diff options
author | Greg Hudson <ghudson@mit.edu> | 2009-11-24 23:52:25 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2009-11-24 23:52:25 +0000 |
commit | 1db2647c62d10cccadadabacba7224eb565ec042 (patch) | |
tree | 850eea7750db1c0247652069637ce2df2d94396e /src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c | |
parent | b4fef608040800e4927c10146d6d386f97335e06 (diff) | |
download | krb5-1db2647c62d10cccadadabacba7224eb565ec042.tar.gz krb5-1db2647c62d10cccadadabacba7224eb565ec042.tar.xz krb5-1db2647c62d10cccadadabacba7224eb565ec042.zip |
Mark and reindent plugins, except for pkinit, which needs a little
cleanup first.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23353 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c')
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c | 470 |
1 files changed, 234 insertions, 236 deletions
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c index 8f7e3bdd39..1966aa970e 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/kdb/kdb_ldap/kdb_ldap.c * @@ -50,32 +51,32 @@ krb5_ldap_get_db_opt(char *input, char **opt, char **val) *val = NULL; if (pos == NULL) { - *opt = strdup(input); - if (*opt == NULL) { - return ENOMEM; - } + *opt = strdup(input); + if (*opt == NULL) { + return ENOMEM; + } } else { - int len = pos - input; - *opt = malloc((unsigned) len + 1); - if (!*opt) { - return ENOMEM; - } - memcpy(*opt, input, (unsigned) len); - /* ignore trailing blanks */ - while (isblank((*opt)[len-1])) - --len; - (*opt)[len] = '\0'; - - pos += 1; /* move past '=' */ - while (isblank(*pos)) /* ignore leading blanks */ - pos += 1; - if (*pos != '\0') { - *val = strdup (pos); - if (!*val) { - free (*opt); - return ENOMEM; - } - } + int len = pos - input; + *opt = malloc((unsigned) len + 1); + if (!*opt) { + return ENOMEM; + } + memcpy(*opt, input, (unsigned) len); + /* ignore trailing blanks */ + while (isblank((*opt)[len-1])) + --len; + (*opt)[len] = '\0'; + + pos += 1; /* move past '=' */ + while (isblank(*pos)) /* ignore leading blanks */ + pos += 1; + if (*pos != '\0') { + *val = strdup (pos); + if (!*val) { + free (*opt); + return ENOMEM; + } + } } return (0); @@ -108,17 +109,17 @@ krb5_ldap_read_startup_information(krb5_context context) SETUP_CONTEXT(); if ((retval=krb5_ldap_read_krbcontainer_params(context, &(ldap_context->krbcontainer)))) { - prepend_err_str (context, "Unable to read Kerberos container", retval, retval); - goto cleanup; + prepend_err_str (context, "Unable to read Kerberos container", retval, retval); + goto cleanup; } if ((retval=krb5_ldap_read_realm_params(context, context->default_realm, &(ldap_context->lrparams), &mask))) { - prepend_err_str (context, "Unable to read Realm", retval, retval); - goto cleanup; + prepend_err_str (context, "Unable to read Realm", retval, retval); + goto cleanup; } if (((mask & LDAP_REALM_MAXTICKETLIFE) == 0) || ((mask & LDAP_REALM_MAXRENEWLIFE) == 0) - || ((mask & LDAP_REALM_KRBTICKETFLAGS) == 0)) { + || ((mask & LDAP_REALM_KRBTICKETFLAGS) == 0)) { kadm5_config_params params_in, params_out; memset(¶ms_in, 0, sizeof(params_in)); @@ -167,11 +168,8 @@ cleanup: * value assertion. */ static int -has_rootdse_ava(context, ldap_server, attribute, value) - krb5_context context; - char *ldap_server; - char *attribute; - char *value; +has_rootdse_ava(krb5_context context, char *ldap_server, char *attribute, + char *value) { int i=0, flag=0, ret=0, retval=0; char *attrs[2], **values=NULL; @@ -184,8 +182,8 @@ has_rootdse_ava(context, ldap_server, attribute, value) retval = ldap_initialize(&ld, ldap_server); if (retval != LDAP_SUCCESS) { - ret = 2; /* Don't know */ - goto cleanup; + ret = 2; /* Don't know */ + goto cleanup; } cred.bv_val = ""; @@ -194,50 +192,50 @@ has_rootdse_ava(context, ldap_server, attribute, value) /* Anonymous bind */ retval = ldap_sasl_bind_s(ld, "", NULL, &cred, NULL, NULL, NULL); if (retval != LDAP_SUCCESS) { - ret = 2; /* Don't know */ - goto cleanup; + ret = 2; /* Don't know */ + goto cleanup; } retval = ldap_search_ext_s(ld, "", LDAP_SCOPE_BASE, NULL, attrs, 0, NULL, NULL, NULL, 0, &res); if (retval != LDAP_SUCCESS) { - ret = 2; /* Don't know */ - goto cleanup; + ret = 2; /* Don't know */ + goto cleanup; } msg = ldap_first_message(ld, res); if (msg == NULL) { - ret = 2; /* Don't know */ - goto cleanup; + ret = 2; /* Don't know */ + goto cleanup; } values = ldap_get_values(ld, msg, attribute); if (values == NULL) { - ret = 1; /* Not supported */ - goto cleanup; + ret = 1; /* Not supported */ + goto cleanup; } for (i = 0; values[i] != NULL; i++) { - if (strcmp(values[i], value) == 0) { - flag = 1; - break; - } + if (strcmp(values[i], value) == 0) { + flag = 1; + break; + } } if (flag != 1) { - ret = 1; /* Not supported */ - goto cleanup; + ret = 1; /* Not supported */ + goto cleanup; } cleanup: if (values != NULL) - ldap_value_free(values); + ldap_value_free(values); if (res != NULL) - ldap_msgfree(res); + ldap_msgfree(res); if (ld != NULL) - ldap_unbind_ext_s(ld, NULL, NULL); + ldap_unbind_ext_s(ld, NULL, NULL); return ret; } @@ -252,23 +250,21 @@ cleanup: * 2 => don't know */ int -has_sasl_external_mech(context, ldap_server) - krb5_context context; - char *ldap_server; +has_sasl_external_mech(krb5_context context, char *ldap_server) { int ret; ret = has_rootdse_ava(context, ldap_server, - "supportedSASLMechanisms", "EXTERNAL"); + "supportedSASLMechanisms", "EXTERNAL"); switch (ret) { case 1: /* not supported */ - krb5_set_error_message(context, 1, "%s", ERR_MSG2); - break; + krb5_set_error_message(context, 1, "%s", ERR_MSG2); + break; case 2: /* don't know */ - krb5_set_error_message(context, 1, "%s", ERR_MSG1); - break; + krb5_set_error_message(context, 1, "%s", ERR_MSG1); + break; default: - break; + break; } return ret; @@ -280,24 +276,24 @@ has_modify_increment(context, ldap_server) char *ldap_server; { return has_rootdse_ava(context, ldap_server, - "supportedFeatures", "1.3.6.1.1.14"); + "supportedFeatures", "1.3.6.1.1.14"); } -void * krb5_ldap_alloc(krb5_context context, void *ptr, size_t size) +void * +krb5_ldap_alloc(krb5_context context, void *ptr, size_t size) { return realloc(ptr, size); } -void krb5_ldap_free(krb5_context context, void *ptr) - +void +krb5_ldap_free(krb5_context context, void *ptr) { free(ptr); } -krb5_error_code krb5_ldap_open(krb5_context context, - char *conf_section, - char **db_args, - int mode) +krb5_error_code +krb5_ldap_open(krb5_context context, char *conf_section, char **db_args, + int mode) { krb5_error_code status = 0; char **t_ptr = db_args; @@ -310,196 +306,196 @@ krb5_error_code krb5_ldap_open(krb5_context context, ldap_context = calloc(1, sizeof(krb5_ldap_context)); if (ldap_context == NULL) { - status = ENOMEM; - goto clean_n_exit; + status = ENOMEM; + goto clean_n_exit; } ldap_context->kcontext = context; while (t_ptr && *t_ptr) { - char *opt = NULL, *val = NULL; - - if ((status = krb5_ldap_get_db_opt(*t_ptr, &opt, &val)) != 0) { - goto clean_n_exit; - } - if (opt && !strcmp(opt, "binddn")) { - if (ldap_context->bind_dn) { - free (opt); - free (val); - status = EINVAL; - krb5_set_error_message (context, status, "'binddn' missing"); - goto clean_n_exit; - } - if (val == NULL) { - status = EINVAL; - krb5_set_error_message (context, status, "'binddn' value missing"); - free(opt); - goto clean_n_exit; - } - ldap_context->bind_dn = strdup(val); - if (ldap_context->bind_dn == NULL) { - free (opt); - free (val); - status = ENOMEM; - goto clean_n_exit; - } - } else if (opt && !strcmp(opt, "nconns")) { - if (ldap_context->max_server_conns) { - free (opt); - free (val); - status = EINVAL; - krb5_set_error_message (context, status, "'nconns' missing"); - goto clean_n_exit; - } - if (val == NULL) { - status = EINVAL; - krb5_set_error_message (context, status, "'nconns' value missing"); - free(opt); - goto clean_n_exit; - } - ldap_context->max_server_conns = atoi(val) ? atoi(val) : DEFAULT_CONNS_PER_SERVER; - } else if (opt && !strcmp(opt, "bindpwd")) { - if (ldap_context->bind_pwd) { - free (opt); - free (val); - status = EINVAL; - krb5_set_error_message (context, status, "'bindpwd' missing"); - goto clean_n_exit; - } - if (val == NULL) { - status = EINVAL; - krb5_set_error_message (context, status, "'bindpwd' value missing"); - free(opt); - goto clean_n_exit; - } - ldap_context->bind_pwd = strdup(val); - if (ldap_context->bind_pwd == NULL) { - free (opt); - free (val); - status = ENOMEM; - goto clean_n_exit; - } - } else if (opt && !strcmp(opt, "host")) { - if (val == NULL) { - status = EINVAL; - krb5_set_error_message (context, status, "'host' value missing"); - free(opt); - goto clean_n_exit; - } - if (ldap_context->server_info_list == NULL) - ldap_context->server_info_list = (krb5_ldap_server_info **) calloc (SERV_COUNT+1, sizeof (krb5_ldap_server_info *)) ; - - if (ldap_context->server_info_list == NULL) { - free (opt); - free (val); - status = ENOMEM; - goto clean_n_exit; - } - - ldap_context->server_info_list[srv_cnt] = (krb5_ldap_server_info *) calloc (1, sizeof (krb5_ldap_server_info)); - if (ldap_context->server_info_list[srv_cnt] == NULL) { - free (opt); - free (val); - status = ENOMEM; - goto clean_n_exit; - } - - ldap_context->server_info_list[srv_cnt]->server_status = NOTSET; - - ldap_context->server_info_list[srv_cnt]->server_name = strdup(val); - if (ldap_context->server_info_list[srv_cnt]->server_name == NULL) { - free (opt); - free (val); - status = ENOMEM; - goto clean_n_exit; - } - - srv_cnt++; + char *opt = NULL, *val = NULL; + + if ((status = krb5_ldap_get_db_opt(*t_ptr, &opt, &val)) != 0) { + goto clean_n_exit; + } + if (opt && !strcmp(opt, "binddn")) { + if (ldap_context->bind_dn) { + free (opt); + free (val); + status = EINVAL; + krb5_set_error_message (context, status, "'binddn' missing"); + goto clean_n_exit; + } + if (val == NULL) { + status = EINVAL; + krb5_set_error_message (context, status, "'binddn' value missing"); + free(opt); + goto clean_n_exit; + } + ldap_context->bind_dn = strdup(val); + if (ldap_context->bind_dn == NULL) { + free (opt); + free (val); + status = ENOMEM; + goto clean_n_exit; + } + } else if (opt && !strcmp(opt, "nconns")) { + if (ldap_context->max_server_conns) { + free (opt); + free (val); + status = EINVAL; + krb5_set_error_message (context, status, "'nconns' missing"); + goto clean_n_exit; + } + if (val == NULL) { + status = EINVAL; + krb5_set_error_message (context, status, "'nconns' value missing"); + free(opt); + goto clean_n_exit; + } + ldap_context->max_server_conns = atoi(val) ? atoi(val) : DEFAULT_CONNS_PER_SERVER; + } else if (opt && !strcmp(opt, "bindpwd")) { + if (ldap_context->bind_pwd) { + free (opt); + free (val); + status = EINVAL; + krb5_set_error_message (context, status, "'bindpwd' missing"); + goto clean_n_exit; + } + if (val == NULL) { + status = EINVAL; + krb5_set_error_message (context, status, "'bindpwd' value missing"); + free(opt); + goto clean_n_exit; + } + ldap_context->bind_pwd = strdup(val); + if (ldap_context->bind_pwd == NULL) { + free (opt); + free (val); + status = ENOMEM; + goto clean_n_exit; + } + } else if (opt && !strcmp(opt, "host")) { + if (val == NULL) { + status = EINVAL; + krb5_set_error_message (context, status, "'host' value missing"); + free(opt); + goto clean_n_exit; + } + if (ldap_context->server_info_list == NULL) + ldap_context->server_info_list = (krb5_ldap_server_info **) calloc (SERV_COUNT+1, sizeof (krb5_ldap_server_info *)) ; + + if (ldap_context->server_info_list == NULL) { + free (opt); + free (val); + status = ENOMEM; + goto clean_n_exit; + } + + ldap_context->server_info_list[srv_cnt] = (krb5_ldap_server_info *) calloc (1, sizeof (krb5_ldap_server_info)); + if (ldap_context->server_info_list[srv_cnt] == NULL) { + free (opt); + free (val); + status = ENOMEM; + goto clean_n_exit; + } + + ldap_context->server_info_list[srv_cnt]->server_status = NOTSET; + + ldap_context->server_info_list[srv_cnt]->server_name = strdup(val); + if (ldap_context->server_info_list[srv_cnt]->server_name == NULL) { + free (opt); + free (val); + status = ENOMEM; + goto clean_n_exit; + } + + srv_cnt++; #ifdef HAVE_EDIRECTORY - } else if (opt && !strcmp(opt, "cert")) { - if (val == NULL) { - status = EINVAL; - krb5_set_error_message (context, status, "'cert' value missing"); - free(opt); - goto clean_n_exit; - } - - if (ldap_context->root_certificate_file == NULL) { - ldap_context->root_certificate_file = strdup(val); - if (ldap_context->root_certificate_file == NULL) { - free (opt); - free (val); - status = ENOMEM; - goto clean_n_exit; - } - } else { - char *newstr; - - if (asprintf(&newstr, "%s %s", - ldap_context->root_certificate_file, val) < 0) { - free (opt); - free (val); - status = ENOMEM; - goto clean_n_exit; - } - free(ldap_context->root_certificate_file); - ldap_context->root_certificate_file = newstr; - } + } else if (opt && !strcmp(opt, "cert")) { + if (val == NULL) { + status = EINVAL; + krb5_set_error_message (context, status, "'cert' value missing"); + free(opt); + goto clean_n_exit; + } + + if (ldap_context->root_certificate_file == NULL) { + ldap_context->root_certificate_file = strdup(val); + if (ldap_context->root_certificate_file == NULL) { + free (opt); + free (val); + status = ENOMEM; + goto clean_n_exit; + } + } else { + char *newstr; + + if (asprintf(&newstr, "%s %s", + ldap_context->root_certificate_file, val) < 0) { + free (opt); + free (val); + status = ENOMEM; + goto clean_n_exit; + } + free(ldap_context->root_certificate_file); + ldap_context->root_certificate_file = newstr; + } #endif - } else { - /* ignore hash argument. Might have been passed from create */ - status = EINVAL; - if (opt && !strcmp(opt, "temporary")) { - /* - * temporary is passed in when kdb5_util load without -update is done. - * This is unsupported by the LDAP plugin. - */ - krb5_set_error_message (context, status, - "open of LDAP directory aborted, plugin requires -update argument"); - } else { - krb5_set_error_message (context, status, "unknown option \'%s\'", - opt?opt:val); - } - free(opt); - free(val); - goto clean_n_exit; - } - - free(opt); - free(val); - t_ptr++; + } else { + /* ignore hash argument. Might have been passed from create */ + status = EINVAL; + if (opt && !strcmp(opt, "temporary")) { + /* + * temporary is passed in when kdb5_util load without -update is done. + * This is unsupported by the LDAP plugin. + */ + krb5_set_error_message (context, status, + "open of LDAP directory aborted, plugin requires -update argument"); + } else { + krb5_set_error_message (context, status, "unknown option \'%s\'", + opt?opt:val); + } + free(opt); + free(val); + goto clean_n_exit; + } + + free(opt); + free(val); + t_ptr++; } dal_handle = context->dal_handle; dal_handle->db_context = ldap_context; status = krb5_ldap_read_server_params(context, conf_section, mode & 0x0300); if (status) { - if (ldap_context) - krb5_ldap_free_ldap_context(ldap_context); - ldap_context = NULL; - dal_handle->db_context = NULL; - prepend_err_str (context, "Error reading LDAP server params: ", status, status); - goto clean_n_exit; + if (ldap_context) + krb5_ldap_free_ldap_context(ldap_context); + ldap_context = NULL; + dal_handle->db_context = NULL; + prepend_err_str (context, "Error reading LDAP server params: ", status, status); + goto clean_n_exit; } if ((status=krb5_ldap_db_init(context, ldap_context)) != 0) { - goto clean_n_exit; + goto clean_n_exit; } if ((status=krb5_ldap_read_startup_information(context)) != 0) { - goto clean_n_exit; + goto clean_n_exit; } clean_n_exit: /* may be clearing up is not required db_fini might do it for us, check out */ if (status) { - krb5_ldap_close(context); + krb5_ldap_close(context); } return status; } #include "ldap_err.h" int -set_ldap_error (krb5_context ctx, int st, int op) +set_ldap_error(krb5_context ctx, int st, int op) { int translated_st = translate_ldap_error(st, op); krb5_set_error_message(ctx, translated_st, "%s", ldap_err2string(st)); @@ -507,8 +503,8 @@ set_ldap_error (krb5_context ctx, int st, int op) } void -prepend_err_str (krb5_context ctx, const char *str, krb5_error_code err, - krb5_error_code oerr) +prepend_err_str(krb5_context ctx, const char *str, krb5_error_code err, + krb5_error_code oerr) { const char *omsg; if (oerr == 0) oerr = err; @@ -519,13 +515,15 @@ prepend_err_str (krb5_context ctx, const char *str, krb5_error_code err, extern krb5int_access accessor; MAKE_INIT_FUNCTION(kldap_init_fn); -int kldap_init_fn(void) +int +kldap_init_fn(void) { /* Global (per-module) initialization. */ return krb5int_accessor (&accessor, KRB5INT_ACCESS_VERSION); } -int kldap_ensure_initialized(void) +int +kldap_ensure_initialized(void) { return CALL_INIT_FUNCTION (kldap_init_fn); } |