From 32ce7ac0c67489e206544dce93a2364c2f7d9410 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 28 Sep 2022 15:40:22 +0200 Subject: [PATCH] dirmngr: Fix lost flags during LDAP upload * dirmngr/ldapserver.c (ldapserver_parse_one): Turn LINE into a const. Use strtokenize instead of strtok style parsing. -- This fixes a problem with resulted in a General Error for the second key to be uploaded in the same session. But only if the colon format to specify a keyserver with flags was used. --- dirmngr/ldapserver.c | 73 +++++++++++++++++++++++--------------------- dirmngr/ldapserver.h | 2 +- 2 files changed, 39 insertions(+), 36 deletions(-) diff --git a/dirmngr/ldapserver.c b/dirmngr/ldapserver.c index 0f859539e..4c0f19985 100644 --- a/dirmngr/ldapserver.c +++ b/dirmngr/ldapserver.c @@ -47,38 +47,37 @@ ldapserver_list_free (ldap_server_t servers) /* Parse a single LDAP server configuration line. Returns the server - or NULL in case of errors. The configuration line is assumed to be - colon seprated with these fields: - - 1. field: Hostname - 2. field: Portnumber - 3. field: Username - 4. field: Password - 5. field: Base DN - 6. field: Flags - - Flags are: - - starttls := Use STARTTLS with a default port of 389 - ldaptls := Tunnel LDAP trough a TLS tunnel with default port 636 - plain := Switch to plain unsecured LDAP. - (The last of these 3 flags is the effective one) - ntds := Use Active Directory authentication - areconly := Use option LDAP_OPT_AREC_EXCLUSIVE - - FILENAME and LINENO are used for diagnostic purposes only. -*/ + * or NULL in case of errors. The configuration line is assumed to be + * colon seprated with these fields: + * + * 1. field: Hostname + * 2. field: Portnumber + * 3. field: Username + * 4. field: Password + * 5. field: Base DN + * 6. field: Flags + * + * Flags are: + * + * starttls := Use STARTTLS with a default port of 389 + * ldaptls := Tunnel LDAP trough a TLS tunnel with default port 636 + * plain := Switch to plain unsecured LDAP. + * (The last of these 3 flags is the effective one) + * ntds := Use Active Directory authentication + * areconly := Use option LDAP_OPT_AREC_EXCLUSIVE + * + * FILENAME and LINENO are used for diagnostic purposes only. + */ ldap_server_t -ldapserver_parse_one (char *line, +ldapserver_parse_one (const char *line, const char *filename, unsigned int lineno) { char *p; - char *endp; ldap_server_t server; int fieldno; int fail = 0; + char **fields = NULL; - /* Parse the colon separated fields. */ server = xtrycalloc (1, sizeof *server); if (!server) { @@ -86,32 +85,35 @@ ldapserver_parse_one (char *line, goto leave; } - for (fieldno = 1, p = line; p; p = endp, fieldno++ ) + fields = strtokenize (line, ":"); + if (!fields) + { + fail = 1; + goto leave; + } + + for (fieldno=0; (p = fields[fieldno]); fieldno++) { - endp = strchr (p, ':'); - if (endp) - *endp++ = '\0'; - trim_spaces (p); switch (fieldno) { - case 1: + case 0: server->host = xtrystrdup (p); if (!server->host) fail = 1; break; - case 2: + case 1: if (*p) server->port = atoi (p); break; - case 3: + case 2: server->user = xtrystrdup (p); if (!server->user) fail = 1; break; - case 4: + case 3: if (*p && !server->user) { if (filename) @@ -129,7 +131,7 @@ ldapserver_parse_one (char *line, } break; - case 5: + case 4: if (*p) { server->base = xtrystrdup (p); @@ -138,7 +140,7 @@ ldapserver_parse_one (char *line, } break; - case 6: + case 5: { char **flags = NULL; int i; @@ -211,6 +213,7 @@ ldapserver_parse_one (char *line, ldapserver_list_free (server); server = NULL; } + xfree (fields); return server; } diff --git a/dirmngr/ldapserver.h b/dirmngr/ldapserver.h index fa836e3a4..7f72eeb3f 100644 --- a/dirmngr/ldapserver.h +++ b/dirmngr/ldapserver.h @@ -26,7 +26,7 @@ void ldapserver_list_free (ldap_server_t servers); -ldap_server_t ldapserver_parse_one (char *line, +ldap_server_t ldapserver_parse_one (const char *line, const char *filename, unsigned int lineno);