PERFORCE change 102872 for review
Michael Bushkov
bushman at FreeBSD.org
Mon Jul 31 19:06:44 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=102872
Change 102872 by bushman at bushman_nss_ldap_cached on 2006/07/31 19:05:39
"passwd", "services" and "group" sources are fully implemented in terms of RFC2307
+ several fixes
Affected files ...
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/Makefile#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.c#5 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.h#5 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.h#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.c#2 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.h#2 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.h#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.h#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapschema.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapschema.h#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapsearch.c#5 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapsearch.h#5 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaptls.c#4 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaptls.h#4 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaputil.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaputil.h#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.h#6 edit
Differences ...
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/Makefile#6 (text+ko) ====
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.c#5 (text+ko) ====
@@ -65,14 +65,14 @@
rv = __nss_ldap_assign_attr_gid(sctx,
_ATM(schema, GROUP, gidNumber),
&grp->gr_gid);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
printf("==> %d %s\n", __LINE__, __FILE__);
rv = __nss_ldap_assign_rdn_str(sctx,
_ATM(schema, GROUP, cn),
&grp->gr_name, &len, buf, buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
@@ -81,7 +81,7 @@
rv = __nss_ldap_assign_attr_password(sctx,
_ATM(schema, GROUP, userPassword),
&grp->gr_passwd, &len, buf, buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
@@ -90,17 +90,15 @@
rv = __nss_ldap_assign_attr_multi_str(sctx,
_ATM(schema, GROUP, memberUid),
&grp->gr_mem, &memlen, &len, buf, buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
printf("%s %d\n", __FILE__, __LINE__);
-fin:
- return (0);
errfin:
- return (-1);
+ return (rv);
/*
if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_RFC2307BIS))
@@ -271,7 +269,7 @@
return (NS_UNAVAIL);
rv = __nss_ldap_getent(NSS_LDAP_MAP_GROUP, filter, (void *)grp,
- buffer, bufsize, nss_ldap_parse_group);
+ buffer, bufsize, nss_ldap_parse_group, NULL);
if (rv == NS_SUCCESS)
*result = grp;
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.h#5 (text+ko) ====
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.c#6 (text+ko) ====
@@ -52,6 +52,7 @@
char *buf;
size_t buflen;
size_t len;
+ time_t temp_time;
int rv;
assert(pctx != NULL);
@@ -60,43 +61,45 @@
pwd = (struct passwd *)pctx->mdata;
buf = pctx->buffer;
buflen = pctx->bufsize;
-/* >>>for debug only */
-// pwd = (struct passwd *)malloc(sizeof(struct passwd));
-// memset(pwd, 0, sizeof(struct passwd));
-// buf = malloc(1024);
-// memset(buf, 0, 1024);
-/* <<<for debug only */
schema = &sctx->conf->schema;
+
+ printf("here %s %d %p\n", __FILE__, __LINE__, (void *)sctx);
+ if ((__nss_ldap_check_oc(sctx, "shadowAccount") == NSS_LDAP_SUCCESS)
+ || (geteuid() != 0))
+ rv = __nss_ldap_assign_str("*", &pwd->pw_dir, &len, buf,
+ buflen);
+ else
+ rv = __nss_ldap_assign_attr_password(sctx,
+ _ATM(schema, PASSWD, userPassword),
+ &pwd->pw_passwd, &len, buf, buflen);
+
+ if (rv != NSS_LDAP_SUCCESS)
+ goto errfin;
+ buflen -= len;
+ buf += len;
printf("==> %d %s\n", __LINE__, __FILE__);
rv = __nss_ldap_assign_attr_str(sctx,
_ATM(schema, PASSWD, uid),
&pwd->pw_name, &len, buf, buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
- printf("==> %d %s\n", __LINE__, __FILE__);
- rv = __nss_ldap_assign_attr_uid(sctx,
- _AT(schema, uidNumber),
- &pwd->pw_uid);
- if (rv != 0)
- goto errfin;
-
printf("==> %d %s\n", __LINE__, __FILE__);
rv = __nss_ldap_assign_attr_str(sctx,
_AT(schema, gecos),
&pwd->pw_gecos, &len, buf, buflen);
- if (rv != 0) {
+ if (rv != NSS_LDAP_SUCCESS) {
pwd->pw_gecos = NULL;
rv = __nss_ldap_assign_attr_str(sctx,
_ATM(schema, PASSWD, cn),
&pwd->pw_gecos, &len, buf, buflen);
}
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
@@ -105,10 +108,10 @@
rv = __nss_ldap_assign_attr_str(sctx,
_AT(schema, homeDirectory),
&pwd->pw_dir, &len, buf, buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
rv = __nss_ldap_assign_str("", &pwd->pw_dir, &len, buf,
buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
@@ -117,19 +120,53 @@
rv = __nss_ldap_assign_attr_str(sctx,
_AT(schema, loginShell),
&pwd->pw_shell, &len, buf, buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
rv = __nss_ldap_assign_str("", &pwd->pw_shell, &len, buf,
buflen);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
-fin:
- return (0);
+ printf("==> %d %s\n", __LINE__, __FILE__);
+ rv = __nss_ldap_assign_attr_uid(sctx,
+ _AT(schema, uidNumber),
+ &pwd->pw_uid);
+ if (rv != NSS_LDAP_SUCCESS)
+ goto errfin;
+
+ rv = __nss_ldap_assign_attr_gid(sctx,
+ _ATM(schema, PASSWD, gidNumber),
+ &pwd->pw_gid);
+ if (rv != NSS_LDAP_SUCCESS)
+ goto errfin;
+
+ rv = __nss_ldap_assign_attr_time(sctx, _AT(schema, shadowMax),
+ &pwd->pw_change);
+ if (rv == NSS_LDAP_SUCCESS)
+ pwd->pw_change *= 24*60*60;
+ else
+ pwd->pw_change = 0;
+
+ if (pwd->pw_change > 0) {
+ rv = __nss_ldap_assign_attr_time(sctx,
+ _AT(schema, shadowLastChange), &temp_time);
+ if (rv == NSS_LDAP_SUCCESS)
+ pwd->pw_change += temp_time;
+ else
+ pwd->pw_change = 0;
+ }
+
+ rv = __nss_ldap_assign_attr_time(sctx, _AT(schema, shadowExpire),
+ &pwd->pw_expire);
+ if (rv == NSS_LDAP_SUCCESS)
+ pwd->pw_expire *= 24*60*60;
+ else
+ pwd->pw_expire = 0;
+ rv = NS_SUCCESS;
errfin:
- return (-1);
+ return (rv);
}
int
@@ -195,7 +232,7 @@
return (NS_UNAVAIL);
rv = __nss_ldap_getent(NSS_LDAP_MAP_PASSWD, filter, (void *)pwd,
- buffer, bufsize, nss_ldap_parse_passwd);
+ buffer, bufsize, nss_ldap_parse_passwd, NULL);
if (rv == NS_SUCCESS)
*result = pwd;
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.h#6 (text+ko) ====
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.c#2 (text+ko) ====
@@ -40,13 +40,32 @@
#include "ldapconf.h"
#include "nss_ldap.h"
-static int
+#define NSS_LDAP_SERVICES_BY_KEY 0
+#define NSS_LDAP_SERVICES_ALL 1
+
+struct services_mdata
+{
+ struct servent *serv;
+ char const *proto;
+ int type;
+};
+
+struct services_mdata_ext
+{
+ ssize_t offset;
+ size_t count;
+};
+
+static int
nss_ldap_parse_servent(struct nss_ldap_parse_context *pctx)
{
struct nss_ldap_schema *schema;
struct nss_ldap_search_context *sctx;
+ struct services_mdata *serv_mdata;
+ struct services_mdata_ext *serv_mdata_ext;
+
struct servent *serv;
- char *buf;
+ char *buf, **values;
size_t buflen;
size_t len, memlen;
int rv;
@@ -54,52 +73,110 @@
assert(pctx != NULL);
sctx = pctx->sctx;
- serv = (struct servent *)pctx->mdata;
+ serv_mdata = (struct services_mdata *)pctx->mdata;
+ serv_mdata_ext = (struct services_mdata_ext *)pctx->mdata_ext;
+
+ serv = serv_mdata->serv;
buf = pctx->buffer;
buflen = pctx->bufsize;
schema = &sctx->conf->schema;
+
+ if (serv_mdata->type == NSS_LDAP_SERVICES_BY_KEY) {
+ if (serv_mdata->proto != NULL) {
+ rv = __nss_ldap_assign_str(serv_mdata->proto,
+ &serv->s_proto, &len, buf, buflen);
+ if (rv != NSS_LDAP_SUCCESS)
+ goto errfin;
+ buflen -= len;
+ buf += len;
+ } else {
+ rv = __nss_ldap_assign_attr_str(sctx,
+ _AT(schema, ipServiceProtocol),
+ &serv->s_proto, &len, buf, buflen);
+ if (rv != NSS_LDAP_SUCCESS)
+ goto errfin;
+ buflen -= len;
+ buf += len;
+ }
+ } else {
+ if (serv_mdata_ext == NULL) {
+ serv_mdata_ext = (struct services_mdata_ext *)malloc(
+ sizeof(struct services_mdata_ext));
+ assert(serv_mdata_ext != NULL);
+
+ serv_mdata_ext->offset = -1;
+ serv_mdata_ext->count = 0;
+
+ pctx->mdata_ext = serv_mdata_ext;
+ }
+
+ if (serv_mdata_ext->offset == -1) {
+ rv = __nss_ldap_assign_attr_indexed_str(sctx,
+ _AT(schema, ipServiceProtocol),
+ serv_mdata_ext->offset, &serv_mdata_ext->count,
+ &serv->s_proto, &len, buf, buflen);
+ if (rv != NSS_LDAP_SUCCESS)
+ goto errfin;
+
+ serv_mdata_ext->offset = 0;
+ }
+
+ if (serv_mdata_ext->offset < serv_mdata_ext->count) {
+ rv = __nss_ldap_assign_attr_indexed_str(sctx,
+ _AT(schema, ipServiceProtocol),
+ serv_mdata_ext->offset, NULL,
+ &serv->s_proto, &len, buf, buflen);
-/* printf("==> %d %s\n", __LINE__, __FILE__);
- rv = __nss_ldap_assign_attr_gid(sctx,
- _ATM(schema, GROUP, gidNumber),
- &grp->gr_gid);
- if (rv != 0)
- goto errfin;
+ if (++serv_mdata_ext->offset >= serv_mdata_ext->count) {
+ serv_mdata_ext->offset = -1;
+ serv_mdata_ext->count = 0;
+ pctx->need_no_more = 0;
+ } else
+ pctx->need_no_more = 1;
+
+ buflen -= len;
+ buf += len;
+ } else {
+ /* this shouldn't happen, actually - that's why
+ * we're returning NSS_LDAP_GENERIC_ERROR instead
+ * of NSS_LDAP_PARSE_ERROR */
+ rv = NSS_LDAP_GENERIC_ERROR;
+ goto errfin;
+ }
+ }
- printf("==> %d %s\n", __LINE__, __FILE__);
rv = __nss_ldap_assign_rdn_str(sctx,
- _ATM(schema, GROUP, cn),
- &grp->gr_name, &len, buf, buflen);
- if (rv != 0)
+ _ATM(schema, SERVICES, cn),
+ &serv->s_name, &len, buf, buflen);
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
- buflen -= len;
- buf += len;
- printf("==> %d %s\n", __LINE__, __FILE__);
- rv = __nss_ldap_assign_attr_password(sctx,
- _ATM(schema, GROUP, userPassword),
- &grp->gr_passwd, &len, buf, buflen);
- if (rv != 0)
- goto errfin;
buflen -= len;
buf += len;
-
- printf("==> %d %s\n", __LINE__, __FILE__);
+
rv = __nss_ldap_assign_attr_multi_str(sctx,
- _ATM(schema, GROUP, memberUid),
- &grp->gr_mem, &memlen, &len, buf, buflen);
- if (rv != 0)
+ _ATM(schema, SERVICES, cn),
+ &serv->s_aliases, &memlen, &len, buf, buflen);
+ if (rv != NSS_LDAP_SUCCESS)
goto errfin;
buflen -= len;
buf += len;
- printf("%s %d\n", __FILE__, __LINE__);*/
-fin:
- return (0);
+ rv = __nss_ldap_assign_attr_int(sctx,
+ _AT(schema, ipServicePort),
+ &serv->s_port);
errfin:
- return (-1);
+ return (rv);
+}
+
+static void
+nss_ldap_destroy_servent(struct nss_ldap_parse_context *pctx)
+{
+
+ assert(pctx != NULL);
+ free(pctx->mdata_ext);
}
int
@@ -107,6 +184,7 @@
char *buffer, size_t bufsize, struct servent **result)
{
char filter[NSS_LDAP_FILTER_MAX_SIZE];
+ struct services_mdata mdata;
char const *fmt;
int rv;
@@ -121,9 +199,15 @@
else
__nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR_ANY, filter,
sizeof(filter), name);
+
+ memset(&mdata, 0, sizeof(struct services_mdata));
+ mdata.serv = serv;
+ mdata.proto = proto;
+ mdata.type = NSS_LDAP_SERVICES_BY_KEY;
- rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICE, filter, (void *)serv,
- buffer, bufsize, nss_ldap_parse_servent);
+ rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICES, filter,
+ (void *)&mdata, buffer, bufsize,
+ nss_ldap_parse_servent);
if (rv == NS_SUCCESS)
*result = serv;
@@ -136,6 +220,7 @@
char *buffer, size_t bufsize, struct servent **result)
{
char filter[NSS_LDAP_FILTER_MAX_SIZE];
+ struct services_mdata mdata;
char const *fmt;
int rv;
@@ -151,8 +236,14 @@
__nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_INT_ANY, filter,
sizeof(filter), port);
- rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICE, filter, (void *)serv,
- buffer, bufsize, nss_ldap_parse_servent);
+ memset(&mdata, 0, sizeof(struct services_mdata));
+ mdata.serv = serv;
+ mdata.proto = proto;
+ mdata.type = NSS_LDAP_SERVICES_BY_KEY;
+
+ rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICES, filter,
+ (void *)&mdata, buffer, bufsize,
+ nss_ldap_parse_servent);
if (rv == NS_SUCCESS)
*result = serv;
@@ -164,6 +255,7 @@
ldap_getservent_r(struct servent *serv, char *buffer, size_t bufsize,
struct servent **result)
{
+ struct services_mdata mdata;
char const *filter;
int rv;
@@ -172,8 +264,13 @@
if (filter == NULL)
return (NS_UNAVAIL);
- rv = __nss_ldap_getent(NSS_LDAP_MAP_SERVICE, filter, (void *)serv,
- buffer, bufsize, nss_ldap_parse_servent);
+ memset(&mdata, 0, sizeof(struct services_mdata));
+ mdata.serv = serv;
+ mdata.type = NSS_LDAP_SERVICES_ALL;
+
+ rv = __nss_ldap_getent(NSS_LDAP_MAP_SERVICES, filter, (void *)&mdata,
+ buffer, bufsize, nss_ldap_parse_servent,
+ nss_ldap_destroy_servent);
if (rv == NS_SUCCESS)
*result = serv;
@@ -185,7 +282,7 @@
ldap_setservent()
{
- __nss_ldap_setent(NSS_LDAP_MAP_SERVICE);
+ __nss_ldap_setent(NSS_LDAP_MAP_SERVICES);
}
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.h#2 (text+ko) ====
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#6 (text+ko) ====
@@ -39,6 +39,7 @@
#include "ldapsearch.h"
#include "ldaptls.h"
#include "ldapconf.h"
+#include "nss_ldap.h"
#define NSS_BASE_PREFIX ("nss_base_")
#define NSS_BASE_PREFIX_SIZE (9)
@@ -74,13 +75,13 @@
res = strtol(str, &end, 10);
if (*end != '\0')
- return (-1);
+ return (NSS_LDAP_PARSE_ERROR);
else
if (((res >= low) || (low == -1)) &&
((res <= max) || (max == -1)))
return (res);
else
- return (-2);
+ return (NSS_LDAP_PARSE_ERROR);
}
static int
@@ -90,7 +91,7 @@
int rv;
left_arg = left_arg + NSS_BASE_PREFIX_SIZE;
- rv = -1;
+ rv = NSS_LDAP_ARGS_ERROR;
if (strcmp(left_arg, "passwd") == 0)
rv = __nss_ldap_set_schema_filter_base(&conf->schema,
@@ -98,9 +99,9 @@
else if (strcmp(left_arg, "group") == 0)
rv = __nss_ldap_set_schema_filter_base(&conf->schema,
NSS_LDAP_MAP_GROUP, right_arg);
- else if (strcmp(left_arg, "service") == 0)
+ else if (strcmp(left_arg, "services") == 0)
rv = __nss_ldap_set_schema_filter_base(&conf->schema,
- NSS_LDAP_MAP_SERVICE, right_arg);
+ NSS_LDAP_MAP_SERVICES, right_arg);
return (rv);
}
@@ -118,12 +119,12 @@
assert(arg2 != NULL);
rv = __nss_ldap_init_rule(&rule, arg1, arg2);
- if (rv != 0)
- return (-1);
+ if (rv != NSS_LDAP_SUCCESS)
+ return (rv);
rules_coll = __nss_ldap_get_schema_rules(&conf->schema, rule_id);
if (rules_coll == NULL)
- return (-1);
+ return (NSS_LDAP_GENERIC_ERROR);
rv = __nss_ldap_add_rule(rules_coll, &rule);
return (rv);
@@ -175,9 +176,9 @@
printf("fname: %s %d\n", fname, conf->proto_version);
fin = fopen(fname, "r");
if (fin == NULL)
- return (-1);
+ return (NSS_LDAP_GENERIC_ERROR);
- res = 0;
+ res = NSS_LDAP_SUCCESS;
line_num = 0;
memset(buffer, 0, sizeof(buffer));
while ((res == 0) && (fgets(buffer, sizeof(buffer) - 1, fin) != NULL)) {
@@ -238,7 +239,8 @@
* NSS_LDAP_PROTO_VERSION_3 constants here */
if (strcmp(fields[0], "ldap-version") == 0) {
if ((field_count == 2) &&
- (value = get_number(fields[1], 2, 3) != -1)) {
+ (value = get_number(fields[1], 2, 3) ==
+ NSS_LDAP_SUCCESS)) {
conf->proto_version = value;
continue;
}
@@ -250,35 +252,35 @@
NSS_BASE_PREFIX_SIZE) == 0) {
if ((field_count == 2) && (set_base_map(conf,
- fields[0], fields[1]) != -1))
+ fields[0], fields[1]) == NSS_LDAP_SUCCESS))
continue;
} else if (strcmp(fields[0], "nss_map_attribute") == 0) {
if ((field_count == 3) &&
(set_schema_rule(conf,
NSS_LDAP_SCHEMA_MAP_ATTRIBUTE_RULES,
fields[1],
- fields[2]) == 0))
+ fields[2]) == NSS_LDAP_SUCCESS))
continue;
} else if (strcmp(fields[0], "nss_map_objectclass") == 0) {
if ((field_count == 3) &&
(set_schema_rule(conf,
NSS_LDAP_SCHEMA_MAP_OBJECTCLASS_RULES,
fields[1],
- fields[2]) == 0))
+ fields[2]) == NSS_LDAP_SUCCESS))
continue;
} else if (strcmp(fields[0], "nss_default_attribute_value") == 0) {
if ((field_count == 3) &&
(set_schema_rule(conf,
NSS_LDAP_SCHEMA_DEFAULT_VALUE_RULES,
fields[1],
- fields[2]) == 0))
+ fields[2]) == NSS_LDAP_SUCCESS))
continue;
} else if (strcmp(fields[0], "nss_override_attribute_value") == 0) {
if ((field_count == 3) &&
(set_schema_rule(conf,
NSS_LDAP_SCHEMA_OVERRIDE_VALUE_RULES,
fields[1],
- fields[2]) == 0))
+ fields[2]) == NSS_LDAP_SUCCESS))
continue;
}
break;
@@ -286,7 +288,8 @@
printf("== %s, %d ==\n", __FILE__, __LINE__);
if (strcmp(fields[0], "port") == 0) {
if ((field_count == 2) &&
- (value = get_number(fields[1], 0, -1) != -1)) {
+ (value = get_number(fields[1], 0, -1) ==
+ NSS_LDAP_SUCCESS)) {
conf->port = value;
continue;
}
@@ -324,7 +327,7 @@
break;
}
- res = -1;
+ res = NSS_LDAP_PARSE_ERROR;
}
fclose(fin);
@@ -334,5 +337,13 @@
void
__nss_ldap_destroy_config(struct nss_ldap_configuration *config)
{
+
+ assert(config != NULL);
+ free(config->host);
+ free(config->root_bind_dn);
+ free(config->bind_dn);
+ free(config->bind_pw);
+
+ __nss_ldap_destroy_schema(&config->schema);
}
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.h#6 (text+ko) ====
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.c#6 (text+ko) ====
@@ -30,6 +30,7 @@
#include <sys/time.h>
#include <assert.h>
+#include <errno.h>
#include <ldap.h>
#include <stdlib.h>
#include <string.h>
@@ -39,6 +40,7 @@
#include "ldaputil.h"
#include "ldapconn.h"
#include "ldapconf.h"
+#include "nss_ldap.h"
struct nss_ldap_connection *
__nss_ldap_connect(struct nss_ldap_connection_method *method,
@@ -157,8 +159,10 @@
conn->ld = (LDAP *)ldap_init(conf->host, conf->port);
if (conn->ld == NULL) {
- printf("--> %s %d\n", __FILE__, __LINE__);
- // TODO: error handling here
+ snprintf(err->description, NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_init() error: %s\n", strerror(errno)
+ );
+ err->err_num = errno;
free(conn);
return (NULL);
}
@@ -179,14 +183,13 @@
rv = ldap_set_option(conn->ld, LDAP_OPT_PROTOCOL_VERSION,
&ldap_version);
if (rv != LDAP_SUCCESS) {
- printf("--> %s %d %d %d %d\n", __FILE__, __LINE__, rv, LDAP_SUCCESS, ldap_version);
- ldap_perror(conn->ld, "----->");
- // TODO: error checking
+ err->err_num = rv;
+ snprintf(err->description, NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_set_option() error: %s\n", ldap_err2string(rv));
ldap_unbind(conn->ld);
free(conn);
return (NULL);
}
-
return (conn);
}
@@ -227,10 +230,11 @@
/* If the returned message ID is less than zero, an error occurred. */
if ( msgid < 0 ) {
/* NOTE: can't use ldap_result2error here */
- err->err_num = msgid;
- strlcpy(err->description, ldap_err2string(rc),
- sizeof(err->description));
- return (-1);
+ err->err_num = ldap_result2error(conn->ld, res, 0);
+ snprintf(err->description, NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_simple_bind() error: %s\n",
+ ldap_err2string(err->err_num));
+ return (NSS_LDAP_CONNECTION_ERROR);
}
/* Check to see if the bind operation completed. */
@@ -240,9 +244,10 @@
/* If ldap_result() returns -1, error occurred. */
case -1:
err->err_num = ldap_result2error(conn->ld, res, 0);
- strlcpy(err->description, ldap_err2string(rc),
- sizeof(err->description));
- return (-1);
+ snprintf(err->description, NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_result() error: %s\n",
+ ldap_err2string(err->err_num));
+ return (NSS_LDAP_CONNECTION_ERROR);
/* If ldap_result() returns 0, the timeout (specified by the
timeout argument) has been exceeded before the client received
@@ -262,54 +267,52 @@
parse_rc = ldap_parse_result( conn->ld, res, &rc,
&matched_msg, &error_msg, &referrals,
&serverctrls, 1 );
+ /* TODO: probably don't need this, check */
if ( parse_rc != LDAP_SUCCESS ) {
err->err_num = parse_rc;
- strlcpy(err->description, ldap_err2string(rc),
- sizeof(err->description));
- return (-1);
+ snprintf(err->description,
+ NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_parse_result() error: %s\n",
+ ldap_err2string(parse_rc));
+ return (NSS_LDAP_CONNECTION_ERROR);
}
/* Check the results of the operation. */
- if ( rc != LDAP_SUCCESS ) {
- err->err_num = rc;
- strlcpy(err->description, ldap_err2string(rc),
- sizeof(err->description));
+ if (rc != LDAP_SUCCESS) {
+ err->err_num = rc;
+ /* If an entry specified by a DN could not be
+ found, the server may also return the portion
+ of the DN that identifies an existing entry.
+ (See "Receiving the Portion of the DN Matching
+ an Entry" for an explanation.) */
+ snprintf(err->description,
+ NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_parse_result() error: %s, "
+ "(server response: %s) "
+ "(matched msg: %s)\n",
+ ldap_err2string(rc),
+ (error_msg != NULL && *error_msg != '\0') ?
+ error_msg : "[unknown]",
+ (matched_msg != NULL && *matched_msg != '\0') ?
+ matched_msg : "[unknown]"
+ );
- /* If the server sent an additional error message,
- print it out. */
- if ( error_msg != NULL && *error_msg != '\0' ) {
- strlcat(err->description, ", ",
- sizeof(err->description));
- strlcat(err->description, error_msg,
- sizeof(err->description));
- }
-
- /* If an entry specified by a DN could not be found,
- the server may also return the portion of the DN
- that identifies an existing entry.
- (See"Receiving the Portion of the DN Matching an Entry"
- for an explanation.) */
- if ( matched_msg != NULL && *matched_msg != '\0' ) {
- strlcat(err->description,
- ", matched part:",
- sizeof(err->description));
- strlcat(err->description, matched_msg,
- sizeof(err->description));
- }
- return (-1);
+ return (NSS_LDAP_CONNECTION_ERROR);
} else
- return (0);
+ return (NSS_LDAP_SUCCESS);
break;
- }
+ }
}
+
+ /* UNREACHABLE */
+ return (NSS_LDAP_CONNECTION_ERROR);
}
int
__nss_ldap_simple_disconnect(struct nss_ldap_connection *conn,
struct nss_ldap_configuration *conf,
struct nss_ldap_connection_error *err)
-{
-
+{
int rv;
assert(conn != NULL);
@@ -318,11 +321,14 @@
rv = ldap_unbind(conn->ld);
if (rv != LDAP_SUCCESS) {
- //TODO: error checking
- return (-1);
+ err->err_num = rv;
+ snprintf(err->description, NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_result() error: %s\n",
+ ldap_err2string(err->err_num));
+ return (NSS_LDAP_CONNECTION_ERROR);
}
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
int
@@ -336,7 +342,7 @@
method->auth_fn = __nss_ldap_simple_auth;
method->disconnect_fn = __nss_ldap_simple_disconnect;
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
#endif
@@ -345,7 +351,7 @@
__nss_ldap_init_ssl_auth_method(struct nss_ldap_connection_method *method)
{
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
#endif
@@ -363,7 +369,10 @@
rv = ldap_start_tls_s(conn->ld, NULL, NULL);
if (rv != LDAP_SUCCESS) {
- /* TODO: error checking */
+ err->err_num = rv;
+ snprintf(err->description, NSS_LDAP_MAX_ERR_DESC_SIZE,
+ "ldap_start_tls_s() error: %s\n",
+ ldap_err2string(err->err_num));
__nss_ldap_simple_disconnect(conn, conf, err);
return (NULL);
}
@@ -379,12 +388,12 @@
assert(method != NULL);
rv = __nss_ldap_init_simple_auth_method(method);
- if (rv != 0)
+ if (rv != NSS_LDAP_SUCCESS)
return (rv);
/* Replacing standard connect routine with start-tls specific */
method->connect_fn = __nss_ldap_start_tls_connect;
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
#endif
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.h#6 (text+ko) ====
==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapschema.c#6 (text+ko) ====
@@ -28,10 +28,14 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
+#include <sys/types.h>
#include <assert.h>
+#include <ldap.h>
#include <stdlib.h>
#include <string.h>
#include "ldapschema.h"
+#include "ldapsearch.h"
+#include "nss_ldap.h"
static void init_schema_common(struct nss_ldap_schema *);
@@ -129,21 +133,21 @@
snprintf(schema->filters[NSS_LDAP_FILTER_GETSERVBYNAME],
NSS_LDAP_FILTER_MAX_SIZE,
"(&(objectclass=%s)(%s=%s)(%s=%s))",
- _OC(schema, ipServices), _ATM(schema, SERVICES, cn), "%s",
+ _OC(schema, ipService), _ATM(schema, SERVICES, cn), "%s",
_AT(schema, ipServiceProtocol), "%s");
snprintf(schema->filters[NSS_LDAP_FILTER_GETSERVBYPORT],
NSS_LDAP_FILTER_MAX_SIZE,
"(&(objectclass=%s)(%s=%s)(%s=%s))",
- _OC(schema, ipServices), _AT(schema, ipServicePort), "%d",
+ _OC(schema, ipService), _AT(schema, ipServicePort), "%d",
_AT(schema, ipServiceProtocol), "%s");
snprintf(schema->filters[NSS_LDAP_FILTER_GETSERVENT],
NSS_LDAP_FILTER_MAX_SIZE,
"(objectclass=%s)",
- _OC(schema, ipServices));
+ _OC(schema, ipService));
}
void
-__nss_destroy_schema(struct nss_ldap_schema *schema)
+__nss_ldap_destroy_schema(struct nss_ldap_schema *schema)
{
assert(schema != NULL);
@@ -171,7 +175,7 @@
rule->right_arg = strdup(right_arg);
assert(rule->right_arg != NULL);
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
void
@@ -196,9 +200,9 @@
res = strlcpy(schema->filters[filter_id], filter_str,
NSS_LDAP_FILTER_MAX_SIZE);
if (res > NSS_LDAP_FILTER_MAX_SIZE - 1)
- return (-1);
+ return (NSS_LDAP_BUFFER_ERROR);
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
char *
@@ -224,9 +228,9 @@
res = strlcpy(schema->filter_bases[filter_base_id], filter_base_str,
NSS_LDAP_FILTER_MAX_SIZE);
if (res > NSS_LDAP_FILTER_MAX_SIZE - 1)
- return (-1);
+ return (NSS_LDAP_BUFFER_ERROR);
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
char *
@@ -255,7 +259,7 @@
assert(rules->rules != NULL);
memset(rules, 0, sizeof(struct nss_ldap_schema_rule) *
rules->rules_eff_size);
- return (0);
+ return (NSS_LDAP_SUCCESS);
}
int
@@ -287,7 +291,7 @@
memcpy(rules->rules + rules->rules_size, rule,
sizeof(struct nss_ldap_schema_rule));
++rules->rules_size;
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list