SPDX: license tags (mostly by guesswork)

[exim.git] / src / src / lookups / ldap.c

diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index e2dbe51624b23e3ef3c04a87c6bcc84faef91e06..17c431e5c7e7d43270dff8cd81d2eeb99435268e 100644 (file)
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -2,9 +2,10 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 

+/* Copyright (c) The Exim Maintainers 2020 - 2022 */

 /* Copyright (c) University of Cambridge 1995 - 2018 */
 /* Copyright (c) University of Cambridge 1995 - 2018 */

-/* Copyright (c) The Exim Maintainers 2020 */

 /* See the file NOTICE for conditions of use and distribution. */
 /* See the file NOTICE for conditions of use and distribution. */

+/* SPDX-License-Identifier: GPL-2.0-only */

 
 /* Many thanks to Stuart Lynne for contributing the original code for this
 driver. Further contributions from Michael Haardt, Brian Candler, Barry
 
 /* Many thanks to Stuart Lynne for contributing the original code for this
 driver. Further contributions from Michael Haardt, Brian Candler, Barry


@@ -496,7 +497,7 @@ if (!lcp)
 
   /* Now add this connection to the chain of cached connections */
 
 
   /* Now add this connection to the chain of cached connections */
 

-  lcp = store_get(sizeof(LDAP_CONNECTION), FALSE);
+  lcp = store_get(sizeof(LDAP_CONNECTION), GET_UNTAINTED);

   lcp->host = host ? string_copy(host) : NULL;
   lcp->bound = FALSE;
   lcp->user = NULL;
   lcp->host = host ? string_copy(host) : NULL;
   lcp->bound = FALSE;
   lcp->user = NULL;


@@ -1091,9 +1092,7 @@ const uschar *p;
 uschar *user = NULL;
 uschar *password = NULL;
 uschar *local_servers = NULL;
 uschar *user = NULL;
 uschar *password = NULL;
 uschar *local_servers = NULL;

-uschar *server;

 const uschar *list;
 const uschar *list;

-uschar buffer[512];

 
 while (isspace(*url)) url++;
 
 
 while (isspace(*url)) url++;
 


@@ -1251,13 +1250,13 @@ if (!eldap_default_servers && !local_servers  || p[3] != '/')
     &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
     referrals);
 
     &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
     referrals);
 

-/* Loop through the default servers until OK or FAIL. Use local_servers list
- * if defined in the lookup, otherwise use the global default list */
-list = !local_servers ? eldap_default_servers : local_servers;
-while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer))))
+/* Loop through the servers until OK or FAIL. Use local_servers list
+if defined in the lookup, otherwise use the global default list */
+
+list = local_servers ? local_servers : eldap_default_servers;
+for (uschar * server; server = string_nextinlist(&list, &sep, NULL, 0); )

   {
   {

-  int rc;
-  int port = 0;
+  int rc, port = 0;

   uschar *colon = Ustrchr(server, ':');
   if (colon)
     {
   uschar *colon = Ustrchr(server, ':');
   if (colon)
     {


@@ -1407,6 +1406,7 @@ Arguments:
   s          the string to be quoted
   opt        additional option text or NULL if none
              only "dn" is recognized
   s          the string to be quoted
   opt        additional option text or NULL if none
              only "dn" is recognized

+  idx       lookup type index

 
 Returns:     the processed string or NULL for a bad option
 */
 
 Returns:     the processed string or NULL for a bad option
 */


@@ -1432,18 +1432,15 @@ quote_ldap_dn, respectively. */
 
 
 static uschar *
 
 
 static uschar *

-eldap_quote(uschar *s, uschar *opt)
+eldap_quote(uschar * s, uschar * opt, unsigned idx)

 {
 {

-register int c;
-int count = 0;
-int len = 0;
+int c, count = 0, len = 0;

 BOOL dn = FALSE;
 BOOL dn = FALSE;

-uschar *t = s;
-uschar *quoted;
+uschar * t = s, * quoted;

 
 /* Test for a DN quotation. */
 
 
 /* Test for a DN quotation. */
 

-if (opt != NULL)
+if (opt)

   {
   if (Ustrcmp(opt, "dn") != 0) return NULL;    /* No others recognized */
   dn = TRUE;
   {
   if (Ustrcmp(opt, "dn") != 0) return NULL;    /* No others recognized */
   dn = TRUE;


@@ -1456,24 +1453,25 @@ where, for example, < turns into %5C%3C. For simplicity, we just add 5 for each
 possibly escaped character. The really fast way would be just to test for
 non-alphanumerics, but it is probably better to spot a few others that are
 never escaped, because if there are no specials at all, we can avoid copying
 possibly escaped character. The really fast way would be just to test for
 non-alphanumerics, but it is probably better to spot a few others that are
 never escaped, because if there are no specials at all, we can avoid copying

-the string. */
+the string.
+XXX No longer true; we always copy, to support quoted-enforcement */

 
 

-while ((c = *t++) != 0)
+while ((c = *t++))

   {
   len++;
   if (!isalnum(c) && Ustrchr(ALWAYS_LITERAL, c) == NULL) count += 5;
   }
   {
   len++;
   if (!isalnum(c) && Ustrchr(ALWAYS_LITERAL, c) == NULL) count += 5;
   }

-if (count == 0) return s;
+/*if (count == 0) return s;*/

 
 /* Get sufficient store to hold the quoted string */
 
 
 /* Get sufficient store to hold the quoted string */
 

-t = quoted = store_get(len + count + 1, is_tainted(s));
+t = quoted = store_get_quoted(len + count + 1, s, idx);

 
 /* Handle plain quote_ldap */
 
 if (!dn)
   {
 
 /* Handle plain quote_ldap */
 
 if (!dn)
   {

-  while ((c = *s++) != 0)
+  while ((c = *s++))

     {
     if (!isalnum(c))
       {
     {
     if (!isalnum(c))
       {


@@ -1498,7 +1496,7 @@ if (!dn)
 
 else
   {
 
 else
   {

-  uschar *ss = s + len;
+  uschar * ss = s + len;

 
   /* Find the last char before any trailing spaces */
 
 
   /* Find the last char before any trailing spaces */
 


@@ -1560,12 +1558,13 @@ return quoted;
 
 #include "../version.h"
 
 
 #include "../version.h"
 

-void
-ldap_version_report(FILE *f)
+gstring *
+ldap_version_report(gstring * g)

 {
 #ifdef DYNLOOKUP
 {
 #ifdef DYNLOOKUP

-fprintf(f, "Library version: LDAP: Exim version %s\n", EXIM_VERSION_STR);
+g = string_fmt_append(g, "Library version: LDAP: Exim version %s\n", EXIM_VERSION_STR);

 #endif
 #endif

+return g;

 }
 
 
 }