diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2007-09-14 16:30:40 +0000 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2007-09-14 16:30:40 +0000 |
| commit | c5fde824853997d98807b9a51585e4544e86d048 (patch) | |
| tree | 2400bccaea77dbc279fc30cd872e0ce6037248b0 | |
| parent | b79a013d8b44fbd008019ed8b212a24f66ea2069 (diff) | |
get rid of global session and instead pass the session as a parameter with every request and allocate a session per thread
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@391 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | nslcd/alias.c | 21 | ||||
| -rw-r--r-- | nslcd/common.h | 61 | ||||
| -rw-r--r-- | nslcd/ether.c | 39 | ||||
| -rw-r--r-- | nslcd/group.c | 154 | ||||
| -rw-r--r-- | nslcd/host.c | 65 | ||||
| -rw-r--r-- | nslcd/ldap-nss.c | 362 | ||||
| -rw-r--r-- | nslcd/ldap-nss.h | 148 | ||||
| -rw-r--r-- | nslcd/netgroup.c | 15 | ||||
| -rw-r--r-- | nslcd/network.c | 34 | ||||
| -rw-r--r-- | nslcd/nslcd.c | 78 | ||||
| -rw-r--r-- | nslcd/passwd.c | 53 | ||||
| -rw-r--r-- | nslcd/protocol.c | 30 | ||||
| -rw-r--r-- | nslcd/rpc.c | 30 | ||||
| -rw-r--r-- | nslcd/service.c | 42 | ||||
| -rw-r--r-- | nslcd/shadow.c | 47 | ||||
| -rw-r--r-- | nslcd/util.c | 29 | ||||
| -rw-r--r-- | nslcd/util.h | 14 |
17 files changed, 558 insertions, 664 deletions
diff --git a/nslcd/alias.c b/nslcd/alias.c index e71bc18..ad98ca4 100644 --- a/nslcd/alias.c +++ b/nslcd/alias.c @@ -64,6 +64,7 @@ const char *alias_filter = "(objectClass=nisMailAlias)"; /* the attributes to request with searches */ const char *attmap_alias_cn = "cn"; const char *attmap_alias_rfc822MailMember = "rfc822MailMember"; + /* the attribute list to request with searches */ static const char *alias_attrs[3]; @@ -98,7 +99,7 @@ static void alias_init(void) } static enum nss_status _nss_ldap_parse_alias( - LDAPMessage *e,struct ldap_state UNUSED(*pvt),void *result, + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state),void *result, char *buffer,size_t buflen) { /* FIXME: fix following problem: @@ -108,21 +109,21 @@ static enum nss_status _nss_ldap_parse_alias( struct aliasent *alias=(struct aliasent *)result; enum nss_status stat; - stat=_nss_ldap_getrdnvalue(e,attmap_alias_cn,&alias->alias_name,&buffer,&buflen); + stat=_nss_ldap_getrdnvalue(session,e,attmap_alias_cn,&alias->alias_name,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; - stat=_nss_ldap_assign_attrvals(e,attmap_alias_rfc822MailMember,NULL,&alias->alias_members,&buffer,&buflen,&alias->alias_members_len); + stat=_nss_ldap_assign_attrvals(session,e,attmap_alias_rfc822MailMember,NULL,&alias->alias_members,&buffer,&buflen,&alias->alias_members_len); return stat; } -static int write_alias(LDAPMessage *e,struct ldap_state UNUSED(*pvt),TFILE *fp) +static int write_alias(MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state),TFILE *fp) { int stat; - if ((stat=_nss_ldap_write_rndvalue(fp,e,attmap_alias_cn))!=NSLCD_RESULT_SUCCESS) + if ((stat=_nss_ldap_write_rndvalue(fp,session,e,attmap_alias_cn))!=NSLCD_RESULT_SUCCESS) return stat; - if ((stat=_nss_ldap_write_attrvals(fp,e,attmap_alias_rfc822MailMember))!=NSLCD_RESULT_SUCCESS) + if ((stat=_nss_ldap_write_attrvals(fp,session,e,attmap_alias_rfc822MailMember))!=NSLCD_RESULT_SUCCESS) return stat; return NSLCD_RESULT_SUCCESS; } @@ -134,7 +135,7 @@ static int write_alias(LDAPMessage *e,struct ldap_state UNUSED(*pvt),TFILE *fp) #define ALIAS_NAME result.alias_name #define ALIAS_RCPTS result.alias_members -int nslcd_alias_byname(TFILE *fp) +int nslcd_alias_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -149,14 +150,14 @@ int nslcd_alias_byname(TFILE *fp) /* do the LDAP request */ mkfilter_alias_byname(name,filter,sizeof(filter)); alias_init(); - _nss_ldap_searchbyname(alias_base,alias_scope,filter,alias_attrs, + _nss_ldap_searchbyname(session,alias_base,alias_scope,filter,alias_attrs, fp,write_alias); WRITE_FLUSH(fp); /* we're done */ return 0; } -int nslcd_alias_all(TFILE *fp) +int nslcd_alias_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32,tmp2int32; struct ent_context context; @@ -171,7 +172,7 @@ int nslcd_alias_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_ALIAS_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ alias_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/common.h b/nslcd/common.h index 71282a8..e2490ad 100644 --- a/nslcd/common.h +++ b/nslcd/common.h @@ -28,6 +28,7 @@ #include "nslcd-common.h" #include "common/tio.h" #include "compat/attrs.h" +#include "ldap-nss.h" /* macros for basic read and write operations, the following ERROR_OUT* marcos define the action taken on errors @@ -53,36 +54,36 @@ int mysnprintf(char *buffer,size_t buflen,const char *format, ...) /* these are the different functions that handle the database specific actions, see nslcd.h for the action descriptions */ -int nslcd_alias_byname(TFILE *fp); -int nslcd_alias_all(TFILE *fp); -int nslcd_ether_byname(TFILE *fp); -int nslcd_ether_byether(TFILE *fp); -int nslcd_ether_all(TFILE *fp); -int nslcd_group_byname(TFILE *fp); -int nslcd_group_bygid(TFILE *fp); -int nslcd_group_bymember(TFILE *fp); -int nslcd_group_all(TFILE *fp); -int nslcd_host_byname(TFILE *fp); -int nslcd_host_byaddr(TFILE *fp); -int nslcd_host_all(TFILE *fp); -int nslcd_netgroup_byname(TFILE *fp); -int nslcd_network_byname(TFILE *fp); -int nslcd_network_byaddr(TFILE *fp); -int nslcd_network_all(TFILE *fp); -int nslcd_passwd_byname(TFILE *fp); -int nslcd_passwd_byuid(TFILE *fp); -int nslcd_passwd_all(TFILE *fp); -int nslcd_protocol_byname(TFILE *fp); -int nslcd_protocol_bynumber(TFILE *fp); -int nslcd_protocol_all(TFILE *fp); -int nslcd_rpc_byname(TFILE *fp); -int nslcd_rpc_bynumber(TFILE *fp); -int nslcd_rpc_all(TFILE *fp); -int nslcd_service_byname(TFILE *fp); -int nslcd_service_bynumber(TFILE *fp); -int nslcd_service_all(TFILE *fp); -int nslcd_shadow_byname(TFILE *fp); -int nslcd_shadow_all(TFILE *fp); +int nslcd_alias_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_alias_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_ether_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_ether_byether(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_ether_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_group_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_group_bygid(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_group_bymember(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_group_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_host_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_host_byaddr(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_host_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_netgroup_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_network_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_network_byaddr(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_network_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_passwd_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_passwd_byuid(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_passwd_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_protocol_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_protocol_bynumber(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_protocol_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_rpc_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_rpc_bynumber(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_rpc_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_service_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_service_bynumber(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_service_all(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_shadow_byname(TFILE *fp,MYLDAP_SESSION *session); +int nslcd_shadow_all(TFILE *fp,MYLDAP_SESSION *session); int mkfilter_passwd_byname(const char *name, char *buffer,size_t buflen); diff --git a/nslcd/ether.c b/nslcd/ether.c index 1f15f12..4437bed 100644 --- a/nslcd/ether.c +++ b/nslcd/ether.c @@ -141,29 +141,22 @@ static void ether_init(void) ether_attrs[2]=NULL; } -static enum nss_status -_nss_ldap_parse_ether (LDAPMessage * e, - struct ldap_state UNUSED(*pvt), - void *result, char *buffer, size_t buflen) +static enum nss_status _nss_ldap_parse_ether( + MYLDAP_SESSION *session,LDAPMessage *e, + struct ldap_state UNUSED(*state),void *result,char *buffer, + size_t buflen) { - struct ether *ether = (struct ether *) result; + struct ether *ether=(struct ether *)result; char *saddr; enum nss_status stat; struct ether_addr *addr; - - stat = _nss_ldap_assign_attrval (e, attmap_ether_cn, - ðer->e_name, &buffer, &buflen); - if (stat != NSS_STATUS_SUCCESS) + stat=_nss_ldap_assign_attrval(session,e,attmap_ether_cn,ðer->e_name,&buffer,&buflen); + if (stat!=NSS_STATUS_SUCCESS) return stat; - - stat = _nss_ldap_assign_attrval (e, attmap_ether_macAddress, &saddr, - &buffer, &buflen); - - if (stat != NSS_STATUS_SUCCESS || ((addr = ether_aton (saddr)) == NULL)) + stat=_nss_ldap_assign_attrval(session,e,attmap_ether_macAddress,&saddr,&buffer,&buflen); + if ((stat!=NSS_STATUS_SUCCESS)||((addr=ether_aton(saddr))==NULL)) return NSS_STATUS_NOTFOUND; - - memcpy (ðer->e_addr, addr, sizeof (*addr)); - + memcpy(ðer->e_addr,addr,sizeof(*addr)); return NSS_STATUS_SUCCESS; } @@ -173,7 +166,7 @@ _nss_ldap_parse_ether (LDAPMessage * e, #define ETHER_NAME result.e_name #define ETHER_ADDR result.e_addr -int nslcd_ether_byname(TFILE *fp) +int nslcd_ether_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -193,7 +186,7 @@ int nslcd_ether_byname(TFILE *fp) /* do the LDAP request */ mkfilter_ether_byname(name,filter,sizeof(filter)); ether_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, ether_base,ether_scope,filter,ether_attrs, _nss_ldap_parse_ether); /* write the response */ @@ -207,7 +200,7 @@ int nslcd_ether_byname(TFILE *fp) return 0; } -int nslcd_ether_byether(TFILE *fp) +int nslcd_ether_byether(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ether_addr addr; @@ -227,7 +220,7 @@ int nslcd_ether_byether(TFILE *fp) /* do the LDAP request */ mkfilter_ether_byether(&addr,filter,sizeof(filter)); ether_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, ether_base,ether_scope,filter,ether_attrs, _nss_ldap_parse_ether); /* write the response */ @@ -241,7 +234,7 @@ int nslcd_ether_byether(TFILE *fp) return 0; } -int nslcd_ether_all(TFILE *fp) +int nslcd_ether_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ent_context context; @@ -256,7 +249,7 @@ int nslcd_ether_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_ETHER_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ ether_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/group.c b/nslcd/group.c index 3c1747a..bffc2b7 100644 --- a/nslcd/group.c +++ b/nslcd/group.c @@ -107,9 +107,9 @@ ldap_initgroups_args_t; #define GID_NOBODY UID_NOBODY #endif -static enum nss_status ng_chase(const char *dn,ldap_initgroups_args_t *lia); +static enum nss_status ng_chase(MYLDAP_SESSION *session,const char *dn,ldap_initgroups_args_t *lia); -static enum nss_status ng_chase_backlink(const char **membersOf,ldap_initgroups_args_t *lia); +static enum nss_status ng_chase_backlink(MYLDAP_SESSION *session,const char **membersOf,ldap_initgroups_args_t *lia); /* ( nisSchema.2.2 NAME 'posixGroup' SUP top STRUCTURAL * DESC 'Abstraction of a group of accounts' @@ -173,7 +173,7 @@ static int mkfilter_getgroupsbydn(const char *dn, attmap_group_uniqueMember,dn); } -static char *user2dn(const char *user) +static char *user2dn(MYLDAP_SESSION *session,const char *user) { /* TODO: move this to passwd.c once we are sure we would be able to lock there */ char *userdn=NULL; @@ -181,20 +181,20 @@ static char *user2dn(const char *user) char filter[1024]; LDAPMessage *res, *e; mkfilter_passwd_byname(user,filter,sizeof(filter)); - if (_nss_ldap_search_sync_locked(group_base,group_scope,filter,no_attrs,1,&res)==NSS_STATUS_SUCCESS) + if (_nss_ldap_search_sync_locked(session,group_base,group_scope,filter,no_attrs,1,&res)==NSS_STATUS_SUCCESS) { - e=_nss_ldap_first_entry(res); + e=_nss_ldap_first_entry(session,res); if (e!=NULL) { - userdn=_nss_ldap_get_dn(e); + userdn=_nss_ldap_get_dn(session,e); } ldap_msgfree(res); } return userdn; } -static int mkfilter_group_bymember(const char *user, - char *buffer,size_t buflen) +static int mkfilter_group_bymember(MYLDAP_SESSION *session,const char *user, + char *buffer,size_t buflen) { char buf2[1024]; char *userdn; @@ -204,7 +204,7 @@ static int mkfilter_group_bymember(const char *user, return -1; /* lookup the user's DN */ if (_nss_ldap_test_config_flag(NSS_LDAP_FLAGS_RFC2307BIS)) - userdn=user2dn(user); + userdn=user2dn(session,user); if (userdn==NULL) return mysnprintf(buffer,buflen, "(&%s(%s=%s))", @@ -409,10 +409,9 @@ do_parse_range (const char *attributeType, return stat; } -static enum nss_status -do_get_range_values (LDAPMessage * e, - const char *attributeType, - int *start, int *end, char ***pGroupMembers) +static enum nss_status do_get_range_values( + MYLDAP_SESSION *session,LDAPMessage *e,const char *attributeType, + int *start,int *end,char ***pGroupMembers) { enum nss_status stat = NSS_STATUS_NOTFOUND; BerElement *ber = NULL; @@ -420,13 +419,13 @@ do_get_range_values (LDAPMessage * e, *pGroupMembers = NULL; - for (attribute = _nss_ldap_first_attribute (e, &ber); - attribute != NULL; attribute = _nss_ldap_next_attribute (e, ber)) + for (attribute = _nss_ldap_first_attribute(session,e,&ber); + attribute != NULL; attribute = _nss_ldap_next_attribute(session,e,ber)) { stat = do_parse_range (attributeType, attribute, start, end); if (stat == NSS_STATUS_SUCCESS) { - *pGroupMembers = _nss_ldap_get_values (e, attribute); + *pGroupMembers = _nss_ldap_get_values(session,e,attribute); if (*pGroupMembers == NULL) { stat = NSS_STATUS_NOTFOUND; @@ -495,15 +494,11 @@ do_construct_range_attribute (const char *attribute, /* * Expand group members, including nested groups */ -static enum nss_status -do_parse_group_members (LDAPMessage * e, - char ***pGroupMembers, - size_t * pGroupMembersCount, - size_t * pGroupMembersBufferSize, - int *pGroupMembersBufferIsMalloced, - char **buffer, size_t * buflen, - int *depth, - struct name_list **pKnownGroups) /* traversed groups */ +static enum nss_status do_parse_group_members( + MYLDAP_SESSION *session,LDAPMessage *e,char ***pGroupMembers, + size_t *pGroupMembersCount,size_t *pGroupMembersBufferSize, + int *pGroupMembersBufferIsMalloced,char **buffer,size_t *buflen, + int *depth,struct name_list **pKnownGroups) /* traversed groups */ { enum nss_status stat = NSS_STATUS_SUCCESS; char **dnValues = NULL; @@ -512,7 +507,7 @@ do_parse_group_members (LDAPMessage * e, size_t groupMembersCount, i; char **valiter; const char *uniquemember_attrs[2]; - LDAPMessage *res = NULL; + LDAPMessage *res=NULL; int start, end = 0; char *groupdn = NULL; @@ -527,7 +522,7 @@ do_parse_group_members (LDAPMessage * e, i = *pGroupMembersCount; /* index of next member */ groupMembers = *pGroupMembers; - groupdn = _nss_ldap_get_dn (e); + groupdn=_nss_ldap_get_dn(session,e); if (groupdn == NULL) { stat = NSS_STATUS_NOTFOUND; @@ -557,13 +552,13 @@ do_parse_group_members (LDAPMessage * e, groupMembersCount = 0; /* number of members in this group */ - (void) do_get_range_values (e, attmap_group_uniqueMember, &start, &end, &dnValues); + (void)do_get_range_values(session,e,attmap_group_uniqueMember,&start,&end,&dnValues); if (dnValues != NULL) { groupMembersCount += ldap_count_values (dnValues); } - uidValues = _nss_ldap_get_values (e, attmap_group_memberUid); + uidValues=_nss_ldap_get_values(session,e,attmap_group_memberUid); if (uidValues != NULL) { groupMembersCount += ldap_count_values (uidValues); @@ -626,9 +621,7 @@ do_parse_group_members (LDAPMessage * e, *uid = '\0'; } - parseStat = _nss_ldap_dn2uid (*valiter, &groupMembers[i], - buffer, buflen, &isNestedGroup, - &res); + parseStat=_nss_ldap_dn2uid(session,*valiter,&groupMembers[i],buffer,buflen,&isNestedGroup,&res); if (parseStat == NSS_STATUS_SUCCESS) { if (isNestedGroup == 0) @@ -640,7 +633,7 @@ do_parse_group_members (LDAPMessage * e, (*depth)++; parseStat = - do_parse_group_members (_nss_ldap_first_entry (res), + do_parse_group_members (session,_nss_ldap_first_entry(session,res), &groupMembers, &i, pGroupMembersBufferSize, pGroupMembersBufferIsMalloced, @@ -710,11 +703,11 @@ do_parse_group_members (LDAPMessage * e, res = NULL; } - stat=_nss_ldap_read_sync(groupdn,uniquemember_attrs,&res); + stat=_nss_ldap_read_sync(session,groupdn,uniquemember_attrs,&res); if (stat != NSS_STATUS_SUCCESS) goto out; - e = _nss_ldap_first_entry (res); + e=_nss_ldap_first_entry(session,res); } } } @@ -771,10 +764,9 @@ do_fix_group_members_buffer (char **mallocedGroupMembers, return NSS_STATUS_SUCCESS; } -static enum nss_status -_nss_ldap_parse_gr (LDAPMessage * e, - struct ldap_state * pvt, - void *result, char *buffer, size_t buflen) +static enum nss_status _nss_ldap_parse_gr( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char *buffer,size_t buflen) { struct group *gr = (struct group *) result; char *gid; @@ -787,9 +779,7 @@ _nss_ldap_parse_gr (LDAPMessage * e, int depth; struct name_list *knownGroups = NULL; - stat = - _nss_ldap_assign_attrval (e, attmap_group_gidNumber, &gid, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_group_gidNumber,&gid,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; @@ -798,15 +788,11 @@ _nss_ldap_parse_gr (LDAPMessage * e, (char **) NULL, 10); - stat = - _nss_ldap_getrdnvalue (e, attmap_group_cn, &gr->gr_name, &buffer, - &buflen); + stat=_nss_ldap_getrdnvalue(session,e,attmap_group_cn,&gr->gr_name,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; - stat = - _nss_ldap_assign_userpassword (e, attmap_group_userPassword, - &gr->gr_passwd, &buffer, &buflen); + stat=_nss_ldap_assign_userpassword(session,e,attmap_group_userPassword,&gr->gr_passwd,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; @@ -818,10 +804,9 @@ _nss_ldap_parse_gr (LDAPMessage * e, groupMembersBufferIsMalloced = 0; depth = 0; - stat = do_parse_group_members (e, &groupMembers, &groupMembersCount, - &groupMembersBufferSize, - &groupMembersBufferIsMalloced, &buffer, - &buflen, &depth, &knownGroups); + stat=do_parse_group_members(session,e,&groupMembers,&groupMembersCount, + &groupMembersBufferSize,&groupMembersBufferIsMalloced, + &buffer,&buflen,&depth,&knownGroups); if (stat != NSS_STATUS_SUCCESS) { if (groupMembersBufferIsMalloced) @@ -839,9 +824,8 @@ _nss_ldap_parse_gr (LDAPMessage * e, } else { - stat = - _nss_ldap_assign_attrvals (e, attmap_group_memberUid, NULL, - &gr->gr_mem, &buffer, &buflen, NULL); + stat=_nss_ldap_assign_attrvals(session,e,attmap_group_memberUid,NULL, + &gr->gr_mem,&buffer,&buflen,NULL); } return stat; @@ -852,17 +836,15 @@ _nss_ldap_parse_gr (LDAPMessage * e, * of any groups to which this group belongs (RFC2307bis nested * group expansion is done by do_parse_initgroups_nested()). */ -static enum nss_status -do_parse_initgroups (LDAPMessage * e, - struct ldap_state * pvt, void *result, - char *buffer, size_t buflen) +static enum nss_status do_parse_initgroups( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char UNUSED(*buffer),size_t UNUSED(buflen)) { char **values; ssize_t i; gid_t gid; - ldap_initgroups_args_t *lia = (ldap_initgroups_args_t *) result; - - values = _nss_ldap_get_values (e, attmap_group_gidNumber); + ldap_initgroups_args_t *lia=(ldap_initgroups_args_t *)result; + values=_nss_ldap_get_values(session,e,attmap_group_gidNumber); if (values == NULL) { /* invalid group; skip it */ @@ -941,17 +923,16 @@ do_parse_initgroups (LDAPMessage * e, return NSS_STATUS_NOTFOUND; } -static enum nss_status -do_parse_initgroups_nested (LDAPMessage * e, - struct ldap_state * pvt, void *result, - char *buffer, size_t buflen) +static enum nss_status do_parse_initgroups_nested( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state *state, + void *result,char *buffer,size_t buflen) { enum nss_status status; ldap_initgroups_args_t *lia = (ldap_initgroups_args_t *) result; char **values; char *groupdn; - status = do_parse_initgroups (e, pvt, result, buffer, buflen); + status=do_parse_initgroups(session,e,state,result,buffer,buflen); if (status != NSS_STATUS_NOTFOUND) return status; @@ -964,11 +945,11 @@ do_parse_initgroups_nested (LDAPMessage * e, * Now add the GIDs of any groups of which this group is * a member. */ - values = _nss_ldap_get_values (e, attmap_group_memberOf); + values=_nss_ldap_get_values(session,e,attmap_group_memberOf); if (values != NULL) { lia->depth++; - status=ng_chase_backlink((const char **)values,lia); + status=ng_chase_backlink(session,(const char **)values,lia); lia->depth--; ldap_value_free (values); @@ -981,12 +962,12 @@ do_parse_initgroups_nested (LDAPMessage * e, /* * Now add the GIDs of any groups which refer to this group */ - groupdn = _nss_ldap_get_dn (e); + groupdn=_nss_ldap_get_dn(session,e); if (groupdn != NULL) { /* Note: there was a problem here with stat in the orriginal code */ lia->depth++; - status=ng_chase(groupdn,lia); + status=ng_chase(session,groupdn,lia); lia->depth--; #ifdef HAVE_LDAP_MEMFREE ldap_memfree(groupdn); @@ -999,7 +980,7 @@ do_parse_initgroups_nested (LDAPMessage * e, return status; } -static enum nss_status ng_chase(const char *dn, ldap_initgroups_args_t * lia) +static enum nss_status ng_chase(MYLDAP_SESSION *session,const char *dn,ldap_initgroups_args_t *lia) { char filter[1024]; enum nss_status stat; @@ -1016,7 +997,7 @@ static enum nss_status ng_chase(const char *dn, ldap_initgroups_args_t * lia) gidnumber_attrs[0]=attmap_group_gidNumber; gidnumber_attrs[1]=NULL; - _nss_ldap_ent_context_init_locked(&context); + _nss_ldap_ent_context_init_locked(&context,session); mkfilter_getgroupsbydn(dn,filter,sizeof(filter)); stat=_nss_ldap_getent_locked(&context,lia,NULL,0,&erange, group_base,group_scope,filter,gidnumber_attrs, @@ -1030,7 +1011,7 @@ static enum nss_status ng_chase(const char *dn, ldap_initgroups_args_t * lia) return stat; } -static enum nss_status ng_chase_backlink(const char ** membersOf, ldap_initgroups_args_t * lia) +static enum nss_status ng_chase_backlink(MYLDAP_SESSION *session,const char **membersOf,ldap_initgroups_args_t *lia) { enum nss_status stat; struct ent_context context; @@ -1076,7 +1057,7 @@ static enum nss_status ng_chase_backlink(const char ** membersOf, ldap_initgroup gidnumber_attrs[1] = attmap_group_memberOf; gidnumber_attrs[2] = NULL; - _nss_ldap_ent_context_init_locked(&context); + _nss_ldap_ent_context_init_locked(&context,session); /* FIXME: the search filter is wrong here, we should figure out what it's supposed to be */ stat=_nss_ldap_getent_locked(&context,lia,NULL,0,&erange, @@ -1105,8 +1086,7 @@ static enum nss_status ng_chase_backlink(const char ** membersOf, ldap_initgroup return stat; } -static int group_bymember(const char *user, long int *start, - long int *size, long int limit, +static int group_bymember(MYLDAP_SESSION *session,const char *user, int *errnop) { ldap_initgroups_args_t lia; @@ -1119,17 +1099,17 @@ static int group_bymember(const char *user, long int *start, lia.known_groups=NULL; _nss_ldap_enter(); /* initialize schema */ - stat=_nss_ldap_init(); + stat=_nss_ldap_init(session); if (stat!=NSS_STATUS_SUCCESS) { log_log(LOG_DEBUG,"<== group_bymember (init failed)"); _nss_ldap_leave(); return -1; } - mkfilter_group_bymember(user,filter,sizeof(filter)); + mkfilter_group_bymember(session,user,filter,sizeof(filter)); gidnumber_attrs[0] = attmap_group_gidNumber; gidnumber_attrs[1] = NULL; - _nss_ldap_ent_context_init_locked(&context); + _nss_ldap_ent_context_init_locked(&context,session); stat=_nss_ldap_getent_locked(&context,(void *)&lia,NULL,0,errnop, group_base,group_scope,filter,gidnumber_attrs, do_parse_initgroups_nested); @@ -1154,7 +1134,7 @@ static int group_bymember(const char *user, long int *start, #define GROUP_GID result.gr_gid #define GROUP_MEMBERS result.gr_mem -int nslcd_group_byname(TFILE *fp) +int nslcd_group_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32,tmp2int32,tmp3int32; char name[256]; @@ -1177,7 +1157,7 @@ int nslcd_group_byname(TFILE *fp) /* do the LDAP request */ mkfilter_group_byname(name,filter,sizeof(filter)); group_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, group_base,group_scope,filter,group_attrs, _nss_ldap_parse_gr); /* write the response */ @@ -1193,7 +1173,7 @@ int nslcd_group_byname(TFILE *fp) return 0; } -int nslcd_group_bygid(TFILE *fp) +int nslcd_group_bygid(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32,tmp2int32,tmp3int32; gid_t gid; @@ -1216,7 +1196,7 @@ int nslcd_group_bygid(TFILE *fp) /* do the LDAP request */ mkfilter_group_bygid(gid,filter,sizeof(filter)); group_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, group_base,group_scope,filter, group_attrs,_nss_ldap_parse_gr); /* write the response */ @@ -1232,7 +1212,7 @@ int nslcd_group_bygid(TFILE *fp) return 0; } -int nslcd_group_bymember(TFILE *fp) +int nslcd_group_bymember(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -1288,7 +1268,7 @@ int nslcd_group_bymember(TFILE *fp) return 0; } -int nslcd_group_all(TFILE *fp) +int nslcd_group_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32,tmp2int32,tmp3int32; struct ent_context context; @@ -1303,7 +1283,7 @@ int nslcd_group_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_GROUP_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ group_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/host.c b/nslcd/host.c index 43e528e..f491d41 100644 --- a/nslcd/host.c +++ b/nslcd/host.c @@ -150,11 +150,9 @@ static int write_hostent(TFILE *fp,struct hostent *result) return 0; } -static enum nss_status -_nss_ldap_parse_host (LDAPMessage * e, - struct ldap_state * pvt, - void *result, char *buffer, size_t buflen, - int af) +static enum nss_status _nss_ldap_parse_host( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char *buffer,size_t buflen) { /* this code needs reviewing. XXX */ struct hostent *host = (struct hostent *) result; @@ -174,19 +172,19 @@ _nss_ldap_parse_host (LDAPMessage * e, *addressbuf = *buffer = '\0'; - stat = _nss_ldap_assign_attrval (e, attmap_host_cn, &host->h_name, + stat = _nss_ldap_assign_attrval (session,e, attmap_host_cn, &host->h_name, &buffer, &buflen); if (stat != NSS_STATUS_SUCCESS) return stat; stat = - _nss_ldap_assign_attrvals (e, attmap_host_cn, host->h_name, + _nss_ldap_assign_attrvals (session,e, attmap_host_cn, host->h_name, &host->h_aliases, &buffer, &buflen, NULL); if (stat != NSS_STATUS_SUCCESS) return stat; stat = - _nss_ldap_assign_attrvals (e, attmap_host_ipHostNumber, NULL, &addresses, + _nss_ldap_assign_attrvals (session,e, attmap_host_ipHostNumber, NULL, &addresses, &p_addressbuf, &addresslen, &addresscount); if (stat != NSS_STATUS_SUCCESS) return stat; @@ -293,27 +291,7 @@ _nss_ldap_parse_host (LDAPMessage * e, return NSS_STATUS_SUCCESS; } -static enum nss_status -_nss_ldap_parse_hostv4 (LDAPMessage * e, - struct ldap_state * pvt, - void *result, char *buffer, size_t buflen) -{ - return _nss_ldap_parse_host (e, pvt, result, buffer, buflen, - AF_INET); -} - -#ifdef INET6 -static enum nss_status -_nss_ldap_parse_hostv6 (LDAPMessage * e, - struct ldap_state * pvt, - void *result, char *buffer, size_t buflen) -{ - return _nss_ldap_parse_host (e, pvt, result, buffer, buflen, - AF_INET6); -} -#endif - -int nslcd_host_byname(TFILE *fp) +int nslcd_host_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -332,13 +310,9 @@ int nslcd_host_byname(TFILE *fp) /* do the LDAP request */ mkfilter_host_byname(name,filter,sizeof(filter)); host_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, host_base,host_scope,filter,host_attrs, -#ifdef INET6 - (af == AF_INET6)?_nss_ldap_parse_hostv6:_nss_ldap_parse_hostv4); -#else - _nss_ldap_parse_hostv4); -#endif + _nss_ldap_parse_host); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -348,7 +322,7 @@ int nslcd_host_byname(TFILE *fp) return 0; } -int nslcd_host_byaddr(TFILE *fp) +int nslcd_host_byaddr(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; int af; @@ -389,13 +363,9 @@ int nslcd_host_byaddr(TFILE *fp) /* do the LDAP request */ mkfilter_host_byaddr(name,filter,sizeof(filter)); host_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, host_base,host_scope,filter,host_attrs, -#ifdef INET6 - (af == AF_INET6)?_nss_ldap_parse_hostv6:_nss_ldap_parse_hostv4); -#else - _nss_ldap_parse_hostv4); -#endif + _nss_ldap_parse_host); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -405,7 +375,7 @@ int nslcd_host_byaddr(TFILE *fp) return 0; } -int nslcd_host_all(TFILE *fp) +int nslcd_host_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ent_context context; @@ -420,17 +390,12 @@ int nslcd_host_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_HOST_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ host_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, host_base,host_scope,host_filter,host_attrs, -#ifdef INET6 - (_res.options&RES_USE_INET6)?_nss_ldap_parse_hostv6:_nss_ldap_parse_hostv4 -#else - _nss_ldap_parse_hostv4 -#endif - ))==NSLCD_RESULT_SUCCESS) + _nss_ldap_parse_host))==NSLCD_RESULT_SUCCESS) { /* write the result */ WRITE_INT32(fp,retv); diff --git a/nslcd/ldap-nss.c b/nslcd/ldap-nss.c index c6d186d..0a530f6 100644 --- a/nslcd/ldap-nss.c +++ b/nslcd/ldap-nss.c @@ -83,7 +83,8 @@ #include "attmap.h" #include "compat/ldap.h" -NSS_LDAP_DEFINE_LOCK(__lock); +/* TODO: move the lock inside the session */ +NSS_LDAP_DEFINE_LOCK(global_lock); /* * LS_INIT only used for enumeration contexts @@ -113,20 +114,24 @@ struct ldap_session int ls_current_uri; }; -/* - * Global LDAP session. - */ -static struct ldap_session __session = { NULL, 0, LS_UNINITIALIZED, 0 }; - -/* - * Close the global session, sending an unbind. - */ -static void do_close(void); - -/* - * Disable keepalive on a LDAP connection's socket. - */ -static void do_set_sockopts(void); +MYLDAP_SESSION *myldap_create_session(void) +{ + MYLDAP_SESSION *session; + /* allocate memory for the session storage */ + session=(struct ldap_session *)malloc(sizeof(struct ldap_session)); + if (session==NULL) + { + log_log(LOG_CRIT,"malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + /* initialize the session */ + session->ls_conn=NULL; + session->ls_timestamp=0; + session->ls_state=LS_UNINITIALIZED; + session->ls_current_uri=0; + /* return the new session */ + return session; +} static enum nss_status do_map_error(int rc) { @@ -165,7 +170,7 @@ static enum nss_status do_map_error(int rc) } } -static int do_sasl_interact(LDAP *ld,unsigned flags,void *defaults,void *_interact) +static int do_sasl_interact(LDAP UNUSED(*ld),unsigned UNUSED(flags),void *defaults,void *_interact) { char *authzid=(char *)defaults; sasl_interact_t *interact=(sasl_interact_t *)_interact; @@ -293,7 +298,7 @@ static int do_rebind(LDAP *ld,LDAP_CONST char UNUSED(*url), */ void _nss_ldap_enter(void) { - NSS_LDAP_LOCK(__lock); + NSS_LDAP_LOCK(global_lock); } /* @@ -301,15 +306,18 @@ void _nss_ldap_enter(void) */ void _nss_ldap_leave(void) { - NSS_LDAP_UNLOCK(__lock); + NSS_LDAP_UNLOCK(global_lock); } -static void do_set_sockopts(void) +/* + * Disable keepalive on a LDAP connection's socket. + */ +static void do_set_sockopts(MYLDAP_SESSION *session) { /* Netscape SSL-enabled LDAP library does not return the real socket */ int sd=-1; log_log(LOG_DEBUG,"==> do_set_sockopts"); - if (ldap_get_option(__session.ls_conn,LDAP_OPT_DESC,&sd)==0) + if (ldap_get_option(session->ls_conn,LDAP_OPT_DESC,&sd)==0) { int off=0; /* ignore errors */ @@ -321,19 +329,20 @@ static void do_set_sockopts(void) } /* + * Close the global session, sending an unbind. * Closes connection to the LDAP server. - * This assumes that we have exclusive access to __session.ls_conn, + * This assumes that we have exclusive access to session->ls_conn, * either by some other function having acquired a lock, or by * using a thread safe libldap. */ -static void do_close(void) +static void do_close(MYLDAP_SESSION *session) { log_log(LOG_DEBUG,"==> do_close"); - if (__session.ls_conn!=NULL) + if (session->ls_conn!=NULL) { - ldap_unbind(__session.ls_conn); - __session.ls_conn=NULL; - __session.ls_state=LS_UNINITIALIZED; + ldap_unbind(session->ls_conn); + session->ls_conn=NULL; + session->ls_state=LS_UNINITIALIZED; } log_log(LOG_DEBUG,"<== do_close"); } @@ -348,32 +357,32 @@ static enum nss_status do_init_session(LDAP **ld,const char *uri) } /* set up the session state, ensure that we have an LDAP connection */ -enum nss_status _nss_ldap_init(void) +enum nss_status _nss_ldap_init(MYLDAP_SESSION *session) { enum nss_status stat; time_t current_time; log_log(LOG_DEBUG,"==> _nss_ldap_init"); /* check if the idle time for the connection has expired */ - if ((__session.ls_state==LS_CONNECTED_TO_DSA)&&nslcd_cfg->ldc_idle_timelimit) + if ((session->ls_state==LS_CONNECTED_TO_DSA)&&nslcd_cfg->ldc_idle_timelimit) { time(¤t_time); - if ((__session.ls_timestamp+nslcd_cfg->ldc_idle_timelimit)<current_time) + if ((session->ls_timestamp+nslcd_cfg->ldc_idle_timelimit)<current_time) { log_log(LOG_DEBUG,"idle_timelimit reached"); - do_close(); + do_close(session); } } /* if the connection is still there (ie. do_close() wasn't called) then we can return the cached connection */ - if (__session.ls_state==LS_CONNECTED_TO_DSA) + if (session->ls_state==LS_CONNECTED_TO_DSA) { log_log(LOG_DEBUG,"<== _nss_ldap_init(cached session)"); return NSS_STATUS_SUCCESS; } /* we should build a new session now */ - __session.ls_conn=NULL; - __session.ls_timestamp=0; - __session.ls_state=LS_UNINITIALIZED; + session->ls_conn=NULL; + session->ls_timestamp=0; + session->ls_state=LS_UNINITIALIZED; /* turn on debugging */ if (nslcd_cfg->ldc_debug) { @@ -381,14 +390,14 @@ enum nss_status _nss_ldap_init(void) ldap_set_option(NULL,LDAP_OPT_DEBUG_LEVEL,&nslcd_cfg->ldc_debug); } /* open the connection */ - stat=do_init_session(&(__session.ls_conn),nslcd_cfg->ldc_uris[__session.ls_current_uri]); + stat=do_init_session(&(session->ls_conn),nslcd_cfg->ldc_uris[session->ls_current_uri]); if (stat!=NSS_STATUS_SUCCESS) { log_log(LOG_DEBUG,"<== _nss_ldap_init(failed to initialize LDAP session)"); return stat; } /* flag the session as initialized */ - __session.ls_state=LS_INITIALIZED; + session->ls_state=LS_INITIALIZED; log_log(LOG_DEBUG,"<== _nss_ldap_init(initialized session)"); return NSS_STATUS_SUCCESS; } @@ -476,75 +485,59 @@ static int do_ssl_options(void) * As with do_close(), this assumes ownership of sess. * It also wants to own __config: is there a potential deadlock here? XXX */ -static enum nss_status do_open(void) +static enum nss_status do_open(MYLDAP_SESSION *session) { int usesasl; char *bindarg; enum nss_status stat; struct timeval tv; int rc; - log_log(LOG_DEBUG,"==> do_open"); - /* moved the head part of do_open() into _nss_ldap_init() */ - stat = _nss_ldap_init(); + stat = _nss_ldap_init(session); if (stat!=NSS_STATUS_SUCCESS) { log_log(LOG_DEBUG,"<== do_open(session initialization failed)"); return stat; } - - assert(__session.ls_conn!=NULL); + assert(session->ls_conn!=NULL); assert(nslcd_cfg!=NULL); - assert(__session.ls_state!=LS_UNINITIALIZED); - - if (__session.ls_state==LS_CONNECTED_TO_DSA) + assert(session->ls_state!=LS_UNINITIALIZED); + if (session->ls_state==LS_CONNECTED_TO_DSA) { log_log(LOG_DEBUG,"<== do_open(cached session)"); return NSS_STATUS_SUCCESS; } - /* the rebind function that is called when chasing referrals */ /* http://publib.boulder.ibm.com/infocenter/iseries/v5r3/topic/apis/ldap_set_rebind_proc.htm */ - ldap_set_rebind_proc(__session.ls_conn, do_rebind, NULL); - + ldap_set_rebind_proc(session->ls_conn,do_rebind,NULL); /* set the protocol version to use */ - ldap_set_option(__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, - &nslcd_cfg->ldc_version); - - ldap_set_option(__session.ls_conn, LDAP_OPT_DEREF, &nslcd_cfg->ldc_deref); - - ldap_set_option(__session.ls_conn, LDAP_OPT_TIMELIMIT, - &nslcd_cfg->ldc_timelimit); - + ldap_set_option(session->ls_conn,LDAP_OPT_PROTOCOL_VERSION,&nslcd_cfg->ldc_version); + ldap_set_option(session->ls_conn,LDAP_OPT_DEREF,&nslcd_cfg->ldc_deref); + ldap_set_option(session->ls_conn,LDAP_OPT_TIMELIMIT,&nslcd_cfg->ldc_timelimit); tv.tv_sec=nslcd_cfg->ldc_bind_timelimit; tv.tv_usec=0; - ldap_set_option(__session.ls_conn,LDAP_OPT_NETWORK_TIMEOUT,&tv); - - ldap_set_option(__session.ls_conn,LDAP_OPT_REFERRALS, - nslcd_cfg->ldc_referrals?LDAP_OPT_ON:LDAP_OPT_OFF); - - ldap_set_option(__session.ls_conn,LDAP_OPT_RESTART, - nslcd_cfg->ldc_restart?LDAP_OPT_ON:LDAP_OPT_OFF); + ldap_set_option(session->ls_conn,LDAP_OPT_NETWORK_TIMEOUT,&tv); + ldap_set_option(session->ls_conn,LDAP_OPT_REFERRALS,nslcd_cfg->ldc_referrals?LDAP_OPT_ON:LDAP_OPT_OFF); + ldap_set_option(session->ls_conn,LDAP_OPT_RESTART,nslcd_cfg->ldc_restart?LDAP_OPT_ON:LDAP_OPT_OFF); /* if SSL is desired, then enable it */ if (nslcd_cfg->ldc_ssl_on==SSL_LDAPS) { int tls=LDAP_OPT_X_TLS_HARD; - if (ldap_set_option(__session.ls_conn,LDAP_OPT_X_TLS,&tls)!=LDAP_SUCCESS) + if (ldap_set_option(session->ls_conn,LDAP_OPT_X_TLS,&tls)!=LDAP_SUCCESS) { - do_close(); + do_close(session); log_log(LOG_DEBUG,"<== do_open(TLS setup failed)"); return NSS_STATUS_UNAVAIL; } /* set up SSL context */ if (do_ssl_options()!=LDAP_SUCCESS) { - do_close(); + do_close(session); log_log(LOG_DEBUG,"<== do_open(SSL setup failed)"); return NSS_STATUS_UNAVAIL; } } - /* * If we're running as root, let us bind as a special * user, so we can fake shadow passwords. @@ -555,33 +548,31 @@ static enum nss_status do_open(void) { usesasl=nslcd_cfg->ldc_rootusesasl; bindarg=nslcd_cfg->ldc_rootusesasl?nslcd_cfg->ldc_rootsaslid:nslcd_cfg->ldc_rootbindpw; - rc=do_bind(__session.ls_conn,nslcd_cfg->ldc_bind_timelimit,nslcd_cfg->ldc_rootbinddn,bindarg,usesasl); + rc=do_bind(session->ls_conn,nslcd_cfg->ldc_bind_timelimit,nslcd_cfg->ldc_rootbinddn,bindarg,usesasl); } else { usesasl=nslcd_cfg->ldc_usesasl; bindarg=nslcd_cfg->ldc_usesasl?nslcd_cfg->ldc_saslid:nslcd_cfg->ldc_bindpw; - rc=do_bind(__session.ls_conn,nslcd_cfg->ldc_bind_timelimit,nslcd_cfg->ldc_binddn,nslcd_cfg->ldc_bindpw,usesasl); + rc=do_bind(session->ls_conn,nslcd_cfg->ldc_bind_timelimit,nslcd_cfg->ldc_binddn,nslcd_cfg->ldc_bindpw,usesasl); } - if (rc!=LDAP_SUCCESS) { /* log actual LDAP error code */ log_log(LOG_WARNING,"failed to bind to LDAP server %s: %s", - nslcd_cfg->ldc_uris[__session.ls_current_uri],ldap_err2string(rc)); + nslcd_cfg->ldc_uris[session->ls_current_uri],ldap_err2string(rc)); stat=do_map_error(rc); - do_close(); + do_close(session); log_log(LOG_DEBUG,"<== do_open(failed to bind to DSA"); } else { - do_set_sockopts(); - time(&__session.ls_timestamp); - __session.ls_state=LS_CONNECTED_TO_DSA; + do_set_sockopts(session); + time(&(session->ls_timestamp)); + session->ls_state=LS_CONNECTED_TO_DSA; stat=NSS_STATUS_SUCCESS; log_log(LOG_DEBUG,"<== do_open(session connected to DSA)"); } - return stat; } @@ -614,12 +605,12 @@ static enum nss_status do_result_async(struct ent_context *context,int all) context->ec_res=NULL; } - rc=ldap_result(__session.ls_conn,context->ec_msgid,all,tvp,&(context->ec_res)); + rc=ldap_result(context->session->ls_conn,context->ec_msgid,all,tvp,&(context->ec_res)); switch (rc) { case -1: case 0: - if (ldap_get_option(__session.ls_conn,LDAP_OPT_ERROR_NUMBER,&rc)!=LDAP_SUCCESS) + if (ldap_get_option(context->session->ls_conn,LDAP_OPT_ERROR_NUMBER,&rc)!=LDAP_SUCCESS) rc=LDAP_UNAVAILABLE; log_log(LOG_ERR,"could not get LDAP result - %s",ldap_err2string(rc)); stat=NSS_STATUS_UNAVAIL; @@ -639,19 +630,19 @@ static enum nss_status do_result_async(struct ent_context *context,int all) /* NB: this frees context->ec_res */ LDAPControl **resultControls=NULL; context->ec_cookie=NULL; - parserc=ldap_parse_result(__session.ls_conn,context->ec_res,&rc,NULL, + parserc=ldap_parse_result(context->session->ls_conn,context->ec_res,&rc,NULL, NULL,NULL,&resultControls,1); if ((parserc!=LDAP_SUCCESS)&&(parserc!=LDAP_MORE_RESULTS_TO_RETURN)) { stat = NSS_STATUS_UNAVAIL; - ldap_abandon(__session.ls_conn, context->ec_msgid); + ldap_abandon(context->session->ls_conn, context->ec_msgid); log_log(LOG_ERR,"could not get LDAP result - %s", ldap_err2string(rc)); } else if (resultControls!=NULL) { /* See if there are any more pages to come */ - parserc=ldap_parse_page_control(__session.ls_conn, + parserc=ldap_parse_page_control(context->session->ls_conn, resultControls,NULL, &(context->ec_cookie)); ldap_controls_free(resultControls); @@ -672,7 +663,7 @@ static enum nss_status do_result_async(struct ent_context *context,int all) /* update timestamp on success */ if (stat==NSS_STATUS_SUCCESS) - time(&__session.ls_timestamp); + time(&(context->session->ls_timestamp)); log_log(LOG_DEBUG,"<== do_result_async"); @@ -686,10 +677,10 @@ static enum nss_status do_result_async(struct ent_context *context,int all) * It could be done from the default constructor, under Solaris, but we * delay it until the setXXent() function is called. */ -void _nss_ldap_ent_context_init(struct ent_context *context) +void _nss_ldap_ent_context_init(struct ent_context *context,MYLDAP_SESSION *session) { _nss_ldap_enter(); - _nss_ldap_ent_context_init_locked(context); + _nss_ldap_ent_context_init_locked(context,session); _nss_ldap_leave(); } @@ -699,9 +690,10 @@ void _nss_ldap_ent_context_init(struct ent_context *context) * It could be done from the default constructor, under Solaris, but we * delay it until the setXXent() function is called. */ -void _nss_ldap_ent_context_init_locked(struct ent_context *context) +void _nss_ldap_ent_context_init_locked(struct ent_context *context,MYLDAP_SESSION *session) { /* TODO: find out why we need to have aquired a lock for this */ + context->session=session; context->ec_cookie=NULL; context->ec_res=NULL; context->ec_msgid=-1; @@ -725,7 +717,7 @@ void _nss_ldap_ent_context_cleanup(struct ent_context *context) /* abandon the search if there were more results to fetch */ if ((context->ec_msgid>-1)&&(do_result_async(context,LDAP_MSG_ONE)==NSS_STATUS_SUCCESS)) { - ldap_abandon(__session.ls_conn,context->ec_msgid); + ldap_abandon(context->session->ls_conn,context->ec_msgid); context->ec_msgid=-1; } /* clean up cookie */ @@ -736,7 +728,7 @@ void _nss_ldap_ent_context_cleanup(struct ent_context *context) } LS_INIT(context->ec_state); if (_nss_ldap_test_config_flag(NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT)) - do_close(); + do_close(context->session); } /* @@ -744,15 +736,17 @@ void _nss_ldap_ent_context_cleanup(struct ent_context *context) * always wrap calls to this with do_with_reconnect(), or, * better still, use _nss_ldap_search_locked(). */ -static int do_search_sync(const char *base,int scope,const char *filter, - const char **attrs,int sizelimit,LDAPMessage **res) +static int do_search_sync( + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,int sizelimit, + LDAPMessage **res) { int rc; struct timeval tv, *tvp; log_log(LOG_DEBUG,"==> do_search_sync"); - ldap_set_option(__session.ls_conn,LDAP_OPT_SIZELIMIT,(void *)&sizelimit); + ldap_set_option(session->ls_conn,LDAP_OPT_SIZELIMIT,(void *)&sizelimit); if (nslcd_cfg->ldc_timelimit==LDAP_NO_LIMIT) tvp=NULL; @@ -763,7 +757,7 @@ static int do_search_sync(const char *base,int scope,const char *filter, tvp=&tv; } - rc=ldap_search_st(__session.ls_conn,base,scope,filter,(char **)attrs,0,tvp,res); + rc=ldap_search_st(session->ls_conn,base,scope,filter,(char **)attrs,0,tvp,res); log_log(LOG_DEBUG,"<== do_search_sync"); @@ -775,8 +769,9 @@ static int do_search_sync(const char *base,int scope,const char *filter, * always wrap calls to this with do_with_reconnect(), or, * better still, use _nss_ldap_search(). */ -static int do_search_async(const char *base,int scope,const char *filter, - const char **attrs,int sizelimit,int *msgid) +static int do_search_async( + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,int sizelimit,int *msgid) { int rc; LDAPControl *serverCtrls[2]; @@ -786,7 +781,7 @@ static int do_search_async(const char *base,int scope,const char *filter, if (nslcd_cfg->ldc_pagesize>0) { - rc=ldap_create_page_control(__session.ls_conn,nslcd_cfg->ldc_pagesize, + rc=ldap_create_page_control(session->ls_conn,nslcd_cfg->ldc_pagesize, NULL,0,&serverCtrls[0]); if (rc!=LDAP_SUCCESS) return rc; @@ -796,7 +791,7 @@ static int do_search_async(const char *base,int scope,const char *filter, else pServerCtrls=NULL; - rc=ldap_search_ext(__session.ls_conn,base,scope,filter,(char **) attrs, + rc=ldap_search_ext(session->ls_conn,base,scope,filter,(char **) attrs, 0,pServerCtrls,NULL,LDAP_NO_LIMIT,sizelimit,msgid); if (pServerCtrls!=NULL) @@ -815,8 +810,9 @@ static int do_search_async(const char *base,int scope,const char *filter, * reconnection logic (depending on wheter res or msgid is not NULL). */ static enum nss_status do_with_reconnect( - const char *base,int scope,const char *filter,const char **attrs, - int sizelimit,LDAPMessage **res,int *msgid) + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,int sizelimit, + LDAPMessage **res,int *msgid) { int rc=LDAP_UNAVAILABLE, tries=0, backoff=0; int hard=1, start_uri=0, log=0; @@ -839,35 +835,35 @@ static enum nss_status do_with_reconnect( (void)sleep(backoff); } /* for each "try", attempt to connect to all specified URIs */ - start_uri=__session.ls_current_uri; + start_uri=session->ls_current_uri; do { /* open a connection and do the search */ - stat=do_open(); + stat=do_open(session); if (stat==NSS_STATUS_SUCCESS) { if (res!=NULL) - stat=do_map_error(do_search_sync(base,scope,filter,attrs,sizelimit,res)); + stat=do_map_error(do_search_sync(session,base,scope,filter,attrs,sizelimit,res)); else - stat=do_map_error(do_search_async(base,scope,filter,attrs,sizelimit,msgid)); + stat=do_map_error(do_search_async(session,base,scope,filter,attrs,sizelimit,msgid)); } /* if we got any feedback from the server, don't try other ones */ if (stat!=NSS_STATUS_UNAVAIL) break; log++; /* the currently configured uri should exist */ - assert(nslcd_cfg->ldc_uris[__session.ls_current_uri]!=NULL); + assert(nslcd_cfg->ldc_uris[session->ls_current_uri]!=NULL); /* try the next URI (with wrap-around) */ - __session.ls_current_uri++; - if (nslcd_cfg->ldc_uris[__session.ls_current_uri]==NULL) - __session.ls_current_uri = 0; + session->ls_current_uri++; + if (nslcd_cfg->ldc_uris[session->ls_current_uri]==NULL) + session->ls_current_uri = 0; } - while (__session.ls_current_uri != start_uri); + while (session->ls_current_uri != start_uri); /* if we had reachability problems with the server close the connection */ /* TODO: we should probably close in the loop above */ if (stat==NSS_STATUS_UNAVAIL) { - do_close(); + do_close(session); /* If a soft reconnect policy is specified, then do not * try to reconnect to the LDAP server if it is down. */ @@ -891,7 +887,7 @@ static enum nss_status do_with_reconnect( case NSS_STATUS_SUCCESS: if (log) { - char *uri=nslcd_cfg->ldc_uris[__session.ls_current_uri]; + char *uri=nslcd_cfg->ldc_uris[session->ls_current_uri]; if (uri==NULL) uri = "(null)"; if (tries) @@ -901,7 +897,7 @@ static enum nss_status do_with_reconnect( log_log(LOG_INFO,"reconnected to LDAP server %s", uri); } /* update the last activity on the connection */ - time(&__session.ls_timestamp); + time(&session->ls_timestamp); break; default: break; @@ -971,7 +967,7 @@ static enum nss_status do_parse_async( * find one which is parseable, or exhaust avialable * entries, whichever is first. */ - parseStat=parser(context->ec_res,&(context->ec_state),result,buffer,buflen); + parseStat=parser(context->session,context->ec_res,&(context->ec_state),result,buffer,buflen); /* hold onto the state if we're out of memory XXX */ context->ec_state.ls_retry=(parseStat==NSS_STATUS_TRYAGAIN && buffer!=NULL?1:0); @@ -1021,9 +1017,9 @@ static enum nss_status do_parse_sync( (context->ec_state.ls_info.ls_index==-1) )) { if (e==NULL) - e=ldap_first_entry(__session.ls_conn,context->ec_res); + e=ldap_first_entry(context->session->ls_conn,context->ec_res); else - e=ldap_next_entry(__session.ls_conn,e); + e=ldap_next_entry(context->session->ls_conn,e); } if (e==NULL) @@ -1042,7 +1038,7 @@ static enum nss_status do_parse_sync( * find one which is parseable, or exhaust avialable * entries, whichever is first. */ - parseStat=parser(e,&(context->ec_state),result,buffer,buflen); + parseStat=parser(context->session,e,&(context->ec_state),result,buffer,buflen); /* hold onto the state if we're out of memory XXX */ context->ec_state.ls_retry=(parseStat==NSS_STATUS_TRYAGAIN)&&(buffer!=NULL); @@ -1061,11 +1057,12 @@ static enum nss_status do_parse_sync( * for functions that need to retrieve attributes from a DN, * such as the RFC2307bis group expansion function. */ -enum nss_status _nss_ldap_read_sync(const char *dn,const char **attributes, - LDAPMessage ** res) +enum nss_status _nss_ldap_read_sync( + MYLDAP_SESSION *session,const char *dn,const char **attributes, + LDAPMessage ** res) { /* synchronous search */ - return do_with_reconnect(dn,LDAP_SCOPE_BASE,"(objectclass=*)", + return do_with_reconnect(session,dn,LDAP_SCOPE_BASE,"(objectclass=*)", attributes,1 /* sizelimit */,res,NULL); } @@ -1073,52 +1070,53 @@ enum nss_status _nss_ldap_read_sync(const char *dn,const char **attributes, * Simple wrapper around ldap_get_values(). Requires that * session is already established. */ -char **_nss_ldap_get_values(LDAPMessage *e,const char *attr) +char **_nss_ldap_get_values(MYLDAP_SESSION *session,LDAPMessage *e, + const char *attr) { - if (__session.ls_state!=LS_CONNECTED_TO_DSA) + if (session->ls_state!=LS_CONNECTED_TO_DSA) return NULL; - assert(__session.ls_conn!=NULL); - return ldap_get_values(__session.ls_conn,e,attr); + assert(session->ls_conn!=NULL); + return ldap_get_values(session->ls_conn,e,attr); } /* * Simple wrapper around ldap_get_dn(). Requires that * session is already established. */ -char *_nss_ldap_get_dn(LDAPMessage *e) +char *_nss_ldap_get_dn(MYLDAP_SESSION *session,LDAPMessage *e) { - if (__session.ls_state!=LS_CONNECTED_TO_DSA) + if (session->ls_state!=LS_CONNECTED_TO_DSA) return NULL; - assert(__session.ls_conn!=NULL); - return ldap_get_dn(__session.ls_conn,e); + assert(session->ls_conn!=NULL); + return ldap_get_dn(session->ls_conn,e); } /* * Simple wrapper around ldap_first_entry(). Requires that * session is already established. */ -LDAPMessage *_nss_ldap_first_entry(LDAPMessage *res) +LDAPMessage *_nss_ldap_first_entry(MYLDAP_SESSION *session,LDAPMessage *res) { - if (__session.ls_state!=LS_CONNECTED_TO_DSA) + if (session->ls_state!=LS_CONNECTED_TO_DSA) return NULL; - assert(__session.ls_conn!=NULL); - return ldap_first_entry(__session.ls_conn,res); + assert(session->ls_conn!=NULL); + return ldap_first_entry(session->ls_conn,res); } -char *_nss_ldap_first_attribute(LDAPMessage *entry,BerElement **berptr) +char *_nss_ldap_first_attribute(MYLDAP_SESSION *session,LDAPMessage *entry,BerElement **berptr) { - if (__session.ls_state!=LS_CONNECTED_TO_DSA) + if (session->ls_state!=LS_CONNECTED_TO_DSA) return NULL; - assert(__session.ls_conn!=NULL); - return ldap_first_attribute(__session.ls_conn,entry,berptr); + assert(session->ls_conn!=NULL); + return ldap_first_attribute(session->ls_conn,entry,berptr); } -char *_nss_ldap_next_attribute(LDAPMessage *entry,BerElement *ber) +char *_nss_ldap_next_attribute(MYLDAP_SESSION *session,LDAPMessage *entry,BerElement *ber) { - if (__session.ls_state!=LS_CONNECTED_TO_DSA) + if (session->ls_state!=LS_CONNECTED_TO_DSA) return NULL; - assert(__session.ls_conn!=NULL); - return ldap_next_attribute(__session.ls_conn,entry,ber); + assert(session->ls_conn!=NULL); + return ldap_next_attribute(session->ls_conn,entry,ber); } /* @@ -1126,21 +1124,20 @@ char *_nss_ldap_next_attribute(LDAPMessage *entry,BerElement *ber) * Assumes caller holds lock. */ enum nss_status _nss_ldap_search_sync_locked( - const char *base,int scope,const char *filter,const char **attrs, - int sizelimit,LDAPMessage **res) + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,int sizelimit, + LDAPMessage **res) { enum nss_status stat; log_log(LOG_DEBUG,"_nss_ldap_search_sync_locked(base=\"%s\", filter=\"%s\")",base,filter); /* initilize session */ - if ((stat=_nss_ldap_init())!=NSS_STATUS_SUCCESS) + if ((stat=_nss_ldap_init(session))!=NSS_STATUS_SUCCESS) { log_log(LOG_DEBUG,"_nss_ldap_init() failed"); return stat; } /* synchronous search */ - stat=do_with_reconnect( - base,scope,filter,attrs, - sizelimit,res,NULL); + stat=do_with_reconnect(session,base,scope,filter,attrs,sizelimit,res,NULL); return stat; } @@ -1149,37 +1146,37 @@ enum nss_status _nss_ldap_search_sync_locked( * Assumes caller holds lock. */ static enum nss_status _nss_ldap_search_async_locked( - const char *base,int scope,const char *filter,const char **attrs, - int sizelimit,int *msgid) + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,int sizelimit,int *msgid) { enum nss_status stat; log_log(LOG_DEBUG,"_nss_ldap_search_async_locked(base=\"%s\", filter=\"%s\")",base,filter); *msgid=-1; /* initialize session */ - if ((stat=_nss_ldap_init())!=NSS_STATUS_SUCCESS) + if ((stat=_nss_ldap_init(session))!=NSS_STATUS_SUCCESS) { log_log(LOG_DEBUG,"_nss_ldap_init() failed"); return stat; } /* asynchronous search */ - stat=do_with_reconnect(base,scope,filter,attrs, - sizelimit,NULL,msgid); + stat=do_with_reconnect(session,base,scope,filter,attrs,sizelimit,NULL,msgid); log_log(LOG_DEBUG,"<== _nss_ldap_search"); return stat; } static enum nss_status do_next_page( - const char *base,int scope,const char *filter,const char **attrs, - int sizelimit, int *msgid,struct berval *pCookie) + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,int sizelimit, int *msgid, + struct berval *pCookie) { enum nss_status stat; LDAPControl *serverctrls[2]={ NULL, NULL }; - stat=ldap_create_page_control(__session.ls_conn, + stat=ldap_create_page_control(session->ls_conn, nslcd_cfg->ldc_pagesize, pCookie,0,&serverctrls[0]); if (stat != LDAP_SUCCESS) return NSS_STATUS_UNAVAIL; - stat=ldap_search_ext(__session.ls_conn, + stat=ldap_search_ext(session->ls_conn, base,scope,filter, (char **)attrs,0,serverctrls,NULL,LDAP_NO_LIMIT, sizelimit,msgid); @@ -1233,19 +1230,18 @@ int _nss_ldap_getent(struct ent_context *context, * Caller holds global mutex */ enum nss_status _nss_ldap_getent_locked( - struct ent_context *context, - void *result,char *buffer,size_t buflen,int *errnop, - const char *base,int scope,const char *filter,const char **attrs, - parser_t parser) + struct ent_context *context,void *result,char *buffer,size_t buflen,int *errnop, + const char *base,int scope,const char *filter,const char **attrs, + parser_t parser) { enum nss_status stat=NSS_STATUS_SUCCESS; int msgid; - log_log(LOG_DEBUG,"==> _nss_ldap_getent_locked(base=\"%s\", filter=\"%s\")",base,filter); + log_log(LOG_DEBUG,"_nss_ldap_getent_locked(base=\"%s\", filter=\"%s\")",base,filter); /* if context->ec_msgid < 0, then we haven't searched yet */ if (context->ec_msgid<0) { /* set up a new search */ - stat=_nss_ldap_search_async_locked(base,scope,filter,attrs,LDAP_NO_LIMIT,&msgid); + stat=_nss_ldap_search_async_locked(context->session,base,scope,filter,attrs,LDAP_NO_LIMIT,&msgid); if (stat != NSS_STATUS_SUCCESS) return stat; context->ec_msgid=msgid; @@ -1259,7 +1255,7 @@ enum nss_status _nss_ldap_getent_locked( /* Is there another page of results? */ if ((context->ec_cookie!=NULL)&&(context->ec_cookie->bv_len!=0)) { - stat=do_next_page(base,scope,filter,attrs,LDAP_NO_LIMIT,&msgid,context->ec_cookie); + stat=do_next_page(context->session,base,scope,filter,attrs,LDAP_NO_LIMIT,&msgid,context->ec_cookie); if (stat!=NSS_STATUS_SUCCESS) return stat; context->ec_msgid=msgid; @@ -1274,7 +1270,7 @@ enum nss_status _nss_ldap_getent_locked( * General match function. * Locks mutex. */ -int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen,int *errnop, +int _nss_ldap_getbyname(MYLDAP_SESSION *session,void *result, char *buffer, size_t buflen,int *errnop, const char *base,int scope,const char *filter,const char **attrs, parser_t parser) { @@ -1284,11 +1280,11 @@ int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen,int *errnop, _nss_ldap_enter(); - log_log(LOG_DEBUG,"==> _nss_ldap_getbyname(base=\"%s\", filter=\"%s\"",base,filter); + log_log(LOG_DEBUG,"_nss_ldap_getbyname(base=\"%s\", filter=\"%s\"",base,filter); - _nss_ldap_ent_context_init_locked(&context); + _nss_ldap_ent_context_init_locked(&context,session); - stat=_nss_ldap_search_sync_locked(base,scope,filter,attrs,1,&context.ec_res); + stat=_nss_ldap_search_sync_locked(context.session,base,scope,filter,attrs,1,&context.ec_res); if (stat!=NSS_STATUS_SUCCESS) { _nss_ldap_leave(); @@ -1309,8 +1305,6 @@ int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen,int *errnop, _nss_ldap_ent_context_cleanup(&context); - log_log(LOG_DEBUG,"<== _nss_ldap_getbyname"); - /* moved unlock here to avoid race condition bug #49 */ _nss_ldap_leave(); @@ -1335,9 +1329,9 @@ static int NEW_do_parse_sync(struct ent_context *context,TFILE *fp,NEWparser_t p (context->ec_state.ls_info.ls_index==-1) )) { if (e==NULL) - e=ldap_first_entry(__session.ls_conn,context->ec_res); + e=ldap_first_entry(context->session->ls_conn,context->ec_res); else - e=ldap_next_entry(__session.ls_conn,e); + e=ldap_next_entry(context->session->ls_conn,e); } if (e==NULL) { @@ -1354,7 +1348,7 @@ static int NEW_do_parse_sync(struct ent_context *context,TFILE *fp,NEWparser_t p * find one which is parseable, or exhaust avialable * entries, whichever is first. */ - parseStat=parser(e,&context->ec_state,fp); + parseStat=parser(context->session,e,&context->ec_state,fp); /* hold onto the state if we're out of memory XXX */ context->ec_state.ls_retry=0; } @@ -1363,8 +1357,8 @@ static int NEW_do_parse_sync(struct ent_context *context,TFILE *fp,NEWparser_t p } int _nss_ldap_searchbyname( - const char *base,int scope,const char *filter,const char **attrs, - TFILE *fp,NEWparser_t parser) + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,TFILE *fp,NEWparser_t parser) { int stat; struct ent_context context; @@ -1372,9 +1366,9 @@ int _nss_ldap_searchbyname( _nss_ldap_enter(); - _nss_ldap_ent_context_init_locked(&context); + _nss_ldap_ent_context_init_locked(&context,session); - stat=nss2nslcd(_nss_ldap_search_sync_locked(base,scope,filter,attrs,1,&context.ec_res)); + stat=nss2nslcd(_nss_ldap_search_sync_locked(session,base,scope,filter,attrs,1,&context.ec_res)); /* write the result code */ WRITE_INT32(fp,stat); /* bail on nothing found */ @@ -1403,6 +1397,7 @@ int _nss_ldap_searchbyname( * Assign all values, bar omitvalue (if not NULL), to *valptr. */ enum nss_status _nss_ldap_assign_attrvals( + MYLDAP_SESSION *session, LDAPMessage *e,const char *attr,const char *omitvalue, char ***valptr,char **pbuffer,size_t *pbuflen,size_t *pvalcount) { @@ -1417,10 +1412,10 @@ enum nss_status _nss_ldap_assign_attrvals( if (pvalcount!=NULL) *pvalcount=0; - if (__session.ls_conn==NULL) + if (session->ls_conn==NULL) return NSS_STATUS_UNAVAIL; - vals=ldap_get_values(__session.ls_conn,e,attr); + vals=ldap_get_values(session->ls_conn,e,attr); valcount=(vals==NULL)?0:ldap_count_values(vals); if (bytesleft(buffer,buflen,char *)<(valcount+1)*sizeof(char *)) @@ -1485,7 +1480,7 @@ enum nss_status _nss_ldap_assign_attrvals( return NSS_STATUS_SUCCESS; } -int _nss_ldap_write_attrvals(TFILE *fp,LDAPMessage *e,const char *attr) +int _nss_ldap_write_attrvals(TFILE *fp,MYLDAP_SESSION *session,LDAPMessage *e,const char *attr) { char **vals; int valcount; @@ -1494,10 +1489,10 @@ int _nss_ldap_write_attrvals(TFILE *fp,LDAPMessage *e,const char *attr) /* log */ log_log(LOG_DEBUG,"_nss_ldap_write_attrvals(%s)",attr); /* check if we have a connection */ - if (__session.ls_conn==NULL) + if (session->ls_conn==NULL) return NSLCD_RESULT_UNAVAIL; /* get the values and the number of values */ - vals=ldap_get_values(__session.ls_conn,e,attr); + vals=ldap_get_values(session->ls_conn,e,attr); valcount=(vals==NULL)?0:ldap_count_values(vals); /* write number of entries */ WRITE_INT32(fp,valcount); @@ -1513,14 +1508,14 @@ int _nss_ldap_write_attrvals(TFILE *fp,LDAPMessage *e,const char *attr) /* Assign a single value to *valptr. */ enum nss_status _nss_ldap_assign_attrval( - LDAPMessage *e,const char *attr,char **valptr, + MYLDAP_SESSION *session,LDAPMessage *e,const char *attr,char **valptr, char **buffer,size_t *buflen) { char **vals; int vallen; - if (__session.ls_conn==NULL) + if (session->ls_conn==NULL) return NSS_STATUS_UNAVAIL; - vals=ldap_get_values(__session.ls_conn,e,attr); + vals=ldap_get_values(session->ls_conn,e,attr); if (vals==NULL) return NSS_STATUS_NOTFOUND; vallen=strlen(*vals); @@ -1588,6 +1583,7 @@ static const char *_nss_ldap_locate_userpassword(char **vals) * a syntactically suitable value. */ enum nss_status _nss_ldap_assign_userpassword( + MYLDAP_SESSION *session, LDAPMessage *e,const char *attr,char **valptr, char **buffer,size_t *buflen) { @@ -1595,9 +1591,9 @@ enum nss_status _nss_ldap_assign_userpassword( const char *pwd; int vallen; log_log(LOG_DEBUG,"==> _nss_ldap_assign_userpassword"); - if (__session.ls_conn==NULL) + if (session->ls_conn==NULL) return NSS_STATUS_UNAVAIL; - vals=ldap_get_values(__session.ls_conn,e,attr); + vals=ldap_get_values(session->ls_conn,e,attr); pwd=_nss_ldap_locate_userpassword(vals); vallen=strlen(pwd); if (*buflen<(size_t)(vallen+1)) @@ -1618,12 +1614,12 @@ enum nss_status _nss_ldap_assign_userpassword( return NSS_STATUS_SUCCESS; } -int has_objectclass(LDAPMessage *entry,const char *objectclass) +int has_objectclass(MYLDAP_SESSION *session,LDAPMessage *entry,const char *objectclass) { char **vals; int i; LDAP *ld; - ld=__session.ls_conn; + ld=session->ls_conn; if (ld==NULL) return 0; vals=ldap_get_values(ld,entry,"objectClass"); diff --git a/nslcd/ldap-nss.h b/nslcd/ldap-nss.h index 644be45..22a307f 100644 --- a/nslcd/ldap-nss.h +++ b/nslcd/ldap-nss.h @@ -68,6 +68,9 @@ #define bytesleft(ptr, blen, TYPE) \ ( (blen < alignof(TYPE)) ? 0 : (blen - alignof(TYPE) + 1)) +/* This a a generic session handle. */ +typedef struct ldap_session MYLDAP_SESSION; + /* * the state consists of the desired attribute value or an offset into a list of * values for the desired attribute. This is necessary to support services. @@ -101,16 +104,20 @@ struct ldap_state */ struct ent_context { + MYLDAP_SESSION *session; /* the connection to the LDAP server */ struct ldap_state ec_state; /* eg. for services */ int ec_msgid; /* message ID */ LDAPMessage *ec_res; /* result chain */ struct berval *ec_cookie; /* cookie for paged searches */ }; -typedef enum nss_status (*parser_t) (LDAPMessage *, struct ldap_state *, void *, - char *, size_t); +/* create a new session, this does not yet connect to the LDAP server */ +MUST_USE MYLDAP_SESSION *myldap_create_session(void); + +typedef enum nss_status (*parser_t)(MYLDAP_SESSION *session,LDAPMessage *e, + struct ldap_state *, void *,char *, size_t); -typedef int (*NEWparser_t)(LDAPMessage *e,struct ldap_state *pvt,TFILE *fp); +typedef int (*NEWparser_t)(MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state *pvt,TFILE *fp); /* * Portable locking macro. @@ -137,26 +144,26 @@ typedef int (*NEWparser_t)(LDAPMessage *e,struct ldap_state *pvt,TFILE *fp); * Acquire global nss_ldap lock and blocks SIGPIPE. * Generally this should only be done within ldap-nss.c. */ -void _nss_ldap_enter (void); +void _nss_ldap_enter(void); /* * Release global nss_ldap lock and blocks SIGPIPE. * Generally this should only be done within ldap-nss.c. */ -void _nss_ldap_leave (void); +void _nss_ldap_leave(void); /* * _nss_ldap_ent_context_init_locked() has the same behaviour * as above, except it assumes that the caller has acquired * the lock */ -void _nss_ldap_ent_context_init_locked(struct ent_context *context); +void _nss_ldap_ent_context_init_locked(struct ent_context *context,MYLDAP_SESSION *session); /* * _nss_ldap_ent_context_init() is called for each getXXent() call * This will acquire the global mutex. */ -void _nss_ldap_ent_context_init(struct ent_context *context); +void _nss_ldap_ent_context_init(struct ent_context *context,MYLDAP_SESSION *session); /* * _nss_ldap_ent_context_cleanup() is used to manually free a context @@ -166,97 +173,106 @@ void _nss_ldap_ent_context_cleanup (struct ent_context *); /* * these are helper functions for ldap-grp.c only on Solaris */ -char **_nss_ldap_get_values (LDAPMessage * e, const char *attr); -char *_nss_ldap_get_dn (LDAPMessage * e); -LDAPMessage *_nss_ldap_first_entry (LDAPMessage * res); -char *_nss_ldap_first_attribute (LDAPMessage * entry, BerElement **berptr); -char *_nss_ldap_next_attribute (LDAPMessage * entry, BerElement *ber); +char **_nss_ldap_get_values(MYLDAP_SESSION *session,LDAPMessage *e,const char *attr); +char *_nss_ldap_get_dn (MYLDAP_SESSION *session,LDAPMessage *e); +LDAPMessage *_nss_ldap_first_entry(MYLDAP_SESSION *session,LDAPMessage *res); +char *_nss_ldap_first_attribute(MYLDAP_SESSION *session,LDAPMessage *entry,BerElement **berptr); +char *_nss_ldap_next_attribute(MYLDAP_SESSION *session,LDAPMessage *entry,BerElement *ber); /* * Synchronous search cover (caller acquires lock). */ enum nss_status _nss_ldap_search_sync_locked( - const char *base,int scope,const char *filter, - const char **attrs,int sizelimit,LDAPMessage **res); + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,int sizelimit, + LDAPMessage **res); int _nss_ldap_searchbyname( - const char *base,int scope,const char *filter, - const char **attrs,TFILE *fp,NEWparser_t parser); + MYLDAP_SESSION *session,const char *base,int scope, + const char *filter,const char **attrs,TFILE *fp,NEWparser_t parser); -int _nss_ldap_write_attrvals(TFILE *fp,LDAPMessage *e,const char *attr); +int _nss_ldap_write_attrvals(TFILE *fp,MYLDAP_SESSION *session,LDAPMessage *e,const char *attr); /* * Emulate X.500 read operation. */ -enum nss_status _nss_ldap_read_sync (const char *dn, /* IN */ - const char **attributes, /* IN */ - LDAPMessage ** res /* OUT */ ); +enum nss_status _nss_ldap_read_sync ( + MYLDAP_SESSION *session, + const char *dn, /* IN */ + const char **attributes, /* IN */ + LDAPMessage ** res /* OUT */ ); /* * extended enumeration routine; uses asynchronous API. * Caller must have acquired the global mutex */ enum nss_status _nss_ldap_getent_locked ( - struct ent_context *context, /* IN/OUT */ - void *result, /* IN/OUT */ - char *buffer, /* IN */ - size_t buflen, /* IN */ - int *errnop, /* OUT */ - const char *base, /* IN */ - int scope, /* IN */ - const char *filter, /* IN */ - const char **attrs, /* IN */ - parser_t parser /* IN */ ); + struct ent_context *context, /* IN/OUT */ + void *result, /* IN/OUT */ + char *buffer, /* IN */ + size_t buflen, /* IN */ + int *errnop, /* OUT */ + const char *base, /* IN */ + int scope, /* IN */ + const char *filter, /* IN */ + const char **attrs, /* IN */ + parser_t parser /* IN */ ); /* * common enumeration routine; uses asynchronous API. * Acquires the global mutex */ -int _nss_ldap_getent(struct ent_context *context, /* IN/OUT */ - void *result, /* IN/OUT */ - char *buffer, /* IN */ - size_t buflen, /* IN */ - int *errnop, /* OUT */ - const char *base, /* IN */ - int scope, /* IN */ - const char *filter, /* IN */ - const char **attrs, /* IN */ - parser_t parser /* IN */ ); +int _nss_ldap_getent( + struct ent_context *context, /* IN/OUT */ + void *result, /* IN/OUT */ + char *buffer, /* IN */ + size_t buflen, /* IN */ + int *errnop, /* OUT */ + const char *base, /* IN */ + int scope, /* IN */ + const char *filter, /* IN */ + const char **attrs, /* IN */ + parser_t parser /* IN */ ); /* * common lookup routine; uses synchronous API. */ -int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen,int *errnop, - const char *base,int scope,const char *filter,const char **attrs, - parser_t parser); +int _nss_ldap_getbyname( + MYLDAP_SESSION *session,void *result, char *buffer, size_t buflen,int *errnop, + const char *base,int scope,const char *filter,const char **attrs, + parser_t parser); /* parsing utility functions */ -enum nss_status _nss_ldap_assign_attrvals (LDAPMessage * e, /* IN */ - const char *attr, /* IN */ - const char *omitvalue, /* IN */ - char ***valptr, /* OUT */ - char **pbuffer, /* IN/OUT */ - size_t * pbuflen, /* IN/OUT */ - size_t * pvalcount /* OUT */ ); - - -enum nss_status _nss_ldap_assign_attrval (LDAPMessage * e, /* IN */ - const char *attr, /* IN */ - char **valptr, /* OUT */ - char **buffer, /* IN/OUT */ - size_t * buflen /* IN/OUT */ ); - - -enum nss_status _nss_ldap_assign_userpassword (LDAPMessage * e, /* IN */ - const char *attr, /* IN */ - char **valptr, /* OUT */ - char **buffer, /* IN/OUT */ - size_t * buflen); /* IN/OUT */ +enum nss_status _nss_ldap_assign_attrvals ( + MYLDAP_SESSION *session, + LDAPMessage *e, /* IN */ + const char *attr, /* IN */ + const char *omitvalue, /* IN */ + char ***valptr, /* OUT */ + char **pbuffer, /* IN/OUT */ + size_t * pbuflen, /* IN/OUT */ + size_t * pvalcount /* OUT */ ); + +enum nss_status _nss_ldap_assign_attrval( + MYLDAP_SESSION *session, + LDAPMessage *e, /* IN */ + const char *attr, /* IN */ + char **valptr, /* OUT */ + char **buffer, /* IN/OUT */ + size_t * buflen /* IN/OUT */ ); + +enum nss_status _nss_ldap_assign_userpassword( + MYLDAP_SESSION *session, + LDAPMessage *e, /* IN */ + const char *attr, /* IN */ + char **valptr, /* OUT */ + char **buffer, /* IN/OUT */ + size_t * buflen); /* IN/OUT */ /* check that the entry has the specified objectclass return 0 for false, not-0 for true */ -int has_objectclass(LDAPMessage *entry,const char *objectclass); +int has_objectclass(MYLDAP_SESSION *session,LDAPMessage *entry,const char *objectclass); -enum nss_status _nss_ldap_init (void); +enum nss_status _nss_ldap_init(MYLDAP_SESSION *session); #endif /* _LDAP_NSS_LDAP_LDAP_NSS_H */ diff --git a/nslcd/netgroup.c b/nslcd/netgroup.c index 7f7c496..dc908d6 100644 --- a/nslcd/netgroup.c +++ b/nslcd/netgroup.c @@ -268,10 +268,9 @@ _nss_ldap_parse_netgr (void *vresultp, char *buffer, size_t buflen) return NSS_STATUS_SUCCESS; } -static enum nss_status -_nss_ldap_load_netgr (LDAPMessage * e, - struct ldap_state * pvt, - void *vresultp, char *buffer, size_t buflen) +static enum nss_status _nss_ldap_load_netgr( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *vresultp,char UNUSED(*buffer),size_t UNUSED(buflen)) { int attr; int nvals; @@ -286,10 +285,10 @@ _nss_ldap_load_netgr (LDAPMessage * e, switch (attr) { case 1: - vals = _nss_ldap_get_values (e, attmap_netgroup_nisNetgroupTriple); + vals=_nss_ldap_get_values(session,e,attmap_netgroup_nisNetgroupTriple); break; default: - vals = _nss_ldap_get_values (e, attmap_netgroup_memberNisNetgroup); + vals=_nss_ldap_get_values(session,e,attmap_netgroup_memberNisNetgroup); break; } @@ -336,7 +335,7 @@ out: return stat; } -int nslcd_netgroup_byname(TFILE *fp) +int nslcd_netgroup_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -359,7 +358,7 @@ int nslcd_netgroup_byname(TFILE *fp) /* do initial ldap request */ mkfilter_netgroup_byname(name,filter,sizeof(filter)); netgroup_init(); - if (_nss_ldap_getbyname(&result,buffer,1024,&errnop, + if (_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, netgroup_base,netgroup_scope,filter,netgroup_attrs,_nss_ldap_load_netgr)) return -1; /* loop over all results */ diff --git a/nslcd/network.c b/nslcd/network.c index c30c3d2..d098973 100644 --- a/nslcd/network.c +++ b/nslcd/network.c @@ -140,42 +140,36 @@ static int write_netent(TFILE *fp,struct netent *result) WRITE_INT32(fp,result->n_net); return 0; } -static enum nss_status -_nss_ldap_parse_net (LDAPMessage * e, - struct ldap_state * pvt, - void *result, char *buffer, size_t buflen) +static enum nss_status _nss_ldap_parse_net( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char *buffer,size_t buflen) { char *tmp; - struct netent *network = (struct netent *) result; + struct netent *network=(struct netent *)result; enum nss_status stat; /* IPv6 support ? XXX */ network->n_addrtype = AF_INET; - stat = _nss_ldap_assign_attrval (e, attmap_network_cn, &network->n_name, - &buffer, &buflen); - if (stat != NSS_STATUS_SUCCESS) + stat=_nss_ldap_assign_attrval(session,e,attmap_network_cn,&network->n_name,&buffer,&buflen); + if (stat!=NSS_STATUS_SUCCESS) return stat; - stat = - _nss_ldap_assign_attrval (e, attmap_network_ipNetworkNumber, &tmp, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_network_ipNetworkNumber,&tmp,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; network->n_net = inet_network (tmp); - stat = - _nss_ldap_assign_attrvals (e, attmap_network_cn, network->n_name, - &network->n_aliases, &buffer, &buflen, NULL); + stat=_nss_ldap_assign_attrvals(session,e,attmap_network_cn,network->n_name,&network->n_aliases,&buffer,&buflen,NULL); if (stat != NSS_STATUS_SUCCESS) return stat; return NSS_STATUS_SUCCESS; } -int nslcd_network_byname(TFILE *fp) +int nslcd_network_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -194,7 +188,7 @@ int nslcd_network_byname(TFILE *fp) /* do the LDAP request */ mkfilter_network_byname(name,filter,sizeof(filter)); network_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, network_base,network_scope,filter,network_attrs, _nss_ldap_parse_net); /* write the response */ @@ -206,7 +200,7 @@ int nslcd_network_byname(TFILE *fp) return 0; } -int nslcd_network_byaddr(TFILE *fp) +int nslcd_network_byaddr(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; int af; @@ -251,7 +245,7 @@ int nslcd_network_byaddr(TFILE *fp) /* do the request */ mkfilter_network_byaddr(name,filter,sizeof(filter)); network_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, network_base,network_scope,filter,network_attrs, _nss_ldap_parse_net); /* if no entry was found, retry with .0 stripped from the end */ @@ -273,7 +267,7 @@ int nslcd_network_byaddr(TFILE *fp) return 0; } -int nslcd_network_all(TFILE *fp) +int nslcd_network_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ent_context context; @@ -288,7 +282,7 @@ int nslcd_network_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_NETWORK_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ network_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c index a4c5dca..b0510a8 100644 --- a/nslcd/nslcd.c +++ b/nslcd/nslcd.c @@ -118,7 +118,7 @@ static void parse_cmdline(int argc,char *argv[]) switch (optc) { case 'd': /* -d, --debug don't fork and print debugging to stderr */ - nslcd_debugging=1; + nslcd_debugging++; log_setdefaultloglevel(LOG_DEBUG); break; case 'h': /* --help display this help and exit */ @@ -334,7 +334,7 @@ static int read_header(TFILE *fp,int32_t *action) /* read a request message, returns <0 in case of errors, this function closes the socket */ -static void handleconnection(int sock) +static void handleconnection(int sock,MYLDAP_SESSION *session) { TFILE *fp; socklen_t alen; @@ -384,36 +384,36 @@ static void handleconnection(int sock) /* handle request */ switch (action) { - case NSLCD_ACTION_ALIAS_BYNAME: (void)nslcd_alias_byname(fp); break; - case NSLCD_ACTION_ALIAS_ALL: (void)nslcd_alias_all(fp); break; - case NSLCD_ACTION_ETHER_BYNAME: (void)nslcd_ether_byname(fp); break; - case NSLCD_ACTION_ETHER_BYETHER: (void)nslcd_ether_byether(fp); break; - case NSLCD_ACTION_ETHER_ALL: (void)nslcd_ether_all(fp); break; - case NSLCD_ACTION_GROUP_BYNAME: (void)nslcd_group_byname(fp); break; - case NSLCD_ACTION_GROUP_BYGID: (void)nslcd_group_bygid(fp); break; - case NSLCD_ACTION_GROUP_BYMEMBER: (void)nslcd_group_bymember(fp); break; - case NSLCD_ACTION_GROUP_ALL: (void)nslcd_group_all(fp); break; - case NSLCD_ACTION_HOST_BYNAME: (void)nslcd_host_byname(fp); break; - case NSLCD_ACTION_HOST_BYADDR: (void)nslcd_host_byaddr(fp); break; - case NSLCD_ACTION_HOST_ALL: (void)nslcd_host_all(fp); break; - case NSLCD_ACTION_NETGROUP_BYNAME: (void)nslcd_netgroup_byname(fp); break; - case NSLCD_ACTION_NETWORK_BYNAME: (void)nslcd_network_byname(fp); break; - case NSLCD_ACTION_NETWORK_BYADDR: (void)nslcd_network_byaddr(fp); break; - case NSLCD_ACTION_NETWORK_ALL: (void)nslcd_network_all(fp); break; - case NSLCD_ACTION_PASSWD_BYNAME: (void)nslcd_passwd_byname(fp); break; - case NSLCD_ACTION_PASSWD_BYUID: (void)nslcd_passwd_byuid(fp); break; - case NSLCD_ACTION_PASSWD_ALL: (void)nslcd_passwd_all(fp); break; - case NSLCD_ACTION_PROTOCOL_BYNAME: (void)nslcd_protocol_byname(fp); break; - case NSLCD_ACTION_PROTOCOL_BYNUMBER:(void)nslcd_protocol_bynumber(fp); break; - case NSLCD_ACTION_PROTOCOL_ALL: (void)nslcd_protocol_all(fp); break; - case NSLCD_ACTION_RPC_BYNAME: (void)nslcd_rpc_byname(fp); break; - case NSLCD_ACTION_RPC_BYNUMBER: (void)nslcd_rpc_bynumber(fp); break; - case NSLCD_ACTION_RPC_ALL: (void)nslcd_rpc_all(fp); break; - case NSLCD_ACTION_SERVICE_BYNAME: (void)nslcd_service_byname(fp); break; - case NSLCD_ACTION_SERVICE_BYNUMBER: (void)nslcd_service_bynumber(fp); break; - case NSLCD_ACTION_SERVICE_ALL: (void)nslcd_service_all(fp); break; - case NSLCD_ACTION_SHADOW_BYNAME: (void)nslcd_shadow_byname(fp); break; - case NSLCD_ACTION_SHADOW_ALL: (void)nslcd_shadow_all(fp); break; + case NSLCD_ACTION_ALIAS_BYNAME: (void)nslcd_alias_byname(fp,session); break; + case NSLCD_ACTION_ALIAS_ALL: (void)nslcd_alias_all(fp,session); break; + case NSLCD_ACTION_ETHER_BYNAME: (void)nslcd_ether_byname(fp,session); break; + case NSLCD_ACTION_ETHER_BYETHER: (void)nslcd_ether_byether(fp,session); break; + case NSLCD_ACTION_ETHER_ALL: (void)nslcd_ether_all(fp,session); break; + case NSLCD_ACTION_GROUP_BYNAME: (void)nslcd_group_byname(fp,session); break; + case NSLCD_ACTION_GROUP_BYGID: (void)nslcd_group_bygid(fp,session); break; + case NSLCD_ACTION_GROUP_BYMEMBER: (void)nslcd_group_bymember(fp,session); break; + case NSLCD_ACTION_GROUP_ALL: (void)nslcd_group_all(fp,session); break; + case NSLCD_ACTION_HOST_BYNAME: (void)nslcd_host_byname(fp,session); break; + case NSLCD_ACTION_HOST_BYADDR: (void)nslcd_host_byaddr(fp,session); break; + case NSLCD_ACTION_HOST_ALL: (void)nslcd_host_all(fp,session); break; + case NSLCD_ACTION_NETGROUP_BYNAME: (void)nslcd_netgroup_byname(fp,session); break; + case NSLCD_ACTION_NETWORK_BYNAME: (void)nslcd_network_byname(fp,session); break; + case NSLCD_ACTION_NETWORK_BYADDR: (void)nslcd_network_byaddr(fp,session); break; + case NSLCD_ACTION_NETWORK_ALL: (void)nslcd_network_all(fp,session); break; + case NSLCD_ACTION_PASSWD_BYNAME: (void)nslcd_passwd_byname(fp,session); break; + case NSLCD_ACTION_PASSWD_BYUID: (void)nslcd_passwd_byuid(fp,session); break; + case NSLCD_ACTION_PASSWD_ALL: (void)nslcd_passwd_all(fp,session); break; + case NSLCD_ACTION_PROTOCOL_BYNAME: (void)nslcd_protocol_byname(fp,session); break; + case NSLCD_ACTION_PROTOCOL_BYNUMBER:(void)nslcd_protocol_bynumber(fp,session); break; + case NSLCD_ACTION_PROTOCOL_ALL: (void)nslcd_protocol_all(fp,session); break; + case NSLCD_ACTION_RPC_BYNAME: (void)nslcd_rpc_byname(fp,session); break; + case NSLCD_ACTION_RPC_BYNUMBER: (void)nslcd_rpc_bynumber(fp,session); break; + case NSLCD_ACTION_RPC_ALL: (void)nslcd_rpc_all(fp,session); break; + case NSLCD_ACTION_SERVICE_BYNAME: (void)nslcd_service_byname(fp,session); break; + case NSLCD_ACTION_SERVICE_BYNUMBER: (void)nslcd_service_bynumber(fp,session); break; + case NSLCD_ACTION_SERVICE_ALL: (void)nslcd_service_all(fp,session); break; + case NSLCD_ACTION_SHADOW_BYNAME: (void)nslcd_shadow_byname(fp,session); break; + case NSLCD_ACTION_SHADOW_ALL: (void)nslcd_shadow_all(fp,session); break; default: log_log(LOG_WARNING,"invalid request id: %d",(int)action); break; @@ -425,7 +425,7 @@ static void handleconnection(int sock) } /* accept a connection on the socket */ -static void acceptconnection(void) +static void acceptconnection(MYLDAP_SESSION *session) { int csock; int j; @@ -463,7 +463,7 @@ static void acceptconnection(void) } /* handle the connection */ - handleconnection(csock); + handleconnection(csock,session); } @@ -509,16 +509,18 @@ static void install_sighandler(int signum,RETSIGTYPE (*handler) (int)) static void *worker(void UNUSED(*arg)) { + MYLDAP_SESSION *session; + /* create a new LDAP session */ + session=myldap_create_session(); /* start waiting for incoming connections */ while (nslcd_exitsignal==0) { /* wait for a new connection */ - acceptconnection(); + acceptconnection(session); } return NULL; } - /* the main program... */ int main(int argc,char *argv[]) { @@ -543,7 +545,7 @@ int main(int argc,char *argv[]) /* read configuration file */ cfg_init(); - nslcd_cfg->ldc_debug=nslcd_debugging; + nslcd_cfg->ldc_debug=nslcd_debugging?nslcd_debugging-1:0; /* daemonize */ if ((!nslcd_debugging)&&(daemon(0,0)<0)) @@ -556,7 +558,7 @@ int main(int argc,char *argv[]) (void)umask((mode_t)0022); /* intilialize logging */ - if (!nslcd_cfg->ldc_debug) + if (!nslcd_debugging) log_startlogging(); log_log(LOG_INFO,"version %s starting",VERSION); diff --git a/nslcd/passwd.c b/nslcd/passwd.c index 43fb816..15634f6 100644 --- a/nslcd/passwd.c +++ b/nslcd/passwd.c @@ -149,16 +149,16 @@ static inline enum nss_status _nss_ldap_assign_emptystring( return NSS_STATUS_SUCCESS; } -static enum nss_status _nss_ldap_parse_pw (LDAPMessage * e, - struct ldap_state * pvt, - void *result, char *buffer, size_t buflen) +static enum nss_status _nss_ldap_parse_pw( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char *buffer,size_t buflen) { /* FIXME: fix following problem: if the entry has multiple uid fields we may end up sending the wrong uid, we should return the requested uid instead, otherwise write an entry for each uid (maybe also for uidNumber) */ - struct passwd *pw = (struct passwd *) result; + struct passwd *pw=(struct passwd *)result; char *uid, *gid; enum nss_status stat; char tmpbuf[ sizeof( uid_t ) * 8 / 3 + 2 ]; @@ -167,7 +167,7 @@ static enum nss_status _nss_ldap_parse_pw (LDAPMessage * e, tmpbuf[ sizeof(tmpbuf) - 1 ] = '\0'; - if (has_objectclass(e,"shadowAccount")) + if (has_objectclass(session,e,"shadowAccount")) { /* don't include password for shadowAccount */ if (buflen < 3) @@ -180,58 +180,43 @@ static enum nss_status _nss_ldap_parse_pw (LDAPMessage * e, } else { - stat = - _nss_ldap_assign_userpassword (e, attmap_passwd_userPassword, - &pw->pw_passwd, &buffer, &buflen); + stat=_nss_ldap_assign_userpassword(session,e,attmap_passwd_userPassword,&pw->pw_passwd,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; } - stat = - _nss_ldap_assign_attrval (e, attmap_passwd_uid, &pw->pw_name, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_passwd_uid,&pw->pw_name,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; tmp = tmpbuf; tmplen = sizeof (tmpbuf) - 1; - stat = - _nss_ldap_assign_attrval (e, attmap_passwd_uidNumber, &uid, &tmp, &tmplen); + stat=_nss_ldap_assign_attrval(session,e,attmap_passwd_uidNumber,&uid,&tmp,&tmplen); if (stat != NSS_STATUS_SUCCESS) return stat; pw->pw_uid = (*uid == '\0') ? UID_NOBODY : (uid_t) atol (uid); tmp = tmpbuf; tmplen = sizeof (tmpbuf) - 1; - stat = - _nss_ldap_assign_attrval (e, attmap_passwd_gidNumber, &gid, &tmp, - &tmplen); + stat=_nss_ldap_assign_attrval(session,e,attmap_passwd_gidNumber,&gid,&tmp,&tmplen); if (stat != NSS_STATUS_SUCCESS) return stat; pw->pw_gid = (*gid == '\0') ? GID_NOBODY : (gid_t) atol (gid); - stat = - _nss_ldap_assign_attrval (e, attmap_passwd_gecos, &pw->pw_gecos, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_passwd_gecos,&pw->pw_gecos,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) { pw->pw_gecos = NULL; - stat = - _nss_ldap_assign_attrval (e, attmap_passwd_cn, &pw->pw_gecos, - &buffer, &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_passwd_cn,&pw->pw_gecos,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; } - stat = - _nss_ldap_assign_attrval (e, attmap_passwd_homeDirectory, &pw->pw_dir, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_passwd_homeDirectory,&pw->pw_dir,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) (void) _nss_ldap_assign_emptystring (&pw->pw_dir, &buffer, &buflen); - stat = - _nss_ldap_assign_attrval (e, attmap_passwd_loginShell, &pw->pw_shell, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_passwd_loginShell,&pw->pw_shell,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) (void) _nss_ldap_assign_emptystring (&pw->pw_shell, &buffer, &buflen); @@ -250,7 +235,7 @@ static enum nss_status _nss_ldap_parse_pw (LDAPMessage * e, #define PASSWD_SHELL result.pw_shell /* the caller should take care of opening and closing the stream */ -int nslcd_passwd_byname(TFILE *fp) +int nslcd_passwd_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -267,7 +252,7 @@ int nslcd_passwd_byname(TFILE *fp) /* do the LDAP request */ mkfilter_passwd_byname(name,filter,sizeof(filter)); passwd_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, passwd_base,passwd_scope,filter,passwd_attrs, _nss_ldap_parse_pw); /* write the response */ @@ -283,7 +268,7 @@ int nslcd_passwd_byname(TFILE *fp) return 0; } -int nslcd_passwd_byuid(TFILE *fp) +int nslcd_passwd_byuid(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; uid_t uid; @@ -300,7 +285,7 @@ int nslcd_passwd_byuid(TFILE *fp) /* do the LDAP request */ mkfilter_passwd_byuid(uid,filter,sizeof(filter)); passwd_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, passwd_base,passwd_scope,filter,passwd_attrs, _nss_ldap_parse_pw); /* write the response */ @@ -316,7 +301,7 @@ int nslcd_passwd_byuid(TFILE *fp) return 0; } -int nslcd_passwd_all(TFILE *fp) +int nslcd_passwd_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ent_context context; @@ -331,7 +316,7 @@ int nslcd_passwd_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_PASSWD_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* go over results */ passwd_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/protocol.c b/nslcd/protocol.c index 75be238..6dbc880 100644 --- a/nslcd/protocol.c +++ b/nslcd/protocol.c @@ -116,32 +116,26 @@ static void protocol_init(void) protocol_attrs[2]=NULL; } -static enum nss_status _nss_ldap_parse_proto (LDAPMessage *e, - struct ldap_state UNUSED(*pvt), - void *result, char *buffer, size_t buflen) +static enum nss_status _nss_ldap_parse_proto( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char *buffer,size_t buflen) { struct protoent *proto = (struct protoent *) result; char *number; enum nss_status stat; - stat = - _nss_ldap_getrdnvalue (e, attmap_protocol_cn, &proto->p_name, - &buffer, &buflen); + stat=_nss_ldap_getrdnvalue(session,e,attmap_protocol_cn,&proto->p_name,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; - stat = - _nss_ldap_assign_attrval (e, attmap_protocol_ipProtocolNumber, &number, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_protocol_ipProtocolNumber,&number,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; proto->p_proto = atoi (number); - stat = - _nss_ldap_assign_attrvals (e, attmap_protocol_cn, proto->p_name, - &proto->p_aliases, &buffer, &buflen, NULL); + stat=_nss_ldap_assign_attrvals (session,e,attmap_protocol_cn,proto->p_name,&proto->p_aliases,&buffer,&buflen,NULL); if (stat != NSS_STATUS_SUCCESS) return stat; @@ -156,7 +150,7 @@ static enum nss_status _nss_ldap_parse_proto (LDAPMessage *e, #define PROTOCOL_ALIASES result.p_aliases #define PROTOCOL_NUMBER result.p_proto -int nslcd_protocol_byname(TFILE *fp) +int nslcd_protocol_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32,tmp2int32,tmp3int32; char name[256]; @@ -176,7 +170,7 @@ int nslcd_protocol_byname(TFILE *fp) /* do the LDAP request */ mkfilter_protocol_byname(name,filter,sizeof(filter)); protocol_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, protocol_base,protocol_scope,filter,protocol_attrs, _nss_ldap_parse_proto); /* write the response */ @@ -190,7 +184,7 @@ int nslcd_protocol_byname(TFILE *fp) return 0; } -int nslcd_protocol_bynumber(TFILE *fp) +int nslcd_protocol_bynumber(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32,tmp2int32,tmp3int32; int protocol; @@ -210,7 +204,7 @@ int nslcd_protocol_bynumber(TFILE *fp) /* do the LDAP request */ mkfilter_protocol_bynumber(protocol,filter,sizeof(filter)); protocol_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, protocol_base,protocol_scope,filter,protocol_attrs, _nss_ldap_parse_proto); /* write the response */ @@ -224,7 +218,7 @@ int nslcd_protocol_bynumber(TFILE *fp) return 0; } -int nslcd_protocol_all(TFILE *fp) +int nslcd_protocol_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32,tmp2int32,tmp3int32; struct ent_context context; @@ -239,7 +233,7 @@ int nslcd_protocol_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_PROTOCOL_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ protocol_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/rpc.c b/nslcd/rpc.c index e502d56..a8e7263 100644 --- a/nslcd/rpc.c +++ b/nslcd/rpc.c @@ -138,39 +138,33 @@ static int write_rpcent(TFILE *fp,struct rpcent *result) return 0; } -static enum nss_status _nss_ldap_parse_rpc (LDAPMessage * e, - struct ldap_state UNUSED(*pvt), - void *result, char *buffer, size_t buflen) +static enum nss_status _nss_ldap_parse_rpc( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char *buffer,size_t buflen) { struct rpcent *rpc = (struct rpcent *) result; char *number; enum nss_status stat; - stat = - _nss_ldap_getrdnvalue (e, attmap_rpc_cn, &rpc->r_name, &buffer, - &buflen); + stat=_nss_ldap_getrdnvalue(session,e,attmap_rpc_cn,&rpc->r_name,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; - stat = - _nss_ldap_assign_attrval (e, attmap_rpc_oncRpcNumber, &number, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_rpc_oncRpcNumber,&number,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; rpc->r_number = atol (number); - stat = - _nss_ldap_assign_attrvals (e, attmap_rpc_cn, rpc->r_name, - &rpc->r_aliases, &buffer, &buflen, NULL); + stat=_nss_ldap_assign_attrvals(session,e,attmap_rpc_cn,rpc->r_name,&rpc->r_aliases,&buffer,&buflen,NULL); if (stat != NSS_STATUS_SUCCESS) return stat; return NSS_STATUS_SUCCESS; } -int nslcd_rpc_byname(TFILE *fp) +int nslcd_rpc_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -190,7 +184,7 @@ int nslcd_rpc_byname(TFILE *fp) /* do the LDAP request */ mkfilter_rpc_byname(name,filter,sizeof(filter)); rpc_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, rpc_base,rpc_scope,filter,rpc_attrs, _nss_ldap_parse_rpc); /* write the response */ @@ -202,7 +196,7 @@ int nslcd_rpc_byname(TFILE *fp) return 0; } -int nslcd_rpc_bynumber(TFILE *fp) +int nslcd_rpc_bynumber(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; int number; @@ -222,7 +216,7 @@ int nslcd_rpc_bynumber(TFILE *fp) /* do the LDAP request */ mkfilter_rpc_bynumber(number,filter,sizeof(filter)); rpc_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, rpc_base,rpc_scope,filter,rpc_attrs, _nss_ldap_parse_rpc); /* write the response */ @@ -234,7 +228,7 @@ int nslcd_rpc_bynumber(TFILE *fp) return 0; } -int nslcd_rpc_all(TFILE *fp) +int nslcd_rpc_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ent_context context; @@ -249,7 +243,7 @@ int nslcd_rpc_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_RPC_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ rpc_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/service.c b/nslcd/service.c index 5e3e79f..fccb262 100644 --- a/nslcd/service.c +++ b/nslcd/service.c @@ -165,9 +165,9 @@ static int write_servent(TFILE *fp,struct servent *result) return 0; } -static enum nss_status _nss_ldap_parse_serv (LDAPMessage *e, - struct ldap_state *state, - void *result,char *buffer,size_t buflen) +static enum nss_status _nss_ldap_parse_serv( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state *state, + void *result,char *buffer,size_t buflen) { struct servent *service = (struct servent *)result; char *port; @@ -178,14 +178,12 @@ static enum nss_status _nss_ldap_parse_serv (LDAPMessage *e, * ipServiceProtocol fields. */ - if (state->ls_type == LS_TYPE_KEY) + if (state->ls_type==LS_TYPE_KEY) { if (state->ls_info.ls_key == NULL) { /* non-deterministic behaviour is ok */ - stat = - _nss_ldap_assign_attrval (e, attmap_service_ipServiceProtocol, - &service->s_proto, &buffer, &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_service_ipServiceProtocol,&service->s_proto,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) { return stat; @@ -208,7 +206,7 @@ static enum nss_status _nss_ldap_parse_serv (LDAPMessage *e, } else { - char **vals = _nss_ldap_get_values (e, attmap_service_ipServiceProtocol); + char **vals=_nss_ldap_get_values(session,e,attmap_service_ipServiceProtocol); int len; if (vals == NULL) { @@ -251,25 +249,19 @@ static enum nss_status _nss_ldap_parse_serv (LDAPMessage *e, return stat; } - stat = - _nss_ldap_getrdnvalue (e, attmap_service_cn, &service->s_name, - &buffer, &buflen); + stat=_nss_ldap_getrdnvalue(session,e,attmap_service_cn,&service->s_name,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) { return stat; } - stat = - _nss_ldap_assign_attrvals (e, attmap_service_cn, service->s_name, - &service->s_aliases, &buffer, &buflen, NULL); + stat=_nss_ldap_assign_attrvals(session,e,attmap_service_cn,service->s_name,&service->s_aliases,&buffer,&buflen,NULL); if (stat != NSS_STATUS_SUCCESS) { return stat; } - stat = - _nss_ldap_assign_attrval (e, attmap_service_ipServicePort, &port, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_service_ipServicePort,&port,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) { return stat; @@ -280,7 +272,7 @@ static enum nss_status _nss_ldap_parse_serv (LDAPMessage *e, return NSS_STATUS_SUCCESS; } -int nslcd_service_byname(TFILE *fp) +int nslcd_service_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256],protocol[256]; @@ -301,9 +293,9 @@ int nslcd_service_byname(TFILE *fp) /* do the LDAP request */ mkfilter_service_byname(name,protocol,filter,sizeof(filter)); service_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, - service_base,service_scope,filter,service_attrs, - _nss_ldap_parse_serv); + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, + service_base,service_scope,filter,service_attrs, + _nss_ldap_parse_serv); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -313,7 +305,7 @@ int nslcd_service_byname(TFILE *fp) return 0; } -int nslcd_service_bynumber(TFILE *fp) +int nslcd_service_bynumber(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; int number; @@ -335,7 +327,7 @@ int nslcd_service_bynumber(TFILE *fp) /* do the LDAP request */ mkfilter_service_bynumber(number,protocol,filter,sizeof(filter)); service_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, service_base,service_scope,filter,service_attrs, _nss_ldap_parse_serv); /* write the response */ @@ -347,7 +339,7 @@ int nslcd_service_bynumber(TFILE *fp) return 0; } -int nslcd_service_all(TFILE *fp) +int nslcd_service_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ent_context context; @@ -362,7 +354,7 @@ int nslcd_service_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_SERVICE_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ service_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/shadow.c b/nslcd/shadow.c index 1e79a04..9d4f02a 100644 --- a/nslcd/shadow.c +++ b/nslcd/shadow.c @@ -150,56 +150,41 @@ _nss_ldap_shadow_handle_flag (struct spwd *sp) } } -static enum nss_status _nss_ldap_parse_sp(LDAPMessage *e, - struct ldap_state UNUSED(*pvt), - void *result,char *buffer,size_t buflen) +static enum nss_status _nss_ldap_parse_sp( + MYLDAP_SESSION *session,LDAPMessage *e,struct ldap_state UNUSED(*state), + void *result,char *buffer,size_t buflen) { struct spwd *sp = (struct spwd *) result; enum nss_status stat; char *tmp = NULL; - stat = - _nss_ldap_assign_userpassword (e, attmap_shadow_userPassword, - &sp->sp_pwdp, &buffer, &buflen); + stat=_nss_ldap_assign_userpassword(session,e,attmap_shadow_userPassword,&sp->sp_pwdp,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_uid, &sp->sp_namp, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_uid,&sp->sp_namp,&buffer,&buflen); if (stat != NSS_STATUS_SUCCESS) return stat; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_shadowLastChange, &tmp, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_shadowLastChange,&tmp,&buffer,&buflen); sp->sp_lstchg = (stat == NSS_STATUS_SUCCESS) ? _nss_ldap_shadow_date (tmp) : -1; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_shadowMax, &tmp, &buffer, &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_shadowMax,&tmp,&buffer,&buflen); sp->sp_max = (stat == NSS_STATUS_SUCCESS) ? atol (tmp) : -1; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_shadowMin, &tmp, &buffer, &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_shadowMin,&tmp,&buffer,&buflen); sp->sp_min = (stat == NSS_STATUS_SUCCESS) ? atol (tmp) : -1; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_shadowWarning, &tmp, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_shadowWarning,&tmp,&buffer,&buflen); sp->sp_warn = (stat == NSS_STATUS_SUCCESS) ? atol (tmp) : -1; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_shadowInactive, &tmp, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_shadowInactive,&tmp,&buffer,&buflen); sp->sp_inact = (stat == NSS_STATUS_SUCCESS) ? atol (tmp) : -1; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_shadowExpire, &tmp, &buffer, - &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_shadowExpire,&tmp,&buffer,&buflen); sp->sp_expire = (stat == NSS_STATUS_SUCCESS) ? _nss_ldap_shadow_date (tmp) : -1; - stat = - _nss_ldap_assign_attrval (e, attmap_shadow_shadowFlag, &tmp, &buffer, &buflen); + stat=_nss_ldap_assign_attrval(session,e,attmap_shadow_shadowFlag,&tmp,&buffer,&buflen); sp->sp_flag = (stat == NSS_STATUS_SUCCESS) ? atol (tmp) : 0; _nss_ldap_shadow_handle_flag(sp); @@ -220,7 +205,7 @@ static enum nss_status _nss_ldap_parse_sp(LDAPMessage *e, #define SHADOW_EXPIRE result.sp_expire #define SHADOW_FLAG result.sp_flag -int nslcd_shadow_byname(TFILE *fp) +int nslcd_shadow_byname(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; char name[256]; @@ -239,7 +224,7 @@ int nslcd_shadow_byname(TFILE *fp) /* do the LDAP request */ mkfilter_shadow_byname(name,filter,sizeof(filter)); shadow_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + retv=_nss_ldap_getbyname(session,&result,buffer,1024,&errnop, shadow_base,shadow_scope,filter,shadow_attrs, _nss_ldap_parse_sp); /* write the response */ @@ -253,7 +238,7 @@ int nslcd_shadow_byname(TFILE *fp) return 0; } -int nslcd_shadow_all(TFILE *fp) +int nslcd_shadow_all(TFILE *fp,MYLDAP_SESSION *session) { int32_t tmpint32; struct ent_context context; @@ -268,7 +253,7 @@ int nslcd_shadow_all(TFILE *fp) WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_SHADOW_ALL); /* initialize context */ - _nss_ldap_ent_context_init(&context); + _nss_ldap_ent_context_init(&context,session); /* loop over all results */ shadow_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, diff --git a/nslcd/util.c b/nslcd/util.c index ce26634..d6a9807 100644 --- a/nslcd/util.c +++ b/nslcd/util.c @@ -283,7 +283,7 @@ dn2uid_cache_get (const char *dn, char **uid, char **buffer, size_t * buflen) } /* TODO: move to group.c */ -enum nss_status _nss_ldap_dn2uid(const char *dn,char **uid,char **buffer, +enum nss_status _nss_ldap_dn2uid(MYLDAP_SESSION *session,const char *dn,char **uid,char **buffer, size_t * buflen,int *pIsNestedGroup, LDAPMessage **pRes) { @@ -304,13 +304,13 @@ enum nss_status _nss_ldap_dn2uid(const char *dn,char **uid,char **buffer, attrs[2] = "objectClass"; attrs[3] = NULL; - if (_nss_ldap_read_sync(dn, attrs, &res)==NSS_STATUS_SUCCESS) + if (_nss_ldap_read_sync(session,dn,attrs,&res)==NSS_STATUS_SUCCESS) { - LDAPMessage *e = _nss_ldap_first_entry (res); + LDAPMessage *e=_nss_ldap_first_entry(session,res); if (e != NULL) { /* FIXME: somehow replace this with the dynamic stuff in group.c */ - if (has_objectclass(e,"posixGroup")) + if (has_objectclass(session,e,"posixGroup")) { *pIsNestedGroup = 1; *pRes = res; @@ -318,9 +318,7 @@ enum nss_status _nss_ldap_dn2uid(const char *dn,char **uid,char **buffer, return NSS_STATUS_SUCCESS; } - status = - _nss_ldap_assign_attrval (e, attmap_passwd_uid, uid, - buffer, buflen); + status=_nss_ldap_assign_attrval(session,e,attmap_passwd_uid,uid,buffer,buflen); if (status == NSS_STATUS_SUCCESS) dn2uid_cache_put (dn, *uid); } @@ -445,15 +443,14 @@ do_getrdnvalue (const char *dn, return NSS_STATUS_NOTFOUND; } -enum nss_status -_nss_ldap_getrdnvalue (LDAPMessage * entry, - const char *rdntype, - char **rval, char **buffer, size_t * buflen) +enum nss_status _nss_ldap_getrdnvalue( + MYLDAP_SESSION *session,LDAPMessage *entry,const char *rdntype, + char **rval,char **buffer,size_t * buflen) { char *dn; enum nss_status status; - dn = _nss_ldap_get_dn (entry); + dn=_nss_ldap_get_dn(session,entry); if (dn == NULL) { return NSS_STATUS_NOTFOUND; @@ -475,7 +472,7 @@ _nss_ldap_getrdnvalue (LDAPMessage * entry, { char **vals; - vals = _nss_ldap_get_values (entry, rdntype); + vals=_nss_ldap_get_values(session,entry,rdntype); if (vals != NULL) { @@ -501,7 +498,7 @@ _nss_ldap_getrdnvalue (LDAPMessage * entry, return status; } -int _nss_ldap_write_rndvalue(TFILE *fp,LDAPMessage *entry,const char *rdntype) +int _nss_ldap_write_rndvalue(TFILE *fp,MYLDAP_SESSION *session,LDAPMessage *entry,const char *rdntype) { char *dn; int status=456; @@ -515,7 +512,7 @@ int _nss_ldap_write_rndvalue(TFILE *fp,LDAPMessage *entry,const char *rdntype) /* log call */ log_log(LOG_DEBUG,"_nss_ldap_write_rndvalue(%s)",rdntype); /* get the dn from the entry */ - dn=_nss_ldap_get_dn(entry); + dn=_nss_ldap_get_dn(session,entry); if (dn==NULL) return NSLCD_RESULT_NOTFOUND; /* append a `=' to the rdntype */ @@ -557,7 +554,7 @@ int _nss_ldap_write_rndvalue(TFILE *fp,LDAPMessage *entry,const char *rdntype) */ if (status==456) { - vals=_nss_ldap_get_values(entry,rdntype); + vals=_nss_ldap_get_values(session,entry,rdntype); if (vals!=NULL) { /* write the first entry */ diff --git a/nslcd/util.h b/nslcd/util.h index 959aa25..84f3e71 100644 --- a/nslcd/util.h +++ b/nslcd/util.h @@ -32,18 +32,18 @@ * get the RDN's value: eg. if the RDN was cn=lukeh, getrdnvalue(entry) * would return lukeh. */ -enum nss_status _nss_ldap_getrdnvalue(LDAPMessage *entry, - const char *rdntype, - char **rval, char **buffer, size_t * buflen); +enum nss_status _nss_ldap_getrdnvalue( + MYLDAP_SESSION *session,LDAPMessage *entry,const char *rdntype, + char **rval,char **buffer,size_t * buflen); -int _nss_ldap_write_rndvalue(TFILE *fp,LDAPMessage *entry,const char *rdntype); +int _nss_ldap_write_rndvalue(TFILE *fp,MYLDAP_SESSION *session,LDAPMessage *entry,const char *rdntype); /* * map a distinguished name to a login name, or group entry */ -enum nss_status _nss_ldap_dn2uid (const char *dn, - char **uid, char **buffer, size_t * buflen, - int *pIsNestedGroup, LDAPMessage ** pRes); +enum nss_status _nss_ldap_dn2uid( + MYLDAP_SESSION *session,const char *dn,char **uid,char **buffer, + size_t *buflen,int *pIsNestedGroup,LDAPMessage **pRes); /* * Escape '*' in a string for use as a filter |