security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

dirmngr: Change interrogate_ldap_dn for better memory semantics.

Browse Source 
* dirmngr/ks-engine-ldap.c (interrogate_ldap_dn): Return BASEDN found,
memory allocated.
(my_ldap_connect): Follow the change, removing needless allocation.

--

GnuPG-bug-id: 6047
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2022-09-29 09:48:30 +09:00
parent 3257385378
commit 4b2066afb4
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054
1 changed files with 12 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
dirmngr/ks-engine-ldap.c
View File

@ -288,10 +288,9 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact,
} }
/* Returns 1 if R_BASEDDN is substituted, 0 if not. */ static char *
static int
interrogate_ldap_dn (LDAP *ldap_conn, const char *basedn_search, interrogate_ldap_dn (LDAP *ldap_conn, const char *basedn_search,
unsigned int *r_serverinfo, char **r_basedn) unsigned int *r_serverinfo)
{ {
int lerr; int lerr;
char **vals; char **vals;
@ -349,19 +348,7 @@ interrogate_ldap_dn (LDAP *ldap_conn, const char *basedn_search,
freed with ldap_msgfree() regardless of return freed with ldap_msgfree() regardless of return
value of these functions. */ value of these functions. */
ldap_msgfree (si_res); ldap_msgfree (si_res);
if (r_basedn && basedn) return basedn;
{
if (*r_basedn)
xfree (*r_basedn);
*r_basedn = basedn;
return 1;
}
else
{
if (basedn)
xfree (basedn);
return 0;
}
} }
/* Connect to an LDAP server and interrogate it. /* Connect to an LDAP server and interrogate it.
@ -654,23 +641,20 @@ my_ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
{ {
/* User specified base DN. In this case we know the server is a /* User specified base DN. In this case we know the server is a
* real LDAP server. */ * real LDAP server. */
basedn = xtrystrdup (basedn_arg); const char *user_basedn = basedn_arg;
if (!basedn)
{
err = gpg_error_from_syserror ();
goto out;
}
*r_serverinfo |= SERVERINFO_REALLDAP; *r_serverinfo |= SERVERINFO_REALLDAP;
/* First try with provided basedn, else retry up one level. /* First try with provided basedn, else retry up one level.
* Retry assumes that provided entry is for keyspace, * Retry assumes that provided entry is for keyspace,
* matching old behavior */ * matching old behavior */
if (!interrogate_ldap_dn (ldap_conn, basedn, r_serverinfo, &basedn)) basedn = interrogate_ldap_dn (ldap_conn, user_basedn, r_serverinfo);
if (!basedn)
{ {
const char *basedn_parent = strchr (basedn, ','); const char *basedn_parent = strchr (user_basedn, ',');
if (basedn_parent) if (basedn_parent)
interrogate_ldap_dn (ldap_conn, basedn_parent + 1, r_serverinfo, basedn = interrogate_ldap_dn (ldap_conn, basedn_parent + 1,
&basedn); r_serverinfo);
} }
} }
else else
@ -701,8 +685,8 @@ my_ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
*r_serverinfo |= SERVERINFO_REALLDAP; *r_serverinfo |= SERVERINFO_REALLDAP;
for (i = 0; context[i] && !basedn; i++) for (i = 0; context[i] && !basedn; i++)
interrogate_ldap_dn (ldap_conn, context[i], r_serverinfo, basedn = interrogate_ldap_dn (ldap_conn, context[i],
&basedn); r_serverinfo);
ldap_value_free (context); ldap_value_free (context);
} }