--------------------- PatchSet 11584 Date: 2007/08/22 00:34:21 Author: hno Branch: SQUID_2_6 Tag: (none) Log: MFC: clean up digest_ldap_auth usage help and const correctness Merged changes: 2007/07/31 00:17:55 hno +25 -25 clean up digest_ldap_auth usage help and const correctness Members: helpers/digest_auth/ldap/ldap_backend.c:1.3->1.3.2.1 Index: squid/helpers/digest_auth/ldap/ldap_backend.c =================================================================== RCS file: /cvsroot/squid/squid/helpers/digest_auth/ldap/ldap_backend.c,v retrieving revision 1.3 retrieving revision 1.3.2.1 diff -u -r1.3 -r1.3.2.1 --- squid/helpers/digest_auth/ldap/ldap_backend.c 27 Dec 2006 18:26:39 -0000 1.3 +++ squid/helpers/digest_auth/ldap/ldap_backend.c 22 Aug 2007 00:34:21 -0000 1.3.2.1 @@ -52,14 +52,14 @@ /* Globals */ static LDAP *ld = NULL; -static char *passattr = NULL; -static char *ldapServer = NULL; -static char *userbasedn = NULL; -static char *userdnattr = NULL; -static char *usersearchfilter = NULL; -static char *binddn = NULL; -static char *bindpasswd = NULL; -static char *delimiter = ":"; +static const char *passattr = NULL; +static const char *ldapServer = NULL; +static const char *userbasedn = NULL; +static const char *userdnattr = NULL; +static const char *usersearchfilter = NULL; +static const char *binddn = NULL; +static const char *bindpasswd = NULL; +static const char *delimiter = ":"; static int encrpass = 0; static int searchscope = LDAP_SCOPE_SUBTREE; static int persistent = 0; @@ -82,7 +82,7 @@ #endif static void ldapconnect(void); -static int readSecret(char *filename); +static int readSecret(const char *filename); /* Yuck.. we need to glue to different versions of the API */ @@ -398,8 +398,8 @@ setbuf(stdout, NULL); while (argc > 1 && argv[1][0] == '-') { - char *value = ""; - char option = argv[1][1]; + const char *value = ""; + const char option = argv[1][1]; switch (option) { case 'P': case 'R': @@ -434,7 +434,7 @@ int len = strlen(ldapServer) + 1 + strlen(value) + 1; char *newhost = malloc(len); snprintf(newhost, len, "%s %s", ldapServer, value); - free(ldapServer); + free((char *)ldapServer); ldapServer = newhost; } else { ldapServer = strdup(value); @@ -560,7 +560,7 @@ int len = strlen(ldapServer) + 1 + strlen(value) + 1; char *newhost = malloc(len); snprintf(newhost, len, "%s %s", ldapServer, value); - free(ldapServer); + free((char *)ldapServer); ldapServer = newhost; } else { ldapServer = strdup(value); @@ -573,13 +573,13 @@ ldapServer = "localhost"; if (!userbasedn || !passattr) { - fprintf(stderr, "Usage: " PROGRAM_NAME " -b basedn -f filter [options] ldap_server_name\n\n"); + fprintf(stderr, "Usage: " PROGRAM_NAME " -b basedn -A passwdattr -F filter | -u userattr [options] [ldap_server_name]\n\n"); fprintf(stderr, "\t-A password attribute(REQUIRED)\t\tUser attribute that contains the password\n"); - fprintf(stderr, "\t-l password realm delimiter(REQUIRED)\tCharater(s) that devides the password attribute\n\t\t\t\t\t\tin realm and password tokens, default ':' realm:password\n"); + fprintf(stderr, "\t-l password realm delimiter\t\tCharater(s) that devides the password attribute\n\t\t\t\t\t\tin realm and password tokens, default ':' realm:password\n"); fprintf(stderr, "\t-b basedn (REQUIRED)\t\t\tbase dn under where to search for users\n"); - fprintf(stderr, "\t-e Encrypted passwords(REQUIRED)\tPassword are stored encrypted using HHA1\n"); - fprintf(stderr, "\t-F filter\t\t\t\tuser search filter pattern. %%s = login\n"); - fprintf(stderr, "\t-u attribute\t\t\t\tattribute to use in combination with the basedn to create the user DN\n"); + fprintf(stderr, "\t-e Encrypted passwords\t\t\tPasswords are stored encrypted digest H(A1)\n"); + fprintf(stderr, "\t-F filter (REQUIRED*)\t\t\tuser search filter pattern. %%s = login\n"); + fprintf(stderr, "\t-u attribute (REQUIRED*)\t\tattribute to use in combination with the basedn to create the user DN\n"); fprintf(stderr, "\t-s base|one|sub\t\t\t\tsearch scope\n"); fprintf(stderr, "\t-D binddn\t\t\t\tDN to bind as to perform searches\n"); fprintf(stderr, "\t-w bindpasswd\t\t\t\tpassword for binddn\n"); @@ -599,9 +599,10 @@ fprintf(stderr, "\t-a never|always|search|find\t\twhen to dereference aliases\n"); #ifdef LDAP_VERSION3 fprintf(stderr, "\t-v 2|3\t\t\t\t\tLDAP version\n"); - fprintf(stderr, "\t-Z\t\t\t\t\tTLS encrypt the LDAP connection, requires\n\t\t\t\tLDAP version 3\n"); + fprintf(stderr, "\t-Z\t\t\t\t\tTLS encrypt the LDAP connection, requires\n\t\t\t\t\t\tLDAP version 3\n"); #endif fprintf(stderr, "\t-S\t\t\t\t\tStrip NT domain from usernames\n"); + fprintf(stderr, "\n\t*) one of -u or -F needs to be specified. If both is specified -y is ignored\n"); fprintf(stderr, "\n"); fprintf(stderr, "\tIf you need to bind as a user to perform searches then use the\n\t-D binddn -w bindpasswd or -D binddn -W secretfile options\n\n"); return -1; @@ -609,7 +610,7 @@ return 0; } static int -readSecret(char *filename) +readSecret(const char *filename) { char buf[BUFSIZ]; char *e = 0; @@ -630,11 +631,10 @@ if ((e = strrchr(buf, '\r'))) *e = 0; - bindpasswd = (char *) calloc(sizeof(char), strlen(buf) + 1); - if (bindpasswd) { - strcpy(bindpasswd, buf); - } else { + bindpasswd = strdup(buf); + if (!bindpasswd) { fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n"); + exit(1); } fclose(f); @@ -645,7 +645,7 @@ void LDAPHHA1(RequestData * requestData) { - char *password = ""; + char *password; ldapconnect(); password = getpassword(requestData->user, requestData->realm); if (password != NULL) {