From b26799aad62dfab304b322e7eb06167a9ea05ce7 Mon Sep 17 00:00:00 2001 From: Nagaraju Goruganti Date: Fri, 28 Sep 2018 13:12:19 -0500 Subject: phosphor-ldap-conf: add support for validation of parameters Validate LDAP Server's URI, BaseDN and BindBN. Change-Id: If754e17c238069e04c9e1e8735a28d54dbf221cb TODO: Unit tests will be added in subsequent commits. Signed-off-by: Nagaraju Goruganti --- phosphor-ldap-config/ldap_configuration.cpp | 53 +++++++++++++++++++++++++++-- 1 file changed, 51 insertions(+), 2 deletions(-) (limited to 'phosphor-ldap-config/ldap_configuration.cpp') diff --git a/phosphor-ldap-config/ldap_configuration.cpp b/phosphor-ldap-config/ldap_configuration.cpp index 222793e..e3b337d 100644 --- a/phosphor-ldap-config/ldap_configuration.cpp +++ b/phosphor-ldap-config/ldap_configuration.cpp @@ -1,4 +1,5 @@ #include "ldap_configuration.hpp" +#include #include #include #include @@ -13,6 +14,7 @@ constexpr auto nscdService = "nscd.service"; using namespace phosphor::logging; using namespace sdbusplus::xyz::openbmc_project::Common::Error; namespace fs = std::experimental::filesystem; +using Argument = xyz::openbmc_project::Common::InvalidArgument; using Line = std::string; using Key = std::string; @@ -178,7 +180,14 @@ std::string Config::lDAPServerURI(std::string value) { return value; } - + if (!(ldap_is_ldap_url(value.c_str()) || + ldap_is_ldaps_url(value.c_str()))) + { + log("Not a valid LDAP Server URI"), + entry("LDAPSERVERURI=%s", value.c_str()); + elog(Argument::ARGUMENT_NAME("lDAPServerURI"), + Argument::ARGUMENT_VALUE(value.c_str())); + } val = ConfigIface::lDAPServerURI(value); writeConfig(); parent.restartService(nslcdService); @@ -206,6 +215,14 @@ std::string Config::lDAPBindDN(std::string value) return value; } + if (value.empty()) + { + log("Not a valid LDAP BINDDN"), + entry("LDAPBINDDN=%s", value.c_str()); + elog(Argument::ARGUMENT_NAME("lDAPBindDN"), + Argument::ARGUMENT_VALUE(value.c_str())); + } + val = ConfigIface::lDAPBindDN(value); writeConfig(); parent.restartService(nslcdService); @@ -232,6 +249,14 @@ std::string Config::lDAPBaseDN(std::string value) return value; } + if (value.empty()) + { + log("Not a valid LDAP BASEDN"), + entry("BASEDN=%s", value.c_str()); + elog(Argument::ARGUMENT_NAME("lDAPBaseDN"), + Argument::ARGUMENT_VALUE(value.c_str())); + } + val = ConfigIface::lDAPBaseDN(value); writeConfig(); parent.restartService(nslcdService); @@ -373,7 +398,31 @@ std::string ldap_base::Create::SearchScope lDAPSearchScope, ldap_base::Create::Type lDAPType) { - // TODO Validate parameters passed-in. + if (!(ldap_is_ldap_url(lDAPServerURI.c_str()) || + ldap_is_ldaps_url(lDAPServerURI.c_str()))) + { + log("Not a valid LDAP Server URI"), + entry("LDAPSERVERURI=%s", lDAPServerURI.c_str()); + elog(Argument::ARGUMENT_NAME("lDAPServerURI"), + Argument::ARGUMENT_VALUE(lDAPServerURI.c_str())); + } + + if (lDAPBindDN.empty()) + { + log("Not a valid LDAP BINDDN"), + entry("LDAPBINDDN=%s", lDAPBindDN.c_str()); + elog(Argument::ARGUMENT_NAME("LDAPBindDN"), + Argument::ARGUMENT_VALUE(lDAPBindDN.c_str())); + } + + if (lDAPBaseDN.empty()) + { + log("Not a valid LDAP BASEDN"), + entry("LDAPBASEDN=%s", lDAPBaseDN.c_str()); + elog(Argument::ARGUMENT_NAME("LDAPBaseDN"), + Argument::ARGUMENT_VALUE(lDAPBaseDN.c_str())); + } + // With current implementation we support only one LDAP server. deleteObject(); try -- cgit v1.2.1