From f61152ccbd54573573f27dba8f94e88dd2f41f61 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Fri, 6 Jul 2001 03:13:42 +0000 Subject: [PATCH] Check for critical client controls. --- libraries/libldap/abandon.c | 7 ++++++- libraries/libldap/add.c | 4 ++++ libraries/libldap/compare.c | 5 +++++ libraries/libldap/controls.c | 31 +++++++++++++++++++++++++++++++ libraries/libldap/delete.c | 5 +++++ libraries/libldap/ldap-int.h | 3 +++ libraries/libldap/modify.c | 4 ++++ libraries/libldap/modrdn.c | 4 ++++ libraries/libldap/sasl.c | 4 ++++ libraries/libldap/search.c | 5 +++++ libraries/libldap/unbind.c | 6 ++++++ 11 files changed, 77 insertions(+), 1 deletion(-) diff --git a/libraries/libldap/abandon.c b/libraries/libldap/abandon.c index fbb184722a..8220e47a99 100644 --- a/libraries/libldap/abandon.c +++ b/libraries/libldap/abandon.c @@ -56,8 +56,13 @@ ldap_abandon_ext( LDAPControl **sctrls, LDAPControl **cctrls ) { + int rc; Debug( LDAP_DEBUG_TRACE, "ldap_abandon_ext %d\n", msgid, 0, 0 ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + return do_abandon( ld, msgid, msgid, sctrls, cctrls ); } @@ -77,7 +82,7 @@ int ldap_abandon( LDAP *ld, int msgid ) { Debug( LDAP_DEBUG_TRACE, "ldap_abandon %d\n", msgid, 0, 0 ); - return do_abandon( ld, msgid, msgid, NULL, NULL ) == LDAP_SUCCESS + return ldap_abandon_ext( ld, msgid, NULL, NULL ) == LDAP_SUCCESS ? 0 : -1; } diff --git a/libraries/libldap/add.c b/libraries/libldap/add.c index 5ae7460527..a8281f4c0e 100644 --- a/libraries/libldap/add.c +++ b/libraries/libldap/add.c @@ -105,6 +105,10 @@ ldap_add_ext( assert( dn != NULL ); assert( msgidp != NULL ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + /* create a message to send */ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; diff --git a/libraries/libldap/compare.c b/libraries/libldap/compare.c index a48dda120f..2b890b1fe9 100644 --- a/libraries/libldap/compare.c +++ b/libraries/libldap/compare.c @@ -51,6 +51,7 @@ ldap_compare_ext( LDAPControl **cctrls, int *msgidp ) { + int rc; BerElement *ber; Debug( LDAP_DEBUG_TRACE, "ldap_compare\n", 0, 0, 0 ); @@ -61,6 +62,10 @@ ldap_compare_ext( assert( attr != NULL ); assert( msgidp != NULL ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + /* create a message to send */ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { return( LDAP_NO_MEMORY ); diff --git a/libraries/libldap/controls.c b/libraries/libldap/controls.c index 58ca93e81a..6dcf7364ec 100644 --- a/libraries/libldap/controls.c +++ b/libraries/libldap/controls.c @@ -441,3 +441,34 @@ ldap_create_control( *ctrlp = ctrl; return LDAP_SUCCESS; } + +/* + * check for critical client controls and bitch if present + * if we ever support critical controls, we'll have to + * find a means for maintaining per API call control + * information. + */ +int ldap_int_client_controls( LDAP *ld, LDAPControl **ctrls ) +{ + LDAPControl *const *c; + + assert( ld != NULL ); + + if( ctrls == NULL ) { + /* use default server controls */ + ctrls = ld->ld_cctrls; + } + + if( ctrls == NULL || *ctrls == NULL ) { + return LDAP_SUCCESS; + } + + for( c = ctrls ; *c != NULL; c++ ) { + if( (*c)->ldctl_iscritical ) { + ld->ld_errno = LDAP_NOT_SUPPORTED; + return ld->ld_errno; + } + } + + return LDAP_SUCCESS; +} diff --git a/libraries/libldap/delete.c b/libraries/libldap/delete.c index 714acc5a5a..8397b735cc 100644 --- a/libraries/libldap/delete.c +++ b/libraries/libldap/delete.c @@ -45,6 +45,7 @@ ldap_delete_ext( LDAPControl **cctrls, int *msgidp ) { + int rc; BerElement *ber; Debug( LDAP_DEBUG_TRACE, "ldap_delete\n", 0, 0, 0 ); @@ -54,6 +55,10 @@ ldap_delete_ext( assert( dn != NULL ); assert( msgidp != NULL ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + /* create a message to send */ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h index dc4e2b8dda..a90b72e31b 100644 --- a/libraries/libldap/ldap-int.h +++ b/libraries/libldap/ldap-int.h @@ -367,6 +367,9 @@ LDAP_F (int) ldap_int_put_controls LDAP_P(( LDAPControl *const *ctrls, BerElement *ber )); +LDAP_F (int) ldap_int_client_controls LDAP_P(( + LDAP *ld, + LDAPControl **ctrlp )); /* * in dsparse.c diff --git a/libraries/libldap/modify.c b/libraries/libldap/modify.c index da8b0e6027..8ef0098c70 100644 --- a/libraries/libldap/modify.c +++ b/libraries/libldap/modify.c @@ -73,6 +73,10 @@ ldap_modify_ext( LDAP *ld, Debug( LDAP_DEBUG_TRACE, "ldap_modify_ext\n", 0, 0, 0 ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + /* create a message to send */ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { return( LDAP_NO_MEMORY ); diff --git a/libraries/libldap/modrdn.c b/libraries/libldap/modrdn.c index 13678ef041..54a3303a9f 100644 --- a/libraries/libldap/modrdn.c +++ b/libraries/libldap/modrdn.c @@ -70,6 +70,10 @@ ldap_rename( Debug( LDAP_DEBUG_TRACE, "ldap_rename\n", 0, 0, 0 ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + /* create a message to send */ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { return( LDAP_NO_MEMORY ); diff --git a/libraries/libldap/sasl.c b/libraries/libldap/sasl.c index 12cb381663..8945d95733 100644 --- a/libraries/libldap/sasl.c +++ b/libraries/libldap/sasl.c @@ -67,6 +67,10 @@ ldap_sasl_bind( assert( LDAP_VALID( ld ) ); assert( msgidp != NULL ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + if( msgidp == NULL ) { ld->ld_errno = LDAP_PARAM_ERROR; return ld->ld_errno; diff --git a/libraries/libldap/search.c b/libraries/libldap/search.c index 2d20710302..5adb5b8ed2 100644 --- a/libraries/libldap/search.c +++ b/libraries/libldap/search.c @@ -91,6 +91,7 @@ ldap_search_ext( int sizelimit, int *msgidp ) { + int rc; BerElement *ber; int timelimit; @@ -99,6 +100,10 @@ ldap_search_ext( assert( ld != NULL ); assert( LDAP_VALID( ld ) ); + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + /* * if timeout is provided, both tv_sec and tv_usec must * be non-zero diff --git a/libraries/libldap/unbind.c b/libraries/libldap/unbind.c index 24312af238..0d5f3fe46a 100644 --- a/libraries/libldap/unbind.c +++ b/libraries/libldap/unbind.c @@ -34,6 +34,12 @@ ldap_unbind_ext( LDAPControl **sctrls, LDAPControl **cctrls ) { + int rc; + + /* check client controls */ + rc = ldap_int_client_controls( ld, cctrls ); + if( rc != LDAP_SUCCESS ) return rc; + return ldap_ld_free( ld, 1, sctrls, cctrls ); } -- 2.39.5