コード例 #1
0
ファイル: util_ads.c プロジェクト: tridge/junkcode 
/*
  dump a record from LDAP on stdout
  used for debugging
*/
void ads_dump(ADS_STRUCT *ads, LDAPMessage *res)
{
	char *field;
	LDAPMessage *msg;
	BerElement *b;
	char *this_dn;
    
	for (msg = ldap_first_entry(ads->ld, res); 
	     msg; msg = ldap_next_entry(ads->ld, msg)) {
		this_dn = ldap_get_dn(ads->ld, res);
		if (this_dn) {
			printf("Dumping: %s\n", this_dn);
		}
		ldap_memfree(this_dn);

		for (field = ldap_first_attribute(ads->ld, msg, &b); 
		     field;
		     field = ldap_next_attribute(ads->ld, msg, b)) {
			char **values, **p;
			values = ldap_get_values(ads->ld, msg, field);
			for (p = values; *p; p++) {
				printf("%s: %s\n", field, *p);
			}
			ldap_value_free(values);
			ldap_memfree(field);
		}

		ber_free(b, 1);
		printf("\n");
	}
}
コード例 #2
0
ファイル: seahorse-ldap-source.c プロジェクト: GNOME/seahorse 
static void
dump_ldap_entry (LDAP *ld, LDAPMessage *res)
{
    BerElement *pos;
    gchar **values;
    gchar **v;
    char *t;
    
    t = ldap_get_dn (ld, res);
    g_debug ("dn: %s\n", t);
    ldap_memfree (t);
    
    for (t = ldap_first_attribute (ld, res, &pos); t; 
         t = ldap_next_attribute (ld, res, pos)) {
             
        values = get_ldap_values (ld, res, t);
        for (v = values; *v; v++) 
            g_debug ("%s: %s\n", t, *v);

        g_strfreev (values);
        ldap_memfree (t);
    }
    
    ber_free (pos, 0);
}
コード例 #3
0
ファイル: entry.c プロジェクト: takaaki-kasai/ruby-ldap 
VALUE
rb_ldap_entry_new (LDAP * ldap, LDAPMessage * msg)
{
  VALUE val;
  RB_LDAPENTRY_DATA *edata;
  char *c_dn;

  val = Data_Make_Struct (rb_cLDAP_Entry, RB_LDAPENTRY_DATA,
			  rb_ldap_entry_mark, rb_ldap_entry_free, edata);
  edata->ldap = ldap;
  edata->msg = msg;

  /* get dn */
  c_dn = ldap_get_dn(ldap, msg);
  if (c_dn) {
    edata->dn = rb_tainted_str_new2(c_dn);
    ldap_memfree(c_dn);
  }
  else {
    edata->dn = Qnil;
  }

  /* get attributes */
  edata->attr = rb_ldap_entry_load_attr(ldap, msg);
  return val;
}
コード例 #4
0
// readonly attribute wstring dn;
NS_IMETHODIMP nsLDAPMessage::GetDn(nsACString& aDn)
{
    char *rawDn = ldap_get_dn(mConnectionHandle, mMsgHandle);

    if (!rawDn) {
        PRInt32 lderrno = ldap_get_lderrno(mConnectionHandle, 0, 0);

        switch (lderrno) {

        case LDAP_DECODING_ERROR:
            NS_WARNING("nsLDAPMessage::GetDn(): ldap decoding error");
            return NS_ERROR_LDAP_DECODING_ERROR;

        case LDAP_PARAM_ERROR:
        default:
            NS_ERROR("nsLDAPMessage::GetDn(): internal error");
            return NS_ERROR_UNEXPECTED;
        }
    }

    PR_LOG(gLDAPLogModule, PR_LOG_DEBUG,
           ("nsLDAPMessage::GetDn(): dn = '%s'", rawDn));

    aDn.Assign(rawDn);
    ldap_memfree(rawDn);

    return NS_OK;
}
コード例 #5
0
ファイル: sdap.c プロジェクト: AbhishekKumarSingh/sssd 
int sdap_get_msg_dn(TALLOC_CTX *memctx, struct sdap_handle *sh,
                    struct sdap_msg *sm, char **_dn)
{
    char *str;
    int lerrno;
    int ret;

    lerrno = 0;
    ret = ldap_set_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno);
    if (ret != LDAP_OPT_SUCCESS) {
        DEBUG(1, ("ldap_set_option failed [%s], ignored.\n",
                  sss_ldap_err2string(ret)));
    }

    str = ldap_get_dn(sh->ldap, sm->msg);
    if (!str) {
        ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno);
        DEBUG(1, ("ldap_get_dn failed: %d(%s)\n",
                  lerrno, sss_ldap_err2string(lerrno)));
        return EIO;
    }

    *_dn = talloc_strdup(memctx, str);
    ldap_memfree(str);
    if (!*_dn) return ENOMEM;

    return EOK;
}
コード例 #6
0
ファイル: addhost.c プロジェクト: tridge/junkcode 
static void ldap_dump(LDAP *ld,LDAPMessage *res)
{
	LDAPMessage *e;
    
	for (e = ldap_first_entry(ld, res); e; e = ldap_next_entry(ld, e)) {
		BerElement *b;
		char *attr;
		char *dn = ldap_get_dn(ld, res);
		if (dn)
			printf("dn: %s\n", dn);
		ldap_memfree(dn);

		for (attr = ldap_first_attribute(ld, e, &b); 
		     attr;
		     attr = ldap_next_attribute(ld, e, b)) {
			char **values, **p;
			values = ldap_get_values(ld, e, attr);
			for (p = values; *p; p++) {
				printf("%s: %s\n", attr, *p);
			}
			ldap_value_free(values);
			ldap_memfree(attr);
		}

		ber_free(b, 1);
		printf("\n");
	}
}
コード例 #7
0
ファイル: authldap.c プロジェクト: alniaky/dbmail 
/* returns the number of matches found */
static GList * __auth_get_every_match(const char *q, const char **retfields)
{
	LDAPMessage *ldap_msg;
	LDAPMessage *ldap_res;
	char **ldap_vals = NULL, *dn;
	int j = 0, k = 0, m = 0, err;
	GList *attlist,*fldlist,*entlist;
	LDAP *_ldap_conn = ldap_con_get();
	
	attlist = fldlist = entlist = NULL;

	if (! (ldap_res = authldap_search(q))) return NULL;

	if ((j = ldap_count_entries(_ldap_conn, ldap_res)) < 1) {
		TRACE(TRACE_DEBUG, "nothing found");
		if (ldap_res) ldap_msgfree(ldap_res);
		return NULL;
	}

	/* do the first entry here */
	if ((ldap_msg = ldap_first_entry(_ldap_conn, ldap_res)) == NULL) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_first_entry failed: [%s]", ldap_err2string(err));
		if (ldap_res) ldap_msgfree(ldap_res);
		return NULL;
	}

	while (ldap_msg) {
		dn = ldap_get_dn(_ldap_conn, ldap_msg);

		TRACE(TRACE_DEBUG,"scan results for DN: [%s]", dn);
		for (k = 0; retfields[k] != NULL; k++) {
			TRACE(TRACE_DEBUG,"ldap_get_values [%s]", retfields[k]);
			if ((ldap_vals = ldap_get_values(_ldap_conn, ldap_msg, retfields[k]))) {
				m = 0;
				while (ldap_vals[m]) { 
					TRACE(TRACE_DEBUG,"got value [%s]", ldap_vals[m]);
					attlist = g_list_append(attlist,g_strdup(ldap_vals[m]));
					m++;
				}
			}

			fldlist = g_list_append(fldlist, attlist);
			attlist = NULL;
			
			ldap_value_free(ldap_vals);
		}
		entlist = g_list_append(entlist, fldlist);
		fldlist = NULL;
		
		ldap_memfree(dn);
		ldap_msg = ldap_next_entry(_ldap_conn, ldap_msg);
	}

	if (ldap_res) ldap_msgfree(ldap_res);
	if (ldap_msg) ldap_msgfree(ldap_msg);

	return entlist;
}
コード例 #8
0
ファイル: login.cpp プロジェクト: BadPractice/twmailer2 
int login::proof()
{
	
	/* setup LDAP connection */
	if((ld=ldap_init(LDAP_HOST, LDAP_PORT)) == NULL) {
		perror("ldap_init failed");
		return EXIT_FAILURE;
	}
	printf("\nconnected to LDAP server %s on port %d\n",LDAP_HOST,LDAP_PORT);
	
	/* non-anonymous bind from home */
	rc = ldap_simple_bind_s(ld,BIND_USER,BIND_PW);
	
	if(rc != LDAP_SUCCESS) {
		fprintf(stderr,"\nLDAP error: %s\n",ldap_err2string(rc));
		return EXIT_FAILURE;
	} else {
		printf("\npretended anonymous bind successful\n");
	}
	
	/* perform LDAP search */
	rc = ldap_search_s(ld, SEARCHBASE, SCOPE, filter_c, attribs, 0, &result);
	
	if(rc != LDAP_SUCCESS) {
		fprintf(stderr,"\nLDAP search error: %s\n",ldap_err2string(rc));
		return EXIT_FAILURE;
	}else{
		printf("\nTotal results: %d\n", ldap_count_entries(ld, result));
		if(ldap_count_entries(ld,result) < 1) {
			fprintf(stderr,"\nUser nicht gefunden!\n");
			return EXIT_FAILURE;
		}
	}
	
	e = ldap_first_entry(ld, result);
	found = ldap_get_dn(ld,e);
	printf("\nDN: %s\n",found);
	
	/* User anmelden */
	rc = ldap_simple_bind_s(ld,found,passwd_c);
	
	if(rc != LDAP_SUCCESS) {
		fprintf(stderr,"\nLDAP error: %s\n",ldap_err2string(rc));
		return EXIT_FAILURE;
	} else {
		printf("\nbind successful\n");
	}
	
	
	/* free memory used for result */
	ldap_msgfree(result);
	free(attribs[0]);
	free(attribs[1]);
	printf("\nLDAP login succeeded\n");
	
	ldap_unbind(ld);
	return EXIT_SUCCESS;
}
コード例 #9
0
ファイル: ldap.c プロジェクト: henrikhodne/rldap 
static VALUE ldapmessage2obj(LDAP *ld, LDAPMessage *msg)
{
	VALUE obj;
	
	char *dn, *attr;
	BerElement *ber;
	BerValue **values;
	BerValue *value;
	VALUE rdn, attrs, ary, str;
	int length, i;

	obj = rb_class_new_instance(0, NULL, cLDAP_Message);
	
	// Set the DN
	dn = ldap_get_dn(ld, msg);
	rdn = rb_str_new2(dn);
	ldap_memfree(dn);
	rb_iv_set(obj, "@dn", rdn);
	
	// Set the attributes
	attrs = rb_hash_new();
	attr = ldap_first_attribute(ld, msg, &ber);
	do {
		values = ldap_get_values_len(ld, msg, attr);

		if (values == NULL) {
			rldap_raise(rldap_errno_c(obj));
		}

		ary = rb_ary_new();
		length = ldap_count_values_len(values);

		for (i=0; i<length; i++) {
			value = values[i];
			if (value->bv_len == 4 && strncmp(value->bv_val, "TRUE", value->bv_len) == 0)
				rb_ary_push(ary, Qtrue);
			else if (value->bv_len == 5 && strncmp(value->bv_val, "FALSE", value->bv_len) == 0)
				rb_ary_push(ary, Qfalse);
			else {
				str = rb_str_new(value->bv_val, value->bv_len);
				rb_ary_push(ary, str);
			}
		}
		
		rb_hash_aset(attrs, rb_str_new2(attr), ary);

		ldap_value_free_len(values);
		ldap_memfree(attr);
	} while (attr = ldap_next_attribute(ld, msg, ber));

	ber_free(ber, 0);

	rb_iv_set(obj, "@attrs", attrs);

	return obj;
}
コード例 #10
0
int
main( int argc, char **argv )
{
	LDAP		*ld;
	LDAPMessage	*result, *e;
	BerElement	*ber;
	char		*a, *dn;
	char		**vals;
	int		i;

	/* get a handle to an LDAP connection */
	if ( (ld = ldap_init( MY_HOST, MY_PORT )) == NULL ) {
		perror( "ldap_init" );
		return( 1 );
	}
	/* authenticate to the directory as nobody */
	if ( ldap_simple_bind_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
		ldap_perror( ld, "ldap_simple_bind_s" );
		ldap_unbind( ld );
		return( 1 );
	}
	/* search for all entries with surname of Jensen */
	if ( ldap_search_s( ld, MY_SEARCHBASE, LDAP_SCOPE_SUBTREE,
		MY_FILTER, NULL, 0, &result ) != LDAP_SUCCESS ) {
		ldap_perror( ld, "ldap_search_s" );
		if ( result == NULL ) {
			ldap_unbind( ld );
			return( 1 );
		}
	}
	/* for each entry print out name + all attrs and values */
	for ( e = ldap_first_entry( ld, result ); e != NULL;
	    e = ldap_next_entry( ld, e ) ) {
		if ( (dn = ldap_get_dn( ld, e )) != NULL ) {
		    printf( "dn: %s\n", dn );
		    ldap_memfree( dn );
		}
		for ( a = ldap_first_attribute( ld, e, &ber );
		    a != NULL; a = ldap_next_attribute( ld, e, ber ) ) {
			if ((vals = ldap_get_values( ld, e, a)) != NULL ) {
				for ( i = 0; vals[i] != NULL; i++ ) {
				    printf( "%s: %s\n", a, vals[i] );
				}
				ldap_value_free( vals );
			}
			ldap_memfree( a );
		}
		if ( ber != NULL ) {
			ber_free( ber, 0 );
		}
		printf( "\n" );
	}
	ldap_msgfree( result );
	ldap_unbind( ld );
	return( 0 );
}
コード例 #11
0
ファイル: sort.c プロジェクト: ysangkok/pgp-unix-6.5.8 
int
ldap_sort_entries(
    LDAP	*ld,
    LDAPMessage	**chain,
    char	*attr,		/* NULL => sort by DN */
    int		(*cmp)(const void *a, const void *b)
)
{
	int			i, count;
	struct entrything	*et;
	LDAPMessage		*e, *last;
	LDAPMessage		**ep;

	count = ldap_count_entries( ld, *chain );

	if ( (et = (struct entrything *) malloc( count *
	    sizeof(struct entrything) )) == NULL ) {
		ld->ld_errno = LDAP_NO_MEMORY;
		return( -1 );
	}

	e = *chain;
	for ( i = 0; i < count; i++ ) {
		et[i].et_msg = e;
		if ( attr == NULL ) {
			char	*dn;

			dn = ldap_get_dn( ld, e );
			et[i].et_vals = ldap_explode_dn( dn, 1 );
			free( dn );
		} else {
			et[i].et_vals = ldap_get_values( ld, e, attr );
		}

		e = e->lm_chain;
	}
	last = e;

	et_cmp_fn = cmp;
	qsort( et, count, sizeof(struct entrything), (void *) et_cmp );

	ep = chain;
	for ( i = 0; i < count; i++ ) {
		*ep = et[i].et_msg;
		ep = &(*ep)->lm_chain;

		ldap_value_free( et[i].et_vals );
	}
	*ep = last;
	free( (char *) et );

	return( 0 );
}
コード例 #12
0
/* Remove the user from all groups below the given container */
int ad_group_subtree_remove_user(char *container_dn, char *user_dn) {
	LDAP *ds;
	char *filter;
	int filter_length;
	char *attrs[]={"1.1", NULL};
	LDAPMessage *res;
	LDAPMessage *entry;
	int result, num_results;
	char *group_dn=NULL;

	ds=ad_login();
	if(!ds) return ad_error_code;

	filter_length=(strlen(user_dn)+255);
	filter=malloc(filter_length);
	snprintf(filter, filter_length, 
		"(&(objectclass=group)(member=%s))", user_dn);

	result=ldap_search_s(ds, container_dn, LDAP_SCOPE_SUBTREE, 
				filter, attrs, 0, &res);
	if(result!=LDAP_SUCCESS) {
		snprintf(ad_error_msg, MAX_ERR_LENGTH, 
			"Error in ldap_search_s for ad_group_subtree_remove_user: %s", 
			ldap_err2string(result));
		ad_error_code=AD_LDAP_OPERATION_FAILURE;
		return ad_error_code;
	}
	free(filter);

	num_results=ldap_count_entries(ds, res);
	if(num_results==0) {
		ad_error_code=AD_SUCCESS;
		return ad_error_code;
	}

	entry=ldap_first_entry(ds, res);
	while(entry!=NULL) {
		group_dn=ldap_get_dn(ds, entry);
		if(ad_group_remove_user(group_dn, user_dn)!=AD_SUCCESS) {
			snprintf(ad_error_msg, MAX_ERR_LENGTH, 
				"Error in ad_group_subtree_remove_user"
				"\nwhen removing %s from %s:\n%s", 
				user_dn, group_dn, ad_error_msg);
			return ad_error_code;
		}
		entry=ldap_next_entry(ds, entry);
	}

	if(group_dn!=NULL) ldap_memfree(group_dn);
	ldap_msgfree(res);
	ad_error_code=AD_SUCCESS;
	return ad_error_code; 
}
コード例 #13
0
ファイル: ldap.cpp プロジェクト: Robby-/anope 
	void BuildReply(int res, LDAPRequest *req)
	{
		LDAPResult *ldap_result = req->result = new LDAPResult();
		req->result->type = req->type;

		if (res != LDAP_SUCCESS)
		{
			ldap_result->error = ldap_err2string(res);
			return;
		}

		if (req->message == NULL)
		{
			return;
		}

		/* a search result */

		for (LDAPMessage *cur = ldap_first_message(this->con, req->message); cur; cur = ldap_next_message(this->con, cur))
		{
			LDAPAttributes attributes;

			char *dn = ldap_get_dn(this->con, cur);
			if (dn != NULL)
			{
				attributes["dn"].push_back(dn);
				ldap_memfree(dn);
				dn = NULL;
			}

			BerElement *ber = NULL;

			for (char *attr = ldap_first_attribute(this->con, cur, &ber); attr; attr = ldap_next_attribute(this->con, cur, ber))
			{
				berval **vals = ldap_get_values_len(this->con, cur, attr);
				int count = ldap_count_values_len(vals);

				std::vector<Anope::string> attrs;
				for (int j = 0; j < count; ++j)
					attrs.push_back(vals[j]->bv_val);
				attributes[attr] = attrs;

				ldap_value_free_len(vals);
				ldap_memfree(attr);
			}

			if (ber != NULL)
				ber_free(ber, 0);

			ldap_result->messages.push_back(attributes);
		}
	}
コード例 #14
0
static int
ldap_get_fulldn(LD_session *session, char *username, char *userstr, int username_length)
{
	struct berval cred;
	struct berval *msgidp=NULL;
	char filter[MAXFILTERSTR], *dn;
	int rc = 0;
	char logbuf[MAXLOGBUF];
	LDAPMessage *res, *entry;

	memset(userstr, 0, username_length);

        cred.bv_val = ldap_authorization_bindpasswd;
        cred.bv_len = strlen(ldap_authorization_bindpasswd);

#if LDAP_API_VERSION > 3000
	if((rc = ldap_sasl_bind_s(session->sess, ldap_authorization_binddn, ldap_authorization_type, &cred, NULL, NULL, &msgidp))!=LDAP_SUCCESS) {
		snprintf(logbuf, MAXLOGBUF, "!!!Ldap server %s authentificate with method %s failed: %s", ldap_authorization_host, ldap_authorization_type, ldap_err2string(rc));	
		ldap_log(LOG_DEBUG, logbuf);
		return RETURN_FALSE;
	};

#else
	if((rc = ldap_bind_s(session->sess, ldap_authorization_binddn, ldap_authorization_bindpasswd, LDAP_AUTH_SIMPLE))!=LDAP_SUCCESS) {
		snprintf(logbuf, MAXLOGBUF, "Ldap server %s authentificate failed: %s", ldap_authorization_host, ldap_err2string(rc));	
		ldap_log(LOG_DEBUG, logbuf);
		return RETURN_FALSE;
	}
#endif

	/* create filter for search */
	memset(filter, 0, MAXFILTERSTR);
	snprintf(filter, MAXLOGBUF, "(uid=%s)", username);

	if ((rc = ldap_search_ext_s(session->sess, ldap_authorization_basedn, LDAP_SCOPE_SUBTREE, filter, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &res)) != LDAP_SUCCESS) {
#if LDAP_API_VERSION > 3000
		ldap_unbind_ext(session->sess, NULL, NULL);
#else   
		ldap_unbind(session->sess);
#endif
		return RETURN_FALSE;
	}

	if ((entry = ldap_first_entry(session->sess,res)) == NULL) {
		return RETURN_FALSE;
	} else {
		dn = ldap_get_dn(session->sess, entry);
		strncpy(userstr, dn, strlen(dn));
	};
	ldap_msgfree(res);
	return RETURN_TRUE;
}
コード例 #15
0
int _ldap_lookup(void)
{
	char *attrs[] = { NULL };
	char *filter, *dn;
	char **values;
	LDAP *ld;
	LDAPMessage *res, *entry;
	int ret;

	ld = ldap_init(LDAP_HOST, LDAP_PORT);
	if (!ld) {
		fprintf(stderr, "%s: unable to initialise ldap connection\n",
				prog);
		return 1;
	}

	ret = ldap_simple_bind_s(ld, LDAP_BIND_DN, LDAP_BIND_PASSWD);

	if (ret)
		return 1;

	filter = malloc(sizeof(LDAP_FILTER) + strlen(user) + strlen(host));
	sprintf(filter, LDAP_FILTER, user, host);

	ret = ldap_search_s(ld, LDAP_BASE, LDAP_SCOPE, filter, attrs, 0, &res);
	if (ret) {
		fprintf(stderr, "%s: ldap search failed: %s\n", prog,
				ldap_err2string(ret));
		return 1;
	}

	entry = ldap_first_entry(ld, res);


	if (!entry)
		return 1;

	dn = ldap_get_dn(ld, res);
	
	ldap_msgfree(res);

	ret = ldap_simple_bind_s(ld, dn, password);

	if (ret)
		return 1;

	ldap_memfree(dn);
	ldap_unbind(ld);
	return 0;
}
コード例 #16
0
ファイル: ldap_auth.c プロジェクト: millken/zhuxianB30 
/*******************************************************************************
 函数名称  : dot1x_ldap_search_dn_timeout
 功能描述  : LDAP_SEARCH_DN状态查询用户DN
 输入参数  : user_data   ---   定时器参数,sm状态机
 输出参数  : 无
 返 回 值     : 无
------------------------------------------------------------
 最近一次修改记录 :
 修改作者   : 王群
 修改目的   : 新增函数
 修改日期   : 2011年6月2日
*******************************************************************************/
void dot1x_ldap_search_dn_timeout(void *user_data)
{
	s8 filter[1024];
	s32 retcode;
	s8 *userdn = NULL;
	LDAPMessage *res = NULL;
	LDAPMessage *msg = NULL;
	struct eapol_state_machine *sm = (struct eapol_state_machine *)user_data;

	snprintf(filter, sizeof(filter), "(%s=%s)", g_dot1x_var.ldap_conf.ldap_filter, sm->identity);
	/*执行查询操作*/
	retcode = ldap_search_s(sm->ldap_sm->ldap, g_dot1x_var.ldap_conf.ldap_basedn, LDAP_SCOPE_SUBTREE, filter, g_ldap_attrs, 0, &res);
	(sm->ldap_sm->req_count)++;
	if (LDAP_SUCCESS == retcode)
	{
		msg = ldap_first_entry(sm->ldap_sm->ldap, res);
		if (NULL == msg)
		{
			ldap_msgfree(res);
			return;
		}

		/*获得用户的dn*/
		userdn = ldap_get_dn(sm->ldap_sm->ldap, msg);
		if (NULL == userdn)
		{
			ldap_msgfree(res);
			return;
		}
		sm->ldap_sm->userdn = userdn;
		/*查询成功,进入LDAP_BIND_DN状态*/
		dot1x_ldap_bind_dn_entry(sm);
	}
	else if (LDAP_TIMEOUT == retcode &&
			sm->ldap_sm->req_count < g_dot1x_var.conf.retransmit_times)
	{
		/*重载定时器*/
		dloop_register_timeout(0, 0, dot1x_ldap_search_dn_timeout, sm);
	}
	else
	{
		/*关闭连接*/
		ldap_unbind(sm->ldap_sm->ldap);
		/*查询失败,进入LDAP_FAILURE状态*/
		dot1x_ldap_failure_entry(sm);
	}

	ldap_msgfree(res);
	return;
}
コード例 #17
0
/*
 * Returns an LDAP error code.
 */
static int
cmp2( LDAP *ld1, LDAP *ld2, LDAPMessage *e1, int findonly)
{
    LDAPMessage		*e2, *res;
    char		*dn, *attrcmp;
    int			found=0, rc;
    ATTR		*a1, *a2;

    dn = ldap_get_dn( ld1, e1 );

    if ( ldaptool_verbose ) {
	if ( findonly ) {
	    printf( "Checking that %s exists on both servers\n", dn );
	} else {
	    printf("Comparing entry %s on both servers\n", dn );
	}
    }

    if ( ldap_search( ld2, dn, LDAP_SCOPE_BASE, "objectClass=*", NULL, 0 ) == -1 ) {
        return( ldaptool_print_lderror( ld2, "ldap_search",
		LDAPTOOL_CHECK4SSL_IF_APPROP ));
    }
/* XXXmcs: this code should be modified to display referrals and references */
    while ( (rc = ldap_result( ld2, LDAP_RES_ANY, 0, NULL, &res )) == 
        LDAP_RES_SEARCH_ENTRY ) {
        e2 = ldap_first_entry( ld1, res );
	found = 1;
	if ( !findonly ) {
	    a1 = get_attrs( ld1, e1 );
	    a2 = get_attrs( ld2, e2 );
	    attrcmp = cmp_attrs( a1, a2 );
	    if ( strcmp( attrcmp, "") != 0 ) {
	        printf("\n%s%s\n", dn, attrcmp);
	    }
	}
        ldap_msgfree( res );
    }
    if ( !found ) {
	notfound( dn, findonly );
	differ = 1;
    }
    if ( rc == -1 ) {
        return( ldaptool_print_lderror( ld2, "ldap_result",
		LDAPTOOL_CHECK4SSL_IF_APPROP ));
    }
    ldap_msgfree( res );
    ldap_memfree( dn );
    return(rc);
}
コード例 #18
0
ファイル: authldap.c プロジェクト: alniaky/dbmail 
static char *__auth_get_first_match(const char *q, const char **retfields)
{
	LDAPMessage *ldap_msg;
	LDAPMessage *ldap_res;
	char *returnid = NULL, *ldap_dn = NULL;
	char **ldap_vals = NULL;
	int k = 0, err;
	LDAP *_ldap_conn = ldap_con_get();

	if (! (ldap_res = authldap_search(q)))
		return NULL;

	if (ldap_count_entries(_ldap_conn, ldap_res) < 1) {
		TRACE(TRACE_DEBUG, "none found");
		goto endfree;
	}

	ldap_msg = ldap_first_entry(_ldap_conn, ldap_res);
	if (ldap_msg == NULL) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_first_entry failed: %s", ldap_err2string(err));
		goto endfree;
	}

	for (k = 0; retfields[k] != NULL; k++) {
		if (0 == strcasecmp(retfields[k], "dn")) {
			ldap_dn = ldap_get_dn(_ldap_conn, ldap_msg);
			if (ldap_dn)
				returnid = g_strdup(ldap_dn);
			break;
		} else {
			ldap_vals = ldap_get_values(_ldap_conn, ldap_msg, retfields[k]);
			if (ldap_vals) 
				returnid = g_strdup(ldap_vals[0]);
			break;
		}
	}

endfree:
	if (ldap_dn)
		ldap_memfree(ldap_dn);
	if (ldap_vals)
		ldap_value_free(ldap_vals);
	if (ldap_res)
		ldap_msgfree(ldap_res);

	return returnid;
}
コード例 #19
0
ファイル: hdb-ldap.c プロジェクト: alepharchives/bitrig 
static krb5_error_code
LDAP_remove(krb5_context context, HDB * db, hdb_entry * entry)
{
    krb5_error_code ret;
    LDAPMessage *msg, *e;
    char *dn = NULL;
    int rc, limit = LDAP_NO_LIMIT;

    ret = LDAP_principal2message(context, db, entry->principal, &msg);
    if (ret)
	goto out;

    e = ldap_first_entry(HDB2LDAP(db), msg);
    if (e == NULL) {
	ret = HDB_ERR_NOENTRY;
	goto out;
    }

    dn = ldap_get_dn(HDB2LDAP(db), e);
    if (dn == NULL) {
	ret = HDB_ERR_NOENTRY;
	goto out;
    }

    rc = ldap_set_option(HDB2LDAP(db), LDAP_OPT_SIZELIMIT, (const void *)&limit);
    if (rc != LDAP_SUCCESS) {
	krb5_set_error_string(context, "ldap_set_option: %s",
			      ldap_err2string(rc));
	ret = HDB_ERR_BADVERSION;
	goto out;
    }

    rc = ldap_delete_s(HDB2LDAP(db), dn);
    if (check_ldap(context, db, rc)) {
	krb5_set_error_string(context, "ldap_delete_s: %s", 
			      ldap_err2string(rc));
	ret = HDB_ERR_CANT_LOCK_DB;
    } else
	ret = 0;

  out:
    if (dn != NULL)
	free(dn);
    if (msg != NULL)
	ldap_msgfree(msg);

    return ret;
}
コード例 #20
0
ファイル: passdb-ldap.c プロジェクト: LTD-Beget/dovecot 
static void ldap_bind_lookup_dn_callback(struct ldap_connection *conn,
					 struct ldap_request *ldap_request,
					 LDAPMessage *res)
{
	struct passdb_ldap_request *passdb_ldap_request =
		(struct passdb_ldap_request *)ldap_request;
	struct auth_request *auth_request = ldap_request->auth_request;
	struct passdb_ldap_request *brequest;
	char *dn;

	if (res != NULL && ldap_msgtype(res) == LDAP_RES_SEARCH_ENTRY) {
		if (passdb_ldap_request->entries++ > 0) {
			/* too many replies */
			return;
		}

		/* first entry */
		ldap_query_save_result(conn, auth_request,
				       &passdb_ldap_request->request.search, res);

		/* save dn */
		dn = ldap_get_dn(conn->ld, res);
		passdb_ldap_request->dn = p_strdup(auth_request->pool, dn);
		ldap_memfree(dn);
	} else if (res == NULL || passdb_ldap_request->entries != 1) {
		/* failure */
		ldap_bind_lookup_dn_fail(auth_request, passdb_ldap_request, res);
	} else if (auth_request->skip_password_check) {
		/* we've already verified that the password matched -
		   we just wanted to get any extra fields */
		passdb_ldap_request->callback.
			verify_plain(PASSDB_RESULT_OK, auth_request);
		auth_request_unref(&auth_request);
	} else {
		/* create a new bind request */
		brequest = p_new(auth_request->pool,
				 struct passdb_ldap_request, 1);
		brequest->dn = passdb_ldap_request->dn;
		brequest->callback = passdb_ldap_request->callback;
		brequest->request.bind.dn = brequest->dn;
		brequest->request.bind.request.type = LDAP_REQUEST_TYPE_BIND;
		brequest->request.bind.request.auth_request = auth_request;

		ldap_auth_bind(conn, &brequest->request.bind);
	}
}
コード例 #21
0
ファイル: ldap_printer.c プロジェクト: AIdrifter/samba 
/*
  find a printer given the name and the hostname
    Note that results "res" may be allocated on return so that the
    results can be used.  It should be freed using ads_msgfree.
*/
 ADS_STATUS ads_find_printer_on_server(ADS_STRUCT *ads, LDAPMessage **res,
				       const char *printer,
				       const char *servername)
{
	ADS_STATUS status;
	char *srv_dn, **srv_cn, *s = NULL;
	const char *attrs[] = {"*", "nTSecurityDescriptor", NULL};

	status = ads_find_machine_acct(ads, res, servername);
	if (!ADS_ERR_OK(status)) {
		DEBUG(1, ("ads_find_printer_on_server: cannot find host %s in ads\n",
			  servername));
		return status;
	}
	if (ads_count_replies(ads, *res) != 1) {
		ads_msgfree(ads, *res);
		*res = NULL;
		return ADS_ERROR(LDAP_NO_SUCH_OBJECT);
	}
	srv_dn = ldap_get_dn(ads->ldap.ld, *res);
	if (srv_dn == NULL) {
		ads_msgfree(ads, *res);
		*res = NULL;
		return ADS_ERROR(LDAP_NO_MEMORY);
	}
	srv_cn = ldap_explode_dn(srv_dn, 1);
	if (srv_cn == NULL) {
		ldap_memfree(srv_dn);
		ads_msgfree(ads, *res);
		*res = NULL;
		return ADS_ERROR(LDAP_INVALID_DN_SYNTAX);
	}
	ads_msgfree(ads, *res);
	*res = NULL;

	if (asprintf(&s, "(cn=%s-%s)", srv_cn[0], printer) == -1) {
		ldap_memfree(srv_dn);
		return ADS_ERROR(LDAP_NO_MEMORY);
	}
	status = ads_search(ads, res, s, attrs);

	ldap_memfree(srv_dn);
	ldap_value_free(srv_cn);
	SAFE_FREE(s);
	return status;	
}
コード例 #22
0
/** Process an entry modification operation
 *
 * @note This is a callback for the sync_demux function.
 *
 * @param[in] conn	the sync belongs to.
 * @param[in] config	of the sync that received an entry.
 * @param[in] sync_id	of the sync that received an entry.
 * @param[in] phase	Refresh phase the sync is currently in.
 * @param[in] uuid	of the entry.
 * @param[in] msg	containing the entry.
 * @param[in] state	The type of modification we need to perform to our
 *			representation of the entry.
 * @param[in] user_ctx	The listener.
 * @return
 *	- 0 on success.
 *	- -1 on failure.
 */
static int _proto_ldap_entry(fr_ldap_connection_t *conn, sync_config_t const *config,
			     int sync_id, UNUSED sync_phases_t phase,
			     uint8_t const uuid[SYNC_UUID_LENGTH], LDAPMessage *msg,
			     sync_states_t state, void *user_ctx)
{
	rad_listen_t		*listen = talloc_get_type_abort(user_ctx, rad_listen_t);
	proto_ldap_inst_t	*inst = talloc_get_type_abort(listen->data, proto_ldap_inst_t);
	fr_ldap_map_exp_t	expanded;
	REQUEST			*request;

	request = proto_ldap_request_setup(listen, inst, sync_id);
	if (!request) return -1;

	proto_ldap_attributes_add(request, config);
	request->packet->code = state;

	/*
	 *	Add the entry DN and attributes
	 */
	if (msg) {
		char *entry_dn;
		VALUE_PAIR *vp;

		entry_dn = ldap_get_dn(conn->handle, msg);

		MEM(pair_update_request(&vp, attr_ldap_sync_entry_dn) >= 0);
		ldap_memfree(entry_dn);

		MEM(pair_update_request(&vp, attr_ldap_sync_entry_uuid) >= 0);
		fr_pair_value_memcpy(vp, uuid, SYNC_UUID_LENGTH);
	}

	/*
	 *	Apply the attribute map
	 */
	if (fr_ldap_map_expand(&expanded, request, config->entry_map) < 0) {
	error:
		talloc_free(request);
		return -1;
	}
	if (fr_ldap_map_do(request, conn, NULL, &expanded, msg) < 0) goto error;

//	request_enqueue(request);

	return 0;
}
コード例 #23
0
/**
 * The public method auth authenticats the user with username and password
 * Parameters:
 * 		std::string *username: a reverence to the username
 * 		std::string *pw: a reverence to the password
 * Return:
 * 		bool: true if auth successfull
 */
bool LDAPConnection::auth(std::string *username, std::string *pw){
	int rc = 0;
	LDAPMessage *result, *entry;
	std::string filter = "(uid=";
	filter.append(*username);
	filter.append(")");

	//searches for user
	rc = ldap_search_s(this->ld, SEARCHBASE, SCOPE, filter.c_str(), this->attribs, 0, &result);
	if(rc != LDAP_SUCCESS){
		std::cout << ldap_err2string(rc) << std::endl;
		ldap_msgfree(result);
		return false;
	}

	//counts results
	if(ldap_count_entries(this->ld, result) != 1){
		ldap_msgfree(result);
		return false;
	}

	//gets user dn
	entry = ldap_first_entry(this->ld, result);
	std::string dn = ldap_get_dn(this->ld,entry);
	ldap_msgfree(result);

	//initializes a new ldap connection
	LDAP *ldp;
	ldap_initialize(&ldp, LDAP_HOST);
	if(ldp == NULL){
		return false;
	}

	//tries to bind the user
	rc = ldap_simple_bind_s(ldp, dn.c_str(), pw->c_str());

	if(rc != LDAP_SUCCESS){
		ldap_unbind(ldp);
		return false;
	}

	//closes the new ldap connection
	ldap_unbind(ldp);
	return true;
}
コード例 #24
0
ファイル: dn.c プロジェクト: MichaelMcDonnell/wine 
/***********************************************************************
 *      ldap_get_dnW     (WLDAP32.@)
 *
 * Retrieve the DN from a given LDAP message.
 *
 * PARAMS
 *  ld     [I] Pointer to an LDAP context.
 *  entry  [I] LDAPMessage structure to retrieve the DN from.
 *
 * RETURNS
 *  Success: Pointer to a string that contains the DN.
 *  Failure: NULL
 *
 * NOTES
 *  Free the string with ldap_memfree.
 */
PWCHAR CDECL ldap_get_dnW( WLDAP32_LDAP *ld, WLDAP32_LDAPMessage *entry )
{
    PWCHAR ret = NULL;
#ifdef HAVE_LDAP
    char *retU;

    TRACE( "(%p, %p)\n", ld, entry );

    if (!ld || !entry) return NULL;

    retU = ldap_get_dn( ld, entry );

    ret = strUtoW( retU );
    ldap_memfree( retU );

#endif
    return ret;
}
コード例 #25
0
ファイル: kuhl_m_sid.c プロジェクト: 0xbadjuju/mimikatz 
NTSTATUS kuhl_m_sid_add(int argc, wchar_t * argv[])
{
	PLDAP ld;
	DWORD dwErr;
	PCWCHAR szName;
	PWCHAR domain = NULL;
	PLDAPMessage pMessage = NULL;
	BERVAL NewSid;
	PBERVAL pNewSid[2] = {&NewSid, NULL};
	LDAPMod Modification = {LDAP_MOD_ADD | LDAP_MOD_BVALUES, L"sIDHistory"};
	PLDAPMod pModification[2] = {&Modification, NULL};
	Modification.mod_vals.modv_bvals = pNewSid;

	if(kull_m_string_args_byName(argc, argv, L"new", &szName, NULL))
	{
		if(ConvertStringSidToSid(szName, (PSID *) &NewSid.bv_val) || kull_m_token_getSidDomainFromName(szName, (PSID *) &NewSid.bv_val, &domain, NULL, NULL))
		{
			if(IsValidSid((PSID) NewSid.bv_val))
			{
				NewSid.bv_len = GetLengthSid((PSID) NewSid.bv_val);
				if(kuhl_m_sid_quickSearch(argc, argv, TRUE, NULL, &ld, &pMessage))
				{
					kprintf(L"\n  * Will try to add \'%s\' this new SID:\'", Modification.mod_type);
					kull_m_string_displaySID(NewSid.bv_val);
					kprintf(L"\': ");
					dwErr = ldap_modify_s(ld, ldap_get_dn(ld, pMessage), pModification);
					if(dwErr == LDAP_SUCCESS)
						kprintf(L"OK!\n");
					else PRINT_ERROR(L"ldap_modify_s 0x%x (%u)\n", dwErr, dwErr);
					if(pMessage)
						ldap_msgfree(pMessage);
					ldap_unbind(ld);
				}
			}
			else PRINT_ERROR(L"Invalid SID\n");
			LocalFree(NewSid.bv_val);
			if(domain)
				LocalFree(domain);
		}
		else PRINT_ERROR_AUTO(L"ConvertStringSidToSid / kull_m_token_getSidDomainFromName");
	}
	else PRINT_ERROR(L"/new:sid or /new:resolvable_name is needed");
	return STATUS_SUCCESS;
}
コード例 #26
0
ファイル: ldap_unx.cpp プロジェクト: drkvogel/retrasst 
//- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
std::string LDAP_UNX::getDistinguishedName( const std::string userID,
	std::string *dname )
{
	*dname = "";
	LDAP *ldap = NULL;	// INITIALISE AND CONNECT TO LDAP SERVER
	std::string	e = initialize( &ldap );
	if ( ! e.empty() )
		{return( e );
		}
	std::string	base = ou + "," + dc;
	std::string	bparam = std::string("CN=LDAPbind,") + base;
	const	int 	ibind = ldap_simple_bind_s( ldap, bparam.c_str(),
		ldap_pw.c_str() );
	if ( ibind != LDAP_SUCCESS )
		{sprintf( ebuf, "ldap_simple_bind_s=%d", ibind );
		return( std::string(ebuf) );
		}
/* SEARCH FOR ENTRY WITH sAMAccountName AS GIVEN BY USER AND GET
 distinguishedName IF IT EXISTS (IF FOUND, THEN USERNAME EXISTS) */
	LDAPMessage *res = ( LDAPMessage * )NULL;
	std::string filter = "(sAMAccountName=" + userID + ")";
	const	int	isearch = ldap_search_s( ldap, base.c_str(),
		LDAP_SCOPE_ONELEVEL, filter.c_str(), ( char ** )NULL, 0, &res );
	if ( isearch != LDAP_SUCCESS )
		{sprintf( ebuf, "ldap_search_s=%d", isearch );
		return( std::string(ebuf) );
		}
	const	int	nentries = ldap_count_entries( ldap, res );
	if ( nentries <= 0 )
		{    // FAILED TO FIND distinguishedName from sAMAccountName
		ldap_msgfree( res );
		ldap_unbind_s( ldap );
		return( "Username not found in LDAP-OU" );
		}
					    // EXTRACT distinguishedNAme
	char 	*dn = ldap_get_dn( ldap, ldap_first_entry( ldap, res ) );
	*dname = std::string( dn );
	ldap_memfree( dn );			    		// TIDY UP
	ldap_msgfree( res );
	ldap_unbind_s( ldap );   			// DROP ASSOCIATION
	return( "" );
 }
コード例 #27
0
ファイル: authldap.c プロジェクト: alniaky/dbmail 
static char * dm_ldap_user_getdn(u64_t user_idnr) 
{
	GString *t = g_string_new("");
	char *dn;
	int err;
	LDAPMessage *ldap_res;
	LDAPMessage *ldap_msg;
	LDAP *_ldap_conn = ldap_con_get();
	
	g_string_printf(t, "(%s=%llu)", _ldap_cfg.field_nid, user_idnr);
	TRACE(TRACE_DEBUG, "searching with query [%s]", t->str);
	
	if (! (ldap_res = authldap_search(t->str))) {
		g_string_free(t,TRUE);
		return NULL;
	}
		
	g_string_free(t,TRUE);

	if (ldap_count_entries(_ldap_conn, ldap_res) < 1) {
		TRACE(TRACE_DEBUG, "no entries found");
		ldap_msgfree(ldap_res);
		return NULL;
	}

	if (! (ldap_msg = ldap_first_entry(_ldap_conn, ldap_res))) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_first_entry failed: %s", ldap_err2string(err));
		ldap_msgfree(ldap_res);
		return NULL;
	}

	if (! (dn = ldap_get_dn(_ldap_conn, ldap_msg))) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_get_dn failed: %s", ldap_err2string(err));
		ldap_msgfree(ldap_res);
		return NULL;
	}

	ldap_msgfree(ldap_res);
	return dn;
}
コード例 #28
0
static void ldap_bind_lookup_dn_callback(struct ldap_connection *conn,
					 struct ldap_request *ldap_request,
					 LDAPMessage *res)
{
	struct passdb_ldap_request *passdb_ldap_request =
		(struct passdb_ldap_request *)ldap_request;
	struct auth_request *auth_request = ldap_request->auth_request;
	struct passdb_ldap_request *brequest;
	char *dn;

	if (res != NULL && ldap_msgtype(res) == LDAP_RES_SEARCH_ENTRY) {
		if (passdb_ldap_request->entries++ > 0) {
			/* too many replies */
			return;
		}

		/* first entry */
		ldap_query_save_result(conn, auth_request,
				       &passdb_ldap_request->request.search, res);

		/* save dn */
		dn = ldap_get_dn(conn->ld, res);
		passdb_ldap_request->dn = p_strdup(auth_request->pool, dn);
		ldap_memfree(dn);
	} else if (res == NULL || passdb_ldap_request->entries != 1) {
		/* failure */
		ldap_bind_lookup_dn_fail(auth_request, passdb_ldap_request, res);
	} else {
		/* create a new bind request */
		brequest = p_new(auth_request->pool,
				 struct passdb_ldap_request, 1);
		brequest->dn = passdb_ldap_request->dn;
		brequest->callback = passdb_ldap_request->callback;
		brequest->request.bind.dn = brequest->dn;
		brequest->request.bind.request.type = LDAP_REQUEST_TYPE_BIND;
		brequest->request.bind.request.auth_request = auth_request;

		ldap_auth_bind(conn, &brequest->request.bind);
	}
}
コード例 #29
0
ファイル: qldap.c プロジェクト: ajtulloch/qmail 
int
qldap_get_dn(qldap *q, stralloc *dn)
{
	char *d;
	
	CHECK(q, EXTRACT);

	d = ldap_get_dn(q->ld, q->msg);
	if (d == (char *)0)
		return NOSUCH;
	if (!stralloc_copys(dn, d) || !stralloc_0(dn))
		return ERRNO;
#ifdef LDAP_OPT_PROTOCOL_VERSION
	/*
	 * OpenLDAP 1.x does not have ldap_memfree() use free() instead.
	 */
	ldap_memfree(d);
#else
	free(d);
#endif
	return OK;
}
コード例 #30
0
/* used for debugging */
static void
print_dn( LDAP *ld, LDAPMessage *entry )
{
    char		*dn, *ufn;

    dn = ldap_get_dn( ld, entry );
    if ( ldif ) {
	write_ldif_value( "dn", dn, strlen( dn ));
    } else {
	printf( "%s\n", dn );
    }
    if ( includeufn ) {
	ufn = ldap_dn2ufn( dn );
	if ( ldif ) {
	    write_ldif_value( "ufn", ufn, strlen( ufn ));
	} else {
	    printf( "%s\n", ufn );
	}
	free( ufn );
    }
    ldap_memfree( dn );
}