krb5_error_code krb5_ldap_create_krbcontainer(krb5_context context, const char *dn) { LDAP *ld=NULL; char *strval[2]={NULL}, **rdns=NULL; LDAPMod **mods = NULL; krb5_error_code st=0; kdb5_dal_handle *dal_handle=NULL; krb5_ldap_context *ldap_context=NULL; krb5_ldap_server_handle *ldap_server_handle=NULL; SETUP_CONTEXT (); /* get ldap handle */ GET_HANDLE (); if (dn == NULL) { st = EINVAL; k5_setmsg(context, st, _("Kerberos Container information is missing")); goto cleanup; } strval[0] = "krbContainer"; strval[1] = NULL; if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0) goto cleanup; rdns = ldap_explode_dn(dn, 1); if (rdns == NULL) { st = EINVAL; k5_setmsg(context, st, _("Invalid Kerberos container DN")); goto cleanup; } strval[0] = rdns[0]; strval[1] = NULL; if ((st=krb5_add_str_mem_ldap_mod(&mods, "cn", LDAP_MOD_ADD, strval)) != 0) goto cleanup; /* create the kerberos container */ st = ldap_add_ext_s(ld, dn, mods, NULL, NULL); if (st == LDAP_ALREADY_EXISTS) st = LDAP_SUCCESS; if (st != LDAP_SUCCESS) { int ost = st; st = translate_ldap_error (st, OP_ADD); k5_setmsg(context, st, _("Kerberos Container create FAILED: %s"), ldap_err2string(ost)); goto cleanup; } cleanup: if (rdns) ldap_value_free (rdns); ldap_mods_free(mods, 1); krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle); return(st); }
/* **| method: array(string) explode_dn ( string dn ); **| alt: array(string) explode_dn ( string dn, int notypes ); **| Takes a DN and converts it into an array of its components, **| called RDN (Relative Distinguished Name). ** **| arg: string dn **| The DN to explode. ** **| arg: int notypes **| If != 0 then the types of the DN components will be ignored and **| *not present in the output. Defaults to 1. ** **| returns: an array of RDN entries. */ static void f_ldap_explode_dn(INT32 args) { struct pike_string *dn; char **edn; int notypes = 1; switch (args) { case 2: if (ARG(2).type != T_INT) Pike_error("OpenLDAP.Client->explode_dn(): argument 2 must be an integer\n"); notypes = ARG(2).u.integer; /* fall through */ case 1: if (ARG(1).type != T_STRING) Pike_error("OpenLDAP.Client->explode_dn(): argument 1 must be an integer\n"); dn = ARG(1).u.string; break; default: Pike_error("OpenLDAP.Client->explode_dn(): expects at most 2 and at least 1 argument\n"); break; } pop_n_elems(args); edn = ldap_explode_dn(dn->str, notypes); if (!edn) { push_int(0); return; } push_array(make_pike_array(edn)); ldap_value_free(edn); }
VALUE rb_ldap_explode_dn (VALUE self, VALUE dn, VALUE notypes) { char **c_arr, **p; char *c_dn; VALUE ary; if (dn == Qnil) { return Qnil; } c_dn = StringValueCStr (dn); if ((c_arr = ldap_explode_dn (c_dn, RTEST (notypes) ? 1 : 0))) { ary = rb_ary_new (); for (p = c_arr; *p != NULL; p++) { rb_ary_push (ary, rb_tainted_str_new2 (*p)); } ldap_value_free (c_arr); return ary; } else { return Qnil; } }
int ldap_sort_entries( LDAP *ld, LDAPMessage **chain, char *attr, /* NULL => sort by DN */ int (*cmp)(const void *a, const void *b) ) { int i, count; struct entrything *et; LDAPMessage *e, *last; LDAPMessage **ep; count = ldap_count_entries( ld, *chain ); if ( (et = (struct entrything *) malloc( count * sizeof(struct entrything) )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; return( -1 ); } e = *chain; for ( i = 0; i < count; i++ ) { et[i].et_msg = e; if ( attr == NULL ) { char *dn; dn = ldap_get_dn( ld, e ); et[i].et_vals = ldap_explode_dn( dn, 1 ); free( dn ); } else { et[i].et_vals = ldap_get_values( ld, e, attr ); } e = e->lm_chain; } last = e; et_cmp_fn = cmp; qsort( et, count, sizeof(struct entrything), (void *) et_cmp ); ep = chain; for ( i = 0; i < count; i++ ) { *ep = et[i].et_msg; ep = &(*ep)->lm_chain; ldap_value_free( et[i].et_vals ); } *ep = last; free( (char *) et ); return( 0 ); }
static int ads_user_info(int argc, const char **argv) { ADS_STRUCT *ads; ADS_STATUS rc; void *res; const char *attrs[] = {"memberOf", NULL}; char *searchstring=NULL; char **grouplist; char *escaped_user = escape_ldap_string_alloc(argv[0]); if (argc < 1) { return net_ads_user_usage(argc, argv); } if (!(ads = ads_startup())) { return -1; } if (!escaped_user) { d_printf("ads_user_info: failed to escape user %s\n", argv[0]); ads_destroy(&ads); return -1; } asprintf(&searchstring, "(sAMAccountName=%s)", escaped_user); rc = ads_search(ads, &res, searchstring, attrs); safe_free(searchstring); if (!ADS_ERR_OK(rc)) { d_printf("ads_search: %s\n", ads_errstr(rc)); ads_destroy(&ads); return -1; } grouplist = ldap_get_values(ads->ld, res, "memberOf"); if (grouplist) { int i; char **groupname; for (i=0;grouplist[i];i++) { groupname = ldap_explode_dn(grouplist[i], 1); d_printf("%s\n", groupname[0]); ldap_value_free(groupname); } ldap_value_free(grouplist); } ads_msgfree(ads, res); ads_destroy(&ads); return 0; }
/* move a user to another container sets userprincipalname based on the destination container return AD_SUCCESS on success */ int ad_move_user(char *current_dn, char *new_container) { LDAP *ds; int result; char **exdn; char **username, *domain, *upn; ds=ad_login(); if(!ds) return ad_error_code; username=ad_get_attribute(current_dn, "sAMAccountName");; if(username==NULL) { snprintf(ad_error_msg, MAX_ERR_LENGTH, "Error getting username for dn %s for ad_move_user\n", current_dn); ad_error_code=AD_INVALID_DN; return ad_error_code; } domain=dn2domain(new_container); upn=malloc(strlen(username[0])+strlen(domain)+2); sprintf(upn, "%s@%s", username[0], domain); free(domain); result=ad_mod_replace(current_dn, "userPrincipalName", upn); free(upn); if(!result) return ad_error_code; exdn=ldap_explode_dn(current_dn, 0); if(exdn==NULL) { snprintf(ad_error_msg, MAX_ERR_LENGTH, "Error exploding dn %s for ad_move_user\n", current_dn); ad_error_code=AD_INVALID_DN; return ad_error_code; } result=ldap_rename_s(ds, current_dn, exdn[0], new_container, 1, NULL, NULL); ldap_memfree(exdn); if(result!=LDAP_SUCCESS) { snprintf(ad_error_msg, MAX_ERR_LENGTH, "Error in ldap_rename_s for ad_move_user: %s\n", ldap_err2string(result)); ad_error_code=AD_LDAP_OPERATION_FAILURE; } else { ad_error_code=AD_SUCCESS; } return ad_error_code; }
/* find a printer given the name and the hostname Note that results "res" may be allocated on return so that the results can be used. It should be freed using ads_msgfree. */ ADS_STATUS ads_find_printer_on_server(ADS_STRUCT *ads, LDAPMessage **res, const char *printer, const char *servername) { ADS_STATUS status; char *srv_dn, **srv_cn, *s = NULL; const char *attrs[] = {"*", "nTSecurityDescriptor", NULL}; status = ads_find_machine_acct(ads, res, servername); if (!ADS_ERR_OK(status)) { DEBUG(1, ("ads_find_printer_on_server: cannot find host %s in ads\n", servername)); return status; } if (ads_count_replies(ads, *res) != 1) { ads_msgfree(ads, *res); *res = NULL; return ADS_ERROR(LDAP_NO_SUCH_OBJECT); } srv_dn = ldap_get_dn(ads->ldap.ld, *res); if (srv_dn == NULL) { ads_msgfree(ads, *res); *res = NULL; return ADS_ERROR(LDAP_NO_MEMORY); } srv_cn = ldap_explode_dn(srv_dn, 1); if (srv_cn == NULL) { ldap_memfree(srv_dn); ads_msgfree(ads, *res); *res = NULL; return ADS_ERROR(LDAP_INVALID_DN_SYNTAX); } ads_msgfree(ads, *res); *res = NULL; if (asprintf(&s, "(cn=%s-%s)", srv_cn[0], printer) == -1) { ldap_memfree(srv_dn); return ADS_ERROR(LDAP_NO_MEMORY); } status = ads_search(ads, res, s, attrs); ldap_memfree(srv_dn); ldap_value_free(srv_cn); SAFE_FREE(s); return status; }
STDMETHODIMP CLDAPQuery::explodeDn( /* [in] */ BSTR str, /* [in] */ ULONG notypes, /* [retval][out] */ SAFEARRAY **result) { PTCHAR *vals = ldap_explode_dn(CComBSTR(str), notypes); m_errorCode = LdapGetLastError(); if(vals) { CComSafeArray<VARIANT> dnValues; for(LONG i = 0L; vals[i]!=NULL; i++) { dnValues.Add(CComVariant(vals[i])); } ldap_value_free(vals); *result = dnValues.Detach(); } return S_OK; }
/*********************************************************************** * ldap_explode_dnW (WLDAP32.@) * * Break up a DN into its components. * * PARAMS * dn [I] DN to break up. * notypes [I] Remove attribute type information from the components. * * RETURNS * Success: Pointer to a NULL-terminated array that contains the DN * components. * Failure: NULL * * NOTES * Free the string array with ldap_value_free. */ PWCHAR * CDECL ldap_explode_dnW( PWCHAR dn, ULONG notypes ) { PWCHAR *ret = NULL; #ifdef HAVE_LDAP char *dnU, **retU; TRACE( "(%s, 0x%08x)\n", debugstr_w(dn), notypes ); dnU = strWtoU( dn ); if (!dnU) return NULL; retU = ldap_explode_dn( dnU, notypes ); ret = strarrayUtoW( retU ); strfreeU( dnU ); ldap_memvfree( (void **)retU ); #endif return ret; }
/* convert a distinguished name into the domain controller dns domain, eg: "ou=users,dc=example,dc=com" returns "example.com". memory allocated should be returned with free() */ char *dn2domain(char *dn) { char **exp_dn; int i; char *dc; dc=malloc(1024); dc[0]='\0'; exp_dn=ldap_explode_dn(dn, 0); for(i=0; exp_dn[i]!=NULL; i++) { if(!strncasecmp("dc=", exp_dn[i], 3)) { strncat(dc, exp_dn[i]+3, 1024); strncat(dc, ".", 1024); } } ldap_value_free(exp_dn); i=strlen(dc); if(i>0) dc[i-1]='\0'; for(i=0; dc[i]!='\0'; i++) dc[i]=tolower(dc[i]); return dc; }
static int output_dn( char *buf, char *dn, int width, int rdncount, writeptype writeproc, void *writeparm, char *eol, char *urlprefix ) { char **dnrdns; int i; if (( dnrdns = ldap_explode_dn( dn, 1 )) == NULL ) { return( -1 ); } if ( urlprefix != NULL ) { sprintf( buf, "<DD><A HREF=\"%s", urlprefix ); strcat_escaped( buf, dn ); strcat( buf, "\">" ); } else if ( width > 0 ) { sprintf( buf, "%-*s", width, " " ); } else { *buf = '\0'; } for ( i = 0; dnrdns[ i ] != NULL && ( rdncount == 0 || i < rdncount ); ++i ) { if ( i > 0 ) { strcat( buf, ", " ); } strcat( buf, dnrdns[ i ] ); } if ( urlprefix != NULL ) { strcat( buf, "</A><BR>" ); } ldap_value_free( dnrdns ); strcat( buf, eol ); return ((*writeproc)( writeparm, buf, strlen( buf ))); }
krb5_error_code krb5_ldap_create_krbcontainer(krb5_context context, const krb5_ldap_krbcontainer_params *krbcontparams) { LDAP *ld=NULL; char *strval[2]={NULL}, *kerberoscontdn=NULL, **rdns=NULL; int pmask=0; LDAPMod **mods = NULL; krb5_error_code st=0; kdb5_dal_handle *dal_handle=NULL; krb5_ldap_context *ldap_context=NULL; krb5_ldap_server_handle *ldap_server_handle=NULL; SETUP_CONTEXT (); /* get ldap handle */ GET_HANDLE (); if (krbcontparams != NULL && krbcontparams->DN != NULL) { kerberoscontdn = krbcontparams->DN; } else { st = EINVAL; krb5_set_error_message(context, st, _("Kerberos Container information is missing")); goto cleanup; } strval[0] = "krbContainer"; strval[1] = NULL; if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0) goto cleanup; rdns = ldap_explode_dn(kerberoscontdn, 1); if (rdns == NULL) { st = EINVAL; krb5_set_error_message(context, st, _("Invalid Kerberos container DN")); goto cleanup; } strval[0] = rdns[0]; strval[1] = NULL; if ((st=krb5_add_str_mem_ldap_mod(&mods, "cn", LDAP_MOD_ADD, strval)) != 0) goto cleanup; /* check if the policy reference value exists and is of krbticketpolicyreference object class */ if (krbcontparams && krbcontparams->policyreference) { st = checkattributevalue(ld, krbcontparams->policyreference, "objectclass", policyclass, &pmask); CHECK_CLASS_VALIDITY(st, pmask, _("ticket policy object value: ")); strval[0] = krbcontparams->policyreference; strval[1] = NULL; if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbticketpolicyreference", LDAP_MOD_ADD, strval)) != 0) goto cleanup; } /* create the kerberos container */ if ((st = ldap_add_ext_s(ld, kerberoscontdn, mods, NULL, NULL)) != LDAP_SUCCESS) { int ost = st; st = translate_ldap_error (st, OP_ADD); krb5_set_error_message(context, st, _("Kerberos Container create FAILED: %s"), ldap_err2string(ost)); goto cleanup; } cleanup: if (rdns) ldap_value_free (rdns); ldap_mods_free(mods, 1); krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle); return(st); }
int main( int argc, char *argv[] ) { int rc, i, debug = 0, f2 = 0; unsigned flags[ 2 ] = { 0U, 0 }; char *strin, *str = NULL, buf[ 1024 ]; LDAPDN dn, dn2 = NULL; while ( 1 ) { int opt = getopt( argc, argv, "d:" ); if ( opt == EOF ) { break; } switch ( opt ) { case 'd': debug = atoi( optarg ); break; } } optind--; argc -= optind; argv += optind; if ( argc < 2 ) { fprintf( stderr, "usage: dntest <dn> [flags-in[,...]] [flags-out[,...]]\n\n" ); fprintf( stderr, "\tflags-in: V3,V2,DCE,<flags>\n" ); fprintf( stderr, "\tflags-out: V3,V2,UFN,DCE,AD,<flags>\n\n" ); fprintf( stderr, "\t<flags>: PRETTY,PEDANTIC,NOSPACES,NOONESPACE\n\n" ); return( 0 ); } if ( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) { fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug ); } if ( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug ); } if ( strcmp( argv[ 1 ], "-" ) == 0 ) { size_t len = fgets( buf, sizeof( buf ), stdin ) ? strlen( buf ) : 0; if ( len == 0 || buf[ --len ] == '\n' ) { buf[ len ] = '\0'; } strin = buf; } else { strin = argv[ 1 ]; } if ( argc >= 3 ) { for ( i = 0; i < argc - 2; i++ ) { char *s, *e; for ( s = argv[ 2 + i ]; s; s = e ) { e = strchr( s, ',' ); if ( e != NULL ) { e[ 0 ] = '\0'; e++; } if ( !strcasecmp( s, "V3" ) ) { flags[ i ] |= LDAP_DN_FORMAT_LDAPV3; } else if ( !strcasecmp( s, "V2" ) ) { flags[ i ] |= LDAP_DN_FORMAT_LDAPV2; } else if ( !strcasecmp( s, "DCE" ) ) { flags[ i ] |= LDAP_DN_FORMAT_DCE; } else if ( !strcasecmp( s, "UFN" ) ) { flags[ i ] |= LDAP_DN_FORMAT_UFN; } else if ( !strcasecmp( s, "AD" ) ) { flags[ i ] |= LDAP_DN_FORMAT_AD_CANONICAL; } else if ( !strcasecmp( s, "PRETTY" ) ) { flags[ i ] |= LDAP_DN_PRETTY; } else if ( !strcasecmp( s, "PEDANTIC" ) ) { flags[ i ] |= LDAP_DN_PEDANTIC; } else if ( !strcasecmp( s, "NOSPACES" ) ) { flags[ i ] |= LDAP_DN_P_NOLEADTRAILSPACES; } else if ( !strcasecmp( s, "NOONESPACE" ) ) { flags[ i ] |= LDAP_DN_P_NOSPACEAFTERRDN; } } } } if ( flags[ 1 ] == 0 ) flags[ 1 ] = LDAP_DN_FORMAT_LDAPV3; f2 = 1; rc = ldap_str2dn( strin, &dn, flags[ 0 ] ); if ( rc == LDAP_SUCCESS ) { int i; if ( dn ) { for ( i = 0; dn[ i ]; i++ ) { LDAPRDN rdn = dn[ i ]; char *rstr = NULL; if ( ldap_rdn2str( rdn, &rstr, flags[ f2 ] ) ) { fprintf( stdout, "\tldap_rdn2str() failed\n" ); continue; } fprintf( stdout, "\tldap_rdn2str() = \"%s\"\n", rstr ); ldap_memfree( rstr ); } } else { fprintf( stdout, "\tempty DN\n" ); } } str = NULL; if ( rc == LDAP_SUCCESS && ldap_dn2str( dn, &str, flags[ f2 ] ) == LDAP_SUCCESS ) { char **values, *tmp, *tmp2, *str2 = NULL; int n; fprintf( stdout, "\nldap_dn2str(ldap_str2dn(\"%s\"))\n" "\t= \"%s\"\n", strin, str ); switch ( flags[ f2 ] & LDAP_DN_FORMAT_MASK ) { case LDAP_DN_FORMAT_UFN: case LDAP_DN_FORMAT_AD_CANONICAL: return( 0 ); case LDAP_DN_FORMAT_LDAPV3: case LDAP_DN_FORMAT_LDAPV2: n = ldap_dn2domain( strin, &tmp ); if ( n ) { fprintf( stdout, "\nldap_dn2domain(\"%s\") FAILED\n", strin ); } else { fprintf( stdout, "\nldap_dn2domain(\"%s\")\n" "\t= \"%s\"\n", strin, tmp ? tmp : "" ); } ldap_memfree( tmp ); tmp = ldap_dn2ufn( strin ); fprintf( stdout, "\nldap_dn2ufn(\"%s\")\n" "\t= \"%s\"\n", strin, tmp ? tmp : "" ); ldap_memfree( tmp ); tmp = ldap_dn2dcedn( strin ); fprintf( stdout, "\nldap_dn2dcedn(\"%s\")\n" "\t= \"%s\"\n", strin, tmp ? tmp : "" ); tmp2 = ldap_dcedn2dn( tmp ); fprintf( stdout, "\nldap_dcedn2dn(\"%s\")\n" "\t= \"%s\"\n", tmp ? tmp : "", tmp2 ? tmp2 : "" ); ldap_memfree( tmp ); ldap_memfree( tmp2 ); tmp = ldap_dn2ad_canonical( strin ); fprintf( stdout, "\nldap_dn2ad_canonical(\"%s\")\n" "\t= \"%s\"\n", strin, tmp ? tmp : "" ); ldap_memfree( tmp ); fprintf( stdout, "\nldap_explode_dn(\"%s\"):\n", str ); values = ldap_explode_dn( str, 0 ); for ( n = 0; values && values[ n ]; n++ ) { char **vv; int nn; fprintf( stdout, "\t\"%s\"\n", values[ n ] ); fprintf( stdout, "\tldap_explode_rdn(\"%s\")\n", values[ n ] ); vv = ldap_explode_rdn( values[ n ], 0 ); for ( nn = 0; vv && vv[ nn ]; nn++ ) { fprintf( stdout, "\t\t'%s'\n", vv[ nn ] ); } LDAP_VFREE( vv ); fprintf( stdout, "\tldap_explode_rdn(\"%s\")" " (no types)\n", values[ n ] ); vv = ldap_explode_rdn( values[ n ], 1 ); for ( nn = 0; vv && vv[ nn ]; nn++ ) { fprintf( stdout, "\t\t\t\"%s\"\n", vv[ nn ] ); } LDAP_VFREE( vv ); } LDAP_VFREE( values ); fprintf( stdout, "\nldap_explode_dn(\"%s\")" " (no types):\n", str ); values = ldap_explode_dn( str, 1 ); for ( n = 0; values && values[ n ]; n++ ) { fprintf( stdout, "\t\"%s\"\n", values[ n ] ); } LDAP_VFREE( values ); break; } dn2 = NULL; rc = ldap_str2dn( str, &dn2, flags[ f2 ] ); str2 = NULL; if ( rc == LDAP_SUCCESS && ldap_dn2str( dn2, &str2, flags[ f2 ] ) == LDAP_SUCCESS ) { int iRDN; fprintf( stdout, "\n\"%s\"\n\t == \"%s\" ? %s\n", str, str2, strcmp( str, str2 ) == 0 ? "yes" : "no" ); if( dn != NULL && dn2 == NULL ) { fprintf( stdout, "dn mismatch\n" ); } else if (( dn != NULL ) && (dn2 != NULL)) for ( iRDN = 0; dn[ iRDN ] && dn2[ iRDN ]; iRDN++ ) { LDAPRDN r = dn[ iRDN ]; LDAPRDN r2 = dn2[ iRDN ]; int iAVA; for ( iAVA = 0; r[ iAVA ] && r2[ iAVA ]; iAVA++ ) { LDAPAVA *a = r[ iAVA ]; LDAPAVA *a2 = r2[ iAVA ]; if ( a->la_attr.bv_len != a2->la_attr.bv_len ) { fprintf( stdout, "ava(%d), rdn(%d) attr len mismatch (%ld->%ld)\n", iAVA + 1, iRDN + 1, a->la_attr.bv_len, a2->la_attr.bv_len ); } else if ( memcmp( a->la_attr.bv_val, a2->la_attr.bv_val, a->la_attr.bv_len ) ) { fprintf( stdout, "ava(%d), rdn(%d) attr mismatch\n", iAVA + 1, iRDN + 1 ); } else if ( a->la_flags != a2->la_flags ) { fprintf( stdout, "ava(%d), rdn(%d) flag mismatch (%x->%x)\n", iAVA + 1, iRDN + 1, a->la_flags, a2->la_flags ); } else if ( a->la_value.bv_len != a2->la_value.bv_len ) { fprintf( stdout, "ava(%d), rdn(%d) value len mismatch (%ld->%ld)\n", iAVA + 1, iRDN + 1, a->la_value.bv_len, a2->la_value.bv_len ); } else if ( memcmp( a->la_value.bv_val, a2->la_value.bv_val, a->la_value.bv_len ) ) { fprintf( stdout, "ava(%d), rdn(%d) value mismatch\n", iAVA + 1, iRDN + 1 ); } } } ldap_dnfree( dn2 ); ldap_memfree( str2 ); } ldap_memfree( str ); } ldap_dnfree( dn ); /* note: dn is not freed */ return( 0 ); }
/* * Lies die erste Zeile eines beliebigen Records nach position `offset' in `s'. * Setze *pos (falls pos != 0). * Liefere 0 bei Erfolg, -1 sonst. * Bei Erfolg: * - pos ist die exakte Anfangsposition. * - Setze *key auf den Schluessel (falls key != 0). * - Setze *dn auf den Distinguished Name (falls dn != 0). * EOF ist kein Fehler und liefert *key = 0 (falls key != 0); * * Der Schluessel ist dabei * "delete" fuer "changetype: delete" * "modify" fuer "changetype: modify" * "rename" fuer "changetype: moddn" und "changetype: modrdn", * "add" fuer "changetype: add" erlauben wir mal ganz frech ebenfalls * oder andernfalls der Wert von "ldapvi-key: ...", das als erste * Zeile im attrval-record erscheinen muss. */ static int ldif_read_header(GString *tmp1, GString *tmp2, FILE *s, long offset, char **key, char **dn, long *pos) { char **rdns = 0; char *k; char *d; long pos2; if (offset != -1) if (fseek(s, offset, SEEK_SET) == -1) syserr(); do { if (pos) if ( (*pos = ftell(s)) == -1) syserr(); if (ldif_read_line(s, tmp1, tmp2) == -1) return -1; if (tmp1->len == 0 && feof(s)) { if (key) *key = 0; return 0; } if (!strcmp(tmp1->str, "version")) { if (strcmp(tmp2->str, "1")) { fputs("Error: Invalid file format.\n", stderr); return -1; } tmp1->len = 0; } } while (!tmp1->len); rdns = ldap_explode_dn(tmp2->str, 0); if (!rdns) { fputs("Error: Invalid distinguished name string.\n", stderr); return -1; } if (dn) d = xdup(tmp2->str); if ( (pos2 = ftell(s)) == -1) syserr(); if (ldif_read_line(s, tmp1, tmp2) == -1) { if (dn) free(d); return -1; } if (!strcmp(tmp1->str, "ldapvi-key")) k = tmp2->str; else if (!strcmp(tmp1->str, "changetype")) { if (!strcmp(tmp2->str, "modrdn")) k = "rename"; else if (!strcmp(tmp2->str, "moddn")) k = "rename"; else if (!strcmp(tmp2->str, "delete") || !strcmp(tmp2->str, "modify") || !strcmp(tmp2->str, "add")) k = tmp2->str; else { fputs("Error: invalid changetype.\n", stderr); if (dn) free(d); return -1; } } else if (!strcmp(tmp1->str, "control")) { fputs("Error: Sorry, 'control:' not supported.\n", stderr); if (dn) free(d); return -1; } else { k = "add"; if (fseek(s, pos2, SEEK_SET) == -1) syserr(); } if (key) *key = xdup(k); if (dn) *dn = d; ldap_value_free(rdns); return 0; }
static WERROR nt_printer_publish_ads(struct messaging_context *msg_ctx, ADS_STRUCT *ads, struct spoolss_PrinterInfo2 *pinfo2) { ADS_STATUS ads_rc; LDAPMessage *res; char *prt_dn = NULL, *srv_dn, *srv_cn_0, *srv_cn_escaped, *sharename_escaped; char *srv_dn_utf8, **srv_cn_utf8; TALLOC_CTX *ctx; ADS_MODLIST mods; const char *attrs[] = {"objectGUID", NULL}; struct GUID guid; WERROR win_rc = WERR_OK; size_t converted_size; const char *printer = pinfo2->sharename; /* build the ads mods */ ctx = talloc_init("nt_printer_publish_ads"); if (ctx == NULL) { return WERR_NOMEM; } DEBUG(5, ("publishing printer %s\n", printer)); /* figure out where to publish */ ads_find_machine_acct(ads, &res, lp_netbios_name()); /* We use ldap_get_dn here as we need the answer * in utf8 to call ldap_explode_dn(). JRA. */ srv_dn_utf8 = ldap_get_dn((LDAP *)ads->ldap.ld, (LDAPMessage *)res); if (!srv_dn_utf8) { TALLOC_FREE(ctx); return WERR_SERVER_UNAVAILABLE; } ads_msgfree(ads, res); srv_cn_utf8 = ldap_explode_dn(srv_dn_utf8, 1); if (!srv_cn_utf8) { TALLOC_FREE(ctx); ldap_memfree(srv_dn_utf8); return WERR_SERVER_UNAVAILABLE; } /* Now convert to CH_UNIX. */ if (!pull_utf8_talloc(ctx, &srv_dn, srv_dn_utf8, &converted_size)) { TALLOC_FREE(ctx); ldap_memfree(srv_dn_utf8); ldap_memfree(srv_cn_utf8); return WERR_SERVER_UNAVAILABLE; } if (!pull_utf8_talloc(ctx, &srv_cn_0, srv_cn_utf8[0], &converted_size)) { TALLOC_FREE(ctx); ldap_memfree(srv_dn_utf8); ldap_memfree(srv_cn_utf8); TALLOC_FREE(srv_dn); return WERR_SERVER_UNAVAILABLE; } ldap_memfree(srv_dn_utf8); ldap_memfree(srv_cn_utf8); srv_cn_escaped = escape_rdn_val_string_alloc(srv_cn_0); if (!srv_cn_escaped) { TALLOC_FREE(ctx); return WERR_SERVER_UNAVAILABLE; } sharename_escaped = escape_rdn_val_string_alloc(printer); if (!sharename_escaped) { SAFE_FREE(srv_cn_escaped); TALLOC_FREE(ctx); return WERR_SERVER_UNAVAILABLE; } prt_dn = talloc_asprintf(ctx, "cn=%s-%s,%s", srv_cn_escaped, sharename_escaped, srv_dn); SAFE_FREE(srv_cn_escaped); SAFE_FREE(sharename_escaped); mods = ads_init_mods(ctx); if (mods == NULL) { SAFE_FREE(prt_dn); TALLOC_FREE(ctx); return WERR_NOMEM; } ads_mod_str(ctx, &mods, SPOOL_REG_PRINTERNAME, printer); /* publish it */ ads_rc = ads_mod_printer_entry(ads, prt_dn, ctx, &mods); if (ads_rc.err.rc == LDAP_NO_SUCH_OBJECT) { int i; for (i=0; mods[i] != 0; i++) ; mods[i] = (LDAPMod *)-1; ads_rc = ads_add_printer_entry(ads, prt_dn, ctx, &mods); } if (!ADS_ERR_OK(ads_rc)) { DEBUG(3, ("error publishing %s: %s\n", printer, ads_errstr(ads_rc))); } /* retreive the guid and store it locally */ if (ADS_ERR_OK(ads_search_dn(ads, &res, prt_dn, attrs))) { bool guid_ok; ZERO_STRUCT(guid); guid_ok = ads_pull_guid(ads, res, &guid); ads_msgfree(ads, res); if (guid_ok) { store_printer_guid(msg_ctx, printer, guid); } } TALLOC_FREE(ctx); return win_rc; }
DWORD VMCADNToRDNArray( PCSTR pcszDN, BOOLEAN bNoTypes, PDWORD pdwCount, PSTR **pppszRDNArray ) { DWORD dwError = 0; DWORD dwCount = 0; PSTR *ppszTemp = NULL; PSTR *ppszRDNArrayLocal = NULL; PSTR *ppszRDNArray = NULL; if (IsNullOrEmptyString(pcszDN) || !pdwCount || !pppszRDNArray) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMCA_ERROR(dwError); } if (bNoTypes) { ppszRDNArrayLocal = ldap_explode_dn(pcszDN, 1); } else { ppszRDNArrayLocal = ldap_explode_dn(pcszDN, 0); } if (!ppszRDNArrayLocal) { dwError = VMCA_ERROR_INVALID_ENTRY; BAIL_ON_VMCA_ERROR(dwError); } for (ppszTemp = ppszRDNArrayLocal; *ppszTemp; ++ppszTemp) { ++dwCount; } dwError = VMCACopyStringArrayA( &ppszRDNArray, dwCount, ppszRDNArrayLocal, dwCount); BAIL_ON_VMCA_ERROR(dwError); *pdwCount = dwCount; *pppszRDNArray = ppszRDNArray; cleanup: ldap_value_free(ppszRDNArrayLocal); return dwError; error: if (pdwCount) { *pdwCount = 0; } VMCAFreeStringArrayA(ppszRDNArray, dwCount); if (pppszRDNArray) { *pppszRDNArray = NULL; } goto cleanup; }
int ldap_sort_entries( LDAP *ld, LDAPMessage **chain, LDAP_CONST char *attr, /* NULL => sort by DN */ int (*cmp) (LDAP_CONST char *, LDAP_CONST char *) ) { int i, count = 0; struct entrything *et; LDAPMessage *e, *ehead = NULL, *etail = NULL; LDAPMessage *ohead = NULL, *otail = NULL; LDAPMessage **ep; assert( ld != NULL ); /* Separate entries from non-entries */ for ( e = *chain; e; e=e->lm_chain ) { if ( e->lm_msgtype == LDAP_RES_SEARCH_ENTRY ) { count++; if ( !ehead ) ehead = e; if ( etail ) etail->lm_chain = e; etail = e; } else { if ( !ohead ) ohead = e; if ( otail ) otail->lm_chain = e; otail = e; } } if ( count < 2 ) { /* zero or one entries -- already sorted! */ if ( ehead ) { etail->lm_chain = ohead; *chain = ehead; } else { *chain = ohead; } return 0; } if ( (et = (struct entrything *) LDAP_MALLOC( count * sizeof(struct entrything) )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; return( -1 ); } e = ehead; for ( i = 0; i < count; i++ ) { et[i].et_cmp_fn = cmp; et[i].et_msg = e; if ( attr == NULL ) { char *dn; dn = ldap_get_dn( ld, e ); et[i].et_vals = ldap_explode_dn( dn, 1 ); LDAP_FREE( dn ); } else { et[i].et_vals = ldap_get_values( ld, e, attr ); } e = e->lm_chain; } qsort( et, count, sizeof(struct entrything), et_cmp ); ep = chain; for ( i = 0; i < count; i++ ) { *ep = et[i].et_msg; ep = &(*ep)->lm_chain; LDAP_VFREE( et[i].et_vals ); } *ep = ohead; (*chain)->lm_chain_tail = otail ? otail : etail; LDAP_FREE( (char *) et ); return( 0 ); }
static int do_entry2text( LDAP *ld, char *buf, /* NULL for use-internal */ char *base, /* used for search actions */ LDAPMessage *entry, struct ldap_disptmpl *tmpl, char **defattrs, char ***defvals, writeptype writeproc, void *writeparm, char *eol, int rdncount, unsigned int opts, char *urlprefix /* if non-NULL, do HTML */ ) { int i, err, html, show, labelwidth; int freebuf, freevals; char *dn, **vals; struct ldap_tmplitem *rowp, *colp; if (( dn = ldap_get_dn( ld, entry )) == NULL ) { return( ld->ld_errno ); } if ( buf == NULL ) { if (( buf = malloc( LDAP_DTMPL_BUFSIZ )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; free( dn ); return( ld->ld_errno ); } freebuf = 1; } else { freebuf = 0; } html = ( urlprefix != NULL ); if ( html ) { /* * add HTML intro. and title */ if (!(( opts & LDAP_DISP_OPT_HTMLBODYONLY ) != 0 )) { sprintf( buf, "<HTML>%s<HEAD>%s<TITLE>%s%s - ", eol, eol, eol, ( tmpl == NULL ) ? "Entry" : tmpl->dt_name ); (*writeproc)( writeparm, buf, strlen( buf )); output_dn( buf, dn, 0, rdncount, writeproc, writeparm, "", NULL ); sprintf( buf, "%s</TITLE>%s</HEAD>%s<BODY>%s<H3>%s - ", eol, eol, eol, eol, ( tmpl == NULL ) ? "Entry" : tmpl->dt_name ); (*writeproc)( writeparm, buf, strlen( buf )); output_dn( buf, dn, 0, rdncount, writeproc, writeparm, "", NULL ); sprintf( buf, "</H3>%s", eol ); (*writeproc)( writeparm, buf, strlen( buf )); } if (( opts & LDAP_DISP_OPT_NONLEAF ) != 0 && ( vals = ldap_explode_dn( dn, 0 )) != NULL ) { char *untagged; /* * add "Move Up" link */ sprintf( buf, "<A HREF=\"%s", urlprefix ); for ( i = 1; vals[ i ] != NULL; ++i ) { if ( i > 1 ) { strcat_escaped( buf, ", " ); } strcat_escaped( buf, vals[ i ] ); } if ( vals[ 1 ] != NULL ) { untagged = strchr( vals[ 1 ], '=' ); } else { untagged = "=The World"; } sprintf( buf + strlen( buf ), "%s\">Move Up To <EM>%s</EM></A>%s<BR>", ( vals[ 1 ] == NULL ) ? "??one" : "", ( untagged != NULL ) ? untagged + 1 : vals[ 1 ], eol, eol ); (*writeproc)( writeparm, buf, strlen( buf )); /* * add "Browse" link */ untagged = strchr( vals[ 0 ], '=' ); sprintf( buf, "<A HREF=\"%s", urlprefix ); strcat_escaped( buf, dn ); sprintf( buf + strlen( buf ), "??one?(!(objectClass=dsa))\">Browse Below <EM>%s</EM></A>%s%s", ( untagged != NULL ) ? untagged + 1 : vals[ 0 ], eol, eol ); (*writeproc)( writeparm, buf, strlen( buf )); ldap_value_free( vals ); } (*writeproc)( writeparm, "<HR>", 4 ); /* horizontal rule */ } else { (*writeproc)( writeparm, "\"", 1 ); output_dn( buf, dn, 0, rdncount, writeproc, writeparm, "", NULL ); sprintf( buf, "\"%s", eol ); (*writeproc)( writeparm, buf, strlen( buf )); } if ( tmpl != NULL && ( opts & LDAP_DISP_OPT_AUTOLABELWIDTH ) != 0 ) { labelwidth = max_label_len( tmpl ) + 3; } else { labelwidth = DEF_LABEL_WIDTH;; } err = LDAP_SUCCESS; if ( tmpl == NULL ) { BerElement *ber; char *attr; ber = NULL; for ( attr = ldap_first_attribute( ld, entry, &ber ); NONFATAL_LDAP_ERR( err ) && attr != NULL; attr = ldap_next_attribute( ld, entry, ber )) { if (( vals = ldap_get_values( ld, entry, attr )) == NULL ) { freevals = 0; if ( defattrs != NULL ) { for ( i = 0; defattrs[ i ] != NULL; ++i ) { if ( strcasecmp( attr, defattrs[ i ] ) == 0 ) { break; } } if ( defattrs[ i ] != NULL ) { vals = defvals[ i ]; } } } else { freevals = 1; } if ( islower( *attr )) { /* cosmetic -- upcase attr. name */ *attr = toupper( *attr ); } err = do_vals2text( ld, buf, vals, attr, labelwidth, LDAP_SYN_CASEIGNORESTR, writeproc, writeparm, eol, rdncount, urlprefix ); if ( freevals ) { ldap_value_free( vals ); } } } else { for ( rowp = ldap_first_tmplrow( tmpl ); NONFATAL_LDAP_ERR( err ) && rowp != NULLTMPLITEM; rowp = ldap_next_tmplrow( tmpl, rowp )) { for ( colp = ldap_first_tmplcol( tmpl, rowp ); colp != NULLTMPLITEM; colp = ldap_next_tmplcol( tmpl, rowp, colp )) { vals = NULL; if ( colp->ti_attrname == NULL || ( vals = ldap_get_values( ld, entry, colp->ti_attrname )) == NULL ) { freevals = 0; if ( !LDAP_IS_TMPLITEM_OPTION_SET( colp, LDAP_DITEM_OPT_HIDEIFEMPTY ) && defattrs != NULL && colp->ti_attrname != NULL ) { for ( i = 0; defattrs[ i ] != NULL; ++i ) { if ( strcasecmp( colp->ti_attrname, defattrs[ i ] ) == 0 ) { break; } } if ( defattrs[ i ] != NULL ) { vals = defvals[ i ]; } } } else { freevals = 1; if ( LDAP_IS_TMPLITEM_OPTION_SET( colp, LDAP_DITEM_OPT_SORTVALUES ) && vals[ 0 ] != NULL && vals[ 1 ] != NULL ) { ldap_sort_values( ld, vals, ldap_sort_strcasecmp ); } } /* * don't bother even calling do_vals2text() if no values * or boolean with value false and "hide if false" option set */ show = ( vals != NULL && vals[ 0 ] != NULL ); if ( show && LDAP_GET_SYN_TYPE( colp->ti_syntaxid ) == LDAP_SYN_TYPE_BOOLEAN && LDAP_IS_TMPLITEM_OPTION_SET( colp, LDAP_DITEM_OPT_HIDEIFFALSE ) && toupper( vals[ 0 ][ 0 ] ) != 'T' ) { show = 0; } if ( colp->ti_syntaxid == LDAP_SYN_SEARCHACTION ) { if (( opts & LDAP_DISP_OPT_DOSEARCHACTIONS ) != 0 ) { if ( colp->ti_attrname == NULL || ( show && toupper( vals[ 0 ][ 0 ] ) == 'T' )) { err = searchaction( ld, buf, base, entry, dn, colp, labelwidth, rdncount, writeproc, writeparm, eol, urlprefix ); } } show = 0; } if ( show ) { err = do_vals2text( ld, buf, vals, colp->ti_label, labelwidth, colp->ti_syntaxid, writeproc, writeparm, eol, rdncount, urlprefix ); } if ( freevals ) { ldap_value_free( vals ); } } } } if ( html && !(( opts & LDAP_DISP_OPT_HTMLBODYONLY ) != 0 )) { sprintf( buf, "</BODY>%s</HTML>%s", eol, eol ); (*writeproc)( writeparm, buf, strlen( buf )); } free( dn ); if ( freebuf ) { free( buf ); } return( err ); }
static WERROR nt_printer_dn_lookup(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *printer, char **pprinter_dn) { char *printer_dn = NULL; char *srv_dn = NULL; char *srv_cn_0 = NULL; char *srv_cn_escaped = NULL; char *sharename_escaped = NULL; char *srv_dn_utf8 = NULL; char **srv_cn_utf8 = NULL; size_t converted_size; ADS_STATUS ads_status; LDAPMessage *res; WERROR result; bool ok; ads_status = ads_find_machine_acct(ads, &res, lp_netbios_name()); if (!ADS_ERR_OK(ads_status)) { DEBUG(2, ("Failed to find machine account for %s\n", lp_netbios_name())); result = WERR_NOT_FOUND; goto err_out; } /* * We use ldap_get_dn here as we need the answer in utf8 to call * ldap_explode_dn(). JRA. */ srv_dn_utf8 = ldap_get_dn((LDAP *)ads->ldap.ld, (LDAPMessage *)res); ads_msgfree(ads, res); if (srv_dn_utf8 == NULL) { result = WERR_SERVER_UNAVAILABLE; goto err_out; } srv_cn_utf8 = ldap_explode_dn(srv_dn_utf8, 1); if (srv_cn_utf8 == NULL) { ldap_memfree(srv_dn_utf8); result = WERR_SERVER_UNAVAILABLE; goto err_out; } /* Now convert to CH_UNIX. */ ok = pull_utf8_talloc(mem_ctx, &srv_dn, srv_dn_utf8, &converted_size); ldap_memfree(srv_dn_utf8); if (!ok) { ldap_memfree(srv_cn_utf8); result = WERR_SERVER_UNAVAILABLE; goto err_out; } ok = pull_utf8_talloc(mem_ctx, &srv_cn_0, srv_cn_utf8[0], &converted_size); ldap_memfree(srv_cn_utf8); if (!ok) { result = WERR_SERVER_UNAVAILABLE; goto err_out; } srv_cn_escaped = escape_rdn_val_string_alloc(srv_cn_0); if (srv_cn_escaped == NULL) { result = WERR_SERVER_UNAVAILABLE; goto err_out; } sharename_escaped = escape_rdn_val_string_alloc(printer); if (sharename_escaped == NULL) { result = WERR_SERVER_UNAVAILABLE; goto err_out; } printer_dn = talloc_asprintf(mem_ctx, "cn=%s-%s,%s", srv_cn_escaped, sharename_escaped, srv_dn); if (printer_dn == NULL) { result = WERR_NOMEM; goto err_out; } *pprinter_dn = printer_dn; result = WERR_OK; err_out: SAFE_FREE(sharename_escaped); SAFE_FREE(srv_cn_escaped); TALLOC_FREE(srv_cn_0); TALLOC_FREE(srv_dn); return result; }
/* * convert DN to a list of RDN. * * say dc=lwraft,dc=local * if bNotypes == false, {"dc=vmdir", "dc=local"} is returned; * otherwise {"vmdir", "local"} is returned. */ DWORD LwCADNToRDNArray( PCSTR pcszDN, BOOLEAN bNotypes, PLWCA_STRING_ARRAY* ppRDNStrArray ) { DWORD dwError = 0; DWORD dwCount = 0; PLWCA_STRING_ARRAY pStrArray = NULL; PSTR* ppszRDN = NULL; PSTR* ppszTmp = NULL; DWORD iEntry = 0; if (IsNullOrEmptyString(pcszDN) || !ppRDNStrArray) { dwError = LWCA_ERROR_INVALID_PARAMETER; BAIL_ON_LWCA_ERROR(dwError); } if (bNotypes) { ppszRDN = ldap_explode_dn(pcszDN, 1); } else { ppszRDN = ldap_explode_dn(pcszDN, 0); } if (!ppszRDN) { dwError = LWCA_ERROR_INVALID_DN; BAIL_ON_LWCA_ERROR(dwError); } for (ppszTmp = ppszRDN; *ppszTmp; ppszTmp++) { dwCount++; } dwError = LwCAAllocateMemory(sizeof(LWCA_STRING_ARRAY), (PVOID*)&pStrArray); BAIL_ON_LWCA_ERROR(dwError); dwError = LwCAAllocateMemory(sizeof(PSTR) * dwCount, (PVOID*)&pStrArray->ppData); BAIL_ON_LWCA_ERROR(dwError); pStrArray->dwCount = dwCount; for (ppszTmp = ppszRDN; *ppszTmp; ppszTmp++) { dwError = LwCAAllocateStringA(*ppszTmp, &pStrArray->ppData[iEntry++]); BAIL_ON_LWCA_ERROR(dwError); } *ppRDNStrArray = pStrArray; cleanup: if (ppszRDN) { ldap_value_free(ppszRDN); } return dwError; error: LwCAFreeStringArray(pStrArray); if (ppRDNStrArray) { *ppRDNStrArray = NULL; } goto cleanup; }
static int net_ads_printer_publish(int argc, const char **argv) { ADS_STRUCT *ads; ADS_STATUS rc; const char *servername, *printername; struct cli_state *cli; struct in_addr server_ip; NTSTATUS nt_status; TALLOC_CTX *mem_ctx = talloc_init("net_ads_printer_publish"); ADS_MODLIST mods = ads_init_mods(mem_ctx); char *prt_dn, *srv_dn, **srv_cn; void *res = NULL; if (!(ads = ads_startup())) { return -1; } if (argc < 1) { return net_ads_printer_usage(argc, argv); } printername = argv[0]; if (argc == 2) { servername = argv[1]; } else { servername = global_myname(); } /* Get printer data from SPOOLSS */ resolve_name(servername, &server_ip, 0x20); nt_status = cli_full_connection(&cli, global_myname(), servername, &server_ip, 0, "IPC$", "IPC", opt_user_name, opt_workgroup, opt_password ? opt_password : "", CLI_FULL_CONNECTION_USE_KERBEROS, Undefined, NULL); if (NT_STATUS_IS_ERR(nt_status)) { d_printf("Unable to open a connnection to %s to obtain data " "for %s\n", servername, printername); ads_destroy(&ads); return -1; } /* Publish on AD server */ ads_find_machine_acct(ads, &res, servername); if (ads_count_replies(ads, res) == 0) { d_printf("Could not find machine account for server %s\n", servername); ads_destroy(&ads); return -1; } srv_dn = ldap_get_dn(ads->ld, res); srv_cn = ldap_explode_dn(srv_dn, 1); asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn[0], printername, srv_dn); cli_nt_session_open(cli, PI_SPOOLSS); get_remote_printer_publishing_data(cli, mem_ctx, &mods, printername); rc = ads_add_printer_entry(ads, prt_dn, mem_ctx, &mods); if (!ADS_ERR_OK(rc)) { d_printf("ads_publish_printer: %s\n", ads_errstr(rc)); ads_destroy(&ads); return -1; } d_printf("published printer\n"); ads_destroy(&ads); return 0; }
int main( int argc, char **argv ) { LDAP *ld = NULL; int i, c, port, errflg, method, id, msgtype; char line[256], command1, command2, command3; char passwd[64], dn[256], rdn[64], attr[64], value[256]; char filter[256], *host, **types; char **exdn; static const char usage[] = "usage: %s [-u] [-h host] [-d level] [-s dnsuffix] [-p port] [-t file] [-T file]\n"; int bound, all, scope, attrsonly; LDAPMessage *res; LDAPMod **mods, **attrs; struct timeval timeout; char *copyfname = NULL; int copyoptions = 0; LDAPURLDesc *ludp; host = NULL; port = LDAP_PORT; dnsuffix = ""; errflg = 0; while (( c = getopt( argc, argv, "h:d:s:p:t:T:" )) != -1 ) { switch( c ) { case 'd': #ifdef LDAP_DEBUG ldap_debug = atoi( optarg ); #ifdef LBER_DEBUG if ( ldap_debug & LDAP_DEBUG_PACKETS ) { ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ldap_debug ); } #endif #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'h': host = optarg; break; case 's': dnsuffix = optarg; break; case 'p': port = atoi( optarg ); break; case 't': /* copy ber's to given file */ copyfname = strdup( optarg ); /* copyoptions = LBER_TO_FILE; */ break; case 'T': /* only output ber's to given file */ copyfname = strdup( optarg ); /* copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY); */ break; default: ++errflg; } } if ( host == NULL && optind == argc - 1 ) { host = argv[ optind ]; ++optind; } if ( errflg || optind < argc - 1 ) { fprintf( stderr, usage, argv[ 0 ] ); exit( EXIT_FAILURE ); } printf( "ldap_init( %s, %d )\n", host == NULL ? "(null)" : host, port ); ld = ldap_init( host, port ); if ( ld == NULL ) { perror( "ldap_init" ); exit( EXIT_FAILURE ); } if ( copyfname != NULL ) { if ( ( ld->ld_sb->sb_fd = open( copyfname, O_WRONLY|O_CREAT|O_EXCL, 0600 )) == -1 ) { perror( copyfname ); exit ( EXIT_FAILURE ); } ld->ld_sb->sb_options = copyoptions; } bound = 0; timeout.tv_sec = 0; timeout.tv_usec = 0; (void) memset( line, '\0', sizeof(line) ); while ( get_line( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) { command1 = line[0]; command2 = line[1]; command3 = line[2]; switch ( command1 ) { case 'a': /* add or abandon */ switch ( command2 ) { case 'd': /* add */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (attrs = get_modlist( NULL, "attr? ", "value? " )) == NULL ) break; if ( (id = ldap_add( ld, dn, attrs )) == -1 ) ldap_perror( ld, "ldap_add" ); else printf( "Add initiated with id %d\n", id ); break; case 'b': /* abandon */ get_line( line, sizeof(line), stdin, "msgid? " ); id = atoi( line ); if ( ldap_abandon( ld, id ) != 0 ) ldap_perror( ld, "ldap_abandon" ); else printf( "Abandon successful\n" ); break; default: printf( "Possibilities: [ad]d, [ab]ort\n" ); } break; case 'b': /* asynch bind */ method = LDAP_AUTH_SIMPLE; get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) get_line( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind( ld, dn, passwd, method ) == -1 ) { fprintf( stderr, "ldap_bind failed\n" ); ldap_perror( ld, "ldap_bind" ); } else { printf( "Bind initiated\n" ); bound = 1; } break; case 'B': /* synch bind */ method = LDAP_AUTH_SIMPLE; get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( dn[0] != '\0' ) get_line( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind_s( ld, dn, passwd, method ) != LDAP_SUCCESS ) { fprintf( stderr, "ldap_bind_s failed\n" ); ldap_perror( ld, "ldap_bind_s" ); } else { printf( "Bind successful\n" ); bound = 1; } break; case 'c': /* compare */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); get_line( attr, sizeof(attr), stdin, "attr? " ); get_line( value, sizeof(value), stdin, "value? " ); if ( (id = ldap_compare( ld, dn, attr, value )) == -1 ) ldap_perror( ld, "ldap_compare" ); else printf( "Compare initiated with id %d\n", id ); break; case 'd': /* turn on debugging */ #ifdef LDAP_DEBUG get_line( line, sizeof(line), stdin, "debug level? " ); ldap_debug = atoi( line ); #ifdef LBER_DEBUG if ( ldap_debug & LDAP_DEBUG_PACKETS ) { ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ldap_debug ); } #endif #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'E': /* explode a dn */ get_line( line, sizeof(line), stdin, "dn? " ); exdn = ldap_explode_dn( line, 0 ); for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) { printf( "\t%s\n", exdn[i] ); } break; case 'g': /* set next msgid */ get_line( line, sizeof(line), stdin, "msgid? " ); ld->ld_msgid = atoi( line ); break; case 'v': /* set version number */ get_line( line, sizeof(line), stdin, "version? " ); ld->ld_version = atoi( line ); break; case 'm': /* modify or modifyrdn */ if ( strncmp( line, "modify", 4 ) == 0 ) { get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (mods = get_modlist( "mod (0=>add, 1=>delete, 2=>replace -1=>done)? ", "attribute type? ", "attribute value? " )) == NULL ) break; if ( (id = ldap_modify( ld, dn, mods )) == -1 ) ldap_perror( ld, "ldap_modify" ); else printf( "Modify initiated with id %d\n", id ); } else if ( strncmp( line, "modrdn", 4 ) == 0 ) { get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); get_line( rdn, sizeof(rdn), stdin, "newrdn? " ); if ( (id = ldap_modrdn( ld, dn, rdn )) == -1 ) ldap_perror( ld, "ldap_modrdn" ); else printf( "Modrdn initiated with id %d\n", id ); } else { printf( "Possibilities: [modi]fy, [modr]dn\n" ); } break; case 'q': /* quit */ ldap_unbind( ld ); exit( EXIT_SUCCESS ); break; case 'r': /* result or remove */ switch ( command3 ) { case 's': /* result */ get_line( line, sizeof(line), stdin, "msgid (-1=>any)? " ); if ( line[0] == '\0' ) id = -1; else id = atoi( line ); get_line( line, sizeof(line), stdin, "all (0=>any, 1=>all)? " ); if ( line[0] == '\0' ) all = 1; else all = atoi( line ); if (( msgtype = ldap_result( ld, id, all, &timeout, &res )) < 1 ) { ldap_perror( ld, "ldap_result" ); break; } printf( "\nresult: msgtype %d msgid %d\n", msgtype, res->lm_msgid ); handle_result( ld, res ); res = NULL; break; case 'm': /* remove */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (id = ldap_delete( ld, dn )) == -1 ) ldap_perror( ld, "ldap_delete" ); else printf( "Remove initiated with id %d\n", id ); break; default: printf( "Possibilities: [rem]ove, [res]ult\n" ); break; } break; case 's': /* search */ get_line( dn, sizeof(dn), stdin, "searchbase? " ); strcat( dn, dnsuffix ); get_line( line, sizeof(line), stdin, "scope (0=baseObject, 1=oneLevel, 2=subtree, 3=children)? " ); scope = atoi( line ); get_line( filter, sizeof(filter), stdin, "search filter (e.g. sn=jones)? " ); types = get_list( "attrs to return? " ); get_line( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); if (( id = ldap_search( ld, dn, scope, filter, types, attrsonly )) == -1 ) { ldap_perror( ld, "ldap_search" ); } else { printf( "Search initiated with id %d\n", id ); } free_list( types ); break; case 't': /* set timeout value */ get_line( line, sizeof(line), stdin, "timeout? " ); timeout.tv_sec = atoi( line ); break; case 'p': /* parse LDAP URL */ get_line( line, sizeof(line), stdin, "LDAP URL? " ); if (( i = ldap_url_parse( line, &ludp )) != 0 ) { fprintf( stderr, "ldap_url_parse: error %d\n", i ); } else { printf( "\t host: " ); if ( ludp->lud_host == NULL ) { printf( "DEFAULT\n" ); } else { printf( "<%s>\n", ludp->lud_host ); } printf( "\t port: " ); if ( ludp->lud_port == 0 ) { printf( "DEFAULT\n" ); } else { printf( "%d\n", ludp->lud_port ); } printf( "\t dn: <%s>\n", ludp->lud_dn ); printf( "\t attrs:" ); if ( ludp->lud_attrs == NULL ) { printf( " ALL" ); } else { for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) { printf( " <%s>", ludp->lud_attrs[ i ] ); } } printf( "\n\t scope: %s\n", ludp->lud_scope == LDAP_SCOPE_BASE ? "baseObject" : ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "oneLevel" : ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "subtree" #ifdef LDAP_SCOPE_SUBORDINATE : ludp->lud_scope == LDAP_SCOPE_SUBORDINATE ? "children" #endif : "**invalid**" ); printf( "\tfilter: <%s>\n", ludp->lud_filter ); ldap_free_urldesc( ludp ); } break; case 'n': /* set dn suffix, for convenience */ get_line( line, sizeof(line), stdin, "DN suffix? " ); strcpy( dnsuffix, line ); break; case 'o': /* set ldap options */ get_line( line, sizeof(line), stdin, "alias deref (0=never, 1=searching, 2=finding, 3=always)?" ); ld->ld_deref = atoi( line ); get_line( line, sizeof(line), stdin, "timelimit?" ); ld->ld_timelimit = atoi( line ); get_line( line, sizeof(line), stdin, "sizelimit?" ); ld->ld_sizelimit = atoi( line ); LDAP_BOOL_ZERO(&ld->ld_options); get_line( line, sizeof(line), stdin, "Recognize and chase referrals (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { LDAP_BOOL_SET(&ld->ld_options, LDAP_BOOL_REFERRALS); get_line( line, sizeof(line), stdin, "Prompt for bind credentials when chasing referrals (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { ldap_set_rebind_proc( ld, bind_prompt, NULL ); } } break; case '?': /* help */ printf( "Commands: [ad]d [ab]andon [b]ind\n" " [B]ind async [c]ompare\n" " [modi]fy [modr]dn [rem]ove\n" " [res]ult [s]earch [q]uit/unbind\n\n" " [d]ebug set ms[g]id\n" " d[n]suffix [t]imeout [v]ersion\n" " [?]help [o]ptions" " [E]xplode dn [p]arse LDAP URL\n" ); break; default: printf( "Invalid command. Type ? for help.\n" ); break; } (void) memset( line, '\0', sizeof(line) ); } return( 0 ); }
/* Extract a name from policy_dn, which must be directly under the realm * container. */ krb5_error_code krb5_ldap_policydn_to_name(krb5_context context, const char *policy_dn, char **name_out) { size_t len1, len2, plen; krb5_error_code ret; kdb5_dal_handle *dal_handle; krb5_ldap_context *ldap_context; const char *realmdn; *name_out = NULL; SETUP_CONTEXT(); realmdn = ldap_context->lrparams->realmdn; if (realmdn == NULL) return EINVAL; /* policyn_dn should be "cn=<policyname>,<realmdn>". */ len1 = strlen(realmdn); len2 = strlen(policy_dn); if (len1 == 0 || len2 == 0 || len1 + 1 >= len2) return EINVAL; plen = len2 - len1 - 1; if (policy_dn[plen] != ',' || strcmp(realmdn, policy_dn + plen + 1) != 0) return EINVAL; #if defined HAVE_LDAP_STR2DN { char *rdn; LDAPDN dn; rdn = k5memdup0(policy_dn, plen, &ret); if (rdn == NULL) return ret; ret = ldap_str2dn(rdn, &dn, LDAP_DN_FORMAT_LDAPV3 | LDAP_DN_PEDANTIC); free(rdn); if (ret) return EINVAL; if (dn[0] == NULL || dn[1] != NULL || dn[0][0]->la_attr.bv_len != 2 || strncasecmp(dn[0][0]->la_attr.bv_val, "cn", 2) != 0) { ret = EINVAL; } else { *name_out = k5memdup0(dn[0][0]->la_value.bv_val, dn[0][0]->la_value.bv_len, &ret); } ldap_dnfree(dn); return ret; } #elif defined HAVE_LDAP_EXPLODE_DN { char **parsed_dn; /* 1 = return DN components without type prefix */ parsed_dn = ldap_explode_dn(policy_dn, 1); if (parsed_dn == NULL) return EINVAL; *name_out = strdup(parsed_dn[0]); if (*name_out == NULL) return ENOMEM; ldap_value_free(parsed_dn); return 0; } #else return EINVAL; #endif }
#include <stdio.h> #include <ctype.h> #include <string.h> #ifdef MACOS #include <stdlib.h> #ifdef THINK_C #include <console.h> #include <unix.h> #include <fcntl.h> #endif /* THINK_C */ #include "macos.h" #else /* MACOS */ #if defined( DOS ) || defined( _WIN32 ) #ifdef DOS #include "msdos.h" #endif #if defined( WINSOCK ) || defined( _WIN32 ) #include "console.h" #endif /* WINSOCK */ #else /* DOS */ #include <sys/types.h> #include <sys/socket.h> #include <sys/time.h> #include <sys/stat.h> #include <sys/file.h> #ifndef VMS #include <fcntl.h> #include <unistd.h> #endif /* VMS */ #endif /* DOS */ #endif /* MACOS */ #include "lber.h" #include "ldap.h" #if !defined( PCNFS ) && !defined( WINSOCK ) && !defined( MACOS ) #define MOD_USE_BVALS #endif /* !PCNFS && !WINSOCK && !MACOS */ #ifdef NEEDPROTOS static void handle_result( LDAP *ld, LDAPMessage *lm ); static void print_ldap_result( LDAP *ld, LDAPMessage *lm, char *s ); static void print_search_entry( LDAP *ld, LDAPMessage *res ); static void free_list( char **list ); #else static void handle_result(); static void print_ldap_result(); static void print_search_entry(); static void free_list(); #endif /* NEEDPROTOS */ #define NOCACHEERRMSG \ "don't compile with -DNO_CACHE if you desire local caching" char *dnsuffix; #ifndef WINSOCK static char * getline( char *line, int len, FILE *fp, char *prompt ) { printf(prompt); if ( fgets( line, len, fp ) == NULL ) return( NULL ); line[ strlen( line ) - 1 ] = '\0'; return( line ); } #endif /* WINSOCK */ static char ** get_list( char *prompt ) { static char buf[256]; int num; char **result; num = 0; result = (char **) 0; while ( 1 ) { getline( buf, sizeof(buf), stdin, prompt ); if ( *buf == '\0' ) break; if ( result == (char **) 0 ) result = (char **) malloc( sizeof(char *) ); else result = (char **) realloc( result, sizeof(char *) * (num + 1) ); result[num++] = (char *) strdup( buf ); } if ( result == (char **) 0 ) return( NULL ); result = (char **) realloc( result, sizeof(char *) * (num + 1) ); result[num] = NULL; return( result ); } static void free_list( char **list ) { int i; if ( list != NULL ) { for ( i = 0; list[ i ] != NULL; ++i ) { free( list[ i ] ); } free( (char *)list ); } } #ifdef MOD_USE_BVALS static int file_read( char *path, struct berval *bv ) { FILE *fp; long rlen; int eof; if (( fp = fopen( path, "r" )) == NULL ) { perror( path ); return( -1 ); } if ( fseek( fp, 0L, SEEK_END ) != 0 ) { perror( path ); fclose( fp ); return( -1 ); } bv->bv_len = ftell( fp ); if (( bv->bv_val = (char *)malloc( bv->bv_len )) == NULL ) { perror( "malloc" ); fclose( fp ); return( -1 ); } if ( fseek( fp, 0L, SEEK_SET ) != 0 ) { perror( path ); fclose( fp ); return( -1 ); } rlen = fread( bv->bv_val, 1, bv->bv_len, fp ); eof = feof( fp ); fclose( fp ); if ( rlen != bv->bv_len ) { perror( path ); free( bv->bv_val ); return( -1 ); } return( bv->bv_len ); } #endif /* MOD_USE_BVALS */ static LDAPMod ** get_modlist( char *prompt1, char *prompt2, char *prompt3 ) { static char buf[256]; int num; LDAPMod tmp; LDAPMod **result; #ifdef MOD_USE_BVALS struct berval **bvals; #endif /* MOD_USE_BVALS */ num = 0; result = NULL; while ( 1 ) { if ( prompt1 ) { getline( buf, sizeof(buf), stdin, prompt1 ); tmp.mod_op = atoi( buf ); if ( tmp.mod_op == -1 || buf[0] == '\0' ) break; } getline( buf, sizeof(buf), stdin, prompt2 ); if ( buf[0] == '\0' ) break; tmp.mod_type = strdup( buf ); tmp.mod_values = get_list( prompt3 ); #ifdef MOD_USE_BVALS if ( tmp.mod_values != NULL ) { int i; for ( i = 0; tmp.mod_values[i] != NULL; ++i ) ; bvals = (struct berval **)calloc( i + 1, sizeof( struct berval *)); for ( i = 0; tmp.mod_values[i] != NULL; ++i ) { bvals[i] = (struct berval *)malloc( sizeof( struct berval )); if ( strncmp( tmp.mod_values[i], "{FILE}", 6 ) == 0 ) { if ( file_read( tmp.mod_values[i] + 6, bvals[i] ) < 0 ) { return( NULL ); } } else { bvals[i]->bv_val = tmp.mod_values[i]; bvals[i]->bv_len = strlen( tmp.mod_values[i] ); } } tmp.mod_bvalues = bvals; tmp.mod_op |= LDAP_MOD_BVALUES; } #endif /* MOD_USE_BVALS */ if ( result == NULL ) result = (LDAPMod **) malloc( sizeof(LDAPMod *) ); else result = (LDAPMod **) realloc( result, sizeof(LDAPMod *) * (num + 1) ); result[num] = (LDAPMod *) malloc( sizeof(LDAPMod) ); *(result[num]) = tmp; /* struct copy */ num++; } if ( result == NULL ) return( NULL ); result = (LDAPMod **) realloc( result, sizeof(LDAPMod *) * (num + 1) ); result[num] = NULL; return( result ); } #ifdef LDAP_REFERRALS int bind_prompt( LDAP *ld, char **dnp, char **passwdp, int *authmethodp, int freeit ) { static char dn[256], passwd[256]; if ( !freeit ) { #ifdef KERBEROS getline( dn, sizeof(dn), stdin, "re-bind method (0->simple, " "1->krbv41, 2->krbv42, 3->krbv41&2)? " ); if (( *authmethodp = atoi( dn )) == 3 ) { *authmethodp = LDAP_AUTH_KRBV4; } else { *authmethodp |= 0x80; } #else /* KERBEROS */ *authmethodp = LDAP_AUTH_SIMPLE; #endif /* KERBEROS */ getline( dn, sizeof(dn), stdin, "re-bind dn? " ); strcat( dn, dnsuffix ); *dnp = dn; if ( *authmethodp == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) { getline( passwd, sizeof(passwd), stdin, "re-bind password? " ); } else { passwd[0] = '\0'; } *passwdp = passwd; } return( LDAP_SUCCESS ); } #endif /* LDAP_REFERRALS */ int #ifdef WINSOCK ldapmain( #else /* WINSOCK */ main( #endif /* WINSOCK */ int argc, char **argv ) { LDAP *ld; int i, c, port, cldapflg, errflg, method, id, msgtype; char line[256], command1, command2, command3; char passwd[64], dn[256], rdn[64], attr[64], value[256]; char filter[256], *host, **types; char **exdn; char *usage = "usage: %s [-u] [-h host] [-d level] " "[-s dnsuffix] [-p port] [-t file] [-T file]\n"; int bound, all, scope, attrsonly; LDAPMessage *res; LDAPMod **mods, **attrs; struct timeval timeout; char *copyfname = NULL; int copyoptions = 0; LDAPURLDesc *ludp; extern char *optarg; extern int optind; #ifdef MACOS if (( argv = get_list( "cmd line arg?" )) == NULL ) { exit( 1 ); } for ( argc = 0; argv[ argc ] != NULL; ++argc ) { ; } #endif /* MACOS */ host = NULL; port = LDAP_PORT; dnsuffix = ""; cldapflg = errflg = 0; while (( c = getopt( argc, argv, "uh:d:s:p:t:T:" )) != -1 ) { switch( c ) { case 'u': #ifdef CLDAP cldapflg++; #else /* CLDAP */ printf( "Compile with -DCLDAP for UDP support\n" ); #endif /* CLDAP */ break; case 'd': #ifdef LDAP_DEBUG ldap_debug = atoi( optarg ); if ( ldap_debug & LDAP_DEBUG_PACKETS ) { lber_debug = ldap_debug; } #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'h': host = optarg; break; case 's': dnsuffix = optarg; break; case 'p': port = atoi( optarg ); break; #if !defined(MACOS) && !defined(DOS) case 't': /* copy ber's to given file */ copyfname = strdup( optarg ); copyoptions = LBER_TO_FILE; break; case 'T': /* only output ber's to given file */ copyfname = strdup( optarg ); copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY); break; #endif default: ++errflg; } } if ( host == NULL && optind == argc - 1 ) { host = argv[ optind ]; ++optind; } if ( errflg || optind < argc - 1 ) { fprintf( stderr, usage, argv[ 0 ] ); exit( 1 ); } printf( "%sldap_open( %s, %d )\n", cldapflg ? "c" : "", host == NULL ? "(null)" : host, port ); if ( cldapflg ) { #ifdef CLDAP ld = cldap_open( host, port ); #endif /* CLDAP */ } else { ld = ldap_open( host, port ); } if ( ld == NULL ) { perror( "ldap_open" ); exit(1); } #if !defined(MACOS) && !defined(DOS) if ( copyfname != NULL ) { if ( (ld->ld_sb.sb_fd = open( copyfname, O_WRONLY | O_CREAT, 0600 )) == -1 ) { perror( copyfname ); exit ( 1 ); } ld->ld_sb.sb_options = copyoptions; } #endif bound = 0; timeout.tv_sec = 0; timeout.tv_usec = 0; (void) memset( line, '\0', sizeof(line) ); while ( getline( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) { command1 = line[0]; command2 = line[1]; command3 = line[2]; switch ( command1 ) { case 'a': /* add or abandon */ switch ( command2 ) { case 'd': /* add */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (attrs = get_modlist( NULL, "attr? ", "value? " )) == NULL ) break; if ( (id = ldap_add( ld, dn, attrs )) == -1 ) ldap_perror( ld, "ldap_add" ); else printf( "Add initiated with id %d\n", id ); break; case 'b': /* abandon */ getline( line, sizeof(line), stdin, "msgid? " ); id = atoi( line ); if ( ldap_abandon( ld, id ) != 0 ) ldap_perror( ld, "ldap_abandon" ); else printf( "Abandon successful\n" ); break; default: printf( "Possibilities: [ad]d, [ab]ort\n" ); } break; case 'b': /* asynch bind */ #ifdef KERBEROS getline( line, sizeof(line), stdin, "method (0->simple, 1->krbv41, 2->krbv42)? " ); method = atoi( line ) | 0x80; #else /* KERBEROS */ method = LDAP_AUTH_SIMPLE; #endif /* KERBEROS */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) getline( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind( ld, dn, passwd, method ) == -1 ) { fprintf( stderr, "ldap_bind failed\n" ); ldap_perror( ld, "ldap_bind" ); } else { printf( "Bind initiated\n" ); bound = 1; } break; case 'B': /* synch bind */ #ifdef KERBEROS getline( line, sizeof(line), stdin, "method 0->simple 1->krbv41 2->krbv42 3->krb? " ); method = atoi( line ); if ( method == 3 ) method = LDAP_AUTH_KRBV4; else method = method | 0x80; #else /* KERBEROS */ method = LDAP_AUTH_SIMPLE; #endif /* KERBEROS */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( dn[0] != '\0' ) getline( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind_s( ld, dn, passwd, method ) != LDAP_SUCCESS ) { fprintf( stderr, "ldap_bind_s failed\n" ); ldap_perror( ld, "ldap_bind_s" ); } else { printf( "Bind successful\n" ); bound = 1; } break; case 'c': /* compare */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); getline( attr, sizeof(attr), stdin, "attr? " ); getline( value, sizeof(value), stdin, "value? " ); if ( (id = ldap_compare( ld, dn, attr, value )) == -1 ) ldap_perror( ld, "ldap_compare" ); else printf( "Compare initiated with id %d\n", id ); break; case 'd': /* turn on debugging */ #ifdef LDAP_DEBUG getline( line, sizeof(line), stdin, "debug level? " ); ldap_debug = atoi( line ); if ( ldap_debug & LDAP_DEBUG_PACKETS ) { lber_debug = ldap_debug; } #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'E': /* explode a dn */ getline( line, sizeof(line), stdin, "dn? " ); exdn = ldap_explode_dn( line, 0 ); for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) { printf( "\t%s\n", exdn[i] ); } break; case 'g': /* set next msgid */ getline( line, sizeof(line), stdin, "msgid? " ); ld->ld_msgid = atoi( line ); break; case 'v': /* set version number */ getline( line, sizeof(line), stdin, "version? " ); ld->ld_version = atoi( line ); break; case 'm': /* modify or modifyrdn */ if ( strncmp( line, "modify", 4 ) == 0 ) { getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (mods = get_modlist( "mod (0=>add, 1=>delete, 2=>replace -1=>done)? ", "attribute type? ", "attribute value? " )) == NULL ) break; if ( (id = ldap_modify( ld, dn, mods )) == -1 ) ldap_perror( ld, "ldap_modify" ); else printf( "Modify initiated with id %d\n", id ); } else if ( strncmp( line, "modrdn", 4 ) == 0 ) { getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); getline( rdn, sizeof(rdn), stdin, "newrdn? " ); if ( (id = ldap_modrdn( ld, dn, rdn )) == -1 ) ldap_perror( ld, "ldap_modrdn" ); else printf( "Modrdn initiated with id %d\n", id ); } else { printf( "Possibilities: [modi]fy, [modr]dn\n" ); } break; case 'q': /* quit */ #ifdef CLDAP if ( cldapflg ) cldap_close( ld ); #endif /* CLDAP */ #ifdef LDAP_REFERRALS if ( !cldapflg ) #else /* LDAP_REFERRALS */ if ( !cldapflg && bound ) #endif /* LDAP_REFERRALS */ ldap_unbind( ld ); exit( 0 ); break; case 'r': /* result or remove */ switch ( command3 ) { case 's': /* result */ getline( line, sizeof(line), stdin, "msgid (-1=>any)? " ); if ( line[0] == '\0' ) id = -1; else id = atoi( line ); getline( line, sizeof(line), stdin, "all (0=>any, 1=>all)? " ); if ( line[0] == '\0' ) all = 1; else all = atoi( line ); if (( msgtype = ldap_result( ld, id, all, &timeout, &res )) < 1 ) { ldap_perror( ld, "ldap_result" ); break; } printf( "\nresult: msgtype %d msgid %d\n", msgtype, res->lm_msgid ); handle_result( ld, res ); res = NULLMSG; break; case 'm': /* remove */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (id = ldap_delete( ld, dn )) == -1 ) ldap_perror( ld, "ldap_delete" ); else printf( "Remove initiated with id %d\n", id ); break; default: printf( "Possibilities: [rem]ove, [res]ult\n" ); break; } break; case 's': /* search */ getline( dn, sizeof(dn), stdin, "searchbase? " ); strcat( dn, dnsuffix ); getline( line, sizeof(line), stdin, "scope (0=Base, 1=One Level, 2=Subtree)? " ); scope = atoi( line ); getline( filter, sizeof(filter), stdin, "search filter (e.g. sn=jones)? " ); types = get_list( "attrs to return? " ); getline( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); if ( cldapflg ) { #ifdef CLDAP getline( line, sizeof(line), stdin, "Requestor DN (for logging)? " ); if ( cldap_search_s( ld, dn, scope, filter, types, attrsonly, &res, line ) != 0 ) { ldap_perror( ld, "cldap_search_s" ); } else { printf( "\nresult: msgid %d\n", res->lm_msgid ); handle_result( ld, res ); res = NULLMSG; } #endif /* CLDAP */ } else { if (( id = ldap_search( ld, dn, scope, filter, types, attrsonly )) == -1 ) { ldap_perror( ld, "ldap_search" ); } else { printf( "Search initiated with id %d\n", id ); } } free_list( types ); break; case 't': /* set timeout value */ getline( line, sizeof(line), stdin, "timeout? " ); timeout.tv_sec = atoi( line ); break; case 'U': /* set ufn search prefix */ getline( line, sizeof(line), stdin, "ufn prefix? " ); ldap_ufn_setprefix( ld, line ); break; case 'u': /* user friendly search w/optional timeout */ getline( dn, sizeof(dn), stdin, "ufn? " ); strcat( dn, dnsuffix ); types = get_list( "attrs to return? " ); getline( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); if ( command2 == 't' ) { id = ldap_ufn_search_c( ld, dn, types, attrsonly, &res, ldap_ufn_timeout, &timeout ); } else { id = ldap_ufn_search_s( ld, dn, types, attrsonly, &res ); } if ( res == NULL ) ldap_perror( ld, "ldap_ufn_search" ); else { printf( "\nresult: err %d\n", id ); handle_result( ld, res ); res = NULLMSG; } free_list( types ); break; case 'l': /* URL search */ getline( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); getline( line, sizeof(line), stdin, "LDAP URL? " ); if (( id = ldap_url_search( ld, line, attrsonly )) == -1 ) { ldap_perror( ld, "ldap_url_search" ); } else { printf( "URL search initiated with id %d\n", id ); } break; case 'p': /* parse LDAP URL */ getline( line, sizeof(line), stdin, "LDAP URL? " ); if (( i = ldap_url_parse( line, &ludp )) != 0 ) { fprintf( stderr, "ldap_url_parse: error %d\n", i ); } else { printf( "\t host: " ); if ( ludp->lud_host == NULL ) { printf( "DEFAULT\n" ); } else { printf( "<%s>\n", ludp->lud_host ); } printf( "\t port: " ); if ( ludp->lud_port == 0 ) { printf( "DEFAULT\n" ); } else { printf( "%d\n", ludp->lud_port ); } printf( "\t dn: <%s>\n", ludp->lud_dn ); printf( "\t attrs:" ); if ( ludp->lud_attrs == NULL ) { printf( " ALL" ); } else { for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) { printf( " <%s>", ludp->lud_attrs[ i ] ); } } printf( "\n\t scope: %s\n", ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "ONE" : ludp->lud_scope == LDAP_SCOPE_BASE ? "BASE" : ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "SUB" : "**invalid**" ); printf( "\tfilter: <%s>\n", ludp->lud_filter ); ldap_free_urldesc( ludp ); } break; case 'n': /* set dn suffix, for convenience */ getline( line, sizeof(line), stdin, "DN suffix? " ); strcpy( dnsuffix, line ); break; case 'e': /* enable cache */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "Cache timeout (secs)? " ); i = atoi( line ); getline( line, sizeof(line), stdin, "Maximum memory to use (bytes)? " ); if ( ldap_enable_cache( ld, i, atoi( line )) == 0 ) { printf( "local cache is on\n" ); } else { printf( "ldap_enable_cache failed\n" ); } #endif /* NO_CACHE */ break; case 'x': /* uncache entry */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "DN? " ); ldap_uncache_entry( ld, line ); #endif /* NO_CACHE */ break; case 'X': /* uncache request */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "request msgid? " ); ldap_uncache_request( ld, atoi( line )); #endif /* NO_CACHE */ break; case 'o': /* set ldap options */ getline( line, sizeof(line), stdin, "alias deref (0=never, 1=searching, 2" "=finding, 3=always)?" ); ld->ld_deref = atoi( line ); getline( line, sizeof(line), stdin, "timelimit?" ); ld->ld_timelimit = atoi( line ); getline( line, sizeof(line), stdin, "sizelimit?" ); ld->ld_sizelimit = atoi( line ); ld->ld_options = 0; #ifdef STR_TRANSLATION getline( line, sizeof(line), stdin, "Automatic translation of T.61 strings " "(0=no, 1=yes)?" ); if ( atoi( line ) == 0 ) { ld->ld_lberoptions &= ~LBER_TRANSLATE_STRINGS; } else { ld->ld_lberoptions |= LBER_TRANSLATE_STRINGS; #ifdef LDAP_CHARSET_8859 getline( line, sizeof(line), stdin, "Translate to/from ISO-8859 " "(0=no, 1=yes?" ); if ( atoi( line ) != 0 ) { ldap_set_string_translators( ld, ldap_8859_to_t61, ldap_t61_to_8859 ); } #endif /* LDAP_CHARSET_8859 */ } #endif /* STR_TRANSLATION */ #ifdef LDAP_DNS getline( line, sizeof(line), stdin, "Use DN & DNS to determine where to send " "requests (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { ld->ld_options |= LDAP_OPT_DNS; } #endif /* LDAP_DNS */ #ifdef LDAP_REFERRALS getline( line, sizeof(line), stdin, "Recognize and chase referrals (0=no, 1=yes)?"); if ( atoi( line ) != 0 ) { ld->ld_options |= LDAP_OPT_REFERRALS; getline( line, sizeof(line), stdin, "Prompt for bind credentials when " "chasing referrals (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { ldap_set_rebind_proc( ld, bind_prompt ); } } #endif /* LDAP_REFERRALS */ break; case 'O': /* set cache options */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "cache errors (0=smart, 1=never, 2=always)?" ); switch( atoi( line )) { case 0: ldap_set_cache_options( ld, 0 ); break; case 1: ldap_set_cache_options( ld, LDAP_CACHE_OPT_CACHENOERRS ); break; case 2: ldap_set_cache_options( ld, LDAP_CACHE_OPT_CACHEALLERRS ); break; default: printf( "not a valid cache option\n" ); } #endif /* NO_CACHE */ break; case '?': /* help */ printf( "Commands: [ad]d [ab]andon [b]ind\n" ); printf( " [B]ind async [c]ompare [l]URL search\n" ); printf( " [modi]fy [modr]dn [rem]ove\n" ); printf( " [res]ult [s]earch [q]uit/unbind\n\n" ); printf( " [u]fn search [ut]fn search with timeout\n" ); printf( " [d]ebug [e]nable cache set ms[g]id\n" ); printf( " d[n]suffix [t]imeout [v]ersion\n" ); printf( " [U]fn prefix [x]uncache entry [X]uncache request\n" ); printf( " [?]help [o]ptions [O]cache options\n" ); printf( " [E]xplode dn [p]arse LDAP URL\n" ); break; default: printf( "Invalid command. Type ? for help.\n" ); break; } (void) memset( line, '\0', sizeof(line) ); } return( 0 ); }