From: Howard Chu Date: Sun, 6 Apr 2003 00:47:55 +0000 (+0000) Subject: ITS#2423 - make the lib that allocates SASL prompt results responsible X-Git-Tag: AUTOCONF_2_57~56 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=2ee7488d0b238c57ae4f7a18056d4e9ac8264ad1;p=openldap ITS#2423 - make the lib that allocates SASL prompt results responsible for freeing them. --- diff --git a/include/lutil_ldap.h b/include/lutil_ldap.h index a2ade22023..a420ba7c33 100644 --- a/include/lutil_ldap.h +++ b/include/lutil_ldap.h @@ -22,6 +22,10 @@ LDAP_BEGIN_DECL +LDAP_LUTIL_F( void ) +lutil_sasl_freedefs LDAP_P(( + void *defaults )); + LDAP_LUTIL_F( void * ) lutil_sasl_defaults LDAP_P(( LDAP *ld, diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c index b984f13305..46449c54bc 100644 --- a/libraries/libldap/cyrus.c +++ b/libraries/libldap/cyrus.c @@ -529,7 +529,6 @@ ldap_int_sasl_bind( sasl_ssf_t *ssf = NULL; sasl_conn_t *ctx; sasl_interact_t *prompts = NULL; - const void *promptresult = NULL; unsigned credlen; struct berval ccred; ber_socket_t sd; @@ -590,9 +589,6 @@ ldap_int_sasl_bind( &credlen, &mech ); - /* Cyrus SASL library doesn't initialize the prompt result pointer */ - if( promptresult == NULL && prompts != NULL ) prompts->result = NULL; - if( pmech == NULL && mech != NULL ) { pmech = mech; @@ -608,11 +604,6 @@ ldap_int_sasl_bind( if( !interact ) break; res = (interact)( ld, flags, defaults, prompts ); - /* keep a pointer to the prompt result so we can free it - * after Cyrus SASL has consumed the prompts. - */ - promptresult = prompts->result; - if( res != LDAP_SUCCESS ) break; } } while ( saslrc == SASL_INTERACT ); @@ -688,9 +679,6 @@ ldap_int_sasl_bind( (SASL_CONST char **)&ccred.bv_val, &credlen ); - /* SASL library doesn't initialize the prompt result pointer */ - if( promptresult == NULL && prompts != NULL ) prompts->result = NULL; - #ifdef NEW_LOGGING LDAP_LOG ( TRANSPORT, DETAIL1, "ldap_int_sasl_bind: sasl_client_step: %d\n", saslrc,0,0 ); @@ -703,12 +691,6 @@ ldap_int_sasl_bind( int res; if( !interact ) break; res = (interact)( ld, flags, defaults, prompts ); - - /* keep a pointer to the prompt result so we can free it - * after Cyrus SASL has consumed the prompts. - */ - promptresult = prompts->result; - if( res != LDAP_SUCCESS ) break; } } while ( saslrc == SASL_INTERACT ); @@ -768,8 +750,6 @@ ldap_int_sasl_bind( } done: - /* free the last prompt result */ - LDAP_FREE((void*)promptresult); return rc; } diff --git a/libraries/liblutil/sasl.c b/libraries/liblutil/sasl.c index c920eec66e..9e522dece0 100644 --- a/libraries/liblutil/sasl.c +++ b/libraries/liblutil/sasl.c @@ -29,9 +29,27 @@ typedef struct lutil_sasl_defaults_s { char *authcid; char *passwd; char *authzid; + char **resps; + int nresps; } lutilSASLdefaults; +void +lutil_sasl_freedefs( + void *defaults ) +{ + lutilSASLdefaults *defs = defaults; + + if (defs->mech) ber_memfree(defs->mech); + if (defs->realm) ber_memfree(defs->realm); + if (defs->authcid) ber_memfree(defs->authcid); + if (defs->passwd) ber_memfree(defs->passwd); + if (defs->authzid) ber_memfree(defs->authzid); + if (defs->resps) ldap_charray_free(defs->resps); + + ber_memfree(defs); +} + void * lutil_sasl_defaults( LDAP *ld, @@ -47,11 +65,11 @@ lutil_sasl_defaults( if( defaults == NULL ) return NULL; - defaults->mech = mech; - defaults->realm = realm; - defaults->authcid = authcid; - defaults->passwd = passwd; - defaults->authzid = authzid; + defaults->mech = mech ? ber_strdup(mech) : NULL; + defaults->realm = realm ? ber_strdup(realm) : NULL; + defaults->authcid = authcid ? ber_strdup(authcid) : NULL; + defaults->passwd = passwd ? ber_strdup(passwd) : NULL; + defaults->authzid = authzid ? ber_strdup(authzid) : NULL; if( defaults->mech == NULL ) { ldap_get_option( ld, LDAP_OPT_X_SASL_MECH, &defaults->mech ); @@ -65,6 +83,8 @@ lutil_sasl_defaults( if( defaults->authzid == NULL ) { ldap_get_option( ld, LDAP_OPT_X_SASL_AUTHZID, &defaults->authzid ); } + defaults->resps = NULL; + defaults->nresps = 0; return defaults; } @@ -160,7 +180,8 @@ static int interaction( if( interact->len > 0 ) { /* duplicate */ char *p = (char *)interact->result; - interact->result = strdup( p ); + ldap_charray_add(&defaults->resps, interact->result); + interact->result = defaults->resps[defaults->nresps++]; /* zap */ memset( p, '\0', interact->len ); @@ -168,15 +189,8 @@ static int interaction( } else { use_default: /* input must be empty */ - interact->result = strdup( (dflt && *dflt) ? dflt : "" ); - interact->len = interact->result - ? strlen( interact->result ) : 0; - } - - if( defaults && defaults->passwd && interact->id == SASL_CB_PASS ) { - /* zap password after first use */ - memset( defaults->passwd, '\0', strlen(defaults->passwd) ); - defaults->passwd = NULL; + interact->result = (dflt && *dflt) ? dflt : ""; + interact->len = strlen( interact->result ); } return LDAP_SUCCESS; @@ -190,12 +204,6 @@ int lutil_sasl_interact( { sasl_interact_t *interact = in; - if( interact->result ) { - /* we have results from a previous interaction */ - free( (void *)interact->result ); - interact->result = NULL; - } - if( ld == NULL ) return LDAP_PARAM_ERROR; if( flags == LDAP_SASL_INTERACTIVE ) {