autofs-5.0.1 - use percent hack for master map keys From: Ian Kent <raven@themaw.net> The percent hack translation has been done for map keys but it isn't used for master map keys. --- modules/lookup_ldap.c | 70 +++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 61 insertions(+), 9 deletions(-) --- autofs-5.0.1.orig/modules/lookup_ldap.c +++ autofs-5.0.1/modules/lookup_ldap.c @@ -50,6 +50,7 @@ static struct ldap_schema common_schema[ static unsigned int common_schema_count = sizeof(common_schema)/sizeof(struct ldap_schema); static LDAP *auth_init(unsigned logopt, const char *, struct lookup_context *); +static int decode_percent_hack(const char *, char **); static void uris_mutex_lock(struct lookup_context *ctxt) { @@ -1413,6 +1414,9 @@ int lookup_read_master(struct master *ma debug(logopt, MODPREFIX "examining entries"); while (e) { + char *key = NULL; + int dec_len, i; + keyValue = ldap_get_values(ldap, e, entry); if (!keyValue || !*keyValue) { @@ -1424,19 +1428,63 @@ int lookup_read_master(struct master *ma * By definition keys must be unique within * each map entry */ - if (ldap_count_values(keyValue) > 1) { - error(logopt, - MODPREFIX - "key %s has duplicate entries - ignoring", - *keyValue); - goto next; + count = ldap_count_values(keyValue); + if (strcasecmp(class, "nisObject")) { + if (count > 1) { + error(logopt, MODPREFIX + "key %s has duplicates - ignoring", + *keyValue); + goto next; + } + key = strdup(keyValue[0]); + if (!key) { + error(logopt, MODPREFIX + "failed to dup map key %s - ignoring", + *keyValue); + goto next; + } + } else if (count == 1) { + dec_len = decode_percent_hack(keyValue[0], &key); + if (dec_len < 0) { + error(logopt, MODPREFIX + "invalid map key %s - ignoring", + *keyValue); + goto next; + } + } else { + dec_len = decode_percent_hack(keyValue[0], &key); + if (dec_len < 0) { + error(logopt, MODPREFIX + "invalid map key %s - ignoring", + *keyValue); + goto next; + } + + for (i = 1; i < count; i++) { + char *k; + dec_len = decode_percent_hack(keyValue[i], &k); + if (dec_len < 0) { + error(logopt, MODPREFIX + "invalid map key %s - ignoring", + *keyValue); + goto next; + } + if (strcmp(key, k)) { + error(logopt, MODPREFIX + "key entry mismatch %s - ignoring", + *keyValue); + free(k); + goto next; + } + free(k); + } } /* * Ignore keys beginning with '+' as plus map * inclusion is only valid in file maps. */ - if (**keyValue == '+') { + if (*key == '+') { warn(logopt, MODPREFIX "ignoreing '+' map entry - not in file map"); @@ -1462,7 +1510,7 @@ int lookup_read_master(struct master *ma goto next; } - blen = strlen(*keyValue) + 1 + strlen(*values) + 2; + blen = strlen(key) + 1 + strlen(*values) + 2; if (blen > PARSE_MAX_BUF) { error(logopt, MODPREFIX "map entry too long"); ldap_value_free(values); @@ -1470,13 +1518,17 @@ int lookup_read_master(struct master *ma } memset(buf, 0, PARSE_MAX_BUF); - strcpy(buf, *keyValue); + strcpy(buf, key); strcat(buf, " "); strcat(buf, *values); + ldap_value_free(values); + master_parse_entry(buf, timeout, logging, age); next: ldap_value_free(keyValue); + if (key) + free(key); e = ldap_next_entry(ldap, e); }