From 7f9e643e4e6b3ad72b49f73767f97e25ad2e7167 Mon Sep 17 00:00:00 2001 From: Arran Cudbard-Bell Date: Wed, 13 Dec 2023 14:13:50 -0600 Subject: [PATCH] Allow encoding name_only attributes if the data is going to be consumed internally --- src/listen/ldap_sync/proto_ldap_sync.c | 4 ++- src/listen/ldap_sync/proto_ldap_sync_ldap.c | 8 +++-- src/protocols/internal/encode.c | 36 ++++++++++++++------- src/protocols/internal/internal.h | 9 ++++++ 4 files changed, 41 insertions(+), 16 deletions(-) diff --git a/src/listen/ldap_sync/proto_ldap_sync.c b/src/listen/ldap_sync/proto_ldap_sync.c index c49f09e9cdc..ca79e72539d 100644 --- a/src/listen/ldap_sync/proto_ldap_sync.c +++ b/src/listen/ldap_sync/proto_ldap_sync.c @@ -31,6 +31,8 @@ #include +static fr_internal_encode_ctx_t encode_ctx = { .allow_name_only = true }; + extern fr_app_t proto_ldap_sync; static int transport_parse(TALLOC_CTX *ctx, void *out, UNUSED void *parent, CONF_ITEM *ci, conf_parser_t const *rule); @@ -227,7 +229,7 @@ static ssize_t mod_encode(UNUSED void const *instance, request_t *request, uint8 } send: - if (fr_internal_encode_list(&dbuff, &pairs, NULL) < 0) goto error; + if (fr_internal_encode_list(&dbuff, &pairs, &encode_ctx) < 0) goto error; talloc_free(local); return fr_dbuff_used(&dbuff); diff --git a/src/listen/ldap_sync/proto_ldap_sync_ldap.c b/src/listen/ldap_sync/proto_ldap_sync_ldap.c index f63ecb2c40e..be078563f21 100644 --- a/src/listen/ldap_sync/proto_ldap_sync_ldap.c +++ b/src/listen/ldap_sync/proto_ldap_sync_ldap.c @@ -41,6 +41,8 @@ USES_APPLE_DEPRECATED_API #include "persistent_search.h" #include "active_directory.h" +static fr_internal_encode_ctx_t encode_ctx = { .allow_name_only = true }; + extern fr_app_io_t proto_ldap_sync_ldap; extern fr_app_io_t proto_ldap_sync_child; @@ -322,7 +324,7 @@ int ldap_sync_cookie_send(sync_packet_ctx_t *sync_packet_ctx) if (!vp) goto error; } - if (fr_internal_encode_list(dbuff, &pairs, NULL) < 0) goto error; + if (fr_internal_encode_list(dbuff, &pairs, &encode_ctx) < 0) goto error; talloc_free(local); if (fr_network_listen_send_packet(thread->nr, thread->li, thread->li, fr_dbuff_buff(dbuff), @@ -354,7 +356,7 @@ static int ldap_sync_entry_send_network(sync_packet_ctx_t *sync_packet_ctx) FR_DBUFF_TALLOC_THREAD_LOCAL(&dbuff, 1024, 4096); - if (fr_internal_encode_list(dbuff, &sync_packet_ctx->pairs, NULL) < 0) return -1; + if (fr_internal_encode_list(dbuff, &sync_packet_ctx->pairs, &encode_ctx) < 0) return -1; if (fr_network_listen_send_packet(thread->nr, thread->li, thread->li, fr_dbuff_buff(dbuff), fr_dbuff_used(dbuff), fr_time(), sync_packet_ctx) < 0) return -1; @@ -839,7 +841,7 @@ static int proto_ldap_cookie_load_send(TALLOC_CTX *ctx, proto_ldap_sync_ldap_t c FR_DBUFF_TALLOC_THREAD_LOCAL(&dbuff, 1024, 4096); - if (fr_internal_encode_list(dbuff, &pairs, NULL) < 0) return -1; + if (fr_internal_encode_list(dbuff, &pairs, &encode_ctx) < 0) return -1; if (fr_network_listen_send_packet(thread->nr, thread->li, thread->li, fr_dbuff_buff(dbuff), fr_dbuff_used(dbuff), diff --git a/src/protocols/internal/encode.c b/src/protocols/internal/encode.c index 29240906c42..8755513cda7 100644 --- a/src/protocols/internal/encode.c +++ b/src/protocols/internal/encode.c @@ -31,6 +31,9 @@ #include #include + +static fr_internal_encode_ctx_t default_encode_ctx = { }; + /** We use the same header for all types * */ @@ -50,18 +53,27 @@ static ssize_t internal_encode(fr_dbuff_t *dbuff, fr_da_stack_t *da_stack, unsigned int depth, fr_dcursor_t *cursor, void *encode_ctx) { - fr_dbuff_t work_dbuff = FR_DBUFF(dbuff); - fr_dbuff_marker_t enc_field, len_field, value_field; - fr_dbuff_t value_dbuff; - fr_dict_attr_t const *da = da_stack->da[depth]; - fr_pair_t *vp = fr_dcursor_current(cursor); - bool unknown = false, internal = false; - - ssize_t slen; - size_t flen, vlen, mlen; - - uint8_t buff[sizeof(uint64_t)]; - uint8_t enc_byte = 0; + fr_dbuff_t work_dbuff = FR_DBUFF(dbuff); + fr_dbuff_marker_t enc_field, len_field, value_field; + fr_dbuff_t value_dbuff; + fr_dict_attr_t const *da = da_stack->da[depth]; + fr_pair_t *vp = fr_dcursor_current(cursor); + bool unknown = false, internal = false; + + ssize_t slen; + size_t flen, vlen, mlen; + + uint8_t buff[sizeof(uint64_t)]; + uint8_t enc_byte = 0; + fr_internal_encode_ctx_t *our_encode_ctx = encode_ctx; + + if (!our_encode_ctx) our_encode_ctx = &default_encode_ctx; + + /* + * Silently skip name only attributes if we're writing + * to a database or cache. + */ + if (!our_encode_ctx->allow_name_only && vp->da->flags.name_only) return 0; FR_PROTO_STACK_PRINT(da_stack, depth); diff --git a/src/protocols/internal/internal.h b/src/protocols/internal/internal.h index c8ecc55faef..e4c6773163c 100644 --- a/src/protocols/internal/internal.h +++ b/src/protocols/internal/internal.h @@ -32,6 +32,15 @@ #define FR_INTERNAL_FLAG_UNKNOWN 0x80 #define FR_INTERNAL_FLAG_INTERNAL 0x40 +typedef struct { + bool allow_name_only; //!< Allow name only pairs. This should be set + ///< to true when encoding data that's being + ///< passed between threads in the same process. + ///< It should be set to false when encoding + ///< data that's stored in an external database + ///< or in the cache module. +} fr_internal_encode_ctx_t; + /* * $Id$ * -- 2.47.3