diff options
author | Andrew Bartlett <abartlet@samba.org> | 2017-09-05 14:05:43 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-09-07 06:56:27 +0200 |
commit | 37bb62990b96b266ba4a3e90cadd414e6fee5ddf (patch) | |
tree | e765ca344372beeee904bf3979a037ecdfb8d0ac /lib/ldb | |
parent | 01c49b1a3561decdb10b5273d96d68d8e3d2b178 (diff) | |
download | samba-37bb62990b96b266ba4a3e90cadd414e6fee5ddf.tar.gz |
ldb: Add new ldb_ldif_message_redacted_string() with tests
This is designed to be a drop in replacement for
ldb_ldif_message_string() while better protecting privacy.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13017
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Diffstat (limited to 'lib/ldb')
-rw-r--r-- | lib/ldb/common/ldb_ldif.c | 21 | ||||
-rw-r--r-- | lib/ldb/include/ldb.h | 40 | ||||
-rw-r--r-- | lib/ldb/tests/ldb_mod_op_test.c | 91 |
3 files changed, 147 insertions, 5 deletions
diff --git a/lib/ldb/common/ldb_ldif.c b/lib/ldb/common/ldb_ldif.c index 0aeda94beac..b90d27eea59 100644 --- a/lib/ldb/common/ldb_ldif.c +++ b/lib/ldb/common/ldb_ldif.c @@ -1080,3 +1080,24 @@ char *ldb_ldif_message_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, return ldb_ldif_write_string(ldb, mem_ctx, &ldif); } + +/* + * convenient function to turn a ldb_message into a string. Useful for + * debugging but also safer if some of the LDIF could be sensitive. + * + * The secret attributes are specified in a 'const char * const *' within + * the LDB_SECRET_ATTRIBUTE_LIST opaque set on the ldb + * + */ +char *ldb_ldif_message_redacted_string(struct ldb_context *ldb, + TALLOC_CTX *mem_ctx, + enum ldb_changetype changetype, + const struct ldb_message *msg) +{ + struct ldb_ldif ldif; + + ldif.changetype = changetype; + ldif.msg = discard_const_p(struct ldb_message, msg); + + return ldb_ldif_write_redacted_trace_string(ldb, mem_ctx, &ldif); +} diff --git a/lib/ldb/include/ldb.h b/lib/ldb/include/ldb.h index 14cec0e0b93..9918b4e69d9 100644 --- a/lib/ldb/include/ldb.h +++ b/lib/ldb/include/ldb.h @@ -1724,16 +1724,46 @@ char * ldb_ldif_write_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_ldif *msg); -/* - Produce a string form of an ldb message +/** + Write an LDB message to a string - convenient function to turn a ldb_message into a string. Useful for - debugging - */ + \param ldb the ldb context (from ldb_init()) + \param mem_ctx the talloc context on which to attach the string) + \param changetype LDB_CHANGETYPE_ADD or LDB_CHANGETYPE_MODIFY + \param msg the message to write out + + \return the string containing the LDIF, or NULL on error + + \sa ldb_ldif_message_redacted_string for a safer version of this + function +*/ char *ldb_ldif_message_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, enum ldb_changetype changetype, const struct ldb_message *msg); +/** + Write an LDB message to a string + + \param ldb the ldb context (from ldb_init()) + \param mem_ctx the talloc context on which to attach the string) + \param changetype LDB_CHANGETYPE_ADD or LDB_CHANGETYPE_MODIFY + \param msg the message to write out + + \return the string containing the LDIF, or NULL on error, but + with secret attributes redacted + + \note The secret attributes are specified in a + 'const char * const *' within the LDB_SECRET_ATTRIBUTE_LIST + opaque set on the ldb + + \sa ldb_ldif_message_string for an exact representiation of the + message as LDIF +*/ +char *ldb_ldif_message_redacted_string(struct ldb_context *ldb, + TALLOC_CTX *mem_ctx, + enum ldb_changetype changetype, + const struct ldb_message *msg); + /** Base64 encode a buffer diff --git a/lib/ldb/tests/ldb_mod_op_test.c b/lib/ldb/tests/ldb_mod_op_test.c index 96d2dd27df2..5e439f8d151 100644 --- a/lib/ldb/tests/ldb_mod_op_test.c +++ b/lib/ldb/tests/ldb_mod_op_test.c @@ -114,6 +114,91 @@ static void test_connect(void **state) assert_int_equal(ret, 0); } +static struct ldb_message *get_test_ldb_message(TALLOC_CTX *mem_ctx, + struct ldb_context *ldb) +{ + struct ldb_message *msg = ldb_msg_new(mem_ctx); + int ret; + assert_non_null(msg); + + msg->dn = ldb_dn_new(msg, ldb, "dc=samba,dc=org"); + assert_non_null(msg->dn); + ret = ldb_msg_add_string(msg, "public", "key"); + assert_int_equal(ret, LDB_SUCCESS); + ret = ldb_msg_add_string(msg, "supersecret", "password"); + assert_int_equal(ret, LDB_SUCCESS); + ret = ldb_msg_add_string(msg, "binary", "\xff\xff\0"); + assert_int_equal(ret, LDB_SUCCESS); + return msg; +} + +static void test_ldif_message(void **state) +{ + struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state, + struct ldbtest_ctx); + char *got_ldif; + const char *expected_ldif = + "dn: dc=samba,dc=org\n" + "changetype: add\n" + "public: key\n" + "supersecret: password\n" + "binary:: //8=\n" + "\n"; + + struct ldb_message *msg = get_test_ldb_message(test_ctx, + test_ctx->ldb); + + got_ldif = ldb_ldif_message_string(test_ctx->ldb, + test_ctx, + LDB_CHANGETYPE_ADD, + msg); + assert_string_equal(got_ldif, expected_ldif); + TALLOC_FREE(got_ldif); +} + +static void test_ldif_message_redacted(void **state) +{ + struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state, + struct ldbtest_ctx); + int ret; + char *got_ldif; + const char *expected_ldif = + "dn: dc=samba,dc=org\n" + "changetype: add\n" + "public: key\n" + "# supersecret::: REDACTED SECRET ATTRIBUTE\n" + "binary:: //8=\n" + "\n"; + + const char *secret_attrs[] = { + "supersecret", + NULL + }; + + struct ldb_message *msg = ldb_msg_new(test_ctx); + + ldb_set_opaque(test_ctx->ldb, + LDB_SECRET_ATTRIBUTE_LIST_OPAQUE, + secret_attrs); + + assert_non_null(msg); + + msg->dn = ldb_dn_new(msg, test_ctx->ldb, "dc=samba,dc=org"); + ret = ldb_msg_add_string(msg, "public", "key"); + assert_int_equal(ret, LDB_SUCCESS); + ret = ldb_msg_add_string(msg, "supersecret", "password"); + assert_int_equal(ret, LDB_SUCCESS); + ret = ldb_msg_add_string(msg, "binary", "\xff\xff\0"); + assert_int_equal(ret, LDB_SUCCESS); + got_ldif = ldb_ldif_message_redacted_string(test_ctx->ldb, + test_ctx, + LDB_CHANGETYPE_ADD, + msg); + assert_string_equal(got_ldif, expected_ldif); + TALLOC_FREE(got_ldif); + assert_int_equal(ret, 0); +} + static int ldbtest_setup(void **state) { struct ldbtest_ctx *test_ctx; @@ -2782,6 +2867,12 @@ int main(int argc, const char **argv) cmocka_unit_test_setup_teardown(test_connect, ldbtest_noconn_setup, ldbtest_noconn_teardown), + cmocka_unit_test_setup_teardown(test_ldif_message, + ldbtest_noconn_setup, + ldbtest_noconn_teardown), + cmocka_unit_test_setup_teardown(test_ldif_message_redacted, + ldbtest_noconn_setup, + ldbtest_noconn_teardown), cmocka_unit_test_setup_teardown(test_ldb_add, ldbtest_setup, ldbtest_teardown), |