From e388c9ce4221514243ca10666cdc0ae0341746ca Mon Sep 17 00:00:00 2001
From: Rich Megginson <rmeggins@redhat.com>
Date: Jun 22 2007 21:06:45 +0000
Subject: Resolves: bug 245396

Bug Description: adminutil: retrieveISIEs returns bogus data
Reviewed by: nkinder (Thanks!)
Fix Description: retrieveISIEs creates a list of id + DN pairs using
the ListNodePtr interface.  Each node has a name (the id) and a value
(a char ** with the DN as the first char *) and forms a linked list of
all of the values.  It then flattens the list into an array of name/value
pairs for returning.  However, instead of passing val[0] to the
addSingleValueAttribute() function for the value, it was passing val cast
to a (char *), which is entirely bogus.
The fix is to pass in ((char**)node->val)[0] which is a char * value.  Yet
another lesson in why void * is bad, and why you should not defeat the
compiler's type checker . . .
I also fixed another minor mem leak, and added @nss_inc@ to the list of include directories - I guess it works because pkg-config mozldap[6] always returns the
nss include directory in its output . . .
Platforms tested: RHEL4
Flag day: Yes - autotool file changes

---

diff --git a/Makefile.am b/Makefile.am
index 4b2ca81..ac3c28b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -43,7 +43,7 @@ if enable_tests
 check_PROGRAMS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite
 TESTS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite
 
-TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@
 TEST_LDADD = libadmsslutil.la libadminutil.la $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK)
 
 retrieveSIE_SOURCES = tests/retrieveSIE.c
@@ -142,7 +142,7 @@ libadmsslutil_la_SOURCES = lib/libadmsslutil/admsslutil.c \
 	lib/libadmsslutil/sslerror.c \
 	lib/libadmsslutil/uginfossl.c
 
-libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@
 libadmsslutil_la_LIBADD = libadminutil.la $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK)
 libadmsslutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION))
 if CXXLINK_REQUIRED
diff --git a/Makefile.in b/Makefile.in
index c69036d..d8d2a39 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -339,7 +339,7 @@ pkgdata_DATA = root.res en.res en_US.res
 @CXXLINK_REQUIRED_TRUE@dummy_SOURCES = lib/dummy.cpp
 @CXXLINK_REQUIRED_TRUE@dummy_LINK = $(CXXLINK)
 @enable_tests_TRUE@TESTS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite
-@enable_tests_TRUE@TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+@enable_tests_TRUE@TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@
 @enable_tests_TRUE@TEST_LDADD = libadmsslutil.la libadminutil.la $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK)
 @enable_tests_TRUE@retrieveSIE_SOURCES = tests/retrieveSIE.c
 @enable_tests_TRUE@retrieveSIE_CPPFLAGS = $(TEST_CPPFLAGS)
@@ -416,7 +416,7 @@ libadmsslutil_la_SOURCES = lib/libadmsslutil/admsslutil.c \
 	lib/libadmsslutil/sslerror.c \
 	lib/libadmsslutil/uginfossl.c
 
-libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@
 libadmsslutil_la_LIBADD = libadminutil.la $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK)
 libadmsslutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION))
 @CXXLINK_REQUIRED_FALSE@libadmsslutil_la_LINK = $(LINK)
diff --git a/lib/libadminutil/srvutil.c b/lib/libadminutil/srvutil.c
index cda7115..10eb6dc 100644
--- a/lib/libadminutil/srvutil.c
+++ b/lib/libadminutil/srvutil.c
@@ -228,7 +228,7 @@ retrieveISIEs(PsetHndl domainPset, char* domainDN)
       addSingleValueAttribute(resultList, 
 			      i++, 
 			      node->name,
-			      (char*)(node->val));
+			      ((char**)node->val)[0]);
       node = node->next;
     }
   }
diff --git a/lib/libadmsslutil/admsslutil.c b/lib/libadmsslutil/admsslutil.c
index 9df5cd7..7e8140f 100644
--- a/lib/libadmsslutil/admsslutil.c
+++ b/lib/libadmsslutil/admsslutil.c
@@ -166,6 +166,8 @@ static int initNSS(const char *securitydir, AdmldapInfo info)
 
   PK11_ConfigurePKCS11(NULL,NULL,NULL,db_name,NULL, NULL,NULL,NULL,
                        /*minPwdLen=*/8, /*pwdRequired=*/1);
+  PL_strfree(db_name);
+  db_name = NULL;
  
   /* init NSS */ 
   if (NSS_Initialize(securitydir, NULL, NULL, SECMOD_DB, flags)) {
diff --git a/tests/retrieveSIEssl.c b/tests/retrieveSIEssl.c
index 4a96d54..3d54ef1 100644
--- a/tests/retrieveSIEssl.c
+++ b/tests/retrieveSIEssl.c
@@ -48,6 +48,8 @@ main(int ac, char **av)
     char *siedn = NULL;
     char *siepwd = NULL;
     char buf[BUFSIZ];
+    char *userdn;
+    char *passwd;
 
     if (ac > 1) {
         configdir = strdup(*(av+1));
@@ -87,6 +89,12 @@ main(int ac, char **av)
         goto done;
     }
 
+    siedn = admldapGetSIEDN(ldapInfo);
+    ADM_GetUserDNString(&rval, &userdn);
+    ADM_GetCurrentPassword(&rval, &passwd);
+
+    admldapSetSIEDN(ldapInfo, userdn);
+    admSetCachedSIEPWD(passwd);
     /*
      * get servers' DNs belonging to the Admin Server
      */
@@ -97,9 +105,9 @@ main(int ac, char **av)
         goto done;
     }
 
+    admldapSetSIEDN(ldapInfo, siedn);
+
     host = admldapGetHost(ldapInfo);
-    siedn = admldapGetSIEDN(ldapInfo);
-    siepwd = admldapGetSIEPWD(ldapInfo);
     for (p = nameList; p && *p; p++) {
         PsetHndl pset = NULL;
         fprintf(stdout, "%s\n", *p);
@@ -112,8 +120,8 @@ main(int ac, char **av)
                                  admldapGetPort(ldapInfo),
                                  admldapGetSecurity(ldapInfo),
                                  *p,
-                                 siedn,
-                                 siepwd,
+                                 userdn,
+                                 passwd,
                                  NULL,
                                  &rval);
         if (rval && (rval != PSET_LOCAL_OPEN_FAIL)) {
@@ -145,13 +153,13 @@ main(int ac, char **av)
         fprintf(stdout, "FAILURE: SIE is not retrieved\n");
     }
     PL_strfree(host);
-    PL_strfree(siedn);
-    PL_strfree(siepwd);
 
     /*
      * get servers' DNs belonging to the Admin Server
      */
+    admldapSetSIEDN(ldapInfo, userdn);
     isieList = getInstalledServerDNListSSL(ldapInfo);
+    admldapSetSIEDN(ldapInfo, siedn);
     if (NULL == isieList) {
         fprintf(stderr, "ERROR: empty isieList\n");
         rval = 1;
@@ -159,7 +167,8 @@ main(int ac, char **av)
     }
 
     for (siecnt = 0; isieList[siecnt]; siecnt++) {
-        fprintf(stdout, "%s\n", isieList[siecnt]->attrName);
+        fprintf(stdout, "productID = %s\n", isieList[siecnt]->attrName);
+        fprintf(stdout, "productDN = %s\n", isieList[siecnt]->attrVal[0]);
     }
     deleteAttributeList(isieList);
     if (siecnt > 0) {