Project

General

Profile

ldap_leak_bugfix.patch

Proposed patch to solve this bug -- yann - Anonymous, 2007-03-03 12:50

View differences:

lighttpd-1.4.13.new/src/http_auth.c 2007-03-03 13:23:58.000000000 +0100
736 736

  
737 737

  
738 738
		/* build filter */
739
		buffer_copy_string_buffer(p->ldap_filter, p->conf.ldap_filter_pre);
739
		buffer_copy_string_buffer(p->ldap_filter, p->conf.ldap->ldap_filter_pre);
740 740
		buffer_append_string_buffer(p->ldap_filter, username);
741
		buffer_append_string_buffer(p->ldap_filter, p->conf.ldap_filter_post);
741
		buffer_append_string_buffer(p->ldap_filter, p->conf.ldap->ldap_filter_post);
742 742

  
743 743

  
744 744
		/* 2. */
745
		if (p->conf.ldap == NULL ||
746
		    LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
745
		if (p->conf.ldap->ldap == NULL ||
746
		    LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
747 747
			if (auth_ldap_init(srv, &p->conf) != HANDLER_GO_ON)
748 748
				return -1;
749
			if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
749
			if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
750 750

  
751 751
			log_error_write(srv, __FILE__, __LINE__, "sssb",
752 752
					"ldap:", ldap_err2string(ret), "filter:", p->ldap_filter);
......
755 755
			}
756 756
		}
757 757

  
758
		if (NULL == (first = ldap_first_entry(p->conf.ldap, lm))) {
758
		if (NULL == (first = ldap_first_entry(p->conf.ldap->ldap, lm))) {
759 759
			log_error_write(srv, __FILE__, __LINE__, "s", "ldap ...");
760 760

  
761 761
			ldap_msgfree(lm);
......
763 763
			return -1;
764 764
		}
765 765

  
766
		if (NULL == (dn = ldap_get_dn(p->conf.ldap, first))) {
766
		if (NULL == (dn = ldap_get_dn(p->conf.ldap->ldap, first))) {
767 767
			log_error_write(srv, __FILE__, __LINE__, "s", "ldap ...");
768 768

  
769 769
			ldap_msgfree(lm);
lighttpd-1.4.13.new/src/http_auth.h 2007-03-03 13:25:57.000000000 +0100
17 17
	AUTH_BACKEND_HTDIGEST
18 18
} auth_backend_t;
19 19

  
20
#ifdef USE_LDAP
21
typedef struct {
22
	LDAP *ldap;
23

  
24
	buffer *ldap_filter_pre;
25
	buffer *ldap_filter_post;
26
} ldap_plugin_config;
27
#endif
28

  
20 29
typedef struct {
21 30
	/* auth */
22 31
	array  *auth_require;
......
43 52
	auth_backend_t auth_backend;
44 53

  
45 54
#ifdef USE_LDAP
46
	LDAP *ldap;
47

  
48
	buffer *ldap_filter_pre;
49
	buffer *ldap_filter_post;
55
	ldap_plugin_config *ldap;
50 56
#endif
51 57
} mod_auth_plugin_config;
52 58

  
59

  
60

  
53 61
typedef struct {
54 62
	PLUGIN_DATA;
55 63
	buffer *tmp_buf;
lighttpd-1.4.13.new/src/mod_auth.c 2007-03-03 13:33:24.000000000 +0100
77 77
			buffer_free(s->auth_ldap_cafile);
78 78

  
79 79
#ifdef USE_LDAP
80
			buffer_free(s->ldap_filter_pre);
81
			buffer_free(s->ldap_filter_post);
80
			buffer_free(s->ldap->ldap_filter_pre);
81
			buffer_free(s->ldap->ldap_filter_post);
82 82

  
83
			if (s->ldap) ldap_unbind_s(s->ldap);
83
			if (s->ldap->ldap) ldap_unbind_s(s->ldap->ldap);
84
			free (s->ldap);
84 85
#endif
85 86

  
86 87
			free(s);
......
115 116
	PATCH(auth_ldap_starttls);
116 117
#ifdef USE_LDAP
117 118
	PATCH(ldap);
118
	PATCH(ldap_filter_pre);
119
	PATCH(ldap_filter_post);
120 119
#endif
121 120

  
122 121
	/* skip the first, the global context */
......
149 148
				PATCH(auth_ldap_hostname);
150 149
#ifdef USE_LDAP
151 150
				PATCH(ldap);
152
				PATCH(ldap_filter_pre);
153
				PATCH(ldap_filter_post);
154 151
#endif
155 152
			} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.base-dn"))) {
156 153
				PATCH(auth_ldap_basedn);
......
345 342
		s->auth_require = array_init();
346 343

  
347 344
#ifdef USE_LDAP
348
		s->ldap_filter_pre = buffer_init();
349
		s->ldap_filter_post = buffer_init();
350
		s->ldap = NULL;
345
		s->ldap = malloc (sizeof(ldap_plugin_config));
346
		s->ldap->ldap_filter_pre = buffer_init();
347
		s->ldap->ldap_filter_post = buffer_init();
348
		s->ldap->ldap = NULL;
351 349
#endif
352 350

  
353 351
		cv[0].destination = s->auth_backend_conf;
......
573 571
					return HANDLER_ERROR;
574 572
				}
575 573

  
576
				buffer_copy_string_len(s->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr);
577
				buffer_copy_string(s->ldap_filter_post, dollar+1);
574
				buffer_copy_string_len(s->ldap->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr);
575
				buffer_copy_string(s->ldap->ldap_filter_post, dollar+1);
578 576
			}
579 577

  
580 578
			if (s->auth_ldap_hostname->used) {
581
				if (NULL == (s->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) {
579
				if (NULL == (s->ldap->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) {
582 580
					log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno));
583 581

  
584 582
					return HANDLER_ERROR;
585 583
				}
586 584

  
587 585
				ret = LDAP_VERSION3;
588
				if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) {
586
				if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) {
589 587
					log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
590 588

  
591 589
					return HANDLER_ERROR;
......
604 602
						}
605 603
					}
606 604

  
607
					if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap, NULL,  NULL))) {
605
					if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap->ldap, NULL,  NULL))) {
608 606
						log_error_write(srv, __FILE__, __LINE__, "ss", "ldap startTLS failed:", ldap_err2string(ret));
609 607

  
610 608
						return HANDLER_ERROR;
......
614 612

  
615 613
				/* 1. */
616 614
				if (s->auth_ldap_binddn->used) {
617
					if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) {
615
					if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) {
618 616
						log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
619 617

  
620 618
						return HANDLER_ERROR;
621 619
					}
622 620
				} else {
623
					if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, NULL, NULL))) {
621
					if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap->ldap, NULL, NULL))) {
624 622
						log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
625 623

  
626 624
						return HANDLER_ERROR;