From 2d248a4dd84f8548a43e295413050d930976979e Mon Sep 17 00:00:00 2001
From: Alexander Sulfrian <alex@spline.inf.fu-berlin.de>
Date: Tue, 19 Jan 2016 03:36:48 +0100
Subject: Change is_service signature

The new signature allows to call is_service, without the requirement to
free the pointer to the service name, if the service name is not required.
---
 service_passwords.c | 38 ++++++++++++++++++++------------------
 1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/service_passwords.c b/service_passwords.c
index 7ace7fe..a43dbf6 100644
--- a/service_passwords.c
+++ b/service_passwords.c
@@ -116,15 +116,16 @@ fail1:
  *
  * @param[in] dn The DN to check (most times this should be the bound DN of the
  *               connection).
- * @return If the DN is a service account, this function returns a zero
- *         terminated string with the name of the service, otherwise it simply
- *         returns a \c NULL pointer. The caller is responsible to free the
- *         returned string with \c slapi_ch_free_string.
+ * @param[out] service Pointer to a char pointer that will be filled with the
+ *                     service name. The caller is responsible to free the
+ *                     filled pointer with \c slapi_ch_free_string.
+ *                     If this is NULL, the function will only check if the DN
+ *                     is a service account and will not allocate memory for the
+ *                     service name.
+ * @return 0 if the entry is a service account, 1 otherwise.
  */
-static char* is_service(const char *dn)
+static int is_service(const char *dn, char **service)
 {
-    char *service = NULL;
-
     Slapi_Entry *entry = NULL;
     char *attrs[] = { "objectClass", "cn", NULL };
     Slapi_Attr *attr = NULL;
@@ -134,37 +135,39 @@ static char* is_service(const char *dn)
     rc |= get_entry(dn, attrs, &entry);
     if (rc != 0 || entry == NULL) {
         /* dn not found */
-        service = NULL;
+        rc = 1;
         goto fail1;
     }
 
     if (slapi_entry_attr_hasvalue(
             entry, "objectClass", "serviceAccount") == 0) {
         /* no serviceAccount */
-        service = NULL;
+        rc = 1;
         goto fail1;
     }
 
     rc |= slapi_entry_attr_find(entry, "cn", &attr);
     if (rc != 0 || attr == NULL) {
         /* no cn attribute */
-        service = NULL;
+        rc = 1;
         goto fail1;
     }
 
     rc |= slapi_attr_get_values(attr, &cn);
     if (rc != 0 || cn == NULL) {
         /* no value in cn attribute */
-        service = NULL;
+        rc = 1;
         goto fail2;
     }
 
     if (*cn == NULL) {
-        service = NULL;
+        rc = 1;
         goto fail2;
     }
 
-    service = slapi_ch_strdup((*cn)->bv_val);
+    if (service) {
+        *service = slapi_ch_strdup((*cn)->bv_val);
+    }
 
 fail2:
     ber_bvecfree(cn);
@@ -172,7 +175,7 @@ fail2:
 fail1:
     slapi_entry_free(entry);
 
-    return service;
+    return rc;
 }
 
 /** Try to authenticate agains a specific DN with given credentials.
@@ -504,7 +507,7 @@ static int pre_entry(Slapi_PBlock *pb)
     int is_replication;
     int is_internal;
 
-    char *service;
+    char *service = NULL;
     char *parent_dn = NULL;
     const char *result_dn = NULL;
     Slapi_Entry *new_entry;
@@ -543,9 +546,8 @@ static int pre_entry(Slapi_PBlock *pb)
         return 0;
     }
 
-    service = is_service(bind_dn);
-    if (service == NULL) {
-        goto fail1;
+    if (is_service(bind_dn, &service) != 0) {
+        return 0;
     }
 
     result_dn = slapi_entry_get_dn(entry);
-- 
cgit v1.2.3-1-g7c22