diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2011-05-27 12:44:19 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-06-02 14:12:42 -0400 |
| commit | e364b9bd3cd6cda1d51b7ee305988eb9958baab6 (patch) | |
| tree | 71945fffd2f430b1e8b68a2fe588bef0c4ca2202 /src | |
| parent | c326cfa73357be922105dd8ce42b39273fe21f37 (diff) | |
| download | sssd-e364b9bd3cd6cda1d51b7ee305988eb9958baab6.tar.gz sssd-e364b9bd3cd6cda1d51b7ee305988eb9958baab6.tar.xz sssd-e364b9bd3cd6cda1d51b7ee305988eb9958baab6.zip | |
Use escaped IP addresses in LDAP provider
Diffstat (limited to 'src')
| -rw-r--r-- | src/providers/ldap/ldap_common.c | 62 |
1 files changed, 56 insertions, 6 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 8294e9225..295469268 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -527,35 +527,84 @@ int sdap_id_setup_tasks(struct sdap_id_ctx *ctx) static void sdap_uri_callback(void *private_data, struct fo_server *server) { + TALLOC_CTX *tmp_ctx = NULL; struct sdap_service *service; + struct hostent *srvaddr; + char *address; + const char *safe_address; const char *tmp; char *new_uri; + LDAPURLDesc *lud; + int ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + DEBUG(1, ("talloc_new failed\n")); + return; + } service = talloc_get_type(private_data, struct sdap_service); - if (!service) return; + if (!service) { + talloc_free(tmp_ctx); + return; + } tmp = (const char *)fo_get_server_user_data(server); + srvaddr = fo_get_server_hostent(server); + if (!srvaddr) { + DEBUG(1, ("FATAL: No hostent available for server (%s)\n", + fo_get_server_name(server))); + talloc_free(tmp_ctx); + return; + } + + address = resolv_get_string_address(tmp_ctx, srvaddr); + if (address == NULL) { + DEBUG(1, ("resolv_get_string_address failed.\n")); + talloc_free(tmp_ctx); + return; + } + + safe_address = sss_ldap_escape_ip_address(tmp_ctx, + srvaddr->h_addrtype, + address); + talloc_zfree(address); + if (safe_address == NULL) { + DEBUG(1, ("sss_ldap_escape_ip_address failed.\n")); + talloc_free(tmp_ctx); + return; + } + if (fo_is_srv_lookup(server)) { if (!tmp) { DEBUG(1, ("Unknown service, using ldap\n")); tmp = SSS_LDAP_SRV_NAME; } new_uri = talloc_asprintf(service, "%s://%s:%d", - tmp, - fo_get_server_name(server), + tmp, safe_address, fo_get_server_port(server)); } else { if (tmp && ldap_is_ldap_url(tmp)) { - new_uri = talloc_strdup(service, tmp); + ret = ldap_url_parse(tmp, &lud); + if (ret != LDAP_SUCCESS) { + DEBUG(0, ("Failed to parse ldap URI (%s)!\n", tmp)); + talloc_free(tmp_ctx); + return; + } + new_uri = talloc_asprintf(service, "%s://%s:%d", + lud->lud_scheme, + safe_address, + fo_get_server_port(server)); + ldap_free_urldesc(lud); } else { - new_uri = talloc_asprintf(service, "ldap://%s", - fo_get_server_name(server)); + new_uri = talloc_asprintf(service, "ldap://%s", safe_address); } } if (!new_uri) { DEBUG(2, ("Failed to copy URI ...\n")); + talloc_free(tmp_ctx); return; } @@ -564,6 +613,7 @@ static void sdap_uri_callback(void *private_data, struct fo_server *server) /* free old one and replace with new one */ talloc_zfree(service->uri); service->uri = new_uri; + talloc_free(tmp_ctx); } static void sdap_finalize(struct tevent_context *ev, |