From 35f8b9c9f53f5faed8ce4c97848dd1378f622075 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Mon, 4 Sep 2006 07:20:59 +0000 Subject: [PATCH] release authz resources at shutdown --- servers/slapd/main.c | 4 ++- servers/slapd/proto-slap.h | 1 + servers/slapd/saslauthz.c | 58 ++++++++++++++++++++++++++------------ 3 files changed, 44 insertions(+), 19 deletions(-) diff --git a/servers/slapd/main.c b/servers/slapd/main.c index a62e633e38..c7036fae5c 100644 --- a/servers/slapd/main.c +++ b/servers/slapd/main.c @@ -961,11 +961,13 @@ stop: #ifdef HAVE_TLS if ( slap_tls_ld ) { SSL_CTX_free( slap_tls_ctx ); - ldap_unbind( slap_tls_ld ); + ldap_unbind_ext( slap_tls_ld, NULL, NULL ); } ldap_pvt_tls_destroy(); #endif + slap_sasl_regexp_destroy(); + if ( slapd_pid_file_unlink ) { unlink( slapd_pid_file ); } diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 8246077f6c..dac07b4075 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -1453,6 +1453,7 @@ LDAP_SLAPD_F (int) slap_sasl_rewrite_config LDAP_P(( int lineno, int argc, char **argv )); +LDAP_SLAPD_F (void) slap_sasl_regexp_destroy LDAP_P(( void )); #endif /* SLAP_AUTH_REWRITE */ LDAP_SLAPD_F (int) authzValidate LDAP_P(( Syntax *syn, struct berval *in )); diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index dec0041415..3fd24ad87d 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -1313,7 +1313,8 @@ int slap_sasl_rewrite_config( return rc; } -int slap_sasl_rewrite_destroy( void ) +static int +slap_sasl_rewrite_destroy( void ) { if ( sasl_rwinfo ) { rewrite_info_delete( &sasl_rwinfo ); @@ -1373,38 +1374,59 @@ int slap_sasl_regexp_config( const char *match, const char *replace ) reg = &SaslRegexp[nSaslRegexp]; - reg->sr_match = ch_strdup( match ); - reg->sr_replace = ch_strdup( replace ); - #ifdef SLAP_AUTH_REWRITE rc = slap_sasl_regexp_rewrite_config( "sasl-regexp", 0, match, replace, AUTHID_CONTEXT ); - if ( rc == LDAP_SUCCESS ) nSaslRegexp++; - return rc; #else /* ! SLAP_AUTH_REWRITE */ /* Precompile matching pattern */ - rc = regcomp( ®->sr_workspace, reg->sr_match, REG_EXTENDED|REG_ICASE ); + rc = regcomp( ®->sr_workspace, match, REG_EXTENDED|REG_ICASE ); if ( rc ) { Debug( LDAP_DEBUG_ANY, - "SASL match pattern %s could not be compiled by regexp engine\n", - reg->sr_match, 0, 0 ); + "SASL match pattern %s could not be compiled by regexp engine\n", + match, 0, 0 ); #ifdef ENABLE_REWRITE - /* Dummy block to force symbol references in librewrite */ - if ( slapMode == ( SLAP_SERVER_MODE|SLAP_TOOL_MODE )) { - rewrite_info_init( 0 ); - } + /* Dummy block to force symbol references in librewrite */ + if ( slapMode == ( SLAP_SERVER_MODE|SLAP_TOOL_MODE )) { + rewrite_info_init( 0 ); + } #endif return( LDAP_OTHER ); } - rc = slap_sasl_rx_off( reg->sr_replace, reg->sr_offset ); - if ( rc != LDAP_SUCCESS ) return rc; - - nSaslRegexp++; - return( LDAP_SUCCESS ); + rc = slap_sasl_rx_off( replace, reg->sr_offset ); #endif /* ! SLAP_AUTH_REWRITE */ + if ( rc == LDAP_SUCCESS ) { + reg->sr_match = ch_strdup( match ); + reg->sr_replace = ch_strdup( replace ); + + nSaslRegexp++; + } + + return rc; +} + +void +slap_sasl_regexp_destroy( void ) +{ + if ( SaslRegexp ) { + int n; + + for ( n = 0; n < nSaslRegexp; n++ ) { + ch_free( SaslRegexp[ n ].sr_match ); + ch_free( SaslRegexp[ n ].sr_replace ); +#ifndef SLAP_AUTH_REWRITE + regfree( &SaslRegexp[ n ].sr_workspace ); +#endif /* SLAP_AUTH_REWRITE */ + } + + ch_free( SaslRegexp ); + } + +#ifdef SLAP_AUTH_REWRITE + slap_sasl_rewrite_destroy(); +#endif /* SLAP_AUTH_REWRITE */ } void slap_sasl_regexp_unparse( BerVarray *out ) -- 2.39.5