From: Arran Cudbard-Bell Date: Wed, 6 Sep 2023 03:58:02 +0000 (-0600) Subject: ldap: Take a ctx in fr_lap_map_expand X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=071135b0fbf96364475b8b3941998165d8cc3adc;p=thirdparty%2Ffreeradius-server.git ldap: Take a ctx in fr_lap_map_expand --- diff --git a/src/lib/ldap/base.h b/src/lib/ldap/base.h index fddacbc1d50..b63c8e5e752 100644 --- a/src/lib/ldap/base.h +++ b/src/lib/ldap/base.h @@ -848,7 +848,7 @@ int fr_ldap_map_getvalue(TALLOC_CTX *ctx, fr_pair_list_t *out, request_t *reque int fr_ldap_map_verify(map_t *map, void *instance); -int fr_ldap_map_expand(fr_ldap_map_exp_t *expanded, request_t *request, map_list_t const *maps); +int fr_ldap_map_expand(TALLOC_CTX *ctx, fr_ldap_map_exp_t *expanded, request_t *request, map_list_t const *maps); int fr_ldap_map_do(request_t *request, char const *valuepair_attr, fr_ldap_map_exp_t const *expanded, LDAPMessage *entry); diff --git a/src/lib/ldap/map.c b/src/lib/ldap/map.c index 375c030eee3..4fbdbf6342b 100644 --- a/src/lib/ldap/map.c +++ b/src/lib/ldap/map.c @@ -254,26 +254,27 @@ int fr_ldap_map_verify(map_t *map, UNUSED void *instance) /** Expand values in an attribute map where needed * - * @param[out] expanded array of attributes. Need not be initialised (we'll initialise). - * @param[in] request The current request. - * @param[in] maps to expand. + * @param[in] ctx to allocate any dynamic expansions in. + * @param[out] expanded array of attributes. Need not be initialised (we'll initialise). + * @param[in] request The current request. + * @param[in] maps to expand. * @return * - 0 on success. * - -1 on failure. */ -int fr_ldap_map_expand(fr_ldap_map_exp_t *expanded, request_t *request, map_list_t const *maps) +int fr_ldap_map_expand(TALLOC_CTX *ctx, fr_ldap_map_exp_t *expanded, request_t *request, map_list_t const *maps) { map_t const *map = NULL; unsigned int total = 0; - TALLOC_CTX *ctx = NULL; + TALLOC_CTX *our_ctx = NULL; char const *attr; char attr_buff[1024 + 1]; /* X.501 says we need to support at least 1024 chars for attr names */ while ((map = map_list_next(maps, map))) { if (tmpl_expand(&attr, attr_buff, sizeof(attr_buff), request, map->rhs, NULL, NULL) < 0) { REDEBUG("Expansion of LDAP attribute \"%s\" failed", map->rhs->name); - TALLOC_FREE(ctx); + TALLOC_FREE(our_ctx); return -1; } @@ -281,14 +282,13 @@ int fr_ldap_map_expand(fr_ldap_map_exp_t *expanded, request_t *request, map_list * Dynamic value */ if (attr == attr_buff) { - if (!ctx) ctx = talloc_new(NULL); - expanded->attrs[total++] = talloc_strdup(ctx, attr_buff); + if (!our_ctx) our_ctx = talloc_new(ctx); + expanded->attrs[total++] = talloc_strdup(our_ctx, attr_buff); continue; } expanded->attrs[total++] = attr; } expanded->attrs[total] = NULL; - expanded->ctx = ctx; /* Freeing this frees any dynamic values */ expanded->count = total; expanded->maps = maps; diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c index e5d37032e87..3388b40ee48 100644 --- a/src/modules/rlm_ldap/rlm_ldap.c +++ b/src/modules/rlm_ldap/rlm_ldap.c @@ -1093,7 +1093,7 @@ static unlang_action_t mod_map_proc(rlm_rcode_t *p_result, void *mod_inst, UNUSE /* * Expand the RHS of the maps to get the name of the attributes. */ - if (fr_ldap_map_expand(&map_ctx->expanded, request, maps) < 0) goto fail; + if (fr_ldap_map_expand(map_ctx, &map_ctx->expanded, request, maps) < 0) goto fail; /* * If the URL is :/// the parsed host will be NULL - use config default @@ -1539,7 +1539,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * for many things besides searching for users. */ - if (fr_ldap_map_expand(expanded, request, &inst->user_map) < 0) { + if (fr_ldap_map_expand(autz_ctx, expanded, request, &inst->user_map) < 0) { fail: talloc_free(autz_ctx); RETURN_MODULE_FAIL; diff --git a/src/modules/rlm_ldap/rlm_ldap.h b/src/modules/rlm_ldap/rlm_ldap.h index 6157463d2dc..9ffca4c46c5 100644 --- a/src/modules/rlm_ldap/rlm_ldap.h +++ b/src/modules/rlm_ldap/rlm_ldap.h @@ -271,5 +271,6 @@ unlang_action_t rlm_ldap_check_userobj_dynamic(rlm_rcode_t *p_result, request_t unlang_action_t rlm_ldap_check_cached(rlm_rcode_t *p_result, rlm_ldap_t const *inst, request_t *request, fr_value_box_t const *check); -unlang_action_t rlm_ldap_map_profile(rlm_ldap_t const *inst, request_t *request, fr_ldap_thread_trunk_t *ttrunk, +unlang_action_t rlm_ldap_map_profile(fr_ldap_result_code_t *ret, + rlm_ldap_t const *inst, request_t *request, fr_ldap_thread_trunk_t *ttrunk, char const *dn, int scope, char const *filter, fr_ldap_map_exp_t const *expanded);