Print this page
12236 getmembers_DN doesn't properly handle errors from __ns_ldap_dn2uid
12240 nss_ldap does not properly look up group members by distinguished name
*** 20,29 ****
--- 20,30 ----
*/
/*
* Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright 2017 Nexenta Systems, Inc. All rights reserved.
+ * Copyright 2020 Joyent, Inc.
*/
#ifndef _NS_INTERNAL_H
#define _NS_INTERNAL_H
*** 65,76 ****
#define CONFIGFILE 1
#define UIDNUMFILTER "(&(objectclass=posixAccount)(uidnumber=%s))"
#define UIDNUMFILTER_SSD "(&(%%s)(uidnumber=%s))"
#define UIDFILTER "(&(objectclass=posixAccount)(uid=%s))"
#define UIDFILTER_SSD "(&(%%s)(uid=%s))"
! #define UIDDNFILTER "(&(objectclass=posixAccount)(distinguishedName=%s))"
! #define UIDDNFILTER_SSD "(&(%%s)(distinguishedName=%s))"
#define HOSTFILTER "(&(objectclass=ipHost)(cn=%s))"
#define HOSTFILTER_SSD "(&(%%s)(cn=%s))"
#define SIMPLEPAGECTRLFLAG 1
--- 66,76 ----
#define CONFIGFILE 1
#define UIDNUMFILTER "(&(objectclass=posixAccount)(uidnumber=%s))"
#define UIDNUMFILTER_SSD "(&(%%s)(uidnumber=%s))"
#define UIDFILTER "(&(objectclass=posixAccount)(uid=%s))"
#define UIDFILTER_SSD "(&(%%s)(uid=%s))"
! #define UIDDNFILTER "(objectclass=posixAccount)"
#define HOSTFILTER "(&(objectclass=ipHost)(cn=%s))"
#define HOSTFILTER_SSD "(&(%%s)(cn=%s))"
#define SIMPLEPAGECTRLFLAG 1
*** 763,772 ****
--- 763,773 ----
ns_server_info_t *ret, ns_ldap_error_t **error, const char *addrType);
/* ************ internal sldap-api functions *********** */
void __ns_ldap_freeEntry(ns_ldap_entry_t *ep);
+ void __ns_ldap_freeASearchDesc(ns_ldap_search_desc_t *);
void __s_api_split_key_value(char *buffer, char **name, char **value);
int __s_api_printResult(ns_ldap_result_t *);
int __s_api_getSearchScope(int *, ns_ldap_error_t **);
int __s_api_getDNs(char ***, const char *,
ns_ldap_error_t **);
*** 854,883 ****
int __ns_ldap_cache_ping();
ns_ldap_error_t *__ns_ldap_print_config(int);
void __ns_ldap_default_config();
int __ns_ldap_download(const char *, char *, char *,
ns_ldap_error_t **);
! int
! __ns_ldap_check_dns_preq(int foreground,
! int mode_verbose,
! int mode_quiet,
! const char *fname,
! ns_ldap_self_gssapi_config_t config,
ns_ldap_error_t **errpp);
! int
! __ns_ldap_check_gssapi_preq(int foreground,
! int mode_verbose,
! int mode_quiet,
! ns_ldap_self_gssapi_config_t config,
ns_ldap_error_t **errpp);
- int
- __ns_ldap_check_all_preq(int foreground,
- int mode_verbose,
- int mode_quiet,
- ns_ldap_self_gssapi_config_t config,
- ns_ldap_error_t **errpp);
/* internal un-exposed APIs */
ns_cred_t *__ns_ldap_dupAuth(const ns_cred_t *authp);
boolean_t __s_api_is_auth_matched(const ns_cred_t *auth1,
const ns_cred_t *auth2);
int __s_api_get_SSD_from_SSDtoUse_service(const char *service,
--- 855,875 ----
int __ns_ldap_cache_ping();
ns_ldap_error_t *__ns_ldap_print_config(int);
void __ns_ldap_default_config();
int __ns_ldap_download(const char *, char *, char *,
ns_ldap_error_t **);
! int __ns_ldap_check_dns_preq(int foreground, int mode_verbose, int mode_quiet,
! const char *fname, ns_ldap_self_gssapi_config_t config,
ns_ldap_error_t **errpp);
!
! int __ns_ldap_check_gssapi_preq(int foreground, int mode_verbose,
! int mode_quiet, ns_ldap_self_gssapi_config_t config,
ns_ldap_error_t **errpp);
+ int __ns_ldap_check_all_preq(int foreground, int mode_verbose, int mode_quiet,
+ ns_ldap_self_gssapi_config_t config, ns_ldap_error_t **errpp);
+
/* internal un-exposed APIs */
ns_cred_t *__ns_ldap_dupAuth(const ns_cred_t *authp);
boolean_t __s_api_is_auth_matched(const ns_cred_t *auth1,
const ns_cred_t *auth2);
int __s_api_get_SSD_from_SSDtoUse_service(const char *service,