|
|
0f9cf8 |
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
|
|
|
0f9cf8 |
index 7e48879..dafa724 100644
|
|
|
0f9cf8 |
--- a/ptclient/ldap.c
|
|
|
0f9cf8 |
+++ b/ptclient/ldap.c
|
|
|
0f9cf8 |
@@ -932,7 +932,7 @@ static int ptsmodule_get_dn(
|
|
|
0f9cf8 |
{
|
|
|
0f9cf8 |
rc = ptsmodule_expand_tokens(ptsm->filter, canon_id, NULL, &filter);
|
|
|
0f9cf8 |
if (rc != PTSM_OK)
|
|
|
0f9cf8 |
- return rc;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
if (ptsm->domain_base_dn && ptsm->domain_base_dn[0] != '\0' && (strrchr(canon_id, '@') != NULL)) {
|
|
|
0f9cf8 |
syslog(LOG_DEBUG, "Attempting to get domain for %s from %s", canon_id, ptsm->domain_base_dn);
|
|
|
0f9cf8 |
@@ -955,19 +955,23 @@ static int ptsmodule_get_dn(
|
|
|
0f9cf8 |
ldap_unbind(ptsm->ld);
|
|
|
0f9cf8 |
ptsm->ld = NULL;
|
|
|
0f9cf8 |
syslog(LOG_ERR, "LDAP not available: %s", ldap_err2string(rc));
|
|
|
0f9cf8 |
- return PTSM_RETRY;
|
|
|
0f9cf8 |
+ rc = PTSM_RETRY;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
syslog(LOG_ERR, "LDAP search for domain failed: %s", ldap_err2string(rc));
|
|
|
0f9cf8 |
- return PTSM_FAIL;
|
|
|
0f9cf8 |
+ rc = PTSM_FAIL;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
if (ldap_count_entries(ptsm->ld, res) < 1) {
|
|
|
0f9cf8 |
syslog(LOG_ERR, "No domain %s found", domain);
|
|
|
0f9cf8 |
- return PTSM_FAIL;
|
|
|
0f9cf8 |
+ rc = PTSM_FAIL;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
} else if (ldap_count_entries(ptsm->ld, res) > 1) {
|
|
|
0f9cf8 |
syslog(LOG_ERR, "Multiple domains %s found", domain);
|
|
|
0f9cf8 |
- return PTSM_FAIL;
|
|
|
0f9cf8 |
+ rc = PTSM_FAIL;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
} else {
|
|
|
0f9cf8 |
if ((entry = ldap_first_entry(ptsm->ld, res)) != NULL) {
|
|
|
0f9cf8 |
if ((vals = ldap_get_values(ptsm->ld, entry, ptsm->domain_result_attribute)) != NULL) {
|
|
|
0f9cf8 |
@@ -982,7 +986,7 @@ static int ptsmodule_get_dn(
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
if (rc != PTSM_OK) {
|
|
|
0f9cf8 |
- return rc;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
} else {
|
|
|
0f9cf8 |
base = xstrdup(ptsm->base);
|
|
|
0f9cf8 |
syslog(LOG_DEBUG, "Continuing with ptsm->base: %s", ptsm->base);
|
|
|
0f9cf8 |
@@ -993,23 +997,23 @@ static int ptsmodule_get_dn(
|
|
|
0f9cf8 |
} else {
|
|
|
0f9cf8 |
rc = ptsmodule_expand_tokens(ptsm->base, canon_id, NULL, &base);
|
|
|
0f9cf8 |
if (rc != PTSM_OK)
|
|
|
0f9cf8 |
- return rc;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
rc = ldap_search_st(ptsm->ld, base, ptsm->scope, filter, attrs, 0, &(ptsm->timeout), &res;;
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
if (rc != LDAP_SUCCESS) {
|
|
|
0f9cf8 |
syslog(LOG_DEBUG, "Searching %s with %s failed", base, base);
|
|
|
0f9cf8 |
- free(filter);
|
|
|
0f9cf8 |
- free(base);
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
if (rc == LDAP_SERVER_DOWN) {
|
|
|
0f9cf8 |
ldap_unbind(ptsm->ld);
|
|
|
0f9cf8 |
ptsm->ld = NULL;
|
|
|
0f9cf8 |
- return PTSM_RETRY;
|
|
|
0f9cf8 |
+ rc = PTSM_RETRY;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
- return PTSM_FAIL;
|
|
|
0f9cf8 |
+ rc = PTSM_FAIL;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
free(filter);
|
|
|
0f9cf8 |
@@ -1035,6 +1039,13 @@ static int ptsmodule_get_dn(
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
return (*ret ? PTSM_OK : PTSM_FAIL);
|
|
|
0f9cf8 |
+
|
|
|
0f9cf8 |
+ done:
|
|
|
0f9cf8 |
+ if (filter)
|
|
|
0f9cf8 |
+ free(filter);
|
|
|
0f9cf8 |
+ if (base)
|
|
|
0f9cf8 |
+ free(base);
|
|
|
0f9cf8 |
+ return rc;
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
@@ -1344,7 +1355,7 @@ static int ptsmodule_make_authstate_group(
|
|
|
0f9cf8 |
rc = ptsmodule_connect();
|
|
|
0f9cf8 |
if (rc != PTSM_OK) {
|
|
|
0f9cf8 |
*reply = "ptsmodule_connect() failed";
|
|
|
0f9cf8 |
- goto done;;
|
|
|
0f9cf8 |
+ goto done;
|
|
|
0f9cf8 |
}
|
|
|
0f9cf8 |
|
|
|
0f9cf8 |
rc = ptsmodule_expand_tokens(ptsm->group_filter, canon_id+6, NULL, &filter);
|