ITS#2423 - make the lib that allocates SASL prompt results responsible

author Howard Chu <hyc@openldap.org>

Sun, 6 Apr 2003 00:47:55 +0000 (00:47 +0000)

committer Howard Chu <hyc@openldap.org>

Sun, 6 Apr 2003 00:47:55 +0000 (00:47 +0000)
author Howard Chu <hyc@openldap.org>
Sun, 6 Apr 2003 00:47:55 +0000 (00:47 +0000)
committer Howard Chu <hyc@openldap.org>
Sun, 6 Apr 2003 00:47:55 +0000 (00:47 +0000)
diff --git a/include/lutil_ldap.h b/include/lutil_ldap.h

index a2ade220232a3c979a3cde90376025241b296429..a420ba7c33d24da03c0044b55bf9fe3df97129d8 100644 (file)
--- a/include/lutil_ldap.h
+++ b/include/lutil_ldap.h
@@ -22,6 +22,10 @@
  
  LDAP_BEGIN_DECL
  
+LDAP_LUTIL_F( void )
+lutil_sasl_freedefs LDAP_P((
+       void *defaults ));
+
  LDAP_LUTIL_F( void * )
  lutil_sasl_defaults LDAP_P((
         LDAP *ld,
diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c

index b984f133055db6be50b0dd6ff377e0c3ce2b975a..46449c54bc16ff96dcedb1e845c6bb7eef5b4eb6 100644 (file)
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -529,7 +529,6 @@ ldap_int_sasl_bind(
         sasl_ssf_t              *ssf = NULL;
         sasl_conn_t     *ctx;
         sasl_interact_t *prompts = NULL;
-       const void *promptresult = NULL;
         unsigned credlen;
         struct berval ccred;
         ber_socket_t            sd;
@@ -590,9 +589,6 @@ ldap_int_sasl_bind(
                         &credlen,
                         &mech );
  
-               /* Cyrus SASL library doesn't initialize the prompt result pointer */
-               if( promptresult == NULL && prompts != NULL ) prompts->result = NULL;
-
                 if( pmech == NULL && mech != NULL ) {
                         pmech = mech;
  
@@ -608,11 +604,6 @@ ldap_int_sasl_bind(
                         if( !interact ) break;
                         res = (interact)( ld, flags, defaults, prompts );
  
-                       /* keep a pointer to the prompt result so we can free it
-                        * after Cyrus SASL has consumed the prompts.
-                        */
-                       promptresult = prompts->result;
-
                         if( res != LDAP_SUCCESS ) break;
                 }
         } while ( saslrc == SASL_INTERACT );
@@ -688,9 +679,6 @@ ldap_int_sasl_bind(
                                 (SASL_CONST char **)&ccred.bv_val,
                                 &credlen );
  
-                       /* SASL library doesn't initialize the prompt result pointer */
-                       if( promptresult == NULL && prompts != NULL ) prompts->result = NULL;
-
  #ifdef NEW_LOGGING
                                 LDAP_LOG ( TRANSPORT, DETAIL1, 
                                         "ldap_int_sasl_bind: sasl_client_step: %d\n", saslrc,0,0 );
@@ -703,12 +691,6 @@ ldap_int_sasl_bind(
                                 int res;
                                 if( !interact ) break;
                                 res = (interact)( ld, flags, defaults, prompts );
-
-                               /* keep a pointer to the prompt result so we can free it
-                                * after Cyrus SASL has consumed the prompts.
-                                */
-                               promptresult = prompts->result;
-
                                 if( res != LDAP_SUCCESS ) break;
                         }
                 } while ( saslrc == SASL_INTERACT );
@@ -768,8 +750,6 @@ ldap_int_sasl_bind(
         }
  
  done:
-       /* free the last prompt result */
-       LDAP_FREE((void*)promptresult);
         return rc;
  }
  
diff --git a/libraries/liblutil/sasl.c b/libraries/liblutil/sasl.c

index c920eec66e30d8c5fb271407d87917c0fd0ecec2..9e522dece0e4ecee9e56ab8e65a577c9a010fac4 100644 (file)
--- a/libraries/liblutil/sasl.c
+++ b/libraries/liblutil/sasl.c
@@ -29,9 +29,27 @@ typedef struct lutil_sasl_defaults_s {
         char *authcid;
         char *passwd;
         char *authzid;
+       char **resps;
+       int nresps;
  } lutilSASLdefaults;
  
  
+void
+lutil_sasl_freedefs(
+       void *defaults )
+{
+       lutilSASLdefaults *defs = defaults;
+       
+       if (defs->mech) ber_memfree(defs->mech);
+       if (defs->realm) ber_memfree(defs->realm);
+       if (defs->authcid) ber_memfree(defs->authcid);
+       if (defs->passwd) ber_memfree(defs->passwd);
+       if (defs->authzid) ber_memfree(defs->authzid);
+       if (defs->resps) ldap_charray_free(defs->resps);
+
+       ber_memfree(defs);
+}
+
  void *
  lutil_sasl_defaults(
         LDAP *ld,
@@ -47,11 +65,11 @@ lutil_sasl_defaults(
  
         if( defaults == NULL ) return NULL;
  
-       defaults->mech = mech;
-       defaults->realm = realm;
-       defaults->authcid = authcid;
-       defaults->passwd = passwd;
-       defaults->authzid = authzid;
+       defaults->mech = mech ? ber_strdup(mech) : NULL;
+       defaults->realm = realm ? ber_strdup(realm) : NULL;
+       defaults->authcid = authcid ? ber_strdup(authcid) : NULL;
+       defaults->passwd = passwd ? ber_strdup(passwd) : NULL;
+       defaults->authzid = authzid ? ber_strdup(authzid) : NULL;
  
         if( defaults->mech == NULL ) {
                 ldap_get_option( ld, LDAP_OPT_X_SASL_MECH, &defaults->mech );
@@ -65,6 +83,8 @@ lutil_sasl_defaults(
         if( defaults->authzid == NULL ) {
                 ldap_get_option( ld, LDAP_OPT_X_SASL_AUTHZID, &defaults->authzid );
         }
+       defaults->resps = NULL;
+       defaults->nresps = 0;
  
         return defaults;
  }
@@ -160,7 +180,8 @@ static int interaction(
         if( interact->len > 0 ) {
                 /* duplicate */
                 char *p = (char *)interact->result;
-               interact->result = strdup( p );
+               ldap_charray_add(&defaults->resps, interact->result);
+               interact->result = defaults->resps[defaults->nresps++];
  
                 /* zap */
                 memset( p, '\0', interact->len );
@@ -168,15 +189,8 @@ static int interaction(
         } else {
  use_default:
                 /* input must be empty */
-               interact->result = strdup( (dflt && *dflt) ? dflt : "" );
-               interact->len = interact->result
-                       ? strlen( interact->result ) : 0;
-       }
-
-       if( defaults && defaults->passwd && interact->id == SASL_CB_PASS ) {
-               /* zap password after first use */
-               memset( defaults->passwd, '\0', strlen(defaults->passwd) );
-               defaults->passwd = NULL;
+               interact->result = (dflt && *dflt) ? dflt : "";
+               interact->len = strlen( interact->result );
         }
  
         return LDAP_SUCCESS;
@@ -190,12 +204,6 @@ int lutil_sasl_interact(
  {
         sasl_interact_t *interact = in;
  
-       if( interact->result ) {
-               /* we have results from a previous interaction */
-               free( (void *)interact->result );
-               interact->result = NULL;
-       }
-
         if( ld == NULL ) return LDAP_PARAM_ERROR;
  
         if( flags == LDAP_SASL_INTERACTIVE ) {
author	Howard Chu <hyc@openldap.org>
	Sun, 6 Apr 2003 00:47:55 +0000 (00:47 +0000)
committer	Howard Chu <hyc@openldap.org>
	Sun, 6 Apr 2003 00:47:55 +0000 (00:47 +0000)
include/lutil_ldap.h		patch \| blob \| history
libraries/libldap/cyrus.c		patch \| blob \| history
libraries/liblutil/sasl.c		patch \| blob \| history