/* creates a new organizational unit sets objectclass=organizationalUnit and name=ou name Returns AD_SUCCESS on success */ int ad_ou_create(char *ou_name, char *dn) { LDAP *ds; LDAPMod *attrs[3]; LDAPMod attr1, attr2; int result; char *objectClass_values[]={"organizationalUnit", NULL}; char *name_values[2]; ds=ad_login(); if(!ds) return ad_error_code; attr1.mod_op = LDAP_MOD_ADD; attr1.mod_type = "objectClass"; attr1.mod_values = objectClass_values; name_values[0]=ou_name; name_values[1]=NULL; attr2.mod_op = LDAP_MOD_ADD; attr2.mod_type = "name"; attr2.mod_values = name_values; attrs[0]=&attr1; attrs[1]=&attr2; attrs[2]=NULL; result=ldap_add_s(ds, dn, attrs); if(result!=LDAP_SUCCESS) { snprintf(ad_error_msg, MAX_ERR_LENGTH, "Error in ldap_add: %s", ldap_err2string(result)); ad_error_code=AD_LDAP_OPERATION_FAILURE; } else { ad_error_code=AD_SUCCESS; } return ad_error_code; }
/* ARGSUSED */ int _ns_ldap_add_s(char *service, int flags, char *dn, LDAPMod **attrs) { LDAP *ld = __s_api_getLDAPconn(flags); return (ldap_add_s(ld, dn, attrs)); }
/* * Takes an array of mappings, similar to modify above, with the * exception that the 'op' field is ignored and not used at all. */ static void f_ldap_add(INT32 args) { struct pike_string *dn; struct array *arr; struct mapping *m; struct svalue *val; LDAPMod **mods; int i, ret; if (!THIS->bound) Pike_error("OpenLDAP.Client: attempting operation on an unbound connection\n"); get_all_args("OpenLDAP.Client->add()", args, "%S%a", &dn, &arr); mods = (LDAPMod**)calloc((arr->size + 1), sizeof(LDAPMod*)); if (!mods) Pike_error("OpenLDAP.Client: OUT OF MEMORY!\n"); for (i = 0; i < arr->size; i++) { mods[i] = (LDAPMod*)calloc(1, sizeof(LDAPMod)); if (!mods[i]) Pike_error("OpenLDAP.Client: OUT OF MEMORY!\n"); mods[i]->mod_op = LDAP_MOD_BVALUES; if (arr->item[i].type != T_MAPPING) Pike_error("OpenLDAP.Client->add(): array member is not a mapping.\n"); m = arr->item[i].u.mapping; val = low_mapping_string_lookup(m, modify_type); if (!val) Pike_error("OpenLDAP.Client->add(): invalid modification mapping. " "Missing the '%s' field\n", "type"); if (val->type != T_STRING || val->u.string->size_shift > 0) Pike_error("OpenLDAP.Client->add(): invalid modification mapping. " "The '%s' field is not an 8-bit string\n", "type"); mods[i]->mod_type = val->u.string->str; val = low_mapping_string_lookup(m, modify_values); if (!val) Pike_error("OpenLDAP.Client->add(): invalid modification mapping. " "Missing the '%s' field\n", "values"); if (val->type != T_ARRAY) Pike_error("OpenLDAP.Client->add(): invalid modification mapping. " "The '%s' field is not an array\n", "values"); mods[i]->mod_bvalues = make_berval_array(val); } ret = ldap_add_s(THIS->conn, dn->str, mods); if (ret != LDAP_SUCCESS) Pike_error("OpenLDAP.Client->add(): %s\n", ldap_err2string(ret)); free_mods(mods); pop_n_elems(args); }
/* creates an empty, locked user account with given username and dn and attributes: objectClass=user sAMAccountName=username userAccountControl=66050 (ACCOUNTDISABLE|NORMAL_ACCOUNT|DONT_EXPIRE_PASSWORD) userprincipalname returns AD_SUCCESS on success */ int ad_create_user(char *username, char *dn) { LDAP *ds; LDAPMod *attrs[5]; LDAPMod attr1, attr2, attr3, attr4; int result; char *objectClass_values[]={"user", NULL}; char *name_values[2]; char *accountControl_values[]={"66050", NULL}; char *upn, *domain; char *upn_values[2]; ds=ad_login(); if(!ds) return ad_error_code; attr1.mod_op = LDAP_MOD_ADD; attr1.mod_type = "objectClass"; attr1.mod_values = objectClass_values; name_values[0]=username; name_values[1]=NULL; attr2.mod_op = LDAP_MOD_ADD; attr2.mod_type = "sAMAccountName"; attr2.mod_values = name_values; attr3.mod_op = LDAP_MOD_ADD; attr3.mod_type = "userAccountControl"; attr3.mod_values = accountControl_values; domain=dn2domain(dn); upn=malloc(strlen(username)+strlen(domain)+2); sprintf(upn, "%s@%s", username, domain); upn_values[0]=upn; upn_values[1]=NULL; attr4.mod_op = LDAP_MOD_ADD; attr4.mod_type = "userPrincipalName"; attr4.mod_values = upn_values; attrs[0]=&attr1; attrs[1]=&attr2; attrs[2]=&attr3; attrs[3]=&attr4; attrs[4]=NULL; result=ldap_add_s(ds, dn, attrs); if(result!=LDAP_SUCCESS) { snprintf(ad_error_msg, MAX_ERR_LENGTH, "Error in ldap_add %s", ldap_err2string(result)); ad_error_code=AD_LDAP_OPERATION_FAILURE; } else { ad_error_code=AD_SUCCESS; } free(domain); return ad_error_code; }
/* * Create an LDAP server container entry. */ static void rpc_ns__ldap_export_server(LDAP *ld, char *dn, rpc_if_handle_t if_spec, unsigned32 *status ) { unsigned_char_p_t uuid = NULL; rpc_if_id_t if_id; LDAPMod *modV[4]; LDAPMod modRpcNsObjectID, modObjectClass; char *valueRpcNsObjectID[2], *valueObjectClass[3]; rpc_if_inq_id(if_spec, &if_id, status); if (*status != rpc_s_ok) { return; } uuid_to_string(&if_id.uuid, &uuid, status); if (*status != rpc_s_ok) { return; } valueRpcNsObjectID[0] = uuid; valueRpcNsObjectID[1] = NULL; modRpcNsObjectID.mod_op = LDAP_MOD_ADD; modRpcNsObjectID.mod_type = "rpcNsObjectID"; modRpcNsObjectID.mod_values = valueRpcNsObjectID; valueObjectClass[0] = "rpcServer"; valueObjectClass[1] = "rpcEntry"; valueObjectClass[2] = "top"; modObjectClass.mod_op = LDAP_MOD_ADD; modObjectClass.mod_type = "objectClass"; modObjectClass.mod_values = valueObjectClass; modV[0] = &modRpcNsObjectID; modV[1] = &modObjectClass; modV[2] = NULL; if (ldap_add_s(ld, dn, modV) != LDAP_SUCCESS) { *status = rpc_s_update_failed; } else { *status = rpc_s_ok; } rpc_string_free(&uuid, status); }
/* For running the ldap_info run queue. */ void add_ldap_values (ldap_info * ldinfo) { int result; char dnbuffer[1024]; if (ldapbase != NULL) sprintf (dnbuffer, "%s,%s", ldinfo->dn, ldapbase); else sprintf (dnbuffer, "%s", ldinfo->dn); result = ldap_add_s (conn, dnbuffer, ldinfo->attrs); ldap_result_check ("ldap_add_s", dnbuffer, result); }
void LDAPSession::addStringValue ( string dn, const list<LDAPStringValue>& values ) { list<LDAPStringValue>::const_iterator it=values.begin(); list<LDAPStringValue>::const_iterator end=values.end(); int i=0; LDAPMod** mods= ( LDAPMod** ) malloc ( sizeof ( LDAPMod* ) *values.size() +1 ); for ( ;it!=end;++it ) { mods[i]= ( LDAPMod* ) malloc ( sizeof ( LDAPMod ) ); mods[i]->mod_op=LDAP_MOD_ADD; mods[i]->mod_type= ( char* ) malloc ( sizeof ( char ) * ( *it ).attr.length() ); strcpy ( mods[i]->mod_type, ( *it ).attr.c_str() ); list<string>::const_iterator sit= ( *it ).value.begin(); list<string>::const_iterator send= ( *it ).value.end(); int j=0; mods[i]->mod_vals.modv_strvals= ( char** ) malloc ( sizeof ( char* ) * ( *it ).value.size() +1 ); for ( ;sit!=send;++sit ) { mods[i]->mod_vals.modv_strvals[j]= ( char* ) malloc ( sizeof ( char ) * ( *sit ).length() ); strcpy ( mods[i]->mod_vals.modv_strvals[j], ( *sit ).c_str() ); ++j; } mods[i]->mod_vals.modv_strvals[j]=0l; ++i; } mods[i]=0l; int errc= ldap_add_s ( ld,dn.c_str(),mods ); if ( errc != LDAP_SUCCESS ) throw LDAPExeption ( "ldap_add_s",ldap_err2string ( errc ) ); ldap_mods_free ( mods,1 ); }
/* a convenient routine for adding a generic LDAP record */ int ads_gen_add(ADS_STRUCT *ads, const char *new_dn, ...) { int i; va_list ap; LDAPMod **mods; char *name, *value; int ret; #define MAX_MOD_VALUES 10 /* count the number of attributes */ va_start(ap, new_dn); for (i=0; va_arg(ap, char *); i++) { /* skip the values */ while (va_arg(ap, char *)) ; } va_end(ap); mods = malloc(sizeof(LDAPMod *) * (i+1)); va_start(ap, new_dn); for (i=0; (name=va_arg(ap, char *)); i++) { char **values; int j; values = (char **)malloc(sizeof(char *) * (MAX_MOD_VALUES+1)); for (j=0; (value=va_arg(ap, char *)) && j < MAX_MOD_VALUES; j++) { values[j] = value; } values[j] = NULL; mods[i] = malloc(sizeof(LDAPMod)); mods[i]->mod_type = name; mods[i]->mod_op = LDAP_MOD_ADD; mods[i]->mod_values = values; } mods[i] = NULL; va_end(ap); ret = ldap_add_s(ads->ld, new_dn, mods); for (i=0; mods[i]; i++) { free(mods[i]->mod_values); free(mods[i]); } free(mods); return ret; }
/* creates a computer account and attributes: objectClass=top,person,organizationalPerson,user,computer sAMAccountName=NAME$ userAccountControl=4128 returns AD_SUCCESS on success */ int ad_create_computer(char *name, char *dn) { LDAP *ds; LDAPMod *attrs[4]; LDAPMod attr1, attr2, attr3; int i, result; char *objectClass_values[]={"top", "person", "organizationalPerson", "user", "computer", NULL}; char *name_values[2]; char *accountControl_values[]={"4128", NULL}; ds=ad_login(); if(!ds) return ad_error_code; attr1.mod_op = LDAP_MOD_ADD; attr1.mod_type = "objectClass"; attr1.mod_values = objectClass_values; name_values[0]=malloc(strlen(name)+2); sprintf(name_values[0], "%s$", name); for(i=0; name_values[0][i]; i++) name_values[0][i]=toupper(name_values[0][i]); name_values[1]=NULL; attr2.mod_op = LDAP_MOD_ADD; attr2.mod_type = "sAMAccountName"; attr2.mod_values = name_values; attr3.mod_op = LDAP_MOD_ADD; attr3.mod_type = "userAccountControl"; attr3.mod_values = accountControl_values; attrs[0]=&attr1; attrs[1]=&attr2; attrs[2]=&attr3; attrs[3]=NULL; result=ldap_add_s(ds, dn, attrs); if(result!=LDAP_SUCCESS) { snprintf(ad_error_msg, MAX_ERR_LENGTH, "Error in ldap_add %s", ldap_err2string(result)); ad_error_code=AD_LDAP_OPERATION_FAILURE; } else { ad_error_code=AD_SUCCESS; } return ad_error_code; }
char * gfarm_generic_info_set( void *key, LDAPMod **modv, const struct gfarm_generic_info_ops *ops) { int rv; char *dn = ops->make_dn(key); if (dn == NULL) return (GFARM_ERR_NO_MEMORY); rv = ldap_add_s(gfarm_ldap_server, dn, modv); free(dn); if (rv != LDAP_SUCCESS) { if (rv == LDAP_ALREADY_EXISTS) return (GFARM_ERR_ALREADY_EXISTS); return (ldap_err2string(rv)); } return (NULL); }
static status ClientsInit(LDAP *ld) { LDAPMod *attributes[4]; LDAPMod attribute1,attribute2,attribute3; char * objectclass_vals[] = { "top","organizationalUnit",NULL }; char * ou_value[] = {"clients",NULL}; char * desc_value[] = {"Lista de clientes",NULL}; /* objectclass */ attribute1.mod_op = LDAP_MOD_ADD; attribute1.mod_type = "objectclass"; attribute1.mod_vals.modv_strvals = objectclass_vals; attributes[0] = &attribute1; /* ou */ attribute2.mod_op = LDAP_MOD_ADD; attribute2.mod_type = "ou"; attribute2.mod_vals.modv_strvals = ou_value; attributes[1] = &attribute2; /* description */ attribute3.mod_op = LDAP_MOD_ADD; attribute3.mod_type = "description"; attribute3.mod_vals.modv_strvals = desc_value; attributes[2] = &attribute3; attributes[3] = NULL; if ( ldap_add_s(ld, CLIENT_PATH, attributes) != LDAP_SUCCESS ) { fprintf(stderr,"LDAP ERROR: No se pudo inicializar la lista de clientes %s\n", CLIENT_PATH); return FATAL_ERROR; } return OK; }
static status RootAdd(LDAP *ld) { LDAPMod *attributes[4]; LDAPMod attribute1,attribute2,attribute3; char * objectclass_vals[] = { "top","organization",NULL }; char * o_value[] = {MOVIE_STORE_NAME,NULL}; char * l_value[] = {MOVIE_STORE_LOCATION,NULL}; /* objectclass */ attribute1.mod_op = LDAP_MOD_ADD; attribute1.mod_type = "objectclass"; attribute1.mod_vals.modv_strvals = objectclass_vals; attributes[0] = &attribute1; /* o */ attribute2.mod_op = LDAP_MOD_ADD; attribute2.mod_type = "dc"; attribute2.mod_vals.modv_strvals = o_value; attributes[1] = &attribute2; /* l */ attribute3.mod_op = LDAP_MOD_ADD; attribute3.mod_type = "l"; attribute3.mod_vals.modv_strvals = l_value; attributes[2] = &attribute3; attributes[3] = NULL; if ( ldap_add_s(ld, MOVIE_STORE_DN, attributes) != LDAP_SUCCESS ) { fprintf(stderr,"LDAP ERROR: No se pudo agregar el nodo inicial %s\n", MOVIE_STORE_DN); return FATAL_ERROR; } return OK; }
int main (int *argc, char **argv) { isc_mem_t *mctx = NULL; isc_entropy_t *ectx = NULL; isc_result_t result; char *basedn; ldap_info *tmp; LDAPMod *base_attrs[2]; LDAPMod base; isc_buffer_t buff; char *zonefile; char fullbasedn[1024]; char *ctmp; dns_fixedname_t fixedzone, fixedname; dns_rdataset_t rdataset; char **dc_list; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdatasetiter_t *riter; dns_name_t *zone, *name; dns_db_t *db = NULL; dns_dbiterator_t *dbit = NULL; dns_dbnode_t *node; extern char *optarg; extern int optind, opterr, optopt; int create_base = 0; int topt; if ((int) argc < 2) { usage (); exit (-1); } while ((topt = getopt ((int) argc, argv, "D:w:b:z:f:h:?dcv")) != -1) { switch (topt) { case 'v': printf("%s\n", VERSION); exit(0); case 'c': create_base++; break; case 'd': debug++; break; case 'D': binddn = strdup (optarg); break; case 'w': bindpw = strdup (optarg); break; case 'b': ldapbase = strdup (optarg); break; case 'z': argzone = strdup (optarg); // We wipe argzone all to hell when we parse it for the DN */ gbl_zone = strdup(argzone); break; case 'f': zonefile = strdup (optarg); break; case 'h': ldapsystem = strdup (optarg); break; case '?': default: usage (); exit (0); } } if ((argzone == NULL) || (zonefile == NULL)) { usage (); exit (-1); } if (debug) printf ("Initializing ISC Routines, parsing zone file\n"); result = isc_mem_create (0, 0, &mctx); isc_result_check (result, "isc_mem_create"); result = isc_entropy_create(mctx, &ectx); isc_result_check (result, "isc_entropy_create"); result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE); isc_result_check (result, "isc_hash_create"); isc_buffer_init (&buff, argzone, strlen (argzone)); isc_buffer_add (&buff, strlen (argzone)); dns_fixedname_init (&fixedzone); zone = dns_fixedname_name (&fixedzone); result = dns_name_fromtext (zone, &buff, dns_rootname, 0, NULL); isc_result_check (result, "dns_name_fromtext"); result = dns_db_create (mctx, "rbt", zone, dns_dbtype_zone, dns_rdataclass_in, 0, NULL, &db); isc_result_check (result, "dns_db_create"); result = dns_db_load (db, zonefile); isc_result_check (result, "Check Zone Syntax: dns_db_load"); result = dns_db_createiterator (db, 0, &dbit); isc_result_check (result, "dns_db_createiterator"); result = dns_dbiterator_first (dbit); isc_result_check (result, "dns_dbiterator_first"); dns_fixedname_init (&fixedname); name = dns_fixedname_name (&fixedname); dns_rdataset_init (&rdataset); dns_rdata_init (&rdata); while (result == ISC_R_SUCCESS) { node = NULL; result = dns_dbiterator_current (dbit, &node, name); if (result == ISC_R_NOMORE) break; isc_result_check (result, "dns_dbiterator_current"); riter = NULL; result = dns_db_allrdatasets (db, node, NULL, 0, &riter); isc_result_check (result, "dns_db_allrdatasets"); result = dns_rdatasetiter_first (riter); //isc_result_check(result, "dns_rdatasetiter_first"); while (result == ISC_R_SUCCESS) { dns_rdatasetiter_current (riter, &rdataset); result = dns_rdataset_first (&rdataset); isc_result_check (result, "dns_rdatasetiter_current"); while (result == ISC_R_SUCCESS) { dns_rdataset_current (&rdataset, &rdata); generate_ldap (name, &rdata, rdataset.ttl); dns_rdata_reset (&rdata); result = dns_rdataset_next (&rdataset); } dns_rdataset_disassociate (&rdataset); result = dns_rdatasetiter_next (riter); } dns_rdatasetiter_destroy (&riter); result = dns_dbiterator_next (dbit); } /* Initialize the LDAP Connection */ if (debug) printf ("Initializing LDAP Connection to %s as %s\n", ldapsystem, binddn); init_ldap_conn (); if (create_base) { if (debug) printf ("Creating base zone DN %s\n", argzone); dc_list = hostname_to_dn_list (argzone, argzone, DNS_TOP); basedn = build_dn_from_dc_list (dc_list, 0, NO_SPEC); for (ctmp = &basedn[strlen (basedn)]; ctmp >= &basedn[0]; ctmp--) { if ((*ctmp == ',') || (ctmp == &basedn[0])) { base.mod_op = LDAP_MOD_ADD; base.mod_type = "objectClass"; base.mod_values = topObjectClasses; base_attrs[0] = &base; base_attrs[1] = NULL; if (ldapbase) { if (ctmp != &basedn[0]) sprintf (fullbasedn, "%s,%s", ctmp + 1, ldapbase); else sprintf (fullbasedn, "%s,%s", ctmp, ldapbase); } else { if (ctmp != &basedn[0]) sprintf (fullbasedn, "%s", ctmp + 1); else sprintf (fullbasedn, "%s", ctmp); } result = ldap_add_s (conn, fullbasedn, base_attrs); ldap_result_check ("intial ldap_add_s", fullbasedn, result); } } } else { if (debug) printf ("Skipping zone base dn creation for %s\n", argzone); } for (tmp = ldap_info_base; tmp != NULL; tmp = tmp->next) { if (debug) printf ("Adding DN: %s\n", tmp->dn); add_ldap_values (tmp); } if (debug) printf("Operation Complete.\n"); /* Cleanup */ isc_hash_destroy(); isc_entropy_detach(&ectx); isc_mem_destroy(&mctx); if (zonefile) free(zonefile); return 0; }
status ClientAdd(LDAP *ld, client_t client) { LDAPMod *attributes[10]; LDAPMod attribute1,attribute2,attribute3,attribute4,attribute5,attribute6,attribute7,attribute8,attribute9; char aux_error[100]; char * objectclass_vals[] = { "top", "person", "organizationalPerson", "inetOrgPerson", NULL }; char * ou_value[] = {"clients",NULL}; char * cn_value[] = {client.user,NULL}; char * uid_value[] = {client.user,NULL}; char * mail_value[] = {client.mail,NULL}; char * pass_value[] = {client.passwd,NULL}; char * sn_value[] = {client.user,NULL}; char * desc_value[] = {client.desc,NULL}; /* convierto el level a string */ char aux_level[5]; sprintf(aux_level, "%d",(int)client.level); char * level_value[] = {aux_level,NULL}; char *dn = GetClientDN(client.user); /* objectclass */ attribute1.mod_op = LDAP_MOD_ADD; attribute1.mod_type = "objectclass"; attribute1.mod_vals.modv_strvals = objectclass_vals; attributes[0] = &attribute1; /* ou */ attribute2.mod_op = LDAP_MOD_ADD; attribute2.mod_type = "ou"; attribute2.mod_vals.modv_strvals = ou_value; attributes[1] = &attribute2; /* cn */ attribute3.mod_op = LDAP_MOD_ADD; attribute3.mod_type = "cn"; attribute3.mod_vals.modv_strvals = cn_value; attributes[2] = &attribute3; /* uid */ attribute4.mod_op = LDAP_MOD_ADD; attribute4.mod_type = "uid"; attribute4.mod_vals.modv_strvals = uid_value; attributes[3] = &attribute4; /* mail */ attribute5.mod_op = LDAP_MOD_ADD; attribute5.mod_type = "mail"; attribute5.mod_vals.modv_strvals = mail_value; attributes[4] = &attribute5; /* userPassword */ attribute6.mod_op = LDAP_MOD_ADD; attribute6.mod_type = "userPassword"; attribute6.mod_vals.modv_strvals = pass_value; attributes[5] = &attribute6; /* sn */ attribute7.mod_op = LDAP_MOD_ADD; attribute7.mod_type = "sn"; attribute7.mod_vals.modv_strvals = sn_value; attributes[6] = &attribute7; /* description */ attribute8.mod_op = LDAP_MOD_ADD; attribute8.mod_type = "description"; attribute8.mod_vals.modv_strvals = desc_value; attributes[7] = &attribute8; /* level */ attribute9.mod_op = LDAP_MOD_ADD; attribute9.mod_type = "internationaliSDNNumber"; attribute9.mod_vals.modv_strvals = level_value; attributes[8] = &attribute9; /* Fin del arreglo */ attributes[9] = NULL; if ( ldap_add_s(ld, dn, attributes) != LDAP_SUCCESS ) { fprintf(stderr,"LDAP ERROR: No pudo agregarse el cliente con level %s\n",level_value[0]); ldap_perror(ld, aux_error); fprintf(stderr, "%s\n",aux_error); return ERROR; } return OK; }
/* Creates new LDAP Account */ int db_create(char *bid, char *username, char *first, char *last, char *pass) { /* declares local vars */ LDAP *ld; LDAPMessage *res; LDAPMod **mods; char filter[1024]; int i; int bid_len; char *dn; char *uid; /* checks for connection */ if (db_pointer) { ld = db_pointer; } else { return(1); }; /* Gets size of bid */ bid_len = strlen(bid); /* Creates filter */ strcpy(filter, "(blipsid="); strcpy(filter+9, bid); strcpy(filter+9+bid_len, ")"); if (ldap_search_s(ld, "o=acsalaska.net", LDAP_SCOPE_SUBTREE, filter, NULL, 0, &res)) { ldap_perror(ld, "ldap_search_s"); return(1); }; /* Checks for results */ if (ldap_count_entries(ld, res)) { ldap_msgfree(res); return(2); }; ldap_msgfree(res); res = NULL; /* Generates DN */ dn = (char *) db_dn(username); if (!dn) { return(1); }; /* Searches for existing username */ if (ldap_search_s(ld, dn, LDAP_SCOPE_SUBTREE, "(uid=*)", NULL, 0, &res) != LDAP_NO_SUCH_OBJECT) { ldap_perror(ld, "ldap_search_s"); free(dn); return(1); }; /* Checks for results */ if (ldap_count_entries(ld, res)) { ldap_msgfree(res); return(3); }; ldap_msgfree(res); /* gets UID of account */ uid = strtok(username, "@"); /* Creates mod pointers */ mods = (LDAPMod **) malloc (9*sizeof(LDAPMod *)); if (!mods) { return(1); }; memset(mods, 0, (8*sizeof(LDAPMod *))); for(i = 0; i < 8; i++) { mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod)); if (!mods[i]) { for(i = i; i >= 0; i--) free(mods[i]); free(mods); return(1); }; }; /* Creates mod entries */ mods[0]->mod_op = 0; mods[0]->mod_type = (char *) strdup("objectclass"); mods[0]->mod_values = (char **) malloc(sizeof(char *)*8); mods[0]->mod_values[0] = (char *) strdup("top"); mods[0]->mod_values[1] = (char *) strdup("person"); mods[0]->mod_values[2] = (char *) strdup("organizationalperson"); mods[0]->mod_values[3] = (char *) strdup("inetorgperson"); mods[0]->mod_values[4] = (char *) strdup("inetuser"); mods[0]->mod_values[5] = (char *) strdup("acsaccount"); mods[0]->mod_values[6] = (char *) strdup("acsblipsaccount"); mods[0]->mod_values[7] = NULL; mods[1]->mod_op = 0; mods[1]->mod_type = (char *) strdup("uid"); mods[1]->mod_values = (char **) malloc(sizeof(char *)*2); mods[1]->mod_values[0] = uid; mods[1]->mod_values[1] = NULL; mods[2]->mod_op = 0; mods[2]->mod_type = (char *) strdup("datasource"); mods[2]->mod_values = (char **) malloc(sizeof(char *)*2); mods[2]->mod_values[0] = (char *) strdup("Backend LDAP Internet Provisioning System Daemon"); mods[2]->mod_values[1] = NULL; mods[3]->mod_op = 0; mods[3]->mod_type = (char *) strdup("givenname"); mods[3]->mod_values = (char **) malloc(sizeof(char *)*2); mods[3]->mod_values[0] = first; mods[3]->mod_values[1] = NULL; mods[4]->mod_op = 0; mods[4]->mod_type = (char *) strdup("sn"); mods[4]->mod_values = (char **) malloc(sizeof(char *)*2); mods[4]->mod_values[0] = last; mods[4]->mod_values[1] = NULL; mods[5]->mod_op = 0; mods[5]->mod_type = (char *) strdup("cn"); mods[5]->mod_values = (char **) malloc(sizeof(char *)*2); mods[5]->mod_values[0] = (char *) strdup("First Last"); mods[5]->mod_values[1] = NULL; mods[6]->mod_op = 0; mods[6]->mod_type = (char *) strdup("clearpassword"); mods[6]->mod_values = (char **) malloc(sizeof(char *)*2); mods[6]->mod_values[0] = pass; mods[6]->mod_values[1] = NULL; mods[7]->mod_op = 0; mods[7]->mod_type = (char *) strdup("userpassword"); mods[7]->mod_values = (char **) malloc(sizeof(char *)*2); mods[7]->mod_values[0] = pass; mods[7]->mod_values[1] = NULL; mods[8] = NULL; /* Creates the account in LDAP */ if (ldap_add_s(ld, dn, mods)) { ldap_perror(ld, "ldap_add_s"); free(dn); ldap_mods_free(mods, 9); return(1); }; ldap_perror(ld, "ldap_add_s"); /* ends function */ fprintf(stderr, "got here 98\n"); free(dn); fprintf(stderr, "got here 99\n"); //ldap_mods_free(mods, 9); fprintf(stderr, "got here 100\n"); return(0); }
/* * Create or update an LDAP server binding entry. */ static void rpc_ns__ldap_export_server_element_ext(LDAP *ld, char *dn, rpc_if_handle_t if_spec, rpc_binding_vector_p_t vec, int modop, unsigned32 *status ) { unsigned_char_p_t uuid = NULL; unsigned_char_p_t interfaceID = NULL; rpc_if_id_t if_id; LDAPMod *modV[4]; LDAPMod modRpcNsInterfaceID, modRpcNsBindings, modObjectClass; char **valueRpcNsBindings = NULL; char *valueRpcNsInterfaceID[2], *valueObjectClass[3]; int rc; unsigned i; rpc_if_inq_id(if_spec, &if_id, status); if (*status != rpc_s_ok) { goto out; } /* Get the interface ID */ uuid_to_string(&if_id.uuid, &uuid, status); if (*status != rpc_s_ok) { goto out; } RPC_MEM_ALLOC(interfaceID, unsigned_char_p_t, strlen(uuid) + sizeof(",65535.65535"), RPC_C_MEM_NSRESOLUTION, RPC_C_MEM_WAITOK); sprintf(interfaceID, "%s,%hu.%hu", uuid, if_id.vers_major, if_id.vers_minor); valueRpcNsInterfaceID[0] = interfaceID; valueRpcNsInterfaceID[1] = NULL; modRpcNsInterfaceID.mod_op = LDAP_MOD_ADD; modRpcNsInterfaceID.mod_type = "rpcNsInterfaceID"; modRpcNsInterfaceID.mod_values = valueRpcNsInterfaceID; RPC_MEM_ALLOC(valueRpcNsBindings, char **, (vec->count * sizeof(char *)), RPC_C_MEM_NSRESOLUTION, RPC_C_MEM_WAITOK); memset(valueRpcNsBindings, 0, (vec->count * sizeof(unsigned_char_p_t))); for (i = 0; i < vec->count; i++) { rpc_binding_to_string_binding(vec->binding_h[i], (unsigned_char_p_t *)&valueRpcNsBindings[i], status); if (*status != rpc_s_ok) { goto out; } } valueRpcNsBindings[vec->count] = NULL; modRpcNsBindings.mod_op = modop; modRpcNsBindings.mod_type = "rpcNsBindings"; modRpcNsBindings.mod_values = valueRpcNsBindings; valueObjectClass[0] = "rpcServerElement"; valueObjectClass[1] = "rpcEntry"; valueObjectClass[2] = "top"; modObjectClass.mod_op = modop; modObjectClass.mod_type = "objectClass"; modObjectClass.mod_values = valueObjectClass; modV[0] = &modRpcNsInterfaceID; modV[1] = &modRpcNsBindings; modV[2] = &modObjectClass; modV[3] = NULL; if (modop == LDAP_MOD_ADD) { rc = ldap_add_s(ld, dn, modV); } else { rc = ldap_modify_s(ld, dn, modV); } *status = (rc == LDAP_SUCCESS) ? rpc_s_ok : rpc_s_update_failed; out: if (uuid != NULL) free(uuid); if (interfaceID != NULL) free(interfaceID); if (valueRpcNsBindings != NULL) { char **p; for (p = valueRpcNsBindings; *valueRpcNsBindings != NULL; p++) { unsigned_char_p_t tmp = (unsigned_char_p_t)*p; rpc_string_free(&tmp, status); } RPC_MEM_FREE(valueRpcNsBindings, RPC_C_MEM_NSRESOLUTION); } }
static krb5_error_code LDAP_store(krb5_context context, HDB * db, unsigned flags, hdb_entry * entry) { LDAPMod **mods = NULL; krb5_error_code ret; const char *errfn; int rc; LDAPMessage *msg = NULL, *e = NULL; char *dn = NULL, *name = NULL; ret = LDAP_principal2message(context, db, entry->principal, &msg); if (ret == 0) e = ldap_first_entry(HDB2LDAP(db), msg); ret = krb5_unparse_name(context, entry->principal, &name); if (ret) { free(name); return ret; } ret = hdb_seal_keys(context, db, entry); if (ret) goto out; /* turn new entry into LDAPMod array */ ret = LDAP_entry2mods(context, db, entry, e, &mods); if (ret) goto out; if (e == NULL) { ret = asprintf(&dn, "krb5PrincipalName=%s,%s", name, HDB2CREATE(db)); if (ret < 0) { krb5_set_error_string(context, "asprintf: out of memory"); ret = ENOMEM; goto out; } } else if (flags & HDB_F_REPLACE) { /* Entry exists, and we're allowed to replace it. */ dn = ldap_get_dn(HDB2LDAP(db), e); } else { /* Entry exists, but we're not allowed to replace it. Bail. */ ret = HDB_ERR_EXISTS; goto out; } /* write entry into directory */ if (e == NULL) { /* didn't exist before */ rc = ldap_add_s(HDB2LDAP(db), dn, mods); errfn = "ldap_add_s"; } else { /* already existed, send deltas only */ rc = ldap_modify_s(HDB2LDAP(db), dn, mods); errfn = "ldap_modify_s"; } if (check_ldap(context, db, rc)) { char *ld_error = NULL; ldap_get_option(HDB2LDAP(db), LDAP_OPT_ERROR_STRING, &ld_error); krb5_set_error_string(context, "%s: %s (dn=%s) %s: %s", errfn, name, dn, ldap_err2string(rc), ld_error); ret = HDB_ERR_CANT_LOCK_DB; } else ret = 0; out: /* free stuff */ if (dn) free(dn); if (msg) ldap_msgfree(msg); if (mods) ldap_mods_free(mods, 1); if (name) free(name); return ret; }