From aae3cf62c079be7ca25e357f267836dead24b58e Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Thu, 8 Aug 2013 11:18:13 -0400 Subject: Properly escape DNs of nsswitch-based entries --- src/back-sch-nss.c | 74 +++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 59 insertions(+), 15 deletions(-) (limited to 'src/back-sch-nss.c') diff --git a/src/back-sch-nss.c b/src/back-sch-nss.c index 22168f7..4c8eb0c 100644 --- a/src/back-sch-nss.c +++ b/src/back-sch-nss.c @@ -66,11 +66,11 @@ struct backend_search_filter_config { static int bvstrcasecmp(const struct berval *bval, const char *s) { - ssize_t len; + size_t len; int c; len = strlen(s); - if (strlen(s) == bval->bv_len) { + if (len == bval->bv_len) { return strncasecmp(bval->bv_val, s, len); } c = strncasecmp(bval->bv_val, s, MIN(bval->bv_len, len)); @@ -136,6 +136,47 @@ backend_search_filter_has_cn_uid(Slapi_Filter *filter, void *arg) return SLAPI_FILTER_SCAN_CONTINUE; } +static char * +backend_build_dn(const char *attribute, const char *value, + const char *container_sdn) +{ + Slapi_RDN *rdn; + Slapi_DN *sdn; + char *val, *dn = NULL; + const char *ndn, *hexchars = "0123456789ABCDEF"; + int i; + + val = malloc(strlen(value) * 3 + 1); + if (val == NULL) { + return NULL; + } + rdn = slapi_rdn_new(); + if (rdn == NULL) { + free(val); + return NULL; + } + for (i = 0; value[i] != '\0'; i++) { + val[i * 3] = '\\'; + val[i * 3 + 1] = hexchars[(value[i] & 0xf0) >> 4]; + val[i * 3 + 2] = hexchars[value[i] & 0xf]; + } + val[i * 3] = '\0'; + if (slapi_rdn_add(rdn, attribute, val) == 1) { + sdn = slapi_sdn_new_dn_byval(container_sdn); + if (sdn != NULL) { + sdn = slapi_sdn_add_rdn(sdn, rdn); + ndn = slapi_sdn_get_ndn(sdn); + if (ndn != NULL) { + dn = slapi_ch_strdup(ndn); + } + slapi_sdn_free(&sdn); + } + } + free(val); + slapi_rdn_free(&rdn); + return dn; +} + static Slapi_Entry * backend_retrieve_user_entry_from_nsswitch(char *user_name, bool_t is_uid, char *container_sdn, @@ -186,12 +227,12 @@ repeat: return NULL; } - name = format_escape_for_filter(pwd.pw_name); - if (name != NULL) { - dn = slapi_ch_smprintf("uid=%s,%s", name, container_sdn); - free(name); - } + dn = backend_build_dn("uid", pwd.pw_name, container_sdn); if (dn == NULL) { + slapi_log_error(SLAPI_LOG_FATAL, + cbdata->state->plugin_desc->spd_id, + "error building DN for uid=%s,%s skipping\n", + pwd.pw_name, container_sdn); slapi_entry_free(entry); return NULL; } @@ -240,7 +281,8 @@ repeat: static Slapi_Entry * backend_retrieve_group_entry_from_nsswitch_helper(struct group *grp, - char *container_sdn) + char *container_sdn, + struct backend_search_cbdata *cbdata) { Slapi_Entry *entry; int rc, i; @@ -256,12 +298,12 @@ backend_retrieve_group_entry_from_nsswitch_helper(struct group *grp, return NULL; } - name = format_escape_for_filter(grp->gr_name); - if (name != NULL) { - dn = slapi_ch_smprintf("cn=%s,%s", name, container_sdn); - free(name); - } + dn = backend_build_dn("cn", grp->gr_name, container_sdn); if (dn == NULL) { + slapi_log_error(SLAPI_LOG_FATAL, + cbdata->state->plugin_desc->spd_id, + "error building DN for cn=%s,%s skipping\n", + grp->gr_name, container_sdn); slapi_entry_free(entry); return NULL; } @@ -334,7 +376,8 @@ repeat: return NULL; } - entry = backend_retrieve_group_entry_from_nsswitch_helper(&grp, container_sdn); + entry = backend_retrieve_group_entry_from_nsswitch_helper(&grp, container_sdn, + cbdata); return entry; } @@ -373,7 +416,8 @@ repeat: return NULL; } - entry = backend_retrieve_group_entry_from_nsswitch_helper(&grp, container_sdn); + entry = backend_retrieve_group_entry_from_nsswitch_helper(&grp, container_sdn, + cbdata); return entry; } -- cgit