OpenLDAP 2.4 Change Log
OpenLDAP 2.4.11 Engineering
+ Added libldap assertion control (ITS#5560)
Fixed slapd sets memory leak (ITS#5557)
Fixed slapd-sock, back-shell buffer count (ITS#5558)
Added slapo-nssov contrib module
ol_patch=X
ol_api_inc=20410
ol_api_current=2
-ol_api_revision=6
+ol_api_revision=7
ol_api_age=0
ol_release_date="2008/06/10"
/* controls */
int assertctl;
char *assertion = NULL;
+struct berval assertionvalue = BER_BVNULL;
char *authzid = NULL;
/* support deprecated early version of proxyAuthz */
#define LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ "2.16.840.1.113730.3.4.12"
}
if ( assertctl ) {
- BerElementBuffer berbuf;
- BerElement *ber = (BerElement *)&berbuf;
-
- if( assertion == NULL || *assertion == '\0' ) {
- fprintf( stderr, "Assertion=<empty>\n" );
- exit( EXIT_FAILURE );
- }
-
- ber_init2( ber, NULL, LBER_USE_DER );
-
- err = ldap_pvt_put_filter( ber, assertion );
- if( err < 0 ) {
- fprintf( stderr, "assertion encode failed (%d)\n", err );
- exit( EXIT_FAILURE );
- }
-
- err = ber_flatten2( ber, &c[i].ldctl_value, 0 );
- if( err < 0 ) {
- fprintf( stderr, "assertion flatten failed (%d)\n", err );
- exit( EXIT_FAILURE );
+ if ( BER_BVISNULL( &assertionvalue ) ) {
+ err = ldap_create_assertion_control_value( ld,
+ assertion, &assertionvalue );
+ if ( err ) {
+ fprintf( stderr,
+ "Unable to create assertion value "
+ "\"%s\" (%d)\n", assertion, err );
+ }
}
c[i].ldctl_oid = LDAP_CONTROL_ASSERT;
+ c[i].ldctl_value = assertionvalue;
c[i].ldctl_iscritical = assertctl > 1;
ctrls[i] = &c[i];
i++;
#endif /* LDAP_CONTROL_X_SESSION_TRACKING */
+/*
+ * in assertion.c
+ */
+LDAP_F (int)
+ldap_create_assertion_control_value LDAP_P((
+ LDAP *ld,
+ char *assertion,
+ struct berval *value ));
+
+LDAP_F( int )
+ldap_create_assertion_control LDAP_P((
+ LDAP *ld,
+ char *filter,
+ int iscritical,
+ LDAPControl **ctrlp ));
+
LDAP_END_DECL
#endif /* _LDAP_H */
request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
init.c options.c print.c string.c util-int.c schema.c \
charray.c tls.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \
- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c
+ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \
+ assertion.c
OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
controls.lo messages.lo references.lo extended.lo cyrus.lo \
request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
init.lo options.lo print.lo string.lo util-int.lo schema.lo \
charray.lo tls.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \
- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo
+ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \
+ assertion.lo
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
--- /dev/null
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2008 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+#include <ac/stdlib.h>
+#include <ac/string.h>
+#include <ac/time.h>
+
+#include "ldap-int.h"
+
+int
+ldap_create_assertion_control_value(
+ LDAP *ld,
+ char *assertion,
+ struct berval *value )
+{
+ BerElement *ber = NULL;
+ int err;
+
+ if ( assertion == NULL || assertion[ 0 ] == '\0' ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ if ( value == NULL ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ BER_BVZERO( value );
+
+ ber = ldap_alloc_ber_with_options( ld );
+ if ( ber == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ err = ldap_pvt_put_filter( ber, assertion );
+ if ( err < 0 ) {
+ ld->ld_errno = LDAP_ENCODING_ERROR;
+ goto done;
+ }
+
+ err = ber_flatten2( ber, value, 1 );
+ if ( err < 0 ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ goto done;
+ }
+
+done:;
+ if ( ber != NULL ) {
+ ber_free( ber, 1 );
+ }
+
+ return ld->ld_errno;
+}
+
+int
+ldap_create_assertion_control(
+ LDAP *ld,
+ char *assertion,
+ int iscritical,
+ LDAPControl **ctrlp )
+{
+ struct berval value;
+
+ if ( ctrlp == NULL ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ ld->ld_errno = ldap_create_assertion_control_value( ld,
+ assertion, &value );
+ if ( ld->ld_errno == LDAP_SUCCESS ) {
+ ld->ld_errno = ldap_control_create( LDAP_CONTROL_ASSERT,
+ iscritical, &value, 0, ctrlp );
+ if ( ld->ld_errno != LDAP_SUCCESS ) {
+ LDAP_FREE( value.bv_val );
+ }
+ }
+
+ return ld->ld_errno;
+}
+
request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
init.c options.c print.c string.c util-int.c schema.c \
charray.c tls.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \
- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c
+ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \
+ assertion.c
SRCS = threads.c rdwr.c rmutex.c tpool.c rq.c \
thr_posix.c thr_cthreads.c thr_thr.c thr_lwp.c thr_nt.c \
thr_pth.c thr_stub.c thr_debug.c
request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
init.lo options.lo print.lo string.lo util-int.lo schema.lo \
charray.lo tls.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \
- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo
+ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \
+ assertion.lo
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
projects / openldap / commitdiff