summaryrefslogtreecommitdiffstats
path: root/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2009-11-24 23:52:25 +0000
committerGreg Hudson <ghudson@mit.edu>2009-11-24 23:52:25 +0000
commit1db2647c62d10cccadadabacba7224eb565ec042 (patch)
tree850eea7750db1c0247652069637ce2df2d94396e /src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c
parentb4fef608040800e4927c10146d6d386f97335e06 (diff)
downloadkrb5-1db2647c62d10cccadadabacba7224eb565ec042.tar.gz
krb5-1db2647c62d10cccadadabacba7224eb565ec042.tar.xz
krb5-1db2647c62d10cccadadabacba7224eb565ec042.zip
Mark and reindent plugins, except for pkinit, which needs a little
cleanup first. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23353 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c')
-rw-r--r--src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c470
1 files changed, 234 insertions, 236 deletions
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c
index 8f7e3bdd39..1966aa970e 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/kdb/kdb_ldap/kdb_ldap.c
*
@@ -50,32 +51,32 @@ krb5_ldap_get_db_opt(char *input, char **opt, char **val)
*val = NULL;
if (pos == NULL) {
- *opt = strdup(input);
- if (*opt == NULL) {
- return ENOMEM;
- }
+ *opt = strdup(input);
+ if (*opt == NULL) {
+ return ENOMEM;
+ }
} else {
- int len = pos - input;
- *opt = malloc((unsigned) len + 1);
- if (!*opt) {
- return ENOMEM;
- }
- memcpy(*opt, input, (unsigned) len);
- /* ignore trailing blanks */
- while (isblank((*opt)[len-1]))
- --len;
- (*opt)[len] = '\0';
-
- pos += 1; /* move past '=' */
- while (isblank(*pos)) /* ignore leading blanks */
- pos += 1;
- if (*pos != '\0') {
- *val = strdup (pos);
- if (!*val) {
- free (*opt);
- return ENOMEM;
- }
- }
+ int len = pos - input;
+ *opt = malloc((unsigned) len + 1);
+ if (!*opt) {
+ return ENOMEM;
+ }
+ memcpy(*opt, input, (unsigned) len);
+ /* ignore trailing blanks */
+ while (isblank((*opt)[len-1]))
+ --len;
+ (*opt)[len] = '\0';
+
+ pos += 1; /* move past '=' */
+ while (isblank(*pos)) /* ignore leading blanks */
+ pos += 1;
+ if (*pos != '\0') {
+ *val = strdup (pos);
+ if (!*val) {
+ free (*opt);
+ return ENOMEM;
+ }
+ }
}
return (0);
@@ -108,17 +109,17 @@ krb5_ldap_read_startup_information(krb5_context context)
SETUP_CONTEXT();
if ((retval=krb5_ldap_read_krbcontainer_params(context, &(ldap_context->krbcontainer)))) {
- prepend_err_str (context, "Unable to read Kerberos container", retval, retval);
- goto cleanup;
+ prepend_err_str (context, "Unable to read Kerberos container", retval, retval);
+ goto cleanup;
}
if ((retval=krb5_ldap_read_realm_params(context, context->default_realm, &(ldap_context->lrparams), &mask))) {
- prepend_err_str (context, "Unable to read Realm", retval, retval);
- goto cleanup;
+ prepend_err_str (context, "Unable to read Realm", retval, retval);
+ goto cleanup;
}
if (((mask & LDAP_REALM_MAXTICKETLIFE) == 0) || ((mask & LDAP_REALM_MAXRENEWLIFE) == 0)
- || ((mask & LDAP_REALM_KRBTICKETFLAGS) == 0)) {
+ || ((mask & LDAP_REALM_KRBTICKETFLAGS) == 0)) {
kadm5_config_params params_in, params_out;
memset(&params_in, 0, sizeof(params_in));
@@ -167,11 +168,8 @@ cleanup:
* value assertion.
*/
static int
-has_rootdse_ava(context, ldap_server, attribute, value)
- krb5_context context;
- char *ldap_server;
- char *attribute;
- char *value;
+has_rootdse_ava(krb5_context context, char *ldap_server, char *attribute,
+ char *value)
{
int i=0, flag=0, ret=0, retval=0;
char *attrs[2], **values=NULL;
@@ -184,8 +182,8 @@ has_rootdse_ava(context, ldap_server, attribute, value)
retval = ldap_initialize(&ld, ldap_server);
if (retval != LDAP_SUCCESS) {
- ret = 2; /* Don't know */
- goto cleanup;
+ ret = 2; /* Don't know */
+ goto cleanup;
}
cred.bv_val = "";
@@ -194,50 +192,50 @@ has_rootdse_ava(context, ldap_server, attribute, value)
/* Anonymous bind */
retval = ldap_sasl_bind_s(ld, "", NULL, &cred, NULL, NULL, NULL);
if (retval != LDAP_SUCCESS) {
- ret = 2; /* Don't know */
- goto cleanup;
+ ret = 2; /* Don't know */
+ goto cleanup;
}
retval = ldap_search_ext_s(ld, "", LDAP_SCOPE_BASE, NULL, attrs, 0, NULL, NULL, NULL, 0, &res);
if (retval != LDAP_SUCCESS) {
- ret = 2; /* Don't know */
- goto cleanup;
+ ret = 2; /* Don't know */
+ goto cleanup;
}
msg = ldap_first_message(ld, res);
if (msg == NULL) {
- ret = 2; /* Don't know */
- goto cleanup;
+ ret = 2; /* Don't know */
+ goto cleanup;
}
values = ldap_get_values(ld, msg, attribute);
if (values == NULL) {
- ret = 1; /* Not supported */
- goto cleanup;
+ ret = 1; /* Not supported */
+ goto cleanup;
}
for (i = 0; values[i] != NULL; i++) {
- if (strcmp(values[i], value) == 0) {
- flag = 1;
- break;
- }
+ if (strcmp(values[i], value) == 0) {
+ flag = 1;
+ break;
+ }
}
if (flag != 1) {
- ret = 1; /* Not supported */
- goto cleanup;
+ ret = 1; /* Not supported */
+ goto cleanup;
}
cleanup:
if (values != NULL)
- ldap_value_free(values);
+ ldap_value_free(values);
if (res != NULL)
- ldap_msgfree(res);
+ ldap_msgfree(res);
if (ld != NULL)
- ldap_unbind_ext_s(ld, NULL, NULL);
+ ldap_unbind_ext_s(ld, NULL, NULL);
return ret;
}
@@ -252,23 +250,21 @@ cleanup:
* 2 => don't know
*/
int
-has_sasl_external_mech(context, ldap_server)
- krb5_context context;
- char *ldap_server;
+has_sasl_external_mech(krb5_context context, char *ldap_server)
{
int ret;
ret = has_rootdse_ava(context, ldap_server,
- "supportedSASLMechanisms", "EXTERNAL");
+ "supportedSASLMechanisms", "EXTERNAL");
switch (ret) {
case 1: /* not supported */
- krb5_set_error_message(context, 1, "%s", ERR_MSG2);
- break;
+ krb5_set_error_message(context, 1, "%s", ERR_MSG2);
+ break;
case 2: /* don't know */
- krb5_set_error_message(context, 1, "%s", ERR_MSG1);
- break;
+ krb5_set_error_message(context, 1, "%s", ERR_MSG1);
+ break;
default:
- break;
+ break;
}
return ret;
@@ -280,24 +276,24 @@ has_modify_increment(context, ldap_server)
char *ldap_server;
{
return has_rootdse_ava(context, ldap_server,
- "supportedFeatures", "1.3.6.1.1.14");
+ "supportedFeatures", "1.3.6.1.1.14");
}
-void * krb5_ldap_alloc(krb5_context context, void *ptr, size_t size)
+void *
+krb5_ldap_alloc(krb5_context context, void *ptr, size_t size)
{
return realloc(ptr, size);
}
-void krb5_ldap_free(krb5_context context, void *ptr)
-
+void
+krb5_ldap_free(krb5_context context, void *ptr)
{
free(ptr);
}
-krb5_error_code krb5_ldap_open(krb5_context context,
- char *conf_section,
- char **db_args,
- int mode)
+krb5_error_code
+krb5_ldap_open(krb5_context context, char *conf_section, char **db_args,
+ int mode)
{
krb5_error_code status = 0;
char **t_ptr = db_args;
@@ -310,196 +306,196 @@ krb5_error_code krb5_ldap_open(krb5_context context,
ldap_context = calloc(1, sizeof(krb5_ldap_context));
if (ldap_context == NULL) {
- status = ENOMEM;
- goto clean_n_exit;
+ status = ENOMEM;
+ goto clean_n_exit;
}
ldap_context->kcontext = context;
while (t_ptr && *t_ptr) {
- char *opt = NULL, *val = NULL;
-
- if ((status = krb5_ldap_get_db_opt(*t_ptr, &opt, &val)) != 0) {
- goto clean_n_exit;
- }
- if (opt && !strcmp(opt, "binddn")) {
- if (ldap_context->bind_dn) {
- free (opt);
- free (val);
- status = EINVAL;
- krb5_set_error_message (context, status, "'binddn' missing");
- goto clean_n_exit;
- }
- if (val == NULL) {
- status = EINVAL;
- krb5_set_error_message (context, status, "'binddn' value missing");
- free(opt);
- goto clean_n_exit;
- }
- ldap_context->bind_dn = strdup(val);
- if (ldap_context->bind_dn == NULL) {
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
- } else if (opt && !strcmp(opt, "nconns")) {
- if (ldap_context->max_server_conns) {
- free (opt);
- free (val);
- status = EINVAL;
- krb5_set_error_message (context, status, "'nconns' missing");
- goto clean_n_exit;
- }
- if (val == NULL) {
- status = EINVAL;
- krb5_set_error_message (context, status, "'nconns' value missing");
- free(opt);
- goto clean_n_exit;
- }
- ldap_context->max_server_conns = atoi(val) ? atoi(val) : DEFAULT_CONNS_PER_SERVER;
- } else if (opt && !strcmp(opt, "bindpwd")) {
- if (ldap_context->bind_pwd) {
- free (opt);
- free (val);
- status = EINVAL;
- krb5_set_error_message (context, status, "'bindpwd' missing");
- goto clean_n_exit;
- }
- if (val == NULL) {
- status = EINVAL;
- krb5_set_error_message (context, status, "'bindpwd' value missing");
- free(opt);
- goto clean_n_exit;
- }
- ldap_context->bind_pwd = strdup(val);
- if (ldap_context->bind_pwd == NULL) {
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
- } else if (opt && !strcmp(opt, "host")) {
- if (val == NULL) {
- status = EINVAL;
- krb5_set_error_message (context, status, "'host' value missing");
- free(opt);
- goto clean_n_exit;
- }
- if (ldap_context->server_info_list == NULL)
- ldap_context->server_info_list = (krb5_ldap_server_info **) calloc (SERV_COUNT+1, sizeof (krb5_ldap_server_info *)) ;
-
- if (ldap_context->server_info_list == NULL) {
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
-
- ldap_context->server_info_list[srv_cnt] = (krb5_ldap_server_info *) calloc (1, sizeof (krb5_ldap_server_info));
- if (ldap_context->server_info_list[srv_cnt] == NULL) {
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
-
- ldap_context->server_info_list[srv_cnt]->server_status = NOTSET;
-
- ldap_context->server_info_list[srv_cnt]->server_name = strdup(val);
- if (ldap_context->server_info_list[srv_cnt]->server_name == NULL) {
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
-
- srv_cnt++;
+ char *opt = NULL, *val = NULL;
+
+ if ((status = krb5_ldap_get_db_opt(*t_ptr, &opt, &val)) != 0) {
+ goto clean_n_exit;
+ }
+ if (opt && !strcmp(opt, "binddn")) {
+ if (ldap_context->bind_dn) {
+ free (opt);
+ free (val);
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'binddn' missing");
+ goto clean_n_exit;
+ }
+ if (val == NULL) {
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'binddn' value missing");
+ free(opt);
+ goto clean_n_exit;
+ }
+ ldap_context->bind_dn = strdup(val);
+ if (ldap_context->bind_dn == NULL) {
+ free (opt);
+ free (val);
+ status = ENOMEM;
+ goto clean_n_exit;
+ }
+ } else if (opt && !strcmp(opt, "nconns")) {
+ if (ldap_context->max_server_conns) {
+ free (opt);
+ free (val);
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'nconns' missing");
+ goto clean_n_exit;
+ }
+ if (val == NULL) {
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'nconns' value missing");
+ free(opt);
+ goto clean_n_exit;
+ }
+ ldap_context->max_server_conns = atoi(val) ? atoi(val) : DEFAULT_CONNS_PER_SERVER;
+ } else if (opt && !strcmp(opt, "bindpwd")) {
+ if (ldap_context->bind_pwd) {
+ free (opt);
+ free (val);
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'bindpwd' missing");
+ goto clean_n_exit;
+ }
+ if (val == NULL) {
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'bindpwd' value missing");
+ free(opt);
+ goto clean_n_exit;
+ }
+ ldap_context->bind_pwd = strdup(val);
+ if (ldap_context->bind_pwd == NULL) {
+ free (opt);
+ free (val);
+ status = ENOMEM;
+ goto clean_n_exit;
+ }
+ } else if (opt && !strcmp(opt, "host")) {
+ if (val == NULL) {
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'host' value missing");
+ free(opt);
+ goto clean_n_exit;
+ }
+ if (ldap_context->server_info_list == NULL)
+ ldap_context->server_info_list = (krb5_ldap_server_info **) calloc (SERV_COUNT+1, sizeof (krb5_ldap_server_info *)) ;
+
+ if (ldap_context->server_info_list == NULL) {
+ free (opt);
+ free (val);
+ status = ENOMEM;
+ goto clean_n_exit;
+ }
+
+ ldap_context->server_info_list[srv_cnt] = (krb5_ldap_server_info *) calloc (1, sizeof (krb5_ldap_server_info));
+ if (ldap_context->server_info_list[srv_cnt] == NULL) {
+ free (opt);
+ free (val);
+ status = ENOMEM;
+ goto clean_n_exit;
+ }
+
+ ldap_context->server_info_list[srv_cnt]->server_status = NOTSET;
+
+ ldap_context->server_info_list[srv_cnt]->server_name = strdup(val);
+ if (ldap_context->server_info_list[srv_cnt]->server_name == NULL) {
+ free (opt);
+ free (val);
+ status = ENOMEM;
+ goto clean_n_exit;
+ }
+
+ srv_cnt++;
#ifdef HAVE_EDIRECTORY
- } else if (opt && !strcmp(opt, "cert")) {
- if (val == NULL) {
- status = EINVAL;
- krb5_set_error_message (context, status, "'cert' value missing");
- free(opt);
- goto clean_n_exit;
- }
-
- if (ldap_context->root_certificate_file == NULL) {
- ldap_context->root_certificate_file = strdup(val);
- if (ldap_context->root_certificate_file == NULL) {
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
- } else {
- char *newstr;
-
- if (asprintf(&newstr, "%s %s",
- ldap_context->root_certificate_file, val) < 0) {
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
- free(ldap_context->root_certificate_file);
- ldap_context->root_certificate_file = newstr;
- }
+ } else if (opt && !strcmp(opt, "cert")) {
+ if (val == NULL) {
+ status = EINVAL;
+ krb5_set_error_message (context, status, "'cert' value missing");
+ free(opt);
+ goto clean_n_exit;
+ }
+
+ if (ldap_context->root_certificate_file == NULL) {
+ ldap_context->root_certificate_file = strdup(val);
+ if (ldap_context->root_certificate_file == NULL) {
+ free (opt);
+ free (val);
+ status = ENOMEM;
+ goto clean_n_exit;
+ }
+ } else {
+ char *newstr;
+
+ if (asprintf(&newstr, "%s %s",
+ ldap_context->root_certificate_file, val) < 0) {
+ free (opt);
+ free (val);
+ status = ENOMEM;
+ goto clean_n_exit;
+ }
+ free(ldap_context->root_certificate_file);
+ ldap_context->root_certificate_file = newstr;
+ }
#endif
- } else {
- /* ignore hash argument. Might have been passed from create */
- status = EINVAL;
- if (opt && !strcmp(opt, "temporary")) {
- /*
- * temporary is passed in when kdb5_util load without -update is done.
- * This is unsupported by the LDAP plugin.
- */
- krb5_set_error_message (context, status,
- "open of LDAP directory aborted, plugin requires -update argument");
- } else {
- krb5_set_error_message (context, status, "unknown option \'%s\'",
- opt?opt:val);
- }
- free(opt);
- free(val);
- goto clean_n_exit;
- }
-
- free(opt);
- free(val);
- t_ptr++;
+ } else {
+ /* ignore hash argument. Might have been passed from create */
+ status = EINVAL;
+ if (opt && !strcmp(opt, "temporary")) {
+ /*
+ * temporary is passed in when kdb5_util load without -update is done.
+ * This is unsupported by the LDAP plugin.
+ */
+ krb5_set_error_message (context, status,
+ "open of LDAP directory aborted, plugin requires -update argument");
+ } else {
+ krb5_set_error_message (context, status, "unknown option \'%s\'",
+ opt?opt:val);
+ }
+ free(opt);
+ free(val);
+ goto clean_n_exit;
+ }
+
+ free(opt);
+ free(val);
+ t_ptr++;
}
dal_handle = context->dal_handle;
dal_handle->db_context = ldap_context;
status = krb5_ldap_read_server_params(context, conf_section, mode & 0x0300);
if (status) {
- if (ldap_context)
- krb5_ldap_free_ldap_context(ldap_context);
- ldap_context = NULL;
- dal_handle->db_context = NULL;
- prepend_err_str (context, "Error reading LDAP server params: ", status, status);
- goto clean_n_exit;
+ if (ldap_context)
+ krb5_ldap_free_ldap_context(ldap_context);
+ ldap_context = NULL;
+ dal_handle->db_context = NULL;
+ prepend_err_str (context, "Error reading LDAP server params: ", status, status);
+ goto clean_n_exit;
}
if ((status=krb5_ldap_db_init(context, ldap_context)) != 0) {
- goto clean_n_exit;
+ goto clean_n_exit;
}
if ((status=krb5_ldap_read_startup_information(context)) != 0) {
- goto clean_n_exit;
+ goto clean_n_exit;
}
clean_n_exit:
/* may be clearing up is not required db_fini might do it for us, check out */
if (status) {
- krb5_ldap_close(context);
+ krb5_ldap_close(context);
}
return status;
}
#include "ldap_err.h"
int
-set_ldap_error (krb5_context ctx, int st, int op)
+set_ldap_error(krb5_context ctx, int st, int op)
{
int translated_st = translate_ldap_error(st, op);
krb5_set_error_message(ctx, translated_st, "%s", ldap_err2string(st));
@@ -507,8 +503,8 @@ set_ldap_error (krb5_context ctx, int st, int op)
}
void
-prepend_err_str (krb5_context ctx, const char *str, krb5_error_code err,
- krb5_error_code oerr)
+prepend_err_str(krb5_context ctx, const char *str, krb5_error_code err,
+ krb5_error_code oerr)
{
const char *omsg;
if (oerr == 0) oerr = err;
@@ -519,13 +515,15 @@ prepend_err_str (krb5_context ctx, const char *str, krb5_error_code err,
extern krb5int_access accessor;
MAKE_INIT_FUNCTION(kldap_init_fn);
-int kldap_init_fn(void)
+int
+kldap_init_fn(void)
{
/* Global (per-module) initialization. */
return krb5int_accessor (&accessor, KRB5INT_ACCESS_VERSION);
}
-int kldap_ensure_initialized(void)
+int
+kldap_ensure_initialized(void)
{
return CALL_INIT_FUNCTION (kldap_init_fn);
}
generated by cgit (git 2.34.1) at 2024-07-05 12:30:58 +0000