From e14842729a5bc716e590cd3c178f3fd3232a5591 Mon Sep 17 00:00:00 2001 From: leitner Date: Mon, 14 Jan 2002 19:49:09 +0000 Subject: [PATCH] finish ldapsearchrequest scanner --- Makefile | 2 +- freeava.c | 10 +++++++ ldap.h | 1 + scan_asn1SEQUENCE.c | 6 ++-- scan_ldapava.c | 11 ++++++++ scan_ldapsearchfilter.c | 45 ++++++++++++++++++----------- scan_ldapsearchrequest.c | 26 +++++++++++++++-- t.c | 4 +-- t2.c | 61 ++++++++++++++++++++++++++++++++++++++++ 9 files changed, 141 insertions(+), 25 deletions(-) create mode 100644 freeava.c create mode 100644 scan_ldapava.c diff --git a/Makefile b/Makefile index 6b54169..f58f90f 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ scan_asn1BOOLEAN.o ldap.a: scan_ldapmessage.o fmt_ldapmessage.o fmt_ldapbindrequest.o \ scan_ldapbindrequest.o fmt_ldapbindresponse.o scan_ldapbindresponse.o \ scan_ldapstring.o scan_ldapsearchfilter.o scan_ldapsearchrequest.o \ -freefilter.o +freefilter.o freeava.o scan_ldapava.o DIET=diet -Os CC=gcc diff --git a/freeava.c b/freeava.c new file mode 100644 index 0000000..5295fbe --- /dev/null +++ b/freeava.c @@ -0,0 +1,10 @@ +#include +#include "ldap.h" + +void freeava(struct AttributeList* a) { + while (a) { + struct AttributeList* tmp=a->next; + free(a); + a=tmp; + } +} diff --git a/ldap.h b/ldap.h index a43c643..3c69780 100644 --- a/ldap.h +++ b/ldap.h @@ -54,6 +54,7 @@ enum ldapops { }; void freefilter(struct Filter* f); +void freeava(struct AttributeList* a); int scan_ldapstring(const char* src,const char* max,struct string* s); int scan_ldapmessage(const char* src,const char* max, diff --git a/scan_asn1SEQUENCE.c b/scan_asn1SEQUENCE.c index e19350e..0b5c2a4 100644 --- a/scan_asn1SEQUENCE.c +++ b/scan_asn1SEQUENCE.c @@ -2,15 +2,13 @@ int scan_asn1SEQUENCE(const char* src,const char* max,unsigned long* len) { int res,tmp; - long tlen; long tag; enum asn1_tagclass tc; enum asn1_tagtype tt; if (!(res=scan_asn1tag(src,max,&tc,&tt,&tag))) return 0; - if (!(tmp=scan_asn1length(src+res,max,&tlen))) return 0; + if (!(tmp=scan_asn1length(src+res,max,len))) return 0; res+=tmp; - if (src+res+tlen>max) return 0; - *len=res+tlen; + if (src+res+*len>max) return 0; if (tc==UNIVERSAL || tt==CONSTRUCTED || tag==SEQUENCE_OF) return res; return 0; diff --git a/scan_ldapava.c b/scan_ldapava.c new file mode 100644 index 0000000..9e96e8d --- /dev/null +++ b/scan_ldapava.c @@ -0,0 +1,11 @@ +#include "asn1.h" +#include "ldap.h" + +int scan_ldapava(const char* src,const char* max,struct AttributeValueAssertion* ava) { + int res,tmp; + if (!(res=scan_ldapstring(src,max,&ava->desc))) goto error; + if (!(tmp=scan_ldapstring(src+res,max,&ava->value))) goto error; + return res+tmp; +error: + return 0; +} diff --git a/scan_ldapsearchfilter.c b/scan_ldapsearchfilter.c index a4f073f..cc923f2 100644 --- a/scan_ldapsearchfilter.c +++ b/scan_ldapsearchfilter.c @@ -35,43 +35,56 @@ int scan_ldapsearchfilter(const char* src,const char* max,struct Filter** f) { enum asn1_tagtype tt; unsigned long tag,len; int res,tmp; + const char* nmax; *f=0; if (!(res=scan_asn1tag(src,max,&tc,&tt,&tag))) goto error; - if (tc!=CONTEXT_SPECIFIC || tt!=CONSTRUCTED || tag>9) goto error; + if (tc!=PRIVATE || tt!=CONSTRUCTED || tag>9) goto error; if (!(tmp=scan_asn1length(src+res,max,&len))) goto error; res+=tmp; if (src+res+len>max) goto error; if (!(*f=malloc(sizeof(struct Filter)))) goto error; + nmax=src+res+len; switch ((*f)->type=tag) { case 0: /* and [0] SET OF Filter, */ - goto error; case 1: /* or [1] SET OF Filter, */ - goto error; - case 2: /* not [2] Filter, */ - { - if (!(tmp=scan_ldapsearchfilter(src+res,src+res+len,&(*f)->x))) goto error; - if (tmp!=len) goto error; + (*f)->x=0; + while (src+resx; + if (!(tmp=scan_ldapsearchfilter(src+res,nmax,&(*f)->x))) { + if (F) { /* OK, end of sequence */ + (*f)->x=F; + break; + } + (*f)->x=F; + goto error; + } + (*f)->x->next=F; + res+=tmp; } + break; + case 2: /* not [2] Filter, */ + if (!(tmp=scan_ldapsearchfilter(src+res,nmax,&(*f)->x))) goto error; + if (tmp!=len) goto error; + break; case 3: /* equalityMatch [3] AttributeValueAssertion, */ - goto error; + case 5: /* greaterOrEqual [5] AttributeValueAssertion, */ + case 6: /* lessOrEqual [6] AttributeValueAssertion, */ + case 8: /* approxMatch [8] AttributeValueAssertion, */ + if (!(tmp=scan_ldapava(src+res,nmax,&(*f)->ava))) goto error; + res+=tmp; + break; case 4: /* substrings [4] SubstringFilter, */ { - const char* nmax=src+res+len; long len2; if (!(tmp=scan_ldapstring(src+res,nmax,&(*f)->ava.desc))) goto error; res+=tmp; if (!(tmp=scan_asn1SEQUENCE(src+res,nmax,&len2))) goto error; if (src+tmp+len2!=nmax) goto error; - goto error; + res+=tmp; + goto error; /* TODO */ } - case 5: /* greaterOrEqual [5] AttributeValueAssertion, */ - goto error; - case 6: /* lessOrEqual [6] AttributeValueAssertion, */ - goto error; case 7: /* present [7] AttributeDescription, */ goto error; - case 8: /* approxMatch [8] AttributeValueAssertion, */ - goto error; case 9: /* extensibleMatch [9] MatchingRuleAssertion } */ goto error; } diff --git a/scan_ldapsearchrequest.c b/scan_ldapsearchrequest.c index 5f34203..0ecef18 100644 --- a/scan_ldapsearchrequest.c +++ b/scan_ldapsearchrequest.c @@ -1,3 +1,4 @@ +#include #include "asn1.h" #include "ldap.h" @@ -18,8 +19,29 @@ int scan_ldapsearchrequest(const char* src,const char* max, res+=tmp; if (!(tmp=scan_ldapsearchfilter(src+res,max,&s->filter))) goto error; res+=tmp; - /* TODO: parse attributedescriptionlist */ - return res; + /* now for the attributelist */ +#if 1 + if (!(tmp=scan_asn1SEQUENCE(src+res,max,&etmp))) goto error; + res+=tmp; +#endif + { + const char* nmax=src+res+etmp; +//#define nmax max + struct AttributeList** a=&s->attributes; + if (nmax>max) goto error; + for (;;) { + if (src+res>nmax) goto error; + if (src+res==nmax) break; + if (!*a) *a=malloc(sizeof(struct AttributeList)); + if (!*a) goto error; + (*a)->next=0; + if (!(tmp=scan_ldapstring(src+res,nmax,&(*a)->a))) goto error; + res+=tmp; + a=&(*a)->next; + } + /* TODO: parse attributedescriptionlist */ + return res; + } error: return 0; } diff --git a/t.c b/t.c index dbb4921..27e8c9c 100644 --- a/t.c +++ b/t.c @@ -538,10 +538,10 @@ int main() { char* max; int l,fd,res; // fd=open_read("/tmp/ldap/127.000.000.001.32875-127.000.000.001.00389"); -// fd=open_read("/tmp/ldap/127.000.000.001.32779-127.000.000.001.00389"); + fd=open_read("/tmp/ldap/127.000.000.001.32779-127.000.000.001.00389"); // fd=open_read("/tmp/ldap/127.000.000.001.38433-127.000.000.001.00389"); // fd=open_read("/tmp/ldap/127.000.000.001.00389-127.000.000.001.32779"); - fd=open_read("answer"); +// fd=open_read("answer"); l=read(fd,buf,8192); max=buf+l; close(fd); diff --git a/t2.c b/t2.c index 3fbdac2..de996d6 100644 --- a/t2.c +++ b/t2.c @@ -4,6 +4,62 @@ #include "asn1.h" #include "ldap.h" +void printava(struct AttributeValueAssertion* a,const char* rel) { + printf("[%.*s %s %.*s]",(int)a->desc.l,a->desc.s,rel,(int)a->value.l,a->value.s); +} + +void printal(struct AttributeList* a) { + while (a) { + printf("%.*s",(int)a->a.l,a->a.s); + a=a->next; + if (a) printf(","); + } + printf("\n"); +} + +void printfilter(struct Filter* f) { + switch (f->type) { + case AND: + printf("&("); +mergesub: + printfilter(f->x); + printf(")"); + break; + case OR: + printf("|("); + goto mergesub; + break; + case NOT: + printf("!("); + goto mergesub; + case EQUAL: + printava(&f->ava,"=="); + break; + case SUBSTRING: + printava(&f->ava,"\\in"); + break; + case GREATEQUAL: + printava(&f->ava,">="); + break; + case LESSEQUAL: + printava(&f->ava,"<="); + break; + case PRESENT: + printava(&f->ava,"\\exist"); + break; + case APPROX: + printava(&f->ava,"\\approx"); + break; + case EXTENSIBLE: + printf("[extensible]"); + break; + } + if (f->next) { + printf(","); + printfilter(f->next); + } +} + int main(int argc,char* argv[]) { #if 1 unsigned long size; @@ -36,6 +92,11 @@ int main(int argc,char* argv[]) { { struct SearchRequest br; printf("scan_ldapsearchrequest %d\n",res=scan_ldapsearchrequest(ldapsequence+done+res,ldapsequence+size,&br)); + if (res) { + printf("LDAPDN: \"%.*s\"\n",(int)br.LDAPDN.l,br.LDAPDN.s); + printfilter(br.filter); printf("\n"); + } + printal(br.attributes); break; } }