From: Pierangelo Masarati Date: Wed, 17 Mar 2004 22:36:47 +0000 (+0000) Subject: carefully check the URI X-Git-Tag: OPENLDAP_REL_ENG_2_2_BP~234 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=66ee9b2d73ee7d61025990bee404d29946a326ba;p=openldap carefully check the URI --- diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c index 5baef7722d..32da6f9f3d 100644 --- a/servers/slapd/back-ldap/config.c +++ b/servers/slapd/back-ldap/config.c @@ -70,15 +70,62 @@ ldap_back_db_config( /* URI of server to query (preferred over "server" directive) */ } else if ( strcasecmp( argv[0], "uri" ) == 0 ) { + LDAPURLDesc *lud, tmplud; + if (argc != 2) { - fprintf( stderr, - "%s: line %d: missing address in \"uri
\" line\n", - fname, lineno ); + fprintf( stderr, "%s: line %d: " + "missing uri " + "in \"uri \" line\n", + fname, lineno ); return( 1 ); } - if (li->url != NULL) - ch_free(li->url); - li->url = ch_strdup(argv[1]); + if ( li->url != NULL ) { + ch_free( li->url ); + } + + if ( ldap_url_parse( argv[ 1 ], &lud ) != LDAP_URL_SUCCESS ) { + fprintf( stderr, "%s: line %d: " + "unable to parse uri \"%s\" " + "in \"uri \" line\n", + fname, lineno, argv[ 1 ] ); + return 1; + } + + if ( ( lud->lud_dn != NULL && lud->lud_dn[0] != '\0' ) + || lud->lud_attrs != NULL + || lud->lud_filter != NULL + || lud->lud_exts != NULL ) + { + fprintf( stderr, "%s: line %d: " + "warning, only protocol, " + "host and port allowed " + "in \"uri \" line\n", + fname, lineno ); + } + +#if 0 + tmplud = *lud; + tmplud.lud_dn = NULL; + tmplud.lud_attrs = NULL; + tmplud.lud_filter = NULL; + if ( !ldap_is_ldapi_url( argv[ 1 ] ) ) { + tmplud.lud_exts = NULL; + tmplud.lud_crit_exts = 0; + } + + li->url = ldap_url_desc2str( &tmplud ); + if ( li->url == NULL ) { + fprintf( stderr, "%s: line %d: " + "unable to rebuild uri \"%s\" " + "in \"uri \" line\n", + fname, lineno, argv[ 1 ] ); + return 1; + } +#else + li->url = ch_strdup( argv[ 1 ] ); +#endif + + ldap_free_urldesc( lud ); /* name to use for ldap_back_group */ } else if ( strcasecmp( argv[0], "binddn" ) == 0 ) {