diff options
author | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2008-06-06 18:14:53 -0400 |
---|---|---|
committer | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2008-06-06 18:14:53 -0400 |
commit | aa0b17ae06f7e774a9990d550ce1fa623d7606db (patch) | |
tree | 1b47320b4f950b0096397ae02f85903bbdaa2502 | |
parent | 803b84402927173144b610eeb01362beef165913 (diff) | |
download | slapi-nis-aa0b17ae06f7e774a9990d550ce1fa623d7606db.tar.gz slapi-nis-aa0b17ae06f7e774a9990d550ce1fa623d7606db.tar.xz slapi-nis-aa0b17ae06f7e774a9990d550ce1fa623d7606db.zip |
- escape DNs when we use them to build filters
-rw-r--r-- | src/backend.c | 14 | ||||
-rw-r--r-- | src/format.c | 70 | ||||
-rw-r--r-- | src/format.h | 1 |
3 files changed, 79 insertions, 6 deletions
diff --git a/src/backend.c b/src/backend.c index 317dd79..bcaa64c 100644 --- a/src/backend.c +++ b/src/backend.c @@ -1015,7 +1015,7 @@ backend_update_references_cb(const char *domain, const char *map, Slapi_DN *referred_to_sdn; Slapi_ValueSet *values; Slapi_Value *value; - char **referred_to_dn, **ref_attrs, *actual_attr, *filter; + char **referred_to_dn, **ref_attrs, *actual_attr, *filter, *tndn; struct format_inref_attr **inref_attrs; const char *ndn, *dn; int i, j, disposition, buffer_flags, filter_size, n_ref_attrs; @@ -1038,6 +1038,14 @@ backend_update_references_cb(const char *domain, const char *map, strlen(map_data->entry_filter) + 1; ndn = slapi_entry_get_ndn(cbdata->e); + tndn = format_escape_for_filter(ndn); + if (tndn == NULL) { + slapi_log_error(SLAPI_LOG_PLUGIN, + state->plugin_desc->spd_id, + "error building filter for " + "updating entries\n"); + return TRUE; + } for (i = 0; (ref_attrs != NULL) && (ref_attrs[i] != NULL); i++) { @@ -1051,6 +1059,7 @@ backend_update_references_cb(const char *domain, const char *map, state->plugin_desc->spd_id, "error building filter for " "updating entries\n"); + free(tndn); return TRUE; } sprintf(filter, "(&%s(|", map_data->entry_filter); @@ -1058,12 +1067,13 @@ backend_update_references_cb(const char *domain, const char *map, (ref_attrs != NULL) && (ref_attrs[i] != NULL); i++) { sprintf(filter + strlen(filter), - "(%s=%s)", ref_attrs[i], ndn); + "(%s=%s)", ref_attrs[i], tndn); } strcat(filter, "))"); slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, "searching for referrers using filter \"%s\"\n", filter); + free(tndn); /* Update any matching entry. */ for (i = 0; (map_data->bases != NULL) && (map_data->bases[i] != NULL); diff --git a/src/format.c b/src/format.c index d584b74..929e49a 100644 --- a/src/format.c +++ b/src/format.c @@ -638,7 +638,7 @@ format_referred(struct plugin_state *state, Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Value *ref_value, *value; Slapi_PBlock *local_pb; int disposition, ref_disposition, buffer_flags, ref_buffer_flags; - char **argv, *attrs[2], *actual_attr, *actual_ref_attr, *filter; + char **argv, *attrs[2], *actual_attr, *actual_ref_attr, *filter, *tndn; const char *sep, *cvalue, *cref; char *map_filter, **map_bases; struct format_referred_cbdata cbdata; @@ -695,11 +695,22 @@ format_referred(struct plugin_state *state, Slapi_PBlock *pb, Slapi_Entry *e, format_add_inref_attrs(inref_attrs, domain, argv[1], argv[2]); } + tndn = format_escape_for_filter(slapi_entry_get_ndn(e)); + if (tndn == NULL) { + slapi_log_error(SLAPI_LOG_PLUGIN, + state->plugin_desc->spd_id, + "referred: out of memory\n"); + backend_free_map_config(map_bases, map_filter); + slapi_pblock_destroy(local_pb); + format_free_parsed_args(argv); + return -ENOMEM; + } + /* Now just search through the entries used for the map. */ for (i = 0; (map_bases != NULL) && (map_bases[i] != NULL); i++) { /* Build the search filter. */ filter = malloc(strlen(map_filter) + strlen(argv[2]) + - strlen(slapi_entry_get_ndn(e)) + 7); + strlen(tndn) + 7); if (filter == NULL) { slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, @@ -709,8 +720,7 @@ format_referred(struct plugin_state *state, Slapi_PBlock *pb, Slapi_Entry *e, format_free_parsed_args(argv); return -ENOMEM; } - sprintf(filter, "(&(%s=%s)%s)", argv[2], slapi_entry_get_ndn(e), - map_filter); + sprintf(filter, "(&(%s=%s)%s)", argv[2], tndn, map_filter); /* Set up the search. */ slapi_search_internal_set_pb(local_pb, map_bases[i], LDAP_SCOPE_SUB, @@ -732,6 +742,7 @@ format_referred(struct plugin_state *state, Slapi_PBlock *pb, Slapi_Entry *e, break; } } + free(tndn); backend_free_map_config(map_bases, map_filter); slapi_pblock_destroy(local_pb); @@ -1650,3 +1661,54 @@ format_get_data(struct plugin_state *state, Slapi_PBlock *pb, Slapi_Entry *e, return ret; } + +char * +format_escape_for_filter(const char *unescaped) +{ + int i, j, count; + char *ret; + for (i = 0, count = 0; unescaped[i] != 0; i++) { + switch (unescaped[i]) { + case '*': + case '(': + case ')': + case '\\': + count++; + break; + default: + break; + } + } + ret = malloc(i + (2 * count) + 1); + if (ret != NULL) { + for (i = 0, j = 0; unescaped[i] != 0; i++) { + switch (unescaped[i]) { + case '*': + ret[j++] = '\\'; + ret[j++] = '2'; + ret[j++] = 'a'; + break; + case '(': + ret[j++] = '\\'; + ret[j++] = '2'; + ret[j++] = '8'; + break; + case ')': + ret[j++] = '\\'; + ret[j++] = '2'; + ret[j++] = '9'; + break; + case '\\': + ret[j++] = '\\'; + ret[j++] = '5'; + ret[j++] = 'c'; + break; + default: + ret[j++] = unescaped[i]; + break; + } + } + ret[j] = '\0'; + } + return ret; +} diff --git a/src/format.h b/src/format.h index ecc762f..7bc4775 100644 --- a/src/format.h +++ b/src/format.h @@ -43,4 +43,5 @@ char *format_get_data(struct plugin_state *state, char ***ref_attrs, struct format_inref_attr ***inref_attrs); +char *format_escape_for_filter(const char *unescaped); #endif |