diff options
Diffstat (limited to 'ldap/servers/slapd/search.c')
-rw-r--r-- | ldap/servers/slapd/search.c | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/ldap/servers/slapd/search.c b/ldap/servers/slapd/search.c index fc3000cf..2909a170 100644 --- a/ldap/servers/slapd/search.c +++ b/ldap/servers/slapd/search.c @@ -68,6 +68,7 @@ do_search( Slapi_PBlock *pb ) BerElement *ber; int i, err, attrsonly; ber_int_t scope, deref, sizelimit, timelimit; + char *rawbase = NULL; char *base = NULL, *fstr = NULL; struct slapi_filter *filter = NULL; char **attrs = NULL; @@ -80,6 +81,8 @@ do_search( Slapi_PBlock *pb ) int rc = -1; char *original_base = 0; char *new_base = 0; + size_t baselen = 0; + int strict = 0; LDAPDebug( LDAP_DEBUG_TRACE, "do_search\n", 0, 0, 0 ); @@ -114,13 +117,41 @@ do_search( Slapi_PBlock *pb ) */ /* baseObject, scope, derefAliases, sizelimit, timelimit, attrsOnly */ - if ( ber_scanf( ber, "{aiiiib", &base, &scope, &deref, &sizelimit, &timelimit, &attrsonly ) == LBER_ERROR ){ - slapi_ch_free((void**)&base ); + if ( ber_scanf( ber, "{aiiiib", &rawbase, &scope, &deref, &sizelimit, &timelimit, &attrsonly ) == LBER_ERROR ){ + slapi_ch_free((void**)&rawbase ); log_search_access (pb, "???", -1, "???", "decoding error"); send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL, NULL, 0, NULL ); return; } + /* Check if we should be performing strict validation. */ + strict = config_get_dn_validate_strict(); + if (strict) { + /* check that the dn is formatted correctly */ + rc = slapi_dn_syntax_check(pb, rawbase, 1); + if (rc) { /* syntax check failed */ + op_shared_log_error_access(pb, "SRCH", + rawbase?rawbase:"", "strict: invalid dn"); + send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, + NULL, "invalid dn", 0, NULL); + slapi_ch_free((void **) &rawbase); + return; + } + } + rc = slapi_dn_normalize_ext(rawbase, 0, &base, &baselen); + if (rc < 0) { + op_shared_log_error_access(pb, "SRCH", + rawbase?rawbase:"", "invalid dn"); + send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, + NULL, "invalid dn", 0, NULL); + slapi_ch_free((void **) &rawbase); + return; + } else if (rc > 0) { /* if rc == 0, rawbase is passed in */ + slapi_ch_free((void **) &rawbase); + } else { /* rc == 0; rawbase is passed in; not null terminated */ + *(base + baselen) = '\0'; + } + /* * ignore negative time and size limits since they make no sense */ |