static int
dodelete(
const char *dn,
LDAPControl **pctrls )
{
int rc;
int msgid;
printf( _("%sdeleting entry \"%s\"\n"), dont ? "!" : "", dn );
if ( !dont ) {
rc = ldap_delete_ext( ld, dn, pctrls, NULL, &msgid );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, _("%s: delete failed: %s\n"), prog, dn );
tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
goto done;
}
rc = process_response( ld, msgid, LDAP_RES_DELETE, dn );
if ( verbose && rc == LDAP_SUCCESS ) {
printf( _("delete complete\n") );
}
} else {
rc = LDAP_SUCCESS;
}
done:
putchar( '\n' );
return( rc );
}
static int
dorename(
const struct berval *dn,
const struct berval *newrdn,
const struct berval *newsup,
int deleteoldrdn,
LDAPControl **pctrls )
{
int rc;
int msgid;
assert( dn != NULL );
assert( dn->bv_val != NULL );
assert( newrdn != NULL );
assert( newrdn->bv_val != NULL );
printf( _("%smodifying rdn of entry \"%s\"\n"), dont ? "!" : "", dn->bv_val );
if ( verbose ) {
printf( _("\tnew RDN: \"%s\" (%skeep existing values)\n"),
newrdn->bv_val, deleteoldrdn ? _("do not ") : "" );
}
if ( !dont ) {
rc = ldap_rename( ld, dn->bv_val, newrdn->bv_val,
( newsup && newsup->bv_val ) ? newsup->bv_val : NULL,
deleteoldrdn, pctrls, NULL, &msgid );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, _("%s: rename failed: %s\n"), prog, dn->bv_val );
tool_perror( "ldap_rename", rc, NULL, NULL, NULL, NULL );
goto done;
}
rc = process_response( ld, msgid, LDAP_RES_RENAME, dn );
if ( verbose && rc == LDAP_SUCCESS ) {
printf( _("rename complete\n") );
}
} else {
rc = LDAP_SUCCESS;
}
done:
putchar( '\n' );
return( rc );
}
int
main( int argc, char **argv )
{
char *rbuf = NULL, *rejbuf = NULL;
FILE *rejfp;
struct LDIFFP *ldiffp, ldifdummy = {0};
char *matched_msg, *error_msg;
int rc, retval;
int len;
int i = 0;
int lineno, nextline = 0, lmax = 0;
LDAPControl c[1];
prog = lutil_progname( "ldapmodify", argc, argv );
/* strncmp instead of strcmp since NT binaries carry .exe extension */
ldapadd = ( strncasecmp( prog, "ldapadd", sizeof("ldapadd")-1 ) == 0 );
tool_init( ldapadd ? TOOL_ADD : TOOL_MODIFY );
tool_args( argc, argv );
if ( argc != optind ) usage();
if ( rejfile != NULL ) {
if (( rejfp = fopen( rejfile, "w" )) == NULL ) {
perror( rejfile );
return( EXIT_FAILURE );
}
} else {
rejfp = NULL;
}
if ( infile != NULL ) {
if (( ldiffp = ldif_open( infile, "r" )) == NULL ) {
perror( infile );
return( EXIT_FAILURE );
}
} else {
ldifdummy.fp = stdin;
ldiffp = &ldifdummy;
}
if ( debug ) ldif_debug = debug;
ld = tool_conn_setup( dont, 0 );
if ( !dont ) {
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( _("Enter LDAP Password: "******"ldap_txn_start_s", rc, NULL, NULL, NULL, NULL );
if( txn > 1 ) return EXIT_FAILURE;
txn = 0;
}
}
#endif
if ( 0
#ifdef LDAP_X_TXN
|| txn
#endif
)
{
#ifdef LDAP_X_TXN
if( txn ) {
c[i].ldctl_oid = LDAP_CONTROL_X_TXN_SPEC;
c[i].ldctl_value = *txn_id;
c[i].ldctl_iscritical = 1;
i++;
}
#endif
}
tool_server_controls( ld, c, i );
rc = 0;
retval = 0;
lineno = 1;
while (( rc == 0 || contoper ) && ldif_read_record( ldiffp, &nextline,
&rbuf, &lmax ))
{
if ( rejfp ) {
len = strlen( rbuf );
if (( rejbuf = (char *)ber_memalloc( len+1 )) == NULL ) {
perror( "malloc" );
exit( EXIT_FAILURE );
}
memcpy( rejbuf, rbuf, len+1 );
}
rc = process_ldif_rec( rbuf, lineno );
lineno = nextline+1;
if ( rc ) retval = rc;
if ( rc && rejfp ) {
fprintf(rejfp, _("# Error: %s (%d)"), ldap_err2string(rc), rc);
matched_msg = NULL;
ldap_get_option(ld, LDAP_OPT_MATCHED_DN, &matched_msg);
if ( matched_msg != NULL ) {
if ( *matched_msg != '\0' ) {
fprintf( rejfp, _(", matched DN: %s"), matched_msg );
}
ldap_memfree( matched_msg );
}
error_msg = NULL;
ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &error_msg);
if ( error_msg != NULL ) {
if ( *error_msg != '\0' ) {
fprintf( rejfp, _(", additional info: %s"), error_msg );
}
ldap_memfree( error_msg );
}
fprintf( rejfp, "\n%s\n", rejbuf );
}
if (rejfp) ber_memfree( rejbuf );
}
ber_memfree( rbuf );
#ifdef LDAP_X_TXN
if( retval == 0 && txn ) {
rc = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL );
if ( rc != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not unset controls for ldap_txn_end\n");
}
/* create transaction */
rc = ldap_txn_end_s( ld, !txnabort, txn_id, NULL, NULL, NULL );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_txn_end_s", rc, NULL, NULL, NULL, NULL );
retval = rc;
}
}
#endif
if ( !dont ) {
tool_unbind( ld );
}
if ( rejfp != NULL ) {
fclose( rejfp );
}
tool_destroy();
return( retval );
}
static int process_response(
LDAP *ld,
int msgid,
int op,
const char *dn )
{
LDAPMessage *res;
int rc = LDAP_OTHER, msgtype;
struct timeval tv = { 0, 0 };
int err;
char *text = NULL, *matched = NULL, **refs = NULL;
LDAPControl **ctrls = NULL;
for ( ; ; ) {
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, msgid, LDAP_MSG_ALL, &tv, &res );
if ( tool_check_abandon( ld, msgid ) ) {
return LDAP_CANCELLED;
}
if ( rc == -1 ) {
ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc );
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
return rc;
}
if ( rc != 0 ) {
break;
}
}
msgtype = ldap_msgtype( res );
rc = ldap_parse_result( ld, res, &err, &matched, &text, &refs, &ctrls, 1 );
if ( rc == LDAP_SUCCESS ) rc = err;
#ifdef LDAP_X_TXN
if ( rc == LDAP_X_TXN_SPECIFY_OKAY ) {
rc = LDAP_SUCCESS;
} else
#endif
if ( rc != LDAP_SUCCESS ) {
tool_perror( res2str( op ), rc, NULL, matched, text, refs );
} else if ( msgtype != op ) {
fprintf( stderr, "%s: msgtype: expected %d got %d\n",
res2str( op ), op, msgtype );
rc = LDAP_OTHER;
}
if ( text ) ldap_memfree( text );
if ( matched ) ldap_memfree( matched );
if ( text ) ber_memvfree( (void **)refs );
if ( ctrls ) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
return rc;
}
static int
domodify(
const char *dn,
LDAPMod **pmods,
LDAPControl **pctrls,
int newentry )
{
int rc, i, j, k, notascii, op;
struct berval *bvp;
if ( dn == NULL ) {
fprintf( stderr, _("%s: no DN specified\n"), prog );
return( LDAP_PARAM_ERROR );
}
if ( pmods == NULL ) {
/* implement "touch" (empty sequence)
* modify operation (note that there
* is no symmetry with the UNIX command,
* since \"touch\" on a non-existent entry
* will fail)*/
printf( "warning: no attributes to %sadd (entry=\"%s\")\n",
newentry ? "" : "change or ", dn );
} else {
for ( i = 0; pmods[ i ] != NULL; ++i ) {
op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
if( op == LDAP_MOD_ADD && ( pmods[i]->mod_bvalues == NULL )) {
fprintf( stderr,
_("%s: attribute \"%s\" has no values (entry=\"%s\")\n"),
prog, pmods[i]->mod_type, dn );
return LDAP_PARAM_ERROR;
}
}
if ( verbose ) {
for ( i = 0; pmods[ i ] != NULL; ++i ) {
op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
printf( "%s %s:\n",
op == LDAP_MOD_REPLACE ? _("replace") :
op == LDAP_MOD_ADD ? _("add") :
op == LDAP_MOD_INCREMENT ? _("increment") :
op == LDAP_MOD_DELETE ? _("delete") :
_("unknown"),
pmods[ i ]->mod_type );
if ( pmods[ i ]->mod_bvalues != NULL ) {
for ( j = 0; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
bvp = pmods[ i ]->mod_bvalues[ j ];
notascii = 0;
for ( k = 0; (unsigned long) k < bvp->bv_len; ++k ) {
if ( !isascii( bvp->bv_val[ k ] )) {
notascii = 1;
break;
}
}
if ( notascii ) {
printf( _("\tNOT ASCII (%ld bytes)\n"), bvp->bv_len );
} else {
printf( "\t%s\n", bvp->bv_val );
}
}
}
}
}
}
if ( newentry ) {
printf( "%sadding new entry \"%s\"\n", dont ? "!" : "", dn );
} else {
printf( "%smodifying entry \"%s\"\n", dont ? "!" : "", dn );
}
if ( !dont ) {
int msgid;
if ( newentry ) {
rc = ldap_add_ext( ld, dn, pmods, pctrls, NULL, &msgid );
} else {
rc = ldap_modify_ext( ld, dn, pmods, pctrls, NULL, &msgid );
}
if ( rc != LDAP_SUCCESS ) {
/* print error message about failed update including DN */
fprintf( stderr, _("%s: update failed: %s\n"), prog, dn );
tool_perror( newentry ? "ldap_add" : "ldap_modify",
rc, NULL, NULL, NULL, NULL );
goto done;
}
rc = process_response( ld, msgid,
newentry ? LDAP_RES_ADD : LDAP_RES_MODIFY, dn );
if ( verbose && rc == LDAP_SUCCESS ) {
printf( _("modify complete\n") );
}
} else {
rc = LDAP_SUCCESS;
}
done:
putchar( '\n' );
return rc;
}
static int domodrdn(
LDAP *ld,
char *dn,
char *rdn,
char *newSuperior,
int remove ) /* flag: remove old RDN */
{
int rc, code, id;
char *matcheddn=NULL, *text=NULL, **refs=NULL;
LDAPControl **ctrls = NULL;
LDAPMessage *res;
if ( verbose ) {
printf( _("Renaming \"%s\"\n"), dn );
printf( _("\tnew rdn=\"%s\" (%s old rdn)\n"),
rdn, remove ? _("delete") : _("keep") );
if( newSuperior != NULL ) {
printf(_("\tnew parent=\"%s\"\n"), newSuperior);
}
}
if( dont ) return LDAP_SUCCESS;
rc = ldap_rename( ld, dn, rdn, newSuperior, remove,
NULL, NULL, &id );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: ldap_rename: %s (%d)\n",
prog, ldap_err2string( rc ), rc );
return rc;
}
for ( ; ; ) {
struct timeval tv = { 0, 0 };
if ( tool_check_abandon( ld, id ) ) {
return LDAP_CANCELLED;
}
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
return rc;
}
if ( rc != 0 ) {
break;
}
}
rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 );
if( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n",
prog, ldap_err2string( rc ), rc );
return rc;
}
if( verbose || code != LDAP_SUCCESS ||
(matcheddn && *matcheddn) || (text && *text) || (refs && *refs) )
{
printf( _("Rename Result: %s (%d)\n"),
ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
}
if (ctrls) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
return code;
}
int
main( int argc, char *argv[] )
{
int rc;
LDAP *ld = NULL;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
LDAPControl **ctrls = NULL;
int id, code;
LDAPMessage *res = NULL;
tool_init( TOOL_EXOP );
prog = lutil_progname( "ldapexop", argc, argv );
/* LDAPv3 only */
protocol = LDAP_VERSION3;
tool_args( argc, argv );
if ( argc - optind < 1 ) {
usage();
}
ld = tool_conn_setup( 0, 0 );
tool_bind( ld );
argv += optind;
argc -= optind;
if ( strcasecmp( argv[ 0 ], "whoami" ) == 0 ) {
tool_server_controls( ld, NULL, 0 );
rc = ldap_whoami( ld, NULL, NULL, &id );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
} else if ( strcasecmp( argv[ 0 ], "cancel" ) == 0 ) {
int cancelid;
switch ( argc ) {
case 2:
if ( lutil_atoi( &cancelid, argv[ 1 ] ) != 0 || cancelid < 0 ) {
fprintf( stderr, "invalid cancelid=%s\n\n", argv[ 1 ] );
usage();
}
break;
default:
fprintf( stderr, "need cancelid\n\n" );
usage();
}
rc = ldap_cancel( ld, cancelid, NULL, NULL, &id );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_cancel", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
} else if ( strcasecmp( argv[ 0 ], "passwd" ) == 0 ) {
fprintf( stderr, "use ldappasswd(1) instead.\n\n" );
usage();
/* TODO? */
} else if ( strcasecmp( argv[ 0 ], "refresh" ) == 0 ) {
int ttl = 3600;
struct berval dn;
switch ( argc ) {
case 3:
ttl = atoi( argv[ 2 ] );
case 2:
dn.bv_val = argv[ 1 ];
dn.bv_len = strlen( dn.bv_val );
break;
default:
fprintf( stderr, _("need DN [ttl]\n\n") );
usage();
}
tool_server_controls( ld, NULL, 0 );
rc = ldap_refresh( ld, &dn, ttl, NULL, NULL, &id );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
} else {
char *p;
if ( argc != 1 ) {
usage();
}
p = strchr( argv[ 0 ], ':' );
if ( p == argv[ 0 ] ) {
usage();
}
if ( p != NULL )
*p++ = '\0';
if ( tool_is_oid( argv[ 0 ] ) ) {
struct berval reqdata;
struct berval type;
struct berval value;
int freeval;
if ( p != NULL ) {
p[ -1 ] = ':';
ldif_parse_line2( argv[ 0 ], &type, &value, &freeval );
p[ -1 ] = '\0';
if ( freeval ) {
reqdata = value;
} else {
ber_dupbv( &reqdata, &value );
}
}
tool_server_controls( ld, NULL, 0 );
rc = ldap_extended_operation( ld, argv[ 0 ], p ? &reqdata : NULL, NULL, NULL, &id );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
} else {
fprintf( stderr, "unknown exop \"%s\"\n\n", argv[ 0 ] );
usage();
}
}
for ( ; ; ) {
struct timeval tv;
if ( tool_check_abandon( ld, id ) ) {
tool_exit( ld, LDAP_CANCELLED );
}
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
if ( rc != 0 ) {
break;
}
}
rc = ldap_parse_result( ld, res,
&code, &matcheddn, &text, &refs, &ctrls, 0 );
if ( rc == LDAP_SUCCESS ) {
rc = code;
}
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_result", rc, NULL, matcheddn, text, refs );
rc = EXIT_FAILURE;
goto skip;
}
if ( strcasecmp( argv[ 0 ], "whoami" ) == 0 ) {
char *retoid = NULL;
struct berval *retdata = NULL;
rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 0 );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
if ( retdata != NULL ) {
if ( retdata->bv_len == 0 ) {
printf(_("anonymous\n") );
} else {
printf("%s\n", retdata->bv_val );
}
}
ber_memfree( retoid );
ber_bvfree( retdata );
} else if ( strcasecmp( argv[ 0 ], "cancel" ) == 0 ) {
/* no extended response; returns specific errors */
assert( 0 );
} else if ( strcasecmp( argv[ 0 ], "passwd" ) == 0 ) {
/* TODO */
} else if ( strcasecmp( argv[ 0 ], "refresh" ) == 0 ) {
int newttl;
rc = ldap_parse_refresh( ld, res, &newttl );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_refresh", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
printf( "newttl=%d\n", newttl );
} else if ( tool_is_oid( argv[ 0 ] ) ) {
char *retoid = NULL;
struct berval *retdata = NULL;
if( ldif < 2 ) {
printf(_("# extended operation response\n"));
}
rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 0 );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
if ( ldif < 2 && retoid != NULL ) {
tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE,
"oid", retoid, strlen(retoid) );
}
ber_memfree( retoid );
if( retdata != NULL ) {
if ( ldif < 2 ) {
tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY,
"data", retdata->bv_val, retdata->bv_len );
}
ber_bvfree( retdata );
}
}
if( verbose || code != LDAP_SUCCESS ||
( matcheddn && *matcheddn ) || ( text && *text ) || refs ) {
printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
}
if (ctrls) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
skip:
/* disconnect from server */
if ( res )
ldap_msgfree( res );
tool_exit( ld, code == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE );
}
static int docompare(
LDAP *ld,
char *dn,
char *attr,
struct berval *bvalue,
int quiet,
LDAPControl **sctrls,
LDAPControl **cctrls )
{
int rc, msgid, code;
LDAPMessage *res;
char *matcheddn;
char *text;
char **refs;
LDAPControl **ctrls = NULL;
if ( dont ) {
return LDAP_SUCCESS;
}
rc = ldap_compare_ext( ld, dn, attr, bvalue,
sctrls, cctrls, &msgid );
if ( rc == -1 ) {
return( rc );
}
for ( ; ; ) {
struct timeval tv;
tv.tv_sec = 0;
tv.tv_usec = 100000;
if ( tool_check_abandon( ld, msgid ) ) {
return LDAP_CANCELLED;
}
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
return rc;
}
if ( rc != 0 ) {
break;
}
}
rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 );
if( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n",
prog, ldap_err2string( rc ), rc );
return rc;
}
if ( !quiet && ( verbose || ( code != LDAP_SUCCESS && code != LDAP_COMPARE_TRUE && code != LDAP_COMPARE_FALSE )||
(matcheddn && *matcheddn) || (text && *text) || (refs && *refs) ) )
{
printf( _("Compare Result: %s (%d)\n"),
ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
}
/* if we were told to be quiet, use the return value. */
if ( !quiet ) {
if ( code == LDAP_COMPARE_TRUE ) {
printf(_("TRUE\n"));
} else if ( code == LDAP_COMPARE_FALSE ) {
printf(_("FALSE\n"));
} else {
printf(_("UNDEFINED\n"));
}
}
if ( ctrls ) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
return( code );
}
/*
* Delete all the children of an entry recursively until leaf nodes are reached.
*/
static int deletechildren(
LDAP *ld,
const char *base,
int subentries )
{
LDAPMessage *res, *e;
int entries;
int rc = LDAP_SUCCESS, srch_rc;
static char *attrs[] = { LDAP_NO_ATTRS, NULL };
LDAPControl c, *ctrls[2], **ctrlsp = NULL;
BerElement *ber = NULL;
if ( verbose ) printf ( _("deleting children of: %s\n"), base );
if ( subentries ) {
/*
* Do a one level search at base for subentry children.
*/
if ((ber = ber_alloc_t(LBER_USE_DER)) == NULL) {
return EXIT_FAILURE;
}
rc = ber_printf( ber, "b", 1 );
if ( rc == -1 ) {
ber_free( ber, 1 );
fprintf( stderr, _("Subentries control encoding error!\n"));
return EXIT_FAILURE;
}
if ( ber_flatten2( ber, &c.ldctl_value, 0 ) == -1 ) {
return EXIT_FAILURE;
}
c.ldctl_oid = LDAP_CONTROL_SUBENTRIES;
c.ldctl_iscritical = 1;
ctrls[0] = &c;
ctrls[1] = NULL;
ctrlsp = ctrls;
}
/*
* Do a one level search at base for children. For each, delete its children.
*/
more:;
srch_rc = ldap_search_ext_s( ld, base, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1,
ctrlsp, NULL, NULL, sizelimit, &res );
switch ( srch_rc ) {
case LDAP_SUCCESS:
case LDAP_SIZELIMIT_EXCEEDED:
break;
default:
tool_perror( "ldap_search", srch_rc, NULL, NULL, NULL, NULL );
return( srch_rc );
}
entries = ldap_count_entries( ld, res );
if ( entries > 0 ) {
int i;
for (e = ldap_first_entry( ld, res ), i = 0; e != NULL;
e = ldap_next_entry( ld, e ), i++ )
{
char *dn = ldap_get_dn( ld, e );
if( dn == NULL ) {
ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc );
tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL );
ber_memfree( dn );
return rc;
}
rc = deletechildren( ld, dn, 0 );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL );
ber_memfree( dn );
return rc;
}
if ( verbose ) {
printf( _("\tremoving %s\n"), dn );
}
rc = ldap_delete_ext_s( ld, dn, NULL, NULL );
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
ber_memfree( dn );
return rc;
}
if ( verbose ) {
printf( _("\t%s removed\n"), dn );
}
ber_memfree( dn );
}
}
ldap_msgfree( res );
if ( srch_rc == LDAP_SIZELIMIT_EXCEEDED ) {
goto more;
}
return rc;
}
static int dodelete(
LDAP *ld,
const char *dn)
{
int id;
int rc, code;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
LDAPControl **ctrls = NULL;
LDAPMessage *res;
int subentries = 0;
if ( verbose ) {
printf( _("%sdeleting entry \"%s\"\n"),
(dont ? "!" : ""), dn );
}
if ( dont ) {
return LDAP_SUCCESS;
}
/* If prune is on, remove a whole subtree. Delete the children of the
* DN recursively, then the DN requested.
*/
if ( prune ) {
retry:;
deletechildren( ld, dn, subentries );
}
rc = ldap_delete_ext( ld, dn, NULL, NULL, &id );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: ldap_delete_ext: %s (%d)\n",
prog, ldap_err2string( rc ), rc );
return rc;
}
for ( ; ; ) {
struct timeval tv;
if ( tool_check_abandon( ld, id ) ) {
return LDAP_CANCELLED;
}
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
return rc;
}
if ( rc != 0 ) {
break;
}
}
rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 );
switch ( rc ) {
case LDAP_SUCCESS:
break;
case LDAP_NOT_ALLOWED_ON_NONLEAF:
if ( prune && !subentries ) {
subentries = 1;
goto retry;
}
/* fallthru */
default:
fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n",
prog, ldap_err2string( rc ), rc );
return rc;
}
if( code != LDAP_SUCCESS ) {
tool_perror( "ldap_delete", code, NULL, matcheddn, text, refs );
} else if ( verbose &&
((matcheddn && *matcheddn) || (text && *text) || (refs && *refs) ))
{
printf( _("Delete Result: %s (%d)\n"),
ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
}
if (ctrls) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
return code;
}
int
main( int argc, char *argv[] )
{
int rc;
LDAP *ld = NULL;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
struct berval *authzid = NULL;
int id, code = 0;
LDAPMessage *res = NULL;
LDAPControl **ctrls = NULL;
tool_init( TOOL_WHOAMI );
prog = lutil_progname( "ldapwhoami", argc, argv );
/* LDAPv3 only */
protocol = LDAP_VERSION3;
tool_args( argc, argv );
if( argc - optind > 0 ) {
usage();
}
ld = tool_conn_setup( 0, 0 );
tool_bind( ld );
if ( dont ) {
rc = LDAP_SUCCESS;
goto skip;
}
tool_server_controls( ld, NULL, 0 );
rc = ldap_whoami( ld, NULL, NULL, &id );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_whoami", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
for ( ; ; ) {
struct timeval tv;
if ( tool_check_abandon( ld, id ) ) {
tool_exit( ld, LDAP_CANCELLED );
}
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
tool_exit( ld, rc );
}
if ( rc != 0 ) {
break;
}
}
rc = ldap_parse_result( ld, res,
&code, &matcheddn, &text, &refs, &ctrls, 0 );
if ( rc == LDAP_SUCCESS ) {
rc = code;
}
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_result", rc, NULL, matcheddn, text, refs );
rc = EXIT_FAILURE;
goto skip;
}
rc = ldap_parse_whoami( ld, res, &authzid );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_whoami", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
if( authzid != NULL ) {
if( authzid->bv_len == 0 ) {
printf(_("anonymous\n") );
} else {
printf("%s\n", authzid->bv_val );
}
}
skip:
ldap_msgfree(res);
if ( verbose || code != LDAP_SUCCESS ||
( matcheddn && *matcheddn ) || ( text && *text ) || refs || ctrls )
{
printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
if (ctrls) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
ber_bvfree( authzid );
/* disconnect from server */
tool_exit( ld, code == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE );
}
int
main( int argc, char *argv[] )
{
int rc;
char *user = NULL;
LDAP *ld = NULL;
struct berval bv = {0, NULL};
BerElement *ber = NULL;
int id, code = LDAP_OTHER;
LDAPMessage *res;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
char *retoid = NULL;
struct berval *retdata = NULL;
LDAPControl **ctrls = NULL;
tool_init( TOOL_PASSWD );
prog = lutil_progname( "ldappasswd", argc, argv );
/* LDAPv3 only */
protocol = LDAP_VERSION3;
tool_args( argc, argv );
if( argc - optind > 1 ) {
usage();
} else if ( argc - optind == 1 ) {
user = strdup( argv[optind] );
} else {
user = NULL;
}
if( oldpwfile ) {
rc = lutil_get_filed_password( oldpwfile, &oldpw );
if( rc ) {
rc = EXIT_FAILURE;
goto done;
}
}
if( want_oldpw && oldpw.bv_val == NULL ) {
/* prompt for old password */
char *ckoldpw;
oldpw.bv_val = strdup(getpassphrase(_("Old password: "******"Re-enter old password: "******"passwords do not match\n") );
rc = EXIT_FAILURE;
goto done;
}
oldpw.bv_len = strlen( oldpw.bv_val );
}
if( newpwfile ) {
rc = lutil_get_filed_password( newpwfile, &newpw );
if( rc ) {
rc = EXIT_FAILURE;
goto done;
}
}
if( want_newpw && newpw.bv_val == NULL ) {
/* prompt for new password */
char *cknewpw;
newpw.bv_val = strdup(getpassphrase(_("New password: "******"Re-enter new password: "******"passwords do not match\n") );
rc = EXIT_FAILURE;
goto done;
}
newpw.bv_len = strlen( newpw.bv_val );
}
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) {
rc = EXIT_FAILURE;
goto done;
}
} else if ( want_bindpw ) {
passwd.bv_val = getpassphrase( _("Enter LDAP Password: "******"ber_alloc_t" );
rc = EXIT_FAILURE;
goto done;
}
ber_printf( ber, "{" /*}*/ );
if( user != NULL ) {
ber_printf( ber, "ts",
LDAP_TAG_EXOP_MODIFY_PASSWD_ID, user );
free(user);
}
if( oldpw.bv_val != NULL ) {
ber_printf( ber, "tO",
LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &oldpw );
free(oldpw.bv_val);
}
if( newpw.bv_val != NULL ) {
ber_printf( ber, "tO",
LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &newpw );
free(newpw.bv_val);
}
ber_printf( ber, /*{*/ "N}" );
rc = ber_flatten2( ber, &bv, 0 );
if( rc < 0 ) {
perror( "ber_flatten2" );
rc = EXIT_FAILURE;
goto done;
}
}
if ( dont ) {
rc = LDAP_SUCCESS;
goto done;
}
tool_server_controls( ld, NULL, 0);
rc = ldap_extended_operation( ld,
LDAP_EXOP_MODIFY_PASSWD, bv.bv_val ? &bv : NULL,
NULL, NULL, &id );
ber_free( ber, 1 );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto done;
}
for ( ; ; ) {
struct timeval tv;
if ( tool_check_abandon( ld, id ) ) {
return LDAP_CANCELLED;
}
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
return rc;
}
if ( rc != 0 ) {
break;
}
}
rc = ldap_parse_result( ld, res,
&code, &matcheddn, &text, &refs, &ctrls, 0 );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_result", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto done;
}
rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto done;
}
if( retdata != NULL ) {
ber_tag_t tag;
char *s;
ber = ber_init( retdata );
if( ber == NULL ) {
perror( "ber_init" );
rc = EXIT_FAILURE;
goto done;
}
/* we should check the tag */
tag = ber_scanf( ber, "{a}", &s);
if( tag == LBER_ERROR ) {
perror( "ber_scanf" );
} else {
printf(_("New password: %s\n"), s);
free( s );
}
ber_free( ber, 1 );
} else if ( code == LDAP_SUCCESS && newpw.bv_val == NULL ) {
tool_perror( "ldap_parse_extended_result", LDAP_DECODING_ERROR,
" new password expected", NULL, NULL, NULL );
}
skip:
if( verbose || code != LDAP_SUCCESS ||
matcheddn || text || refs || ctrls )
{
printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
if( ctrls ) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
ber_memfree( retoid );
ber_bvfree( retdata );
rc = ( code == LDAP_SUCCESS ) ? EXIT_SUCCESS : EXIT_FAILURE;
done:
/* disconnect from server */
if ( ld )
tool_unbind( ld );
tool_destroy();
return rc;
}
int
main( int argc, char *argv[] )
{
int rc;
LDAP *ld = NULL;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
int rcode;
char * diag = NULL;
struct berval *scookie = NULL;
struct berval *scred = NULL;
int id, code = 0;
LDAPMessage *res;
LDAPControl **ctrls = NULL;
LDAPControl **vcctrls = NULL;
int nvcctrls = 0;
tool_init( TOOL_VC );
prog = lutil_progname( "ldapvc", argc, argv );
/* LDAPv3 only */
protocol = LDAP_VERSION3;
tool_args( argc, argv );
if (argc - optind > 0) {
dn = argv[optind++];
}
if (argc - optind > 0) {
cred.bv_val = strdup(argv[optind++]);
cred.bv_len = strlen(cred.bv_val);
}
if (argc - optind > 0) {
usage();
}
if (dn
#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE
&& !vc_sasl_mech
#endif
&& !cred.bv_val)
{
cred.bv_val = strdup(getpassphrase(_("User's password: "******"ldap_verify_credentials_interactive", rc, NULL, NULL, text, NULL);
ldap_memfree(text);
tool_exit(ld, rc);
}
} while (rc == LDAP_SASL_BIND_IN_PROGRESS);
lutil_sasl_freedefs(defaults);
if( rc != LDAP_SUCCESS ) {
ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*) &text);
tool_perror( "ldap_verify_credentials", rc, NULL, NULL, text, NULL );
rc = EXIT_FAILURE;
goto skip;
}
} else
#endif
#endif
{
rc = ldap_verify_credentials( ld,
NULL,
dn, NULL, cred.bv_val ? &cred: NULL, vcctrls,
NULL, NULL, &id );
if( rc != LDAP_SUCCESS ) {
ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*) &text);
tool_perror( "ldap_verify_credentials", rc, NULL, NULL, text, NULL );
rc = EXIT_FAILURE;
goto skip;
}
for ( ; ; ) {
struct timeval tv;
if ( tool_check_abandon( ld, id ) ) {
tool_exit( ld, LDAP_CANCELLED );
}
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
tool_exit( ld, rc );
}
if ( rc != 0 ) {
break;
}
}
}
ldap_controls_free(vcctrls);
vcctrls = NULL;
rc = ldap_parse_result( ld, res,
&code, &matcheddn, &text, &refs, &ctrls, 0 );
if (rc == LDAP_SUCCESS) rc = code;
if (rc != LDAP_SUCCESS) {
tool_perror( "ldap_parse_result", rc, NULL, matcheddn, text, refs );
rc = EXIT_FAILURE;
goto skip;
}
rc = ldap_parse_verify_credentials( ld, res, &rcode, &diag, &scookie, &scred, &vcctrls );
ldap_msgfree(res);
if (rc != LDAP_SUCCESS) {
tool_perror( "ldap_parse_verify_credentials", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
if (rcode != LDAP_SUCCESS) {
printf(_("Failed: %s (%d)\n"), ldap_err2string(rcode), rcode);
}
if (diag && *diag) {
printf(_("Diagnostic: %s\n"), diag);
}
if (vcctrls) {
tool_print_ctrls( ld, vcctrls );
}
skip:
if ( verbose || code != LDAP_SUCCESS ||
( matcheddn && *matcheddn ) || ( text && *text ) || refs || ctrls )
{
printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
if (ctrls) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
ber_bvfree( scookie );
ber_bvfree( scred );
ber_memfree( diag );
free( cred.bv_val );
/* disconnect from server */
tool_exit( ld, code == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE );
}
int
main( int argc, char *argv[] )
{
int rc;
LDAP *ld = NULL;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
char *retoid = NULL;
struct berval *retdata = NULL;
int id, code = 0;
LDAPMessage *res;
LDAPControl **ctrls = NULL;
tool_init( TOOL_WHOAMI );
prog = lutil_progname( "ldapwhoami", argc, argv );
/* LDAPv3 only */
protocol = LDAP_VERSION3;
tool_args( argc, argv );
if( argc - optind > 0 ) {
usage();
}
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( _("Enter LDAP Password: "******"ldap_whoami", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
for ( ; ; ) {
struct timeval tv;
if ( tool_check_abandon( ld, id ) ) {
return LDAP_CANCELLED;
}
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
if ( rc < 0 ) {
tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
return rc;
}
if ( rc != 0 ) {
break;
}
}
rc = ldap_parse_result( ld, res,
&code, &matcheddn, &text, &refs, &ctrls, 0 );
if ( rc == LDAP_SUCCESS ) {
rc = code;
}
if ( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_result", rc, NULL, matcheddn, text, refs );
rc = EXIT_FAILURE;
goto skip;
}
rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL );
rc = EXIT_FAILURE;
goto skip;
}
if( retdata != NULL ) {
if( retdata->bv_len == 0 ) {
printf(_("anonymous\n") );
} else {
printf("%s\n", retdata->bv_val );
}
}
skip:
if ( verbose || ( code != LDAP_SUCCESS ) ||
matcheddn || text || refs || ctrls )
{
printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code );
if( text && *text ) {
printf( _("Additional info: %s\n"), text );
}
if( matcheddn && *matcheddn ) {
printf( _("Matched DN: %s\n"), matcheddn );
}
if( refs ) {
int i;
for( i=0; refs[i]; i++ ) {
printf(_("Referral: %s\n"), refs[i] );
}
}
if (ctrls) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
}
ber_memfree( text );
ber_memfree( matcheddn );
ber_memvfree( (void **) refs );
ber_memfree( retoid );
ber_bvfree( retdata );
/* disconnect from server */
tool_unbind( ld );
tool_destroy();
return code == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE;
}