diff options
Diffstat (limited to 'ldap/servers/slapd/extendop.c')
-rw-r--r-- | ldap/servers/slapd/extendop.c | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/ldap/servers/slapd/extendop.c b/ldap/servers/slapd/extendop.c index 003c2ab8..a521cb7b 100644 --- a/ldap/servers/slapd/extendop.c +++ b/ldap/servers/slapd/extendop.c @@ -53,7 +53,9 @@ static const char *extended_op_oid2string( const char *oid ); static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid, struct berval *extval) { - char *suffix; + char *orig = NULL; + char *suffix = NULL; + size_t dnlen = 0; Slapi_DN *sdn = NULL; Slapi_Backend *be = NULL; struct berval bv; @@ -66,10 +68,34 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid, "no data supplied", 0, NULL); return; } - suffix = slapi_ch_malloc(extval->bv_len+1); - strncpy(suffix, extval->bv_val, extval->bv_len); - suffix[extval->bv_len] = 0; - + orig = slapi_ch_malloc(extval->bv_len+1); + strncpy(orig, extval->bv_val, extval->bv_len); + orig[extval->bv_len] = 0; + /* Check if we should be performing strict validation. */ + if (config_get_dn_validate_strict()) { + /* check that the dn is formatted correctly */ + ret = slapi_dn_syntax_check(pb, orig, 1); + if (ret) { /* syntax check failed */ + LDAPDebug1Arg(LDAP_DEBUG_ANY, + "extop_handle_import_start: strict: invalid suffix\n", + orig); + send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL, + "invalid suffix", 0, NULL); + return; + } + } + ret = slapi_dn_normalize_ext(orig, 0, &suffix, &dnlen); + if (ret < 0) { + LDAPDebug1Arg(LDAP_DEBUG_ANY, + "extop_handle_import_start: invalid suffix\n", orig); + send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL, + "invalid suffix", 0, NULL); + return; + } else if (ret > 0) { + slapi_ch_free_string(&orig); + } else { /* ret == 0; orig is passed in; not null terminated */ + *(suffix + dnlen) = '\0'; + } sdn = slapi_sdn_new_dn_byval(suffix); if (!sdn) { LDAPDebug(LDAP_DEBUG_ANY, @@ -109,6 +135,7 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid, /* slapi_str2entry modify its dn parameter so we must copy * this string each time we call it ! */ + /* This dn is no need to be normalized. */ PR_snprintf(dn, sizeof(dn), "dn: oid=%s,cn=features,cn=config", EXTOP_BULK_IMPORT_START_OID); |