X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/e3e281ccf9d8777d0df98ddd644720573e0343d1..a85c067ba6c6940512cf57ec213277a370d87e70:/src/src/lookups/ldap.c diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c index b1958d2b2..17c431e5c 100644 --- a/src/src/lookups/ldap.c +++ b/src/src/lookups/ldap.c @@ -2,9 +2,10 @@ * Exim - an Internet mail transport agent * *************************************************/ +/* Copyright (c) The Exim Maintainers 2020 - 2022 */ /* Copyright (c) University of Cambridge 1995 - 2018 */ -/* Copyright (c) The Exim Maintainers 2020 - 2021 */ /* See the file NOTICE for conditions of use and distribution. */ +/* SPDX-License-Identifier: GPL-2.0-only */ /* Many thanks to Stuart Lynne for contributing the original code for this driver. Further contributions from Michael Haardt, Brian Candler, Barry @@ -496,7 +497,7 @@ if (!lcp) /* Now add this connection to the chain of cached connections */ - lcp = store_get(sizeof(LDAP_CONNECTION), FALSE); + lcp = store_get(sizeof(LDAP_CONNECTION), GET_UNTAINTED); lcp->host = host ? string_copy(host) : NULL; lcp->bound = FALSE; lcp->user = NULL; @@ -1405,6 +1406,7 @@ Arguments: s the string to be quoted opt additional option text or NULL if none only "dn" is recognized + idx lookup type index Returns: the processed string or NULL for a bad option */ @@ -1430,18 +1432,15 @@ quote_ldap_dn, respectively. */ static uschar * -eldap_quote(uschar *s, uschar *opt) +eldap_quote(uschar * s, uschar * opt, unsigned idx) { -register int c; -int count = 0; -int len = 0; +int c, count = 0, len = 0; BOOL dn = FALSE; -uschar *t = s; -uschar *quoted; +uschar * t = s, * quoted; /* Test for a DN quotation. */ -if (opt != NULL) +if (opt) { if (Ustrcmp(opt, "dn") != 0) return NULL; /* No others recognized */ dn = TRUE; @@ -1454,24 +1453,25 @@ where, for example, < turns into %5C%3C. For simplicity, we just add 5 for each possibly escaped character. The really fast way would be just to test for non-alphanumerics, but it is probably better to spot a few others that are never escaped, because if there are no specials at all, we can avoid copying -the string. */ +the string. +XXX No longer true; we always copy, to support quoted-enforcement */ -while ((c = *t++) != 0) +while ((c = *t++)) { len++; if (!isalnum(c) && Ustrchr(ALWAYS_LITERAL, c) == NULL) count += 5; } -if (count == 0) return s; +/*if (count == 0) return s;*/ /* Get sufficient store to hold the quoted string */ -t = quoted = store_get(len + count + 1, is_tainted(s)); +t = quoted = store_get_quoted(len + count + 1, s, idx); /* Handle plain quote_ldap */ if (!dn) { - while ((c = *s++) != 0) + while ((c = *s++)) { if (!isalnum(c)) { @@ -1496,7 +1496,7 @@ if (!dn) else { - uschar *ss = s + len; + uschar * ss = s + len; /* Find the last char before any trailing spaces */ @@ -1558,12 +1558,13 @@ return quoted; #include "../version.h" -void -ldap_version_report(FILE *f) +gstring * +ldap_version_report(gstring * g) { #ifdef DYNLOOKUP -fprintf(f, "Library version: LDAP: Exim version %s\n", EXIM_VERSION_STR); +g = string_fmt_append(g, "Library version: LDAP: Exim version %s\n", EXIM_VERSION_STR); #endif +return g; }