diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2011-05-27 11:44:16 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-10-26 10:29:37 -0400 |
| commit | d0b2e0675ea5c65854e81deca14469cb89e57be8 (patch) | |
| tree | ce82dff4a961b752be5b319c9358bdff9e2e8f1b /src/providers/ldap/ldap_common.c | |
| parent | b24fa6e0a359fbdf5d3900016a205cbf4d9d84d9 (diff) | |
| download | sssd-d0b2e0675ea5c65854e81deca14469cb89e57be8.tar.gz sssd-d0b2e0675ea5c65854e81deca14469cb89e57be8.tar.xz sssd-d0b2e0675ea5c65854e81deca14469cb89e57be8.zip | |
Properly support IPv6 in LDAP URIs for IPA and LDAP providers
Add utility function to return IP address as string
Add a utility function to escape IPv6 address for use in URIs
Use escaped IP addresses in LDAP provider
Escape IPv6 IP addresses in the IPA provider
https://fedorahosted.org/sssd/ticket/880
Fix bad merge
We merged in a patch, but missed that it missed a dependency added
by another earlier patch.
Diffstat (limited to 'src/providers/ldap/ldap_common.c')
| -rw-r--r-- | src/providers/ldap/ldap_common.c | 62 |
1 files changed, 56 insertions, 6 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 8294e9225..295469268 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -527,35 +527,84 @@ int sdap_id_setup_tasks(struct sdap_id_ctx *ctx) static void sdap_uri_callback(void *private_data, struct fo_server *server) { + TALLOC_CTX *tmp_ctx = NULL; struct sdap_service *service; + struct hostent *srvaddr; + char *address; + const char *safe_address; const char *tmp; char *new_uri; + LDAPURLDesc *lud; + int ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + DEBUG(1, ("talloc_new failed\n")); + return; + } service = talloc_get_type(private_data, struct sdap_service); - if (!service) return; + if (!service) { + talloc_free(tmp_ctx); + return; + } tmp = (const char *)fo_get_server_user_data(server); + srvaddr = fo_get_server_hostent(server); + if (!srvaddr) { + DEBUG(1, ("FATAL: No hostent available for server (%s)\n", + fo_get_server_name(server))); + talloc_free(tmp_ctx); + return; + } + + address = resolv_get_string_address(tmp_ctx, srvaddr); + if (address == NULL) { + DEBUG(1, ("resolv_get_string_address failed.\n")); + talloc_free(tmp_ctx); + return; + } + + safe_address = sss_ldap_escape_ip_address(tmp_ctx, + srvaddr->h_addrtype, + address); + talloc_zfree(address); + if (safe_address == NULL) { + DEBUG(1, ("sss_ldap_escape_ip_address failed.\n")); + talloc_free(tmp_ctx); + return; + } + if (fo_is_srv_lookup(server)) { if (!tmp) { DEBUG(1, ("Unknown service, using ldap\n")); tmp = SSS_LDAP_SRV_NAME; } new_uri = talloc_asprintf(service, "%s://%s:%d", - tmp, - fo_get_server_name(server), + tmp, safe_address, fo_get_server_port(server)); } else { if (tmp && ldap_is_ldap_url(tmp)) { - new_uri = talloc_strdup(service, tmp); + ret = ldap_url_parse(tmp, &lud); + if (ret != LDAP_SUCCESS) { + DEBUG(0, ("Failed to parse ldap URI (%s)!\n", tmp)); + talloc_free(tmp_ctx); + return; + } + new_uri = talloc_asprintf(service, "%s://%s:%d", + lud->lud_scheme, + safe_address, + fo_get_server_port(server)); + ldap_free_urldesc(lud); } else { - new_uri = talloc_asprintf(service, "ldap://%s", - fo_get_server_name(server)); + new_uri = talloc_asprintf(service, "ldap://%s", safe_address); } } if (!new_uri) { DEBUG(2, ("Failed to copy URI ...\n")); + talloc_free(tmp_ctx); return; } @@ -564,6 +613,7 @@ static void sdap_uri_callback(void *private_data, struct fo_server *server) /* free old one and replace with new one */ talloc_zfree(service->uri); service->uri = new_uri; + talloc_free(tmp_ctx); } static void sdap_finalize(struct tevent_context *ev, |