LCOV - code coverage report
Current view: top level - libcli/ldap - ldap_message.c (source / functions) Hit Total Coverage
Test: coverage report for master 98b443d9 Lines: 927 1084 85.5 %
Date: 2024-05-31 13:13:24 Functions: 20 20 100.0 %

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             :    LDAP protocol helper functions for SAMBA
       4             :    
       5             :    Copyright (C) Andrew Tridgell  2004
       6             :    Copyright (C) Volker Lendecke 2004
       7             :    Copyright (C) Stefan Metzmacher 2004
       8             :    Copyright (C) Simo Sorce 2004
       9             :     
      10             :    This program is free software; you can redistribute it and/or modify
      11             :    it under the terms of the GNU General Public License as published by
      12             :    the Free Software Foundation; either version 3 of the License, or
      13             :    (at your option) any later version.
      14             :    
      15             :    This program is distributed in the hope that it will be useful,
      16             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      17             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      18             :    GNU General Public License for more details.
      19             :    
      20             :    You should have received a copy of the GNU General Public License
      21             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      22             :    
      23             : */
      24             : 
      25             : #include "includes.h"
      26             : #include "../lib/util/asn1.h"
      27             : #include "../libcli/ldap/ldap_message.h"
      28             : 
      29      604732 : _PUBLIC_ struct ldap_message *new_ldap_message(TALLOC_CTX *mem_ctx)
      30             : {
      31      604732 :         return talloc_zero(mem_ctx, struct ldap_message);
      32             : }
      33             : 
      34             : 
      35     3810730 : static bool add_value_to_attrib(TALLOC_CTX *mem_ctx, struct ldb_val *value,
      36             :                                 struct ldb_message_element *attrib)
      37             : {
      38     3810730 :         attrib->values = talloc_realloc(mem_ctx,
      39             :                                         attrib->values,
      40             :                                         DATA_BLOB,
      41             :                                         attrib->num_values+1);
      42     3810730 :         if (attrib->values == NULL)
      43           0 :                 return false;
      44             : 
      45     3810730 :         attrib->values[attrib->num_values].data = talloc_steal(attrib->values,
      46             :                                                                value->data);
      47     3810730 :         attrib->values[attrib->num_values].length = value->length;
      48     3810730 :         attrib->num_values += 1;
      49     3810730 :         return true;
      50             : }
      51             : 
      52     3241314 : static bool add_attrib_to_array_talloc(TALLOC_CTX *mem_ctx,
      53             :                                        const struct ldb_message_element *attrib,
      54             :                                        struct ldb_message_element **attribs,
      55             :                                        int *num_attribs)
      56             : {
      57     3241314 :         *attribs = talloc_realloc(mem_ctx,
      58             :                                   *attribs,
      59             :                                   struct ldb_message_element,
      60             :                                   *num_attribs+1);
      61             : 
      62     3241314 :         if (*attribs == NULL)
      63           0 :                 return false;
      64             : 
      65     3241314 :         (*attribs)[*num_attribs] = *attrib;
      66     3241314 :         talloc_steal(*attribs, attrib->values);
      67     3241314 :         talloc_steal(*attribs, attrib->name);
      68     3241314 :         *num_attribs += 1;
      69     3241314 :         return true;
      70             : }
      71             : 
      72      113495 : static bool add_mod_to_array_talloc(TALLOC_CTX *mem_ctx,
      73             :                                     struct ldap_mod *mod,
      74             :                                     struct ldap_mod **mods,
      75             :                                     int *num_mods)
      76             : {
      77      113495 :         *mods = talloc_realloc(mem_ctx, *mods, struct ldap_mod, (*num_mods)+1);
      78             : 
      79      113495 :         if (*mods == NULL)
      80           0 :                 return false;
      81             : 
      82      113495 :         (*mods)[*num_mods] = *mod;
      83      113495 :         *num_mods += 1;
      84      113495 :         return true;
      85             : }
      86             : 
      87      401810 : static bool ldap_decode_control_value(void *mem_ctx, DATA_BLOB value,
      88             :                                       const struct ldap_control_handler *handlers,
      89             :                                       struct ldb_control *ctrl)
      90             : {
      91           0 :         int i;
      92             : 
      93      401810 :         if (!handlers) {
      94           0 :                 return true;
      95             :         }
      96             : 
      97     3188020 :         for (i = 0; handlers[i].oid != NULL; i++) {
      98     3188020 :                 if (strcmp(handlers[i].oid, ctrl->oid) == 0) {
      99      401810 :                         if (!handlers[i].decode || !handlers[i].decode(mem_ctx, value, &ctrl->data)) {
     100           0 :                                 return false;
     101             :                         }
     102      401810 :                         break;
     103             :                 }
     104             :         }
     105      401810 :         if (handlers[i].oid == NULL) {
     106           0 :                 return false;
     107             :         }
     108             : 
     109      401810 :         return true;
     110             : }
     111             : 
     112      401810 : static bool ldap_decode_control_wrapper(void *mem_ctx, struct asn1_data *data,
     113             :                                         struct ldb_control *ctrl, DATA_BLOB *value)
     114             : {
     115           0 :         DATA_BLOB oid;
     116             : 
     117      401810 :         if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) {
     118           0 :                 return false;
     119             :         }
     120             : 
     121      401810 :         if (!asn1_read_OctetString(data, mem_ctx, &oid)) {
     122           0 :                 return false;
     123             :         }
     124      401810 :         ctrl->oid = talloc_strndup(mem_ctx, (char *)oid.data, oid.length);
     125      401810 :         if (!ctrl->oid) {
     126           0 :                 return false;
     127             :         }
     128             : 
     129      401810 :         if (asn1_peek_tag(data, ASN1_BOOLEAN)) {
     130           0 :                 bool critical;
     131      264645 :                 if (!asn1_read_BOOLEAN(data, &critical)) {
     132           0 :                         return false;
     133             :                 }
     134      264645 :                 ctrl->critical = critical;
     135             :         } else {
     136      137165 :                 ctrl->critical = false;
     137             :         }
     138             : 
     139      401810 :         ctrl->data = NULL;
     140             : 
     141      401810 :         if (!asn1_peek_tag(data, ASN1_OCTET_STRING)) {
     142       68196 :                 *value = data_blob(NULL, 0);
     143       68196 :                 goto end_tag;
     144             :         }
     145             : 
     146      333614 :         if (!asn1_read_OctetString(data, mem_ctx, value)) {
     147           0 :                 return false;
     148             :         }
     149             : 
     150      333614 : end_tag:
     151      401810 :         if (!asn1_end_tag(data)) {
     152           0 :                 return false;
     153             :         }
     154             : 
     155      401810 :         return true;
     156             : }
     157             : 
     158      401603 : static bool ldap_encode_control(void *mem_ctx, struct asn1_data *data,
     159             :                                 const struct ldap_control_handler *handlers,
     160             :                                 struct ldb_control *ctrl)
     161             : {
     162           0 :         DATA_BLOB value;
     163           0 :         int i;
     164             : 
     165      401603 :         if (!handlers) {
     166           0 :                 return false;
     167             :         }
     168             : 
     169     3192245 :         for (i = 0; handlers[i].oid != NULL; i++) {
     170     3192245 :                 if (!ctrl->oid) {
     171             :                         /* not encoding this control, the OID has been
     172             :                          * set to NULL indicating it isn't really
     173             :                          * here */
     174           0 :                         return true;
     175             :                 }
     176     3192245 :                 if (strcmp(handlers[i].oid, ctrl->oid) == 0) {
     177      401603 :                         if (!handlers[i].encode) {
     178         194 :                                 if (ctrl->critical) {
     179           0 :                                         return false;
     180             :                                 } else {
     181             :                                         /* not encoding this control */
     182         194 :                                         return true;
     183             :                                 }
     184             :                         }
     185      401409 :                         if (!handlers[i].encode(mem_ctx, ctrl->data, &value)) {
     186           0 :                                 return false;
     187             :                         }
     188      401409 :                         break;
     189             :                 }
     190             :         }
     191      401409 :         if (handlers[i].oid == NULL) {
     192           0 :                 return false;
     193             :         }
     194             : 
     195      401409 :         if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
     196           0 :                 return false;
     197             :         }
     198             : 
     199      401409 :         if (!asn1_write_OctetString(data, ctrl->oid, strlen(ctrl->oid))) {
     200           0 :                 return false;
     201             :         }
     202             : 
     203      401409 :         if (ctrl->critical) {
     204      263892 :                 if (!asn1_write_BOOLEAN(data, ctrl->critical)) {
     205           0 :                         return false;
     206             :                 }
     207             :         }
     208             : 
     209      401409 :         if (!ctrl->data) {
     210       67990 :                 goto pop_tag;
     211             :         }
     212             : 
     213      333419 :         if (!asn1_write_OctetString(data, value.data, value.length)) {
     214           0 :                 return false;
     215             :         }
     216             : 
     217      333419 : pop_tag:
     218      401409 :         if (!asn1_pop_tag(data)) {
     219           0 :                 return false;
     220             :         }
     221             : 
     222      401409 :         return true;
     223             : }
     224             : 
     225      930030 : static bool ldap_push_filter(struct asn1_data *data, struct ldb_parse_tree *tree)
     226             : {
     227         547 :         int i;
     228             : 
     229      930030 :         switch (tree->operation) {
     230      262865 :         case LDB_OP_AND:
     231             :         case LDB_OP_OR:
     232      262901 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(tree->operation==LDB_OP_AND?0:1))) return false;
     233      836712 :                 for (i=0; i<tree->u.list.num_elements; i++) {
     234      573847 :                         if (!ldap_push_filter(data, tree->u.list.elements[i])) {
     235           0 :                                 return false;
     236             :                         }
     237             :                 }
     238      262865 :                 if (!asn1_pop_tag(data)) return false;
     239      262716 :                 break;
     240             : 
     241       15018 :         case LDB_OP_NOT:
     242       15018 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(2))) return false;
     243       15018 :                 if (!ldap_push_filter(data, tree->u.isnot.child)) {
     244           0 :                         return false;
     245             :                 }
     246       15018 :                 if (!asn1_pop_tag(data)) return false;
     247       15018 :                 break;
     248             : 
     249      161050 :         case LDB_OP_EQUALITY:
     250             :                 /* equality test */
     251      161050 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(3))) return false;
     252      161050 :                 if (!asn1_write_OctetString(data, tree->u.equality.attr,
     253           0 :                                       strlen(tree->u.equality.attr))) return false;
     254      161050 :                 if (!asn1_write_OctetString(data, tree->u.equality.value.data,
     255           0 :                                       tree->u.equality.value.length)) return false;
     256      161050 :                 if (!asn1_pop_tag(data)) return false;
     257      161002 :                 break;
     258             : 
     259       14980 :         case LDB_OP_SUBSTRING:
     260             :                 /*
     261             :                   SubstringFilter ::= SEQUENCE {
     262             :                           type            AttributeDescription,
     263             :                           -- at least one must be present
     264             :                           substrings      SEQUENCE OF CHOICE {
     265             :                                   initial [0] LDAPString,
     266             :                                   any     [1] LDAPString,
     267             :                                   final   [2] LDAPString } }
     268             :                 */
     269       14980 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(4))) return false;
     270       14980 :                 if (!asn1_write_OctetString(data, tree->u.substring.attr, strlen(tree->u.substring.attr))) return false;
     271       14980 :                 if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) return false;
     272             : 
     273       14980 :                 if (tree->u.substring.chunks && tree->u.substring.chunks[0]) {
     274       14978 :                         i = 0;
     275       14978 :                         if (!tree->u.substring.start_with_wildcard) {
     276        4247 :                                 if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(0))) return false;
     277        4247 :                                 if (!asn1_write_DATA_BLOB_LDAPString(data, tree->u.substring.chunks[i])) return false;
     278        4247 :                                 if (!asn1_pop_tag(data)) return false;
     279        4247 :                                 i++;
     280             :                         }
     281       25710 :                         while (tree->u.substring.chunks[i]) {
     282           0 :                                 int ctx;
     283             : 
     284       10732 :                                 if (( ! tree->u.substring.chunks[i + 1]) &&
     285       10732 :                                     (tree->u.substring.end_with_wildcard == 0)) {
     286         476 :                                         ctx = 2;
     287             :                                 } else {
     288       10256 :                                         ctx = 1;
     289             :                                 }
     290       10732 :                                 if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(ctx))) return false;
     291       10732 :                                 if (!asn1_write_DATA_BLOB_LDAPString(data, tree->u.substring.chunks[i])) return false;
     292       10732 :                                 if (!asn1_pop_tag(data)) return false;
     293       10732 :                                 i++;
     294             :                         }
     295             :                 }
     296       14980 :                 if (!asn1_pop_tag(data)) return false;
     297       14980 :                 if (!asn1_pop_tag(data)) return false;
     298       14980 :                 break;
     299             : 
     300         271 :         case LDB_OP_GREATER:
     301             :                 /* greaterOrEqual test */
     302         271 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(5))) return false;
     303         271 :                 if (!asn1_write_OctetString(data, tree->u.comparison.attr,
     304           0 :                                       strlen(tree->u.comparison.attr))) return false;
     305         271 :                 if (!asn1_write_OctetString(data, tree->u.comparison.value.data,
     306           0 :                                       tree->u.comparison.value.length)) return false;
     307         271 :                 if (!asn1_pop_tag(data)) return false;
     308         271 :                 break;
     309             : 
     310         279 :         case LDB_OP_LESS:
     311             :                 /* lessOrEqual test */
     312         279 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(6))) return false;
     313         279 :                 if (!asn1_write_OctetString(data, tree->u.comparison.attr,
     314           0 :                                       strlen(tree->u.comparison.attr))) return false;
     315         279 :                 if (!asn1_write_OctetString(data, tree->u.comparison.value.data,
     316           0 :                                       tree->u.comparison.value.length)) return false;
     317         279 :                 if (!asn1_pop_tag(data)) return false;
     318         279 :                 break;
     319             : 
     320      457751 :         case LDB_OP_PRESENT:
     321             :                 /* present test */
     322      457751 :                 if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(7))) return false;
     323      457751 :                 if (!asn1_write_LDAPString(data, tree->u.present.attr)) return false;
     324      457751 :                 if (!asn1_pop_tag(data)) return false;
     325      457751 :                 return !asn1_has_error(data);
     326             : 
     327           0 :         case LDB_OP_APPROX:
     328             :                 /* approx test */
     329           0 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(8))) return false;
     330           0 :                 if (!asn1_write_OctetString(data, tree->u.comparison.attr,
     331           0 :                                       strlen(tree->u.comparison.attr))) return false;
     332           0 :                 if (!asn1_write_OctetString(data, tree->u.comparison.value.data,
     333           0 :                                       tree->u.comparison.value.length)) return false;
     334           0 :                 if (!asn1_pop_tag(data)) return false;
     335           0 :                 break;
     336             : 
     337       17816 :         case LDB_OP_EXTENDED:
     338             :                 /*
     339             :                   MatchingRuleAssertion ::= SEQUENCE {
     340             :                   matchingRule    [1] MatchingRuleID OPTIONAL,
     341             :                   type            [2] AttributeDescription OPTIONAL,
     342             :                   matchValue      [3] AssertionValue,
     343             :                   dnAttributes    [4] BOOLEAN DEFAULT FALSE
     344             :                   }
     345             :                 */
     346       17816 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(9))) return false;
     347       17816 :                 if (tree->u.extended.rule_id) {
     348       17816 :                         if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(1))) return false;
     349       17816 :                         if (!asn1_write_LDAPString(data, tree->u.extended.rule_id)) return false;
     350       17816 :                         if (!asn1_pop_tag(data)) return false;
     351             :                 }
     352       17816 :                 if (tree->u.extended.attr) {
     353       17816 :                         if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(2))) return false;
     354       17816 :                         if (!asn1_write_LDAPString(data, tree->u.extended.attr)) return false;
     355       17816 :                         if (!asn1_pop_tag(data)) return false;
     356             :                 }
     357       17816 :                 if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(3))) return false;
     358       17816 :                 if (!asn1_write_DATA_BLOB_LDAPString(data, &tree->u.extended.value)) return false;
     359       17816 :                 if (!asn1_pop_tag(data)) return false;
     360       17816 :                 if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(4))) return false;
     361       17816 :                 if (!asn1_write_uint8(data, tree->u.extended.dnAttributes)) return false;
     362       17816 :                 if (!asn1_pop_tag(data)) return false;
     363       17816 :                 if (!asn1_pop_tag(data)) return false;
     364       17816 :                 break;
     365             : 
     366           0 :         default:
     367           0 :                 return false;
     368             :         }
     369      472279 :         return !asn1_has_error(data);
     370             : }
     371             : 
     372      610504 : static bool ldap_encode_response(struct asn1_data *data, struct ldap_Result *result)
     373             : {
     374      610504 :         if (!asn1_write_enumerated(data, result->resultcode)) return false;
     375      610504 :         if (!asn1_write_OctetString(data, result->dn,
     376      610504 :                                (result->dn) ? strlen(result->dn) : 0)) return false;
     377      610504 :         if (!asn1_write_OctetString(data, result->errormessage,
     378      610504 :                                (result->errormessage) ?
     379      239239 :                                strlen(result->errormessage) : 0)) return false;
     380      610504 :         if (result->referral) {
     381           8 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(3))) return false;
     382           8 :                 if (!asn1_write_OctetString(data, result->referral,
     383           0 :                                        strlen(result->referral))) return false;
     384           8 :                 if (!asn1_pop_tag(data)) return false;
     385             :         }
     386      609881 :         return true;
     387             : }
     388             : 
     389     1967025 : _PUBLIC_ bool ldap_encode(struct ldap_message *msg,
     390             :                           const struct ldap_control_handler *control_handlers,
     391             :                           DATA_BLOB *result, TALLOC_CTX *mem_ctx)
     392             : {
     393     1967025 :         struct asn1_data *data = asn1_init(mem_ctx, ASN1_MAX_TREE_DEPTH);
     394        1567 :         int i, j;
     395             : 
     396     1967025 :         if (!data) return false;
     397             : 
     398     1967025 :         if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     399     1967025 :         if (!asn1_write_Integer(data, msg->messageid)) goto err;
     400             : 
     401     1967025 :         switch (msg->type) {
     402       35762 :         case LDAP_TAG_BindRequest: {
     403       35762 :                 struct ldap_BindRequest *r = &msg->r.BindRequest;
     404       35762 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     405       35762 :                 if (!asn1_write_Integer(data, r->version)) goto err;
     406       35762 :                 if (!asn1_write_OctetString(data, r->dn,
     407       35762 :                                        (r->dn != NULL) ? strlen(r->dn) : 0)) goto err;
     408             : 
     409       35762 :                 switch (r->mechanism) {
     410         448 :                 case LDAP_AUTH_MECH_SIMPLE:
     411             :                         /* context, primitive */
     412         448 :                         if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(0))) goto err;
     413         448 :                         if (!asn1_write(data, r->creds.password,
     414         448 :                                    strlen(r->creds.password))) goto err;
     415         448 :                         if (!asn1_pop_tag(data)) goto err;
     416         448 :                         break;
     417       35314 :                 case LDAP_AUTH_MECH_SASL:
     418             :                         /* context, constructed */
     419       35314 :                         if (!asn1_push_tag(data, ASN1_CONTEXT(3))) goto err;
     420       35314 :                         if (!asn1_write_OctetString(data, r->creds.SASL.mechanism,
     421           0 :                                                strlen(r->creds.SASL.mechanism))) goto err;
     422       35314 :                         if (r->creds.SASL.secblob) {
     423       35314 :                                 if (!asn1_write_OctetString(data, r->creds.SASL.secblob->data,
     424       35192 :                                                        r->creds.SASL.secblob->length)) goto err;
     425             :                         }
     426       35314 :                         if (!asn1_pop_tag(data)) goto err;
     427       35192 :                         break;
     428           0 :                 default:
     429           0 :                         goto err;
     430             :                 }
     431             : 
     432       35762 :                 if (!asn1_pop_tag(data)) goto err;
     433       35640 :                 break;
     434             :         }
     435       36353 :         case LDAP_TAG_BindResponse: {
     436       36353 :                 struct ldap_BindResponse *r = &msg->r.BindResponse;
     437       36353 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     438       36353 :                 if (!ldap_encode_response(data, &r->response)) goto err;
     439       36353 :                 if (r->SASL.secblob) {
     440       35878 :                         if (!asn1_write_ContextSimple(data, 7, r->SASL.secblob)) goto err;
     441             :                 }
     442       36353 :                 if (!asn1_pop_tag(data)) goto err;
     443       36231 :                 break;
     444             :         }
     445           1 :         case LDAP_TAG_UnbindRequest: {
     446             : /*              struct ldap_UnbindRequest *r = &msg->r.UnbindRequest; */
     447           1 :                 if (!asn1_push_tag(data, ASN1_APPLICATION_SIMPLE(msg->type))) goto err;
     448           1 :                 if (!asn1_pop_tag(data)) goto err;
     449           1 :                 break;
     450             :         }
     451      341165 :         case LDAP_TAG_SearchRequest: {
     452      341165 :                 struct ldap_SearchRequest *r = &msg->r.SearchRequest;
     453      341165 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     454      341165 :                 if (!asn1_write_OctetString(data, r->basedn, strlen(r->basedn))) goto err;
     455      341165 :                 if (!asn1_write_enumerated(data, r->scope)) goto err;
     456      341165 :                 if (!asn1_write_enumerated(data, r->deref)) goto err;
     457      341165 :                 if (!asn1_write_Integer(data, r->sizelimit)) goto err;
     458      341165 :                 if (!asn1_write_Integer(data, r->timelimit)) goto err;
     459      341165 :                 if (!asn1_write_BOOLEAN(data, r->attributesonly)) goto err;
     460             : 
     461      341165 :                 if (!ldap_push_filter(data, r->tree)) {
     462           0 :                         goto err;
     463             :                 }
     464             : 
     465      341165 :                 if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     466      938872 :                 for (i=0; i<r->num_attributes; i++) {
     467      597707 :                         if (!asn1_write_OctetString(data, r->attributes[i],
     468      597707 :                                                strlen(r->attributes[i]))) goto err;
     469             :                 }
     470      341165 :                 if (!asn1_pop_tag(data)) goto err;
     471      341165 :                 if (!asn1_pop_tag(data)) goto err;
     472      340880 :                 break;
     473             :         }
     474      613731 :         case LDAP_TAG_SearchResultEntry: {
     475      613731 :                 struct ldap_SearchResEntry *r = &msg->r.SearchResultEntry;
     476      613731 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     477      613731 :                 if (!asn1_write_OctetString(data, r->dn, strlen(r->dn))) goto err;
     478      613731 :                 if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     479     3704094 :                 for (i=0; i<r->num_attributes; i++) {
     480     3090363 :                         struct ldb_message_element *attr = &r->attributes[i];
     481     3090363 :                         if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     482     3090363 :                         if (!asn1_write_OctetString(data, attr->name,
     483           0 :                                                strlen(attr->name))) goto err;
     484     3090363 :                         if (!asn1_push_tag(data, ASN1_SEQUENCE(1))) goto err;
     485     6638728 :                         for (j=0; j<attr->num_values; j++) {
     486     3548365 :                                 if (!asn1_write_OctetString(data,
     487     3548365 :                                                        attr->values[j].data,
     488     3548365 :                                                        attr->values[j].length)) goto err;
     489             :                         }
     490     3090363 :                         if (!asn1_pop_tag(data)) goto err;
     491     3090363 :                         if (!asn1_pop_tag(data)) goto err;
     492             :                 }
     493      613731 :                 if (!asn1_pop_tag(data)) goto err;
     494      613731 :                 if (!asn1_pop_tag(data)) goto err;
     495      613446 :                 break;
     496             :         }
     497      343698 :         case LDAP_TAG_SearchResultDone: {
     498      343698 :                 struct ldap_Result *r = &msg->r.SearchResultDone;
     499      343698 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     500      343698 :                 if (!ldap_encode_response(data, r)) goto err;
     501      343698 :                 if (!asn1_pop_tag(data)) goto err;
     502      343413 :                 break;
     503             :         }
     504       86608 :         case LDAP_TAG_ModifyRequest: {
     505       86608 :                 struct ldap_ModifyRequest *r = &msg->r.ModifyRequest;
     506       86608 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     507       86608 :                 if (!asn1_write_OctetString(data, r->dn, strlen(r->dn))) goto err;
     508       86608 :                 if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     509             : 
     510      199871 :                 for (i=0; i<r->num_mods; i++) {
     511      113263 :                         struct ldb_message_element *attrib = &r->mods[i].attrib;
     512      113263 :                         if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     513      113263 :                         if (!asn1_write_enumerated(data, r->mods[i].type)) goto err;
     514      113263 :                         if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     515      113263 :                         if (!asn1_write_OctetString(data, attrib->name,
     516           0 :                                                strlen(attrib->name))) goto err;
     517      113263 :                         if (!asn1_push_tag(data, ASN1_SET)) goto err;
     518      227800 :                         for (j=0; j<attrib->num_values; j++) {
     519      114537 :                                 if (!asn1_write_OctetString(data,
     520      114537 :                                                        attrib->values[j].data,
     521      114537 :                                                        attrib->values[j].length)) goto err;
     522             :         
     523             :                         }
     524      113263 :                         if (!asn1_pop_tag(data)) goto err;
     525      113263 :                         if (!asn1_pop_tag(data)) goto err;
     526      113263 :                         if (!asn1_pop_tag(data)) goto err;
     527             :                 }
     528             :                 
     529       86608 :                 if (!asn1_pop_tag(data)) goto err;
     530       86608 :                 if (!asn1_pop_tag(data)) goto err;
     531       86464 :                 break;
     532             :         }
     533       86760 :         case LDAP_TAG_ModifyResponse: {
     534       86760 :                 struct ldap_Result *r = &msg->r.ModifyResponse;
     535       86760 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     536       86760 :                 if (!ldap_encode_response(data, r)) goto err;
     537       86760 :                 if (!asn1_pop_tag(data)) goto err;
     538       86616 :                 break;
     539             :         }
     540       67735 :         case LDAP_TAG_AddRequest: {
     541       67735 :                 struct ldap_AddRequest *r = &msg->r.AddRequest;
     542       67735 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     543       67735 :                 if (!asn1_write_OctetString(data, r->dn, strlen(r->dn))) goto err;
     544       67735 :                 if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     545             : 
     546      254074 :                 for (i=0; i<r->num_attributes; i++) {
     547      186339 :                         struct ldb_message_element *attrib = &r->attributes[i];
     548      186339 :                         if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     549      186339 :                         if (attrib->name == NULL) {
     550           0 :                                 goto err;
     551             :                         }
     552      186339 :                         if (!asn1_write_OctetString(data, attrib->name,
     553           0 :                                                strlen(attrib->name))) goto err;
     554      186339 :                         if (!asn1_push_tag(data, ASN1_SET)) goto err;
     555      377719 :                         for (j=0; j<r->attributes[i].num_values; j++) {
     556      191380 :                                 if (!asn1_write_OctetString(data,
     557      191380 :                                                        attrib->values[j].data,
     558      191380 :                                                        attrib->values[j].length)) goto err;
     559             :                         }
     560      186339 :                         if (!asn1_pop_tag(data)) goto err;
     561      186339 :                         if (!asn1_pop_tag(data)) goto err;
     562             :                 }
     563       67735 :                 if (!asn1_pop_tag(data)) goto err;
     564       67735 :                 if (!asn1_pop_tag(data)) goto err;
     565       67699 :                 break;
     566             :         }
     567       67795 :         case LDAP_TAG_AddResponse: {
     568       67795 :                 struct ldap_Result *r = &msg->r.AddResponse;
     569       67795 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     570       67795 :                 if (!ldap_encode_response(data, r)) goto err;
     571       67795 :                 if (!asn1_pop_tag(data)) goto err;
     572       67759 :                 break;
     573             :         }
     574       75075 :         case LDAP_TAG_DelRequest: {
     575       75075 :                 struct ldap_DelRequest *r = &msg->r.DelRequest;
     576       75075 :                 if (!asn1_push_tag(data, ASN1_APPLICATION_SIMPLE(msg->type))) goto err;
     577       75075 :                 if (!asn1_write(data, r->dn, strlen(r->dn))) goto err;
     578       75075 :                 if (!asn1_pop_tag(data)) goto err;
     579       75039 :                 break;
     580             :         }
     581       75115 :         case LDAP_TAG_DelResponse: {
     582       75115 :                 struct ldap_Result *r = &msg->r.DelResponse;
     583       75115 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     584       75115 :                 if (!ldap_encode_response(data, r)) goto err;
     585       75115 :                 if (!asn1_pop_tag(data)) goto err;
     586       75079 :                 break;
     587             :         }
     588         388 :         case LDAP_TAG_ModifyDNRequest: {
     589         388 :                 struct ldap_ModifyDNRequest *r = &msg->r.ModifyDNRequest;
     590         388 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     591         388 :                 if (!asn1_write_OctetString(data, r->dn, strlen(r->dn))) goto err;
     592         388 :                 if (!asn1_write_OctetString(data, r->newrdn, strlen(r->newrdn))) goto err;
     593         388 :                 if (!asn1_write_BOOLEAN(data, r->deleteolddn)) goto err;
     594         388 :                 if (r->newsuperior) {
     595         384 :                         if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(0))) goto err;
     596         384 :                         if (!asn1_write(data, r->newsuperior,
     597         384 :                                    strlen(r->newsuperior))) goto err;
     598         384 :                         if (!asn1_pop_tag(data)) goto err;
     599             :                 }
     600         388 :                 if (!asn1_pop_tag(data)) goto err;
     601         388 :                 break;
     602             :         }
     603         388 :         case LDAP_TAG_ModifyDNResponse: {
     604         388 :                 struct ldap_Result *r = &msg->r.ModifyDNResponse;
     605         388 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     606         388 :                 if (!ldap_encode_response(data, r)) goto err;
     607         388 :                 if (!asn1_pop_tag(data)) goto err;
     608         388 :                 break;
     609             :         }
     610           1 :         case LDAP_TAG_CompareRequest: {
     611           1 :                 struct ldap_CompareRequest *r = &msg->r.CompareRequest;
     612           1 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     613           1 :                 if (!asn1_write_OctetString(data, r->dn, strlen(r->dn))) goto err;
     614           1 :                 if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) goto err;
     615           1 :                 if (!asn1_write_OctetString(data, r->attribute,
     616           0 :                                        strlen(r->attribute))) goto err;
     617           1 :                 if (!asn1_write_OctetString(data, r->value.data,
     618           0 :                                        r->value.length)) goto err;
     619           1 :                 if (!asn1_pop_tag(data)) goto err;
     620           1 :                 if (!asn1_pop_tag(data)) goto err;
     621           1 :                 break;
     622             :         }
     623           1 :         case LDAP_TAG_CompareResponse: {
     624           1 :                 struct ldap_Result *r = &msg->r.ModifyDNResponse;
     625           1 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     626           1 :                 if (!ldap_encode_response(data, r)) goto err;
     627           1 :                 if (!asn1_pop_tag(data)) goto err;
     628           1 :                 break;
     629             :         }
     630          80 :         case LDAP_TAG_AbandonRequest: {
     631          80 :                 struct ldap_AbandonRequest *r = &msg->r.AbandonRequest;
     632          80 :                 if (!asn1_push_tag(data, ASN1_APPLICATION_SIMPLE(msg->type))) goto err;
     633          80 :                 if (!asn1_write_implicit_Integer(data, r->messageid)) goto err;
     634          80 :                 if (!asn1_pop_tag(data)) goto err;
     635          80 :                 break;
     636             :         }
     637      135599 :         case LDAP_TAG_SearchResultReference: {
     638      135599 :                 struct ldap_SearchResRef *r = &msg->r.SearchResultReference;
     639      135599 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     640      135599 :                 if (!asn1_write_OctetString(data, r->referral, strlen(r->referral))) goto err;
     641      135599 :                 if (!asn1_pop_tag(data)) goto err;
     642      135563 :                 break;
     643             :         }
     644         376 :         case LDAP_TAG_ExtendedRequest: {
     645         376 :                 struct ldap_ExtendedRequest *r = &msg->r.ExtendedRequest;
     646         376 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     647         376 :                 if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(0))) goto err;
     648         376 :                 if (!asn1_write(data, r->oid, strlen(r->oid))) goto err;
     649         376 :                 if (!asn1_pop_tag(data)) goto err;
     650         376 :                 if (r->value) {
     651         315 :                         if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(1))) goto err;
     652         315 :                         if (!asn1_write(data, r->value->data, r->value->length)) goto err;
     653         315 :                         if (!asn1_pop_tag(data)) goto err;
     654             :                 }
     655         376 :                 if (!asn1_pop_tag(data)) goto err;
     656         376 :                 break;
     657             :         }
     658         394 :         case LDAP_TAG_ExtendedResponse: {
     659         394 :                 struct ldap_ExtendedResponse *r = &msg->r.ExtendedResponse;
     660         394 :                 if (!asn1_push_tag(data, ASN1_APPLICATION(msg->type))) goto err;
     661         394 :                 if (!ldap_encode_response(data, &r->response)) goto err;
     662         394 :                 if (r->oid) {
     663         394 :                         if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(10))) goto err;
     664         394 :                         if (!asn1_write(data, r->oid, strlen(r->oid))) goto err;
     665         394 :                         if (!asn1_pop_tag(data)) goto err;
     666             :                 }
     667         394 :                 if (r->value) {
     668           1 :                         if (!asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(11))) goto err;
     669           1 :                         if (!asn1_write(data, r->value->data, r->value->length)) goto err;
     670           1 :                         if (!asn1_pop_tag(data)) goto err;
     671             :                 }
     672         394 :                 if (!asn1_pop_tag(data)) goto err;
     673         394 :                 break;
     674             :         }
     675           0 :         default:
     676           0 :                 goto err;
     677             :         }
     678             : 
     679     1967025 :         if (msg->controls != NULL) {
     680      297247 :                 if (!asn1_push_tag(data, ASN1_CONTEXT(0))) goto err;
     681             :                 
     682      698850 :                 for (i = 0; msg->controls[i] != NULL; i++) {
     683      401603 :                         if (!ldap_encode_control(mem_ctx, data,
     684             :                                                  control_handlers,
     685      401603 :                                                  msg->controls[i])) {
     686           0 :                                 DEBUG(0,("Unable to encode control %s\n",
     687             :                                          msg->controls[i]->oid));
     688           0 :                                 goto err;
     689             :                         }
     690             :                 }
     691             : 
     692      297247 :                 if (!asn1_pop_tag(data)) goto err;
     693             :         }
     694             : 
     695     1967025 :         if (!asn1_pop_tag(data)) goto err;
     696             : 
     697     1967025 :         if (!asn1_extract_blob(data, mem_ctx, result)) {
     698           0 :                 goto err;
     699             :         }
     700             : 
     701     1967025 :         asn1_free(data);
     702             : 
     703     1967025 :         return true;
     704             : 
     705           0 :   err:
     706             : 
     707           0 :         asn1_free(data);
     708           0 :         return false;
     709             : }
     710             : 
     711     6656022 : static const char *blob2string_talloc(TALLOC_CTX *mem_ctx,
     712             :                                       DATA_BLOB blob)
     713             : {
     714     6656022 :         char *result = talloc_array(mem_ctx, char, blob.length+1);
     715     6656022 :         if (result == NULL) {
     716           0 :                 return NULL;
     717             :         }
     718     6656022 :         memcpy(result, blob.data, blob.length);
     719     6656022 :         result[blob.length] = '\0';
     720     6656022 :         return result;
     721             : }
     722             : 
     723     6655254 : bool asn1_read_OctetString_talloc(TALLOC_CTX *mem_ctx,
     724             :                                   struct asn1_data *data,
     725             :                                   const char **result)
     726             : {
     727        4425 :         DATA_BLOB string;
     728     6655254 :         if (!asn1_read_OctetString(data, mem_ctx, &string))
     729           0 :                 return false;
     730     6655254 :         *result = blob2string_talloc(mem_ctx, string);
     731     6655254 :         data_blob_free(&string);
     732     6655254 :         return *result ? true : false;
     733             : }
     734             : 
     735      607028 : static bool ldap_decode_response(TALLOC_CTX *mem_ctx,
     736             :                                  struct asn1_data *data,
     737             :                                  struct ldap_Result *result)
     738             : {
     739      607028 :         if (!asn1_read_enumerated(data, &result->resultcode)) return false;
     740      607028 :         if (!asn1_read_OctetString_talloc(mem_ctx, data, &result->dn)) return false;
     741      607028 :         if (!asn1_read_OctetString_talloc(mem_ctx, data, &result->errormessage)) return false;
     742      607028 :         if (asn1_peek_tag(data, ASN1_CONTEXT(3))) {
     743           8 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(3))) return false;
     744           8 :                 if (!asn1_read_OctetString_talloc(mem_ctx, data, &result->referral)) return false;
     745           8 :                 if (!asn1_end_tag(data)) return false;
     746             :         } else {
     747      607020 :                 result->referral = NULL;
     748             :         }
     749      606404 :         return true;
     750             : }
     751             : 
     752       15011 : static struct ldb_val **ldap_decode_substring(TALLOC_CTX *mem_ctx, struct ldb_val **chunks, int chunk_num, char *value)
     753             : {
     754             : 
     755       15011 :         chunks = talloc_realloc(mem_ctx, chunks, struct ldb_val *, chunk_num + 2);
     756       15011 :         if (chunks == NULL) {
     757           0 :                 return NULL;
     758             :         }
     759             : 
     760       15011 :         chunks[chunk_num] = talloc(mem_ctx, struct ldb_val);
     761       15011 :         if (chunks[chunk_num] == NULL) {
     762           0 :                 return NULL;
     763             :         }
     764             : 
     765       15011 :         chunks[chunk_num]->data = (uint8_t *)talloc_strdup(mem_ctx, value);
     766       15011 :         if (chunks[chunk_num]->data == NULL) {
     767           0 :                 return NULL;
     768             :         }
     769       15011 :         chunks[chunk_num]->length = strlen(value);
     770             : 
     771       15011 :         chunks[chunk_num + 1] = NULL;
     772             : 
     773       15011 :         return chunks;
     774             : }
     775             : 
     776             : 
     777             : /*
     778             :   parse the ASN.1 formatted search string into a ldb_parse_tree
     779             : */
     780      934886 : static struct ldb_parse_tree *ldap_decode_filter_tree(TALLOC_CTX *mem_ctx, 
     781             :                                                       struct asn1_data *data)
     782             : {
     783        1063 :         uint8_t filter_tag;
     784        1063 :         struct ldb_parse_tree *ret;
     785             : 
     786      934886 :         if (!asn1_peek_uint8(data, &filter_tag)) {
     787           0 :                 return NULL;
     788             :         }
     789             : 
     790      934886 :         filter_tag &= 0x1f; /* strip off the asn1 stuff */
     791             : 
     792      934886 :         ret = talloc(mem_ctx, struct ldb_parse_tree);
     793      934886 :         if (ret == NULL) return NULL;
     794             : 
     795      934886 :         switch(filter_tag) {
     796      263993 :         case 0:
     797             :         case 1:
     798             :                 /* AND or OR of one or more filters */
     799      263993 :                 ret->operation = (filter_tag == 0)?LDB_OP_AND:LDB_OP_OR;
     800      263993 :                 ret->u.list.num_elements = 0;
     801      263993 :                 ret->u.list.elements = NULL;
     802             : 
     803      263993 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) {
     804           1 :                         goto failed;
     805             :                 }
     806             : 
     807      839531 :                 while (asn1_tag_remaining(data) > 0) {
     808         775 :                         struct ldb_parse_tree *subtree;
     809      576050 :                         subtree = ldap_decode_filter_tree(ret, data);
     810      576050 :                         if (subtree == NULL) {
     811         511 :                                 goto failed;
     812             :                         }
     813      575803 :                         ret->u.list.elements = 
     814      575539 :                                 talloc_realloc(ret, ret->u.list.elements, 
     815             :                                                struct ldb_parse_tree *, 
     816             :                                                ret->u.list.num_elements+1);
     817      575539 :                         if (ret->u.list.elements == NULL) {
     818           0 :                                 goto failed;
     819             :                         }
     820      575539 :                         talloc_steal(ret->u.list.elements, subtree);
     821      575539 :                         ret->u.list.elements[ret->u.list.num_elements] = subtree;
     822      575539 :                         ret->u.list.num_elements++;
     823             :                 }
     824      263481 :                 if (!asn1_end_tag(data)) {
     825           0 :                         goto failed;
     826             :                 }
     827      263331 :                 break;
     828             : 
     829       15052 :         case 2:
     830             :                 /* 'not' operation */
     831       15052 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) {
     832           0 :                         goto failed;
     833             :                 }
     834             : 
     835       15052 :                 ret->operation = LDB_OP_NOT;
     836       15052 :                 ret->u.isnot.child = ldap_decode_filter_tree(ret, data);
     837       15052 :                 if (ret->u.isnot.child == NULL) {
     838           0 :                         goto failed;
     839             :                 }
     840       15052 :                 if (!asn1_end_tag(data)) {
     841           0 :                         goto failed;
     842             :                 }
     843       15052 :                 break;
     844             : 
     845      163033 :         case 3: {
     846             :                 /* equalityMatch */
     847          48 :                 const char *attrib;
     848          48 :                 DATA_BLOB value;
     849             : 
     850      163033 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) goto failed;
     851      163033 :                 if (!asn1_read_OctetString_talloc(mem_ctx, data, &attrib)) goto failed;
     852      163033 :                 if (!asn1_read_OctetString(data, mem_ctx, &value)) goto failed;
     853      163033 :                 if (!asn1_end_tag(data)) goto failed;
     854      163033 :                 if (asn1_has_error(data) || (attrib == NULL) ||
     855      163033 :                     (value.data == NULL)) {
     856           0 :                         goto failed;
     857             :                 }
     858             : 
     859      163033 :                 ret->operation = LDB_OP_EQUALITY;
     860      163033 :                 ret->u.equality.attr = talloc_steal(ret, attrib);
     861      163033 :                 ret->u.equality.value.data = talloc_steal(ret, value.data);
     862      163033 :                 ret->u.equality.value.length = value.length;
     863      163033 :                 break;
     864             :         }
     865       14996 :         case 4: {
     866             :                 /* substrings */
     867           0 :                 DATA_BLOB attr;
     868           0 :                 uint8_t subs_tag;
     869           0 :                 char *value;
     870       14996 :                 int chunk_num = 0;
     871             : 
     872       14996 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) {
     873           0 :                         goto failed;
     874             :                 }
     875       14996 :                 if (!asn1_read_OctetString(data, mem_ctx, &attr)) {
     876           0 :                         goto failed;
     877             :                 }
     878             : 
     879       14996 :                 ret->operation = LDB_OP_SUBSTRING;
     880       14996 :                 ret->u.substring.attr = talloc_strndup(ret, (char *)attr.data, attr.length);
     881       14996 :                 if (ret->u.substring.attr == NULL) {
     882           0 :                         goto failed;
     883             :                 }
     884       14996 :                 ret->u.substring.chunks = NULL;
     885       14996 :                 ret->u.substring.start_with_wildcard = 1;
     886       14996 :                 ret->u.substring.end_with_wildcard = 1;
     887             : 
     888       14996 :                 if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) {
     889           0 :                         goto failed;
     890             :                 }
     891             : 
     892       30007 :                 while (asn1_tag_remaining(data) > 0) {
     893       15011 :                         if (!asn1_peek_uint8(data, &subs_tag)) goto failed;
     894       15011 :                         subs_tag &= 0x1f;   /* strip off the asn1 stuff */
     895       15011 :                         if (subs_tag > 2) goto failed;
     896             : 
     897       15011 :                         if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(subs_tag))) goto failed;
     898       15011 :                         if (!asn1_read_LDAPString(data, mem_ctx, &value)) goto failed;
     899       15011 :                         if (!asn1_end_tag(data)) goto failed;
     900             : 
     901       15011 :                         switch (subs_tag) {
     902        4255 :                         case 0:
     903        4255 :                                 if (ret->u.substring.chunks != NULL) {
     904             :                                         /* initial value found in the middle */
     905           0 :                                         goto failed;
     906             :                                 }
     907             : 
     908        4255 :                                 ret->u.substring.chunks = ldap_decode_substring(ret, NULL, 0, value);
     909        4255 :                                 if (ret->u.substring.chunks == NULL) {
     910           0 :                                         goto failed;
     911             :                                 }
     912             : 
     913        4255 :                                 ret->u.substring.start_with_wildcard = 0;
     914        4255 :                                 chunk_num = 1;
     915        4255 :                                 break;
     916             : 
     917       10264 :                         case 1:
     918       10264 :                                 if (ret->u.substring.end_with_wildcard == 0) {
     919             :                                         /* "any" value found after a "final" value */
     920           0 :                                         goto failed;
     921             :                                 }
     922             : 
     923       10264 :                                 ret->u.substring.chunks = ldap_decode_substring(ret,
     924             :                                                                                 ret->u.substring.chunks,
     925             :                                                                                 chunk_num,
     926             :                                                                                 value);
     927       10264 :                                 if (ret->u.substring.chunks == NULL) {
     928           0 :                                         goto failed;
     929             :                                 }
     930             : 
     931       10264 :                                 chunk_num++;
     932       10264 :                                 break;
     933             : 
     934         492 :                         case 2:
     935         492 :                                 ret->u.substring.chunks = ldap_decode_substring(ret,
     936             :                                                                                 ret->u.substring.chunks,
     937             :                                                                                 chunk_num,
     938             :                                                                                 value);
     939         492 :                                 if (ret->u.substring.chunks == NULL) {
     940           0 :                                         goto failed;
     941             :                                 }
     942             : 
     943         492 :                                 ret->u.substring.end_with_wildcard = 0;
     944         492 :                                 break;
     945             : 
     946           0 :                         default:
     947           0 :                                 goto failed;
     948             :                         }
     949             : 
     950             :                 }
     951             : 
     952       14996 :                 if (!asn1_end_tag(data)) { /* SEQUENCE */
     953           0 :                         goto failed;
     954             :                 }
     955             : 
     956       14996 :                 if (!asn1_end_tag(data)) {
     957           0 :                         goto failed;
     958             :                 }
     959       14996 :                 break;
     960             :         }
     961         279 :         case 5: {
     962             :                 /* greaterOrEqual */
     963           0 :                 const char *attrib;
     964           0 :                 DATA_BLOB value;
     965             : 
     966         279 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) goto failed;
     967         279 :                 if (!asn1_read_OctetString_talloc(mem_ctx, data, &attrib)) goto failed;
     968         279 :                 if (!asn1_read_OctetString(data, mem_ctx, &value)) goto failed;
     969         279 :                 if (!asn1_end_tag(data)) goto failed;
     970         279 :                 if (asn1_has_error(data) || (attrib == NULL) ||
     971         279 :                     (value.data == NULL)) {
     972           0 :                         goto failed;
     973             :                 }
     974             : 
     975         279 :                 ret->operation = LDB_OP_GREATER;
     976         279 :                 ret->u.comparison.attr = talloc_steal(ret, attrib);
     977         279 :                 ret->u.comparison.value.data = talloc_steal(ret, value.data);
     978         279 :                 ret->u.comparison.value.length = value.length;
     979         279 :                 break;
     980             :         }
     981         287 :         case 6: {
     982             :                 /* lessOrEqual */
     983           0 :                 const char *attrib;
     984           0 :                 DATA_BLOB value;
     985             : 
     986         287 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) goto failed;
     987         287 :                 if (!asn1_read_OctetString_talloc(mem_ctx, data, &attrib)) goto failed;
     988         287 :                 if (!asn1_read_OctetString(data, mem_ctx, &value)) goto failed;
     989         287 :                 if (!asn1_end_tag(data)) goto failed;
     990         287 :                 if (asn1_has_error(data) || (attrib == NULL) ||
     991         287 :                     (value.data == NULL)) {
     992           0 :                         goto failed;
     993             :                 }
     994             : 
     995         287 :                 ret->operation = LDB_OP_LESS;
     996         287 :                 ret->u.comparison.attr = talloc_steal(ret, attrib);
     997         287 :                 ret->u.comparison.value.data = talloc_steal(ret, value.data);
     998         287 :                 ret->u.comparison.value.length = value.length;
     999         287 :                 break;
    1000             :         }
    1001      459382 :         case 7: {
    1002             :                 /* Normal presence, "attribute=*" */
    1003         353 :                 char *attr;
    1004             : 
    1005      459382 :                 if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(filter_tag))) {
    1006           1 :                         goto failed;
    1007             :                 }
    1008      459381 :                 if (!asn1_read_LDAPString(data, ret, &attr)) {
    1009           0 :                         goto failed;
    1010             :                 }
    1011             : 
    1012      459381 :                 ret->operation = LDB_OP_PRESENT;
    1013      459381 :                 ret->u.present.attr = talloc_steal(ret, attr);
    1014             : 
    1015      459381 :                 if (!asn1_end_tag(data)) {
    1016           0 :                         goto failed;
    1017             :                 }
    1018      459381 :                 break;
    1019             :         }
    1020           8 :         case 8: {
    1021             :                 /* approx */
    1022           0 :                 const char *attrib;
    1023           0 :                 DATA_BLOB value;
    1024             : 
    1025           8 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) goto failed;
    1026           8 :                 if (!asn1_read_OctetString_talloc(mem_ctx, data, &attrib)) goto failed;
    1027           8 :                 if (!asn1_read_OctetString(data, mem_ctx, &value)) goto failed;
    1028           8 :                 if (!asn1_end_tag(data)) goto failed;
    1029           8 :                 if (asn1_has_error(data) || (attrib == NULL) ||
    1030           8 :                     (value.data == NULL)) {
    1031           0 :                         goto failed;
    1032             :                 }
    1033             : 
    1034           8 :                 ret->operation = LDB_OP_APPROX;
    1035           8 :                 ret->u.comparison.attr = talloc_steal(ret, attrib);
    1036           8 :                 ret->u.comparison.value.data = talloc_steal(ret, value.data);
    1037           8 :                 ret->u.comparison.value.length = value.length;
    1038           8 :                 break;
    1039             :         }
    1040       17856 :         case 9: {
    1041       17856 :                 char *oid = NULL, *attr = NULL, *value;
    1042           0 :                 uint8_t dnAttributes;
    1043             :                 /* an extended search */
    1044       17856 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(filter_tag))) {
    1045           0 :                         goto failed;
    1046             :                 }
    1047             : 
    1048             :                 /* FIXME: read carefully rfc2251.txt there are a number of 'MUST's
    1049             :                    we need to check we properly implement --SSS */ 
    1050             :                 /* either oid or type must be defined */
    1051       17856 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(1))) { /* optional */
    1052       17848 :                         if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(1))) goto failed;
    1053       17848 :                         if (!asn1_read_LDAPString(data, ret, &oid)) goto failed;
    1054       17848 :                         if (!asn1_end_tag(data)) goto failed;
    1055             :                 }
    1056       17856 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(2))) {      /* optional  */
    1057       17848 :                         if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(2))) goto failed;
    1058       17848 :                         if (!asn1_read_LDAPString(data, ret, &attr)) goto failed;
    1059       17848 :                         if (!asn1_end_tag(data)) goto failed;
    1060             :                 }
    1061       17856 :                 if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(3))) goto failed;
    1062       17856 :                 if (!asn1_read_LDAPString(data, ret, &value)) goto failed;
    1063       17856 :                 if (!asn1_end_tag(data)) goto failed;
    1064             :                 /* dnAttributes is marked as BOOLEAN DEFAULT FALSE
    1065             :                    it is not marked as OPTIONAL but openldap tools
    1066             :                    do not set this unless it is to be set as TRUE
    1067             :                    NOTE: openldap tools do not work with AD as it
    1068             :                    seems that AD always requires the dnAttributes
    1069             :                    boolean value to be set */
    1070       17856 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(4))) {
    1071       17856 :                         if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(4))) goto failed;
    1072       17856 :                         if (!asn1_read_uint8(data, &dnAttributes)) goto failed;
    1073       17856 :                         if (!asn1_end_tag(data)) goto failed;
    1074             :                 } else {
    1075           0 :                         dnAttributes = 0;
    1076             :                 }
    1077       17856 :                 if ((oid == NULL && attr == NULL) || (value == NULL)) {
    1078           0 :                         goto failed;
    1079             :                 }
    1080             : 
    1081       17856 :                 if (oid) {
    1082       17848 :                         ret->operation               = LDB_OP_EXTENDED;
    1083             : 
    1084             :                         /* From the RFC2251: If the type field is
    1085             :                            absent and matchingRule is present, the matchValue is compared
    1086             :                            against all attributes in an entry which support that matchingRule
    1087             :                         */
    1088       17848 :                         if (attr) {
    1089       17840 :                                 ret->u.extended.attr = talloc_steal(ret, attr);
    1090             :                         } else {
    1091           8 :                                 ret->u.extended.attr = talloc_strdup(ret, "*");
    1092           8 :                                 if (ret->u.extended.attr == NULL) {
    1093           0 :                                         goto failed;
    1094             :                                 }
    1095             :                         }
    1096       17848 :                         ret->u.extended.rule_id      = talloc_steal(ret, oid);
    1097       17848 :                         ret->u.extended.value.data   = (uint8_t *)talloc_steal(ret, value);
    1098       17848 :                         ret->u.extended.value.length = strlen(value);
    1099       17848 :                         ret->u.extended.dnAttributes = dnAttributes;
    1100             :                 } else {
    1101           8 :                         ret->operation               = LDB_OP_EQUALITY;
    1102           8 :                         ret->u.equality.attr         = talloc_steal(ret, attr);
    1103           8 :                         ret->u.equality.value.data   = (uint8_t *)talloc_steal(ret, value);
    1104           8 :                         ret->u.equality.value.length = strlen(value);
    1105             :                 }
    1106       17856 :                 if (!asn1_end_tag(data)) {
    1107           0 :                         goto failed;
    1108             :                 }
    1109       17856 :                 break;
    1110             :         }
    1111             : 
    1112           0 :         default:
    1113           0 :                 goto failed;
    1114             :         }
    1115             :         
    1116      933823 :         return ret;
    1117             : 
    1118         513 : failed:
    1119         513 :         talloc_free(ret);
    1120         513 :         return NULL;    
    1121             : }
    1122             : 
    1123             : /* Decode a single LDAP attribute, possibly containing multiple values */
    1124     3354809 : static bool ldap_decode_attrib(TALLOC_CTX *mem_ctx, struct asn1_data *data,
    1125             :                                struct ldb_message_element *attrib)
    1126             : {
    1127     3354809 :         if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) return false;
    1128     3354809 :         if (!asn1_read_OctetString_talloc(mem_ctx, data, &attrib->name)) return false;
    1129     3354809 :         if (!asn1_start_tag(data, ASN1_SET)) return false;
    1130     7165539 :         while (asn1_peek_tag(data, ASN1_OCTET_STRING)) {
    1131        1232 :                 DATA_BLOB blob;
    1132     3810730 :                 if (!asn1_read_OctetString(data, mem_ctx, &blob)) return false;
    1133     3810730 :                 add_value_to_attrib(mem_ctx, &blob, attrib);
    1134             :         }
    1135     3354809 :         if (!asn1_end_tag(data)) return false;
    1136     3354809 :         return asn1_end_tag(data);
    1137             : }
    1138             : 
    1139             : /* Decode a set of LDAP attributes, as found in the dereference control */
    1140      679357 : bool ldap_decode_attribs_bare(TALLOC_CTX *mem_ctx, struct asn1_data *data,
    1141             :                               struct ldb_message_element **attributes,
    1142             :                               int *num_attributes)
    1143             : {
    1144     3920671 :         while (asn1_peek_tag(data, ASN1_SEQUENCE(0))) {
    1145         930 :                 struct ldb_message_element attrib;
    1146     3241314 :                 ZERO_STRUCT(attrib);
    1147     3241314 :                 if (!ldap_decode_attrib(mem_ctx, data, &attrib)) return false;
    1148     3241314 :                 add_attrib_to_array_talloc(mem_ctx, &attrib,
    1149             :                                            attributes, num_attributes);
    1150             :         }
    1151      679000 :         return true;
    1152             : }
    1153             : 
    1154             : /* Decode a set of LDAP attributes, as found in a search entry */
    1155      679357 : static bool ldap_decode_attribs(TALLOC_CTX *mem_ctx, struct asn1_data *data,
    1156             :                                 struct ldb_message_element **attributes,
    1157             :                                 int *num_attributes)
    1158             : {
    1159      679357 :         if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) return false;
    1160      679357 :         if (!ldap_decode_attribs_bare(mem_ctx, data,
    1161           0 :                                  attributes, num_attributes)) return false;
    1162      679357 :         return asn1_end_tag(data);
    1163             : }
    1164             : 
    1165             : /* This routine returns LDAP status codes */
    1166             : 
    1167     1962515 : _PUBLIC_ NTSTATUS ldap_decode(struct asn1_data *data,
    1168             :                               const struct ldap_request_limits *limits,
    1169             :                               const struct ldap_control_handler *control_handlers,
    1170             :                               struct ldap_message *msg)
    1171             : {
    1172        1608 :         uint8_t tag;
    1173             : 
    1174     1962515 :         if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto prot_err;
    1175     1962514 :         if (!asn1_read_Integer(data, &msg->messageid)) goto prot_err;
    1176             : 
    1177     1962514 :         if (!asn1_peek_uint8(data, &tag)) goto prot_err;
    1178             : 
    1179     1962514 :         switch(tag) {
    1180             : 
    1181       36353 :         case ASN1_APPLICATION(LDAP_TAG_BindRequest): {
    1182       36353 :                 struct ldap_BindRequest *r = &msg->r.BindRequest;
    1183       36353 :                 msg->type = LDAP_TAG_BindRequest;
    1184       36353 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1185       36353 :                 if (!asn1_read_Integer(data, &r->version)) goto prot_err;
    1186       36353 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->dn)) goto prot_err;
    1187       36353 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(0))) {
    1188           0 :                         int pwlen;
    1189         475 :                         r->creds.password = "";
    1190         475 :                         r->mechanism = LDAP_AUTH_MECH_SIMPLE;
    1191         475 :                         if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(0))) goto prot_err;
    1192         475 :                         pwlen = asn1_tag_remaining(data);
    1193         475 :                         if (pwlen == -1) {
    1194           0 :                                 goto prot_err;
    1195             :                         }
    1196         475 :                         if (pwlen != 0) {
    1197         455 :                                 char *pw = talloc_array(msg, char, pwlen+1);
    1198         455 :                                 if (!pw) {
    1199           0 :                                         return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1200             :                                 }
    1201         455 :                                 if (!asn1_read(data, pw, pwlen)) goto prot_err;
    1202         455 :                                 pw[pwlen] = '\0';
    1203         455 :                                 r->creds.password = pw;
    1204             :                         }
    1205         475 :                         if (!asn1_end_tag(data)) goto prot_err;
    1206       35878 :                 } else if (asn1_peek_tag(data, ASN1_CONTEXT(3))){
    1207       35878 :                         if (!asn1_start_tag(data, ASN1_CONTEXT(3))) goto prot_err;
    1208       35878 :                         r->mechanism = LDAP_AUTH_MECH_SASL;
    1209       35878 :                         if (!asn1_read_OctetString_talloc(msg, data, &r->creds.SASL.mechanism)) goto prot_err;
    1210       35878 :                         if (asn1_peek_tag(data, ASN1_OCTET_STRING)) { /* optional */
    1211       35878 :                                 DATA_BLOB tmp_blob = data_blob(NULL, 0);
    1212       35878 :                                 if (!asn1_read_OctetString(data, msg, &tmp_blob)) goto prot_err;
    1213       35878 :                                 r->creds.SASL.secblob = talloc(msg, DATA_BLOB);
    1214       35878 :                                 if (!r->creds.SASL.secblob) {
    1215           0 :                                         return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1216             :                                 }
    1217       35878 :                                 *r->creds.SASL.secblob = data_blob_talloc(r->creds.SASL.secblob,
    1218             :                                                                           tmp_blob.data, tmp_blob.length);
    1219       35878 :                                 data_blob_free(&tmp_blob);
    1220             :                         } else {
    1221           0 :                                 r->creds.SASL.secblob = NULL;
    1222             :                         }
    1223       35878 :                         if (!asn1_end_tag(data)) goto prot_err;
    1224             :                 } else {
    1225             :                         /* Neither Simple nor SASL bind */
    1226           0 :                         goto prot_err;
    1227             :                 }
    1228       36353 :                 if (!asn1_end_tag(data)) goto prot_err;
    1229       36231 :                 break;
    1230             :         }
    1231             : 
    1232       35762 :         case ASN1_APPLICATION(LDAP_TAG_BindResponse): {
    1233       35762 :                 struct ldap_BindResponse *r = &msg->r.BindResponse;
    1234       35762 :                 msg->type = LDAP_TAG_BindResponse;
    1235       35762 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1236       35762 :                 if (!ldap_decode_response(msg, data, &r->response)) goto prot_err;
    1237       35762 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(7))) {
    1238       35314 :                         DATA_BLOB tmp_blob = data_blob(NULL, 0);
    1239       35314 :                         if (!asn1_read_ContextSimple(data, msg, 7, &tmp_blob)) goto prot_err;
    1240       35314 :                         r->SASL.secblob = talloc(msg, DATA_BLOB);
    1241       35314 :                         if (!r->SASL.secblob) {
    1242           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1243             :                         }
    1244       35314 :                         *r->SASL.secblob = data_blob_talloc(r->SASL.secblob,
    1245             :                                                             tmp_blob.data, tmp_blob.length);
    1246       35314 :                         data_blob_free(&tmp_blob);
    1247             :                 } else {
    1248         448 :                         r->SASL.secblob = NULL;
    1249             :                 }
    1250       35762 :                 if (!asn1_end_tag(data)) goto prot_err;
    1251       35640 :                 break;
    1252             :         }
    1253             : 
    1254          23 :         case ASN1_APPLICATION_SIMPLE(LDAP_TAG_UnbindRequest): {
    1255          23 :                 msg->type = LDAP_TAG_UnbindRequest;
    1256          23 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1257          23 :                 if (!asn1_end_tag(data)) goto prot_err;
    1258          23 :                 break;
    1259             :         }
    1260             : 
    1261      343788 :         case ASN1_APPLICATION(LDAP_TAG_SearchRequest): {
    1262      343788 :                 struct ldap_SearchRequest *r = &msg->r.SearchRequest;
    1263         288 :                 int sizelimit, timelimit;
    1264      343788 :                 const char **attrs = NULL;
    1265      343788 :                 size_t request_size = asn1_get_length(data);
    1266      343788 :                 msg->type = LDAP_TAG_SearchRequest;
    1267      343788 :                 if (request_size > limits->max_search_size) {
    1268           6 :                         goto prot_err;
    1269             :                 }
    1270      343784 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1271      343784 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->basedn)) goto prot_err;
    1272      343784 :                 if (!asn1_read_enumerated(data, (int *)(void *)&(r->scope))) goto prot_err;
    1273      343784 :                 if (!asn1_read_enumerated(data, (int *)(void *)&(r->deref))) goto prot_err;
    1274      343784 :                 if (!asn1_read_Integer(data, &sizelimit)) goto prot_err;
    1275      343784 :                 r->sizelimit = sizelimit;
    1276      343784 :                 if (!asn1_read_Integer(data, &timelimit)) goto prot_err;
    1277      343784 :                 r->timelimit = timelimit;
    1278      343784 :                 if (!asn1_read_BOOLEAN(data, &r->attributesonly)) goto prot_err;
    1279             : 
    1280      343784 :                 r->tree = ldap_decode_filter_tree(msg, data);
    1281      343784 :                 if (r->tree == NULL) {
    1282           2 :                         goto prot_err;
    1283             :                 }
    1284             : 
    1285      343782 :                 if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto prot_err;
    1286             : 
    1287      343782 :                 r->num_attributes = 0;
    1288      343782 :                 r->attributes = NULL;
    1289             : 
    1290      950415 :                 while (asn1_tag_remaining(data) > 0) {
    1291             : 
    1292         914 :                         const char *attr;
    1293      606633 :                         if (!asn1_read_OctetString_talloc(msg, data,
    1294             :                                                           &attr))
    1295           0 :                                 goto prot_err;
    1296      606633 :                         if (!add_string_to_array(msg, attr,
    1297             :                                                  &attrs,
    1298             :                                                  &r->num_attributes))
    1299           0 :                                 goto prot_err;
    1300             :                 }
    1301      343782 :                 r->attributes = attrs;
    1302             : 
    1303      343782 :                 if (!asn1_end_tag(data)) goto prot_err;
    1304      343782 :                 if (!asn1_end_tag(data)) goto prot_err;
    1305      343782 :                 break;
    1306             :         }
    1307             : 
    1308      611562 :         case ASN1_APPLICATION(LDAP_TAG_SearchResultEntry): {
    1309      611562 :                 struct ldap_SearchResEntry *r = &msg->r.SearchResultEntry;
    1310      611562 :                 msg->type = LDAP_TAG_SearchResultEntry;
    1311      611562 :                 r->attributes = NULL;
    1312      611562 :                 r->num_attributes = 0;
    1313      611562 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1314      611562 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->dn)) goto prot_err;
    1315      611562 :                 if (!ldap_decode_attribs(msg, data, &r->attributes,
    1316           0 :                                     &r->num_attributes)) goto prot_err;
    1317      611562 :                 if (!asn1_end_tag(data)) goto prot_err;
    1318      611241 :                 break;
    1319             :         }
    1320             : 
    1321      341081 :         case ASN1_APPLICATION(LDAP_TAG_SearchResultDone): {
    1322      341081 :                 struct ldap_Result *r = &msg->r.SearchResultDone;
    1323      341081 :                 msg->type = LDAP_TAG_SearchResultDone;
    1324      341081 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1325      341081 :                 if (!ldap_decode_response(msg, data, r)) goto prot_err;
    1326      341081 :                 if (!asn1_end_tag(data)) goto prot_err;
    1327      340796 :                 break;
    1328             :         }
    1329             : 
    1330      133231 :         case ASN1_APPLICATION(LDAP_TAG_SearchResultReference): {
    1331      133231 :                 struct ldap_SearchResRef *r = &msg->r.SearchResultReference;
    1332      133231 :                 msg->type = LDAP_TAG_SearchResultReference;
    1333      133231 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1334      133231 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->referral)) goto prot_err;
    1335      133231 :                 if (!asn1_end_tag(data)) goto prot_err;
    1336      133195 :                 break;
    1337             :         }
    1338             : 
    1339       86760 :         case ASN1_APPLICATION(LDAP_TAG_ModifyRequest): {
    1340       86760 :                 struct ldap_ModifyRequest *r = &msg->r.ModifyRequest;
    1341       86760 :                 msg->type = LDAP_TAG_ModifyRequest;
    1342       86760 :                 if (!asn1_start_tag(data, ASN1_APPLICATION(LDAP_TAG_ModifyRequest))) goto prot_err;
    1343       86760 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->dn)) goto prot_err;
    1344       86760 :                 if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto prot_err;
    1345             : 
    1346       86760 :                 r->num_mods = 0;
    1347       86760 :                 r->mods = NULL;
    1348             : 
    1349      200255 :                 while (asn1_tag_remaining(data) > 0) {
    1350         216 :                         struct ldap_mod mod;
    1351         216 :                         int v;
    1352      113495 :                         ZERO_STRUCT(mod);
    1353      113495 :                         if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto prot_err;
    1354      113495 :                         if (!asn1_read_enumerated(data, &v)) goto prot_err;
    1355      113495 :                         mod.type = v;
    1356      113495 :                         if (!ldap_decode_attrib(msg, data, &mod.attrib)) goto prot_err;
    1357      113495 :                         if (!asn1_end_tag(data)) goto prot_err;
    1358      113495 :                         if (!add_mod_to_array_talloc(msg, &mod,
    1359             :                                                      &r->mods, &r->num_mods)) {
    1360           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1361             :                         }
    1362             :                 }
    1363             : 
    1364       86760 :                 if (!asn1_end_tag(data)) goto prot_err;
    1365       86760 :                 if (!asn1_end_tag(data)) goto prot_err;
    1366       86616 :                 break;
    1367             :         }
    1368             : 
    1369       86608 :         case ASN1_APPLICATION(LDAP_TAG_ModifyResponse): {
    1370       86608 :                 struct ldap_Result *r = &msg->r.ModifyResponse;
    1371       86608 :                 msg->type = LDAP_TAG_ModifyResponse;
    1372       86608 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1373       86608 :                 if (!ldap_decode_response(msg, data, r)) goto prot_err;
    1374       86608 :                 if (!asn1_end_tag(data)) goto prot_err;
    1375       86464 :                 break;
    1376             :         }
    1377             : 
    1378       67795 :         case ASN1_APPLICATION(LDAP_TAG_AddRequest): {
    1379       67795 :                 struct ldap_AddRequest *r = &msg->r.AddRequest;
    1380       67795 :                 msg->type = LDAP_TAG_AddRequest;
    1381       67795 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1382       67795 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->dn)) goto prot_err;
    1383             : 
    1384       67795 :                 r->attributes = NULL;
    1385       67795 :                 r->num_attributes = 0;
    1386       67795 :                 if (!ldap_decode_attribs(msg, data, &r->attributes,
    1387           0 :                                     &r->num_attributes)) goto prot_err;
    1388             : 
    1389       67795 :                 if (!asn1_end_tag(data)) goto prot_err;
    1390       67759 :                 break;
    1391             :         }
    1392             : 
    1393       67735 :         case ASN1_APPLICATION(LDAP_TAG_AddResponse): {
    1394       67735 :                 struct ldap_Result *r = &msg->r.AddResponse;
    1395       67735 :                 msg->type = LDAP_TAG_AddResponse;
    1396       67735 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1397       67735 :                 if (!ldap_decode_response(msg, data, r)) goto prot_err;
    1398       67735 :                 if (!asn1_end_tag(data)) goto prot_err;
    1399       67699 :                 break;
    1400             :         }
    1401             : 
    1402       75115 :         case ASN1_APPLICATION_SIMPLE(LDAP_TAG_DelRequest): {
    1403       75115 :                 struct ldap_DelRequest *r = &msg->r.DelRequest;
    1404          36 :                 int len;
    1405          36 :                 char *dn;
    1406       75115 :                 msg->type = LDAP_TAG_DelRequest;
    1407       75115 :                 if (!asn1_start_tag(data,
    1408           0 :                                ASN1_APPLICATION_SIMPLE(LDAP_TAG_DelRequest))) goto prot_err;
    1409       75115 :                 len = asn1_tag_remaining(data);
    1410       75115 :                 if (len == -1) {
    1411           0 :                         goto prot_err;
    1412             :                 }
    1413       75115 :                 dn = talloc_array(msg, char, len+1);
    1414       75115 :                 if (dn == NULL)
    1415           0 :                         break;
    1416       75115 :                 if (!asn1_read(data, dn, len)) goto prot_err;
    1417       75115 :                 dn[len] = '\0';
    1418       75115 :                 r->dn = dn;
    1419       75115 :                 if (!asn1_end_tag(data)) goto prot_err;
    1420       75079 :                 break;
    1421             :         }
    1422             : 
    1423       75075 :         case ASN1_APPLICATION(LDAP_TAG_DelResponse): {
    1424       75075 :                 struct ldap_Result *r = &msg->r.DelResponse;
    1425       75075 :                 msg->type = LDAP_TAG_DelResponse;
    1426       75075 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1427       75075 :                 if (!ldap_decode_response(msg, data, r)) goto prot_err;
    1428       75075 :                 if (!asn1_end_tag(data)) goto prot_err;
    1429       75039 :                 break;
    1430             :         }
    1431             : 
    1432         388 :         case ASN1_APPLICATION(LDAP_TAG_ModifyDNRequest): {
    1433         388 :                 struct ldap_ModifyDNRequest *r = &msg->r.ModifyDNRequest;
    1434         388 :                 msg->type = LDAP_TAG_ModifyDNRequest;
    1435         388 :                 if (!asn1_start_tag(data,
    1436           0 :                                ASN1_APPLICATION(LDAP_TAG_ModifyDNRequest))) goto prot_err;
    1437         388 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->dn)) goto prot_err;
    1438         388 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->newrdn)) goto prot_err;
    1439         388 :                 if (!asn1_read_BOOLEAN(data, &r->deleteolddn)) goto prot_err;
    1440         388 :                 r->newsuperior = NULL;
    1441         388 :                 if (asn1_tag_remaining(data) > 0) {
    1442           0 :                         int len;
    1443           0 :                         char *newsup;
    1444         384 :                         if (!asn1_start_tag(data, ASN1_CONTEXT_SIMPLE(0))) goto prot_err;
    1445         384 :                         len = asn1_tag_remaining(data);
    1446         384 :                         if (len == -1) {
    1447           0 :                                 goto prot_err;
    1448             :                         }
    1449         384 :                         newsup = talloc_array(msg, char, len+1);
    1450         384 :                         if (newsup == NULL) {
    1451           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1452             :                         }
    1453         384 :                         if (!asn1_read(data, newsup, len)) goto prot_err;
    1454         384 :                         newsup[len] = '\0';
    1455         384 :                         r->newsuperior = newsup;
    1456         384 :                         if (!asn1_end_tag(data)) goto prot_err;
    1457             :                 }
    1458         388 :                 if (!asn1_end_tag(data)) goto prot_err;
    1459         388 :                 break;
    1460             :         }
    1461             : 
    1462         388 :         case ASN1_APPLICATION(LDAP_TAG_ModifyDNResponse): {
    1463         388 :                 struct ldap_Result *r = &msg->r.ModifyDNResponse;
    1464         388 :                 msg->type = LDAP_TAG_ModifyDNResponse;
    1465         388 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1466         388 :                 if (!ldap_decode_response(msg, data, r)) goto prot_err;
    1467         388 :                 if (!asn1_end_tag(data)) goto prot_err;
    1468         388 :                 break;
    1469             :         }
    1470             : 
    1471           1 :         case ASN1_APPLICATION(LDAP_TAG_CompareRequest): {
    1472           1 :                 struct ldap_CompareRequest *r = &msg->r.CompareRequest;
    1473           1 :                 msg->type = LDAP_TAG_CompareRequest;
    1474           1 :                 if (!asn1_start_tag(data,
    1475           0 :                                ASN1_APPLICATION(LDAP_TAG_CompareRequest))) goto prot_err;
    1476           1 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->dn)) goto prot_err;
    1477           1 :                 if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto prot_err;
    1478           1 :                 if (!asn1_read_OctetString_talloc(msg, data, &r->attribute)) goto prot_err;
    1479           1 :                 if (!asn1_read_OctetString(data, msg, &r->value)) goto prot_err;
    1480           1 :                 if (r->value.data) {
    1481           1 :                         talloc_steal(msg, r->value.data);
    1482             :                 }
    1483           1 :                 if (!asn1_end_tag(data)) goto prot_err;
    1484           1 :                 if (!asn1_end_tag(data)) goto prot_err;
    1485           1 :                 break;
    1486             :         }
    1487             : 
    1488           1 :         case ASN1_APPLICATION(LDAP_TAG_CompareResponse): {
    1489           1 :                 struct ldap_Result *r = &msg->r.CompareResponse;
    1490           1 :                 msg->type = LDAP_TAG_CompareResponse;
    1491           1 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1492           1 :                 if (!ldap_decode_response(msg, data, r)) goto prot_err;
    1493           1 :                 if (!asn1_end_tag(data)) goto prot_err;
    1494           1 :                 break;
    1495             :         }
    1496             : 
    1497          80 :         case ASN1_APPLICATION_SIMPLE(LDAP_TAG_AbandonRequest): {
    1498          80 :                 struct ldap_AbandonRequest *r = &msg->r.AbandonRequest;
    1499          80 :                 msg->type = LDAP_TAG_AbandonRequest;
    1500          80 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1501          80 :                 if (!asn1_read_implicit_Integer(data, &r->messageid)) goto prot_err;
    1502          80 :                 if (!asn1_end_tag(data)) goto prot_err;
    1503          80 :                 break;
    1504             :         }
    1505             : 
    1506         390 :         case ASN1_APPLICATION(LDAP_TAG_ExtendedRequest): {
    1507         390 :                 struct ldap_ExtendedRequest *r = &msg->r.ExtendedRequest;
    1508         390 :                 DATA_BLOB tmp_blob = data_blob(NULL, 0);
    1509             : 
    1510         390 :                 msg->type = LDAP_TAG_ExtendedRequest;
    1511         390 :                 if (!asn1_start_tag(data,tag)) goto prot_err;
    1512         390 :                 if (!asn1_read_ContextSimple(data, msg, 0, &tmp_blob)) {
    1513           0 :                         goto prot_err;
    1514             :                 }
    1515         390 :                 r->oid = blob2string_talloc(msg, tmp_blob);
    1516         390 :                 data_blob_free(&tmp_blob);
    1517         390 :                 if (!r->oid) {
    1518           0 :                         return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1519             :                 }
    1520             : 
    1521         390 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(1))) {
    1522         315 :                         if (!asn1_read_ContextSimple(data, msg, 1, &tmp_blob)) goto prot_err;
    1523         315 :                         r->value = talloc(msg, DATA_BLOB);
    1524         315 :                         if (!r->value) {
    1525           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1526             :                         }
    1527         315 :                         *r->value = data_blob_talloc(r->value, tmp_blob.data, tmp_blob.length);
    1528         315 :                         data_blob_free(&tmp_blob);
    1529             :                 } else {
    1530          75 :                         r->value = NULL;
    1531             :                 }
    1532             : 
    1533         390 :                 if (!asn1_end_tag(data)) goto prot_err;
    1534         390 :                 break;
    1535             :         }
    1536             : 
    1537         378 :         case ASN1_APPLICATION(LDAP_TAG_ExtendedResponse): {
    1538         378 :                 struct ldap_ExtendedResponse *r = &msg->r.ExtendedResponse;
    1539         378 :                 DATA_BLOB tmp_blob = data_blob(NULL, 0);
    1540             : 
    1541         378 :                 msg->type = LDAP_TAG_ExtendedResponse;
    1542         378 :                 if (!asn1_start_tag(data, tag)) goto prot_err;
    1543         378 :                 if (!ldap_decode_response(msg, data, &r->response)) goto prot_err;
    1544             : 
    1545         378 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(10))) {
    1546         378 :                         if (!asn1_read_ContextSimple(data, msg, 10, &tmp_blob))
    1547           0 :                                 goto prot_err;
    1548         378 :                         r->oid = blob2string_talloc(msg, tmp_blob);
    1549         378 :                         data_blob_free(&tmp_blob);
    1550         378 :                         if (!r->oid) {
    1551           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1552             :                         }
    1553             :                 } else {
    1554           0 :                         r->oid = NULL;
    1555             :                 }
    1556             : 
    1557         378 :                 if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(11))) {
    1558           1 :                         if (!asn1_read_ContextSimple(data, msg, 11, &tmp_blob))
    1559           0 :                                 goto prot_err;
    1560           1 :                         r->value = talloc(msg, DATA_BLOB);
    1561           1 :                         if (!r->value) {
    1562           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1563             :                         }
    1564           1 :                         *r->value = data_blob_talloc(r->value, tmp_blob.data, tmp_blob.length);
    1565           1 :                         data_blob_free(&tmp_blob);
    1566             :                 } else {
    1567         377 :                         r->value = NULL;
    1568             :                 }
    1569             : 
    1570         378 :                 if (!asn1_end_tag(data)) goto prot_err;
    1571         378 :                 break;
    1572             :         }
    1573           0 :         default:
    1574           0 :                 goto prot_err;
    1575             :         }
    1576             : 
    1577     1962508 :         msg->controls = NULL;
    1578     1962508 :         msg->controls_decoded = NULL;
    1579             : 
    1580     1962508 :         if (asn1_peek_tag(data, ASN1_CONTEXT(0))) {
    1581      297443 :                 int i = 0;
    1582      297443 :                 struct ldb_control **ctrl = NULL;
    1583      297443 :                 bool *decoded = NULL;
    1584             : 
    1585      297443 :                 if (!asn1_start_tag(data, ASN1_CONTEXT(0))) goto prot_err;
    1586             : 
    1587      699253 :                 while (asn1_peek_tag(data, ASN1_SEQUENCE(0))) {
    1588           0 :                         DATA_BLOB value;
    1589             :                         /* asn1_start_tag(data, ASN1_SEQUENCE(0)); */
    1590             : 
    1591      401810 :                         ctrl = talloc_realloc(msg, ctrl, struct ldb_control *, i+2);
    1592      401810 :                         if (!ctrl) {
    1593           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1594             :                         }
    1595             : 
    1596      401810 :                         decoded = talloc_realloc(msg, decoded, bool, i+1);
    1597      401810 :                         if (!decoded) {
    1598           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1599             :                         }
    1600             : 
    1601      401810 :                         ctrl[i] = talloc(ctrl, struct ldb_control);
    1602      401810 :                         if (!ctrl[i]) {
    1603           0 :                                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
    1604             :                         }
    1605             : 
    1606      401810 :                         if (!ldap_decode_control_wrapper(ctrl[i], data, ctrl[i], &value)) {
    1607           0 :                                 goto prot_err;
    1608             :                         }
    1609             : 
    1610      401810 :                         if (!ldap_decode_control_value(ctrl[i], value,
    1611             :                                                        control_handlers,
    1612      401810 :                                                        ctrl[i])) {
    1613           0 :                                 if (ctrl[i]->critical) {
    1614           0 :                                         ctrl[i]->data = NULL;
    1615           0 :                                         decoded[i] = false;
    1616           0 :                                         i++;
    1617             :                                 } else {
    1618           0 :                                         talloc_free(ctrl[i]);
    1619           0 :                                         ctrl[i] = NULL;
    1620             :                                 }
    1621             :                         } else {
    1622      401810 :                                 decoded[i] = true;
    1623      401810 :                                 i++;
    1624             :                         }
    1625             :                 }
    1626             : 
    1627      297443 :                 if (ctrl != NULL) {
    1628      297441 :                         ctrl[i] = NULL;
    1629             :                 }
    1630             : 
    1631      297443 :                 msg->controls = ctrl;
    1632      297443 :                 msg->controls_decoded = decoded;
    1633             : 
    1634      297443 :                 if (!asn1_end_tag(data)) goto prot_err;
    1635             :         }
    1636             : 
    1637     1962508 :         if (!asn1_end_tag(data)) goto prot_err;
    1638     1962508 :         if (asn1_has_error(data) || asn1_has_nesting(data)) {
    1639           0 :                 return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR);
    1640             :         }
    1641     1962508 :         return NT_STATUS_OK;
    1642             : 
    1643           7 :   prot_err:
    1644             : 
    1645           7 :         return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR);
    1646             : }
    1647             : 
    1648             : 
    1649             : /*
    1650             :   return NT_STATUS_OK if a blob has enough bytes in it to be a full
    1651             :   ldap packet. Set packet_size if true.
    1652             : */
    1653     3906114 : NTSTATUS ldap_full_packet(struct tstream_context *stream,
    1654             :                           void *private_data,
    1655             :                           DATA_BLOB blob,
    1656             :                           size_t *packet_size)
    1657             : {
    1658        2918 :         int ret;
    1659             : 
    1660     3906114 :         if (blob.length < 6) {
    1661             :                 /*
    1662             :                  * We need at least 6 bytes to workout the length
    1663             :                  * of the pdu.
    1664             :                  */
    1665           0 :                 return STATUS_MORE_ENTRIES;
    1666             :         }
    1667             : 
    1668     3906114 :         ret = asn1_peek_full_tag(blob, ASN1_SEQUENCE(0), packet_size);
    1669     3906114 :         if (ret != 0) {
    1670     1953045 :                 return map_nt_error_from_unix_common(ret);
    1671             :         }
    1672     1953069 :         return NT_STATUS_OK;
    1673             : }

Generated by: LCOV version 1.14