From 5e522ca882d304fababd62220ab8ce3a1f27d588 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Mon, 28 Jan 2002 11:41:07 +0000 Subject: [PATCH] Changed Access.a_sockurl_pat, Connection.c_listener_url etc. to struct bervals --- servers/slapd/acl.c | 103 +++++++++++------------------- servers/slapd/aclparse.c | 56 ++++++++-------- servers/slapd/back-monitor/conn.c | 8 +-- servers/slapd/connection.c | 60 +++++++++-------- servers/slapd/slap.h | 16 ++--- 5 files changed, 113 insertions(+), 130 deletions(-) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 89aade2551..5f62a29129 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -67,9 +67,9 @@ static int aci_mask( #endif static int regex_matches( - char *pat, char *str, char *buf, regmatch_t *matches); + struct berval *pat, char *str, char *buf, regmatch_t *matches); static void string_expand( - struct berval *newbuf, char *pattern, + struct berval *newbuf, struct berval *pattern, char *match, regmatch_t *matches); typedef struct AciSetCookie { @@ -553,7 +553,7 @@ acl_mask( } else if ( b->a_dn_style == ACL_STYLE_REGEX ) { if ( ber_bvccmp( &b->a_dn_pat, '*' ) == 0 ) { - int ret = regex_matches( b->a_dn_pat.bv_val, + int ret = regex_matches( &b->a_dn_pat, op->o_ndn.bv_val, e->e_ndn, matches ); if( ret == 0 ) { @@ -604,94 +604,94 @@ acl_mask( } } - if ( b->a_sockurl_pat != NULL ) { + if ( b->a_sockurl_pat.bv_len ) { #ifdef NEW_LOGGING LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1, "acl_mask: conn %d check a_sockurl_pat: %s\n", - conn->c_connid, b->a_sockurl_pat )); + conn->c_connid, b->a_sockurl_pat.bv_val )); #else Debug( LDAP_DEBUG_ACL, "<= check a_sockurl_pat: %s\n", - b->a_sockurl_pat, 0, 0 ); + b->a_sockurl_pat.bv_val, 0, 0 ); #endif - if ( ber_strccmp( b->a_sockurl_pat, '*' ) != 0) { + if ( ber_bvccmp( &b->a_sockurl_pat, '*' ) != 0) { if ( b->a_sockurl_style == ACL_STYLE_REGEX) { - if (!regex_matches( b->a_sockurl_pat, conn->c_listener_url, + if (!regex_matches( &b->a_sockurl_pat, conn->c_listener_url.bv_val, e->e_ndn, matches ) ) { continue; } } else { - if ( strcasecmp( b->a_sockurl_pat, conn->c_listener_url ) != 0 ) + if ( ber_bvstrcasecmp( &b->a_sockurl_pat, &conn->c_listener_url ) != 0 ) continue; } } } - if ( b->a_domain_pat != NULL ) { + if ( b->a_domain_pat.bv_len ) { #ifdef NEW_LOGGING LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1, "acl_mask: conn %d check a_domain_pat: %s\n", - conn->c_connid, b->a_domain_pat )); + conn->c_connid, b->a_domain_pat.bv_val )); #else Debug( LDAP_DEBUG_ACL, "<= check a_domain_pat: %s\n", - b->a_domain_pat, 0, 0 ); + b->a_domain_pat.bv_val, 0, 0 ); #endif - if ( ber_strccmp( b->a_domain_pat, '*' ) != 0) { + if ( ber_bvccmp( &b->a_domain_pat, '*' ) != 0) { if ( b->a_domain_style == ACL_STYLE_REGEX) { - if (!regex_matches( b->a_domain_pat, conn->c_peer_domain, + if (!regex_matches( &b->a_domain_pat, conn->c_peer_domain.bv_val, e->e_ndn, matches ) ) { continue; } } else { - if ( strcasecmp( b->a_domain_pat, conn->c_peer_domain ) != 0 ) + if ( ber_bvstrcasecmp( &b->a_domain_pat, &conn->c_peer_domain ) != 0 ) continue; } } } - if ( b->a_peername_pat != NULL ) { + if ( b->a_peername_pat.bv_len ) { #ifdef NEW_LOGGING LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1, "acl_mask: conn %d check a_perrname_path: %s\n", - conn->c_connid, b->a_peername_pat )); + conn->c_connid, b->a_peername_pat.bv_val )); #else Debug( LDAP_DEBUG_ACL, "<= check a_peername_path: %s\n", - b->a_peername_pat, 0, 0 ); + b->a_peername_pat.bv_val, 0, 0 ); #endif - if ( ber_strccmp( b->a_peername_pat, '*' ) != 0) { + if ( ber_bvccmp( &b->a_peername_pat, '*' ) != 0) { if ( b->a_peername_style == ACL_STYLE_REGEX) { - if (!regex_matches( b->a_peername_pat, conn->c_peer_name, + if (!regex_matches( &b->a_peername_pat, conn->c_peer_name.bv_val, e->e_ndn, matches ) ) { continue; } } else { - if ( strcasecmp( b->a_peername_pat, conn->c_peer_name ) != 0 ) + if ( ber_bvstrcasecmp( &b->a_peername_pat, &conn->c_peer_name ) != 0 ) continue; } } } - if ( b->a_sockname_pat != NULL ) { + if ( b->a_sockname_pat.bv_len ) { #ifdef NEW_LOGGING LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1, "acl_mask: conn %d check a_sockname_path: %s\n", - conn->c_connid, b->a_sockname_pat )); + conn->c_connid, b->a_sockname_pat.bv_val )); #else Debug( LDAP_DEBUG_ACL, "<= check a_sockname_path: %s\n", - b->a_sockname_pat, 0, 0 ); + b->a_sockname_pat.bv_val, 0, 0 ); #endif - if ( ber_strccmp( b->a_sockname_pat, '*' ) != 0) { + if ( ber_bvccmp( &b->a_sockname_pat, '*' ) != 0) { if ( b->a_sockname_style == ACL_STYLE_REGEX) { - if (!regex_matches( b->a_sockname_pat, conn->c_sock_name, + if (!regex_matches( &b->a_sockname_pat, conn->c_sock_name.bv_val, e->e_ndn, matches ) ) { continue; } } else { - if ( strcasecmp( b->a_sockname_pat, conn->c_sock_name ) != 0 ) + if ( ber_bvstrcasecmp( &b->a_sockname_pat, &conn->c_sock_name ) != 0 ) continue; } } @@ -780,7 +780,7 @@ acl_mask( */ /* see if asker is listed in dnattr */ if ( b->a_group_style == ACL_STYLE_REGEX ) { - string_expand(&bv, b->a_group_pat.bv_val, e->e_ndn, matches); + string_expand(&bv, &b->a_group_pat, e->e_ndn, matches); if ( dnNormalize2(NULL, &bv, &ndn) != LDAP_SUCCESS ) { /* did not expand to a valid dn */ continue; @@ -1173,26 +1173,6 @@ aci_bvstrdup( struct berval *bv ) return(s); } -#ifdef SLAPD_ACI_ENABLED -static int -aci_strbvcmp( - const char *s, - struct berval *bv ) -{ - int res, len; - - res = strncasecmp( s, bv->bv_val, bv->bv_len ); - if (res) - return(res); - len = strlen(s); - if (len > (int)bv->bv_len) - return(1); - if (len < (int)bv->bv_len) - return(-1); - return(0); -} -#endif - static int aci_get_part( struct berval *list, @@ -1502,7 +1482,7 @@ aci_group_member ( ) { struct berval bv; - char *subjdn; + struct berval subjdn; struct berval grpoc; struct berval grpat; ObjectClass *grp_oc = NULL; @@ -1511,12 +1491,7 @@ aci_group_member ( int rc; /* format of string is "group/objectClassValue/groupAttrName" */ - if (aci_get_part(subj, 0, '/', &bv) < 0) { - return(0); - } - - subjdn = aci_bvstrdup(&bv); - if (subjdn == NULL) { + if (aci_get_part(subj, 0, '/', &subjdn) < 0) { return(0); } @@ -1541,7 +1516,7 @@ aci_group_member ( struct berval ndn; bv.bv_val = (char *)ch_malloc(1024); bv.bv_len = 1024; - string_expand(&bv, subjdn, e->e_ndn, matches); + string_expand(&bv, &subjdn, e->e_ndn, matches); if ( dnNormalize2(NULL, &bv, &ndn) == LDAP_SUCCESS ) { rc = (backend_group(be, conn, op, e, &ndn, &op->o_ndn, grp_oc, grp_ad) == 0); free( ndn.bv_val ); @@ -1550,7 +1525,6 @@ aci_group_member ( } done: - ch_free(subjdn); return(rc); } @@ -1691,7 +1665,7 @@ aci_mask( static void string_expand( struct berval *bv, - char *pat, + struct berval *pat, char *match, regmatch_t *matches) { @@ -1705,7 +1679,8 @@ string_expand( bv->bv_len--; /* leave space for lone $ */ flag = 0; - for ( dp = bv->bv_val, sp = pat; size < bv->bv_len && *sp ; sp++) { + for ( dp = bv->bv_val, sp = pat->bv_val; size < bv->bv_len && + sp < pat->bv_val + pat->bv_len ; sp++) { /* did we previously see a $ */ if (flag) { if (*sp == '$') { @@ -1748,18 +1723,18 @@ string_expand( #ifdef NEW_LOGGING LDAP_LOG(( "aci", LDAP_LEVEL_DETAIL1, - "string_expand: pattern = %s\n", pat )); + "string_expand: pattern = %.*s\n", pat->bv_len, pat->bv_val )); LDAP_LOG(( "aci", LDAP_LEVEL_DETAIL1, "string_expand: expanded = %s\n", bv->bv_val )); #else - Debug( LDAP_DEBUG_TRACE, "=> string_expand: pattern: %s\n", pat, 0, 0 ); + Debug( LDAP_DEBUG_TRACE, "=> string_expand: pattern: %.*s\n", pat->bv_len, pat->bv_val, 0 ); Debug( LDAP_DEBUG_TRACE, "=> string_expand: expanded: %s\n", bv->bv_val, 0, 0 ); #endif } static int regex_matches( - char *pat, /* pattern to expand and match against */ + struct berval *pat, /* pattern to expand and match against */ char *str, /* string to match against pattern */ char *buf, /* buffer with $N expansion variables */ regmatch_t *matches /* offsets in buffer for $N expansion variables */ @@ -1780,11 +1755,11 @@ regex_matches( #ifdef NEW_LOGGING LDAP_LOG(( "aci", LDAP_LEVEL_ERR, "regex_matches: compile( \"%s\", \"%s\") failed %s\n", - pat, str, error )); + pat->bv_val, str, error )); #else Debug( LDAP_DEBUG_TRACE, "compile( \"%s\", \"%s\") failed %s\n", - pat, str, error ); + pat->bv_val, str, error ); #endif return( 0 ); } diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index 52a45147cb..ff94193c25 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -587,7 +587,7 @@ parse_acl( acl_usage(); } - if( b->a_peername_pat != NULL ) { + if( b->a_peername_pat.bv_len ) { fprintf( stderr, "%s: line %d: peername pattern already specified.\n", fname, lineno ); @@ -599,9 +599,9 @@ parse_acl( bv.bv_val = right; acl_regex_normalized_dn( &bv ); regtest(fname, lineno, bv.bv_val); - b->a_peername_pat = bv.bv_val; + b->a_peername_pat = bv; } else { - b->a_peername_pat = ch_strdup( right ); + ber_str2bv( right, 0, 1, &b->a_peername_pat ); } continue; } @@ -614,7 +614,7 @@ parse_acl( acl_usage(); } - if( b->a_sockname_pat != NULL ) { + if( b->a_sockname_pat.bv_len ) { fprintf( stderr, "%s: line %d: sockname pattern already specified.\n", fname, lineno ); @@ -626,9 +626,9 @@ parse_acl( bv.bv_val = right; acl_regex_normalized_dn( &bv ); regtest(fname, lineno, bv.bv_val); - b->a_sockname_pat = bv.bv_val; + b->a_sockname_pat = bv; } else { - b->a_sockname_pat = ch_strdup( right ); + ber_str2bv( right, 0, 1, &b->a_sockname_pat ); } continue; } @@ -641,7 +641,7 @@ parse_acl( acl_usage(); } - if( b->a_domain_pat != NULL ) { + if( b->a_domain_pat.bv_len ) { fprintf( stderr, "%s: line %d: domain pattern already specified.\n", fname, lineno ); @@ -653,9 +653,9 @@ parse_acl( bv.bv_val = right; acl_regex_normalized_dn( &bv ); regtest(fname, lineno, bv.bv_val); - b->a_domain_pat = bv.bv_val; + b->a_domain_pat = bv; } else { - b->a_domain_pat = ch_strdup( right ); + ber_str2bv( right, 0, 1, &b->a_domain_pat ); } continue; } @@ -668,7 +668,7 @@ parse_acl( acl_usage(); } - if( b->a_sockurl_pat != NULL ) { + if( b->a_sockurl_pat.bv_len ) { fprintf( stderr, "%s: line %d: sockurl pattern already specified.\n", fname, lineno ); @@ -680,9 +680,9 @@ parse_acl( bv.bv_val = right; acl_regex_normalized_dn( &bv ); regtest(fname, lineno, bv.bv_val); - b->a_sockurl_pat = bv.bv_val; + b->a_sockurl_pat = bv; } else { - b->a_sockurl_pat = ch_strdup( right ); + ber_str2bv( right, 0, 1, &b->a_sockurl_pat ); } continue; } @@ -1249,14 +1249,14 @@ access_free( Access *a ) { if ( a->a_dn_pat.bv_val ) free ( a->a_dn_pat.bv_val ); - if ( a->a_peername_pat ) - free ( a->a_peername_pat ); - if ( a->a_sockname_pat ) - free ( a->a_sockname_pat ); - if ( a->a_domain_pat ) - free ( a->a_domain_pat ); - if ( a->a_sockurl_pat ) - free ( a->a_sockurl_pat ); + if ( a->a_peername_pat.bv_val ) + free ( a->a_peername_pat.bv_val ); + if ( a->a_sockname_pat.bv_val ) + free ( a->a_sockname_pat.bv_val ); + if ( a->a_domain_pat.bv_val ) + free ( a->a_domain_pat.bv_val ); + if ( a->a_sockurl_pat.bv_val ) + free ( a->a_sockurl_pat.bv_val ); if ( a->a_set_pat.bv_len ) free ( a->a_set_pat.bv_val ); if ( a->a_group_pat.bv_len ) @@ -1403,20 +1403,20 @@ print_access( Access *b ) } } - if ( b->a_peername_pat != NULL ) { - fprintf( stderr, " peername=%s", b->a_peername_pat ); + if ( b->a_peername_pat.bv_len != 0 ) { + fprintf( stderr, " peername=%s", b->a_peername_pat.bv_val ); } - if ( b->a_sockname_pat != NULL ) { - fprintf( stderr, " sockname=%s", b->a_sockname_pat ); + if ( b->a_sockname_pat.bv_len != 0 ) { + fprintf( stderr, " sockname=%s", b->a_sockname_pat.bv_val ); } - if ( b->a_domain_pat != NULL ) { - fprintf( stderr, " domain=%s", b->a_domain_pat ); + if ( b->a_domain_pat.bv_len != 0 ) { + fprintf( stderr, " domain=%s", b->a_domain_pat.bv_val ); } - if ( b->a_sockurl_pat != NULL ) { - fprintf( stderr, " sockurl=%s", b->a_sockurl_pat ); + if ( b->a_sockurl_pat.bv_len != 0 ) { + fprintf( stderr, " sockurl=%s", b->a_sockurl_pat.bv_val ); } #ifdef SLAPD_ACI_ENABLED diff --git a/servers/slapd/back-monitor/conn.c b/servers/slapd/back-monitor/conn.c index 559310afb6..46e2c01a7c 100644 --- a/servers/slapd/back-monitor/conn.c +++ b/servers/slapd/back-monitor/conn.c @@ -317,10 +317,10 @@ conn_create( c->c_cdn.bv_len ? c->c_cdn.bv_val : SLAPD_ANONYMOUS, - c->c_listener_url, - c->c_peer_domain, - c->c_peer_name, - c->c_sock_name, + c->c_listener_url.bv_val, + c->c_peer_domain.bv_val, + c->c_peer_name.bv_val, + c->c_sock_name.bv_val, buf2, buf3 diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index ce4f7f0861..28791b85db 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -422,10 +422,14 @@ long connection_init( c->c_cdn.bv_len = 0; c->c_groups = NULL; - c->c_listener_url = NULL; - c->c_peer_domain = NULL; - c->c_peer_name = NULL; - c->c_sock_name = NULL; + c->c_listener_url.bv_val = NULL; + c->c_listener_url.bv_len = 0; + c->c_peer_domain.bv_val = NULL; + c->c_peer_domain.bv_len = 0; + c->c_peer_name.bv_val = NULL; + c->c_peer_name.bv_len = 0; + c->c_sock_name.bv_val = NULL; + c->c_sock_name.bv_len = 0; LDAP_STAILQ_INIT(&c->c_ops); LDAP_STAILQ_INIT(&c->c_pending_ops); @@ -460,10 +464,10 @@ long connection_init( assert( c->c_ndn.bv_val == NULL ); assert( c->c_cdn.bv_val == NULL ); assert( c->c_groups == NULL ); - assert( c->c_listener_url == NULL ); - assert( c->c_peer_domain == NULL ); - assert( c->c_peer_name == NULL ); - assert( c->c_sock_name == NULL ); + assert( c->c_listener_url.bv_val == NULL ); + assert( c->c_peer_domain.bv_val == NULL ); + assert( c->c_peer_name.bv_val == NULL ); + assert( c->c_sock_name.bv_val == NULL ); assert( LDAP_STAILQ_EMPTY(&c->c_ops) ); assert( LDAP_STAILQ_EMPTY(&c->c_pending_ops) ); assert( c->c_sasl_bind_mech.bv_val == NULL ); @@ -471,10 +475,10 @@ long connection_init( assert( c->c_sasl_extra == NULL ); assert( c->c_currentber == NULL ); - c->c_listener_url = ch_strdup( url ); - c->c_peer_domain = ch_strdup( dnsname ); - c->c_peer_name = ch_strdup( peername ); - c->c_sock_name = ch_strdup( sockname ); + ber_str2bv( url, 0, 1, &c->c_listener_url ); + ber_str2bv( dnsname, 0, 1, &c->c_peer_domain ); + ber_str2bv( peername, 0, 1, &c->c_peer_name ); + ber_str2bv( sockname, 0, 1, &c->c_sock_name ); c->c_n_ops_received = 0; c->c_n_ops_executing = 0; @@ -637,37 +641,41 @@ connection_destroy( Connection *c ) connection2anonymous( c ); - if(c->c_listener_url != NULL) { - free(c->c_listener_url); - c->c_listener_url = NULL; + if(c->c_listener_url.bv_val != NULL) { + free(c->c_listener_url.bv_val); + c->c_listener_url.bv_val = NULL; } + c->c_listener_url.bv_len = 0; - if(c->c_peer_domain != NULL) { - free(c->c_peer_domain); - c->c_peer_domain = NULL; + if(c->c_peer_domain.bv_val != NULL) { + free(c->c_peer_domain.bv_val); + c->c_peer_domain.bv_val = NULL; } - if(c->c_peer_name != NULL) { + c->c_peer_domain.bv_len = 0; + if(c->c_peer_name.bv_val != NULL) { #ifdef LDAP_PF_lOCAL /* * If peer was a domain socket, unlink. Mind you, * they may be un-named. Should we leave this to * the client? */ - if (strncmp(c->c_peer_name, "PATH=", 5) == 0) { - char *path = c->c_peer_name + 5; + if (strncmp(c->c_peer_name.bv_val, "PATH=", 5) == 0) { + char *path = c->c_peer_name.bv_val + 5; if (path != '\0') { (void)unlink(path); } } #endif /* LDAP_PF_LOCAL */ - free(c->c_peer_name); - c->c_peer_name = NULL; + free(c->c_peer_name.bv_val); + c->c_peer_name.bv_val = NULL; } - if(c->c_sock_name != NULL) { - free(c->c_sock_name); - c->c_sock_name = NULL; + c->c_peer_name.bv_len = 0; + if(c->c_sock_name.bv_val != NULL) { + free(c->c_sock_name.bv_val); + c->c_sock_name.bv_val = NULL; } + c->c_sock_name.bv_len = 0; c->c_sasl_bind_in_progress = 0; if(c->c_sasl_bind_mech.bv_val != NULL) { diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index d3f69f76ea..b6d8acca30 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -910,14 +910,14 @@ typedef struct slap_access { int a_dn_self; slap_style_t a_peername_style; - char *a_peername_pat; + struct berval a_peername_pat; slap_style_t a_sockname_style; - char *a_sockname_pat; + struct berval a_sockname_pat; slap_style_t a_domain_style; - char *a_domain_pat; + struct berval a_domain_pat; slap_style_t a_sockurl_style; - char *a_sockurl_pat; + struct berval a_sockurl_pat; slap_style_t a_set_style; struct berval a_set_pat; @@ -1459,10 +1459,10 @@ typedef struct slap_conn { time_t c_activitytime; /* when the connection was last used */ unsigned long c_connid; /* id of this connection for stats*/ - char *c_listener_url; /* listener URL */ - char *c_peer_domain; /* DNS name of client */ - char *c_peer_name; /* peer name (trans=addr:port) */ - char *c_sock_name; /* sock name (trans=addr:port) */ + struct berval c_listener_url; /* listener URL */ + struct berval c_peer_domain; /* DNS name of client */ + struct berval c_peer_name; /* peer name (trans=addr:port) */ + struct berval c_sock_name; /* sock name (trans=addr:port) */ /* only can be changed by binding thread */ int c_sasl_bind_in_progress; /* multi-op bind in progress */ -- 2.39.5