static int write_alias(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqalias) { int32_t tmpint32,tmp2int32,tmp3int32; const char **names,**members; int i; /* get the name of the alias */ names=myldap_get_values(entry,attmap_alias_cn); if ((names==NULL)||(names[0]==NULL)) { log_log(LOG_WARNING,"alias entry %s does not contain %s value", myldap_get_dn(entry),attmap_alias_cn); return 0; } /* get the members of the alias */ members=myldap_get_values(entry,attmap_alias_rfc822MailMember); /* for each name, write an entry */ for (i=0;names[i]!=NULL;i++) { if ((reqalias==NULL)||(strcasecmp(reqalias,names[i])==0)) { WRITE_INT32(fp,NSLCD_RESULT_BEGIN); WRITE_STRING(fp,names[i]); WRITE_STRINGLIST(fp,members); } } return 0; }
/* this method tests to see if we can perform two searches within one session */ static void test_two_searches(void) { MYLDAP_SESSION *session; MYLDAP_SEARCH *search1,*search2; MYLDAP_ENTRY *entry; const char *attrs[] = { "uidNumber", "cn", "gidNumber", "uid", "objectClass", NULL }; const char **vals; /* initialize session */ printf("test_myldap: test_two_searches(): getting session...\n"); session=myldap_create_session(); assert(session!=NULL); /* perform search1 */ search1=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(objectClass=posixAccount)(uid=*))", attrs,NULL); assert(search1!=NULL); /* get a result from search1 */ entry=myldap_get_entry(search1,NULL); assert(entry!=NULL); printf("test_myldap: test_two_searches(): [search1] DN %s\n",myldap_get_dn(entry)); vals=myldap_get_values(entry,"cn"); assert((vals!=NULL)&&(vals[0]!=NULL)); printf("test_myldap: test_two_searches(): [search1] cn=%s\n",vals[0]); /* start a second search */ search2=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(objectclass=posixGroup)(gidNumber=*))", attrs,NULL); assert(search2!=NULL); /* get a result from search2 */ entry=myldap_get_entry(search2,NULL); assert(entry!=NULL); printf("test_myldap: test_two_searches(): [search2] DN %s\n",myldap_get_dn(entry)); vals=myldap_get_values(entry,"cn"); assert((vals!=NULL)&&(vals[0]!=NULL)); printf("test_myldap: test_two_searches(): [search2] cn=%s\n",vals[0]); /* get another result from search1 */ entry=myldap_get_entry(search1,NULL); assert(entry!=NULL); printf("test_myldap: test_two_searches(): [search1] DN %s\n",myldap_get_dn(entry)); vals=myldap_get_values(entry,"cn"); assert((vals!=NULL)&&(vals[0]!=NULL)); printf("test_myldap: test_two_searches(): [search1] cn=%s\n",vals[0]); /* stop search1 */ myldap_search_close(search1); /* get another result from search2 */ entry=myldap_get_entry(search2,NULL); assert(entry!=NULL); printf("test_myldap: test_two_searches(): [search2] DN %s\n",myldap_get_dn(entry)); vals=myldap_get_values(entry,"cn"); assert((vals!=NULL)&&(vals[0]!=NULL)); printf("test_myldap: test_two_searches(): [search2] cn=%s\n",vals[0]); /* clean up */ myldap_session_close(session); }
/* This search prints a number of attributes from a search */ static void test_get_values(void) { MYLDAP_SESSION *session; MYLDAP_SEARCH *search; MYLDAP_ENTRY *entry; const char *attrs[] = { "uidNumber", "cn", "gidNumber", "uid", "objectClass", NULL }; const char **vals; const char *rdnval; int i; /* initialize session */ printf("test_myldap: test_get_values(): getting session...\n"); session=myldap_create_session(); assert(session!=NULL); /* perform search */ search=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(objectClass=posixAccount)(uid=*))", attrs,NULL); assert(search!=NULL); /* go over results */ for (i=0;(entry=myldap_get_entry(search,NULL))!=NULL;i++) { if (i<MAXRESULTS) printf("test_myldap: test_get_values(): [%d] DN %s\n",i,myldap_get_dn(entry)); else if (i==MAXRESULTS) printf("test_myldap: test_get_values(): ...\n"); /* try to get uid from attribute */ vals=myldap_get_values(entry,"uidNumber"); assert((vals!=NULL)&&(vals[0]!=NULL)); if (i<MAXRESULTS) printf("test_myldap: test_get_values(): [%d] uidNumber=%s\n",i,vals[0]); /* try to get gid from attribute */ vals=myldap_get_values(entry,"gidNumber"); assert((vals!=NULL)&&(vals[0]!=NULL)); if (i<MAXRESULTS) printf("test_myldap: test_get_values(): [%d] gidNumber=%s\n",i,vals[0]); /* write LDF_STRING(PASSWD_NAME) */ vals=myldap_get_values(entry,"uid"); assert((vals!=NULL)&&(vals[0]!=NULL)); if (i<MAXRESULTS) printf("test_myldap: test_get_values(): [%d] uid=%s\n",i,vals[0]); /* get rdn values */ rdnval=myldap_get_rdn_value(entry,"cn"); if (i<MAXRESULTS) printf("test_myldap: test_get_values(): [%d] cdrdn=%s\n",i,rdnval==NULL?"NULL":rdnval); rdnval=myldap_get_rdn_value(entry,"uid"); if (i<MAXRESULTS) printf("test_myldap: test_get_values(): [%d] uidrdn=%s\n",i,rdnval==NULL?"NULL":rdnval); /* check objectclass */ assert(myldap_has_objectclass(entry,"posixAccount")); } /* clean up */ myldap_session_close(session); }
const char *attmap_get_value(MYLDAP_ENTRY *entry, const char *attr, char *buffer, size_t buflen) { const char **values; /* check and clear buffer */ if ((buffer == NULL) || (buflen <= 0)) return NULL; buffer[0] = '\0'; /* for simple values just return the attribute */ if (attr[0] != '"') { values = myldap_get_values(entry, attr); if ((values == NULL) || (values[0] == NULL)) return NULL; strncpy(buffer, values[0], buflen); buffer[buflen - 1] = '\0'; return buffer; /* TODO: maybe warn when multiple values are found */ } /* we have an expression, try to parse */ if ((attr[strlen(attr) - 1] != '"') || (expr_parse(attr + 1, buffer, buflen, entry_expand, (void *)entry) == NULL)) { log_log(LOG_ERR, "attribute mapping %s is invalid", attr); buffer[0] = '\0'; return NULL; } /* strip trailing " */ if (buffer[strlen(buffer) - 1] == '"') buffer[strlen(buffer) - 1] = '\0'; return buffer; }
static void test_get(void) { MYLDAP_SESSION *session; MYLDAP_SEARCH *search1,*search2; MYLDAP_ENTRY *entry; const char *attrs1[] = { "cn", "userPassword", "memberUid", "gidNumber", "member", NULL }; const char *attrs2[] = { "uid", NULL }; int rc; /* initialize session */ printf("test_myldap: test_get(): getting session...\n"); session=myldap_create_session(); assert(session!=NULL); /* perform search */ printf("test_myldap: test_get(): doing search...\n"); search1=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(|(objectClass=posixGroup)(objectClass=groupOfNames))(cn=testgroup2))", attrs1,NULL); assert(search1!=NULL); /* get one entry */ entry=myldap_get_entry(search1,&rc); assert(entry!=NULL); printf("test_myldap: test_get(): got DN %s\n",myldap_get_dn(entry)); /* get some attribute values */ (void)myldap_get_values(entry,"gidNumber"); (void)myldap_get_values(entry,"userPassword"); (void)myldap_get_values(entry,"memberUid"); (void)myldap_get_values(entry,"member"); /* perform another search */ printf("test_myldap: test_get(): doing get...\n"); search2=myldap_search(session,"cn=Test User2,ou=people,dc=test,dc=tld", LDAP_SCOPE_BASE, "(objectclass=posixAccount)", attrs2,NULL); assert(search2!=NULL); /* get one entry */ entry=myldap_get_entry(search2,&rc); assert(entry!=NULL); printf("test_myldap: test_get(): got DN %s\n",myldap_get_dn(entry)); /* test if searches are ok */ assert(myldap_get_entry(search1,&rc)==NULL); assert(myldap_get_entry(search2,&rc)==NULL); /* clean up */ myldap_session_close(session); }
/* write a single network entry to the stream */ static int write_network(TFILE *fp,MYLDAP_ENTRY *entry) { int32_t tmpint32,tmp2int32,tmp3int32; int numaddr,i; const char *networkname; const char **networknames; const char **addresses; /* get the most canonical name */ networkname=myldap_get_rdn_value(entry,attmap_network_cn); /* get the other names for the network */ networknames=myldap_get_values(entry,attmap_network_cn); if ((networknames==NULL)||(networknames[0]==NULL)) { log_log(LOG_WARNING,"network entry %s does not contain %s value", myldap_get_dn(entry),attmap_network_cn); return 0; } /* if the networkname is not yet found, get the first entry from networknames */ if (networkname==NULL) networkname=networknames[0]; /* get the addresses */ addresses=myldap_get_values(entry,attmap_network_ipNetworkNumber); if ((addresses==NULL)||(addresses[0]==NULL)) { log_log(LOG_WARNING,"network entry %s does not contain %s value", myldap_get_dn(entry),attmap_network_ipNetworkNumber); return 0; } /* write the entry */ WRITE_INT32(fp,NSLCD_RESULT_BEGIN); WRITE_STRING(fp,networkname); WRITE_STRINGLIST_EXCEPT(fp,networknames,networkname); for (numaddr=0;addresses[numaddr]!=NULL;numaddr++) /*noting*/ ; WRITE_INT32(fp,numaddr); for (i=0;i<numaddr;i++) { WRITE_ADDRESS(fp,addresses[i]); } return 0; }
static int write_shadow(TFILE *fp, MYLDAP_ENTRY *entry, const char *requser, uid_t calleruid) { int32_t tmpint32; const char **usernames; const char *passwd; long lastchangedate; long mindays; long maxdays; long warndays; long inactdays; long expiredate; unsigned long flag; int i; char passbuffer[BUFLEN_PASSWORDHASH]; /* get username */ usernames = myldap_get_values(entry, attmap_shadow_uid); if ((usernames == NULL) || (usernames[0] == NULL)) { log_log(LOG_WARNING, "%s: %s: missing", myldap_get_dn(entry), attmap_shadow_uid); return 0; } /* get password */ passwd = get_userpassword(entry, attmap_shadow_userPassword, passbuffer, sizeof(passbuffer)); if ((passwd == NULL) || (calleruid != 0)) passwd = default_shadow_userPassword; /* get expiry properties */ get_shadow_properties(entry, &lastchangedate, &mindays, &maxdays, &warndays, &inactdays, &expiredate, &flag); /* write the entries */ for (i = 0; usernames[i] != NULL; i++) if ((requser == NULL) || (STR_CMP(requser, usernames[i]) == 0)) { WRITE_INT32(fp, NSLCD_RESULT_BEGIN); WRITE_STRING(fp, usernames[i]); WRITE_STRING(fp, passwd); WRITE_INT32(fp, lastchangedate); WRITE_INT32(fp, mindays); WRITE_INT32(fp, maxdays); WRITE_INT32(fp, warndays); WRITE_INT32(fp, inactdays); WRITE_INT32(fp, expiredate); WRITE_INT32(fp, flag); } return 0; }
static const char *entry_expand(const char *name, void *expander_attr) { MYLDAP_ENTRY *entry = (MYLDAP_ENTRY *)expander_attr; const char **values; if (strcasecmp(name, "dn") == 0) return myldap_get_dn(entry); values = myldap_get_values(entry, name); if (values == NULL) return ""; /* TODO: handle userPassword attribute specially */ if ((values[0] != NULL) && (values[1] != NULL)) { log_log(LOG_WARNING, "%s: %s: multiple values", myldap_get_dn(entry), name); } return values[0]; }
static int write_protocol(TFILE *fp, MYLDAP_ENTRY *entry, const char *reqname) { int32_t tmpint32, tmp2int32, tmp3int32; const char *name; const char **aliases; const char **protos; char *tmp; long proto; int i; /* get the most canonical name */ name = myldap_get_rdn_value(entry, attmap_protocol_cn); /* get the other names for the protocol */ aliases = myldap_get_values(entry, attmap_protocol_cn); if ((aliases == NULL) || (aliases[0] == NULL)) { log_log(LOG_WARNING, "%s: %s: missing", myldap_get_dn(entry), attmap_protocol_cn); return 0; } /* if the protocol name is not yet found, get the first entry */ if (name == NULL) name = aliases[0]; /* check case of returned protocol entry */ if ((reqname != NULL) && (STR_CMP(reqname, name) != 0)) { for (i = 0; (aliases[i] != NULL) && (STR_CMP(reqname, aliases[i]) != 0); i++) /* nothing */ ; if (aliases[i] == NULL) return 0; /* neither the name nor any of the aliases matched */ } /* get the protocol number */ protos = myldap_get_values(entry, attmap_protocol_ipProtocolNumber); if ((protos == NULL) || (protos[0] == NULL)) { log_log(LOG_WARNING, "%s: %s: missing", myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); return 0; } else if (protos[1] != NULL) { log_log(LOG_WARNING, "%s: %s: multiple values", myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); } errno = 0; proto = strtol(protos[0], &tmp, 10); if ((*(protos[0]) == '\0') || (*tmp != '\0')) { log_log(LOG_WARNING, "%s: %s: non-numeric", myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); return 0; } else if ((errno != 0) || (proto < 0) || (proto > (long)UINT8_MAX)) { log_log(LOG_WARNING, "%s: %s: out of range", myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); return 0; } /* write entry */ WRITE_INT32(fp, NSLCD_RESULT_BEGIN); WRITE_STRING(fp, name); WRITE_STRINGLIST_EXCEPT(fp, aliases, name); /* proto number is actually an 8-bit value but we write 32 bits anyway */ WRITE_INT32(fp, proto); return 0; }
/* write a single rpc entry to the stream */ static int write_rpc(TFILE *fp, MYLDAP_ENTRY *entry, const char *reqname) { int32_t tmpint32, tmp2int32, tmp3int32; const char *name; const char **aliases; const char **numbers; char *tmp; unsigned long number; int i; /* get the most canonical name */ name = myldap_get_rdn_value(entry, attmap_rpc_cn); /* get the other names for the rpc entries */ aliases = myldap_get_values(entry, attmap_rpc_cn); if ((aliases == NULL) || (aliases[0] == NULL)) { log_log(LOG_WARNING, "%s: %s: missing", myldap_get_dn(entry), attmap_rpc_cn); return 0; } /* if the rpc name is not yet found, get the first entry */ if (name == NULL) name = aliases[0]; /* check case of returned rpc entry */ if ((reqname != NULL) && (STR_CMP(reqname, name) != 0)) { for (i = 0; (aliases[i] != NULL) && (STR_CMP(reqname, aliases[i]) != 0); i++) /* nothing */ ; if (aliases[i] == NULL) return 0; /* neither the name nor any of the aliases matched */ } /* get the rpc number */ numbers = myldap_get_values(entry, attmap_rpc_oncRpcNumber); if ((numbers == NULL) || (numbers[0] == NULL)) { log_log(LOG_WARNING, "%s: %s: missing", myldap_get_dn(entry), attmap_rpc_oncRpcNumber); return 0; } else if (numbers[1] != NULL) { log_log(LOG_WARNING, "%s: %s: multiple values", myldap_get_dn(entry), attmap_rpc_oncRpcNumber); } errno = 0; number = strtol(numbers[0], &tmp, 10); if ((*(numbers[0]) == '\0') || (*tmp != '\0')) { log_log(LOG_WARNING, "%s: %s: non-numeric", myldap_get_dn(entry), attmap_rpc_oncRpcNumber); return 0; } else if ((errno != 0) || (number > UINT32_MAX)) { log_log(LOG_WARNING, "%s: %s: out of range", myldap_get_dn(entry), attmap_rpc_oncRpcNumber); return 0; } /* write the entry */ WRITE_INT32(fp, NSLCD_RESULT_BEGIN); WRITE_STRING(fp, name); WRITE_STRINGLIST_EXCEPT(fp, aliases, name); WRITE_INT32(fp, number); return 0; }