From: Kurt Zeilenga Date: Fri, 1 Apr 2005 23:29:02 +0000 (+0000) Subject: ITS#3620: Initial Unbind control fix X-Git-Tag: OPENLDAP_AC_BP~1012 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=c57f4401189035baabccfaeafe63e79db27c43b8;p=openldap ITS#3620: Initial Unbind control fix A better fix would be to use the _ext interface Also add and use a tool_destroy() function (to destroy SASL/TLS contexts). --- diff --git a/clients/tools/common.c b/clients/tools/common.c index 39c6586d30..49d2052cfd 100644 --- a/clients/tools/common.c +++ b/clients/tools/common.c @@ -97,6 +97,17 @@ tool_init( void ) ldap_pvt_textdomain(OPENLDAP_PACKAGE); } +void +tool_destroy( void ) +{ +#ifdef HAVE_CYRUS_SASL + sasl_done(); +#endif +#ifdef HAVE_TLS + ldap_pvt_tls_destroy(); +#endif +} + void tool_common_usage( void ) { @@ -918,6 +929,18 @@ tool_bind( LDAP *ld ) } } +void +tool_unbind( LDAP *ld ) +{ + int err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL ); + + if ( err != LDAP_OPT_SUCCESS ) { + fprintf( stderr, "Could not unset controls\n"); + } + + (void) ldap_unbind_ext( ld, NULL, NULL ); +} + /* Set server controls. Add controls extra_c[0..count-1], if set. */ void diff --git a/clients/tools/common.h b/clients/tools/common.h index d6903ac9f9..fc7632b6bc 100644 --- a/clients/tools/common.h +++ b/clients/tools/common.h @@ -77,6 +77,8 @@ void tool_common_usage LDAP_P(( void )); void tool_args LDAP_P(( int, char ** )); LDAP *tool_conn_setup LDAP_P(( int dont, void (*private_setup)( LDAP * ) )); void tool_bind LDAP_P(( LDAP * )); +void tool_unbind LDAP_P(( LDAP * )); +void tool_destroy LDAP_P(( void )); void tool_server_controls LDAP_P(( LDAP *, LDAPControl *, int )); LDAP_END_DECL diff --git a/clients/tools/ldapcompare.c b/clients/tools/ldapcompare.c index 7023e9b63d..ed128768cf 100644 --- a/clients/tools/ldapcompare.c +++ b/clients/tools/ldapcompare.c @@ -217,8 +217,8 @@ main( int argc, char **argv ) free( bvalue.bv_val ); - ldap_unbind_ext( ld, NULL, NULL ); - + tool_unbind( ld ); + tool_destroy(); return rc; } diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c index 4617aa5025..101803a8b9 100644 --- a/clients/tools/ldapdelete.c +++ b/clients/tools/ldapdelete.c @@ -197,9 +197,9 @@ main( int argc, char **argv ) } } - ldap_unbind_ext( ld, NULL, NULL ); - - return( retval ); + tool_unbind( ld ); + tool_destroy(); + return retval; } diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c index 646f50d778..72d000020b 100644 --- a/clients/tools/ldapmodify.c +++ b/clients/tools/ldapmodify.c @@ -405,13 +405,14 @@ main( int argc, char **argv ) #endif if ( !not ) { - ldap_unbind_ext( ld, NULL, NULL ); + tool_unbind( ld ); } if ( rejfp != NULL ) { fclose( rejfp ); } + tool_destroy(); return( retval ); } diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c index 827a372d25..188855b62b 100644 --- a/clients/tools/ldapmodrdn.c +++ b/clients/tools/ldapmodrdn.c @@ -227,8 +227,8 @@ main(int argc, char **argv) } } - ldap_unbind_ext( ld, NULL, NULL ); - + tool_unbind( ld ); + tool_destroy(); return( retval ); } diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c index 145b87fde3..e3184bcc67 100644 --- a/clients/tools/ldappasswd.c +++ b/clients/tools/ldappasswd.c @@ -196,7 +196,10 @@ main( int argc, char *argv[] ) if( oldpwfile ) { rc = lutil_get_filed_password( oldpwfile, &oldpw ); - if( rc ) return EXIT_FAILURE; + if( rc ) { + rc = EXIT_FAILURE; + goto done; + } } if( want_oldpw && oldpw.bv_val == NULL ) { @@ -209,7 +212,8 @@ main( int argc, char *argv[] ) strcmp( oldpw.bv_val, ckoldpw )) { fprintf( stderr, _("passwords do not match\n") ); - return EXIT_FAILURE; + rc = EXIT_FAILURE; + goto done; } oldpw.bv_len = strlen( oldpw.bv_val ); @@ -217,7 +221,10 @@ main( int argc, char *argv[] ) if( newpwfile ) { rc = lutil_get_filed_password( newpwfile, &newpw ); - if( rc ) return EXIT_FAILURE; + if( rc ) { + rc = EXIT_FAILURE; + goto done; + } } if( want_newpw && newpw.bv_val == NULL ) { @@ -230,7 +237,8 @@ main( int argc, char *argv[] ) strcmp( newpw.bv_val, cknewpw )) { fprintf( stderr, _("passwords do not match\n") ); - return EXIT_FAILURE; + rc = EXIT_FAILURE; + goto done; } newpw.bv_len = strlen( newpw.bv_val ); @@ -238,7 +246,10 @@ main( int argc, char *argv[] ) if ( pw_file ) { rc = lutil_get_filed_password( pw_file, &passwd ); - if( rc ) return EXIT_FAILURE; + if( rc ) { + rc = EXIT_FAILURE; + goto done; + } } else if ( want_bindpw ) { passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") ); @@ -259,8 +270,8 @@ main( int argc, char *argv[] ) if( ber == NULL ) { perror( "ber_alloc_t" ); - ldap_unbind_ext( ld, NULL, NULL ); - return EXIT_FAILURE; + rc = EXIT_FAILURE; + goto done; } ber_printf( ber, "{" /*}*/ ); @@ -289,14 +300,14 @@ main( int argc, char *argv[] ) if( rc < 0 ) { perror( "ber_flatten2" ); - ldap_unbind_ext( ld, NULL, NULL ); - return EXIT_FAILURE; + rc = EXIT_FAILURE; + goto done; } } if ( not ) { rc = LDAP_SUCCESS; - goto skip; + goto done; } rc = ldap_extended_operation( ld, @@ -307,14 +318,15 @@ main( int argc, char *argv[] ) if( rc != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_extended_operation" ); - ldap_unbind_ext( ld, NULL, NULL ); - return EXIT_FAILURE; + rc = EXIT_FAILURE; + goto done; } rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, NULL, &res ); if ( rc < 0 ) { ldap_perror( ld, "ldappasswd: ldap_result" ); - return rc; + rc = EXIT_FAILURE; + goto done; } rc = ldap_parse_result( ld, res, @@ -322,14 +334,16 @@ main( int argc, char *argv[] ) if( rc != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_parse_result" ); - return rc; + rc = EXIT_FAILURE; + goto done; } rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 ); if( rc != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_parse_result" ); - return rc; + rc = EXIT_FAILURE; + goto done; } if( retdata != NULL ) { @@ -339,8 +353,8 @@ main( int argc, char *argv[] ) if( ber == NULL ) { perror( "ber_init" ); - ldap_unbind_ext( ld, NULL, NULL ); - return EXIT_FAILURE; + rc = EXIT_FAILURE; + goto done; } /* we should check the tag */ @@ -381,9 +395,11 @@ main( int argc, char *argv[] ) ber_memfree( retoid ); ber_bvfree( retdata ); -skip: - /* disconnect from server */ - ldap_unbind_ext( ld, NULL, NULL ); + rc = ( code == LDAP_SUCCESS ) ? EXIT_SUCCESS : EXIT_FAILURE; - return code == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE; +done: + /* disconnect from server */ + tool_unbind( ld ); + tool_destroy(); + return rc; } diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c index 5e07b00c1b..9345c77c25 100644 --- a/clients/tools/ldapsearch.c +++ b/clients/tools/ldapsearch.c @@ -363,6 +363,7 @@ handle_private_option( int i ) domainScope = 1 + crit; #endif + #ifdef LDAP_CONTROL_SUBENTRIES } else if ( strcasecmp( control, "subentries" ) == 0 ) { if( subentries ) { @@ -708,7 +709,7 @@ getNextPage: } err = ber_printf( seber, "b", abs(subentries) == 1 ? 0 : 1 ); - if ( err == -1 ) { + if ( err == -1 ) { ber_free( seber, 1 ); fprintf( stderr, _("Subentries control encoding error!\n") ); return EXIT_FAILURE; @@ -942,13 +943,8 @@ getNextPage: } #endif - ldap_unbind_ext( ld, NULL, NULL ); -#ifdef HAVE_CYRUS_SASL - sasl_done(); -#endif -#ifdef HAVE_TLS - ldap_pvt_tls_destroy(); -#endif + tool_unbind( ld ); + tool_destroy(); return( rc ); } diff --git a/clients/tools/ldapwhoami.c b/clients/tools/ldapwhoami.c index 1aca040096..82f187a55a 100644 --- a/clients/tools/ldapwhoami.c +++ b/clients/tools/ldapwhoami.c @@ -193,7 +193,8 @@ main( int argc, char *argv[] ) skip: /* disconnect from server */ - ldap_unbind (ld); + tool_unbind( ld ); + tool_destroy(); return rc == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE; }