int
new_dsa_control (Attr_Sequence as, struct DSError *error, DN dn)
{
struct dsa_control * item ;
char * tmp_ptr ;
DN dn2;
Entry theentry;
extern Entry database_root;
SFD attempt_restart();
/* Return some silly error to distinguish it from the other dsa_control */
if ( ! manager(dn) ) {
error->dse_type = DSE_SECURITYERROR ;
error->ERR_SECURITY.DSE_sc_problem = DSE_SC_PROTECTIONREQUIRED ;
return (DS_ERROR_REMOTE) ;
}
item = (struct dsa_control *) as->attr_value->avseq_av.av_struct ;
switch (item->dsa_control_option) {
case (CONTROL_CHANGETAILOR) : { /* -tailor <string> */
tmp_ptr = qb2str(item->un.changeTailor) ;
if (dsa_tai_string (tmp_ptr) == OK) {
isodexport (NULLCP);
return (DS_OK);
}
break;
}
case(CONTROL_STOPDSA): { /* -abort */
LLOG(log_dsap,LLOG_FATAL,("*** abort signal ***")) ;
stop_listeners() ;
exit(0) ;
}
case (CONTROL_REFRESH): { /* -refresh <entry> */
if (item->un.refresh->offset == DN_PRESENT)
if (refresh_from_disk (item->un.refresh->un.selectedDN) == OK)
return (DS_OK);
break;
}
case(CONTROL_RESYNCH): { /* -resync <entry> */
if (item->un.resynch->offset == DN_PRESENT)
dn2 = item->un.resynch->un.selectedDN ;
else
break ;
if ((theentry = local_find_entry (dn2, FALSE)) != NULLENTRY)
#ifdef TURBO_DISK
{
Entry akid = (Entry) avl_getone(theentry->e_children);
if (turbo_writeall (akid) == OK)
return (DS_OK);
}
#else
{
Entry akid = (Entry) avl_getone(theentry->e_children);
if (journal (akid) == OK)
return (DS_OK);
}
#endif
break;
}
case (CONTROL_LOCKDSA): { /* -lock <entry> */
if (item->un.resynch->offset == DN_PRESENT)
dn2 = item->un.resynch->un.selectedDN ;
else
break ;
if ((theentry = local_find_entry (dn2,FALSE)) != NULLENTRY) {
theentry->e_lock = TRUE;
return (DS_OK);
}
break;
}
case (CONTROL_UNLOCK): { /* -unlock <entry> */
if (item->un.resynch->offset == DN_PRESENT)
dn2 = item->un.resynch->un.selectedDN ;
else
break ;
if ((theentry = local_find_entry (dn2,FALSE)) != NULLENTRY) {
theentry->e_lock = FALSE;
return (DS_OK);
}
break;
}
case (CONTROL_SETLOGLEVEL): { /* Set the Logging Level */
tmp_ptr = qb2str(item->un.setLogLevel) ;
/* What kind of stuff is needed here?!! */
return (DS_OK);
break;
}
case (CONTROL_UPDATESLAVEEDBS): { /* -slave */
/*
* When we go async return of OK will mean that a getedb
* operation has been scheduled, NOT that it has succeeded.
*/
tmp_ptr = qb2str(item->un.updateSlaveEDBs) ;
if (lexequ (tmp_ptr, "all") == 0) {
slave_update();
return DS_OK;
}
if (lexequ (tmp_ptr, "shadow") == 0) {
shadow_update();
return DS_OK;
}
if (lexequ (tmp_ptr, "root") == 0) {
dn2 = NULLDN;
} else {
if ((dn2 = str2dn (tmp_ptr)) == NULLDN)
break;
}
if (update_aux (dn2, dn2 == NULLDN) == OK)
return DS_OK;
break;
}
default:
break;
}
error->dse_type = DSE_SERVICEERROR;
error->ERR_SERVICE.DSE_sv_problem = DSE_SV_UNWILLINGTOPERFORM;
return (DS_ERROR_REMOTE);
}
int
dsa_control (Attr_Sequence as, struct DSError *error, DN dn)
{
char * str;
DN dn2;
Entry theentry;
extern Entry database_root;
SFD attempt_restart();
if ( ! manager(dn) ) {
error->dse_type = DSE_SECURITYERROR;
error->ERR_SECURITY.DSE_sc_problem = DSE_SC_ACCESSRIGHTS;
return (DS_ERROR_REMOTE);
}
str = (char *) as->attr_value->avseq_av.av_struct;
#ifndef NO_STATS
LLOG (log_stat,LLOG_NOTICE,("DSA control: %s",str));
#endif
switch (*str) {
case 'd': /* -dump <directory> */
str = SkipSpace (++str);
/*
directory_dump (str, database_root);
*/
return (DS_OK);
case 't': /* -tailor <string> */
str = SkipSpace (++str);
if (dsa_tai_string (str) == OK) {
isodexport (NULLCP);
return (DS_OK);
}
break;
case 'a': /* -abort */
LLOG (log_dsap,LLOG_FATAL,("*** abort signal ***"));
dsa_abort(-1);
exit(0);
case 'b': /* -restart */
LLOG (log_dsap,LLOG_FATAL,("*** restart signal ***"));
attempt_restart (NOTOK);
exit(0); /* should not be reached */
case 'r': /* -refresh <entry> */
str = SkipSpace (++str);
if (lexequ (str,"root") == 0)
dn2= NULLDN;
else if ((dn2 = str2dn (str)) == NULLDN)
break;
if (refresh_from_disk (dn2) == OK)
return (DS_OK);
break;
case 'f': /* -resync <entry> */
str = SkipSpace (++str);
if (lexequ (str,"root") == 0)
dn2= NULLDN;
else if ((dn2 = str2dn (str)) == NULLDN)
break;
if ((theentry = local_find_entry (dn2,FALSE)) != NULLENTRY)
#ifdef TURBO_DISK
{
Entry akid = (Entry) avl_getone(theentry->e_children);
if (turbo_writeall (akid) == OK)
return (DS_OK);
}
#else
{
Entry akid = (Entry) avl_getone(theentry->e_children);
if (journal (akid) == OK)
return (DS_OK);
}
#endif
break;
case 'l': /* -lock <entry> */
str = SkipSpace (++str);
if (lexequ (str,"root") == 0)
dn2 = NULLDN;
else if ((dn2 = str2dn (str)) == NULLDN)
break;
if ((theentry = local_find_entry (dn2,FALSE)) != NULLENTRY) {
theentry->e_lock = TRUE;
return (DS_OK);
}
break;
case 'u': /* -unlock <entry> */
str = SkipSpace (++str);
if (lexequ (str,"root") == 0)
dn2 = NULLDN;
else if ((dn2 = str2dn (str)) == NULLDN)
break;
if ((theentry = local_find_entry (dn2,FALSE)) != NULLENTRY) {
theentry->e_lock = FALSE;
return (DS_OK);
}
break;
case 's': /* -slave */
/*
* When we go async return of OK will mean that a getedb
* operation has been scheduled, NOT that it has succeeded.
*/
str = SkipSpace (++str);
if (*str == NULL) {
slave_update();
return DS_OK;
}
if (lexequ (str, "shadow") == 0) {
shadow_update();
return DS_OK;
}
if (lexequ (str, "root") == 0)
dn2 = NULLDN;
else if ((dn2 = str2dn (str)) == NULLDN)
break;
if (update_aux (dn2, dn2 == NULLDN) == OK)
return DS_OK;
break;
default:
break;
}
error->dse_type = DSE_SERVICEERROR;
error->ERR_SERVICE.DSE_sv_problem = DSE_SV_UNWILLINGTOPERFORM;
return (DS_ERROR_REMOTE);
}
main()
{
struct passwd *pw_entry ;
struct passwd *getpwuid() ;
struct stat buf ;
int i = 1 ;
int uid ;
int um ;
char pass1[LINESIZE] ;
char pass2[LINESIZE] ;
char Read_in_Stuff[LINESIZE] ;
char **vecptr ;
char *tmpdraft ;
char home_dir[LINESIZE] ;
char *p, *part1, *part2 ;
char quipurc_file[100] ;
char tailor_file[100] ;
char user_name[9] ;
char *localptr = Local ;
char print_format = EDBOUT ;
EntryInfo *ptr ;
static CommonArgs ca = default_common_args;
vecptr = (char **) malloc(100) ;
vecptr[0] = malloc (LINESIZE) ;
(void) strcpy(vecptr[0], "showentry") ;
(void) strcpy(pass1, "x") ;
(void) strcpy(pass2, "y") ;
tmpdraft = malloc (LINESIZE) ;
(void) strcpy(tmpdraft, "/tmp/dish-") ;
if ((opt = ps_alloc (std_open)) == NULLPS)
fatal (-62, "ps_alloc failed");
if (std_setup (opt, stderr) == NOTOK)
fatal (-63, "std_setup failed");
if ((rps = ps_alloc (std_open)) == NULLPS)
fatal (-64, "ps_alloc 2 failed");
if (std_setup (rps, stdout) == NOTOK)
fatal (-65, "std_setup 2 failed");
(void) strcpy(filterstring, "userid=") ;
/* Sort out files, userids etc. */
uid=getuid() ;
if ((pw_entry=getpwuid(uid)) == 0)
{
ps_printf(rps, "Who are you? (no name for your uid number)\n") ;
exit(1) ;
}
(void) strcpy(user_name, pw_entry->pw_name) ;
(void) strcat(tmpdraft, user_name) ;
if (getenv("HOME") == 0)
{
ps_printf(rps, "No home directory?!!") ;
(void) strcpy(home_dir, pw_entry->pw_dir) ;
}
else
{
(void) strcpy(home_dir, getenv("HOME")) ;
}
(void) strcpy(quipurc_file, home_dir) ;
(void) strcat(quipurc_file, "/.quipurc") ;
(void) strcpy(tailor_file, isodefile ("dishinit", 1));
Manager[0] = 0;
Password[0] = 0;
Local[0] = 0;
(void) stat(tailor_file, &buf) ;
(void) seteuid(buf.st_uid) ; /* set effective to enable */
/* us to read protected file */
if ((fp_tailor = fopen(tailor_file, "r")) == 0)
{
ps_print(rps, "Can't open Tailor File. Abort.\n") ;
exit(1) ;
}
while (fgets (Read_in_Stuff, LINESIZE, fp_tailor) != 0)
{
if (!strcmp(Read_in_Stuff, "##Anything after this line is copied into the users ~/.quipurc file\n"))
{
break ;
}
p = SkipSpace (Read_in_Stuff);
if (( *p == '#') || (*p == '\0'))
continue; /* ignore comments and blanks */
part1 = p;
if ((part2 = index (p,':')) == NULLCP) {
ps_printf (opt,"Seperator missing '%s'. Ignoring..\n",p);
}
*part2++ = '\0';
part2 = TidyString (part2);
if (lexequ(part1, "manager") == 0)
{
(void) strcpy(Manager, part2) ;
}
else
if (lexequ(part1, "password") == 0)
{
(void) strcpy(Password, part2) ;
}
else
if (lexequ(part1, "local") == 0)
{
(void) strcpy(Local, part2) ;
}
else
{
ps_printf(rps, "Error in tailor. What's a %s?\n", part1) ;
}
}
(void) setuid(uid) ; /* Restore Userid to original user. */
/* create ~/.quipurc file. NB this does eradicate anything in there.
* (Theoretically nothing.)
*/
if (Manager[0] == 0) {
ps_print(rps, "Can't find out the managers name\n") ;
exit(1) ;
}
if (Password[0] == 0) {
ps_print(rps, "Can't find out the managers password\n") ;
exit(1) ;
}
if (Local[0] == 0) {
ps_print(rps, "Can't find out where to search\n") ;
exit(1) ;
}
um = umask(0177) ;
if ((fp_quipurc = fopen(quipurc_file, "w")) == 0)
{
ps_printf(rps, "Can't open ~/.quipurc. Aborting..\n") ;
exit(1) ;
}
(void) umask(um) ;
if ((fileps = ps_alloc(std_open)) == NULLPS)
{
fatal (-66, "ps_alloc 2 failed");
}
if (std_setup (fileps, fp_quipurc) == NOTOK)
{
fatal (-67, "std_setup 2 failed");
}
/* Sorting out the bind section */
quipu_syntaxes() ; /* set up the needed function pointers */
dsap_init(&i, &vecptr) ;
(void) strcpy(bindarg.dba_passwd, Password) ;
bindarg.dba_version = DBA_VERSION_V1988;
bindarg.dba_passwd_len = strlen(bindarg.dba_passwd) ;
if ((bindarg.dba_dn = str2dn (Manager)) == NULLDN)
{
ps_printf (opt,"Invalid Manager name %s (???!)\n",Manager) ;
exit(1) ;
}
if (ds_bind (&bindarg, &binderr, &bindresult) != OK)
{
ps_printf(rps, "Can't bind as the manager.\n") ;
exit(1);
}
/* Hopefully, should be successfully bound */
/*
* We now call the search stuff with the right bits, to see if we can get a
* match of uid='user_name'. Once there, we echo lots of information from
* their entry out to the .quipurc file.
* Hopefully there should only be one match. This assumes that ALL dir info
* up to date, and that SG do not allow multiple users with the same login.
*/
/* set up the appropriate structures and defaults. */
search_arg.sra_common = ca; /* struct copy */
search_arg.sra_common.ca_servicecontrol.svc_sizelimit = 2 ;
search_arg.sra_eis.eis_allattributes = FALSE ;
search_arg.sra_searchaliases = FALSE;
search_arg.sra_subset = SRA_ONELEVEL;
search_arg.sra_eis.eis_infotypes = EIS_ATTRIBUTESANDVALUES ;
search_arg.sra_eis.eis_select = NULLATTR ;
search_arg.sra_eis.eis_allattributes = TRUE ;
search_arg.sra_filter = filter_alloc() ;
/* Default filter. */
search_arg.sra_filter->flt_next = NULLFILTER;
search_arg.sra_filter->flt_type = FILTER_ITEM;
search_arg.sra_filter->FUFILT = NULLFILTER;
if (*localptr == '@')
{
localptr++;
}
if ((search_arg.sra_baseobject = str2dn(localptr)) == NULLDN)
{
ps_printf (opt,"Invalid sequence in username %s.\n", localptr);
exit(1) ;
}
(void) strcat(filterstring, user_name) ;
search_arg.sra_filter->flt_un.flt_un_item.fi_type = FILTERITEM_EQUALITY ;
if ((search_arg.sra_filter->flt_un.flt_un_item.fi_un.fi_un_ava.ava_type = AttrT_new ("userid")) == NULLAttrT)
{
ps_printf(rps, "Oops, userid is not a valid attr type. ABORT!!\n") ;
exit(1) ;
}
if ((search_arg.sra_filter->flt_un.flt_un_item.fi_un.fi_un_ava.ava_value = str2AttrV (user_name, search_arg.sra_filter->flt_un.flt_un_item.fi_un.fi_un_ava.ava_type->oa_syntax)) == NULLAttrV)
{
ps_printf(rps, "%s is not a valid attribute value.\n", user_name) ;
}
/* call search */
/* We now ought to be in the right place, and with the search stuff set,
* ready to call search, and receive one (or no) entry back, which then
* gets processed accordingly.
*/
if (ds_search (&search_arg, &search_error, &search_result) != DS_OK)
{
ps_printf(rps, "Search failed...\n") ;
exit (1) ;
/* This is not the same as coming back with */
/* message "search failed to find anything. */
}
/* If the user does not exist in the DIT, print out the limited .quipurc
* and the warning message, and allow the user to play DISH.
*/
if (search_result.CSR_entries == NULLENTRYINFO)
{
ps_printf(opt, "Unfortunately, you seem to have no entry in\n") ;
ps_printf(opt, "the directory. Contact '%s' who should be able to help.\n", Manager) ;
ps_printf(opt, "In the mean time, you can read, but not write.\n") ;
}
else
{
ptr = search_result.CSR_entries ;
dn = dn_cpy(ptr->ent_dn) ; /* Essence of move user_name. */
/* collect the info and put it into current_entry */
/* Set up the desired attribute type to be read*/
/* from read.c */
if ((at = AttrT_new ("userPassword")) != NULLAttrT)
{
as_flag = as_merge (as_flag, as_comp_new (AttrT_cpy (at), NULLAV, NULLACL_INFO));
}
else
{
ps_printf(rps, "Oops, Serious error. unknown attribute type 'userPassword'.\n") ;
exit(1) ;
}
if ((current_entry = local_find_entry (dn, FALSE)) == NULLENTRY)
{
read_arg.rda_common = ca; /* struct copy */
read_arg.rda_object = dn;
read_arg.rda_eis.eis_infotypes = EIS_ATTRIBUTESANDVALUES;
read_arg.rda_eis.eis_allattributes = TRUE ;
read_arg.rda_eis.eis_select = NULLATTR ;
if (ds_read (&read_arg, &read_error, &read_result) != DS_OK)
{
ps_printf(rps, "We even seem to be having problems reading\n" ) ;
ps_printf(rps, "an entry we searched and found!! HELP!!\n") ;
exit(1) ;
}
if (read_result.rdr_entry.ent_attr == NULLATTR)
{
ps_printf(rps, "No attributes present. Even though\n") ;
ps_printf(rps, "we found you by userid attribute!!! HELP!!\n") ;
exit (1) ;
}
cache_entry (&(read_result.rdr_entry), read_arg.rda_eis.eis_allattributes, TRUE) ;
}
if ((current_entry = local_find_entry (dn, FALSE)) == NULLENTRY)
{
ps_printf(rps, "We still have nothing.Even after reading? Abort.\n") ;
exit(1) ;
}
ps_printf(fileps, "username: "******"\n") ;
ps_printf(fileps, "me: ") ;
dn_print(fileps, dn, EDBOUT) ;
ps_printf(fileps, "\n") ;
/* now showattribute -nokey to display it. */
ps_printf(fileps, "password: "******"You need a password...\n") ;
(void) strcpy(pass1, getpassword("Enter Password: "******"Re-enter password: "******"\nMismatch - Try again.\n") ;
}
}
ps_printf(fileps, "%s\n", pass1) ;
um = umask(0177) ;
if ((fp_draft = fopen(tmpdraft, "w")) == 0)
{
ps_print(rps, "Can't open draft file... Abort.\n") ;
exit(1) ;
}
(void) umask(um) ;
(void) fprintf(fp_draft, "UserPassword = %s\n", pass1) ;
(void) fprintf(fp_draft, "acl = self # write # attributes # acl $ userPassword\n") ;
(void) fprintf(fp_draft, "acl = others # compare # attributes # acl $ userPassword\n\n") ;
(void) fclose(fp_draft) ;
if ((fp_draft = fopen (tmpdraft, "r")) == NULL) {
ps_printf (opt, "Can't open draft entry %s\n", tmpdraft);
exit(1) ;
}
entry_ptr = get_default_entry (NULLENTRY);
#ifdef TURBO_DISK
entry_ptr->e_attributes = fget_attributes (fp_draft);
#else
entry_ptr->e_attributes = get_attributes (fp_draft);
#endif
(void) fclose (fp_draft);
mod_arg.mea_common = ca; /* struct copy */
mod_arg.mea_object = dn;
for (moddn = dn ; moddn->dn_parent != NULLDN; moddn=moddn->dn_parent)
;
entry_ptr->e_name = rdn_cpy (moddn->dn_rdn);
/* add rdn as attribute */
avst = avs_comp_new (AttrV_cpy (&entry_ptr->e_name->rdn_av));
temp = as_comp_new (AttrT_cpy (entry_ptr->e_name->rdn_at), avst, NULLACL_INFO);
entry_ptr->e_attributes = as_merge (entry_ptr->e_attributes, temp);
for (as = entry_ptr->e_attributes; as != NULLATTR; as = as->attr_link)
{
emnew = NULLMOD;
trail = as->attr_link;
as->attr_link = NULLATTR;
temp = current_entry->e_attributes;
for (; temp != NULLATTR; temp = temp->attr_link)
if (AttrT_cmp (as->attr_type, temp->attr_type) == 0)
{
/* found it - does it need changing ? */
if (avs_cmp (as->attr_value, temp->attr_value) != 0)
emnew = modify_avs (as->attr_value, temp->attr_value,as->attr_type);
break;
}
if (temp == NULLATTR)
{
emnew = em_alloc ();
emnew->em_type = EM_ADDATTRIBUTE;
emnew->em_what = as_cpy(as);
emnew->em_next = NULLMOD;
}
if (emnew != NULLMOD)
{
mod_arg.mea_changes = ems_append (mod_arg.mea_changes,emnew);
}
as->attr_link = trail;
}
while (ds_modifyentry (&mod_arg, &mod_error) != DS_OK)
{
if (dish_error (opt, &mod_error) == 0)
{
ps_printf(rps,"We have a dish error. Bye.\n") ;
entry_free (entry_ptr);
exit(1) ;
}
mod_arg.mea_object = mod_error.ERR_REFERRAL.DSE_ref_candidates->cr_name;
}
ps_print (rps, "Modified ");
dn_print (rps, dn, EDBOUT);
ps_print (rps, "\n");
delete_cache (dn); /* re-cache when next read */
entry_free (entry_ptr);
ems_part_free (mod_arg.mea_changes);
}
}
while(fgets(Read_in_Stuff, LINESIZE, fp_tailor) != 0)
{
fputs(Read_in_Stuff, fp_quipurc) ;
}
(void) fclose(fp_quipurc) ;
(void) fclose(fp_tailor) ;
/* (void) fprintf(fp_quipurc, "dsap: local_dit \"%s\"\n", Local) ;
(void) fprintf(fp_quipurc, "notype: acl\n") ;
(void) fprintf(fp_quipurc, "notype: treestructure\n") ;
(void) fprintf(fp_quipurc, "notype: masterdsa\n") ;
(void) fprintf(fp_quipurc, "notype: slavedsa\n") ;
(void) fprintf(fp_quipurc, "notype: objectclass\n") ;
(void) fprintf(fp_quipurc, "cache_time: 30\n") ;
(void) fprintf(fp_quipurc, "connect_time: 2\n") ;
*/
(void) ds_unbind() ;
(void) unlink(tmpdraft) ;
}