summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/lib/ldap_escape.c25
-rw-r--r--source3/lib/smbldap_util.c12
-rw-r--r--source3/libads/ldap_user.c6
-rw-r--r--source3/passdb/pdb_ldap.c45
-rw-r--r--source3/utils/net_ads.c10
-rw-r--r--source3/winbindd/winbindd_ads.c6
7 files changed, 54 insertions, 52 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index f887b4e796..c0f4dc10d8 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -554,7 +554,7 @@ void init_ldap_debugging(void);
/* The following definitions come from lib/ldap_escape.c */
-char *escape_ldap_string_alloc(const char *s);
+char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s);
char *escape_rdn_val_string_alloc(const char *s);
/* The following definitions come from lib/module.c */
diff --git a/source3/lib/ldap_escape.c b/source3/lib/ldap_escape.c
index d101bc5ecd..a731cb9864 100644
--- a/source3/lib/ldap_escape.c
+++ b/source3/lib/ldap_escape.c
@@ -32,10 +32,10 @@
* and to be free()ed by the caller.
**/
-char *escape_ldap_string_alloc(const char *s)
+char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s)
{
size_t len = strlen(s)+1;
- char *output = (char *)SMB_MALLOC(len);
+ char *output = talloc_array(mem_ctx, char, len);
const char *sub;
int i = 0;
char *p = output;
@@ -43,7 +43,7 @@ char *escape_ldap_string_alloc(const char *s)
if (output == NULL) {
return NULL;
}
-
+
while (*s)
{
switch (*s)
@@ -64,14 +64,17 @@ char *escape_ldap_string_alloc(const char *s)
sub = NULL;
break;
}
-
+
if (sub) {
+ char *tmp;
len = len + 3;
- output = (char *)SMB_REALLOC(output, len);
- if (!output) {
+ tmp = talloc_realloc(mem_ctx, output, char, len);
+ if (tmp == NULL) {
+ TALLOC_FREE(output);
return NULL;
}
-
+ output = tmp;
+
p = &output[i];
strncpy (p, sub, 3);
p += 3;
@@ -84,7 +87,7 @@ char *escape_ldap_string_alloc(const char *s)
}
s++;
}
-
+
*p = '\0';
return output;
}
@@ -101,7 +104,7 @@ char *escape_rdn_val_string_alloc(const char *s)
}
p = output;
-
+
while (*s)
{
switch (*s)
@@ -122,10 +125,10 @@ char *escape_rdn_val_string_alloc(const char *s)
*p = *s;
p++;
}
-
+
s++;
}
-
+
*p = '\0';
/* resize the string to the actual final size */
diff --git a/source3/lib/smbldap_util.c b/source3/lib/smbldap_util.c
index 66aef6ba66..478a3d24ca 100644
--- a/source3/lib/smbldap_util.c
+++ b/source3/lib/smbldap_util.c
@@ -126,7 +126,7 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state,
char *escape_domain_name;
/* escape for filter */
- escape_domain_name = escape_ldap_string_alloc(domain_name);
+ escape_domain_name = escape_ldap_string(talloc_tos(), domain_name);
if (!escape_domain_name) {
DEBUG(0, ("Out of memory!\n"));
return NT_STATUS_NO_MEMORY;
@@ -135,11 +135,11 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state,
if (asprintf(&filter, "(&(%s=%s)(objectclass=%s))",
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
escape_domain_name, LDAP_OBJ_DOMINFO) < 0) {
- SAFE_FREE(escape_domain_name);
+ TALLOC_FREE(escape_domain_name);
return NT_STATUS_NO_MEMORY;
}
- SAFE_FREE(escape_domain_name);
+ TALLOC_FREE(escape_domain_name);
attr_list = get_attr_list(NULL, dominfo_attr_list );
rc = smbldap_search_suffix(ldap_state, filter, attr_list, &result);
@@ -258,7 +258,7 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state,
int count;
char *escape_domain_name;
- escape_domain_name = escape_ldap_string_alloc(domain_name);
+ escape_domain_name = escape_ldap_string(talloc_tos(), domain_name);
if (!escape_domain_name) {
DEBUG(0, ("Out of memory!\n"));
return NT_STATUS_NO_MEMORY;
@@ -268,11 +268,11 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state,
LDAP_OBJ_DOMINFO,
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
escape_domain_name) < 0) {
- SAFE_FREE(escape_domain_name);
+ TALLOC_FREE(escape_domain_name);
return NT_STATUS_NO_MEMORY;
}
- SAFE_FREE(escape_domain_name);
+ TALLOC_FREE(escape_domain_name);
DEBUG(2, ("smbldap_search_domain_info: Searching for:[%s]\n", filter));
diff --git a/source3/libads/ldap_user.c b/source3/libads/ldap_user.c
index eecd9045e5..69dc05335e 100644
--- a/source3/libads/ldap_user.c
+++ b/source3/libads/ldap_user.c
@@ -30,18 +30,18 @@
ADS_STATUS status;
char *ldap_exp;
const char *attrs[] = {"*", NULL};
- char *escaped_user = escape_ldap_string_alloc(user);
+ char *escaped_user = escape_ldap_string(talloc_tos(), user);
if (!escaped_user) {
return ADS_ERROR(LDAP_NO_MEMORY);
}
if (asprintf(&ldap_exp, "(samAccountName=%s)", escaped_user) == -1) {
- SAFE_FREE(escaped_user);
+ TALLOC_FREE(escaped_user);
return ADS_ERROR(LDAP_NO_MEMORY);
}
status = ads_search(ads, res, ldap_exp, attrs);
SAFE_FREE(ldap_exp);
- SAFE_FREE(escaped_user);
+ TALLOC_FREE(escaped_user);
return status;
}
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 3579325769..173298561f 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -336,7 +336,7 @@ int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state,
const char **attr)
{
char *filter = NULL;
- char *escape_user = escape_ldap_string_alloc(user);
+ char *escape_user = escape_ldap_string(talloc_tos(), user);
int ret = -1;
if (!escape_user) {
@@ -350,7 +350,7 @@ int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state,
filter = talloc_asprintf(talloc_tos(), "(&%s%s)", "(uid=%u)",
get_objclass_filter(ldap_state->schema_ver));
if (!filter) {
- SAFE_FREE(escape_user);
+ TALLOC_FREE(escape_user);
return LDAP_NO_MEMORY;
}
/*
@@ -360,7 +360,7 @@ int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state,
filter = talloc_all_string_sub(talloc_tos(),
filter, "%u", escape_user);
- SAFE_FREE(escape_user);
+ TALLOC_FREE(escape_user);
if (!filter) {
return LDAP_NO_MEMORY;
}
@@ -2120,18 +2120,18 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, struct s
/* does the entry already exist but without a samba attributes?
we need to return the samba attributes here */
- escape_user = escape_ldap_string_alloc( username );
+ escape_user = escape_ldap_string(talloc_tos(), username);
filter = talloc_strdup(attr_list, "(uid=%u)");
if (!filter) {
status = NT_STATUS_NO_MEMORY;
goto fn_exit;
}
filter = talloc_all_string_sub(attr_list, filter, "%u", escape_user);
+ TALLOC_FREE(escape_user);
if (!filter) {
status = NT_STATUS_NO_MEMORY;
goto fn_exit;
}
- SAFE_FREE(escape_user);
rc = smbldap_search_suffix(ldap_state->smbldap_state,
filter, attr_list, &result);
@@ -2278,7 +2278,6 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, struct s
fn_exit:
TALLOC_FREE(ctx);
- SAFE_FREE(escape_user);
if (result) {
ldap_msgfree(result);
}
@@ -2528,7 +2527,7 @@ static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
const char *name)
{
char *filter = NULL;
- char *escape_name = escape_ldap_string_alloc(name);
+ char *escape_name = escape_ldap_string(talloc_tos(), name);
NTSTATUS status;
if (!escape_name) {
@@ -2540,11 +2539,11 @@ static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_DISPLAY_NAME), escape_name,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_CN),
escape_name) < 0) {
- SAFE_FREE(escape_name);
+ TALLOC_FREE(escape_name);
return NT_STATUS_NO_MEMORY;
}
- SAFE_FREE(escape_name);
+ TALLOC_FREE(escape_name);
status = ldapsam_getgroup(methods, filter, map);
SAFE_FREE(filter);
return status;
@@ -2665,20 +2664,19 @@ static NTSTATUS ldapsam_enum_group_members(struct pdb_methods *methods,
for (memberuid = values; *memberuid != NULL; memberuid += 1) {
char *escape_memberuid;
- escape_memberuid = escape_ldap_string_alloc(*memberuid);
+ escape_memberuid = escape_ldap_string(talloc_tos(),
+ *memberuid);
if (escape_memberuid == NULL) {
ret = NT_STATUS_NO_MEMORY;
goto done;
}
filter = talloc_asprintf_append_buffer(filter, "(uid=%s)", escape_memberuid);
+ TALLOC_FREE(escape_memberuid);
if (filter == NULL) {
- SAFE_FREE(escape_memberuid);
ret = NT_STATUS_NO_MEMORY;
goto done;
}
-
- SAFE_FREE(escape_memberuid);
}
filter = talloc_asprintf_append_buffer(filter, "))");
@@ -2812,7 +2810,7 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods,
return NT_STATUS_INVALID_PARAMETER;
}
- escape_name = escape_ldap_string_alloc(pdb_get_username(user));
+ escape_name = escape_ldap_string(talloc_tos(), pdb_get_username(user));
if (escape_name == NULL)
return NT_STATUS_NO_MEMORY;
@@ -2950,7 +2948,7 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods,
done:
- SAFE_FREE(escape_name);
+ TALLOC_FREE(escape_name);
return ret;
}
@@ -4185,14 +4183,14 @@ static char *get_ldap_filter(TALLOC_CTX *mem_ctx, const char *username)
goto done;
}
- escaped = escape_ldap_string_alloc(username);
+ escaped = escape_ldap_string(talloc_tos(), username);
if (escaped == NULL) goto done;
result = talloc_string_sub(mem_ctx, filter, "%u", username);
done:
SAFE_FREE(filter);
- SAFE_FREE(escaped);
+ TALLOC_FREE(escaped);
return result;
}
@@ -4994,10 +4992,10 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods,
is_machine = True;
}
- username = escape_ldap_string_alloc(name);
+ username = escape_ldap_string(talloc_tos(), name);
filter = talloc_asprintf(tmp_ctx, "(&(uid=%s)(objectClass=%s))",
username, LDAP_OBJ_POSIXACCOUNT);
- SAFE_FREE(username);
+ TALLOC_FREE(username);
rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, NULL, &result);
if (rc != LDAP_SUCCESS) {
@@ -5270,10 +5268,10 @@ static NTSTATUS ldapsam_create_dom_group(struct pdb_methods *my_methods,
gid_t gid = -1;
int rc;
- groupname = escape_ldap_string_alloc(name);
+ groupname = escape_ldap_string(talloc_tos(), name);
filter = talloc_asprintf(tmp_ctx, "(&(cn=%s)(objectClass=%s))",
groupname, LDAP_OBJ_POSIXGROUP);
- SAFE_FREE(groupname);
+ TALLOC_FREE(groupname);
rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, NULL, &result);
if (rc != LDAP_SUCCESS) {
@@ -5702,7 +5700,8 @@ static NTSTATUS ldapsam_set_primary_group(struct pdb_methods *my_methods,
return NT_STATUS_NO_MEMORY;
}
- escape_username = escape_ldap_string_alloc(pdb_get_username(sampass));
+ escape_username = escape_ldap_string(talloc_tos(),
+ pdb_get_username(sampass));
if (escape_username== NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -5715,7 +5714,7 @@ static NTSTATUS ldapsam_set_primary_group(struct pdb_methods *my_methods,
LDAP_OBJ_POSIXACCOUNT,
LDAP_OBJ_SAMBASAMACCOUNT);
- SAFE_FREE(escape_username);
+ TALLOC_FREE(escape_username);
if (filter == NULL) {
return NT_STATUS_NO_MEMORY;
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index d82715eb45..f746fc6bd5 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -521,7 +521,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv)
return net_ads_user_usage(c, argc, argv);
}
- escaped_user = escape_ldap_string_alloc(argv[0]);
+ escaped_user = escape_ldap_string(talloc_tos(), argv[0]);
if (!escaped_user) {
d_fprintf(stderr, "ads_user_info: failed to escape user %s\n", argv[0]);
@@ -529,12 +529,12 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv)
}
if (!ADS_ERR_OK(ads_startup(c, false, &ads))) {
- SAFE_FREE(escaped_user);
+ TALLOC_FREE(escaped_user);
return -1;
}
if (asprintf(&searchstring, "(sAMAccountName=%s)", escaped_user) == -1) {
- SAFE_FREE(escaped_user);
+ TALLOC_FREE(escaped_user);
return -1;
}
rc = ads_search(ads, &res, searchstring, attrs);
@@ -543,7 +543,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv)
if (!ADS_ERR_OK(rc)) {
d_fprintf(stderr, "ads_search: %s\n", ads_errstr(rc));
ads_destroy(&ads);
- SAFE_FREE(escaped_user);
+ TALLOC_FREE(escaped_user);
return -1;
}
@@ -563,7 +563,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv)
ads_msgfree(ads, res);
ads_destroy(&ads);
- SAFE_FREE(escaped_user);
+ TALLOC_FREE(escaped_user);
return 0;
}
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 0f40419a0e..edd70667c0 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -608,7 +608,7 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain,
goto done;
}
- if (!(escaped_dn = escape_ldap_string_alloc(user_dn))) {
+ if (!(escaped_dn = escape_ldap_string(talloc_tos(), user_dn))) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
@@ -620,12 +620,12 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain,
GROUP_TYPE_SECURITY_ENABLED);
if (!ldap_exp) {
DEBUG(1,("lookup_usergroups(dn=%s) asprintf failed!\n", user_dn));
- SAFE_FREE(escaped_dn);
+ TALLOC_FREE(escaped_dn);
status = NT_STATUS_NO_MEMORY;
goto done;
}
- SAFE_FREE(escaped_dn);
+ TALLOC_FREE(escaped_dn);
rc = ads_search_retry(ads, &res, ldap_exp, group_attrs);