lists.arthurdejong.org
RSS feed

nss-pam-ldapd commit: r1299 - in nss-pam-ldapd-solaris: . common nslcd

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd commit: r1299 - in nss-pam-ldapd-solaris: . common nslcd



Author: arthur
Date: Thu Nov  4 21:48:34 2010
New Revision: 1299
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1299

Log:
merge changes from trunk

Modified:
   nss-pam-ldapd-solaris/   (props changed)
   nss-pam-ldapd-solaris/common/nslcd-prot.c
   nss-pam-ldapd-solaris/configure.ac
   nss-pam-ldapd-solaris/nslcd/cfg.h
   nss-pam-ldapd-solaris/nslcd/common.h
   nss-pam-ldapd-solaris/nslcd/myldap.c
   nss-pam-ldapd-solaris/nslcd/nslcd.c
   nss-pam-ldapd-solaris/nslcd/pam.c
   nss-pam-ldapd-solaris/nslcd/passwd.c

Modified: nss-pam-ldapd-solaris/common/nslcd-prot.c
==============================================================================
--- nss-pam-ldapd-solaris/common/nslcd-prot.c   Thu Nov  4 21:45:37 2010        
(r1298)
+++ nss-pam-ldapd-solaris/common/nslcd-prot.c   Thu Nov  4 21:48:34 2010        
(r1299)
@@ -66,7 +66,7 @@
   strncpy(addr.sun_path,NSLCD_SOCKET,sizeof(addr.sun_path));
   addr.sun_path[sizeof(addr.sun_path)-1]='\0';
   /* connect to the socket */
-  if (connect(sock,(struct sockaddr *)&addr,(socklen_t)sizeof(struct 
sockaddr_un))<0)
+  if (connect(sock,(struct sockaddr 
*)&addr,(socklen_t)(sizeof(addr.sun_family)+strlen(addr.sun_path)))<0)
   {
     (void)close(sock);
     return NULL;

Modified: nss-pam-ldapd-solaris/configure.ac
==============================================================================
--- nss-pam-ldapd-solaris/configure.ac  Thu Nov  4 21:45:37 2010        (r1298)
+++ nss-pam-ldapd-solaris/configure.ac  Thu Nov  4 21:48:34 2010        (r1299)
@@ -430,7 +430,7 @@
   nss_ldap_so_LINK="\$(CCLD) \$(AM_CFLAGS) \$(CFLAGS) \$(nss_ldap_so_LDFLAGS) 
\$(LDFLAGS) -o \$@"
   case "$target_os" in
   solaris*)
-    if test "$ac_cv_prog_gcc" = yes
+    if test "x$GCC" = xyes
     then
       nss_ldap_so_LINK="/usr/ccs/bin/ld -Bdirect -z nodelete -Bdynamic -M 
\$(srcdir)/exports.solaris -G -o \$@"
     else
@@ -485,7 +485,7 @@
   pam_ldap_so_LINK="\$(CCLD) \$(AM_CFLAGS) \$(CFLAGS) \$(pam_ldap_so_LDFLAGS) 
\$(LDFLAGS) -o \$@"
   case "$target_os" in
   solaris*)
-    if test "$ac_cv_prog_gcc" = yes
+    if test "x$GCC" = xyes
     then
       pam_ldap_so_LINK="/usr/ccs/bin/ld -Bdirect -z nodelete -Bdynamic -M 
\$(srcdir)/pam_ldap.map -G -o \$@"
     else

Modified: nss-pam-ldapd-solaris/nslcd/cfg.h
==============================================================================
--- nss-pam-ldapd-solaris/nslcd/cfg.h   Thu Nov  4 21:45:37 2010        (r1298)
+++ nss-pam-ldapd-solaris/nslcd/cfg.h   Thu Nov  4 21:48:34 2010        (r1299)
@@ -133,8 +133,7 @@
   int ldc_restart;
   /* set to a greater than 0 to enable handling of paged results with the 
specified size */
   int ldc_pagesize;
-  /* the users for which no initgroups() searches should be done
-     Note: because we use a set here comparisons will be case-insensitive */
+  /* the users for which no initgroups() searches should be done */
   SET *ldc_nss_initgroups_ignoreusers;
   /* the search that should be performed to do autorisation checks */
   char *ldc_pam_authz_search;

Modified: nss-pam-ldapd-solaris/nslcd/common.h
==============================================================================
--- nss-pam-ldapd-solaris/nslcd/common.h        Thu Nov  4 21:45:37 2010        
(r1298)
+++ nss-pam-ldapd-solaris/nslcd/common.h        Thu Nov  4 21:48:34 2010        
(r1299)
@@ -83,7 +83,7 @@
 
 /* Perform an LDAP lookup to translate the DN into a uid.
    This function either returns NULL or a strdup()ed string. */
-MUST_USE char *lookup_dn2uid(MYLDAP_SESSION *session,const char *dn,int *rcp);
+MUST_USE char *lookup_dn2uid(MYLDAP_SESSION *session,const char *dn,int 
*rcp,char *buf,size_t buflen);
 
 /* transforms the DN info a uid doing an LDAP lookup if needed */
 MUST_USE char *dn2uid(MYLDAP_SESSION *session,const char *dn,char *buf,size_t 
buflen);

Modified: nss-pam-ldapd-solaris/nslcd/myldap.c
==============================================================================
--- nss-pam-ldapd-solaris/nslcd/myldap.c        Thu Nov  4 21:45:37 2010        
(r1298)
+++ nss-pam-ldapd-solaris/nslcd/myldap.c        Thu Nov  4 21:48:34 2010        
(r1299)
@@ -638,8 +638,6 @@
   int rc;
   int sd=-1;
   struct timeval tv;
-  /* check if the idle time for the connection has expired */
-  myldap_session_check(session);
   /* if the connection is still there (ie. ldap_unbind() wasn't
      called) then we can return the cached connection */
   if (session->ld!=NULL)
@@ -937,6 +935,8 @@
   /* log the call */
   log_log(LOG_DEBUG,"myldap_search(base=\"%s\", filter=\"%s\")",
                     base,filter);
+  /* check if the idle time for the connection has expired */
+  myldap_session_check(session);
   /* allocate a new search entry */
   search=myldap_search_new(session,base,scope,filter,attrs);
   /* find a place in the session where we can register our search */

Modified: nss-pam-ldapd-solaris/nslcd/nslcd.c
==============================================================================
--- nss-pam-ldapd-solaris/nslcd/nslcd.c Thu Nov  4 21:45:37 2010        (r1298)
+++ nss-pam-ldapd-solaris/nslcd/nslcd.c Thu Nov  4 21:48:34 2010        (r1299)
@@ -297,7 +297,7 @@
   strncpy(addr.sun_path,NSLCD_SOCKET,sizeof(addr.sun_path));
   addr.sun_path[sizeof(addr.sun_path)-1]='\0';
   /* bind to the named socket */
-  if (bind(sock,(struct sockaddr *)&addr,sizeof(struct sockaddr_un)))
+  if (bind(sock,(struct sockaddr 
*)&addr,(sizeof(addr.sun_family)+strlen(addr.sun_path))))
   {
     log_log(LOG_ERR,"bind() to "NSLCD_SOCKET" failed: %s",
             strerror(errno));
@@ -308,7 +308,7 @@
   /* close the file descriptor on exit */
   if (fcntl(sock,F_SETFD,FD_CLOEXEC)<0)
   {
-    log_log(LOG_ERR,"fctnl(F_SETFL,O_NONBLOCK) failed: %s",strerror(errno));
+    log_log(LOG_ERR,"fctnl(F_SETFL,FD_CLOEXEC) failed: %s",strerror(errno));
     if (close(sock))
       log_log(LOG_WARNING,"problem closing socket: %s",strerror(errno));
     exit(EXIT_FAILURE);

Modified: nss-pam-ldapd-solaris/nslcd/pam.c
==============================================================================
--- nss-pam-ldapd-solaris/nslcd/pam.c   Thu Nov  4 21:45:37 2010        (r1298)
+++ nss-pam-ldapd-solaris/nslcd/pam.c   Thu Nov  4 21:48:34 2010        (r1299)
@@ -47,7 +47,7 @@
 static int try_bind(const char *userdn,const char *password)
 {
   MYLDAP_SESSION *session;
-  char *username;
+  char buffer[256];
   int rc;
   /* set up a new connection */
   session=myldap_create_session();
@@ -56,9 +56,8 @@
   /* set up credentials for the session */
   myldap_set_credentials(session,userdn,password);
   /* perform search for own object (just to do any kind of search) */
-  username=lookup_dn2uid(session,userdn,&rc);
-  if (username!=NULL)
-    free(username);
+  if 
((lookup_dn2uid(session,userdn,&rc,buffer,sizeof(buffer))==NULL)&&(rc==LDAP_SUCCESS))
+    rc=LDAP_LOCAL_ERROR;
   /* close the session */
   myldap_session_close(session);
   /* handle the results */
@@ -404,7 +403,7 @@
                      const char *oldpassword,const char *newpassword)
 {
   MYLDAP_SESSION *session;
-  char *username;
+  char buffer[256];
   int rc;
   /* set up a new connection */
   session=myldap_create_session();
@@ -413,11 +412,7 @@
   /* set up credentials for the session */
   myldap_set_credentials(session,binddn,oldpassword);
   /* perform search for own object (just to do any kind of search) */
-  username=lookup_dn2uid(session,userdn,&rc);
-  if (username!=NULL)
-    free(username);
-  /* perform actual password modification */
-  if (rc==LDAP_SUCCESS)
+  if 
((lookup_dn2uid(session,userdn,&rc,buffer,sizeof(buffer))!=NULL)&&(rc==LDAP_SUCCESS))
   {
     /* if doing password modification as admin, don't pass old password along 
*/
     if 
((nslcd_cfg->ldc_rootpwmoddn!=NULL)&&(strcmp(binddn,nslcd_cfg->ldc_rootpwmoddn)==0))

Modified: nss-pam-ldapd-solaris/nslcd/passwd.c
==============================================================================
--- nss-pam-ldapd-solaris/nslcd/passwd.c        Thu Nov  4 21:45:37 2010        
(r1298)
+++ nss-pam-ldapd-solaris/nslcd/passwd.c        Thu Nov  4 21:48:34 2010        
(r1299)
@@ -140,14 +140,14 @@
 
 /* Perform an LDAP lookup to translate the DN into a uid.
    This function either returns NULL or a strdup()ed string. */
-char *lookup_dn2uid(MYLDAP_SESSION *session,const char *dn,int *rcp)
+char *lookup_dn2uid(MYLDAP_SESSION *session,const char *dn,int *rcp,char 
*buf,size_t buflen)
 {
   MYLDAP_SEARCH *search;
   MYLDAP_ENTRY *entry;
   static const char *attrs[2];
   int rc=LDAP_SUCCESS;
   const char **values;
-  char *uid;
+  char *uid=NULL;
   if (rcp==NULL)
     rcp=&rc;
   /* we have to look up the entry */
@@ -169,10 +169,12 @@
   /* get uid (just use first one) */
   values=myldap_get_values(entry,attmap_passwd_uid);
   /* check the result for presence and validity */
-  if ((values!=NULL)&&(values[0]!=NULL)&&isvalidname(values[0]))
-    uid=strdup(values[0]);
-  else
-    uid=NULL;
+  if 
((values!=NULL)&&(values[0]!=NULL)&&isvalidname(values[0])&&(strlen(values[0])<buflen))
+  {
+    strcpy(buf,values[0]);
+    uid=buf;
+  }
+  /* clean up and return */
   myldap_search_close(search);
   return uid;
 }
@@ -216,31 +218,38 @@
   }
   pthread_mutex_unlock(&dn2uid_cache_mutex);
   /* look up the uid using an LDAP query */
-  uid=lookup_dn2uid(session,dn,NULL);
+  uid=lookup_dn2uid(session,dn,NULL,buf,buflen);
   /* store the result in the cache */
   pthread_mutex_lock(&dn2uid_cache_mutex);
+  /* try to get the entry from the cache here again because it could have
+     changed in the meantime */
+  cacheentry=dict_get(dn2uid_cache,dn);
   if (cacheentry==NULL)
   {
     /* allocate a new entry in the cache */
     cacheentry=(struct dn2uid_cache_entry *)malloc(sizeof(struct 
dn2uid_cache_entry));
     if (cacheentry!=NULL)
+    {
+      cacheentry->uid=NULL;
       dict_put(dn2uid_cache,dn,cacheentry);
+    }
   }
-  else if (cacheentry->uid!=NULL)
-    free(cacheentry->uid);
   /* update the cache entry */
   if (cacheentry!=NULL)
   {
     cacheentry->timestamp=time(NULL);
-    cacheentry->uid=uid;
+    /* copy the uid if needed */
+    if (cacheentry->uid==NULL)
+      cacheentry->uid=uid!=NULL?strdup(uid):NULL;
+    else if (strcmp(cacheentry->uid,uid)!=0)
+    {
+      free(cacheentry->uid);
+      cacheentry->uid=uid!=NULL?strdup(uid):NULL;
+    }
   }
   pthread_mutex_unlock(&dn2uid_cache_mutex);
   /* copy the result into the buffer */
-  if ((uid!=NULL)&&(strlen(uid)<buflen))
-    strcpy(buf,uid);
-  else
-    buf=NULL;
-  return buf;
+  return uid;
 }
 
 MYLDAP_ENTRY *uid2entry(MYLDAP_SESSION *session,const char *uid)
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits