From: Marco Bettini <marco.bettini@open-xchange.com>
Date: Wed, 10 Jul 2024 08:36:14 +0000 (+0000)
Subject: auth: ldap - Move *attrs_names away from struct ldap connection
X-Git-Tag: 2.4.1~761
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=451bc2d1004f06cba41a891721fd2f9d07dcd292;p=thirdparty%2Fdovecot%2Fcore.git

auth: ldap - Move *attrs_names away from struct ldap connection

Multiple db instances sharing the same ldap connection were
overwriting each other attribute's fields in preinit as all
preinits are done before using the connections.
---

diff --git a/src/auth/db-ldap.h b/src/auth/db-ldap.h
index 7efdf7387d..e9aaaf637b 100644
--- a/src/auth/db-ldap.h
+++ b/src/auth/db-ldap.h
@@ -139,7 +139,6 @@ struct ldap_connection {
 	/* Timestamp when we last received a reply */
 	time_t last_reply_stamp;
 
-	const char *const *pass_attr_names, *const *user_attr_names, *const *iterate_attr_names;
 	bool delayed_connect;
 };
 
diff --git a/src/auth/passdb-ldap.c b/src/auth/passdb-ldap.c
index e78cbf8950..aa9d79f40d 100644
--- a/src/auth/passdb-ldap.c
+++ b/src/auth/passdb-ldap.c
@@ -22,6 +22,7 @@ struct ldap_passdb_module {
 	struct passdb_module module;
 
 	struct ldap_connection *conn;
+	const char *const *attributes;
 };
 
 struct passdb_ldap_request {
@@ -283,19 +284,18 @@ static void ldap_lookup_pass(struct auth_request *auth_request,
 		(struct ldap_passdb_module *)_module;
 	struct ldap_connection *conn = module->conn;
 	struct ldap_request_search *srequest = &request->request.search;
-	const char *const *attr_names = conn->pass_attr_names;
 
 	request->require_password = require_password;
 	srequest->request.type = LDAP_REQUEST_TYPE_SEARCH;
 	srequest->base = p_strdup(auth_request->pool, ldap_set->base);
 	srequest->filter = p_strdup(auth_request->pool, ldap_set->filter);
-	srequest->attributes = conn->pass_attr_names;
+	srequest->attributes = module->attributes;
 
 	e_debug(authdb_event(auth_request), "pass search: "
 		"base=%s scope=%s filter=%s fields=%s",
 		srequest->base, conn->set->scope,
-		srequest->filter, attr_names == NULL ? "(all)" :
-		t_strarray_join(attr_names, ","));
+		srequest->filter,
+		t_strarray_join(module->attributes, ","));
 
 	srequest->request.callback = ldap_lookup_pass_callback;
 	db_ldap_request(conn, &srequest->request);
@@ -318,7 +318,7 @@ static void ldap_bind_lookup_dn(struct auth_request *auth_request,
 	/* we don't need the attributes to perform authentication, but they
 	   may contain some extra parameters. if a password is returned,
 	   it's just ignored. */
-	srequest->attributes = conn->pass_attr_names;
+	srequest->attributes = module->attributes;
 
 	e_debug(authdb_event(auth_request),
 		"bind search: base=%s filter=%s",
@@ -440,8 +440,8 @@ static int passdb_ldap_preinit(pool_t pool, struct event *event,
 	module = p_new(pool, struct ldap_passdb_module, 1);
 	module->conn = conn = db_ldap_init(event);
 
-	db_ldap_get_attribute_names(conn->pool, &auth_post->fields,
-				    &conn->pass_attr_names,
+	db_ldap_get_attribute_names(pool, &auth_post->fields,
+				    &module->attributes,
 				    ldap_pre->passdb_ldap_bind ? "password" : NULL);
 
 	module->module.default_cache_key = auth_cache_parse_key_and_fields(
diff --git a/src/auth/userdb-ldap.c b/src/auth/userdb-ldap.c
index dea36130c2..6e6eb270bc 100644
--- a/src/auth/userdb-ldap.c
+++ b/src/auth/userdb-ldap.c
@@ -21,6 +21,8 @@ struct ldap_userdb_module {
 	struct userdb_module module;
 
 	struct ldap_connection *conn;
+	const char *const *attributes;
+	const char *const *iterate_attributes;
 };
 
 struct userdb_ldap_request {
@@ -110,11 +112,9 @@ static void userdb_ldap_lookup(struct auth_request *auth_request,
 			       userdb_callback_t *callback)
 {
 	struct userdb_module *_module = auth_request->userdb->userdb;
-	struct ldap_userdb_module *module =
-		(struct ldap_userdb_module *)_module;
+	struct ldap_userdb_module *module = (struct ldap_userdb_module *)_module;
 	struct ldap_connection *conn = module->conn;
 	struct event *event = authdb_event(auth_request);
-	const char **attr_names = (const char **)conn->user_attr_names;
 
 	struct userdb_ldap_request *request;
 	const char *error;
@@ -134,15 +134,14 @@ static void userdb_ldap_lookup(struct auth_request *auth_request,
 	request->userdb_callback = callback;
 	request->request.base = p_strdup(auth_request->pool, ldap_pre->base);
 	request->request.filter = p_strdup(auth_request->pool, ldap_pre->filter);
-	request->request.attributes = conn->user_attr_names;
+	request->request.attributes = module->attributes;
 
 	settings_free(ldap_pre);
 
 	e_debug(event, "user search: base=%s scope=%s filter=%s fields=%s",
 		request->request.base, conn->set->scope,
 		request->request.filter,
-		attr_names == NULL ? "(all)" :
-		t_strarray_join(attr_names, ","));
+		t_strarray_join(module->attributes, ","));
 
 	request->request.request.auth_request = auth_request;
 	request->request.request.callback = userdb_ldap_lookup_callback;
@@ -239,7 +238,6 @@ userdb_ldap_iterate_init(struct auth_request *auth_request,
 
 	struct ldap_userdb_iterate_context *ctx;
 	struct userdb_iter_ldap_request *request;
-	const char **attr_names = (const char **)conn->iterate_attr_names;
 	const char *error;
 
 	ctx = p_new(auth_request->pool, struct ldap_userdb_iterate_context, 1);
@@ -264,14 +262,15 @@ userdb_ldap_iterate_init(struct auth_request *auth_request,
 	request->request.request.auth_request = auth_request;
 	request->request.base = p_strdup(auth_request->pool, ldap_pre->base);
 	request->request.filter = p_strdup(auth_request->pool, ldap_pre->iterate_filter);
-	request->request.attributes = conn->iterate_attr_names;
+	request->request.attributes = module->iterate_attributes;
 	request->request.multi_entry = TRUE;
 	settings_free(ldap_pre);
 
 	e_debug(event, "ldap: iterate: base=%s scope=%s filter=%s fields=%s",
 		request->request.base, conn->set->scope,
-		request->request.filter, attr_names == NULL ? "(all)" :
-		t_strarray_join(attr_names, ","));
+		request->request.filter,
+		t_strarray_join(module->iterate_attributes, ","));
+
 	request->request.request.callback = userdb_ldap_iterate_callback;
 	db_ldap_request(conn, &request->request.request);
 	return &ctx->ctx;
@@ -326,10 +325,10 @@ static int userdb_ldap_preinit(pool_t pool, struct event *event,
 	module = p_new(pool, struct ldap_userdb_module, 1);
 	module->conn = conn = db_ldap_init(event);
 
-	db_ldap_get_attribute_names(conn->pool, &auth_post->fields,
-				    &conn->user_attr_names, NULL);
-	db_ldap_get_attribute_names(conn->pool, &ldap_post->iterate_fields,
-				    &conn->iterate_attr_names, NULL);
+	db_ldap_get_attribute_names(pool, &auth_post->fields,
+				    &module->attributes, NULL);
+	db_ldap_get_attribute_names(pool, &ldap_post->iterate_fields,
+				    &module->iterate_attributes, NULL);
 
 	module->module.default_cache_key = auth_cache_parse_key_and_fields(
 		pool, t_strconcat(ldap_pre->base, ldap_pre->filter, NULL),