static int
or_filter_destroy (Slapi_PBlock* pb)
{
auto or_filter_t* or = or_filter_get (pb);
slapi_log_err(SLAPI_LOG_FILTER, COLLATE_PLUGIN_SUBSYSTEM,
"or_filter_destroy - (%p)\n", (void*)or);
if (or != NULL) {
slapi_ch_free((void**)&or->or_type);
slapi_ch_free((void**)&or->or_oid);
if (or->or_values != NULL) {
ber_bvecfree (or->or_values);
or->or_values = NULL;
}
if (or->or_match_keys != NULL) {
ber_bvecfree (or->or_match_keys);
or->or_match_keys = NULL;
}
if (or->or_index_keys != NULL) {
ber_bvecfree (or->or_index_keys);
or->or_index_keys = NULL;
}
if (or->or_indexer != NULL) {
indexer_free (or->or_indexer);
or->or_indexer = NULL;
}
slapi_ch_free((void**)&or);
}
return 0;
}
void
ldap_mods_free( LDAPMod **mods, int freemods )
{
int i;
if ( mods == NULL )
return;
for ( i = 0; mods[i] != NULL; i++ ) {
if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) {
if( mods[i]->mod_bvalues != NULL )
ber_bvecfree( mods[i]->mod_bvalues );
} else if( mods[i]->mod_values != NULL ) {
LDAP_VFREE( mods[i]->mod_values );
}
if ( mods[i]->mod_type != NULL ) {
LDAP_FREE( mods[i]->mod_type );
}
LDAP_FREE( (char *) mods[i] );
}
if ( freemods ) {
LDAP_FREE( (char *) mods );
}
}
// Fetch all attributes of an entry, and display them in a dialog
void LdapView::showProperties( LDAP *ld, char *dn )
{
PropDlg dlg;
if ( ldap_search( ld, dn, LDAP_SCOPE_BASE, "objectclass=*",
NULL, FALSE ) == -1 )
{
AfxMessageBox( "Failed to start asynchronous search" );
return;
}
LDAPMessage *res;
int rc;
// Process results as they come in
while ( (rc = ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res ))
== LDAP_RES_SEARCH_ENTRY )
{
LDAPMessage *e = ldap_first_entry( ld, res );
BerElement *ber;
// Loop over attributes in this entry
for ( char *a = ldap_first_attribute( ld, e, &ber ); a != NULL;
a = ldap_next_attribute( ld, e, ber ) )
{
struct berval **bvals;
if ( (bvals = ldap_get_values_len( ld, e, a )) != NULL )
{
dlg.AddLine( a );
// Loop over values for this attribute
for ( int i = 0; bvals[i] != NULL; i++ )
{
CString val;
val.Format( " %s", bvals[ i ]->bv_val );
dlg.AddLine( val );
}
ber_bvecfree( bvals );
}
}
if ( ber != NULL )
ber_free( ber, 0 );
ldap_msgfree( res );
}
if ( rc == -1 )
{
AfxMessageBox( "Error on ldap_result" );
return;
}
else if (( rc = ldap_result2error( ld, res, 0 )) != LDAP_SUCCESS )
{
char *errString = ldap_err2string( rc );
AfxMessageBox( errString );
}
ldap_msgfree( res );
// Set the title of the dialog to the distinguished name, and display it
dlg.SetTitle( dn );
dlg.DoModal();
}
static void
mr_private_indexer_done(struct mr_private *mrpriv)
{
if (mrpriv && mrpriv->sva) {
valuearray_free(&mrpriv->sva);
}
if (mrpriv && mrpriv->bva) {
ber_bvecfree(mrpriv->bva);
mrpriv->bva = NULL;
}
}
static void
freepmods( LDAPMod **pmods )
{
int i;
for ( i = 0; pmods[ i ] != NULL; ++i ) {
if ( pmods[ i ]->mod_bvalues != NULL ) {
ber_bvecfree( pmods[ i ]->mod_bvalues );
}
if ( pmods[ i ]->mod_type != NULL ) {
free( pmods[ i ]->mod_type );
}
free( pmods[ i ] );
}
free( pmods );
}
/* The destructor function for a collation-based indexer. */
static void
collation_indexer_destroy (indexer_t* ix)
{
collation_indexer_t* etc = (collation_indexer_t*) ix->ix_etc;
if (etc->converter) {
ucnv_close(etc->converter);
etc->converter = NULL;
}
if (etc->collator) {
ucol_close(etc->collator);
etc->collator = NULL;
}
if (etc->ix_keys != NULL) {
ber_bvecfree (etc->ix_keys);
etc->ix_keys = NULL;
}
slapi_ch_free((void**)&ix->ix_etc);
ix->ix_etc = NULL; /* just for hygiene */
}
/* Function removes mods which are not allowed over-the-wire */
static void
remove_illegal_mods(LDAPMod **mods)
{
int i, j;
LDAPMod *tmp;
/* remove any attempts by the user to modify these attrs */
for ( i = 0; (mods != NULL) && (mods[i] != NULL); i++ ) {
if ( strcasecmp( mods[i]->mod_type, numsubordinates ) == 0
|| strcasecmp( mods[i]->mod_type, hassubordinates ) == 0 )
{
tmp = mods[i];
for ( j = i; mods[j] != NULL; j++ ) {
mods[j] = mods[j + 1];
}
slapi_ch_free( (void**)&(tmp->mod_type) );
if ( tmp->mod_bvalues != NULL ) {
ber_bvecfree( tmp->mod_bvalues );
}
slapi_ch_free( (void**)&tmp );
i--;
}
}
}
/*
* This routine returns pointer to memory which is owned by the plugin, so don't
* free it. Gets freed by the next call to this routine, or when the indexer
* is destroyed
*/
int
matchrule_values_to_keys_sv(Slapi_PBlock *pb,Slapi_Value **input_values,Slapi_Value ***output_values)
{
IFP mrINDEX = NULL;
slapi_pblock_get (pb, SLAPI_PLUGIN_MR_INDEX_SV_FN, &mrINDEX);
if (NULL == mrINDEX) { /* old school - does not have SV function */
int rc;
struct berval **bvi = NULL, **bvo = NULL;
valuearray_get_bervalarray(input_values, &bvi);
rc = matchrule_values_to_keys(pb, bvi, &bvo);
ber_bvecfree(bvi);
/* note - the indexer owns bvo and will free it when destroyed */
valuearray_init_bervalarray(bvo, output_values);
/* store output values in SV form - caller expects SLAPI_PLUGIN_MR_KEYS is Slapi_Value** */
slapi_pblock_set(pb, SLAPI_PLUGIN_MR_KEYS, *output_values);
return rc;
}
slapi_pblock_set (pb, SLAPI_PLUGIN_MR_VALUES, input_values);
mrINDEX (pb);
slapi_pblock_get (pb, SLAPI_PLUGIN_MR_KEYS, output_values);
return 0;
}
static int
or_filter_match (void* obj, Slapi_Entry* entry, Slapi_Attr* attr)
/* returns: 0 filter matched
* -1 filter did not match
* >0 an LDAP error code
*/
{
auto int rc = -1; /* no match */
auto or_filter_t* or = (or_filter_t*)obj;
for (; attr != NULL; slapi_entry_next_attr (entry, attr, &attr)) {
auto char* type = NULL;
auto struct berval** vals = NULL;
/*
* XXXmcs 1-March-2001: This code would perform better if it did not make
* a copy of the values here, but that would require re-writing the code
* in this file to use Slapi_ValueSet's instead of struct berval **'s
* (and that is not a small project).
*/
if (!slapi_attr_get_type (attr, &type) && type != NULL &&
!slapi_attr_type_cmp (or->or_type, type, 2/*match subtypes*/) &&
!slapi_attr_get_bervals_copy(attr, &vals) && vals != NULL) {
if (or->or_op == SLAPI_OP_SUBSTRING) {
rc = ss_filter_match (or, vals);
} else {
rc = op_filter_match (or, vals);
}
ber_bvecfree( vals );
vals = NULL;
if (rc >= 0) break;
}
}
return rc;
}
/* get from the BDII the list of supported protocols with their associated
* port number
*/
int g2_sd_get_seap_info(const char *host, char ***access_protocol, int **port, char *errbuf, int errbufsz) {
char **ap = NULL, *attr = NULL;
char *query = NULL;
struct berval **value = NULL;
BerElement *ber = NULL;
int nbentries, i = 0, n = 0, rc = 0;
int *pn = NULL;
LDAPMessage *entry = NULL, *reply = NULL;
SDException exception;
int sav_errno = 0;
char *tempUrl = NULL;
char *base_scheme = NULL;
char *base_host = NULL;
char *base_path = NULL;
int base_port = 0;
LDAP *ld = NULL;
char *service_id = NULL;
char *endpoint_id = NULL;
if (!host) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_seap_info]: Hostname in null", errbuf, errbufsz);
return -1;
}
if ((ld = get_connection(&exception, errbuf, errbufsz)) == NULL) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_seap_info]: Cannot connect to BDII", errbuf, errbufsz);
return (-1);
}
g2_sd_get_service_id(ld, host, &service_id, &endpoint_id, errbuf, errbufsz);
if(!service_id)
{
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_seap_info]: ServiceID cannot be found", errbuf, errbufsz);
if(ld)
close_connection(ld);
return (-1);
}
/*prepare the query */
query = g_strdup_printf(GLUE2_QUERY_PROTO_PORT_TYPE, service_id);
while (n < 1 && !sav_errno) {
/*send query to bdii server*/
rc = connect_search_ldap(glue2_base, query, g2_seap_attrs, ld, &exception, &reply, errbuf, errbufsz);
if (rc != LDAP_SUCCESS) {
if (reply) {
ldap_msgfree(reply);
}
rc = -1;
sav_errno = errno;
break;
}
/*count entry # */
if ((nbentries = ldap_count_entries(ld, reply)) < 1) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_seap_info]: No entries for host.", errbuf, errbufsz);
if (reply) {
ldap_msgfree(reply);
}
sav_errno = errno ? errno : ENOMEM;
rc = -1;
break;
}
nbentries++;
/*allocate memory */
if ((ap = (char **) calloc(nbentries, sizeof (char *))) == NULL || (pn
= (int *) calloc(nbentries, sizeof (int))) == NULL) {
if (reply) {
ldap_msgfree(reply);
}
sav_errno = errno ? errno : ENOMEM;
rc = -1;
break;
}
for (entry = ldap_first_entry(ld, reply), n = 0; entry != NULL && rc
== 0; entry = ldap_next_entry(ld, entry), ++n) {
for (attr = ldap_first_attribute(ld, entry, &ber); attr != NULL
&& rc == 0; attr = ldap_next_attribute(ld, entry, ber)) {
if (!ap[n] && (value = ldap_get_values_len(ld, entry, attr))) {
if (value && value[0]->bv_val) {
if (strcmp(attr, "GLUE2EndpointURL") == 0) {
if ((ap[n] = strdup(value[0]->bv_val)) == NULL) {
rc = -1;
sav_errno = errno ? errno : ENOMEM;
} else {
tempUrl = ap[n];
if (tempUrl)
parse_url(tempUrl, &base_scheme, &base_host, &base_port, &base_path);
if (base_scheme && base_port > 0) {
free(ap[n]);
ap[n] = base_scheme; /* protocol */
pn[n] = base_port; /* port */
} else {
rc = -1;
sav_errno = errno ? errno : ENOMEM;
}
}
if (value)
ber_bvecfree(value);
}
}
}
if (attr)
ldap_memfree(attr);
}
if (ber) {
ber_free(ber, 0);
ber = NULL;
}
}
if (reply) {
ldap_msgfree(reply);
}
if (base_host)
free(base_host);
if (base_path)
free(base_path);
}
/* if something went wrong, give the memory free */
if (rc < 0) {
for (i = 0; i < n; ++i) {
if (ap[i]) {
free(ap[i]);
}
}
if (ap && pn) {
free(ap);
free(pn);
}
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_seap_info]: No available information", errbuf, errbufsz);
errno = sav_errno ? sav_errno : EINVAL;
} else /*return the values via pointer*/ {
*access_protocol = ap;
*port = pn;
}
if (query)
g_free(query);
if (ld)
close_connection(ld);
if (service_id)
free(service_id);
if (endpoint_id)
free(endpoint_id);
return (rc);
}
int g2_sd_get_ce_ap(const char *host, char **ce_ap, char *errbuf, int errbufsz) {
LDAPMessage *entry = NULL;
SDException exception;
LDAPMessage *reply = NULL;
struct berval **value = NULL;
char *query = NULL;
int sav_errno = 0;
*ce_ap = NULL;
int rc = 0;
LDAP *ld = NULL;
char *service_id = NULL;
char *endpoint_id = NULL;
if (!host) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_ce_ap]: Hostname is not specified", errbuf, errbufsz);
return (-1);
}
if ((ld = get_connection(&exception, errbuf, errbufsz)) == NULL) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_ce_ap]: Cannot connect to BDII", errbuf, errbufsz);
if (query)
g_free(query);
return (-1);
}
g2_sd_get_service_id(ld, host, &service_id, &endpoint_id, errbuf, errbufsz);
if(!service_id)
{
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_ce_ap]: ServiceID cannot be found", errbuf, errbufsz);
if(endpoint_id)
free(endpoint_id);
if(ld)
close_connection(ld);
return (-1);
}
query = g_strdup_printf(GLUE2_QUERY_CESE_BIND, service_id);
rc = connect_search_ldap(glue2_base, query, g2_ce_ap_attrs, ld, &exception, &reply, errbuf, errbufsz);
if (rc != LDAP_SUCCESS) {
if (reply)
ldap_msgfree(reply);
if (query)
g_free(query);
if (ld)
close_connection(ld);
if(service_id)
free(service_id);
sav_errno = errno;
rc = -1;
goto out;
}
if ((1 > ldap_count_entries(ld, reply))) {
if (reply)
ldap_msgfree(reply);
if (query)
g_free(query);
if (ld)
close_connection(ld);
if(service_id)
free(service_id);
goto out;
}
for (entry = ldap_first_entry(ld, reply); entry != NULL && rc == 0; entry
= ldap_next_entry(ld, entry)) {
if ((entry = ldap_first_entry(ld, reply)) && (value
= ldap_get_values_len(ld, entry, GLUE2_ATTR_CE_AP_ATNM))) {
if (value && value[0]->bv_val) {
if ((*ce_ap = strdup(value[0]->bv_val)) == NULL) {
sav_errno = errno ? errno : ENOMEM;
}
ber_bvecfree(value);
}
}
if (reply)
ldap_msgfree(reply);
if(*ce_ap)
break;
}
if (query)
g_free(query);
if (ld)
close_connection(ld);
if(service_id)
free(service_id);
if(endpoint_id)
free(endpoint_id);
out:
if (!*ce_ap) {
if (!sav_errno) {
sav_errno = EINVAL;
}
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_ce_ap]: No GLUE2ToComputingServiceID or GLUE2ToComputingServiceLocalPath found.", errbuf, errbufsz);
errno = sav_errno;
return (-1);
}
return (0);
}
int checkSearchEntry(BerElement *ber)
{
int rc = LDAP_SUCCESS;
ber_tag_t tag;
ber_len_t len =0;
BerValue attr;
BerVarray vals;
attr.bv_val = NULL;
attr.bv_len = 0;
char *a;
int n;
struct berval dn = BER_BVNULL;
BerElement ber_value, ber_backup;
ber_value = ber_backup= *ber;
#ifdef DEBUG
int ival = -1;
ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ival );
#endif
n=0;
for ( a = first_attribute( ber ); a != NULL; a = next_attribute( ber ) )
{
struct berval **vals;
//printf( "| | ATTR: %s\n", a );
if ( (vals = get_values_len( &ber_value, a )) == NULL )
{
printf( "| | %s:\t(no values)\n" , a);
}else {
int i;
for ( i = 0; vals[i] != NULL; i++ ) {
int j, nonascii;
nonascii = 0;
for ( j = 0; (ber_len_t) j < vals[i]->bv_len; j++ )
//Non-display ASCII will be shown as HEX, It is Control code before 33 in ASCII Table
if ( !isascii( vals[i]->bv_val[j] ) || vals[i]->bv_val[j] < 33 ) {
nonascii = 1;
break;
}
if ( nonascii ) {
printf( "|-%s(not ascii):\tlen (%ld) \n",a, vals[i]->bv_len );
ber_bprint( vals[i]->bv_val, vals[i]->bv_len );
continue;
}
#ifdef DETAIL
printf( "|-%s:\tlen (%ld) \t%s\n",a, vals[i]->bv_len, vals[i]->bv_val );
#else
printf( "|-%s:\t\t%s\n",a, vals[i]->bv_val );
#endif
}
ber_bvecfree( vals );
}
ber_value = ber_backup;
n++;
}
return n;
}
int g2_get_voinfo(LDAP *ld, const char *host, const char *spacetokendesc, char **sa_path, char *errbuf, int errbufsz) {
int i = 0;
LDAPMessage *entry = NULL;
char *filter = NULL;
int rc = 0;
LDAPMessage *reply = NULL;
struct berval **value = NULL;
int sav_errno = 0;
SDException exception;
char *vo = NULL;
storages *storage_shares = NULL;
storages *storage_shares_temp = NULL;
GSList* list = NULL;
char *GLUE2ShareID = NULL;
char *GLUE2StorageSharePath = NULL;
int list_length = 0;
char *service_id = NULL;
char *endpoint_id = NULL;
g_setenv("G_SLICE", "always-malloc", 1);
if ((vo = vo_global) == NULL) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_get_voinfo]: Invalid Arguments.", errbuf, errbufsz);
errno = EINVAL;
return (-1);
}
if (!host || !sa_path) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_get_voinfo]: Invalid Arguments.", errbuf, errbufsz);
errno = EINVAL;
return (-1);
}
g2_sd_get_service_id(ld, host, &service_id, &endpoint_id, errbuf, errbufsz);
if(!service_id)
{
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_get_voinfo]: ServiceID cannot be found", errbuf, errbufsz);
if(ld)
close_connection(ld);
return (-1);
}
if (spacetokendesc)
rc = asprintf(&filter, GLUE2_STORAGE_PATH, service_id, spacetokendesc);
else
rc = asprintf(&filter, GLUE2_STORAGE_PATH_NO_ST, service_id);
if (rc < 0) return (-1);
*sa_path = NULL;
while (!*sa_path && !sav_errno) {
rc = connect_search_ldap(glue2_base, filter, g2_storage_path_attrs, ld, &exception, &reply, errbuf, errbufsz);
if (rc != LDAP_SUCCESS) {
if (reply) {
ldap_msgfree(reply);
}
if (filter)
free(filter);
sav_errno = errno;
goto out;
}
if ((1 > ldap_count_entries(ld, reply))) {
if (reply)
ldap_msgfree(reply);
if (filter)
free(filter);
goto out;
}
for (entry = ldap_first_entry(ld, reply); entry != NULL && rc == 0; entry
= ldap_next_entry(ld, entry)) {
if ((value = ldap_get_values_len(ld, entry, GLUE2_GLUE2ShareID)) != NULL) { /*get GLUE2_GLUE2ShareID*/
if (value && value[0]->bv_val) {
GLUE2ShareID = strdup(value[0]->bv_val);
if (value)
ber_bvecfree(value);
}
}
if ((value = ldap_get_values_len(ld, entry, GLUE2_GLUE2StorageSharePath)) != NULL) { /*get GLUE2_GLUE2ShareID*/
if (value && value[0]->bv_val) {
GLUE2StorageSharePath = strdup(value[0]->bv_val);
if (value)
ber_bvecfree(value);
}
}
/*append to the list*/
if (GLUE2StorageSharePath && GLUE2ShareID) {
storage_shares = g_new0(storages, 1);
storage_shares->GLUE2ShareID = GLUE2ShareID;
storage_shares->GLUE2StorageSharePath = GLUE2StorageSharePath;
list = g_slist_append(list, storage_shares);
}
} /*end for*/
if (reply)
ldap_msgfree(reply);
if (GLUE2StorageSharePath && GLUE2ShareID)
break;
} /*end while*/
if (filter)
free(filter);
if (list) {
list_length = g_slist_length(list);
for (i = 0; i < list_length; i++) {
storage_shares_temp = (storages *) g_slist_nth(list, i)->data;
rc = asprintf(&filter, GLUE2_STORAGE_POLICY, endpoint_id, vo);
rc = connect_search_ldap(glue2_base, filter, all_attrs, ld, &exception, &reply, errbuf, errbufsz);
if (rc != LDAP_SUCCESS) {
if (reply) {
ldap_msgfree(reply);
}
sav_errno = errno;
goto out;
}
if ((1 > ldap_count_entries(ld, reply))) {
if (reply)
ldap_msgfree(reply);
if (filter)
free(filter);
goto out;
} else {
if (filter)
free(filter);
if (storage_shares_temp->GLUE2StorageSharePath)
*sa_path = strdup(storage_shares_temp->GLUE2StorageSharePath);
}
}
}
out:
if (list) {
for (i = 0; i < list_length; i++) {
storage_shares_temp = (storages *) g_slist_nth(list, i)->data;
g_free(storage_shares_temp->GLUE2StorageSharePath);
g_free(storage_shares_temp->GLUE2ShareID);
g_free(storage_shares_temp);
}
g_slist_free(list);
}
if(service_id)
free(service_id);
if(endpoint_id)
free(endpoint_id);
if (!*sa_path) {
if (!sav_errno) {
if (spacetokendesc) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_storage_path]: no GLUE2StorageSharePath information found about tag and SE ", errbuf, errbufsz);
} else {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_storage_path]: no information found about SE (with no tag) ", errbuf, errbufsz);
}
sav_errno = EINVAL;
}
errno = sav_errno;
return (-1);
}
return (0);
}
/*
* Construct an hdb_entry from a directory entry.
*/
static krb5_error_code
LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
hdb_entry * ent)
{
char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL;
char *samba_acct_flags = NULL;
int ret;
unsigned long tmp;
struct berval **keys;
char **values;
int tmp_time;
memset(ent, 0, sizeof(*ent));
ent->flags = int2HDBFlags(0);
ret = LDAP_get_string_value(db, msg, "krb5PrincipalName", &unparsed_name);
if (ret == 0) {
ret = krb5_parse_name(context, unparsed_name, &ent->principal);
if (ret)
goto out;
} else {
ret = LDAP_get_string_value(db, msg, "uid",
&unparsed_name);
if (ret == 0) {
ret = krb5_parse_name(context, unparsed_name, &ent->principal);
if (ret)
goto out;
} else {
krb5_set_error_string(context, "hdb-ldap: ldap entry missing"
"principal name");
return HDB_ERR_NOENTRY;
}
}
ret = LDAP_get_integer_value(db, msg, "krb5KeyVersionNumber",
&ent->kvno);
if (ret)
ent->kvno = 0;
keys = ldap_get_values_len(HDB2LDAP(db), msg, "krb5Key");
if (keys != NULL) {
int i;
size_t l;
ent->keys.len = ldap_count_values_len(keys);
ent->keys.val = (Key *) calloc(ent->keys.len, sizeof(Key));
if (ent->keys.val == NULL) {
krb5_set_error_string(context, "calloc: out of memory");
ret = ENOMEM;
goto out;
}
for (i = 0; i < ent->keys.len; i++) {
decode_Key((unsigned char *) keys[i]->bv_val,
(size_t) keys[i]->bv_len, &ent->keys.val[i], &l);
}
ber_bvecfree(keys);
} else {
#if 1
/*
* This violates the ASN1 but it allows a principal to
* be related to a general directory entry without creating
* the keys. Hopefully it's OK.
*/
ent->keys.len = 0;
ent->keys.val = NULL;
#else
ret = HDB_ERR_NOENTRY;
goto out;
#endif
}
values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType");
if (values != NULL) {
int i;
ent->etypes = malloc(sizeof(*(ent->etypes)));
if (ent->etypes == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ent->etypes->len = ldap_count_values(values);
ent->etypes->val = calloc(ent->etypes->len, sizeof(int));
if (ent->etypes->val == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
for (i = 0; i < ent->etypes->len; i++) {
ent->etypes->val[i] = atoi(values[i]);
}
ldap_value_free(values);
}
/* manually construct the NT (type 23) key */
ret = LDAP_get_string_value(db, msg, "sambaNTPassword", &ntPasswordIN);
if (ret == 0) {
int *etypes;
Key *keys;
keys = realloc(ent->keys.val,
(ent->keys.len + 1) * sizeof(ent->keys.val[0]));
if (keys == NULL) {
free(ntPasswordIN);
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ent->keys.val = keys;
memset(&ent->keys.val[ent->keys.len], 0, sizeof(Key));
ent->keys.val[ent->keys.len].key.keytype = ETYPE_ARCFOUR_HMAC_MD5;
ret = krb5_data_alloc (&ent->keys.val[ent->keys.len].key.keyvalue, 16);
if (ret) {
krb5_set_error_string(context, "malloc: out of memory");
free(ntPasswordIN);
ret = ENOMEM;
goto out;
}
ret = hex_decode(ntPasswordIN,
ent->keys.val[ent->keys.len].key.keyvalue.data, 16);
ent->keys.len++;
if (ent->etypes == NULL) {
ent->etypes = malloc(sizeof(*(ent->etypes)));
if (ent->etypes == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ent->etypes->val = NULL;
ent->etypes->len = 0;
}
etypes = realloc(ent->etypes->val,
(ent->etypes->len + 1) * sizeof(ent->etypes->val[0]));
if (etypes == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ent->etypes->val = etypes;
ent->etypes->val[ent->etypes->len] = ETYPE_ARCFOUR_HMAC_MD5;
ent->etypes->len++;
}
ret = LDAP_get_generalized_time_value(db, msg, "createTimestamp",
&ent->created_by.time);
if (ret)
ent->created_by.time = time(NULL);
ent->created_by.principal = NULL;
ret = LDAP_get_string_value(db, msg, "creatorsName", &dn);
if (ret == 0) {
if (LDAP_dn2principal(context, db, dn, &ent->created_by.principal)
!= 0) {
ent->created_by.principal = NULL;
}
free(dn);
}
ent->modified_by = (Event *) malloc(sizeof(Event));
if (ent->modified_by == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ret = LDAP_get_generalized_time_value(db, msg, "modifyTimestamp",
&ent->modified_by->time);
if (ret == 0) {
ret = LDAP_get_string_value(db, msg, "modifiersName", &dn);
if (LDAP_dn2principal(context, db, dn, &ent->modified_by->principal))
ent->modified_by->principal = NULL;
free(dn);
} else {
free(ent->modified_by);
ent->modified_by = NULL;
}
ent->valid_start = malloc(sizeof(*ent->valid_start));
if (ent->valid_start == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidStart",
ent->valid_start);
if (ret) {
/* OPTIONAL */
free(ent->valid_start);
ent->valid_start = NULL;
}
ent->valid_end = malloc(sizeof(*ent->valid_end));
if (ent->valid_end == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidEnd",
ent->valid_end);
if (ret) {
/* OPTIONAL */
free(ent->valid_end);
ent->valid_end = NULL;
}
ret = LDAP_get_integer_value(db, msg, "sambaKickoffTime", &tmp_time);
if (ret == 0) {
if (ent->valid_end == NULL) {
ent->valid_end = malloc(sizeof(*ent->valid_end));
if (ent->valid_end == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
}
*ent->valid_end = tmp_time;
}
ent->pw_end = malloc(sizeof(*ent->pw_end));
if (ent->pw_end == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ret = LDAP_get_generalized_time_value(db, msg, "krb5PasswordEnd",
ent->pw_end);
if (ret) {
/* OPTIONAL */
free(ent->pw_end);
ent->pw_end = NULL;
}
ret = LDAP_get_integer_value(db, msg, "sambaPwdMustChange", &tmp_time);
if (ret == 0) {
if (ent->pw_end == NULL) {
ent->pw_end = malloc(sizeof(*ent->pw_end));
if (ent->pw_end == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
}
*ent->pw_end = tmp_time;
}
#if 0 /* we we have last_pw_change */
ent->last_pw_change = malloc(sizeof(*ent->last_pw_change));
if (ent->last_pw_change == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ret = LDAP_get_integer_value(db, msg, "sambaPwdLastSet",
&tmp_time);
if (ret) {
/* OPTIONAL */
free(ent->last_pw_change);
ent->last_pw_change = NULL;
} else
*ent->last_pw_change = tmp_time;
#endif
ent->max_life = malloc(sizeof(*ent->max_life));
if (ent->max_life == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ret = LDAP_get_integer_value(db, msg, "krb5MaxLife", ent->max_life);
if (ret) {
free(ent->max_life);
ent->max_life = NULL;
}
ent->max_renew = malloc(sizeof(*ent->max_renew));
if (ent->max_renew == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
ret = LDAP_get_integer_value(db, msg, "krb5MaxRenew", ent->max_renew);
if (ret) {
free(ent->max_renew);
ent->max_renew = NULL;
}
values = ldap_get_values(HDB2LDAP(db), msg, "krb5KDCFlags");
if (values != NULL) {
errno = 0;
tmp = strtoul(values[0], (char **) NULL, 10);
if (tmp == ULONG_MAX && errno == ERANGE) {
krb5_set_error_string(context, "strtoul: could not convert flag");
ret = ERANGE;
goto out;
}
} else {
tmp = 0;
}
ent->flags = int2HDBFlags(tmp);
/* Try and find Samba flags to put into the mix */
ret = LDAP_get_string_value(db, msg, "sambaAcctFlags", &samba_acct_flags);
if (ret == 0) {
/* parse the [UXW...] string:
'N' No password
'D' Disabled
'H' Homedir required
'T' Temp account.
'U' User account (normal)
'M' MNS logon user account - what is this ?
'W' Workstation account
'S' Server account
'L' Locked account
'X' No Xpiry on password
'I' Interdomain trust account
*/
int i;
int flags_len = strlen(samba_acct_flags);
if (flags_len < 2)
goto out2;
if (samba_acct_flags[0] != '['
|| samba_acct_flags[flags_len - 1] != ']')
goto out2;
/* Allow forwarding */
if (samba_forwardable)
ent->flags.forwardable = TRUE;
for (i=0; i < flags_len; i++) {
switch (samba_acct_flags[i]) {
case ' ':
case '[':
case ']':
break;
case 'N':
/* how to handle no password in kerberos? */
break;
case 'D':
ent->flags.invalid = TRUE;
break;
case 'H':
break;
case 'T':
/* temp duplicate */
ent->flags.invalid = TRUE;
break;
case 'U':
ent->flags.client = TRUE;
break;
case 'M':
break;
case 'W':
case 'S':
ent->flags.server = TRUE;
ent->flags.client = TRUE;
break;
case 'L':
ent->flags.invalid = TRUE;
break;
case 'X':
if (ent->pw_end) {
free(ent->pw_end);
ent->pw_end = NULL;
}
break;
case 'I':
ent->flags.server = TRUE;
ent->flags.client = TRUE;
break;
}
}
out2:
free(samba_acct_flags);
}
ret = 0;
out:
if (unparsed_name)
free(unparsed_name);
if (ret)
hdb_free_entry(context, ent);
return ret;
}
/* This function is called to process operation that come over external connections */
void
do_add( Slapi_PBlock *pb )
{
Slapi_Operation *operation;
BerElement *ber;
char *last;
ber_len_t len = LBER_ERROR;
ber_tag_t tag;
Slapi_Entry *e = NULL;
int err;
int rc;
PRBool searchsubentry=PR_TRUE;
slapi_log_err(SLAPI_LOG_TRACE, "do_add", "==>\n");
slapi_pblock_get( pb, SLAPI_OPERATION, &operation);
ber = operation->o_ber;
/* count the add request */
slapi_counter_increment(g_get_global_snmp_vars()->ops_tbl.dsAddEntryOps);
/*
* Parse the add request. It looks like this:
*
* AddRequest := [APPLICATION 14] SEQUENCE {
* name DistinguishedName,
* attrs SEQUENCE OF SEQUENCE {
* type AttributeType,
* values SET OF AttributeValue
* }
* }
*/
/* get the name */
{
char *rawdn = NULL;
Slapi_DN mysdn;
if ( ber_scanf( ber, "{a", &rawdn ) == LBER_ERROR ) {
slapi_ch_free_string(&rawdn);
slapi_log_err(SLAPI_LOG_ERR, "do_add",
"ber_scanf failed (op=Add; params=DN)\n");
op_shared_log_error_access (pb, "ADD", "???", "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"decoding error", 0, NULL );
return;
}
/* Check if we should be performing strict validation. */
if (config_get_dn_validate_strict()) {
/* check that the dn is formatted correctly */
rc = slapi_dn_syntax_check(pb, rawdn, 1);
if (rc) { /* syntax check failed */
op_shared_log_error_access(pb, "ADD", rawdn?rawdn:"",
"strict: invalid dn");
send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
NULL, "invalid dn", 0, NULL);
slapi_ch_free_string(&rawdn);
return;
}
}
slapi_sdn_init_dn_passin(&mysdn, rawdn);
if (rawdn && (strlen(rawdn) > 0) &&
(NULL == slapi_sdn_get_dn(&mysdn))) {
/* normalization failed */
op_shared_log_error_access(pb, "ADD", rawdn, "invalid dn");
send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
"invalid dn", 0, NULL);
slapi_sdn_done(&mysdn);
return;
}
e = slapi_entry_alloc();
/* Responsibility for DN is passed to the Entry. */
slapi_entry_init_ext(e, &mysdn, NULL);
slapi_sdn_done(&mysdn);
}
slapi_log_err(SLAPI_LOG_ARGS, "do_add", "dn (%s)\n", (char *)slapi_entry_get_dn_const(e));
/* get the attrs */
for ( tag = ber_first_element( ber, &len, &last );
tag != LBER_DEFAULT && tag != LBER_END_OF_SEQORSET;
tag = ber_next_element( ber, &len, last ) ) {
char *type = NULL, *normtype = NULL;
struct berval **vals = NULL;
len = -1; /* reset - not used in loop */
if ( ber_scanf( ber, "{a{V}}", &type, &vals ) == LBER_ERROR ) {
op_shared_log_error_access (pb, "ADD", slapi_sdn_get_dn (slapi_entry_get_sdn_const(e)), "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"decoding error", 0, NULL );
slapi_ch_free_string(&type);
ber_bvecfree( vals );
goto free_and_return;
}
if ( vals == NULL ) {
slapi_log_err(SLAPI_LOG_ERR, "do_add - no values for type %s\n", type, 0, 0 );
op_shared_log_error_access (pb, "ADD", slapi_sdn_get_dn (slapi_entry_get_sdn_const(e)), "null value");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL, NULL,
0, NULL );
slapi_ch_free_string(&type);
goto free_and_return;
}
normtype = slapi_attr_syntax_normalize(type);
if ( !normtype || !*normtype ) {
char ebuf[SLAPI_DSE_RETURNTEXT_SIZE];
rc = LDAP_INVALID_SYNTAX;
slapi_create_errormsg(ebuf, sizeof(ebuf), "invalid type '%s'", type);
op_shared_log_error_access (pb, "ADD", slapi_sdn_get_dn (slapi_entry_get_sdn_const(e)), ebuf);
send_ldap_result( pb, rc, NULL, ebuf, 0, NULL );
slapi_ch_free_string(&type);
slapi_ch_free( (void**)&normtype );
ber_bvecfree( vals );
goto free_and_return;
}
slapi_ch_free_string(&type);
/* for now we just ignore attributes that client is not allowed
to modify so not to break existing clients */
if (op_shared_is_allowed_attr (normtype, pb->pb_conn->c_isreplication_session)){
if (( rc = slapi_entry_add_values( e, normtype, vals ))
!= LDAP_SUCCESS ) {
slapi_log_access( LDAP_DEBUG_STATS,
"conn=%" NSPRIu64 " op=%d ADD dn=\"%s\", add values for type %s failed\n",
pb->pb_conn->c_connid, operation->o_opid,
slapi_entry_get_dn_const(e), normtype );
send_ldap_result( pb, rc, NULL, NULL, 0, NULL );
slapi_ch_free( (void**)&normtype );
ber_bvecfree( vals );
goto free_and_return;
}
/* if this is uniqueid attribute, set uniqueid field of the entry */
if (strcasecmp (normtype, SLAPI_ATTR_UNIQUEID) == 0)
{
e->e_uniqueid = slapi_ch_strdup (vals[0]->bv_val);
}
if(searchsubentry) searchsubentry=check_oc_subentry(e,vals,normtype);
}
slapi_ch_free( (void**)&normtype );
ber_bvecfree( vals );
}
/* Ensure that created attributes are not used in the RDN. */
if (check_rdn_for_created_attrs(e)) {
op_shared_log_error_access (pb, "ADD", slapi_sdn_get_dn(slapi_entry_get_sdn_const(e)), "invalid DN");
send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL, "illegal attribute in RDN", 0, NULL );
goto free_and_return;
}
/* len, is ber_len_t, which is uint. Can't be -1. May be better to remove (len != 0) check */
if ( (tag != LBER_END_OF_SEQORSET) && (len != -1) ) {
op_shared_log_error_access (pb, "ADD", slapi_sdn_get_dn (slapi_entry_get_sdn_const(e)), "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"decoding error", 0, NULL );
goto free_and_return;
}
/*
* in LDAPv3 there can be optional control extensions on
* the end of an LDAPMessage. we need to read them in and
* pass them to the backend.
*/
if ( (err = get_ldapmessage_controls( pb, ber, NULL )) != 0 ) {
op_shared_log_error_access (pb, "ADD", slapi_sdn_get_dn (slapi_entry_get_sdn_const(e)),
"failed to decode LDAP controls");
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
}
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &operation->o_isroot );
slapi_pblock_set( pb, SLAPI_ADD_ENTRY, e );
if (pb->pb_conn->c_flags & CONN_FLAG_IMPORT) {
/* this add is actually part of a bulk import -- punt */
handle_fast_add(pb, e);
} else {
op_shared_add ( pb );
}
/* make sure that we don't free entry if it is successfully added */
e = NULL;
free_and_return:;
if (e)
slapi_entry_free (e);
}
/*
return Glue2ServiceID as output,
by looking for an SRM Endpoint with the hostname matching the
EndpointURL and getting the Service ID from the EndpointServiceForeignKey.
*/
int g2_sd_get_service_id(LDAP *ld, const char *host, char **service_id, char **endpoint_id, char *errbuf, int errbufsz)
{
LDAPMessage *entry = NULL;
SDException exception;
LDAPMessage *reply = NULL;
struct berval **value = NULL;
char *query = NULL;
int sav_errno = 0;
*service_id = NULL;
*endpoint_id = NULL;
int rc = 0;
if (!host) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_service_id]: Hostname is not specified", errbuf, errbufsz);
return (-1);
}
query = g_strdup_printf(GLUE2_SERVICE_ID, host);
rc = connect_search_ldap(glue2_base, query, all_attrs, ld, &exception, &reply, errbuf, errbufsz);
if (rc != LDAP_SUCCESS) {
if (reply)
ldap_msgfree(reply);
if (query)
g_free(query);
return (-1);
}
if ((1 > ldap_count_entries(ld, reply))) {
if (reply)
ldap_msgfree(reply);
if (query)
g_free(query);
return (-1);
}
for (entry = ldap_first_entry(ld, reply); entry != NULL && rc == 0; entry
= ldap_next_entry(ld, entry)) {
if ( (value = ldap_get_values_len(ld, entry, GLUE2EndpointServiceForeignKey))) {
if (value && value[0]->bv_val) {
if ((*service_id = strdup(value[0]->bv_val)) == NULL) {
sav_errno = errno ? errno : ENOMEM;
}
ber_bvecfree(value);
}
}
if ( (value = ldap_get_values_len(ld, entry, GLUE2EndpointID))) {
if (value && value[0]->bv_val) {
if ((*endpoint_id = strdup(value[0]->bv_val)) == NULL) {
sav_errno = errno ? errno : ENOMEM;
}
ber_bvecfree(value);
}
}
if (reply)
ldap_msgfree(reply);
if(*service_id)
break;
}
if (query)
g_free(query);
if (!*service_id) {
if (!sav_errno) {
sav_errno = EINVAL;
}
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_service_id]: failed", errbuf, errbufsz);
errno = sav_errno;
return (-1);
}
return (0);
}
/* reads the cookie in dse.ldif to the replication agreement entry
returns: ldap result code of ldap operation, or
LDAP_NO_SUCH_ATTRIBUTE. (this is the equilivent of a null cookie) */
int windows_private_load_dirsync_cookie(const Repl_Agmt *ra)
{
Dirsync_Private *dp = NULL;
Slapi_PBlock *pb = NULL;
Slapi_DN* sdn = NULL;
int rc = 0;
Slapi_Entry *entry = NULL;
Slapi_Attr *attr = NULL;
LDAPDebug0Args( LDAP_DEBUG_TRACE, "=> windows_private_load_dirsync_cookie\n" );
PR_ASSERT(ra);
dp = (Dirsync_Private *) agmt_get_priv(ra);
PR_ASSERT (dp);
pb = slapi_pblock_new ();
sdn = slapi_sdn_dup( agmt_get_dn_byref(ra) );
rc = slapi_search_internal_get_entry(sdn, NULL, &entry,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION));
if (rc == 0)
{
rc= slapi_entry_attr_find( entry, type_nsds7DirsyncCookie, &attr );
if (attr)
{
struct berval **vals;
rc = slapi_attr_get_bervals_copy(attr, &vals );
if (vals)
{
dp->dirsync_cookie_len = (int) (vals[0])->bv_len;
slapi_ch_free_string(&dp->dirsync_cookie);
dp->dirsync_cookie = ( char* ) slapi_ch_malloc(dp->dirsync_cookie_len + 1);
memcpy(dp->dirsync_cookie,(vals[0]->bv_val), (vals[0])->bv_len+1);
}
ber_bvecfree(vals);
/* we do not free attr */
}
else
{
rc = LDAP_NO_SUCH_ATTRIBUTE;
}
}
if (entry)
{
slapi_entry_free(entry);
}
slapi_sdn_free( &sdn);
slapi_pblock_destroy (pb);
LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= windows_private_load_dirsync_cookie\n" );
return rc;
}
void
ldap_value_free_len( struct berval **vals )
{
ber_bvecfree( vals );
}
int g2_sd_get_se_types_and_endpoints(const char *host, char ***se_types,
char ***se_endpoints, char *errbuf, int errbufsz) {
char host_tmp[255];
int len_tmp = 0;
char *port = NULL;
LDAPMessage *entry = NULL;
SDException exception;
char *query = NULL;
int i, nbentries = 0, n = 0, rc = 0;
char **sep = NULL, **stp = NULL, **st = NULL, **sv = NULL, **ep = NULL;
struct berval **value = NULL;
int sav_errno = 0;
LDAPMessage *reply = NULL;
LDAP *ld = NULL;
char *service_id = NULL;
char *endpoint_id = NULL;
*se_types = NULL;
*se_endpoints = NULL;
if (!host) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_se_types_and_endpoints]: Hostname in empty", errbuf, errbufsz);
return -1;
}
if ((ld = get_connection(&exception, errbuf, errbufsz)) == NULL) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_se_types_and_endpoints]: Cannot connect to BDII", errbuf, errbufsz);
return (-1);
}
g2_sd_get_service_id(ld, host, &service_id, &endpoint_id, errbuf, errbufsz);
if(!service_id)
{
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_se_types_and_endpoints]: ServiceID cannot be found", errbuf, errbufsz);
if(ld)
close_connection(ld);
return (-1);
}
strncpy(host_tmp, host, 255);
if ((port = strchr(host_tmp, ':')) != NULL)
*port = 0;
query = g_strdup_printf(GLUE2_QUERY_TYPE_ENDPOINTS, service_id);
while (nbentries < 1 && !sav_errno) {
rc = connect_search_ldap(glue2_base, query, NULL, ld, &exception, &reply, errbuf, errbufsz);
if (rc != LDAP_SUCCESS) {
if (reply) {
ldap_msgfree(reply);
}
rc = -1;
sav_errno = errno;
break;
}
if ((nbentries = ldap_count_entries(ld, reply)) < 1) {
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_se_types_and_endpoints]: No entries found for host.", errbuf, errbufsz);
if (reply) {
ldap_msgfree(reply);
}
rc = -1;
break;
}
++nbentries;
if ((st = calloc(nbentries, sizeof (char *))) == NULL || (sv = calloc(
nbentries, sizeof (char *))) == NULL || (ep = calloc(nbentries,
sizeof (char *))) == NULL || (stp = calloc(nbentries,
sizeof (char *))) == NULL || (sep = calloc(nbentries,
sizeof (char *))) == NULL) {
if (reply) {
ldap_msgfree(reply);
}
sav_errno = errno ? errno : ENOMEM;
rc = -1;
break;
}
for (entry = ldap_first_entry(ld, reply); entry != NULL && rc == 0; entry
= ldap_next_entry(ld, entry)) {
if ((value = ldap_get_values_len(ld, entry, GLUE2_ATTR_ENDPOINT)) != NULL) {
if (value && value[0]->bv_val) {
ep[n] = strdup(value[0]->bv_val);
if (value)
ber_bvecfree(value);
if ((value = ldap_get_values_len(ld, entry, GLUE2_ATTR_TYPE)) == NULL) {
if (value && ep[n]) {
ber_bvecfree(value);
free(ep[n]);
continue;
}
}
if (st)
st[n] = strdup(value[0]->bv_val);
if (value)
ber_bvecfree(value);
if ((value = ldap_get_values_len(ld, entry, GLUE2_ATTR_VERSION))
== NULL) {
if (value && ep[n] && st[n]) {
ber_bvecfree(value);
free(ep[n]);
free(st[n]);
continue;
}
}
if (sv && value && value[0]->bv_val)
sv[n] = strdup(value[0]->bv_val);
if (value)
ber_bvecfree(value);
++n;
}
} else {
if (port == NULL) {
/* If port is not yet defined in host_tmp, and is available
// it is copied to host_tmp buffer
// ... But it will only be used if there is no GLUE2EndpointURL entry */
if (value)
ber_bvecfree(value);
value = ldap_get_values_len(ld, entry, "GLUE2EndpointURL");
if (value == NULL) {
if (nbentries == 1) {
sav_errno = EINVAL;
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_se_types_and_endpoints]: No port published in the BDII for Glue2", errbuf, errbufsz);
}
} else if (value && value[0]->bv_val && len_tmp + strlen(value[0]->bv_val) + 1 < 255) {
port = host_tmp + len_tmp;
strcpy(port + 1, value[0]->bv_val);
} else {
if (value)
ber_bvecfree(value);
sav_errno = ENAMETOOLONG;
if (reply) {
ldap_msgfree(reply);
}
break;
}
}
if (value)
ber_bvecfree(value);
}
}
if (reply) {
ldap_msgfree(reply);
}
}
if (rc < 0) {
for (i = 0; i < n; ++i) {
if (st && st[i])
free(st[i]);
if (sv && sv[i])
free(sv[i]);
if (ep && ep[i])
free(ep[i]);
}
if (st)
free(st);
if (sv)
free(sv);
if (ep)
free(ep);
if (stp)
free(stp);
if (sep)
free(sep);
errno = sav_errno ? sav_errno : EINVAL;
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_se_types_and_endpoints]: No available information", errbuf, errbufsz);
} else {
if (n > 0) {
for (i = 0; i < n; ++i) {
if ((strcmp(st[i], "srm_v1") == 0 || strcmp(st[i], "srm_v2")
== 0) && ep[i]) {
stp[i] = strdup(st[i]);
sep[i] = strdup(ep[i]);
} else if ((strcasecmp(st[i], "SRM") == 0) && (strncmp(sv[i],
"1.", 2)) == 0 && ep[i]) {
stp[i] = strdup("srm_v1");
sep[i] = strdup(ep[i]);
} else if ((strcasecmp(st[i], "SRM") == 0) && (strncmp(sv[i],
"2.2", 3)) == 0 && ep[i]) {
stp[i] = strdup("srm_v2");
sep[i] = strdup(ep[i]);
}
free(st[i]);
free(sv[i]);
free(ep[i]);
}
free(st);
free(sv);
free(ep);
} else if (n == 0 && port != NULL && stp && sep) {
/* There were no GLUE2EndpointID entries...
// ... so endpoint is hostname:port, and type is disk */
*port = ':';
stp[0] = strdup("disk");
sep[0] = strdup(host_tmp);
} else {
free(stp);
free(sep);
rc = -1;
SD_setException(&exception, SDStatus_FAILURE, "[BDII][g2_sd_get_se_types_and_endpoints]: No available information found for SE", errbuf, errbufsz);
errno = EINVAL;
}
if (rc == 0) {
*se_types = stp;
*se_endpoints = sep;
}
}
if (ld)
close_connection(ld);
if (query)
g_free(query);
if (service_id)
free(service_id);
if (endpoint_id)
free(endpoint_id);
return (rc);
}
/***********************************************************************
* ber_bvecfree (WLDAP32.@)
*
* Free an array of berval structures.
*
* PARAMS
* berval [I] Pointer to an array of berval structures.
*
* RETURNS
* Nothing.
*
* NOTES
* Use this function only to free an array of berval structures
* returned by a call to ber_scanf with a 'V' in the format string.
*/
void CDECL WLDAP32_ber_bvecfree( PBERVAL *berval )
{
#ifdef HAVE_LDAP
ber_bvecfree( berval );
#endif
}
static void
print_search_entry( LDAP *ld, LDAPMessage *res )
{
LDAPMessage *e;
for ( e = ldap_first_entry( ld, res ); e != NULL;
e = ldap_next_entry( ld, e ) )
{
BerElement *ber = NULL;
char *a, *dn, *ufn;
if ( e->lm_msgtype == LDAP_RES_SEARCH_RESULT )
break;
dn = ldap_get_dn( ld, e );
printf( "\tDN: %s\n", dn );
ufn = ldap_dn2ufn( dn );
printf( "\tUFN: %s\n", ufn );
free( dn );
free( ufn );
for ( a = ldap_first_attribute( ld, e, &ber ); a != NULL;
a = ldap_next_attribute( ld, e, ber ) )
{
struct berval **vals;
printf( "\t\tATTR: %s\n", a );
if ( (vals = ldap_get_values_len( ld, e, a ))
== NULL ) {
printf( "\t\t\t(no values)\n" );
} else {
int i;
for ( i = 0; vals[i] != NULL; i++ ) {
int j, nonascii;
nonascii = 0;
for ( j = 0; (ber_len_t) j < vals[i]->bv_len; j++ )
if ( !isascii( vals[i]->bv_val[j] ) ) {
nonascii = 1;
break;
}
if ( nonascii ) {
printf( "\t\t\tlength (%ld) (not ascii)\n", vals[i]->bv_len );
#ifdef BPRINT_NONASCII
ber_bprint( vals[i]->bv_val,
vals[i]->bv_len );
#endif /* BPRINT_NONASCII */
continue;
}
printf( "\t\t\tlength (%ld) %s\n",
vals[i]->bv_len, vals[i]->bv_val );
}
ber_bvecfree( vals );
}
}
if(ber != NULL) {
ber_free( ber, 0 );
}
}
if ( res->lm_msgtype == LDAP_RES_SEARCH_RESULT
|| res->lm_chain != NULL )
print_ldap_result( ld, res, "search" );
}
