summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/cldap/cldap.c5
-rw-r--r--source4/libcli/ldap/ldap.c41
-rw-r--r--source4/libcli/ldap/ldap.h3
-rw-r--r--source4/libcli/util/asn1.c4
4 files changed, 17 insertions, 36 deletions
diff --git a/source4/libcli/cldap/cldap.c b/source4/libcli/cldap/cldap.c
index 41d5f1a06e..71326caa37 100644
--- a/source4/libcli/cldap/cldap.c
+++ b/source4/libcli/cldap/cldap.c
@@ -328,7 +328,10 @@ struct cldap_request *cldap_search_send(struct cldap_socket *cldap,
search->attributesonly = False;
search->num_attributes = str_list_length(io->in.attributes);
search->attributes = io->in.attributes;
- search->filter = io->in.filter;
+ search->tree = ldb_parse_tree(req, io->in.filter);
+ if (search->tree == NULL) {
+ goto failed;
+ }
if (!ldap_encode(&msg, &req->encoded)) {
DEBUG(0,("Failed to encode cldap message to %s:%d\n",
diff --git a/source4/libcli/ldap/ldap.c b/source4/libcli/ldap/ldap.c
index 2718dd7e34..0d310b4eed 100644
--- a/source4/libcli/ldap/ldap.c
+++ b/source4/libcli/ldap/ldap.c
@@ -152,7 +152,6 @@ BOOL ldap_encode(struct ldap_message *msg, DATA_BLOB *result)
}
case LDAP_TAG_SearchRequest: {
struct ldap_SearchRequest *r = &msg->r.SearchRequest;
- struct ldb_parse_tree *tree;
asn1_push_tag(&data, ASN1_APPLICATION(msg->type));
asn1_write_OctetString(&data, r->basedn, strlen(r->basedn));
asn1_write_enumerated(&data, r->scope);
@@ -161,14 +160,7 @@ BOOL ldap_encode(struct ldap_message *msg, DATA_BLOB *result)
asn1_write_Integer(&data, r->timelimit);
asn1_write_BOOLEAN(&data, r->attributesonly);
- tree = ldb_parse_tree(NULL, r->filter);
-
- if (tree == NULL)
- return False;
-
- ldap_push_filter(&data, tree);
-
- talloc_free(tree);
+ ldap_push_filter(&data, r->tree);
asn1_push_tag(&data, ASN1_SEQUENCE(0));
for (i=0; i<r->num_attributes; i++) {
@@ -176,7 +168,6 @@ BOOL ldap_encode(struct ldap_message *msg, DATA_BLOB *result)
strlen(r->attributes[i]));
}
asn1_pop_tag(&data);
-
asn1_pop_tag(&data);
break;
}
@@ -413,6 +404,10 @@ static void ldap_decode_response(TALLOC_CTX *mem_ctx,
}
}
+
+/*
+ parse the ASN.1 formatted search string into a ldb_parse_tree
+*/
static struct ldb_parse_tree *ldap_decode_filter_tree(TALLOC_CTX *mem_ctx,
struct asn1_data *data)
{
@@ -540,25 +535,6 @@ failed:
}
-static BOOL ldap_decode_filter(TALLOC_CTX *mem_ctx, struct asn1_data *data,
- const char **filterp)
-{
- struct ldb_parse_tree *tree;
-
- tree = ldap_decode_filter_tree(mem_ctx, data);
- if (tree == NULL) {
- return False;
- }
- *filterp = ldb_filter_from_tree(mem_ctx, tree);
- talloc_free(tree);
- if (*filterp == NULL) {
- return False;
- }
- return True;
-}
-
-
-
static void ldap_decode_attrib(TALLOC_CTX *mem_ctx, struct asn1_data *data,
struct ldap_attribute *attrib)
{
@@ -674,9 +650,10 @@ BOOL ldap_decode(struct asn1_data *data, struct ldap_message *msg)
asn1_read_Integer(data, &r->timelimit);
asn1_read_BOOLEAN(data, &r->attributesonly);
- /* Maybe create a TALLOC_CTX for the filter? This can waste
- * quite a bit of memory recursing down. */
- ldap_decode_filter(msg->mem_ctx, data, &r->filter);
+ r->tree = ldap_decode_filter_tree(msg->mem_ctx, data);
+ if (r->tree == NULL) {
+ return False;
+ }
asn1_start_tag(data, ASN1_SEQUENCE(0));
diff --git a/source4/libcli/ldap/ldap.h b/source4/libcli/ldap/ldap.h
index 12d30a2610..a44c249e7a 100644
--- a/source4/libcli/ldap/ldap.h
+++ b/source4/libcli/ldap/ldap.h
@@ -23,7 +23,6 @@
#define _SMB_LDAP_H
#include "lib/ldb/include/ldb.h"
-#include "lib/ldb/include/ldb_parse.h"
enum ldap_request_tag {
LDAP_TAG_BindRequest = 0,
@@ -152,7 +151,7 @@ struct ldap_SearchRequest {
uint32_t timelimit;
uint32_t sizelimit;
BOOL attributesonly;
- const char *filter;
+ struct ldb_parse_tree *tree;
int num_attributes;
const char **attributes;
};
diff --git a/source4/libcli/util/asn1.c b/source4/libcli/util/asn1.c
index 1124cc1701..dff31f6411 100644
--- a/source4/libcli/util/asn1.c
+++ b/source4/libcli/util/asn1.c
@@ -509,9 +509,11 @@ BOOL asn1_read_OctetString(struct asn1_data *data, DATA_BLOB *blob)
data->has_error = True;
return False;
}
- *blob = data_blob(NULL, len);
+ *blob = data_blob(NULL, len+1);
asn1_read(data, blob->data, len);
asn1_end_tag(data);
+ blob->length--;
+ blob->data[len] = 0;
if (data->has_error) {
data_blob_free(blob);