static int fldap_read(const char* path, char* buf, size_t size, off_t offset, struct fuse_file_info* fi) { static char* attrs[] = {"description", NULL}; LDAPMessage* msg = NULL; LDAPMessage* entry = NULL; BerElement* ber = NULL; char* dn; char** vals; char* attr; dn = path_to_dn(path, "cn="); ldap_search_s(ld, dn, LDAP_SCOPE_BASE, "(ObjectClass=*)", attrs, 0, &msg); entry = ldap_first_entry(ld, msg); if (!entry) { ldap_msgfree(msg); free(dn); return -ENOENT; } for (entry = ldap_first_entry(ld, msg); entry != NULL; entry = ldap_next_entry(ld, entry)) { for (attr = ldap_first_attribute(ld, entry, &ber); attr != NULL; attr = ldap_next_attribute(ld, entry, ber)) { if (!strcmp(attr, "description") && ((vals = ldap_get_values(ld, entry, attr)) != NULL)) { strncpy(buf, vals[0] + offset, size); ldap_value_free(vals); } ldap_memfree(attr); } ber_free(ber,0); } ldap_msgfree(msg); free(dn); return strlen(buf); }
ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads) { const char *attrs[] = {"supportedSASLMechanisms", NULL}; char **values; ADS_STATUS status; int i, j; LDAPMessage *res; /* get a list of supported SASL mechanisms */ status = ads_do_search(ads, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, &res); if (!ADS_ERR_OK(status)) return status; values = ldap_get_values(ads->ld, res, "supportedSASLMechanisms"); /* try our supported mechanisms in order */ for (i=0;sasl_mechanisms[i].name;i++) { /* see if the server supports it */ for (j=0;values && values[j];j++) { if (strcmp(values[j], sasl_mechanisms[i].name) == 0) { DEBUG(4,("Found SASL mechanism %s\n", values[j])); status = sasl_mechanisms[i].fn(ads); ldap_value_free(values); ldap_msgfree(res); return status; } } } ldap_value_free(values); ldap_msgfree(res); return ADS_ERROR(LDAP_AUTH_METHOD_NOT_SUPPORTED); }
BOOL smbldap_get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry, const char *attribute, char *value, int max_len) { char **values; if ( !attribute ) return False; value[0] = '\0'; if ((values = ldap_get_values (ldap_struct, entry, attribute)) == NULL) { DEBUG (10, ("smbldap_get_single_attribute: [%s] = [<does not exist>]\n", attribute)); return False; } if (convert_string(CH_UTF8, CH_UNIX,values[0], -1, value, max_len, False) == (size_t)-1) { DEBUG(1, ("smbldap_get_single_attribute: string conversion of [%s] = [%s] failed!\n", attribute, values[0])); ldap_value_free(values); return False; } ldap_value_free(values); #ifdef DEBUG_PASSWORDS DEBUG (100, ("smbldap_get_single_attribute: [%s] = [%s]\n", attribute, value)); #endif return True; }
/* XXX - this is for a stopgap implementation of gfs_opendir() */ char * gfarm_generic_info_get_foreach( char *dn, int scope, /* LDAP_SCOPE_ONELEVEL or LDAP_SCOPE_SUBTREE */ char *query, void *tmp_info, /* just used as a work area */ void (*callback)(void *, void *), void *closure, const struct gfarm_generic_info_ops *ops) { LDAPMessage *res, *e; int i, rv; char *a; BerElement *ptr; char **vals; /* search for entries, return all attrs */ rv = ldap_search_s(gfarm_ldap_server, dn, scope, query, NULL, 0, &res); if (rv != LDAP_SUCCESS) { if (rv == LDAP_NO_SUCH_OBJECT) return (GFARM_ERR_NO_SUCH_OBJECT); return (ldap_err2string(rv)); } /* step through each entry returned */ for (i = 0, e = ldap_first_entry(gfarm_ldap_server, res); e != NULL; e = ldap_next_entry(gfarm_ldap_server, e)) { ops->clear(tmp_info); for (a = ldap_first_attribute(gfarm_ldap_server, e, &ptr); a != NULL; a = ldap_next_attribute(gfarm_ldap_server, e, ptr)) { vals = ldap_get_values(gfarm_ldap_server, e, a); if (vals[0] == NULL) { ldap_value_free(vals); continue; } ops->set_field(tmp_info, a, vals); ldap_value_free(vals); } if (!ops->validate(tmp_info)) { /* invalid record */ ops->free(tmp_info); continue; } (*callback)(closure, tmp_info); ops->free(tmp_info); i++; } /* free the search results */ ldap_msgfree(res); if (i == 0) return (GFARM_ERR_NO_SUCH_OBJECT); return (NULL); }
ADDRESS * address_from_ldap(LDAP_CHOOSE_S *winning_e) { ADDRESS *ret_a = NULL; if(winning_e){ char *a; BerElement *ber; ret_a = mail_newaddr(); for(a = ldap_first_attribute(winning_e->ld, winning_e->selected_entry, &ber); a != NULL; a = ldap_next_attribute(winning_e->ld, winning_e->selected_entry, ber)){ int i; char *p; char **vals; dprint((9, "attribute: %s\n", a ? a : "?")); if(!ret_a->personal && strcmp(a, winning_e->info_used->cnattr) == 0){ dprint((9, "Got cnattr:")); vals = ldap_get_values(winning_e->ld, winning_e->selected_entry, a); for(i = 0; vals[i] != NULL; i++) dprint((9, " %s\n", vals[i] ? vals[i] : "?")); if(vals && vals[0]) ret_a->personal = cpystr(vals[0]); ldap_value_free(vals); } else if(!ret_a->mailbox && strcmp(a, winning_e->info_used->mailattr) == 0){ dprint((9, "Got mailattr:")); vals = ldap_get_values(winning_e->ld, winning_e->selected_entry, a); for(i = 0; vals[i] != NULL; i++) dprint((9, " %s\n", vals[i] ? vals[i] : "?")); /* use first one */ if(vals && vals[0]){ if((p = strindex(vals[0], '@')) != NULL){ ret_a->host = cpystr(p+1); *p = '\0'; } ret_a->mailbox = cpystr(vals[0]); } ldap_value_free(vals); } our_ldap_memfree(a); } } return(ret_a); }
char * gfarm_generic_info_get( void *key, void *info, const struct gfarm_generic_info_ops *ops) { LDAPMessage *res, *e; int n, rv; char *a; BerElement *ptr; char **vals; char *dn = ops->make_dn(key); if (dn == NULL) return (GFARM_ERR_NO_MEMORY); rv = ldap_search_s(gfarm_ldap_server, dn, LDAP_SCOPE_BASE, ops->query_type, NULL, 0, &res); free(dn); if (rv != LDAP_SUCCESS) { if (rv == LDAP_NO_SUCH_OBJECT) return (GFARM_ERR_NO_SUCH_OBJECT); return (ldap_err2string(rv)); } n = ldap_count_entries(gfarm_ldap_server, res); if (n == 0) { /* free the search results */ ldap_msgfree(res); return (GFARM_ERR_NO_SUCH_OBJECT); } ops->clear(info); e = ldap_first_entry(gfarm_ldap_server, res); for (a = ldap_first_attribute(gfarm_ldap_server, e, &ptr); a != NULL; a = ldap_next_attribute(gfarm_ldap_server, e, ptr)) { vals = ldap_get_values(gfarm_ldap_server, e, a); if (vals[0] == NULL) { ldap_value_free(vals); continue; } ops->set_field(info, a, vals); ldap_value_free(vals); } /* free the search results */ ldap_msgfree(res); /* should check all fields are filled */ if (!ops->validate(info)) { ops->free(info); /* XXX - different error code is better ? */ return (GFARM_ERR_NO_SUCH_OBJECT); } return (NULL); /* success */ }
ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads) { const char *attrs[] = {"supportedSASLMechanisms", NULL}; char **values; ADS_STATUS status; int i, j; LDAPMessage *res; struct ads_saslwrap *wrap = &ads->ldap_wrap_data; /* get a list of supported SASL mechanisms */ status = ads_do_search(ads, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, &res); if (!ADS_ERR_OK(status)) return status; values = ldap_get_values(ads->ldap.ld, res, "supportedSASLMechanisms"); if (ads->auth.flags & ADS_AUTH_SASL_SEAL) { wrap->wrap_type = ADS_SASLWRAP_TYPE_SEAL; } else if (ads->auth.flags & ADS_AUTH_SASL_SIGN) { wrap->wrap_type = ADS_SASLWRAP_TYPE_SIGN; } else { wrap->wrap_type = ADS_SASLWRAP_TYPE_PLAIN; } /* try our supported mechanisms in order */ for (i=0;sasl_mechanisms[i].name;i++) { /* see if the server supports it */ for (j=0;values && values[j];j++) { if (strcmp(values[j], sasl_mechanisms[i].name) == 0) { DEBUG(4,("Found SASL mechanism %s\n", values[j])); retry: status = sasl_mechanisms[i].fn(ads); if (status.error_type == ENUM_ADS_ERROR_LDAP && status.err.rc == LDAP_STRONG_AUTH_REQUIRED && wrap->wrap_type == ADS_SASLWRAP_TYPE_PLAIN) { DEBUG(3,("SASL bin got LDAP_STRONG_AUTH_REQUIRED " "retrying with signing enabled\n")); wrap->wrap_type = ADS_SASLWRAP_TYPE_SIGN; goto retry; } ldap_value_free(values); ldap_msgfree(res); return status; } } } ldap_value_free(values); ldap_msgfree(res); return ADS_ERROR(LDAP_AUTH_METHOD_NOT_SUPPORTED); }
static int ads_user_info(int argc, const char **argv) { ADS_STRUCT *ads; ADS_STATUS rc; void *res; const char *attrs[] = {"memberOf", NULL}; char *searchstring=NULL; char **grouplist; char *escaped_user = escape_ldap_string_alloc(argv[0]); if (argc < 1) { return net_ads_user_usage(argc, argv); } if (!(ads = ads_startup())) { return -1; } if (!escaped_user) { d_printf("ads_user_info: failed to escape user %s\n", argv[0]); ads_destroy(&ads); return -1; } asprintf(&searchstring, "(sAMAccountName=%s)", escaped_user); rc = ads_search(ads, &res, searchstring, attrs); safe_free(searchstring); if (!ADS_ERR_OK(rc)) { d_printf("ads_search: %s\n", ads_errstr(rc)); ads_destroy(&ads); return -1; } grouplist = ldap_get_values(ads->ld, res, "memberOf"); if (grouplist) { int i; char **groupname; for (i=0;grouplist[i];i++) { groupname = ldap_explode_dn(grouplist[i], 1); d_printf("%s\n", groupname[0]); ldap_value_free(groupname); } ldap_value_free(grouplist); } ads_msgfree(ads, res); ads_destroy(&ads); return 0; }
/* **| method: array(string) explode_dn ( string dn ); **| alt: array(string) explode_dn ( string dn, int notypes ); **| Takes a DN and converts it into an array of its components, **| called RDN (Relative Distinguished Name). ** **| arg: string dn **| The DN to explode. ** **| arg: int notypes **| If != 0 then the types of the DN components will be ignored and **| *not present in the output. Defaults to 1. ** **| returns: an array of RDN entries. */ static void f_ldap_explode_dn(INT32 args) { struct pike_string *dn; char **edn; int notypes = 1; switch (args) { case 2: if (ARG(2).type != T_INT) Pike_error("OpenLDAP.Client->explode_dn(): argument 2 must be an integer\n"); notypes = ARG(2).u.integer; /* fall through */ case 1: if (ARG(1).type != T_STRING) Pike_error("OpenLDAP.Client->explode_dn(): argument 1 must be an integer\n"); dn = ARG(1).u.string; break; default: Pike_error("OpenLDAP.Client->explode_dn(): expects at most 2 and at least 1 argument\n"); break; } pop_n_elems(args); edn = ldap_explode_dn(dn->str, notypes); if (!edn) { push_int(0); return; } push_array(make_pike_array(edn)); ldap_value_free(edn); }
/** * Attempt to discover the base DN for a server using LDAP version 3. * \param ld LDAP handle for a connected server. * \param tov Timeout value (seconds), or 0 for none, default 30 secs. * \return List of Base DN's, or NULL if could not read. List should be * g_free() when done. */ static GList *ldaputil_test_v3( LDAP *ld, gint tov ) { GList *baseDN = NULL; gint rc, i; LDAPMessage *result, *e; gchar *attribs[2]; BerElement *ber; gchar *attribute; gchar **vals; struct timeval timeout; /* Set timeout */ timeout.tv_usec = 0L; if( tov > 0 ) { timeout.tv_sec = tov; } else { timeout.tv_sec = 30L; } /* Test for LDAP version 3 */ attribs[0] = SYLDAP_V3_TEST_ATTR; attribs[1] = NULL; rc = ldap_search_ext_s( ld, SYLDAP_SEARCHBASE_V3, LDAP_SCOPE_BASE, SYLDAP_TEST_FILTER, attribs, 0, NULL, NULL, &timeout, 0, &result ); if( rc == LDAP_SUCCESS ) { /* Process entries */ for( e = ldap_first_entry( ld, result ); e != NULL; e = ldap_next_entry( ld, e ) ) { /* Process attributes */ for( attribute = ldap_first_attribute( ld, e, &ber ); attribute != NULL; attribute = ldap_next_attribute( ld, e, ber ) ) { if( strcasecmp( attribute, SYLDAP_V3_TEST_ATTR ) == 0 ) { vals = ldap_get_values( ld, e, attribute ); if( vals != NULL ) { for( i = 0; vals[i] != NULL; i++ ) { baseDN = g_list_append( baseDN, g_strdup( vals[i] ) ); } } ldap_value_free( vals ); } ldap_memfree( attribute ); } if( ber != NULL ) { ber_free( ber, 0 ); } ber = NULL; } } ldap_msgfree( result ); return baseDN; }
static ns_ldap_return_code __ns_ldap_freeCookie (ns_ldap_cookie_t ** pCookie) { ns_ldap_cookie_t *cookie; cookie = *pCookie; if (cookie != NULL) { if (cookie->map != NULL) free (cookie->map); if (cookie->filter != NULL) free (cookie->filter); if (cookie->attribute != NULL) ldap_value_free (cookie->attribute); if (cookie->state != NULL) { _nss_ldap_ent_context_release (&(cookie->state)); } if (cookie->mapped_filter != NULL) free (cookie->mapped_filter); if (cookie->mapped_attribute != NULL) free (cookie->mapped_attribute); _nss_ldap_am_context_free (&cookie->am_state); __ns_ldap_freeResult (&cookie->result); free (cookie); } *pCookie = NULL; return NS_LDAP_SUCCESS; }
static ns_ldap_return_code __ns_ldap_unmapObjectClasses (ns_ldap_cookie_t * cookie, char **mappedClasses, char ***pOrigClasses) { char **origClasses = NULL; int count, i; count = ldap_count_values (mappedClasses); origClasses = (char **) calloc (count + 1, sizeof (char *)); if (origClasses == NULL) { return NS_LDAP_MEMORY; } for (i = 0; i < count; i++) { origClasses[i] = strdup (_nss_ldap_unmap_oc (cookie->sel, mappedClasses[i])); if (origClasses[i] == NULL) { ldap_value_free (origClasses); return NS_LDAP_MEMORY; } } origClasses[i] = NULL; *pOrigClasses = origClasses; return NS_LDAP_SUCCESS; }
DWORD LwLdapGetString( HANDLE hDirectory, LDAPMessage* pMessage, PCSTR pszFieldName, PSTR* ppszValue ) { DWORD dwError = LW_ERROR_SUCCESS; PLW_LDAP_DIRECTORY_CONTEXT pDirectory = NULL; PSTR *ppszValues = NULL; PSTR pszValue = NULL; pDirectory = (PLW_LDAP_DIRECTORY_CONTEXT)hDirectory; ppszValues = (PSTR*)ldap_get_values(pDirectory->ld, pMessage, pszFieldName); if (ppszValues && ppszValues[0]) { dwError = LwAllocateString(ppszValues[0], &pszValue); BAIL_ON_LW_ERROR(dwError); } *ppszValue = pszValue; cleanup: if (ppszValues) { ldap_value_free(ppszValues); } return dwError; error: *ppszValue = NULL; LW_SAFE_FREE_STRING(pszValue); goto cleanup; }
/* dump a record from LDAP on stdout used for debugging */ void ads_dump(ADS_STRUCT *ads, LDAPMessage *res) { char *field; LDAPMessage *msg; BerElement *b; char *this_dn; for (msg = ldap_first_entry(ads->ld, res); msg; msg = ldap_next_entry(ads->ld, msg)) { this_dn = ldap_get_dn(ads->ld, res); if (this_dn) { printf("Dumping: %s\n", this_dn); } ldap_memfree(this_dn); for (field = ldap_first_attribute(ads->ld, msg, &b); field; field = ldap_next_attribute(ads->ld, msg, b)) { char **values, **p; values = ldap_get_values(ads->ld, msg, field); for (p = values; *p; p++) { printf("%s: %s\n", field, *p); } ldap_value_free(values); ldap_memfree(field); } ber_free(b, 1); printf("\n"); } }
/** * @name tcp_mapper_ldap_query * @description Issue a query to a LDAP instance * @param LDAP *ldap * @return int numrows */ int tcp_mapper_ldap_search(LDAP *ldap, char *search, char *result){ LDAPMessage *ldap_result, *entry; int numentries = 0; int err; char **val; if(err = ldap_search_s(ldap, cfg.ldap_base, LDAP_SCOPE_SUBTREE, search, NULL, 0, &ldap_result) != LDAP_SUCCESS ) { printf("%s\n", ldap_err2string(err)); return -1; } numentries = ldap_count_entries(ldap, ldap_result); if(numentries != 0) { /* just firts entry. We don't need any other */ entry = ldap_first_entry(ldap, ldap_result); val = ldap_get_values(ldap, entry, cfg.ldap_result_attr); if(val == NULL) { return 0; } snprintf(result, strlen(val[0])+1, "%s", (char *) val[0]); ldap_value_free(val); } return numentries; }
krb5_error_code krb5_ldap_create_krbcontainer(krb5_context context, const char *dn) { LDAP *ld=NULL; char *strval[2]={NULL}, **rdns=NULL; LDAPMod **mods = NULL; krb5_error_code st=0; kdb5_dal_handle *dal_handle=NULL; krb5_ldap_context *ldap_context=NULL; krb5_ldap_server_handle *ldap_server_handle=NULL; SETUP_CONTEXT (); /* get ldap handle */ GET_HANDLE (); if (dn == NULL) { st = EINVAL; k5_setmsg(context, st, _("Kerberos Container information is missing")); goto cleanup; } strval[0] = "krbContainer"; strval[1] = NULL; if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0) goto cleanup; rdns = ldap_explode_dn(dn, 1); if (rdns == NULL) { st = EINVAL; k5_setmsg(context, st, _("Invalid Kerberos container DN")); goto cleanup; } strval[0] = rdns[0]; strval[1] = NULL; if ((st=krb5_add_str_mem_ldap_mod(&mods, "cn", LDAP_MOD_ADD, strval)) != 0) goto cleanup; /* create the kerberos container */ st = ldap_add_ext_s(ld, dn, mods, NULL, NULL); if (st == LDAP_ALREADY_EXISTS) st = LDAP_SUCCESS; if (st != LDAP_SUCCESS) { int ost = st; st = translate_ldap_error (st, OP_ADD); k5_setmsg(context, st, _("Kerberos Container create FAILED: %s"), ldap_err2string(ost)); goto cleanup; } cleanup: if (rdns) ldap_value_free (rdns); ldap_mods_free(mods, 1); krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle); return(st); }
static void ldap_dump(LDAP *ld,LDAPMessage *res) { LDAPMessage *e; for (e = ldap_first_entry(ld, res); e; e = ldap_next_entry(ld, e)) { BerElement *b; char *attr; char *dn = ldap_get_dn(ld, res); if (dn) printf("dn: %s\n", dn); ldap_memfree(dn); for (attr = ldap_first_attribute(ld, e, &b); attr; attr = ldap_next_attribute(ld, e, b)) { char **values, **p; values = ldap_get_values(ld, e, attr); for (p = values; *p; p++) { printf("%s: %s\n", attr, *p); } ldap_value_free(values); ldap_memfree(attr); } ber_free(b, 1); printf("\n"); } }
void AD::AddGroups(LDAPMessage *search) { DWORD i; DWORD j; LDAPMessage *entry = NULL; PWCHAR attribute; PWCHAR *values; BerElement *berElement; for(i = 0; i < ldap_count_entries(ldap, search); i++) { Group *g = new Group(); if(!i) { entry = ldap_first_entry(ldap, search); } else { entry = ldap_next_entry(ldap, entry); } attribute = ldap_first_attribute(ldap, entry, &berElement); while(attribute != NULL) { values = ldap_get_values(ldap, entry, attribute); if(lstrcmpi(attribute, L"samaccountname") == 0) { g->name = values[0]; } if(lstrcmpi(attribute, L"member") == 0) { for(j = 0; j < ldap_count_values(values); j++) { std::wstring *ret = new std::wstring(); CNToAccountName(values[j], ret); g->users.push_back(ret); } } ldap_value_free(values); ldap_memfree(attribute); attribute = ldap_next_attribute(ldap, entry, berElement); } ber_free(berElement, 0); if(g->name.length() > 0) { GetGroupManager()->groups.push_back(g); g->PrettyPrint(); } else { delete(g); } } }
static void attr_free(ATTR *at) { ldap_memfree(at->name); ldap_value_free(at->vals); free(at); }
VALUE rb_ldap_explode_dn (VALUE self, VALUE dn, VALUE notypes) { char **c_arr, **p; char *c_dn; VALUE ary; if (dn == Qnil) { return Qnil; } c_dn = StringValueCStr (dn); if ((c_arr = ldap_explode_dn (c_dn, RTEST (notypes) ? 1 : 0))) { ary = rb_ary_new (); for (p = c_arr; *p != NULL; p++) { rb_ary_push (ary, rb_tainted_str_new2 (*p)); } ldap_value_free (c_arr); return ary; } else { return Qnil; } }
static int fldap_readlink(const char* path, char* buf, size_t size) { static char* attrs[] = {"description", NULL}; char* dn; LDAPMessage* msg = NULL; LDAPMessage* entry = NULL; BerElement* ber = NULL; char** vals; char* attr; if ((dn = is_dn_exist(path))) { ldap_search_s(ld, dn, LDAP_SCOPE_BASE, "(ObjectClass=*)", attrs, 0, &msg); if ((entry = ldap_first_entry(ld, msg))) { for (attr = ldap_first_attribute(ld, entry, &ber); attr != NULL; attr = ldap_next_attribute(ld, entry, ber)) { if ((vals = ldap_get_values(ld, entry, attr)) != NULL) { if (!strcmp("description", attr)) strncpy(buf, vals[0], size); ldap_value_free(vals); } ldap_memfree(attr); } ber_free(ber, 0); } ldap_msgfree(msg); } free(dn); return 0; }
static int check_ldap(const char *host, unsigned short port, int timeout, int *value_int) { LDAP *ldap = NULL; LDAPMessage *res = NULL; LDAPMessage *msg = NULL; BerElement *ber = NULL; char *attrs[2] = {"namingContexts", NULL }; char *attr = NULL; char **valRes = NULL; int ldapErr = 0; zbx_alarm_on(timeout); *value_int = 0; if (NULL == (ldap = ldap_init(host, port))) { zabbix_log(LOG_LEVEL_DEBUG, "LDAP - initialization failed [%s:%hu]", host, port); goto lbl_ret; } if (LDAP_SUCCESS != (ldapErr = ldap_search_s(ldap, "", LDAP_SCOPE_BASE, "(objectClass=*)", attrs, 0, &res))) { zabbix_log(LOG_LEVEL_DEBUG, "LDAP - searching failed [%s] [%s]", host, ldap_err2string(ldapErr)); goto lbl_ret; } if (NULL == (msg = ldap_first_entry(ldap, res))) { zabbix_log(LOG_LEVEL_DEBUG, "LDAP - empty sort result. [%s] [%s]", host, ldap_err2string(ldapErr)); goto lbl_ret; } if (NULL == (attr = ldap_first_attribute(ldap, msg, &ber))) { zabbix_log(LOG_LEVEL_DEBUG, "LDAP - empty first entry result. [%s] [%s]", host, ldap_err2string(ldapErr)); goto lbl_ret; } valRes = ldap_get_values(ldap, msg, attr); *value_int = 1; lbl_ret: zbx_alarm_off(); if (NULL != valRes) ldap_value_free(valRes); if (NULL != attr) ldap_memfree(attr); if (NULL != ber) ber_free(ber, 0); if (NULL != res) ldap_msgfree(res); if (NULL != ldap) ldap_unbind(ldap); return SYSINFO_RET_OK; }
/* returns the number of matches found */ static GList * __auth_get_every_match(const char *q, const char **retfields) { LDAPMessage *ldap_msg; LDAPMessage *ldap_res; char **ldap_vals = NULL, *dn; int j = 0, k = 0, m = 0, err; GList *attlist,*fldlist,*entlist; LDAP *_ldap_conn = ldap_con_get(); attlist = fldlist = entlist = NULL; if (! (ldap_res = authldap_search(q))) return NULL; if ((j = ldap_count_entries(_ldap_conn, ldap_res)) < 1) { TRACE(TRACE_DEBUG, "nothing found"); if (ldap_res) ldap_msgfree(ldap_res); return NULL; } /* do the first entry here */ if ((ldap_msg = ldap_first_entry(_ldap_conn, ldap_res)) == NULL) { ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err); TRACE(TRACE_ERR, "ldap_first_entry failed: [%s]", ldap_err2string(err)); if (ldap_res) ldap_msgfree(ldap_res); return NULL; } while (ldap_msg) { dn = ldap_get_dn(_ldap_conn, ldap_msg); TRACE(TRACE_DEBUG,"scan results for DN: [%s]", dn); for (k = 0; retfields[k] != NULL; k++) { TRACE(TRACE_DEBUG,"ldap_get_values [%s]", retfields[k]); if ((ldap_vals = ldap_get_values(_ldap_conn, ldap_msg, retfields[k]))) { m = 0; while (ldap_vals[m]) { TRACE(TRACE_DEBUG,"got value [%s]", ldap_vals[m]); attlist = g_list_append(attlist,g_strdup(ldap_vals[m])); m++; } } fldlist = g_list_append(fldlist, attlist); attlist = NULL; ldap_value_free(ldap_vals); } entlist = g_list_append(entlist, fldlist); fldlist = NULL; ldap_memfree(dn); ldap_msg = ldap_next_entry(_ldap_conn, ldap_msg); } if (ldap_res) ldap_msgfree(ldap_res); if (ldap_msg) ldap_msgfree(ldap_msg); return entlist; }
// destructor // nsLDAPMessage::~nsLDAPMessage(void) { if (mMsgHandle) { int rc = ldap_msgfree(mMsgHandle); // If you are having problems compiling the following code on a Solaris // machine with the Forte 6 Update 1 compilers, then you need to make // sure you have applied all the required patches. See: // http://www.mozilla.org/unix/solaris-build.html for more details. switch(rc) { case LDAP_RES_BIND: case LDAP_RES_SEARCH_ENTRY: case LDAP_RES_SEARCH_RESULT: case LDAP_RES_MODIFY: case LDAP_RES_ADD: case LDAP_RES_DELETE: case LDAP_RES_MODRDN: case LDAP_RES_COMPARE: case LDAP_RES_SEARCH_REFERENCE: case LDAP_RES_EXTENDED: case LDAP_RES_ANY: // success break; case LDAP_SUCCESS: // timed out (dunno why LDAP_SUCCESS is used to indicate this) PR_LOG(gLDAPLogModule, PR_LOG_WARNING, ("nsLDAPMessage::~nsLDAPMessage: ldap_msgfree() " "timed out\n")); break; default: // other failure PR_LOG(gLDAPLogModule, PR_LOG_WARNING, ("nsLDAPMessage::~nsLDAPMessage: ldap_msgfree() " "failed: %s\n", ldap_err2string(rc))); break; } } if (mMatchedDn) { ldap_memfree(mMatchedDn); } if (mErrorMessage) { ldap_memfree(mErrorMessage); } if (mReferrals) { ldap_value_free(mReferrals); } if (mServerControls) { ldap_controls_free(mServerControls); } }
int main( int argc, char **argv ) { LDAP *ld; LDAPMessage *result, *e; BerElement *ber; char *a, *dn; char **vals; int i; /* get a handle to an LDAP connection */ if ( (ld = ldap_init( MY_HOST, MY_PORT )) == NULL ) { perror( "ldap_init" ); return( 1 ); } /* authenticate to the directory as nobody */ if ( ldap_simple_bind_s( ld, NULL, NULL ) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_simple_bind_s" ); ldap_unbind( ld ); return( 1 ); } /* search for all entries with surname of Jensen */ if ( ldap_search_s( ld, MY_SEARCHBASE, LDAP_SCOPE_SUBTREE, MY_FILTER, NULL, 0, &result ) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_search_s" ); if ( result == NULL ) { ldap_unbind( ld ); return( 1 ); } } /* for each entry print out name + all attrs and values */ for ( e = ldap_first_entry( ld, result ); e != NULL; e = ldap_next_entry( ld, e ) ) { if ( (dn = ldap_get_dn( ld, e )) != NULL ) { printf( "dn: %s\n", dn ); ldap_memfree( dn ); } for ( a = ldap_first_attribute( ld, e, &ber ); a != NULL; a = ldap_next_attribute( ld, e, ber ) ) { if ((vals = ldap_get_values( ld, e, a)) != NULL ) { for ( i = 0; vals[i] != NULL; i++ ) { printf( "%s: %s\n", a, vals[i] ); } ldap_value_free( vals ); } ldap_memfree( a ); } if ( ber != NULL ) { ber_free( ber, 0 ); } printf( "\n" ); } ldap_msgfree( result ); ldap_unbind( ld ); return( 0 ); }
static char *get_attr_value(LDAP *ld, LDAPMessage *m, char *attr) { char **vals; char *val = NULL; if (vals = ldap_get_values(ld, m, attr)) { // syslog(LOG_DEBUG, "ldap val %s: %s\n", attr, vals[0] ); val = strdup(vals[0]); ldap_value_free( vals ); } return (val); }
int ldap_sort_entries( LDAP *ld, LDAPMessage **chain, char *attr, /* NULL => sort by DN */ int (*cmp)(const void *a, const void *b) ) { int i, count; struct entrything *et; LDAPMessage *e, *last; LDAPMessage **ep; count = ldap_count_entries( ld, *chain ); if ( (et = (struct entrything *) malloc( count * sizeof(struct entrything) )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; return( -1 ); } e = *chain; for ( i = 0; i < count; i++ ) { et[i].et_msg = e; if ( attr == NULL ) { char *dn; dn = ldap_get_dn( ld, e ); et[i].et_vals = ldap_explode_dn( dn, 1 ); free( dn ); } else { et[i].et_vals = ldap_get_values( ld, e, attr ); } e = e->lm_chain; } last = e; et_cmp_fn = cmp; qsort( et, count, sizeof(struct entrything), (void *) et_cmp ); ep = chain; for ( i = 0; i < count; i++ ) { *ep = et[i].et_msg; ep = &(*ep)->lm_chain; ldap_value_free( et[i].et_vals ); } *ep = last; free( (char *) et ); return( 0 ); }
static int idmap_lookup_group( struct idmap_context *context, const struct idmap_lookup *lookup, struct idmap_group *group) { PCHAR* values[NUM_ATTRIBUTES] = { NULL }; const unsigned attributes = ATTR_FLAG(ATTR_GROUP_NAME) | ATTR_FLAG(ATTR_GID); int i, status; /* check the group cache for an existing entry */ status = cache_lookup(&context->groups, lookup, &group->entry); if (status == NO_ERROR) { /* don't return expired entries; query new attributes * and overwrite the entry with cache_insert() */ if (time(NULL) - group->last_updated < context->config.cache_ttl) goto out; } /* send the query to the ldap server */ status = idmap_query_attrs(context, lookup, attributes, 0, values, NUM_ATTRIBUTES); if (status) goto out_free_values; /* parse attributes */ if (FAILED(StringCchCopyA(group->name, VAL_LEN, *values[ATTR_GROUP_NAME]))) { eprintf("ldap attribute %s='%s' longer than %u characters\n", context->config.attributes[ATTR_GROUP_NAME], *values[ATTR_GROUP_NAME], VAL_LEN); status = ERROR_BUFFER_OVERFLOW; goto out_free_values; } if (!parse_uint(*values[ATTR_GID], &group->gid)) { eprintf("failed to parse ldap attribute %s='%s'\n", context->config.attributes[ATTR_GID], *values[ATTR_GID]); status = ERROR_INVALID_PARAMETER; goto out_free_values; } group->last_updated = time(NULL); if (context->config.cache_ttl) { /* insert the entry into the cache */ cache_insert(&context->groups, lookup, &group->entry); } out_free_values: for (i = 0; i < NUM_ATTRIBUTES; i++) ldap_value_free(values[i]); out: return status; }
char * smbldap_talloc_single_attribute(LDAP *ldap_struct, LDAPMessage *entry, const char *attribute, TALLOC_CTX *mem_ctx) { char **values; char *result; if (attribute == NULL) { return NULL; } values = ldap_get_values(ldap_struct, entry, attribute); if (values == NULL) { DEBUG(10, ("attribute %s does not exist\n", attribute)); return NULL; } if (ldap_count_values(values) != 1) { DEBUG(10, ("attribute %s has %d values, expected only one\n", attribute, ldap_count_values(values))); ldap_value_free(values); return NULL; } if (pull_utf8_talloc(mem_ctx, &result, values[0]) == (size_t)-1) { DEBUG(10, ("pull_utf8_talloc failed\n")); ldap_value_free(values); return NULL; } ldap_value_free(values); #ifdef DEBUG_PASSWORDS DEBUG (100, ("smbldap_get_single_attribute: [%s] = [%s]\n", attribute, result)); #endif return result; }
/* * Add a single attribute value to a list. */ static GSList *syldap_add_single_value( LDAP *ld, LDAPMessage *entry, char *attr ) { GSList *list = NULL; gchar **vals; if( ( vals = ldap_get_values( ld, entry, attr ) ) != NULL ) { if( vals[0] != NULL ) { /* printf( "sv\t%s: %s\n", attr, vals[0] ); */ list = g_slist_append( list, g_strdup( vals[0] ) ); } } ldap_value_free( vals ); return list; }