diff --git a/build/openldap.m4 b/build/openldap.m4
index 05170db5a93a4fabf9c0fb314871704ea406dcd1..409e9d5a22937f8471f680d614c019bce4d38011 100644
--- a/build/openldap.m4
+++ b/build/openldap.m4
@@ -233,6 +233,33 @@ OL_RESOLVER_TRY(ol_cv_resolver_bind,[-lbind])
])
dnl
dnl ====================================================================
+dnl International Components for Unicode (ICU)
+AC_DEFUN([OL_ICU],
+[ol_icu=no
+AC_CHECK_HEADERS( unicode/utypes.h )
+if test $ac_cv_header_unicode_utypes_h = yes ; then
+ dnl OL_ICULIBS="-licui18n -licuuc -licudata"
+ OL_ICULIBS="-licuuc -licudata"
+
+ AC_CACHE_CHECK([for ICU libraries], [ol_cv_lib_icu], [
+ ol_LIBS="$LIBS"
+ LIBS="$OL_ICULIBS $LIBS"
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+#include <unicode/utypes.h>
+]], [[
+(void) u_errorName(0);
+]])],[ol_cv_lib_icu=yes],[ol_cv_lib_icu=no])
+ LIBS="$ol_LIBS"
+])
+
+ if test $ol_cv_lib_icu != no ; then
+ ol_icu="$OL_ICULIBS"
+ AC_DEFINE(HAVE_ICU,1,[define if you actually have ICU])
+ fi
+fi
+])
+dnl
+dnl ====================================================================
dnl Berkeley DB macros
dnl
dnl --------------------------------------------------------------------
@@ -300,28 +327,203 @@ dnl --------------------------------------------------------------------
dnl Try to locate appropriate library
AC_DEFUN([OL_BERKELEY_DB_LINK],
[ol_cv_lib_db=no
+
+dnl Determine major version
+AC_CACHE_CHECK([for Berkeley DB major version], [ol_cv_bdb_major],[
+ ol_cv_bdb_major=0
+ if test $ol_cv_bdb_major = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 4
+__db_version
+#endif
+ ], [ol_cv_bdb_major=4], [:])
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 3
+__db_version
+#endif
+ ], [ol_cv_bdb_major=3], [:])
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 2
+__db_version
+#endif
+ ], [ol_cv_bdb_major=2], [:])
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 1
+__db_version
+#endif
+ ], [ol_cv_bdb_major=1], [:])
+ fi
+
+ if test $ol_cv_bdb_major = 0 ; then
+ AC_MSG_ERROR([Unknown Berkeley DB major version])
+ fi
+])
+
+dnl Determine minor version
+AC_CACHE_CHECK([for Berkeley DB minor version], [ol_cv_bdb_minor],[
+ ol_cv_bdb_minor=0
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 9
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=9], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 8
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=8], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 7
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=7], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 6
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=6], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 5
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=5], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 4
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=4], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 3
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=3], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 2
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=2], [:])
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ AC_EGREP_CPP(__db_version, [
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 1
+__db_version
+#endif
+ ], [ol_cv_bdb_minor=1], [:])
+ fi
+])
+
+if test $ol_cv_bdb_major = 4 ; then
+ if test $ol_cv_bdb_minor = 4 ; then
+ OL_BERKELEY_DB_TRY(ol_cv_db_db44,[-ldb44])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_44,[-ldb-44])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_dot_4,[-ldb-4.4])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_4,[-ldb-4-4])
+ elif test $ol_cv_bdb_minor = 3 ; then
+ OL_BERKELEY_DB_TRY(ol_cv_db_db43,[-ldb43])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_43,[-ldb-43])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_dot_3,[-ldb-4.3])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_3,[-ldb-4-3])
+ elif test $ol_cv_bdb_minor = 2 ; then
+ OL_BERKELEY_DB_TRY(ol_cv_db_db42,[-ldb42])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_42,[-ldb-42])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_dot_2,[-ldb-4.2])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_2,[-ldb-4-2])
+ elif test $ol_cv_bdb_minor = 1 ; then
+ OL_BERKELEY_DB_TRY(ol_cv_db_db41,[-ldb41])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_41,[-ldb-41])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_dot_1,[-ldb-4.1])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4_1,[-ldb-4-1])
+ fi
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_4,[-ldb-4])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db4,[-ldb4])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db,[-ldb])
+
+elif test $ol_cv_bdb_major = 3 ; then
+ OL_BERKELEY_DB_TRY(ol_cv_db_db3,[-ldb3])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_3,[-ldb-3])
+
+elif test $ol_cv_bdb_major = 2 ; then
+ OL_BERKELEY_DB_TRY(ol_cv_db_db2,[-ldb2])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_2,[-ldb-2])
+
+elif test $ol_cv_bdb_major = 1 ; then
+ OL_BERKELEY_DB_TRY(ol_cv_db_db1,[-ldb1])
+ OL_BERKELEY_DB_TRY(ol_cv_db_db_1,[-ldb-1])
+fi
OL_BERKELEY_DB_TRY(ol_cv_db_none)
-OL_BERKELEY_DB_TRY(ol_cv_db_db43,[-ldb43])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_43,[-ldb-43])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_4_dot_3,[-ldb-4.3])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_4_3,[-ldb-4-3])
-OL_BERKELEY_DB_TRY(ol_cv_db_db42,[-ldb42])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_42,[-ldb-42])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_4_dot_2,[-ldb-4.2])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_4_2,[-ldb-4-2])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_4,[-ldb-4])
-OL_BERKELEY_DB_TRY(ol_cv_db_db4,[-ldb4])
-OL_BERKELEY_DB_TRY(ol_cv_db_db,[-ldb])
-OL_BERKELEY_DB_TRY(ol_cv_db_db41,[-ldb41])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_41,[-ldb-41])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_4_dot_1,[-ldb-4.1])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_4_1,[-ldb-4-1])
-OL_BERKELEY_DB_TRY(ol_cv_db_db3,[-ldb3])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_3,[-ldb-3])
-OL_BERKELEY_DB_TRY(ol_cv_db_db2,[-ldb2])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_2,[-ldb-2])
-OL_BERKELEY_DB_TRY(ol_cv_db_db1,[-ldb1])
-OL_BERKELEY_DB_TRY(ol_cv_db_db_1,[-ldb-1])
])
dnl
dnl --------------------------------------------------------------------
diff --git a/configure.in b/configure.in
index be9a104c02c693db793ffd5097506bcbb93fd6e9..da637bb17128f3ab23144416e462a35f44f3817c 100644
--- a/configure.in
+++ b/configure.in
@@ -3237,7 +3237,63 @@ ENDX
/* end of generated file */
ENDX
fi
+OVERLAYSC="servers/slapd/overlays/statover.c"
+echo "Making $OVERLAYSC"
+rm -f $OVERLAYSC
+cat > $OVERLAYSC << ENDX
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* This file is automatically generated by configure; please do not edit. */
+
+#include "portable.h"
+#include "slap.h"
+
+ENDX
+if test "${STATIC_OVERLAYS}"; then
+ for o in ${STATIC_OVERLAYS}; do
+ oo=`echo "${o}" | sed -e 's/.o$//' -e 's/_x$//'`
+ cat >> $OVERLAYSC << ENDX
+extern OV_init ${oo}_initialize;
+ENDX
+ done
+fi
+
+cat >> $OVERLAYSC << ENDX
+
+OverlayInit slap_oinfo[] = {
+ENDX
+
+if test "${STATIC_OVERLAYS}"; then
+ for o in ${STATIC_OVERLAYS}; do
+ oo=`echo "${o}" | sed -e 's/.o$//' -e 's/_x$//'`
+ echo " Add ${oo} ..."
+ cat >> $OVERLAYSC << ENDX
+ { "${oo}", ${oo}_initialize },
+ENDX
+ done
+fi
+
+ cat >> $OVERLAYSC << ENDX
+ { NULL, NULL },
+};
+
+/* end of generated file */
+ENDX
echo Please run \"make depend\" to build dependencies
-]],[[STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS"]])
+]],[[
+STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS"
+STATIC_OVERLAYS="$SLAPD_STATIC_OVERLAYS"
+]])
AC_OUTPUT
diff --git a/contrib/slapd-modules/smbk5pwd/smbk5pwd.c b/contrib/slapd-modules/smbk5pwd/smbk5pwd.c
index 88448f1f33152f07d7cdb3c84bea8f7e92b519a8..a2c176d78f37dcca79f5c10f74fe9127204e24eb 100644
--- a/contrib/slapd-modules/smbk5pwd/smbk5pwd.c
+++ b/contrib/slapd-modules/smbk5pwd/smbk5pwd.c
@@ -377,11 +377,19 @@ static int smbk5pwd_exop_passwd(
if ( ret ) break;
a = attr_find( e->e_attrs, ad_krb5KeyVersionNumber );
+ kvno = 0;
if ( a ) {
- kvno = atoi(a->a_vals[0].bv_val);
+ if ( lutil_atoi( &kvno, a->a_vals[0].bv_val ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY, "%s smbk5pwd EXOP: "
+ "dn=\"%s\" unable to parse krb5KeyVersionNumber=\"%s\"\n",
+ op->o_log, e->e_name.bv_val, a->a_vals[0].bv_val );
+ }
+
} else {
/* shouldn't happen, this is a required attr */
- kvno = 0;
+ Debug( LDAP_DEBUG_ANY, "%s smbk5pwd EXOP: "
+ "dn=\"%s\" missing krb5KeyVersionNumber\n",
+ op->o_log, e->e_name.bv_val, 0 );
}
ret = _kadm5_set_keys(kadm_context, &ent, qpw->rs_new.bv_val);
@@ -864,7 +872,7 @@ static int
smbk5pwd_db_init(BackendDB *be)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
- smbk5pwd_t *pi;
+ smbk5pwd_t *pi;
pi = ch_calloc( 1, sizeof( smbk5pwd_t ) );
if ( pi == NULL ) {
diff --git a/include/ldap_pvt.h b/include/ldap_pvt.h
index 54246b402fc1a84002e7b5563446a5c09d0a9644..384f9f3f2d695377b336b9b1e8db570e4b390a50 100644
--- a/include/ldap_pvt.h
+++ b/include/ldap_pvt.h
@@ -212,6 +212,13 @@ ldap_pvt_find_wildcard LDAP_P(( const char *s ));
LDAP_F( ber_slen_t )
ldap_pvt_filter_value_unescape LDAP_P(( char *filter ));
+LDAP_F( ber_len_t )
+ldap_bv2escaped_filter_value_len LDAP_P(( struct berval *in ));
+
+LDAP_F( int )
+ldap_bv2escaped_filter_value_x LDAP_P(( struct berval *in, struct berval *out,
+ int inplace, void *ctx ));
+
/* string.c */
LDAP_F( char * )
ldap_pvt_str2upper LDAP_P(( char *str ));
diff --git a/include/lutil.h b/include/lutil.h
index c8e8430d51c9817696d14e1d098e760757e3ea2b..ebe30963f50904dd21b1a5e9dc4aed6d06a12fd8 100644
--- a/include/lutil.h
+++ b/include/lutil.h
@@ -273,6 +273,29 @@ lutil_LogStoppedEvent( char *svc );
#define putc(c,fp) do { char x=(c); __atoe_l(&x,1); putc(x,fp); } while(0)
#endif
+LDAP_LUTIL_F (int)
+lutil_atoix( int *v, const char *s, int x );
+
+LDAP_LUTIL_F (int)
+lutil_atoux( unsigned *v, const char *s, int x );
+
+LDAP_LUTIL_F (int)
+lutil_atolx( long *v, const char *s, int x );
+
+LDAP_LUTIL_F (int)
+lutil_atoulx( unsigned long *v, const char *s, int x );
+
+#define lutil_atoi(v, s) lutil_atoix((v), (s), 10)
+#define lutil_atou(v, s) lutil_atoux((v), (s), 10)
+#define lutil_atol(v, s) lutil_atolx((v), (s), 10)
+#define lutil_atoul(v, s) lutil_atoulx((v), (s), 10)
+
+LDAP_LUTIL_F (int)
+lutil_parse_time( const char *in, unsigned long *tp );
+
+LDAP_LUTIL_F (int)
+lutil_unparse_time( char *buf, size_t buflen, unsigned long t );
+
LDAP_END_DECL
#endif /* _LUTIL_H */
diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c
index 548f365952b19d0f76fc1c6d7dd86871c65b7021..cc372d70fce1e7ef51e09eb3ceb533b138025276 100644
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -1026,11 +1026,11 @@ int ldap_pvt_sasl_secprops(
if ( strncasecmp( props[i], sprops[j].key.bv_val,
sprops[j].key.bv_len )) continue;
if ( sprops[j].ival ) {
- int v;
+ unsigned v;
char *next = NULL;
if ( !isdigit( props[i][sprops[j].key.bv_len] )) continue;
v = strtoul( &props[i][sprops[j].key.bv_len], &next, 10 );
- if ( next == NULL || next[ 0 ] != '\0' ) continue;
+ if ( next == &props[i][sprops[j].key.bv_len] || next[0] != '\0' ) continue;
switch( sprops[j].ival ) {
case GOT_MINSSF:
min_ssf = v; got_min_ssf++; break;
diff --git a/libraries/libldap/search.c b/libraries/libldap/search.c
index d6bd5f2dec95d4f5017e12921cfd00baac4b5657..623c2fb31746c6f4c1c6809e6bde1ce10d40cbc4 100644
--- a/libraries/libldap/search.c
+++ b/libraries/libldap/search.c
@@ -365,53 +365,106 @@ ldap_search_s(
return( ldap_result2error( ld, *res, 0 ) );
}
+static char escape[128] = {
+ 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 1, 1, 1, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 1, 0, 0, 0,
+
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 1
+};
+#define NEEDFLTESCAPE(c) ((c) & 0x80 || escape[ (unsigned)(c) ])
+
+/*
+ * compute the length of the escaped value;
+ * returns ((ber_len_t)(-1)) if no escaping is required.
+ */
+ber_len_t
+ldap_bv2escaped_filter_value_len( struct berval *in )
+{
+ ber_len_t i, l;
+
+ assert( in != NULL );
+
+ if ( in->bv_len == 0 ) {
+ return 0;
+ }
+
+ /* assume we'll escape everything */
+ for( l = 0, i = 0; i < in->bv_len; l++, i++ ) {
+ char c = in->bv_val[ i ];
+ if ( NEEDFLTESCAPE( c ) ) {
+ l += 2;
+ }
+ }
+
+ return l;
+}
+
int
ldap_bv2escaped_filter_value( struct berval *in, struct berval *out )
{
- ber_len_t i;
- static char escape[128] = {
- 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1,
-
- 1, 1, 1, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 1, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 1
- };
-
- out->bv_len = 0;
- out->bv_val = NULL;
-
- if( in->bv_len == 0 ) return 0;
+ return ldap_bv2escaped_filter_value_x( in, out, 0, NULL );
+}
+
+int
+ldap_bv2escaped_filter_value_x( struct berval *in, struct berval *out, int inplace, void *ctx )
+{
+ ber_len_t i, l;
+
+ assert( in != NULL );
+ assert( out != NULL );
+
+ BER_BVZERO( out );
+
+ if ( in->bv_len == 0 ) {
+ return 0;
+ }
/* assume we'll escape everything */
- out->bv_val = LDAP_MALLOC( 3 * in->bv_len + 1 );
- if( out->bv_val == NULL ) return -1;
+ l = ldap_bv2escaped_filter_value_len( in );
+ if ( l == in->bv_len ) {
+ if ( inplace ) {
+ *out = *in;
+ } else {
+ ber_dupbv( out, in );
+ }
+ return 0;
+ }
+ out->bv_val = LDAP_MALLOCX( l + 1, ctx );
+ if ( out->bv_val == NULL ) {
+ return -1;
+ }
- for( i=0; i<in->bv_len; i++ ) {
+ for ( i = 0; i < in->bv_len; i++ ) {
char c = in->bv_val[ i ];
- if (c & 0x80 || escape[ (unsigned)c ]) {
+ if ( NEEDFLTESCAPE( c ) ) {
+ assert( out->bv_len < l - 2 );
out->bv_val[out->bv_len++] = '\\';
out->bv_val[out->bv_len++] = "0123456789ABCDEF"[0x0f & (c>>4)];
out->bv_val[out->bv_len++] = "0123456789ABCDEF"[0x0f & c];
+
} else {
+ assert( out->bv_len < l );
out->bv_val[out->bv_len++] = c;
}
}
out->bv_val[out->bv_len] = '\0';
+
return 0;
}
diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c
index ecfb3808b17910fb1c75f137d6c3465334d6cfbd..8fe30b911a87c7c884cf572de9dff304a22ad7e7 100644
--- a/libraries/libldap/url.c
+++ b/libraries/libldap/url.c
@@ -883,7 +883,7 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
}
ludp->lud_port = strtol( q, &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if ( next == q || next[0] != '\0' ) {
LDAP_FREE( url );
ldap_free_urldesc( ludp );
return LDAP_URL_ERR_BADURL;
@@ -1338,7 +1338,7 @@ ldap_url_parsehosts(
*p++ = 0;
ldap_pvt_hex_unescape(p);
ludp->lud_port = strtol( p, &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if ( next == p || next[0] != '\0' ) {
return LDAP_PARAM_ERROR;
}
}
diff --git a/libraries/liblutil/utils.c b/libraries/liblutil/utils.c
index d227f328284b1551b4d1e1fe589f09c8af8d7464..f2a1a2c91d8391b9e6ce4f9b7a00ae5c6e5d4724 100644
--- a/libraries/liblutil/utils.c
+++ b/libraries/liblutil/utils.c
@@ -329,3 +329,165 @@ lutil_memrchr(const void *b, int c, size_t n)
return NULL;
}
+
+int
+lutil_atoix( int *v, const char *s, int x )
+{
+ char *next;
+ long i;
+
+ assert( s != NULL );
+ assert( v != NULL );
+
+ i = strtol( s, &next, x );
+ if ( next == s || next[ 0 ] != '\0' ) {
+ return -1;
+ }
+
+ if ( (long)(int)i != i ) {
+ return 1;
+ }
+
+ *v = (int)i;
+
+ return 0;
+}
+
+int
+lutil_atoux( unsigned *v, const char *s, int x )
+{
+ char *next;
+ unsigned long u;
+
+ assert( s != NULL );
+ assert( v != NULL );
+
+ u = strtoul( s, &next, x );
+ if ( next == s || next[ 0 ] != '\0' ) {
+ return -1;
+ }
+
+ if ( (unsigned long)(unsigned)u != u ) {
+ return 1;
+ }
+
+ *v = u;
+
+ return 0;
+}
+
+int
+lutil_atolx( long *v, const char *s, int x )
+{
+ char *next;
+ long l;
+
+ assert( s != NULL );
+ assert( v != NULL );
+
+ l = strtol( s, &next, x );
+ if ( next == s || next[ 0 ] != '\0' ) {
+ return -1;
+ }
+
+ *v = l;
+
+ return 0;
+}
+
+int
+lutil_atoulx( unsigned long *v, const char *s, int x )
+{
+ char *next;
+ unsigned long ul;
+
+ assert( s != NULL );
+ assert( v != NULL );
+
+ ul = strtoul( s, &next, x );
+ if ( next == s || next[ 0 ] != '\0' ) {
+ return -1;
+ }
+
+ *v = ul;
+
+ return 0;
+}
+
+static char time_unit[] = "dhms";
+
+int
+lutil_parse_time(
+ const char *in,
+ unsigned long *tp )
+{
+ unsigned long t = 0;
+ char *s,
+ *next;
+ int sofar = -1,
+ scale[] = { 86400, 3600, 60, 1 };
+
+ *tp = 0;
+
+ for ( s = (char *)in; s[ 0 ] != '\0'; ) {
+ unsigned long u;
+ char *what;
+
+ u = strtoul( s, &next, 10 );
+ if ( next == s ) {
+ return -1;
+ }
+
+ if ( next[ 0 ] == '\0' ) {
+ /* assume seconds */
+ t += u;
+ break;
+ }
+
+ what = strchr( time_unit, next[ 0 ] );
+ if ( what == NULL ) {
+ return -1;
+ }
+
+ if ( what - time_unit <= sofar ) {
+ return -1;
+ }
+
+ sofar = what - time_unit;
+ t += u * scale[ sofar ];
+
+ s = &next[ 1 ];
+ }
+
+ *tp = t;
+ return 0;
+}
+
+int
+lutil_unparse_time(
+ char *buf,
+ size_t buflen,
+ unsigned long t )
+{
+ int len, i;
+ unsigned long v[ 4 ];
+
+ v[ 0 ] = t/86400;
+ v[ 1 ] = (t%86400)/3600;
+ v[ 2 ] = (t%3600)/60;
+ v[ 3 ] = t%60;
+
+ for ( i = 0; i < 4; i++ ) {
+ if ( v[i] > 0 || i == 3 ) {
+ len = snprintf( buf, buflen, "%lu%c", v[ i ], time_unit[ i ] );
+ if ( len < 0 || (unsigned)len >= buflen ) {
+ return -1;
+ }
+ buflen -= len;
+ buf += len;
+ }
+ }
+
+ return 0;
+}
+
diff --git a/libraries/librewrite/rewrite-int.h b/libraries/librewrite/rewrite-int.h
index fb8dbf6ee47d7fd1c3fc3e544bd73bf7acadd44b..b983af65a4c0c5837b09f457211cbbd52ae4a2ce 100644
--- a/libraries/librewrite/rewrite-int.h
+++ b/libraries/librewrite/rewrite-int.h
@@ -34,7 +34,7 @@
#include <lber.h>
#include <ldap.h>
#include "../libldap/ldap-int.h"
-
+#include <lutil.h>
#include <avl.h>
#include <rewrite.h>
diff --git a/libraries/librewrite/rewrite.c b/libraries/librewrite/rewrite.c
index b040ee7fd2b2a755c18801bbaf265d44d6a1e1ce..95976993f83df9b7dfccd4d4ac0f8a02551478fb 100644
--- a/libraries/librewrite/rewrite.c
+++ b/libraries/librewrite/rewrite.c
@@ -30,6 +30,7 @@
#include <stdio.h>
#include <rewrite.h>
+#include <lutil.h>
#include <ldap.h>
int ldap_debug;
@@ -127,7 +128,6 @@ main( int argc, char *argv[] )
FILE *fin = NULL;
char *rewriteContext = REWRITE_DEFAULT_CONTEXT;
int debug = 0;
- char *next;
while ( 1 ) {
int opt = getopt( argc, argv, "d:f:hr:" );
@@ -138,8 +138,7 @@ main( int argc, char *argv[] )
switch ( opt ) {
case 'd':
- debug = strtol( optarg, &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if ( lutil_atoi( &debug, optarg ) != 0 ) {
fprintf( stderr, "illegal log level '%s'\n",
optarg );
exit( EXIT_FAILURE );
diff --git a/libraries/librewrite/rule.c b/libraries/librewrite/rule.c
index 84ff22b4175918c505e6dd3fad817dc12914d026..dcf7503057fb35338232f21ec9ae9d621a11e1d3 100644
--- a/libraries/librewrite/rule.c
+++ b/libraries/librewrite/rule.c
@@ -233,7 +233,7 @@ rewrite_rule_compile(
}
d[ 0 ] = strtol( &p[ 2 ], &next, 0 );
- if ( next == NULL || next == &p[ 2 ] || next[0] != '}' ) {
+ if ( next == &p[ 2 ] || next[0] != '}' ) {
/* XXX Need to free stuff */
return REWRITE_ERR;
}
@@ -275,7 +275,7 @@ rewrite_rule_compile(
}
max_passes = strtol( &p[ 2 ], &next, 0 );
- if ( next == NULL || next == &p[ 2 ] || next[0] != '}' ) {
+ if ( next == &p[ 2 ] || next[0] != '}' ) {
/* XXX Need to free stuff */
return REWRITE_ERR;
}
diff --git a/servers/slurpd/args.c b/servers/slurpd/args.c
index 4faaadab552c0869a9dcb73c6ee852fc6d49274e..9d9a6baa2e3ac7edc4f5ab6fa380319a13dd76b5 100644
--- a/servers/slurpd/args.c
+++ b/servers/slurpd/args.c
@@ -79,7 +79,8 @@ doargs(
while ( (i = getopt( argc, argv, "d:f:n:or:t:V" )) != EOF ) {
switch ( i ) {
- case 'd': /* set debug level and 'do not detach' flag */
+ case 'd': { /* set debug level and 'do not detach' flag */
+ int level;
g->no_detach = 1;
if ( optarg[0] == '?' ) {
#ifdef LDAP_DEBUG
@@ -108,14 +109,19 @@ doargs(
return( -1 );
}
#ifdef LDAP_DEBUG
- ldap_debug |= atoi( optarg );
+ if ( lutil_atoi( &level, optarg ) != 0 ) {
+ fprintf( stderr, "unable to parse debug flag \"%s\".\n", optarg );
+ usage( g->myname );
+ return( -1 );
+ }
+ ldap_debug |= level;
#else /* !LDAP_DEBUG */
- if ( atoi( optarg ) != 0 )
+ if ( lutil_atoi( &level, optarg ) != 0 || level != 0 )
/* can't enable debugging - not built with debug code */
fputs( "must compile with LDAP_DEBUG for debugging\n",
stderr );
#endif /* LDAP_DEBUG */
- break;
+ } break;
case 'f': /* slapd config file */
LUTIL_SLASHPATH( optarg );
g->slapd_configfile = strdup( optarg );
diff --git a/servers/slurpd/config.c b/servers/slurpd/config.c
index be39480cf50da4ab310f65b03f5a430cd0f1ad79..5e91f405b05e294a0a4e535fce8e18d4e50dcf91 100644
--- a/servers/slurpd/config.c
+++ b/servers/slurpd/config.c
@@ -193,8 +193,7 @@ slurpd_read_config(
return( 1 );
}
- c = atoi( cargv[1] );
- if( c < 1 ) {
+ if ( lutil_atoi( &c, cargv[1] ) != 0 || c < 1 ) {
Debug( LDAP_DEBUG_ANY, "%s: line %d: invalid interval "
"(%d) in \"replicationinterval <seconds>\" line\n",
fname, lineno, c );
@@ -456,7 +455,11 @@ parse_replica_line(
if (( hp = strchr( val, ':' )) != NULL ) {
*hp = '\0';
hp++;
- ri->ri_port = atoi( hp );
+ if ( lutil_atoi( &ri->ri_port, hp ) != 0 ) {
+ fprintf( stderr, "unable to parse port \"%s\", line %d\n",
+ hp, lineno );
+ return -1;
+ }
}
if ( ri->ri_port <= 0 ) {
ri->ri_port = LDAP_PORT;
diff --git a/servers/slurpd/re.c b/servers/slurpd/re.c
index 3633732e5f6cf8a4bc968bef09a7b81a598143c2..eaee503cb227d2e8910ac07788fa8d173838ea42 100644
--- a/servers/slurpd/re.c
+++ b/servers/slurpd/re.c
@@ -49,6 +49,7 @@
#include "slurp.h"
#include "globals.h"
+#include "lutil.h"
/* Forward references */
static Rh *get_repl_hosts LDAP_P(( char *, int *, char ** ));
@@ -187,17 +188,30 @@ Re_parse(
re->re_changetype = getchangetype( value );
state |= GOT_CHANGETYPE;
break;
- case T_TIME:
+ case T_TIME: {
+ unsigned long t;
+
if (( p = strchr( value, '.' )) != NULL ) {
/* there was a sequence number */
*p++ = '\0';
}
- re->re_timestamp = atol( value );
- if ( p != NULL && isdigit( (unsigned char) *p )) {
- re->re_seq = atoi( p );
+ if ( lutil_atoul( &t, value ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "Error: Re_parse: unable to parse timestamp \"%s\"\n",
+ value, 0, 0 );
+ return -1;
+ }
+ re->re_timestamp = (time_t)t;
+ if ( p != NULL && isdigit( (unsigned char) *p )
+ && lutil_atoi( &re->re_seq, p ) != 0 )
+ {
+ Debug( LDAP_DEBUG_ANY,
+ "Error: Re_parse: unable to parse sequence number \"%s\"\n",
+ p, 0, 0 );
+ return -1;
}
state |= GOT_TIME;
- break;
+ } break;
case T_DN:
re->re_dn = ch_malloc( len + 1 );
AC_MEMCPY( re->re_dn, value, len );
@@ -325,8 +339,8 @@ get_repl_hosts(
if (( p = strchr( value, ':' )) != NULL ) {
*p = '\0';
p++;
- if ( *p != '\0' ) {
- port = atoi( p );
+ if ( *p != '\0' && lutil_atoi( &port, p ) != 0 ) {
+ return( NULL );
}
}
diff --git a/servers/slurpd/st.c b/servers/slurpd/st.c
index cb78c2d9c90b4a7d3cce6d8d687c242995befab7..5b31dfb8d5a00f0c1ddda806050ac67c875a3786 100644
--- a/servers/slurpd/st.c
+++ b/servers/slurpd/st.c
@@ -43,6 +43,7 @@
#include "slurp.h"
#include "globals.h"
+#include "lutil.h"
/*
* Add information about replica host specified by Ri to list
@@ -230,11 +231,16 @@ St_read(
found = 0;
for ( i = 0; i < sglob->st->st_nreplicas; i++ ) {
+ int p;
if ( !strcmp( hostname, sglob->st->st_data[ i ]->hostname ) &&
- atoi( port ) == sglob->st->st_data[ i ]->port ) {
+ lutil_atoi( &p, port ) == 0 && p == sglob->st->st_data[ i ]->port )
+ {
found = 1;
- sglob->st->st_data[ i ]->last = atol( timestamp );
- sglob->st->st_data[ i ]->seq = atoi( seq );
+ if ( lutil_atol( &sglob->st->st_data[ i ]->last, timestamp ) != 0
+ || lutil_atoi( &sglob->st->st_data[ i ]->seq, seq ) != 0 )
+ {
+ found = 0;
+ }
break;
}
}