diff options
author | Wan-Teh Chang <wtc@google.com> | 2014-01-14 11:34:52 -0800 |
---|---|---|
committer | Wan-Teh Chang <wtc@google.com> | 2014-01-14 11:34:52 -0800 |
commit | 7ff044210f6d47e006d509af4a13940f1649ae63 (patch) | |
tree | dacdffd5709098807b49284b8e587deaac4871d8 /lib/libpkix | |
parent | ee4467cf05108949099bc3faad71187c7e508975 (diff) | |
download | nss-hg-7ff044210f6d47e006d509af4a13940f1649ae63.tar.gz |
Bug 958401: pkix_pl_AiaMgr_FindLDAPClient should check for an empty
|domainName|. r=ryan.sleevi.
Diffstat (limited to 'lib/libpkix')
-rw-r--r-- | lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c b/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c index 5dc7248d5..ffbab7f25 100644 --- a/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c +++ b/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c @@ -131,6 +131,8 @@ pkix_pl_AIAMgr_RegisterSelf(void *plContext) * non-NULL. * "domainName" * Address of a string pointing to a server name. Must be non-NULL. + * An empty string (which means no <host> is given in the LDAP URL) is + * not supported. * "pClient" * Address at which the returned LDAPClient is stored. Must be non-NULL. * "plContext" @@ -155,6 +157,17 @@ pkix_pl_AiaMgr_FindLDAPClient( PKIX_ENTER(AIAMGR, "pkix_pl_AiaMgr_FindLDAPClient"); PKIX_NULLCHECK_THREE(aiaMgr, domainName, pClient); + /* + * An LDAP URL may not have a <host> part, for example, + * ldap:///o=University%20of%20Michigan,c=US + * PKIX_PL_LdapDefaultClient doesn't know how to discover the default + * LDAP server, so we don't support this kind of LDAP URL. + */ + if (*domainName == '\0') { + /* Simulate a PKIX_PL_LdapDefaultClient_CreateByName failure. */ + PKIX_ERROR(PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED); + } + /* create PKIX_PL_String from domain name */ PKIX_CHECK(PKIX_PL_String_Create (PKIX_ESCASCII, domainName, 0, &domainString, plContext), |