Esempio n. 1
1
static int fldap_read(const char* path, char* buf, size_t size, off_t offset, struct fuse_file_info* fi) {
  static char* attrs[] = {"description", NULL};
  LDAPMessage* msg = NULL;
  LDAPMessage* entry = NULL;
  BerElement* ber = NULL;
  char* dn;
  char** vals;
  char* attr;

  dn = path_to_dn(path, "cn=");
  ldap_search_s(ld, dn, LDAP_SCOPE_BASE, "(ObjectClass=*)", attrs, 0, &msg);
  entry = ldap_first_entry(ld, msg);

  if (!entry) {
    ldap_msgfree(msg);
    free(dn);
    return -ENOENT;
  }

  for (entry = ldap_first_entry(ld, msg); entry != NULL; entry = ldap_next_entry(ld, entry)) {
    for (attr = ldap_first_attribute(ld, entry, &ber); attr != NULL; attr = ldap_next_attribute(ld, entry, ber)) {
      if (!strcmp(attr, "description") && ((vals = ldap_get_values(ld, entry, attr)) != NULL))  {
	strncpy(buf, vals[0] + offset, size);
	ldap_value_free(vals);
      }
      ldap_memfree(attr);
    }
    ber_free(ber,0);
  }
  ldap_msgfree(msg);
  free(dn);
  return strlen(buf);
}
Esempio n. 2
0
ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads)
{
	const char *attrs[] = {"supportedSASLMechanisms", NULL};
	char **values;
	ADS_STATUS status;
	int i, j;
	LDAPMessage *res;

	/* get a list of supported SASL mechanisms */
	status = ads_do_search(ads, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, &res);
	if (!ADS_ERR_OK(status)) return status;

	values = ldap_get_values(ads->ld, res, "supportedSASLMechanisms");

	/* try our supported mechanisms in order */
	for (i=0;sasl_mechanisms[i].name;i++) {
		/* see if the server supports it */
		for (j=0;values && values[j];j++) {
			if (strcmp(values[j], sasl_mechanisms[i].name) == 0) {
				DEBUG(4,("Found SASL mechanism %s\n", values[j]));
				status = sasl_mechanisms[i].fn(ads);
				ldap_value_free(values);
				ldap_msgfree(res);
				return status;
			}
		}
	}

	ldap_value_free(values);
	ldap_msgfree(res);
	return ADS_ERROR(LDAP_AUTH_METHOD_NOT_SUPPORTED);
}
Esempio n. 3
0
 BOOL smbldap_get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry,
				    const char *attribute, char *value,
				    int max_len)
{
	char **values;
	
	if ( !attribute )
		return False;
		
	value[0] = '\0';

	if ((values = ldap_get_values (ldap_struct, entry, attribute)) == NULL) {
		DEBUG (10, ("smbldap_get_single_attribute: [%s] = [<does not exist>]\n", attribute));
		
		return False;
	}
	
	if (convert_string(CH_UTF8, CH_UNIX,values[0], -1, value, max_len, False) == (size_t)-1) {
		DEBUG(1, ("smbldap_get_single_attribute: string conversion of [%s] = [%s] failed!\n", 
			  attribute, values[0]));
		ldap_value_free(values);
		return False;
	}
	
	ldap_value_free(values);
#ifdef DEBUG_PASSWORDS
	DEBUG (100, ("smbldap_get_single_attribute: [%s] = [%s]\n", attribute, value));
#endif	
	return True;
}
Esempio n. 4
0
/* XXX - this is for a stopgap implementation of gfs_opendir() */
char *
gfarm_generic_info_get_foreach(
	char *dn,
	int scope, /* LDAP_SCOPE_ONELEVEL or LDAP_SCOPE_SUBTREE */
	char *query,
	void *tmp_info, /* just used as a work area */
	void (*callback)(void *, void *),
	void *closure,
	const struct gfarm_generic_info_ops *ops)
{
	LDAPMessage *res, *e;
	int i, rv;
	char *a;
	BerElement *ptr;
	char **vals;

	/* search for entries, return all attrs  */
	rv = ldap_search_s(gfarm_ldap_server, dn, scope, query, NULL, 0, &res);
	if (rv != LDAP_SUCCESS) {
		if (rv == LDAP_NO_SUCH_OBJECT)
			return (GFARM_ERR_NO_SUCH_OBJECT);
		return (ldap_err2string(rv));
	}

	/* step through each entry returned */
	for (i = 0, e = ldap_first_entry(gfarm_ldap_server, res); e != NULL;
	    e = ldap_next_entry(gfarm_ldap_server, e)) {

		ops->clear(tmp_info);

		for (a = ldap_first_attribute(gfarm_ldap_server, e, &ptr);
		    a != NULL;
		    a = ldap_next_attribute(gfarm_ldap_server, e, ptr)) {
			vals = ldap_get_values(gfarm_ldap_server, e, a);

			if (vals[0] == NULL) {
				ldap_value_free(vals);
				continue;
			}
			ops->set_field(tmp_info, a, vals);
			ldap_value_free(vals);
		}

		if (!ops->validate(tmp_info)) {
			/* invalid record */
			ops->free(tmp_info);
			continue;
		}
		(*callback)(closure, tmp_info);
		ops->free(tmp_info);
		i++;
	}
	/* free the search results */
	ldap_msgfree(res);

	if (i == 0)
		return (GFARM_ERR_NO_SUCH_OBJECT);
	return (NULL);
}
Esempio n. 5
0
ADDRESS *
address_from_ldap(LDAP_CHOOSE_S *winning_e)
{
    ADDRESS *ret_a = NULL;

    if(winning_e){
	char       *a;
	BerElement *ber;

	ret_a = mail_newaddr();
	for(a = ldap_first_attribute(winning_e->ld, winning_e->selected_entry, &ber);
	    a != NULL;
	    a = ldap_next_attribute(winning_e->ld, winning_e->selected_entry, ber)){
	    int i;
	    char  *p;
	    char **vals;

	    dprint((9, "attribute: %s\n", a ? a : "?"));
	    if(!ret_a->personal &&
	       strcmp(a, winning_e->info_used->cnattr) == 0){
		dprint((9, "Got cnattr:"));
		vals = ldap_get_values(winning_e->ld, winning_e->selected_entry, a);
		for(i = 0; vals[i] != NULL; i++)
		  dprint((9, "       %s\n",
		         vals[i] ? vals[i] : "?"));
	    
		if(vals && vals[0])
		  ret_a->personal = cpystr(vals[0]);

		ldap_value_free(vals);
	    }
	    else if(!ret_a->mailbox &&
		    strcmp(a, winning_e->info_used->mailattr) == 0){
		dprint((9, "Got mailattr:"));
		vals = ldap_get_values(winning_e->ld, winning_e->selected_entry, a);
		for(i = 0; vals[i] != NULL; i++)
		  dprint((9, "         %s\n",
		         vals[i] ? vals[i] : "?"));
		    
		/* use first one */
		if(vals && vals[0]){
		    if((p = strindex(vals[0], '@')) != NULL){
			ret_a->host = cpystr(p+1);
			*p = '\0';
		    }

		    ret_a->mailbox = cpystr(vals[0]);
		}

		ldap_value_free(vals);
	    }

	    our_ldap_memfree(a);
	}
    }

    return(ret_a);
}
Esempio n. 6
0
char *
gfarm_generic_info_get(
	void *key,
	void *info,
	const struct gfarm_generic_info_ops *ops)
{
	LDAPMessage *res, *e;
	int n, rv;
	char *a;
	BerElement *ptr;
	char **vals;
	char *dn = ops->make_dn(key);

	if (dn == NULL)
		return (GFARM_ERR_NO_MEMORY);
	rv = ldap_search_s(gfarm_ldap_server, dn, 
	    LDAP_SCOPE_BASE, ops->query_type, NULL, 0, &res);
	free(dn);
	if (rv != LDAP_SUCCESS) {
		if (rv == LDAP_NO_SUCH_OBJECT)
			return (GFARM_ERR_NO_SUCH_OBJECT);
		return (ldap_err2string(rv));
	}
	n = ldap_count_entries(gfarm_ldap_server, res);
	if (n == 0) {
		/* free the search results */
		ldap_msgfree(res);
		return (GFARM_ERR_NO_SUCH_OBJECT);
	}
	ops->clear(info);
	e = ldap_first_entry(gfarm_ldap_server, res);
	for (a = ldap_first_attribute(gfarm_ldap_server, e, &ptr); a != NULL;
	    a = ldap_next_attribute(gfarm_ldap_server, e, ptr)) {

		vals = ldap_get_values(gfarm_ldap_server, e, a);
		if (vals[0] == NULL) {
			ldap_value_free(vals);
			continue;
		}

		ops->set_field(info, a, vals);

		ldap_value_free(vals);
	}

	/* free the search results */
	ldap_msgfree(res);

	/* should check all fields are filled */
	if (!ops->validate(info)) {
		ops->free(info);
		/* XXX - different error code is better ? */
		return (GFARM_ERR_NO_SUCH_OBJECT);
	}

	return (NULL); /* success */
}
Esempio n. 7
0
ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads)
{
	const char *attrs[] = {"supportedSASLMechanisms", NULL};
	char **values;
	ADS_STATUS status;
	int i, j;
	LDAPMessage *res;
	struct ads_saslwrap *wrap = &ads->ldap_wrap_data;

	/* get a list of supported SASL mechanisms */
	status = ads_do_search(ads, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, &res);
	if (!ADS_ERR_OK(status)) return status;

	values = ldap_get_values(ads->ldap.ld, res, "supportedSASLMechanisms");

	if (ads->auth.flags & ADS_AUTH_SASL_SEAL) {
		wrap->wrap_type = ADS_SASLWRAP_TYPE_SEAL;
	} else if (ads->auth.flags & ADS_AUTH_SASL_SIGN) {
		wrap->wrap_type = ADS_SASLWRAP_TYPE_SIGN;
	} else {
		wrap->wrap_type = ADS_SASLWRAP_TYPE_PLAIN;
	}

	/* try our supported mechanisms in order */
	for (i=0;sasl_mechanisms[i].name;i++) {
		/* see if the server supports it */
		for (j=0;values && values[j];j++) {
			if (strcmp(values[j], sasl_mechanisms[i].name) == 0) {
				DEBUG(4,("Found SASL mechanism %s\n", values[j]));
retry:
				status = sasl_mechanisms[i].fn(ads);
				if (status.error_type == ENUM_ADS_ERROR_LDAP &&
				    status.err.rc == LDAP_STRONG_AUTH_REQUIRED &&
				    wrap->wrap_type == ADS_SASLWRAP_TYPE_PLAIN)
				{
					DEBUG(3,("SASL bin got LDAP_STRONG_AUTH_REQUIRED "
						 "retrying with signing enabled\n"));
					wrap->wrap_type = ADS_SASLWRAP_TYPE_SIGN;
					goto retry;
				}
				ldap_value_free(values);
				ldap_msgfree(res);
				return status;
			}
		}
	}

	ldap_value_free(values);
	ldap_msgfree(res);
	return ADS_ERROR(LDAP_AUTH_METHOD_NOT_SUPPORTED);
}
Esempio n. 8
0
static int ads_user_info(int argc, const char **argv)
{
	ADS_STRUCT *ads;
	ADS_STATUS rc;
	void *res;
	const char *attrs[] = {"memberOf", NULL};
	char *searchstring=NULL;
	char **grouplist;
	char *escaped_user = escape_ldap_string_alloc(argv[0]);

	if (argc < 1) {
		return net_ads_user_usage(argc, argv);
	}
	
	if (!(ads = ads_startup())) {
		return -1;
	}

	if (!escaped_user) {
		d_printf("ads_user_info: failed to escape user %s\n", argv[0]);
		ads_destroy(&ads);
	 	return -1;
	}

	asprintf(&searchstring, "(sAMAccountName=%s)", escaped_user);
	rc = ads_search(ads, &res, searchstring, attrs);
	safe_free(searchstring);

	if (!ADS_ERR_OK(rc)) {
		d_printf("ads_search: %s\n", ads_errstr(rc));
		ads_destroy(&ads);
		return -1;
	}
	
	grouplist = ldap_get_values(ads->ld, res, "memberOf");

	if (grouplist) {
		int i;
		char **groupname;
		for (i=0;grouplist[i];i++) {
			groupname = ldap_explode_dn(grouplist[i], 1);
			d_printf("%s\n", groupname[0]);
			ldap_value_free(groupname);
		}
		ldap_value_free(grouplist);
	}
	
	ads_msgfree(ads, res);
	ads_destroy(&ads);
	return 0;
}
Esempio n. 9
0
File: ol_ldap.c Progetto: hww3/pexts 
/*
 **| method: array(string) explode_dn ( string dn );
 **| alt: array(string) explode_dn ( string dn, int notypes );
 **|  Takes a DN and converts it into an array of its components,
 **|  called RDN (Relative Distinguished Name).
 **
 **| arg: string dn
 **|  The DN to explode.
 **
 **| arg: int notypes
 **|  If != 0 then the types of the DN components will be ignored and
 **|  *not present in the output. Defaults to 1.
 **
 **| returns: an array of RDN entries.
 */
static void
f_ldap_explode_dn(INT32 args)
{
    struct pike_string       *dn;
    char                    **edn;
    int                       notypes = 1;    

    switch (args) {
        case 2:
            if (ARG(2).type != T_INT)
                Pike_error("OpenLDAP.Client->explode_dn(): argument 2 must be an integer\n");
            notypes = ARG(2).u.integer;
            /* fall through */
            
        case 1:
            if (ARG(1).type != T_STRING)
                Pike_error("OpenLDAP.Client->explode_dn(): argument 1 must be an integer\n");
            dn = ARG(1).u.string;
            break;
            
        default:
            Pike_error("OpenLDAP.Client->explode_dn(): expects at most 2 and at least 1 argument\n");
            break;
    }

    pop_n_elems(args);
    edn = ldap_explode_dn(dn->str, notypes);
    if (!edn) {
        push_int(0);
        return;
    }

    push_array(make_pike_array(edn));
    ldap_value_free(edn);
}
Esempio n. 10
0
/**
 * Attempt to discover the base DN for a server using LDAP version 3.
 * \param  ld  LDAP handle for a connected server.
 * \param  tov Timeout value (seconds), or 0 for none, default 30 secs.
 * \return List of Base DN's, or NULL if could not read. List should be
 *         g_free() when done.
 */
static GList *ldaputil_test_v3( LDAP *ld, gint tov ) {
	GList *baseDN = NULL;
	gint rc, i;
	LDAPMessage *result, *e;
	gchar *attribs[2];
	BerElement *ber;
	gchar *attribute;
	gchar **vals;
	struct timeval timeout;

	/* Set timeout */
	timeout.tv_usec = 0L;
	if( tov > 0 ) {
		timeout.tv_sec = tov;
	}
	else {
		timeout.tv_sec = 30L;
	}

	/* Test for LDAP version 3 */
	attribs[0] = SYLDAP_V3_TEST_ATTR;
	attribs[1] = NULL;
	rc = ldap_search_ext_s(
		ld, SYLDAP_SEARCHBASE_V3, LDAP_SCOPE_BASE, SYLDAP_TEST_FILTER,
		attribs, 0, NULL, NULL, &timeout, 0, &result );

	if( rc == LDAP_SUCCESS ) {
		/* Process entries */
		for( e = ldap_first_entry( ld, result );
		     e != NULL;
		     e = ldap_next_entry( ld, e ) ) 
		{
			/* Process attributes */
			for( attribute = ldap_first_attribute( ld, e, &ber );
			     attribute != NULL;
			     attribute = ldap_next_attribute( ld, e, ber ) )
			{
				if( strcasecmp(
					attribute, SYLDAP_V3_TEST_ATTR ) == 0 )
				{
					vals = ldap_get_values( ld, e, attribute );
					if( vals != NULL ) {
						for( i = 0; vals[i] != NULL; i++ ) {
							baseDN = g_list_append(
								baseDN, g_strdup( vals[i] ) );
						}
					}
					ldap_value_free( vals );
				}
				ldap_memfree( attribute );
			}
			if( ber != NULL ) {
				ber_free( ber, 0 );
			}
			ber = NULL;
		}
	}
	ldap_msgfree( result );
	return baseDN;
}
Esempio n. 11
0
static ns_ldap_return_code
__ns_ldap_freeCookie (ns_ldap_cookie_t ** pCookie)
{
  ns_ldap_cookie_t *cookie;

  cookie = *pCookie;

  if (cookie != NULL)
    {
      if (cookie->map != NULL)
	free (cookie->map);
      if (cookie->filter != NULL)
	free (cookie->filter);
      if (cookie->attribute != NULL)
	ldap_value_free (cookie->attribute);
      if (cookie->state != NULL)
	{
	  _nss_ldap_ent_context_release (&(cookie->state));
	}
      if (cookie->mapped_filter != NULL)
	free (cookie->mapped_filter);
      if (cookie->mapped_attribute != NULL)
	free (cookie->mapped_attribute);
      _nss_ldap_am_context_free (&cookie->am_state);
      __ns_ldap_freeResult (&cookie->result);
      free (cookie);
    }

  *pCookie = NULL;

  return NS_LDAP_SUCCESS;
}
Esempio n. 12
0
static ns_ldap_return_code
__ns_ldap_unmapObjectClasses (ns_ldap_cookie_t * cookie, char **mappedClasses,
			      char ***pOrigClasses)
{
  char **origClasses = NULL;
  int count, i;

  count = ldap_count_values (mappedClasses);
  origClasses = (char **) calloc (count + 1, sizeof (char *));
  if (origClasses == NULL)
    {
      return NS_LDAP_MEMORY;
    }

  for (i = 0; i < count; i++)
    {
      origClasses[i] =
	strdup (_nss_ldap_unmap_oc (cookie->sel, mappedClasses[i]));
      if (origClasses[i] == NULL)
	{
	  ldap_value_free (origClasses);
	  return NS_LDAP_MEMORY;
	}
    }
  origClasses[i] = NULL;
  *pOrigClasses = origClasses;

  return NS_LDAP_SUCCESS;
}
Esempio n. 13
0
DWORD
LwLdapGetString(
    HANDLE hDirectory,
    LDAPMessage* pMessage,
    PCSTR pszFieldName,
    PSTR* ppszValue
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PLW_LDAP_DIRECTORY_CONTEXT pDirectory = NULL;
    PSTR *ppszValues = NULL;
    PSTR pszValue = NULL;

    pDirectory = (PLW_LDAP_DIRECTORY_CONTEXT)hDirectory;

    ppszValues = (PSTR*)ldap_get_values(pDirectory->ld, pMessage, pszFieldName);
    if (ppszValues && ppszValues[0]) {
        dwError = LwAllocateString(ppszValues[0], &pszValue);
        BAIL_ON_LW_ERROR(dwError);
    }
    *ppszValue = pszValue;

cleanup:
    if (ppszValues) {
        ldap_value_free(ppszValues);
    }
    return dwError;

error:
    *ppszValue = NULL;

    LW_SAFE_FREE_STRING(pszValue);

    goto cleanup;
}
Esempio n. 14
0
/*
  dump a record from LDAP on stdout
  used for debugging
*/
void ads_dump(ADS_STRUCT *ads, LDAPMessage *res)
{
	char *field;
	LDAPMessage *msg;
	BerElement *b;
	char *this_dn;
    
	for (msg = ldap_first_entry(ads->ld, res); 
	     msg; msg = ldap_next_entry(ads->ld, msg)) {
		this_dn = ldap_get_dn(ads->ld, res);
		if (this_dn) {
			printf("Dumping: %s\n", this_dn);
		}
		ldap_memfree(this_dn);

		for (field = ldap_first_attribute(ads->ld, msg, &b); 
		     field;
		     field = ldap_next_attribute(ads->ld, msg, b)) {
			char **values, **p;
			values = ldap_get_values(ads->ld, msg, field);
			for (p = values; *p; p++) {
				printf("%s: %s\n", field, *p);
			}
			ldap_value_free(values);
			ldap_memfree(field);
		}

		ber_free(b, 1);
		printf("\n");
	}
}
Esempio n. 15
0
/**
 * @name tcp_mapper_ldap_query
 * @description Issue a query to a LDAP instance
 * @param LDAP *ldap
 * @return int numrows
 */
int tcp_mapper_ldap_search(LDAP *ldap, char *search, char *result){

    LDAPMessage *ldap_result, *entry;
    int     numentries = 0;
    int     err;
    char    **val;


    if(err = ldap_search_s(ldap, cfg.ldap_base, LDAP_SCOPE_SUBTREE, search,
                NULL, 0, &ldap_result) != LDAP_SUCCESS ) {

        printf("%s\n", ldap_err2string(err));
        return -1;
    }
    numentries = ldap_count_entries(ldap, ldap_result);

    if(numentries != 0) {
        /* just firts entry. We don't need any other */
        entry = ldap_first_entry(ldap, ldap_result);
        val   = ldap_get_values(ldap, entry, cfg.ldap_result_attr);
   
	if(val == NULL) {
	    return 0; 
	}
	snprintf(result, strlen(val[0])+1, "%s", (char *) val[0]);
	ldap_value_free(val);
    }

    return numentries;
}
Esempio n. 16
0
krb5_error_code
krb5_ldap_create_krbcontainer(krb5_context context, const char *dn)
{
    LDAP                        *ld=NULL;
    char                        *strval[2]={NULL}, **rdns=NULL;
    LDAPMod                     **mods = NULL;
    krb5_error_code             st=0;
    kdb5_dal_handle             *dal_handle=NULL;
    krb5_ldap_context           *ldap_context=NULL;
    krb5_ldap_server_handle     *ldap_server_handle=NULL;

    SETUP_CONTEXT ();

    /* get ldap handle */
    GET_HANDLE ();

    if (dn == NULL) {
        st = EINVAL;
        k5_setmsg(context, st, _("Kerberos Container information is missing"));
        goto cleanup;
    }

    strval[0] = "krbContainer";
    strval[1] = NULL;
    if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0)
        goto cleanup;

    rdns = ldap_explode_dn(dn, 1);
    if (rdns == NULL) {
        st = EINVAL;
        k5_setmsg(context, st, _("Invalid Kerberos container DN"));
        goto cleanup;
    }

    strval[0] = rdns[0];
    strval[1] = NULL;
    if ((st=krb5_add_str_mem_ldap_mod(&mods, "cn", LDAP_MOD_ADD, strval)) != 0)
        goto cleanup;

    /* create the kerberos container */
    st = ldap_add_ext_s(ld, dn, mods, NULL, NULL);
    if (st == LDAP_ALREADY_EXISTS)
        st = LDAP_SUCCESS;
    if (st != LDAP_SUCCESS) {
        int ost = st;
        st = translate_ldap_error (st, OP_ADD);
        k5_setmsg(context, st, _("Kerberos Container create FAILED: %s"),
                  ldap_err2string(ost));
        goto cleanup;
    }

cleanup:

    if (rdns)
        ldap_value_free (rdns);

    ldap_mods_free(mods, 1);
    krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle);
    return(st);
}
Esempio n. 17
0
static void ldap_dump(LDAP *ld,LDAPMessage *res)
{
	LDAPMessage *e;
    
	for (e = ldap_first_entry(ld, res); e; e = ldap_next_entry(ld, e)) {
		BerElement *b;
		char *attr;
		char *dn = ldap_get_dn(ld, res);
		if (dn)
			printf("dn: %s\n", dn);
		ldap_memfree(dn);

		for (attr = ldap_first_attribute(ld, e, &b); 
		     attr;
		     attr = ldap_next_attribute(ld, e, b)) {
			char **values, **p;
			values = ldap_get_values(ld, e, attr);
			for (p = values; *p; p++) {
				printf("%s: %s\n", attr, *p);
			}
			ldap_value_free(values);
			ldap_memfree(attr);
		}

		ber_free(b, 1);
		printf("\n");
	}
}
Esempio n. 18
0
void AD::AddGroups(LDAPMessage *search)
{
    DWORD i;
    DWORD j;
    LDAPMessage *entry = NULL;
    PWCHAR attribute;
    PWCHAR *values;
    BerElement *berElement;

    for(i = 0; i < ldap_count_entries(ldap, search); i++)
    {
        Group *g = new Group();

        if(!i)
        {
            entry = ldap_first_entry(ldap, search);
        }
        else
        {
            entry = ldap_next_entry(ldap, entry);
        }

        attribute = ldap_first_attribute(ldap, entry, &berElement);

        while(attribute != NULL)
        {
            values = ldap_get_values(ldap, entry, attribute);

            if(lstrcmpi(attribute, L"samaccountname") == 0)
            {
                g->name = values[0];
            }
            if(lstrcmpi(attribute, L"member") == 0)
            {
                for(j = 0; j < ldap_count_values(values); j++)
                {
                    std::wstring *ret = new std::wstring();
                    CNToAccountName(values[j], ret);
                    g->users.push_back(ret);
                }
            }
            ldap_value_free(values);
            ldap_memfree(attribute);
            attribute = ldap_next_attribute(ldap, entry, berElement);
        }

        ber_free(berElement, 0);

        if(g->name.length() > 0)
        {
            GetGroupManager()->groups.push_back(g);
            g->PrettyPrint();
        }
        else
        {
            delete(g);
        }

    }
}
Esempio n. 19
0
static void
attr_free(ATTR *at)
{
    ldap_memfree(at->name);
    ldap_value_free(at->vals);
    free(at);
}
Esempio n. 20
0
VALUE
rb_ldap_explode_dn (VALUE self, VALUE dn, VALUE notypes)
{
    char **c_arr, **p;
    char *c_dn;
    VALUE ary;

    if (dn == Qnil) 
    {
        return Qnil;
    }

    c_dn = StringValueCStr (dn);
    if ((c_arr = ldap_explode_dn (c_dn, RTEST (notypes) ? 1 : 0)))
    {
        ary = rb_ary_new ();
        for (p = c_arr; *p != NULL; p++)
        {
            rb_ary_push (ary, rb_tainted_str_new2 (*p));
        }
        ldap_value_free (c_arr);

        return ary;
    } 
    else 
    {
        return Qnil;
    }
}
Esempio n. 21
0
static int fldap_readlink(const char* path, char* buf, size_t size) {
  static char* attrs[] = {"description", NULL};
  char* dn;
  LDAPMessage* msg = NULL;
  LDAPMessage* entry = NULL;
  BerElement* ber = NULL;
  char** vals;
  char* attr;
  
  if ((dn = is_dn_exist(path))) {
    ldap_search_s(ld, dn, LDAP_SCOPE_BASE, "(ObjectClass=*)", attrs, 0, &msg);
    if ((entry = ldap_first_entry(ld, msg))) {
      for (attr = ldap_first_attribute(ld, entry, &ber); attr != NULL; attr = ldap_next_attribute(ld, entry, ber)) {
	if ((vals = ldap_get_values(ld, entry, attr)) != NULL)  {
	  if (!strcmp("description", attr))
	    strncpy(buf, vals[0], size);
	  ldap_value_free(vals);
	}
	ldap_memfree(attr);
      }
      ber_free(ber, 0);
    }
    ldap_msgfree(msg);
  }
  free(dn);
  return 0;
}
Esempio n. 22
0
static int	check_ldap(const char *host, unsigned short port, int timeout, int *value_int)
{
	LDAP		*ldap	= NULL;
	LDAPMessage	*res	= NULL;
	LDAPMessage	*msg	= NULL;
	BerElement	*ber	= NULL;

	char	*attrs[2] = {"namingContexts", NULL };
	char	*attr	 = NULL;
	char	**valRes = NULL;
	int	ldapErr = 0;

	zbx_alarm_on(timeout);

	*value_int = 0;

	if (NULL == (ldap = ldap_init(host, port)))
	{
		zabbix_log(LOG_LEVEL_DEBUG, "LDAP - initialization failed [%s:%hu]", host, port);
		goto lbl_ret;
	}

	if (LDAP_SUCCESS != (ldapErr = ldap_search_s(ldap, "", LDAP_SCOPE_BASE, "(objectClass=*)", attrs, 0, &res)))
	{
		zabbix_log(LOG_LEVEL_DEBUG, "LDAP - searching failed [%s] [%s]", host, ldap_err2string(ldapErr));
		goto lbl_ret;
	}

	if (NULL == (msg = ldap_first_entry(ldap, res)))
	{
		zabbix_log(LOG_LEVEL_DEBUG, "LDAP - empty sort result. [%s] [%s]", host, ldap_err2string(ldapErr));
		goto lbl_ret;
	}

	if (NULL == (attr = ldap_first_attribute(ldap, msg, &ber)))
	{
		zabbix_log(LOG_LEVEL_DEBUG, "LDAP - empty first entry result. [%s] [%s]", host, ldap_err2string(ldapErr));
		goto lbl_ret;
	}

	valRes = ldap_get_values(ldap, msg, attr);

	*value_int = 1;
lbl_ret:
	zbx_alarm_off();

	if (NULL != valRes)
		ldap_value_free(valRes);
	if (NULL != attr)
		ldap_memfree(attr);
	if (NULL != ber)
		ber_free(ber, 0);
	if (NULL != res)
		ldap_msgfree(res);
	if (NULL != ldap)
		ldap_unbind(ldap);

	return SYSINFO_RET_OK;
}
Esempio n. 23
0
/* returns the number of matches found */
static GList * __auth_get_every_match(const char *q, const char **retfields)
{
	LDAPMessage *ldap_msg;
	LDAPMessage *ldap_res;
	char **ldap_vals = NULL, *dn;
	int j = 0, k = 0, m = 0, err;
	GList *attlist,*fldlist,*entlist;
	LDAP *_ldap_conn = ldap_con_get();
	
	attlist = fldlist = entlist = NULL;

	if (! (ldap_res = authldap_search(q))) return NULL;

	if ((j = ldap_count_entries(_ldap_conn, ldap_res)) < 1) {
		TRACE(TRACE_DEBUG, "nothing found");
		if (ldap_res) ldap_msgfree(ldap_res);
		return NULL;
	}

	/* do the first entry here */
	if ((ldap_msg = ldap_first_entry(_ldap_conn, ldap_res)) == NULL) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_first_entry failed: [%s]", ldap_err2string(err));
		if (ldap_res) ldap_msgfree(ldap_res);
		return NULL;
	}

	while (ldap_msg) {
		dn = ldap_get_dn(_ldap_conn, ldap_msg);

		TRACE(TRACE_DEBUG,"scan results for DN: [%s]", dn);
		for (k = 0; retfields[k] != NULL; k++) {
			TRACE(TRACE_DEBUG,"ldap_get_values [%s]", retfields[k]);
			if ((ldap_vals = ldap_get_values(_ldap_conn, ldap_msg, retfields[k]))) {
				m = 0;
				while (ldap_vals[m]) { 
					TRACE(TRACE_DEBUG,"got value [%s]", ldap_vals[m]);
					attlist = g_list_append(attlist,g_strdup(ldap_vals[m]));
					m++;
				}
			}

			fldlist = g_list_append(fldlist, attlist);
			attlist = NULL;
			
			ldap_value_free(ldap_vals);
		}
		entlist = g_list_append(entlist, fldlist);
		fldlist = NULL;
		
		ldap_memfree(dn);
		ldap_msg = ldap_next_entry(_ldap_conn, ldap_msg);
	}

	if (ldap_res) ldap_msgfree(ldap_res);
	if (ldap_msg) ldap_msgfree(ldap_msg);

	return entlist;
}
Esempio n. 24
0
// destructor
//
nsLDAPMessage::~nsLDAPMessage(void)
{
    if (mMsgHandle) {
        int rc = ldap_msgfree(mMsgHandle);

// If you are having problems compiling the following code on a Solaris
// machine with the Forte 6 Update 1 compilers, then you need to make 
// sure you have applied all the required patches. See:
// http://www.mozilla.org/unix/solaris-build.html for more details.

        switch(rc) {
        case LDAP_RES_BIND:
        case LDAP_RES_SEARCH_ENTRY:
        case LDAP_RES_SEARCH_RESULT:
        case LDAP_RES_MODIFY:
        case LDAP_RES_ADD:
        case LDAP_RES_DELETE:
        case LDAP_RES_MODRDN:
        case LDAP_RES_COMPARE:
        case LDAP_RES_SEARCH_REFERENCE:
        case LDAP_RES_EXTENDED:
        case LDAP_RES_ANY:
            // success
            break;

        case LDAP_SUCCESS:
            // timed out (dunno why LDAP_SUCCESS is used to indicate this) 
            PR_LOG(gLDAPLogModule, PR_LOG_WARNING, 
                   ("nsLDAPMessage::~nsLDAPMessage: ldap_msgfree() "
                    "timed out\n"));
            break;

        default:
            // other failure
            PR_LOG(gLDAPLogModule, PR_LOG_WARNING, 
                   ("nsLDAPMessage::~nsLDAPMessage: ldap_msgfree() "
                    "failed: %s\n", ldap_err2string(rc)));
            break;
        }
    }

    if (mMatchedDn) {
        ldap_memfree(mMatchedDn);
    }

    if (mErrorMessage) {
        ldap_memfree(mErrorMessage);
    }

    if (mReferrals) {
        ldap_value_free(mReferrals);
    }

    if (mServerControls) {
        ldap_controls_free(mServerControls);
    }

}
Esempio n. 25
0
int
main( int argc, char **argv )
{
	LDAP		*ld;
	LDAPMessage	*result, *e;
	BerElement	*ber;
	char		*a, *dn;
	char		**vals;
	int		i;

	/* get a handle to an LDAP connection */
	if ( (ld = ldap_init( MY_HOST, MY_PORT )) == NULL ) {
		perror( "ldap_init" );
		return( 1 );
	}
	/* authenticate to the directory as nobody */
	if ( ldap_simple_bind_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
		ldap_perror( ld, "ldap_simple_bind_s" );
		ldap_unbind( ld );
		return( 1 );
	}
	/* search for all entries with surname of Jensen */
	if ( ldap_search_s( ld, MY_SEARCHBASE, LDAP_SCOPE_SUBTREE,
		MY_FILTER, NULL, 0, &result ) != LDAP_SUCCESS ) {
		ldap_perror( ld, "ldap_search_s" );
		if ( result == NULL ) {
			ldap_unbind( ld );
			return( 1 );
		}
	}
	/* for each entry print out name + all attrs and values */
	for ( e = ldap_first_entry( ld, result ); e != NULL;
	    e = ldap_next_entry( ld, e ) ) {
		if ( (dn = ldap_get_dn( ld, e )) != NULL ) {
		    printf( "dn: %s\n", dn );
		    ldap_memfree( dn );
		}
		for ( a = ldap_first_attribute( ld, e, &ber );
		    a != NULL; a = ldap_next_attribute( ld, e, ber ) ) {
			if ((vals = ldap_get_values( ld, e, a)) != NULL ) {
				for ( i = 0; vals[i] != NULL; i++ ) {
				    printf( "%s: %s\n", a, vals[i] );
				}
				ldap_value_free( vals );
			}
			ldap_memfree( a );
		}
		if ( ber != NULL ) {
			ber_free( ber, 0 );
		}
		printf( "\n" );
	}
	ldap_msgfree( result );
	ldap_unbind( ld );
	return( 0 );
}
Esempio n. 26
0
static char *get_attr_value(LDAP *ld, LDAPMessage *m, char *attr)
{
   char **vals;
   char *val = NULL;
   if (vals = ldap_get_values(ld, m, attr)) {
      // syslog(LOG_DEBUG, "ldap val %s: %s\n", attr, vals[0] );
      val = strdup(vals[0]);
      ldap_value_free( vals );
   }
   return (val);
}
Esempio n. 27
0
int
ldap_sort_entries(
    LDAP	*ld,
    LDAPMessage	**chain,
    char	*attr,		/* NULL => sort by DN */
    int		(*cmp)(const void *a, const void *b)
)
{
	int			i, count;
	struct entrything	*et;
	LDAPMessage		*e, *last;
	LDAPMessage		**ep;

	count = ldap_count_entries( ld, *chain );

	if ( (et = (struct entrything *) malloc( count *
	    sizeof(struct entrything) )) == NULL ) {
		ld->ld_errno = LDAP_NO_MEMORY;
		return( -1 );
	}

	e = *chain;
	for ( i = 0; i < count; i++ ) {
		et[i].et_msg = e;
		if ( attr == NULL ) {
			char	*dn;

			dn = ldap_get_dn( ld, e );
			et[i].et_vals = ldap_explode_dn( dn, 1 );
			free( dn );
		} else {
			et[i].et_vals = ldap_get_values( ld, e, attr );
		}

		e = e->lm_chain;
	}
	last = e;

	et_cmp_fn = cmp;
	qsort( et, count, sizeof(struct entrything), (void *) et_cmp );

	ep = chain;
	for ( i = 0; i < count; i++ ) {
		*ep = et[i].et_msg;
		ep = &(*ep)->lm_chain;

		ldap_value_free( et[i].et_vals );
	}
	*ep = last;
	free( (char *) et );

	return( 0 );
}
Esempio n. 28
0
static int idmap_lookup_group(
    struct idmap_context *context,
    const struct idmap_lookup *lookup,
    struct idmap_group *group)
{
    PCHAR* values[NUM_ATTRIBUTES] = { NULL };
    const unsigned attributes = ATTR_FLAG(ATTR_GROUP_NAME)
        | ATTR_FLAG(ATTR_GID);
    int i, status;

    /* check the group cache for an existing entry */
    status = cache_lookup(&context->groups, lookup, &group->entry);
    if (status == NO_ERROR) {
        /* don't return expired entries; query new attributes
         * and overwrite the entry with cache_insert() */
        if (time(NULL) - group->last_updated < context->config.cache_ttl)
            goto out;
    }

    /* send the query to the ldap server */
    status = idmap_query_attrs(context, lookup,
        attributes, 0, values, NUM_ATTRIBUTES);
    if (status)
        goto out_free_values;

    /* parse attributes */
    if (FAILED(StringCchCopyA(group->name, VAL_LEN,
            *values[ATTR_GROUP_NAME]))) {
        eprintf("ldap attribute %s='%s' longer than %u characters\n",
            context->config.attributes[ATTR_GROUP_NAME],
            *values[ATTR_GROUP_NAME], VAL_LEN);
        status = ERROR_BUFFER_OVERFLOW;
        goto out_free_values;
    }
    if (!parse_uint(*values[ATTR_GID], &group->gid)) {
        eprintf("failed to parse ldap attribute %s='%s'\n",
            context->config.attributes[ATTR_GID], *values[ATTR_GID]);
        status = ERROR_INVALID_PARAMETER;
        goto out_free_values;
    }
    group->last_updated = time(NULL);

    if (context->config.cache_ttl) {
        /* insert the entry into the cache */
        cache_insert(&context->groups, lookup, &group->entry);
    }
out_free_values:
    for (i = 0; i < NUM_ATTRIBUTES; i++)
        ldap_value_free(values[i]);
out:
    return status;
}
Esempio n. 29
0
 char * smbldap_talloc_single_attribute(LDAP *ldap_struct, LDAPMessage *entry,
					const char *attribute,
					TALLOC_CTX *mem_ctx)
{
	char **values;
	char *result;

	if (attribute == NULL) {
		return NULL;
	}

	values = ldap_get_values(ldap_struct, entry, attribute);

	if (values == NULL) {
		DEBUG(10, ("attribute %s does not exist\n", attribute));
		return NULL;
	}

	if (ldap_count_values(values) != 1) {
		DEBUG(10, ("attribute %s has %d values, expected only one\n",
			   attribute, ldap_count_values(values)));
		ldap_value_free(values);
		return NULL;
	}

	if (pull_utf8_talloc(mem_ctx, &result, values[0]) == (size_t)-1) {
		DEBUG(10, ("pull_utf8_talloc failed\n"));
		ldap_value_free(values);
		return NULL;
	}

	ldap_value_free(values);

#ifdef DEBUG_PASSWORDS
	DEBUG (100, ("smbldap_get_single_attribute: [%s] = [%s]\n",
		     attribute, result));
#endif	
	return result;
}
Esempio n. 30
0
/*
* Add a single attribute value to a list.
*/
static GSList *syldap_add_single_value( LDAP *ld, LDAPMessage *entry, char *attr ) {
	GSList *list = NULL;
	gchar **vals;

	if( ( vals = ldap_get_values( ld, entry, attr ) ) != NULL ) {
		if( vals[0] != NULL ) {
			/* printf( "sv\t%s: %s\n", attr, vals[0] ); */
			list = g_slist_append( list, g_strdup( vals[0] ) );
		}
	}
	ldap_value_free( vals );
	return list;
}