int
VmDirPerformRename(
PVDIR_OPERATION pOperation
)
{
ModifyReq * modReq = &(pOperation->request.modifyReq);
int retVal = LDAP_SUCCESS;
PVDIR_LDAP_RESULT pResult = &(pOperation->ldapResult);
ber_len_t size = 0;
PSTR pszLocalErrorMsg = NULL;
if (!_VmDirIsRenameSupported())
{
pResult->errCode = retVal = LDAP_UNWILLING_TO_PERFORM;
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, pszLocalErrorMsg, "Operation is not enabled on this server or is not supported at this domain fuctional level.");
}
// Get entry DN. 'm' => reqDn.bv_val points to DN within (in-place) ber
if ( ber_scanf( pOperation->ber, "{mmb", &modReq->dn, &modReq->newrdn, &modReq->bDeleteOldRdn) == LBER_ERROR )
{
VMDIR_LOG_ERROR( LDAP_DEBUG_ARGS, "VmDirPerformRename: ber_scanf failed" );
pResult->errCode = LDAP_PROTOCOL_ERROR;
retVal = LDAP_NOTICE_OF_DISCONNECT;
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"Decoding error while parsing the target DN");
}
if (ber_peek_tag(pOperation->ber, &size) == LDAP_TAG_NEWSUPERIOR)
{
if ( ber_scanf(pOperation->ber, "m", &modReq->newSuperior ) == LBER_ERROR ) {
pResult->errCode = LDAP_PROTOCOL_ERROR;
retVal = LDAP_NOTICE_OF_DISCONNECT; BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "Decoding error while parsing newSuperior");
}
}
if ( ber_scanf( pOperation->ber, "}") == LBER_ERROR )
{
VMDIR_LOG_ERROR( LDAP_DEBUG_ARGS, "PerformRename: ber_scanf failed" );
pResult->errCode = LDAP_PROTOCOL_ERROR;
retVal = LDAP_NOTICE_OF_DISCONNECT;
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "Decoding error while parsing the end of message.");
}
retVal = pResult->errCode = VmDirMLModify( pOperation );
BAIL_ON_VMDIR_ERROR(retVal);
cleanup:
if (retVal != LDAP_NOTICE_OF_DISCONNECT)
{
VmDirSendLdapResult( pOperation );
}
VMDIR_SAFE_FREE_MEMORY(pszLocalErrorMsg);
return retVal;
error:
VMDIR_APPEND_ERROR_MSG(pResult->pszErrMsg, pszLocalErrorMsg);
goto cleanup;
}
LDAP_CALL
ldap_get_dn( LDAP *ld, LDAPMessage *entry )
{
char *dn;
struct berelement tmp;
LDAPDebug( LDAP_DEBUG_TRACE, "ldap_get_dn\n", 0, 0, 0 );
if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
return( NULL ); /* punt */
}
if ( !NSLDAPI_VALID_LDAPMESSAGE_ENTRY_POINTER( entry )) {
LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL );
return( NULL );
}
tmp = *entry->lm_ber; /* struct copy */
if ( ber_scanf( &tmp, "{a", &dn ) == LBER_ERROR ) {
LDAP_SET_LDERRNO( ld, LDAP_DECODING_ERROR, NULL, NULL );
return( NULL );
}
return( dn );
}
/** Converts the reply into server version and a return code
*
* This function takes the reply BER Value and decodes the NMAS server version and return code and if a non
* null retData buffer was supplied, tries to decode the the return data and length.
*
@verbatim
ResponseBer contents:
server_version INTEGER
error INTEGER
data OCTET STRING
@endverbatim
*
* @param[in] reply_bv reply data from extended request.
* @param[out] server_version that responded.
* @param[out] out data.
* @param[out] outlen Length of data written to out.
* @return 0 on success, and < 0 on error.
*/
static int ber_decode_login_data(struct berval *reply_bv, int *server_version, void *out, size_t *outlen)
{
int rc = 0;
int err = 0;
BerElement *reply_ber = NULL;
rad_assert(out != NULL);
rad_assert(outlen != NULL);
if ((reply_ber = ber_init(reply_bv)) == NULL) {
err = NMAS_E_SYSTEM_RESOURCES;
goto finish;
}
rc = ber_scanf(reply_ber, "{iis}", server_version, &err, out, outlen);
if (rc == -1) {
err = NMAS_E_FRAG_FAILURE;
goto finish;
}
finish:
if(reply_ber) ber_free(reply_ber, 1);
return err;
}
int lp_do_bind(BerElement *ber, lp_connection_t *c, ber_int_t msgid)
{
TRACE();
ber_tag_t tag;
ber_len_t len;
ber_tag_t method;
ber_int_t version;
//char *name = NULL;
int ret;
if ((tag = ber_peek_tag(ber, &len)) == LBER_ERROR) {
lp_log_error("ber_peek_tag returns 0x%lx", tag);
return LP_ERR;
}
lp_assert(tag == LDAP_REQ_BIND);
//tag = ber_scanf(ber, "{iat", &version, &name, &method);
tag = ber_scanf(ber, "{it", &version, &method);
if (tag == LBER_ERROR) {
lp_log_error("ber_scanf failed!");
return LP_ERR;
}
//lp_log_debug("vesrion: %d,\tname: %s, method: 0x%lx",
// version, name, method);
//ber_memfree(name);
ret = lp_response_bind(c, msgid);
return ret;
}
static int
valsort_parseCtrl(
Operation *op,
SlapReply *rs,
LDAPControl *ctrl )
{
ber_tag_t tag;
BerElementBuffer berbuf;
BerElement *ber = (BerElement *)&berbuf;
ber_int_t flag = 0;
if ( BER_BVISNULL( &ctrl->ldctl_value )) {
rs->sr_text = "valSort control value is absent";
return LDAP_PROTOCOL_ERROR;
}
if ( BER_BVISEMPTY( &ctrl->ldctl_value )) {
rs->sr_text = "valSort control value is empty";
return LDAP_PROTOCOL_ERROR;
}
ber_init2( ber, &ctrl->ldctl_value, 0 );
if (( tag = ber_scanf( ber, "{b}", &flag )) == LBER_ERROR ) {
rs->sr_text = "valSort control: flag decoding error";
return LDAP_PROTOCOL_ERROR;
}
op->o_ctrlflag[valsort_cid] = ctrl->ldctl_iscritical ?
SLAP_CONTROL_CRITICAL : SLAP_CONTROL_NONCRITICAL;
if ( flag )
op->o_ctrlflag[valsort_cid] |= SLAP_CONTROL_DATA0;
return LDAP_SUCCESS;
}
/* ARGSUSED */
int
ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, BerElement *ber,
BerValue *attr, BerVarray *vals )
{
ber_tag_t tag;
int rc = LDAP_SUCCESS;
Debug( LDAP_DEBUG_TRACE, "ldap_get_attribute_ber\n", 0, 0, 0 );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( entry != NULL );
assert( ber != NULL );
assert( attr != NULL );
attr->bv_val = NULL;
attr->bv_len = 0;
if ( ber_pvt_ber_remaining( ber ) ) {
ber_len_t siz = sizeof( BerValue );
/* skip sequence, snarf attribute type */
tag = ber_scanf( ber, vals ? "{mM}" : "{mx}", attr, vals,
&siz, 0 );
if( tag == LBER_ERROR ) {
rc = ld->ld_errno = LDAP_DECODING_ERROR;
}
}
return rc;
}
/* ARGSUSED */
char *
ldap_next_attribute( LDAP *ld, LDAPMessage *entry, BerElement *ber )
{
ber_tag_t tag;
char *attr;
Debug( LDAP_DEBUG_TRACE, "ldap_next_attribute\n", 0, 0, 0 );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( entry != NULL );
assert( ber != NULL );
if ( ber_pvt_ber_remaining( ber ) == 0 ) {
return NULL;
}
/* skip sequence, snarf attribute type, skip values */
tag = ber_scanf( ber, "{ax}", &attr );
if( tag == LBER_ERROR ) {
ld->ld_errno = LDAP_DECODING_ERROR;
return NULL;
}
return attr;
}
int
ParseSyncStateControlVal(
BerValue * controlValue, // Input: control value encoded as ber,
int * entryState) // Output
{
int retVal = LDAP_SUCCESS;
BerElementBuffer berbuf;
BerElement * ber = (BerElement *)&berbuf;
VMDIR_LOG_DEBUG( LDAP_DEBUG_TRACE, "ParseSyncStateControlVal: Begin." );
ber_init2( ber, controlValue, LBER_USE_DER );
if (ber_scanf( ber, "{i}", entryState ) == -1 )
{
VMDIR_LOG_ERROR(VMDIR_LOG_MASK_ALL, "ParseSyncStateControlVal: ber_scanf to read entryState failed" );
retVal = LDAP_OPERATIONS_ERROR;
BAIL_ON_VMDIR_ERROR( retVal );
}
cleanup:
VMDIR_LOG_DEBUG( LDAP_DEBUG_TRACE, "ParseSyncStateControlVal: Begin." );
return retVal;
error:
goto cleanup;
}
/*
* Parse the value from an LDAPv3 "Persistent Search" control. They look
* like this:
*
* PersistentSearch ::= SEQUENCE {
* changeTypes INTEGER,
* -- the changeTypes field is the logical OR of
* -- one or more of these values: add (1), delete (2),
* -- modify (4), modDN (8). It specifies which types of
* -- changes will cause an entry to be returned.
* changesOnly BOOLEAN, -- skip initial search?
* returnECs BOOLEAN, -- return "Entry Change" controls?
* }
*
* Return an LDAP error code (LDAP_SUCCESS if all goes well).
*
* This function is standalone; it does not require initialization of
* the PS subsystem.
*/
int
ps_parse_control_value( struct berval *psbvp, ber_int_t *changetypesp, int *changesonlyp, int *returnecsp )
{
int rc= LDAP_SUCCESS;
if ( psbvp->bv_len == 0 || psbvp->bv_val == NULL )
{
rc= LDAP_PROTOCOL_ERROR;
}
else
{
BerElement *ber= ber_init( psbvp );
if ( ber == NULL )
{
rc= LDAP_OPERATIONS_ERROR;
}
else
{
if ( ber_scanf( ber, "{ibb}", changetypesp, changesonlyp, returnecsp ) == LBER_ERROR )
{
rc= LDAP_PROTOCOL_ERROR;
}
/* the ber encoding is no longer needed */
ber_free(ber,1);
}
}
return( rc );
}
main( int argc, char **argv )
{
long i, i2, num;
unsigned long len;
int tag;
char *str, *s1, *s2;
BerElement ber;
Sockbuf sb;
extern char *optarg;
#ifdef MACOS
ccommand( &argv );
cshow( stdout );
#endif /* MACOS */
bzero( &sb, sizeof(sb) );
sb.sb_sd = 0;
sb.sb_ber.ber_buf = NULL;
if ( (tag = ber_get_next( &sb, &len, &ber )) == -1 ) {
perror( "ber_get_next" );
exit( 1 );
}
printf( "message has tag 0x%x and length %ld\n", tag, len );
if ( ber_scanf( &ber, "i", &i ) == -1 ) {
fprintf( stderr, "ber_scanf returns -1\n" );
exit( 1 );
}
printf( "got int %d\n", i );
return( 0 );
}
char *
first_attribute(BerElement *ber )
{
int rc;
ber_tag_t tag;
ber_len_t len = 0;
char *attr;
/*
* Skip past the sequence, dn, sequence of sequence leaving
* us at the first attribute.
*/
tag = ber_scanf( ber, "{xl{" /*}}*/, &len );
if( tag == LBER_ERROR ) {
ber_free( ber, 0 );
return NULL;
}
/* set the length to avoid overrun */
rc = ber_set_option( ber, LBER_OPT_REMAINING_BYTES, &len );
if( rc != LBER_OPT_SUCCESS ) {
printf(">>Error<< Avoid overrun failed!\n");
ber_free( ber, 0 );
return NULL;
}
if ( ber_pvt_ber_remaining( ber ) == 0 ) {
assert( len == 0 );
ber_free( ber, 0 );
return NULL;
}
/* snatch the first attribute */
tag = ber_scanf( ber, "{ax}", &attr );
if( tag == LBER_ERROR ) {
printf(">>Error<< Snatch first Attr failed!\n");
ber_free( ber, 0 );
return NULL;
}
return attr;
}
static
int
_ParseCondWriteControlVal(
VDIR_OPERATION * pOp,
BerValue * pControlBer, // Input: control value encoded as ber
VDIR_CONDWRITE_CONTROL_VALUE * pCtrlVal, // Output
VDIR_LDAP_RESULT * pLdapResult // Output
)
{
int retVal = LDAP_SUCCESS;
BerElementBuffer berbuf;
BerElement * ber = (BerElement *)&berbuf;
PSTR pszLocalErrorMsg = NULL;
PSTR pszCondFilter = NULL;
if (!pOp)
{
retVal = LDAP_PROTOCOL_ERROR;
BAIL_ON_VMDIR_ERROR( retVal );
}
ber_init2( ber, pControlBer, LBER_USE_DER );
/*
* https://confluence.eng.vmware.com/display/LIG/Conditional+LDAP+Write+Operation
*
* The ConditionalWriteControl is a null terminated STRING wrapping the BER-encoded version of the following SEQUENCE:
*
* ControlValue ::= SEQUENCE {
* ConditionalWriteFilter OCTET STRING
* }
*/
if (ber_scanf(ber, "{a}", &pszCondFilter) == LBER_ERROR)
{
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "%s: ber_scanf failed while parsing filter value", __FUNCTION__);
pLdapResult->errCode = LDAP_PROTOCOL_ERROR;
retVal = LDAP_NOTICE_OF_DISCONNECT;
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"Error in reading conditional write control filter");
}
retVal = VmDirAllocateStringA(pszCondFilter, &(pCtrlVal->pszFilter));
BAIL_ON_VMDIR_ERROR(retVal);
cleanup:
if (pszCondFilter)
{
ber_memfree(pszCondFilter);
}
VMDIR_SAFE_FREE_MEMORY(pszLocalErrorMsg);
return retVal;
error:
VMDIR_APPEND_ERROR_MSG(pLdapResult->pszErrMsg, pszLocalErrorMsg);
goto cleanup;
}
int ldap_parse_virtuallist_control(LDAP *ld, LDAPControl **ctrls,
unsigned long *target_posp, unsigned long *list_sizep, int *errcodep)
{
BerElement *ber;
int i, foundListControl;
LDAPControl *listCtrlp;
if (NULL == ld)
return (LDAP_PARAM_ERROR);
/* only ldapv3 or higher can do virtual lists. */
if (ld->ld_version != LDAP_VERSION3) {
ld->ld_errno = LDAP_NOT_SUPPORTED;
return (LDAP_NOT_SUPPORTED);
}
/* find the listControl in the list of controls if it exists */
if (ctrls == NULL) {
ld->ld_errno = LDAP_NOT_SUPPORTED;
return (LDAP_NOT_SUPPORTED);
}
foundListControl = 0;
for (i = 0; ((ctrls[i] != NULL) && (!foundListControl)); i++) {
foundListControl = !(strcmp(ctrls[i]->ldctl_oid,
LDAP_CONTROL_VLVRESPONSE));
}
if (!foundListControl) {
ld->ld_errno = LDAP_CONTROL_NOT_FOUND;
return (LDAP_CONTROL_NOT_FOUND);
} else {
/* let local var point to the listControl */
listCtrlp = ctrls[i-1];
}
/* allocate a Ber element with the contents of the list_control's */
/* struct berval */
if ((ber = ber_init(&listCtrlp->ldctl_value)) == NULL) {
ld->ld_errno = LDAP_NO_MEMORY;
return (LDAP_NO_MEMORY);
}
/* decode the result from the Berelement */
if (LBER_ERROR == ber_scanf(ber, "{iie}", target_posp, list_sizep,
errcodep)) {
ld->ld_errno = LDAP_DECODING_ERROR;
ber_free(ber, 1);
return (LDAP_DECODING_ERROR);
}
/* the ber encoding is no longer needed */
ber_free(ber, 1);
return (LDAP_SUCCESS);
}
int ipapwd_get_cur_kvno(Slapi_Entry *target)
{
Slapi_Attr *krbPrincipalKey = NULL;
Slapi_ValueSet *svs;
Slapi_Value *sv;
BerElement *be = NULL;
const struct berval *cbval;
ber_tag_t tag, tmp;
ber_int_t tkvno;
int hint;
int kvno;
int ret;
/* retrieve current kvno and and keys */
ret = slapi_entry_attr_find(target, "krbPrincipalKey", &krbPrincipalKey);
if (ret != 0) {
return 0;
}
kvno = 0;
slapi_attr_get_valueset(krbPrincipalKey, &svs);
hint = slapi_valueset_first_value(svs, &sv);
while (hint != -1) {
cbval = slapi_value_get_berval(sv);
if (!cbval) {
LOG_TRACE("Error retrieving berval from Slapi_Value\n");
goto next;
}
be = ber_init(discard_const(cbval));
if (!be) {
LOG_TRACE("ber_init() failed!\n");
goto next;
}
tag = ber_scanf(be, "{xxt[i]", &tmp, &tkvno);
if (tag == LBER_ERROR) {
LOG_TRACE("Bad OLD key encoding ?!\n");
ber_free(be, 1);
goto next;
}
if (tkvno > kvno) {
kvno = tkvno;
}
ber_free(be, 1);
next:
hint = slapi_valueset_next_value(svs, hint, &sv);
}
return kvno;
}
int
ldap_parse_refresh( LDAP *ld, LDAPMessage *res, ber_int_t *newttl )
{
int rc;
struct berval *retdata = NULL;
ber_tag_t tag;
BerElement *ber;
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( res != NULL );
assert( newttl != NULL );
*newttl = 0;
rc = ldap_parse_extended_result( ld, res, NULL, &retdata, 0 );
if ( rc != LDAP_SUCCESS ) {
return rc;
}
if ( ld->ld_errno != LDAP_SUCCESS ) {
return ld->ld_errno;
}
if ( retdata == NULL ) {
rc = ld->ld_errno = LDAP_DECODING_ERROR;
return rc;
}
ber = ber_init( retdata );
if ( ber == NULL ) {
rc = ld->ld_errno = LDAP_NO_MEMORY;
goto done;
}
/* check the tag */
tag = ber_scanf( ber, "{i}", newttl );
ber_free( ber, 1 );
if ( tag != LDAP_TAG_EXOP_REFRESH_RES_TTL ) {
*newttl = 0;
rc = ld->ld_errno = LDAP_DECODING_ERROR;
}
done:
;
if ( retdata ) {
ber_bvfree( retdata );
}
return rc;
}
/* Conforms to RFC4510 re: Criticality, original RFC2891 spec is broken
* Also see ITS#7253 for discussion
*/
static int sss_parseCtrl(
Operation *op,
SlapReply *rs,
LDAPControl *ctrl )
{
BerElementBuffer berbuf;
BerElement *ber;
ber_tag_t tag;
ber_len_t len;
int i;
sort_ctrl *sc;
rs->sr_err = LDAP_PROTOCOL_ERROR;
if ( op->o_ctrlflag[sss_cid] > SLAP_CONTROL_IGNORED ) {
rs->sr_text = "sorted results control specified multiple times";
} else if ( BER_BVISNULL( &ctrl->ldctl_value ) ) {
rs->sr_text = "sorted results control value is absent";
} else if ( BER_BVISEMPTY( &ctrl->ldctl_value ) ) {
rs->sr_text = "sorted results control value is empty";
} else {
rs->sr_err = LDAP_SUCCESS;
}
if ( rs->sr_err != LDAP_SUCCESS )
return rs->sr_err;
op->o_ctrlflag[sss_cid] = ctrl->ldctl_iscritical ?
SLAP_CONTROL_CRITICAL : SLAP_CONTROL_NONCRITICAL;
ber = (BerElement *)&berbuf;
ber_init2( ber, &ctrl->ldctl_value, 0 );
i = count_key( ber );
sc = op->o_tmpalloc( sizeof(sort_ctrl) +
(i-1) * sizeof(sort_key), op->o_tmpmemctx );
sc->sc_nkeys = i;
op->o_controls[sss_cid] = sc;
/* peel off initial sequence */
ber_scanf( ber, "{" );
i = 0;
do {
if ( build_key( ber, rs, &sc->sc_keys[i] ) != LDAP_SUCCESS )
break;
i++;
tag = ber_peek_tag( ber, &len );
} while ( tag != LBER_DEFAULT );
return rs->sr_err;
}
int
Ldap_get_ava( BerElement *ber, struct berval *type, struct berval *value )
{
ber_tag_t rtag;
rtag = ber_scanf( ber, "{mm}", type, value );
if( rtag == LBER_ERROR ) {
printf(">>Error<< Get ava tag error\n");
return LBER_ERROR;
}
return LDAP_SUCCESS;
}
int checkDelReq (BerElement *ber)
{
struct berval dn = BER_BVNULL;
/*
* Parse the delete request. It looks like this:
*
* DelRequest := DistinguishedName
*/
/* get the name */
if ( ber_scanf( ber, "m", &dn ) == LBER_ERROR ) {
printf(">>Error<< DELE DN Decode Error.\n");
return -1;
}
printf("|-Delete DN:%s\n", dn.bv_val);
return 0;
}
int
ldap_get_entry_controls(
LDAP *ld,
LDAPMessage *entry,
LDAPControl ***sctrls )
{
int rc;
BerElement be;
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( entry != NULL );
assert( sctrls != NULL );
if ( entry->lm_msgtype != LDAP_RES_SEARCH_ENTRY ) {
return LDAP_PARAM_ERROR;
}
/* make a local copy of the BerElement */
AC_MEMCPY(&be, entry->lm_ber, sizeof(be));
if ( ber_scanf( &be, "{xx" /*}*/ ) == LBER_ERROR ) {
rc = LDAP_DECODING_ERROR;
goto cleanup_and_return;
}
rc = ldap_pvt_get_controls( &be, sctrls );
cleanup_and_return:
if( rc != LDAP_SUCCESS ) {
ld->ld_errno = rc;
if( ld->ld_matched != NULL ) {
LDAP_FREE( ld->ld_matched );
ld->ld_matched = NULL;
}
if( ld->ld_error != NULL ) {
LDAP_FREE( ld->ld_error );
ld->ld_error = NULL;
}
}
return rc;
}
int ldap_parse_passwd(
LDAP *ld,
LDAPMessage *res,
struct berval *newpasswd )
{
int rc;
struct berval *retdata = NULL;
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( res != NULL );
assert( newpasswd != NULL );
newpasswd->bv_val = NULL;
newpasswd->bv_len = 0;
rc = ldap_parse_extended_result( ld, res, NULL, &retdata, 0 );
if ( rc != LDAP_SUCCESS ) {
return rc;
}
if ( retdata != NULL ) {
ber_tag_t tag;
BerElement *ber = ber_init( retdata );
if ( ber == NULL ) {
rc = ld->ld_errno = LDAP_NO_MEMORY;
goto done;
}
/* we should check the tag */
tag = ber_scanf( ber, "{o}", newpasswd );
ber_free( ber, 1 );
if ( tag == LBER_ERROR ) {
rc = ld->ld_errno = LDAP_DECODING_ERROR;
}
}
done:;
ber_bvfree( retdata );
return rc;
}
/* Parse the next attribute */
char * next_attribute( BerElement *ber )
{
ber_tag_t tag;
char *attr;
if ( ber_pvt_ber_remaining( ber ) == 0 ) {
return NULL;
}
/* skip sequence, snarf attribute type, skip values */
tag = ber_scanf( ber, "{ax}", &attr );
if( tag == LBER_ERROR ) {
printf("| Attribute end\n");
return NULL;
}
return attr;
}
int checkSearchDone(BerElement *ber)
{
ber_tag_t tag;
ber_int_t resultCode;
ber_len_t len;
if ( (tag = ber_peek_tag( ber, &len )) == LBER_ERROR ) {
/* log, close and send error */
printf(">>Error<< PeeK failed, tag;%d\n", tag);
ber_free( ber, 1 );
return -1;
}
tag = ber_scanf( ber, "{i}" , &resultCode );
if ( tag == LBER_ERROR ) {
printf(">>Error<< Respone Decode Error. Ber_Scanf return tag:%d.\n", tag);
}
printf("|-\033[1m\033[40;31mLDAP result\033[0m:\t%s (%d)\n", LdapResultCode[resultCode],resultCode );
}
int
ldap_parse_pageresponse_control(
LDAP *ld,
LDAPControl *ctrl,
ber_int_t *countp,
struct berval *cookie )
{
BerElement *ber;
ber_tag_t tag;
ber_int_t count;
if ( ld == NULL || ctrl == NULL || cookie == NULL ) {
if ( ld )
ld->ld_errno = LDAP_PARAM_ERROR;
return LDAP_PARAM_ERROR;
}
/* Create a BerElement from the berval returned in the control. */
ber = ber_init( &ctrl->ldctl_value );
if ( ber == NULL ) {
ld->ld_errno = LDAP_NO_MEMORY;
return ld->ld_errno;
}
/* Extract the count and cookie from the control. */
tag = ber_scanf( ber, "{io}", &count, cookie );
ber_free( ber, 1 );
if ( tag == LBER_ERROR ) {
ld->ld_errno = LDAP_DECODING_ERROR;
} else {
ld->ld_errno = LDAP_SUCCESS;
if ( countp != NULL ) {
*countp = (unsigned long)count;
}
}
return ld->ld_errno;
}
int
VmDirPerformDelete(
PVDIR_OPERATION pOperation
)
{
int retVal = LDAP_SUCCESS;
DeleteReq * dr = &(pOperation->request.deleteReq);
BOOLEAN bResultAlreadySent = FALSE;
// Get entry DN. 'm' => pOperation->reqDn.lberbv.bv_val points to DN within (in-place) ber
if ( ber_scanf( pOperation->ber, "m", &(pOperation->reqDn.lberbv) ) == LBER_ERROR )
{
VMDIR_LOG_ERROR( LDAP_DEBUG_ARGS, "PerformDelete: ber_scanf failed" );
retVal = LDAP_NOTICE_OF_DISCONNECT;
BAIL_ON_VMDIR_ERROR( retVal );
}
VMDIR_LOG_INFO( LDAP_DEBUG_ARGS, "Delete Request: dn (%s)", pOperation->reqDn.lberbv.bv_val );
memset( dr, 0, sizeof( DeleteReq ));
// NOTE: pOperation->reqDn.lberbv.bv_val is NULL terminated (TODO, verify this)
dr->dn.lberbv.bv_val = pOperation->reqDn.lberbv.bv_val;
dr->dn.lberbv.bv_len = pOperation->reqDn.lberbv.bv_len;
retVal = VmDirMLDelete( pOperation );
bResultAlreadySent = TRUE;
BAIL_ON_VMDIR_ERROR(retVal);
cleanup:
return retVal;
error:
if (retVal != LDAP_NOTICE_OF_DISCONNECT && bResultAlreadySent == FALSE)
{
VmDirSendLdapResult( pOperation );
}
goto cleanup;
}
/***********************************************************************
* ldap_parse_page_controlW (WLDAP32.@)
*/
ULONG CDECL ldap_parse_page_controlW( WLDAP32_LDAP *ld, PLDAPControlW *ctrls,
ULONG *count, struct WLDAP32_berval **cookie )
{
ULONG ret = WLDAP32_LDAP_NOT_SUPPORTED;
#ifdef HAVE_LDAP
LDAPControlW *control = NULL;
BerElement *ber;
ber_tag_t tag;
ULONG i;
TRACE( "(%p, %p, %p, %p)\n", ld, ctrls, count, cookie );
if (!ld || !ctrls || !count || !cookie)
return WLDAP32_LDAP_PARAM_ERROR;
for (i = 0; ctrls[i]; i++)
{
if (!lstrcmpW( LDAP_PAGED_RESULT_OID_STRING_W, ctrls[i]->ldctl_oid ))
control = ctrls[i];
}
if (!control)
return WLDAP32_LDAP_CONTROL_NOT_FOUND;
ber = ber_init( &((LDAPControl *)control)->ldctl_value );
if (!ber)
return WLDAP32_LDAP_NO_MEMORY;
tag = ber_scanf( ber, "{iO}", count, cookie );
if ( tag == LBER_ERROR )
ret = WLDAP32_LDAP_DECODING_ERROR;
else
ret = WLDAP32_LDAP_SUCCESS;
ber_free( ber, 1 );
#endif
return ret;
}
int ldap_parse_page_control(LDAP *ld, LDAPControl **controls, unsigned int *totalcount, struct berval **cookie)
{
int i, rc;
BerElement *theBer;
LDAPControl *listCtrlp;
for (i = 0; controls[i] != NULL; i++){
if (strcmp(controls[i]->ldctl_oid, "1.2.840.113556.1.4.319") == 0) {
listCtrlp = controls[i];
if ((theBer = ber_init(&listCtrlp->ldctl_value)) == NULLBER){
return (LDAP_NO_MEMORY);
}
if ((rc = ber_scanf(theBer, "{iO}", totalcount, cookie)) == LBER_ERROR){
ber_free(theBer, 1);
return (LDAP_DECODING_ERROR);
}
ber_free(theBer, 1);
return (LDAP_SUCCESS);
}
}
return (LDAP_CONTROL_NOT_FOUND);
}
/* ARGSUSED */
char *
ldap_next_attribute( LDAP *ld, LDAPMessage *entry, BerElement *ber )
{
int len;
char *attrbuffer;
if ((attrbuffer = (char *)malloc(LDAP_MAX_ATTR_LEN)) == NULL) {
return (NULL);
}
Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 180, "ldap_next_attribute\n"), 0, 0, 0 );
/* skip sequence, snarf attribute type, skip values */
len = LDAP_MAX_ATTR_LEN;
if ( ber_scanf( ber, "{sx}", attrbuffer, &len )
== LBER_ERROR ) {
ld->ld_errno = LDAP_DECODING_ERROR;
free(attrbuffer);
return( NULL );
}
ld->ld_errno = LDAP_SUCCESS;
return( attrbuffer );
}
char *
ldap_first_attribute( LDAP *ld, LDAPMessage *entry, BerElement **ber )
{
int len;
char *attrbuffer;
if ((attrbuffer = (char *)malloc(LDAP_MAX_ATTR_LEN)) == NULL) {
return (NULL);
}
Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 179, "ldap_first_attribute\n"), 0, 0, 0 );
if ( (*ber = alloc_ber_with_options( ld )) == NULLBER ) {
free(attrbuffer);
return( NULL );
}
**ber = *entry->lm_ber;
/*
* Skip past the sequence, dn, sequence of sequence, snarf the
* attribute type, and skip the set of values, leaving us
* positioned right before the next attribute type/value sequence.
*/
len = LDAP_MAX_ATTR_LEN;
if ( ber_scanf( *ber, "{x{{sx}", attrbuffer, &len )
== LBER_ERROR ) {
ld->ld_errno = LDAP_DECODING_ERROR;
ber_free( *ber, 0 );
*ber = NULL;
free(attrbuffer);
return( NULL );
}
return( attrbuffer );
}
static int berDecodeLoginData(
struct berval *replyBV,
int *serverVersion,
size_t *retDataLen,
void *retData )
{
int err = 0;
BerElement *replyBer = NULL;
char *retOctStr = NULL;
size_t retOctStrLen = 0;
if ((replyBer = ber_init(replyBV)) == NULL) {
err = LDAP_OPERATIONS_ERROR;
goto Cleanup;
}
if (retData) {
retOctStrLen = *retDataLen + 1;
retOctStr = SMB_MALLOC_ARRAY(char, retOctStrLen);
if (!retOctStr) {
err = LDAP_OPERATIONS_ERROR;
goto Cleanup;
}
if (ber_scanf(replyBer, "{iis}", serverVersion, &err, retOctStr, &retOctStrLen) != -1) {
if (*retDataLen >= retOctStrLen) {
memcpy(retData, retOctStr, retOctStrLen);
} else if (!err) {
err = LDAP_NO_MEMORY;
}
*retDataLen = retOctStrLen;
} else if (!err) {
err = LDAP_DECODING_ERROR;
}
} else {
if (ber_scanf(replyBer, "{ii}", serverVersion, &err) == -1) {
int checkBindRes(BerElement *ber)
{
ber_tag_t tag;
ber_int_t resultCode;
ber_len_t len;
#ifdef DEBUG
int ival = -1;
ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ival );
#endif
if ( (tag = ber_peek_tag( ber, &len )) == LBER_ERROR ) {
/* log, close and send error */
printf(">>Error<< PeeK failed, tag;%d\n", tag);
ber_free( ber, 1 );
return LBER_ERROR;
}
tag = ber_scanf( ber, "{i}" , &resultCode );
if ( tag == LBER_ERROR ) {
return LBER_ERROR;
//printf("BER decode Error! Ber_Scanf return tag:%d.\n", tag);
}
return resultCode;
}
