X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fpasswd.c;h=0c898771ec4b4c2a9defe96c4f18789c092bd23c;hb=f8fb4aca7668c722f41941be719203aa8c298e12;hp=143cd2f31e194d30fe8eff645a356d97fcde1e26;hpb=5ee89d616797a8a62fa44dec95c52e2b94e8c83f;p=openldap diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c index 143cd2f31e..0c898771ec 100644 --- a/servers/slapd/passwd.c +++ b/servers/slapd/passwd.c @@ -1,7 +1,7 @@ /* bind.c - ldbm backend bind and unbind routines */ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -26,7 +26,7 @@ int passwd_extop( struct berval **rspdata, LDAPControl ***rspctrls, const char **text, - struct berval ***refs ) + BVarray *refs ) { int rc; @@ -66,9 +66,9 @@ int passwd_extop( } int slap_passwd_parse( struct berval *reqdata, - struct berval **id, - struct berval **oldpass, - struct berval **newpass, + struct berval *id, + struct berval *oldpass, + struct berval *newpass, const char **text ) { int rc = LDAP_SUCCESS; @@ -116,7 +116,7 @@ int slap_passwd_parse( struct berval *reqdata, goto done; } - tag = ber_scanf( ber, "O", id ); + tag = ber_scanf( ber, "m", id ); if( tag == LBER_ERROR ) { #ifdef NEW_LOGGING @@ -148,7 +148,7 @@ int slap_passwd_parse( struct berval *reqdata, goto done; } - tag = ber_scanf( ber, "O", oldpass ); + tag = ber_scanf( ber, "m", oldpass ); if( tag == LBER_ERROR ) { #ifdef NEW_LOGGING @@ -180,7 +180,7 @@ int slap_passwd_parse( struct berval *reqdata, goto done; } - tag = ber_scanf( ber, "O", newpass ); + tag = ber_scanf( ber, "m", newpass ); if( tag == LBER_ERROR ) { #ifdef NEW_LOGGING @@ -215,19 +215,19 @@ decoding_error: done: if( rc != LDAP_SUCCESS ) { - if( id != NULL ) { - ber_bvfree( *id ); - *id = NULL; + if( id && id->bv_val != NULL ) { + free( id->bv_val ); + id->bv_val = NULL; } - if( oldpass != NULL ) { - ber_bvfree( *oldpass ); - *oldpass = NULL; + if( oldpass && oldpass->bv_val != NULL ) { + free( oldpass->bv_val ); + oldpass->bv_val = NULL; } - if( newpass != NULL ) { - ber_bvfree( *newpass ); - *newpass = NULL; + if( newpass && newpass->bv_val != NULL ) { + free( newpass->bv_val ); + newpass->bv_val = NULL; } } @@ -239,8 +239,10 @@ struct berval * slap_passwd_return( struct berval *cred ) { int rc; - struct berval *bv; - BerElement *ber = ber_alloc_t(LBER_USE_DER); + struct berval *bv = NULL; + char berbuf[256]; + /* opaque structure, size unknown but smaller than berbuf */ + BerElement *ber = (BerElement *)berbuf; assert( cred != NULL ); @@ -251,21 +253,17 @@ struct berval * slap_passwd_return( Debug( LDAP_DEBUG_TRACE, "slap_passwd_return: %ld\n", (long) cred->bv_len, 0, 0 ); #endif - - - if( ber == NULL ) return NULL; + ber_init_w_nullc( ber, LBER_USE_DER ); + rc = ber_printf( ber, "{tON}", LDAP_TAG_EXOP_X_MODIFY_PASSWD_GEN, cred ); - if( rc == -1 ) { - ber_free( ber, 1 ); - return NULL; + if( rc >= 0 ) { + (void) ber_flatten( ber, &bv ); } - (void) ber_flatten( ber, &bv ); - - ber_free( ber, 1 ); + ber_free_buf( ber ); return bv; } @@ -276,8 +274,8 @@ slap_passwd_check( Attribute *a, struct berval *cred ) { - int i; int result = 1; + struct berval *bv; #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD ) ldap_pvt_thread_mutex_lock( &passwd_mutex ); @@ -286,8 +284,8 @@ slap_passwd_check( #endif #endif - for ( i = 0; a->a_vals[i] != NULL; i++ ) { - if( !lutil_passwd( a->a_vals[i], cred, NULL ) ) { + for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) { + if( !lutil_passwd( bv, cred, NULL ) ) { result = 0; break; } @@ -303,26 +301,36 @@ slap_passwd_check( return result; } -struct berval * slap_passwd_generate( void ) +void +slap_passwd_generate( struct berval *pass ) { + struct berval *tmp; #ifdef NEW_LOGGING LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY, "slap_passwd_generate: begin\n" )); #else Debug( LDAP_DEBUG_TRACE, "slap_passwd_generate\n", 0, 0, 0 ); #endif - - /* * generate passwords of only 8 characters as some getpass(3) * implementations truncate at 8 characters. */ - return lutil_passwd_generate( 8 ); + tmp = lutil_passwd_generate( 8 ); + if (tmp) { + *pass = *tmp; + free(tmp); + } else { + pass->bv_val = NULL; + pass->bv_len = 0; + } } -struct berval * slap_passwd_hash( - struct berval * cred ) +void +slap_passwd_hash( + struct berval * cred, + struct berval * new ) { + struct berval *tmp; #ifdef LUTIL_SHA1_BYTES char* hash = default_passwd_hash ? default_passwd_hash : "{SSHA}"; #else @@ -330,17 +338,17 @@ struct berval * slap_passwd_hash( #endif - struct berval *new; - #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD ) ldap_pvt_thread_mutex_lock( &passwd_mutex ); #endif - new = lutil_passwd_hash( cred , hash ); + tmp = lutil_passwd_hash( cred , hash ); #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD ) ldap_pvt_thread_mutex_unlock( &passwd_mutex ); #endif + *new = *tmp; + free( tmp ); - return new; + return; }