldap_get_kerberosv4_credentials(
 		return( NULL );
 	}
 
-	if ( ( cred = malloc( ktxt.length )) == NULL ) {
+	if ( ( cred = LDAP_MALLOC( ktxt.length )) == NULL ) {
 		ld->ld_errno = LDAP_NO_MEMORY;
 		return( NULL );
 	}