Don't molest group names or group DNs either

diff --git a/src/modules/rlm_ldap/groups.c b/src/modules/rlm_ldap/groups.c
index 1216f6b..769bc7a 100644 (file)
--- a/src/modules/rlm_ldap/groups.c
+++ b/src/modules/rlm_ldap/groups.c
@@ -266,6 +266,8 @@ rlm_rcode_t rlm_ldap_cacheable_userobj(ldap_instance_t const *inst, REQUEST *req
 
        char *name;
 
+       VALUE_PAIR *vp;
+
        int is_dn, i;
 
        rad_assert(entry);
@@ -289,7 +291,9 @@ rlm_rcode_t rlm_ldap_cacheable_userobj(ldap_instance_t const *inst, REQUEST *req
                         *      The easy case, were caching DNs and we got a DN.
                         */
                        if (is_dn) {
-                               pairmake(request, &request->config_items, inst->cache_da->name, vals[i], T_OP_ADD);
+                               MEM(vp = pairmake_config(inst->cache_da->name, NULL, T_OP_ADD));
+                               pairstrcpy(vp, vals[i]);
+
                                RDEBUG("Added %s with value \"%s\" to control list", inst->cache_da->name, vals[i]);
                        /*
                         *      We were told to cache DNs but we got a name, we now need to resolve
@@ -305,7 +309,9 @@ rlm_rcode_t rlm_ldap_cacheable_userobj(ldap_instance_t const *inst, REQUEST *req
                         *      The easy case, were caching names and we got a name.
                         */
                        if (!is_dn) {
-                               pairmake(request, &request->config_items, inst->cache_da->name, vals[i], T_OP_ADD);
+                               MEM(vp = pairmake_config(inst->cache_da->name, NULL, T_OP_ADD));
+                               pairstrcpy(vp, vals[i]);
+
                                RDEBUG("Added control:%s with value \"%s\"", inst->cache_da->name, vals[i]);
                        /*
                         *      We were told to cache names but we got a DN, we now need to resolve
@@ -321,7 +327,9 @@ rlm_rcode_t rlm_ldap_cacheable_userobj(ldap_instance_t const *inst, REQUEST *req
                                        return rcode;
                                }
 
-                               pairmake(request, &request->config_items, inst->cache_da->name, name, T_OP_ADD);
+                               MEM(vp = pairmake_config(inst->cache_da->name, NULL, T_OP_ADD));
+                               pairstrsteal(vp, name);
+
                                DEBUG("Added control:%s with value \"%s\"", inst->cache_da->name, name);
                                talloc_free(name);
                        }
@@ -339,7 +347,9 @@ rlm_rcode_t rlm_ldap_cacheable_userobj(ldap_instance_t const *inst, REQUEST *req
 
        dn_p = group_dn;
        while(*dn_p) {
-               pairmake(request, &request->config_items, inst->cache_da->name, *dn_p, T_OP_ADD);
+               MEM(vp = pairmake_config(inst->cache_da->name, NULL, T_OP_ADD));
+               pairstrcpy(vp, *dn_p);
+
                RDEBUG("Added control:%s with value \"%s\"", inst->cache_da->name, *dn_p);
                ldap_memfree(*dn_p);
 
@@ -374,6 +384,7 @@ rlm_rcode_t rlm_ldap_cacheable_groupobj(ldap_instance_t const *inst, REQUEST *re
 
        char const *attrs[] = { inst->groupobj_name_attr, NULL };
 
+       VALUE_PAIR *vp;
        char *dn;
 
        rad_assert(inst->groupobj_base_dn);
@@ -419,28 +430,28 @@ rlm_rcode_t rlm_ldap_cacheable_groupobj(ldap_instance_t const *inst, REQUEST *re
        do {
                if (inst->cacheable_group_dn) {
                        dn = ldap_get_dn((*pconn)->handle, entry);
-                       pairmake(request, &request->config_items, inst->cache_da->name, dn, T_OP_ADD);
+                       MEM(vp = pairmake_config(inst->cache_da->name, NULL, T_OP_ADD));
+                       pairstrcpy(vp, dn);
+
                        RDEBUG("Added control:%s with value \"%s\"", inst->cache_da->name, dn);
                        ldap_memfree(dn);
                }
 
                if (inst->cacheable_group_name) {
                        vals = ldap_get_values((*pconn)->handle, entry, inst->groupobj_name_attr);
-                       if (!vals) {
-                               continue;
-                       }
+                       if (!vals) continue;
+
+                       MEM(vp = pairmake_config(inst->cache_da->name, NULL, T_OP_ADD));
+                       pairstrcpy(vp, *vals);
 
-                       pairmake(request, &request->config_items, inst->cache_da->name, *vals, T_OP_ADD);
                        RDEBUG("Added control:%s with value \"%s\"", inst->cache_da->name, *vals);
 
                        ldap_value_free(vals);
                }
-       } while((entry = ldap_next_entry((*pconn)->handle, entry)));
+       } while ((entry = ldap_next_entry((*pconn)->handle, entry)));
 
-       finish:
-       if (result) {
-               ldap_msgfree(result);
-       }
+finish:
+       if (result) ldap_msgfree(result);
 
        return rcode;
 }