ldap/servers/plugins/chainingdb/cb_bind.c | 12 ++++++------
ldap/servers/plugins/pam_passthru/pam_ptpreop.c | 6 +++---
ldap/servers/plugins/replication/repl_bind.c | 2 +-
ldap/servers/slapd/back-ldbm/ldbm_bind.c | 2 +-
ldap/servers/slapd/back-ldif/bind.c | 4 ++--
ldap/servers/slapd/bind.c | 8 ++++----
ldap/servers/slapd/defbackend.c | 3 ++-
ldap/servers/slapd/dse.c | 2 +-
ldap/servers/slapd/pblock.c | 4 ++--
ldap/servers/slapd/plugin.c | 6 +++---
ldap/servers/slapd/result.c | 4 ++--
ldap/servers/slapd/slapi-private.h | 2 +-
12 files changed, 28 insertions(+), 27 deletions(-)
New commits:
commit c81c032f0a17fb6cb0c50e6a0006d273e1553c76
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Feb 10 16:37:36 2015 -0800
Ticket #47742 - 64bit problem on big endian: auth method not supported
Description: Cast from ber_tag_t to int on a big endian machine causes
the "auth method not supported" error. Instead of handling the method
as "int", use ber_tag_t through out the server code.
https://fedorahosted.org/389/ticket/47742
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
(cherry picked from commit e0219e8fede80d1ab63a7c706d756abd4e53e3a4)
diff --git a/ldap/servers/plugins/chainingdb/cb_bind.c
b/ldap/servers/plugins/chainingdb/cb_bind.c
index 827916e..4c6a12b 100644
--- a/ldap/servers/plugins/chainingdb/cb_bind.c
+++ b/ldap/servers/plugins/chainingdb/cb_bind.c
@@ -47,7 +47,7 @@ cb_free_bervals( struct berval **bvs );
static int
-cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, int method,
+cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, ber_tag_t method,
char * mechanism, struct berval *creds,
LDAPControl **reqctrls, char **matcheddnp,
char **errmsgp, struct berval ***refurlsp,
@@ -68,7 +68,7 @@ cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, int method,
static int
cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries,
- const char *dn, int method,char * mechanism,
+ const char *dn, ber_tag_t method, char * mechanism,
struct berval *creds, LDAPControl **reqctrls,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp ,int *status)
@@ -84,7 +84,7 @@ cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries,
if ( slapi_op_abandoned( pb )) {
rc = LDAP_USER_CANCELLED;
} else {
- rc = cb_sasl_bind_once_s( pool, dn, method,mechanism, creds, reqctrls,
+ rc = cb_sasl_bind_once_s( pool, dn, method, mechanism, creds, reqctrls,
matcheddnp, errmsgp, refurlsp, resctrlsp ,status);
}
} while ( CB_LDAP_CONN_ERROR( rc ) && --tries > 0 );
@@ -93,7 +93,7 @@ cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries,
}
static int
-cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, int method,
+cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, ber_tag_t method,
char * mechanism, struct berval *creds,
LDAPControl **reqctrls, char **matcheddnp,
char **errmsgp, struct berval ***refurlsp,
@@ -244,7 +244,7 @@ chainingdb_bind( Slapi_PBlock *pb )
int rc = LDAP_SUCCESS;
int freectrls = 1;
int bind_retry;
- int method;
+ ber_tag_t method;
if ( LDAP_SUCCESS != (rc = cb_forward_operation(pb) )) {
cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
@@ -276,7 +276,7 @@ chainingdb_bind( Slapi_PBlock *pb )
dn = slapi_sdn_get_ndn(sdn);
/* always allow noauth simple binds */
- if (( method == LDAP_AUTH_SIMPLE) && creds->bv_len == 0 ) {
+ if ((method == LDAP_AUTH_SIMPLE) && (creds->bv_len == 0)) {
slapi_sdn_free(&mysdn);
return( SLAPI_BIND_ANONYMOUS );
}
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
index 476d834..e550bcf 100644
--- a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
+++ b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
@@ -431,7 +431,7 @@ static int
pam_passthru_bindpreop( Slapi_PBlock *pb )
{
int rc = LDAP_SUCCESS;
- int method;
+ ber_tag_t method;
const char *normbinddn;
char *errmsg = NULL;
Slapi_DN *bindsdn = NULL;
@@ -460,8 +460,8 @@ pam_passthru_bindpreop( Slapi_PBlock *pb )
* We only handle simple bind requests that include non-NULL binddn and
* credentials. Let the Directory Server itself handle everything else.
*/
- if ( method != LDAP_AUTH_SIMPLE || *normbinddn == '\0' ||
- creds->bv_len == 0 ) {
+ if ((method != LDAP_AUTH_SIMPLE) || (*normbinddn == '\0') ||
+ (creds->bv_len == 0)) {
slapi_log_error( SLAPI_LOG_PLUGIN, PAM_PASSTHRU_PLUGIN_SUBSYSTEM,
"<= not handled (not simple bind or NULL
dn/credentials)\n" );
return retcode;
diff --git a/ldap/servers/plugins/replication/repl_bind.c
b/ldap/servers/plugins/replication/repl_bind.c
index c9b9229..4518e56 100644
--- a/ldap/servers/plugins/replication/repl_bind.c
+++ b/ldap/servers/plugins/replication/repl_bind.c
@@ -54,7 +54,7 @@ legacy_preop_bind( Slapi_PBlock *pb )
const char *dn = NULL;
Slapi_DN *sdn = NULL;
struct berval *cred = NULL;
- int method;
+ ber_tag_t method;
slapi_pblock_get(pb, SLAPI_BIND_METHOD, &method);
slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_bind.c
b/ldap/servers/slapd/back-ldbm/ldbm_bind.c
index f1dad38..aaa7b26 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_bind.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_bind.c
@@ -203,7 +203,7 @@ ldbm_back_bind( Slapi_PBlock *pb )
{
backend *be;
ldbm_instance *inst;
- int method;
+ ber_tag_t method;
struct berval *cred;
struct ldbminfo *li;
struct backentry *e;
diff --git a/ldap/servers/slapd/back-ldif/bind.c b/ldap/servers/slapd/back-ldif/bind.c
index f897230..06b3a76 100644
--- a/ldap/servers/slapd/back-ldif/bind.c
+++ b/ldap/servers/slapd/back-ldif/bind.c
@@ -62,7 +62,7 @@ int
ldif_back_bind( Slapi_PBlock *pb )
{
char *dn; /*Storage for the dn*/
- int method; /*Storage for the bind method*/
+ ber_tag_t method; /*Storage for the bind method*/
struct berval *cred; /*Storage for the bind credentials*/
struct berval **bvals;
LDIF *db; /*The database*/
@@ -91,7 +91,7 @@ ldif_back_bind( Slapi_PBlock *pb )
if ( (e = (ldif_Entry *)ldif_find_entry( pb, db, dn, &prev )) == NULL ) {
/* Allow noauth binds */
- if ( method == LDAP_AUTH_SIMPLE && cred->bv_len == 0 ) {
+ if ((method == LDAP_AUTH_SIMPLE) && (cred->bv_len == 0)) {
rc = SLAPI_BIND_ANONYMOUS;
} else {
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index bc4aa24..7acec84 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -76,7 +76,7 @@
static void log_bind_access(
Slapi_PBlock *pb,
const char* dn,
- int method,
+ ber_tag_t method,
int version,
const char *saslmech,
const char *msg
@@ -889,7 +889,7 @@ static void
log_bind_access (
Slapi_PBlock *pb,
const char* dn,
- int method,
+ ber_tag_t method,
int version,
const char *saslmech,
const char *msg
@@ -910,13 +910,13 @@ log_bind_access (
} else if (msg) {
slapi_log_access( LDAP_DEBUG_STATS,
"conn=%" NSPRIu64 " op=%d BIND
dn=\"%s\" "
- "method=%d version=%d, %s\n",
+ "method=%ld version=%d, %s\n",
(long long unsigned int)pb->pb_conn->c_connid,
pb->pb_op->o_opid, dn,
method, version, msg );
} else {
slapi_log_access( LDAP_DEBUG_STATS,
"conn=%" NSPRIu64 " op=%d BIND
dn=\"%s\" "
- "method=%d version=%d\n",
+ "method=%ld version=%d\n",
(long long unsigned int)pb->pb_conn->c_connid,
pb->pb_op->o_opid, dn,
method, version );
}
diff --git a/ldap/servers/slapd/defbackend.c b/ldap/servers/slapd/defbackend.c
index dd948d0..0f566d0 100644
--- a/ldap/servers/slapd/defbackend.c
+++ b/ldap/servers/slapd/defbackend.c
@@ -203,7 +203,8 @@ defbackend_abandon( Slapi_PBlock *pb )
static int
defbackend_bind( Slapi_PBlock *pb )
{
- int rc, method;
+ int rc;
+ ber_tag_t method;
struct berval *cred;
LDAPDebug( LDAP_DEBUG_TRACE, "defbackend_bind\n", 0, 0, 0 );
diff --git a/ldap/servers/slapd/dse.c b/ldap/servers/slapd/dse.c
index 9bb5914..b9ffc5f 100644
--- a/ldap/servers/slapd/dse.c
+++ b/ldap/servers/slapd/dse.c
@@ -1499,7 +1499,7 @@ dse_delete_entry(struct dse* pdse, Slapi_PBlock *pb, const
Slapi_Entry *e)
int
dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from this
function! */
{
- int method; /* The bind method */
+ ber_tag_t method; /* The bind method */
struct berval *cred; /* The bind credentials */
Slapi_Value **bvals;
struct dse* pdse;
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index b35fce7..fd9ccb7 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -1301,7 +1301,7 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
case SLAPI_BIND_METHOD:
if(pblock->pb_op!=NULL)
{
- (*(int *)value) = pblock->pb_op->o_params.p.p_bind.bind_method;
+ (*(ber_tag_t *)value) = pblock->pb_op->o_params.p.p_bind.bind_method;
}
break;
case SLAPI_BIND_CREDENTIALS:
@@ -2936,7 +2936,7 @@ slapi_pblock_set( Slapi_PBlock *pblock, int arg, void *value )
case SLAPI_BIND_METHOD:
if(pblock->pb_op!=NULL)
{
- pblock->pb_op->o_params.p.p_bind.bind_method = *((int *) value);
+ pblock->pb_op->o_params.p.p_bind.bind_method = *((ber_tag_t *) value);
}
break;
case SLAPI_BIND_CREDENTIALS:
diff --git a/ldap/servers/slapd/plugin.c b/ldap/servers/slapd/plugin.c
index 94aba7f..4df2eb5 100644
--- a/ldap/servers/slapd/plugin.c
+++ b/ldap/servers/slapd/plugin.c
@@ -77,7 +77,7 @@ static int plugin_call_func (struct slapdplugin *list, int operation,
Slapi_PBlo
static PRBool plugin_invoke_plugin_pb (struct slapdplugin *plugin, int operation,
Slapi_PBlock *pb);
static PRBool plugin_matches_operation (Slapi_DN *target_spec, PluginTargetData *ptd,
- PRBool bindop, PRBool isroot, PRBool islocal, int method);
+ PRBool bindop, PRBool isroot, PRBool islocal, ber_tag_t method);
static void plugin_config_init (struct pluginconfig *config);
static void plugin_config_cleanup (struct pluginconfig *config);
@@ -3593,7 +3593,7 @@ plugin_invoke_plugin_sdn (struct slapdplugin *plugin, int operation,
Slapi_PBloc
PRBool islocal;
PRBool bindop;
unsigned long op;
- int method = -1;
+ ber_tag_t method = LBER_ERROR;
PR_ASSERT (plugin);
if (!pb) {
@@ -3762,7 +3762,7 @@ PRBool plugin_allow_internal_op (Slapi_DN *target_spec, struct
slapdplugin *plug
}
static PRBool plugin_matches_operation (Slapi_DN *target_spec, PluginTargetData *ptd,
- PRBool bindop, PRBool isroot, PRBool islocal, int method)
+ PRBool bindop, PRBool isroot, PRBool islocal, ber_tag_t method)
{
int cookie;
Slapi_DN *subtree;
diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c
index 544a9c7..45a5b4c 100644
--- a/ldap/servers/slapd/result.c
+++ b/ldap/servers/slapd/result.c
@@ -371,7 +371,7 @@ send_ldap_result_ext(
const char *dn = NULL;
ber_tag_t tag;
int flush_ber_element = 1;
- int bind_method = 0;
+ ber_tag_t bind_method = 0;
int internal_op;
int i, rc, logit = 0;
@@ -453,7 +453,7 @@ send_ldap_result_ext(
/* invalid password. Update the password retry here */
/* put this here for now. It could be a send_result pre-op plugin. */
- if (err == LDAP_INVALID_CREDENTIALS && bind_method != LDAP_AUTH_SASL ) {
+ if ((err == LDAP_INVALID_CREDENTIALS) && (bind_method != LDAP_AUTH_SASL)) {
slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h
index 921c397..43ba82c 100644
--- a/ldap/servers/slapd/slapi-private.h
+++ b/ldap/servers/slapd/slapi-private.h
@@ -573,7 +573,7 @@ typedef struct slapi_operation_parameters
struct bind_parameters
{
- int bind_method;
+ ber_tag_t bind_method;
struct berval *bind_creds;
char *bind_saslmechanism; /* v3 sasl mechanism name */
struct berval *bind_ret_saslcreds; /* v3 serverSaslCreds */